last executing test programs: 24m12.537334262s ago: executing program 32 (id=773): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240)) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28) ioctl$KVM_RUN(r2, 0xae80, 0x0) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, 0x0}, 0x4048043) setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5}) getpeername(0xffffffffffffffff, &(0x7f0000000500)=@ethernet={0x0, @remote}, &(0x7f0000000200)=0xffffffffffffffed) 17m15.127833361s ago: executing program 33 (id=1900): r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r3 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x2}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000280)=@newtfilter={0x90, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0xd, 0x5}, {}, {0x7, 0x3}}, [@filter_kind_options=@f_matchall={{0xd}, {0x5c, 0x2, [@TCA_MATCHALL_ACT={0x58, 0x2, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x8, 0xfff, 0x0, 0xa, 0x3}, 0x1}}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_SKBMARK={0x8}]}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x90}, 0x1, 0x0, 0x0, 0x404c000}, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r5) socket$inet_sctp(0x2, 0x5, 0x84) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) r6 = socket$kcm(0x11, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000140)='\r', 0x1}], 0x1}, 0x4) 10m52.550981693s ago: executing program 6 (id=2694): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) mkdirat(0xffffffffffffff9c, 0x0, 0x1c0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000080)="17", 0x1) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000002c0), 0x2, 0x9}}, 0x20) writev(r3, &(0x7f0000000000)=[{&(0x7f0000000080), 0x62}, {&(0x7f0000000100)="16000000246837f73199aee6fdb9291b3091ec1a2d41d227975ad8ec309d59191b00867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0x682c}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3) syz_pidfd_open(0x0, 0x0) 10m46.652546512s ago: executing program 6 (id=2704): syz_mount_image$vfat(&(0x7f0000000440), &(0x7f00000022c0)='./bus\x00', 0x810094, &(0x7f00000001c0)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d302c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c757466383d302c757466383d312c726f6469722c636865636b3d7374726963742c756e695f786c6174653d312c73686f72746e616d653d77696e39352c696f636861727365743d63703935302c636f6465706167653d3835352c696f636861727365743d63703836322c73686f72746e616d653d6d697865642c646d61736b3d30303030303030303030303030303030303030303130302c757466383d312c756e695f786c6174653d302c696f636861727365743d69736f383835392d362c73686f72746e616d653d6d008000002c6e6e6f6e75008361690400312c73686f72746e616d6577696e39352c726f6469722c757466383d302c696f636861727365743d6575632d6a702c757466383d312c757466383d302c726f6f74636f6e746578743d73746166665f752c009d54d2aaf6d06f18be776bb0ffac7a5551d56f69676c5a4b4e936050f5015a88410ba0676d48b0d307dfb550ec405bfcf6345121e4ef37982c969e2ff5915d729aa2982209cd4f06a1b6fa7ff4d2a7ce636cbde5339573fbd7c5ff9ff4481d415a136dba0a11246055ee1246a02b888f9aa72f3e876b621297de4e141d9700eee76208a6b62fc18d5dce7a798b1920830452b000dfc54ce2735b49179188ca936edb03581e240974fc368283677a20dc700c5f6d3995b3ea4611d52f2dafd6a9e8ad74e3b18058a210222bd6486148f7a294c215544f477f891c", @ANYRES64=0x0, @ANYRES32=0x0, @ANYRESHEX], 0x6, 0x2de, &(0x7f0000000480)="$eJzs3b9rJHUUAPA3m9nZVYtNYSWCA1pYHZdrbRLkDsRUHilOCw3eHUh2ERKI+APXq8ROC0v/AkHwD7GxsxRsBTtPOBj5zs5kf9ywtye3Eb3Pp0jezve9nTc/kkyKvLz34uTkdhl37332awyHWfT2BxH3s9iNXrS+iCX7XwcA8F92v6rij2qmY/mXr5ZfZ4svelvuDQDYjkf8/G/k9cdbKePHy+sNANiOm7fefvPg8PD6W2U5jBuTL8+P0q/46fNs/eBufBDjuBNXYxQPIuoHhX7UTwspvFFV1TQvk914ZTI9P0qVk3d/at7/4PeIun4vRrFbb7p42qjr3zi8vlfOLNRPUx/PNvvfT/XXYhTPf9MWL9Vf66iPoyJefXmh/ysxip/fjw9jHLfrJub1n++V5evVt39++k5qL9Vn0/OjQZ03V+20O+9f8jUCAAAAAAAAAAAAAAAAAAAAAOD/50ozO2cQ9fyetKmZv7PzIL3oR9naXZ7PM6u/GAg8nw8UvaqqplV8187XuVqWZdUkzuvzeCFvBgsCAAAAAAAAAAAAAAAAAADAU+7s409OjsfjO6dPJGinAeQR8dfNiH/6PvsLW16K9cmDZp/H43GvCZdz8sUtsdPmZBFr20gH8YROy6OCZx7qOQW9OP3+h86qdERneXQtDVNQdC61Qb9jX48ffNSfncfOnPbuOjnOus/h4KLDYbpwsXrhiujeez9WthTt9VxNbm/FzQ6n6FwaPfZpKZ6rg+manMjWfV289tvS4WSxklzUEzc6y/tN0HU2ZvfGRvdzDGflD3+vyEzrAAAAAAAAAAAAAAAAAACArZr/9W/H4r21pb1qsLW2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSzf///yZBvly8QVURp2f/1rEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw9Pg7AAD//6ofUAA=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2) ioctl$VIDIOC_CROPCAP(r3, 0xc02c563a, &(0x7f0000000040)={0xa, {0x4, 0x2003, 0x1, 0x401}, {0x0, 0x400002, 0x4, 0x1000}, {0xa47, 0x5}}) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@delneigh={0x44, 0x1a, 0x1, 0x0, 0xfffffffd, {0x2}, [@NDA_CACHEINFO={0x14, 0x3, {0x7}}, @NDA_DST_IPV6={0x14, 0x1, @remote}]}, 0x44}}, 0x0) r5 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x180) ioctl$CEC_ADAP_S_LOG_ADDRS(r5, 0xc05c6104, &(0x7f00000000c0)={"218ff100", 0x8, 0x6, 0x2, 0x0, 0x8, "f700", '\x00\x00G\x00', "030600", "fcffffff", ["50d59404000100", "808e88e2e9ffffffffff00", "0c436d743c97c443084000", '5\x00']}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0) 10m45.659187825s ago: executing program 6 (id=2707): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) syz_open_dev$video(0x0, 0x5, 0x800) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000003120100500012800b000100627269646765000040000280080005000100000006002700000fff00080001001500080005002500000000000800040000000000"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40) r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) write$uinput_user_dev(r6, &(0x7f0000000f80)={'syz0\x00', {0x5, 0xfff7, 0x3, 0x7}, 0x50, [0x800006, 0x9, 0x0, 0x1, 0x8, 0xea45, 0xe, 0x1, 0x63, 0x0, 0x7f, 0xc, 0x2, 0x9, 0x1, 0x4, 0x8001000, 0x80000002, 0x1, 0x200008, 0x800, 0xa4d, 0x3ff, 0x5, 0x6, 0x10001, 0xffff, 0x0, 0x4, 0x6, 0x401, 0xc, 0x9, 0x4, 0x2, 0x1, 0x2, 0x4, 0x1, 0x4, 0xa, 0x6, 0x3, 0x9, 0x804d7f, 0x2, 0x8c00, 0x6, 0x939, 0x5, 0x9, 0x2, 0x2, 0x8, 0xfffffff7, 0x7fff, 0x6, 0x5, 0x80000001, 0xd77, 0x5, 0x2a, 0x1, 0x23], [0x8, 0x401, 0x9, 0x9, 0x8, 0x12, 0x7fc, 0xc, 0x0, 0x2729, 0xfd8, 0x3, 0x7, 0x5, 0x0, 0x24a, 0x2, 0xfffffff7, 0x2, 0x3, 0x5, 0x4009, 0x401, 0xb, 0x8001, 0x40, 0xa1, 0x10000, 0xffffffff, 0x5, 0x10004, 0x9e, 0x8, 0x7ff, 0x6, 0x7, 0x0, 0x6, 0xffff3f16, 0xa, 0x2, 0x9, 0xa, 0x5, 0xfffffeff, 0x7, 0x800, 0x5, 0xc5, 0x3, 0x1, 0x9, 0x8, 0x3, 0xffff7ff7, 0x3, 0x24c, 0x1ff, 0x2a0, 0x5, 0x6, 0x6, 0x200007, 0x8], [0x2, 0x9, 0x1a9e1bfa, 0xfffffffc, 0x8, 0x9, 0x3, 0x6, 0x7aae, 0x80000000, 0x2, 0x7ffffff7, 0x8000, 0x1, 0x1, 0x5, 0x400, 0x80000002, 0x2b0, 0xfffffff4, 0x97f82544, 0x8, 0xfffffffd, 0x0, 0x9, 0x5, 0x4, 0x9, 0xc90, 0xffffff3c, 0xd, 0x13, 0x4, 0xff, 0x140, 0xb639, 0x2, 0x1000000c, 0x0, 0x6, 0x3, 0x8007c12, 0x5, 0x1, 0x17, 0x8000, 0xe, 0xf3, 0x4, 0x8, 0x1, 0xffffff00, 0x100, 0x1fff80, 0x3, 0x0, 0x8, 0xdd, 0x1, 0x9, 0xc3, 0x20ffff, 0x79c], [0x9, 0x3a8d, 0xffff9a7f, 0x200, 0x6, 0x2001, 0x6, 0xfffffff3, 0xd077, 0x2, 0xffffffff, 0x21, 0x1ff, 0xa, 0x6, 0x2, 0x1ff, 0xfe, 0x2, 0x66608000, 0x5e82, 0x7fb, 0x6, 0x0, 0x4, 0x5, 0x80000001, 0xffff, 0xd, 0x40, 0xfffffffd, 0x3, 0x10001, 0x61, 0x10, 0x1000, 0xc, 0x100, 0x8, 0x20000000, 0x8, 0x15, 0xb32a, 0xec000000, 0x8001, 0x1900, 0x4, 0xc, 0x8, 0x7ff, 0x280, 0x5, 0xffffffff, 0x7, 0x6e79, 0x0, 0xc, 0x9371, 0x4f89, 0x7, 0x580, 0x2d1, 0x83, 0x8]}, 0x45c) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r6, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 'syz0\x00', 0x0}) syz_open_dev$evdev(0x0, 0x0, 0x802) 10m44.062295613s ago: executing program 6 (id=2710): socket$inet(0x2, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) pivot_root(0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) arch_prctl$ARCH_SHSTK_LOCK(0x5003, 0x1) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(0xffffffffffffffff, 0x40505331, &(0x7f0000000100)={{}, {0xe}, 0xbf00, 0xbf}) open_by_handle_at(r3, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x60380) r4 = socket(0xa, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @private=0xa010501, 0x0, 0x0, 'none\x00'}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000000)={0x11, @loopback, 0x0, 0x0, 'lblcr\x00', 0x32, 0x0, 0xfffffffc}, 0x2c) setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x0, 0x0) 10m43.132557662s ago: executing program 6 (id=2712): r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x22000, 0x0) lseek(r0, 0x7fff, 0x1) read$FUSE(r0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, 0x0) syz_open_dev$sg(0x0, 0x0, 0x4001) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000180)={0x1}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="0f01cb650f7410262e66f36d0f330f09660f3a0cb90000a6752066b9800000c00f326635004000000f300f01d7ba4100ed", 0x31}], 0x1, 0x4498bda7e2139f37, 0x0, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x5, 0x40, 0x40, 0x0, 0x3, 0x2004cb, 0x4000000000000000, 0x2, 0x3, 0x0, 0x1, 0x0, 0x2, 0x9, 0x1], 0x80a0000, 0x450}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 10m35.499171628s ago: executing program 6 (id=2727): capset(&(0x7f0000000040)={0x20080522}, 0x0) epoll_create1(0x0) r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0) r1 = gettid() fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x2}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0) r3 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) tkill(r1, 0xb) getgroups(0xfffffffffffffdb2, 0xfffffffffffffffe) socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, 0x0) 10m18.826770974s ago: executing program 34 (id=2727): capset(&(0x7f0000000040)={0x20080522}, 0x0) epoll_create1(0x0) r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0) r1 = gettid() fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x2}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0) r3 = syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) tkill(r1, 0xb) getgroups(0xfffffffffffffdb2, 0xfffffffffffffffe) socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, 0x0) 8m35.636229846s ago: executing program 0 (id=2918): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@ipv4_newroute={0x1c, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x10, 0x0, 0xfe, 0x4, 0x0, 0x1, 0x20000000}}, 0x1c}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010) write(r3, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0000000000", 0x41d) recvmmsg(r3, &(0x7f00000021c0), 0x5b, 0x40, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]}) r4 = socket$nl_route(0x10, 0x3, 0x0) dup2(r4, r4) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x1c, 0x1, @thr={&(0x7f0000000300), 0x0}}, &(0x7f00000001c0)) socket$nl_route(0x10, 0x3, 0x0) socket$tipc(0x1e, 0x2, 0x0) io_submit(0x0, 0x0, 0x0) 8m34.013334893s ago: executing program 0 (id=2923): socket(0x10, 0x3, 0x0) signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x100000000]}, 0x8, 0x800) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='comm\x00') r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)) socket$inet6(0xa, 0x2, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$inet6(0xa, 0x3, 0x6) socket$nl_route(0x10, 0x3, 0x0) syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00') openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) ppoll(&(0x7f0000000300)=[{r2, 0x4236}], 0x1, 0x0, 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000020c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000002100)={0xffffffffffffffff}, 0x13f, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x2, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0xfffb, 0x5, @empty, 0xa098}, {0xa, 0x4ea5, 0x9, @mcast1, 0x8}, r3, 0x8001}}, 0x48) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2) 8m32.691218891s ago: executing program 0 (id=2926): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000300)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bind$unix(0xffffffffffffffff, 0x0, 0x0) r3 = userfaultfd(0x80001) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x11}) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ff2000/0xe000)=nil, 0xe000}, 0x2}) ioctl$UFFDIO_WRITEPROTECT(r3, 0xc020aa08, &(0x7f0000000100)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1}) ioctl$UFFDIO_COPY(r3, 0xc028aa05, &(0x7f00000000c0)={&(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x2000, 0x2}) r4 = syz_open_dev$dri(0x0, 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, 0x0) 8m30.389424784s ago: executing program 0 (id=2928): syz_mount_image$exfat(&(0x7f0000000100), &(0x7f0000000140)='./bus\x00', 0x0, &(0x7f00000003c0)=ANY=[], 0x22, 0x1517, &(0x7f0000002780)="$eJzs3AuYTlX7MPD7XmttxjTxNMlhWGvdmycNlkOSHJLkkCTJK0lOCaFJkoTEOEsakiTHSXIYQnKYxqRxPh9yTpKkSZKQkLC+S3993rf30Pf+/32f63vn/l3Xvqz72c+99r2fez/2s/dzPfNdj1F1mtWt2YSI4H8E/+ufZACIAYBhAJAPAAIAqBhfMf7y+jwSk/9nG2F/rofTrnUF7Fri/uds3P+cjfufs3H/czbuf87G/c/ZuP85G/efsZxs2+zCN/CScxe+/5+T8fn/P0h2mUlfbShzU89/I4X7n7Nx/3M27n/Oxv3P2bj/ORv3P2fj/uds3H/GcrL//r1j/u7gP2G51scfY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLGc4Zy/SgHAb+NrXRdjjDHGGGOMMcb+PD73ta6AMcYYY4wxxhhj//chCJCACJALckMM5IFYuA7i4HrIC/kgAjdAPNwI+eEmKAAFoRAUhgQoAkVBgwELBCEUg+IQhZuhBNwCiVASSkFpcFAGykI5KA+3QgW4DSrC7VAJ7oDKUAWqQjW4E6rDXVAD7oaacA/UgtpQB+rCvVAP7oP6cD80gAegITwIjeAhaAx/gSbwMDSFR6AZPArN4TFoAS2hFbSGNv+t/BehD7wEfaEfJEN/GAADYRAMhiEwFIbByzAcXoER8CqkwEgYBa/BaHgdxsAbMBbehHHwFoyHCTARJsFkmAKp8DZMhXdgGrwL02EGzIRZkAazYQ68B3NhHsyH92EBfAALYREshiWQDh9CBiyFTPgIlsHHkAXLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBp/AdtgBO2EX7IY9sBc+hX3wGeyHz+EAfPFv5p/9XX5PBAQUKFChwlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBQNGiQkVFeOpBJYAhMxEUthKXTosCyWxfJ4K1bAClgRK2IlrISVsQpWwWpYDatjdayBNbAm1sRaWAvrYB28F+/F+7A+1scG2AAbYkNshI2wMTbGJtgEm2JTbIbNsDk2xxbYAlthK2yDbbAttsV22A47YAfsiB2xM3bGJEzCLtgFu2JX7IbdsDt2xx7YA3tiL+yFL+KL+BK+hP2wluiPA3AADsJBOASH4lB8GYfjK/gKvoopOBJH4Wv4Gr6OY/AMjsU3cRyOw+piAk7ESUhiCqZiKk7FqTgNp+F0nIEzcBam4Wycg3NwLs7Defg+LsAP8ANchItwCaZjOmbgUszETFyGZzELl+MKXImrcDWuwrW4DtfiBtyIG3AzbsatuBU/wU9wB+7AXbgL91x+rfFT/Aw/wxQ8gAfwIB7EQ3gID+NhzMZsPIJH8CgexWN4DI/jcTyBJ/EUnsTTeBrP4Fk8h+fwPJ7HC/h8wjdN95RcnwLiMiWUyCVyiRgRI2JFrIgTcSKvyCsiIiLiRbzIL/KLAqKAKCQKiQSRIIqKosIII0iEopgoJqIiKkqIEiJRJIpSopRwwomyoqwoL8qLCqKCqChuF5XEHaKyqCLau2qimqguOrga4m5RU9QUtURtUUfUFXVFPVFP1Bf1RQPRQDQUDUUj8ZBoLPrjEHxYXO5MMzESm4tR2EK0FK1Ea/E6Pi7aijHYTrQXHcST4k0ci51FW5cknhZdxETsKp4Vk/A50V1MwR7iBdFT9BK9xYuij2jn+op+Yjr2FwPELBwkBoshYqiYi7XF5Y7VEa+KFDFSjBKviSX4uvjtGB8n3hLjxQQxUUwSk8UUkSreFlPFO2KaeFdMFzPETDFLpInZYo54T8wV88R88b5YID4QC8UisVgsEeniQ5EhlopM8ZFYJj4WWWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im3iE7Fd7BA7xS6xW+wRe8WnYp/4TOwXn4sD4gtxUHwpDomvxGHxtcgW34gj4ltxVHwnjonvxXHxgzghTopT4kdxWvwkzoiz4pz4WZwXv4gL4qK4JLwAiVJIKZUMZC6ZW8bIPDJWXifj5PUyr8wnI/IGGS9vlPnlTbKALCgLycIyQRaRRaWWRlpJMpTFZHEZlTfLEvIWmShLylKytHSyjCwry8ny8lZZQd4mK8rbZSV5h6wsq8iqspq8U1aXd8ka8m5ZU94ja8naso6sK++V9eR9sr68XzaQD8iG8kHZSD4kG8u/yCbyYdlUPiKbyUdlc/mYbCFbylaytWwjH5dt5ROynWwvO8gnZUfZSXaWT8kk+bTsIp+RXeWzspt8TnaXz8se8gXZU/aSveVFeUl62Vf2k8myvxwgB8pBcrAcIofKYfJlOVy+IkfIV2VKDADI1+Ro+bocI9+QY+Wbcpx8S46XE+REOUlOllNkqnxbTpXvyGnyXTldzpAz5SyZJmfLIVdmmv9/kP/OP8gfIVPkSLlVbpOfyO1yh9wpd8ndco/cK/fKfXKf3C/3ywPygDwoD8pD8pA8LA/LbJktj8gj8qg8Ko/JY/K4PC5PyJPyZ/mjPC1/kmfkWXlW/izPy/PywpXXABQqoaRSKlC5VG4Vo/KoWHWdilPXq7wqn4qoG1S8ulHlVzepAqqgKqQKqwRVRBVVWhllFalQFVPFVVTdjFfeIqqUKq2cKqPKqnL/Tr4qoW5Riark3+T/UX1tVBvVVrVV7VQ71UF1UB1VR9VZdVZJKkl1UV1UV9VVdVPdVHfVXfVQPVRP1VP1Vr1VH9VH9VV9VbJKVgPUQDVIDVZD1FA1rD+o4Wq4GqFGqBSVokapUWq0Gq3GqDFqrBqrxqlxarwaryaqiWqymqxSVaqaqqaqaWqamq6mq5lqpkpTaWqOmqPmqrlqvpqvFqgFaqFaqBarxSpdpasMlaEyVaZappapLLVcLVcr1Uq1Wq1Wa9VatV6tVxvVRrVZbVZZapvaprar7Wqn2ql2q91qr9qr9ql9ar/arw6oA+qgOqgOqUPqsDqsslW2OqKOqKPqqDqmjqnj6rg6oU6oU+qUOq1OqzPqjDqnzqnz6ry6oC6oS+qSggACEYhABSrIFeQKYoKYIDaIDeKCuCBvkDeIBJEgPogP8gc3BQWCgkGhoHCQEBQJigY6MIENKAiDYkHxIBrcHJQIbgkSg5JBqaB04IIyQdmgXFA+uDWoENwWVAxuDyoFdwSVgypB1aBacGdQPbgrqBHcHdQM7glqBbWDOkHd4N6gXnBfUD+4P2gQPBA0DB4MGgUPBY2DvwRNgoeDpsEjQbPg0aB58FjQImgZtApaB23+rPkVBE0D788UfML11f10su6vB+iBepAerIfooXqYflkP16/oEfpVnaJH6lH6NT1av67H6Df0WP2mHqff0uP1BD1RT9KT9RSdqt/WU/U7epp+V0/XM/RMPUun6dl6jn5Pz9Xz9Hz9vl6gP9AL9SK9WC/R6fpDnaGX6kz9kV6mP9ZZerleoVfqVXq1XqPX6nV6vd6gN+pNerPeorfqbfoTvV3v0Dv1Lr1b79F79ad6n/5M79ef6wP6C31Qf6kP6a/0Yf21ztbf6CP6W31Uf6eP6e/1cf2DPqFP6lP6R31a/6TP6LP6nP5Zn9e/6Av6or6k/eUP95dP70YZZXKZXCbGxJhYE2viTJzJa/KaiImYeBNv8pv8poApYAqZQibBJJiipqi5jAyZYqaYiZqoKWFKmESTaEqZUsYZZ8qasqa8KW8qmAqmoqloKplKprKpbKqaquZOc6e5y9xl7jZ3m3vMPaa2qW3qmrqmnqln6pv6poFpYBqahqaRaWQam8amiWlimpqmpplpZpqb5qaFaWFamVamjWlj2pq2pp1pZzqYDqaj6Wg6m84mySSZLqaL6Wq6mm6mm+luupsepofpaXqa3qa36WP6mL6mr0k2yWaAGWAGmUFmiBlihplhZrgZbkaYESbFpJhRZpQZbUabMWaMGWveNOPMW2a8mWAmmklmspliUk2qmWqmmmlmmpluppuZZqZJM2lmjplj5pq5Zr6ZbxaYBWahWWgWm8Um3aSbDJNhMk2mWWaWmSyTZVaYFWaVWWXWmDVmnVlnNpgNZpPZZLaYLWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W8OmAPmoDnoEcAcNodNtsk2R8wRc9QcNcfMMXPcHDcnzAlzypwyp81pc8acMefMOXPe/GIumIvmkvEmxuaxsfY6G2evt3ltPvv7uJAtbBNsEVvUalvAFvyb2FhrE21JW+q3S0xbziZePpfa0tbZMrasLWcr2yq2qq1m77TV7V22xu/jfGDvs/Xt/baBfcDWtffaen8VN7QP2kb2UdvYPmab2Ja2qW1tm9lHbXP7mG1hW9pWtrXtaDvZzvYpm2Sftl3sM38XZ9ildp1dbzfYjXaf/cyesz/bo/Y7e97+YvvafnaYfdkOt6/YEfZVm2JH/l08zr5lx9sJdqKdZCfbKX8Xz7SzbJqdbefY9+xcO+/v4nT7oV1gM+1Cu8gutkt+jS/XlGk/ssvsxzbLLrcr7Eq7yq62a+za/13rSrvZbrFb7V77qd1ud9iddpfdbff8Gl/ej/32c3vAfmGP2G/tIfuVPWyP2Wz7za/x5f07Zr+3x+0P9oQ9aU/ZH+1p+5M9Y89e3n9/ed9/tBftJestEJIgSYoCykW5KYbyUCxdR3F0PeWlfBShGyiebqT8dBMVoIJUiApTAhWhoqTJkCWikIpRcYrSzVSCbqFEKkmlqDQ5KkNlqRyVp1upAt1GFel2qkR3UGWqQlWpGt1J1ekuqkF3U026h2pRbapDdeleqkf3UX26nxrQA9SQHqRG9BA1pr9QE3qYmtIj1Iwepeb0GLWgltSKWlMbepza0hPUjtpTB3qSOlIn6kxPURI9TV3oGepKz1I3eo660/PUg16gntSLetOL1Ideor7Uj5KpPw2ggTSIBtMQGkrD6GUaTq/QCHqVUmgkjaLXaDS9TmPoDRpLb9I4eovG0wSaSJNoMk2hVHqbptI7NI3epek0g2bSLEqj2TSH3qO5NI/m0/u0gD6ghbSIFtMSSqcPKYOWUiZ9RMvoY8qi5bSCVtIqWk1raC2to/W0gTbSJtpMW2grbaNPaDvtoJ20i3bTHtpLn9I+ynPlDfcFHaQv6RB9RYfpa8qmb+gIfUtH6Ts6Rt/TcfqBTtBJOkU/0mn6ic7QWTpHP9N5+oUu0EW6RJ4gxFCEMlRhEOYKc4cxYZ4wNrwujAuvD/OG+cJIeEMYH94Y5g9vCguEBcNCYeEwISwSFg11aEIbUhiGxcLiYTS8OSwR3hImhiXDUmHp0IVlwrJhubB8eGtYIbwtrBjeHlYK7wgrh1XCRx+oFt4ZVg/vCmuEd4c1w3vCWmHtsE5YN7w3rBfeF9YP7w8bhA+EFcIHw0bhQyFc+b1K0/CRsFn4aNg8fCxsEbYMW4Wtwzbh42Hb8ImwXdg+7BA+GXYMO4Wdw6fCpPDpsEv4zB+uTw77hwPCgeHA0Pv75eLokmh69MNoRnRpNDP6UXRZ9ONoVnR5dEV0ZXRVdHV0TXRtdF10fXRDdGN0U3RzdEt0a9T7urnBoRNOOuUCl8vldjEuj4t117k4d73L6/K5iLvBxbsbXX53kyvgCrpCrrBLcEVcUaedcdaRC10xV9xF3c2uhLvFJbqSrpQr7Zwr48q61q6Na+PauidcO9fedXBPuiddJ9fJPeWeck+7Lu4Z19U967q551x397x73r3gerperrd70fVxL7m+rp9LdslugBvgBrlBbogb4oa5YW64G+5GuBEuxaW4UW6UG+1GuzFujBvrxrpxbpwb78a7iW6im+wmu1SX6qa6qW6am+YCAJjpZro0l+bmuDlurpvr5rv5bkHiArfQLXSL3WKX7tJdhstwmS7TLXPLXJbLcivcCrfKrXJr3Bq3zq1zG9wGt8ltclvcFrfNbXPb3Xa30+10u91ut9ftdfvcPrff7XcH3AF30B10h9whd9h97bLdN+6I+9Yddd+5Y+57d9z94E64k+6U+9Gddj+5M+6sO+d+dufdL+6Cu+guOe9SI29HpkbeiUyLvBuZHpkRmRmZFUmLzI7MibwXmRuZF5kfeT+yIPJBZGFkUWRxZEkkPfJhJCOyNJIZ+SiyLPJxJCuyPLIisjKyKrJagS+yPfTFfHEf9Tf7Ev4Wn+hL+lK+tHe+jM/ty/ny/lZfwd/mK/rbfSV/h6/sq/iq/jHfwrf0rXxr38Y/7tv6J3w739538E/6jr6T7+yf8kn+ad/FP+O7+md9N/+c7+6f9z38C76n7+V7+xd9H/+S7+v7+WTf3w/wA/0gP9gP8UP9MP+yH+5f8SP8qz7Fj/Sj/Gt+tH/dj/Fv+LH+TT/Ov+XH+wl+op/kJ/spPtW/7af6d/w0/66f7mf4mX6WT/Oz/Rz/np/r5/n5/n2/wH/gF/pFfrFf4tP9hz7DL/WZ/iO/zH/ss/xyv8Kv9Kv8ar/Gr/Xr/Hq/wW/0m/xmv8Vv9dv8J3673+F3+l1+t9/j9/pP/T7/md/vP/cH/Bf+oP/SH/Jf+cP+a5/tv/FHsr71R/13/pj/3h/3P/gT/qQ/5X/0p/1P/ow/68/5n/15/4u/4C/6S//mb9Zq/xm3zhljjDHG/j808A/W9/8HjykAEFfGv3jvr99ROPuv10sA2FTgv8aDRULHCAA83a/Hw78ttWolJydfeW6WhKD4IgCI/G4DV+Ll0AE6QRK0h/L/sL7Botd5+hfzZ4yhydHbAWL/KicGrsZX5//yn8z/+JPjMiqF5+L/ef3RRQCJxa/mXL4K/y1eDh1+/eqwPVT4J/MXbPuv6s+SkOerVIB2f5UTBwDt8vy+/rLwBDwDSX/zzAb/cJuMMcYYY4wxxnKewaJqtz+4/vz1+jxBXc3JDVfjP7o+Z4wxxhhjjDHG2LX3XK/eTz2elNS+Gw94wIMcNuj0L55zrf9nYowxxhhjjP3Zrn7ov/pYnmtZEGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlgP9v/hLY9d6HxljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLFr7X8FAAD//8HaM+M=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = creat(&(0x7f0000000580)='./bus\x00', 0x0) r4 = fanotify_init(0xf00, 0x2) fanotify_mark(r4, 0x105, 0x8971, r3, 0x0) r5 = syz_io_uring_setup(0x4b5, &(0x7f0000000700)={0x0, 0xddbd, 0x1, 0xffffffff, 0x156}, &(0x7f0000000540), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS2(r5, 0xf, 0x0, 0x0) rename(&(0x7f0000000100)='./bus\x00', &(0x7f0000000140)='./file1\x00') bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x1b, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41000}, 0x94) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8, 0x1) pwritev2(0xffffffffffffffff, &(0x7f00000001c0)=[{0x0}], 0x1, 0xe7b, 0x0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) 8m28.182815626s ago: executing program 0 (id=2933): prlimit64(0x0, 0xe, 0x0, 0x0) mount$overlay(0x0, 0x0, 0x0, 0x40000, &(0x7f0000000040)={[], [], 0x3a}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='./file0\x00', 0x0, 0x14}, 0x18) landlock_create_ruleset(0x0, 0x0, 0x0) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200)) ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, r0, 0x5, 0x4002) ioctl$USBDEVFS_IOCTL(r4, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect) 8m27.136475826s ago: executing program 0 (id=2936): socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, 0x0, 0x8040) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) munmap(&(0x7f00006bb000/0x1000)=nil, 0x1000) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CAP_DISABLE_QUIRKS2(r5, 0x4068aea3, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r6, 0x4138ae84, &(0x7f00000001c0)={{0x0, 0xdddd0000, 0x0, 0xf0, 0x40, 0xfd, 0x7, 0xd4, 0x0, 0x4, 0x7, 0x6}, {0xffff1000, 0x2, 0xd, 0x9, 0x8, 0x40, 0x6, 0x8, 0x5, 0xf, 0x3, 0xca}, {0xeeee0000, 0xe6e50002, 0xb, 0x0, 0x2, 0x7, 0x4, 0x1, 0xc, 0x0, 0x6, 0x5}, {0xeeef0000, 0x3000, 0xd, 0xf, 0x43, 0x46, 0x2, 0xd, 0x6, 0x3, 0xfc, 0x1}, {0x100000, 0x0, 0x3, 0x1, 0x3, 0x9, 0x9, 0x7, 0x5, 0x4, 0x1e, 0x4b}, {0x2, 0xd000, 0x9, 0x7, 0x4, 0x6e, 0x1, 0xfb, 0x4, 0x80, 0x1, 0xfc}, {0x6000, 0x2000, 0xf, 0x9d, 0x3, 0x0, 0x1, 0xb, 0x5, 0x7, 0x0, 0xf8}, {0xffff1000, 0x8000000, 0xd, 0x5, 0x3, 0x3, 0xa, 0x9, 0x54, 0x6, 0x2, 0x7}, {0x100000, 0x5}, {0xdddd1000, 0x9}, 0x40010000, 0x0, 0xf000, 0x300, 0x9, 0x0, 0xeeef0000, [0x4, 0x402, 0x8, 0x8]}) ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f0000000440)={0x1, 0x0, [{0x1, 0x47, 0x3, 0xe3, 0x3, 0x5, 0x80000000}]}) 8m20.320274814s ago: executing program 4 (id=2945): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x70, 0x18, &(0x7f0000000800)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x2, 0x2c}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0xffffffffffffffff}, @fda={0x66646185, 0x9, 0x1, 0x2}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0}) 8m17.528469699s ago: executing program 4 (id=2950): r0 = socket$igmp6(0xa, 0x3, 0x2) r1 = syz_open_dev$loop(&(0x7f0000000940), 0x200008c, 0x100) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, 0x0) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000180)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x40004) recvmmsg(r6, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000004c0)=""/4091, 0xffb}, {0x0}], 0x2}}], 0x1, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x6, 0x4, 0x6, 0xc}, 0x50) r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r7}, 0xc) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) 8m13.413447868s ago: executing program 4 (id=2957): socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socket$alg(0x26, 0x5, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum={0x0, 0x0, 0x0, 0x13}]}}, 0x0, 0x26}, 0x20) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x9, 0x4, 0x4, 0x2, 0x80, 0x1, 0x0, '\x00', 0x0, r3, 0x1, 0x1}, 0x48) getrlimit(0x0, &(0x7f0000000080)) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x10}, 0xc) sendmsg(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000200)='G', 0x1}], 0x1}, 0x0) r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x204, 0xa, 0x4}) r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r6, 0xc0585609, &(0x7f0000000040)={0x0, 0xa}) bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xd, 0x4, 0x4, 0xa8, 0x0, r4, 0x0, '\x00', 0x0, r3, 0x0, 0x5}, 0x50) 8m11.613717996s ago: executing program 35 (id=2936): socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, 0x0, 0x8040) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) munmap(&(0x7f00006bb000/0x1000)=nil, 0x1000) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CAP_DISABLE_QUIRKS2(r5, 0x4068aea3, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r6, 0x4138ae84, &(0x7f00000001c0)={{0x0, 0xdddd0000, 0x0, 0xf0, 0x40, 0xfd, 0x7, 0xd4, 0x0, 0x4, 0x7, 0x6}, {0xffff1000, 0x2, 0xd, 0x9, 0x8, 0x40, 0x6, 0x8, 0x5, 0xf, 0x3, 0xca}, {0xeeee0000, 0xe6e50002, 0xb, 0x0, 0x2, 0x7, 0x4, 0x1, 0xc, 0x0, 0x6, 0x5}, {0xeeef0000, 0x3000, 0xd, 0xf, 0x43, 0x46, 0x2, 0xd, 0x6, 0x3, 0xfc, 0x1}, {0x100000, 0x0, 0x3, 0x1, 0x3, 0x9, 0x9, 0x7, 0x5, 0x4, 0x1e, 0x4b}, {0x2, 0xd000, 0x9, 0x7, 0x4, 0x6e, 0x1, 0xfb, 0x4, 0x80, 0x1, 0xfc}, {0x6000, 0x2000, 0xf, 0x9d, 0x3, 0x0, 0x1, 0xb, 0x5, 0x7, 0x0, 0xf8}, {0xffff1000, 0x8000000, 0xd, 0x5, 0x3, 0x3, 0xa, 0x9, 0x54, 0x6, 0x2, 0x7}, {0x100000, 0x5}, {0xdddd1000, 0x9}, 0x40010000, 0x0, 0xf000, 0x300, 0x9, 0x0, 0xeeef0000, [0x4, 0x402, 0x8, 0x8]}) ioctl$KVM_SET_CPUID2(r6, 0x4008ae90, &(0x7f0000000440)={0x1, 0x0, [{0x1, 0x47, 0x3, 0xe3, 0x3, 0x5, 0x80000000}]}) 8m10.353088833s ago: executing program 4 (id=2961): r0 = socket(0x2a, 0x2, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000000300)=""/102392, 0x18ff8) openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x800, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) mbind(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x2, &(0x7f0000000000)=0x101, 0x29, 0x0) set_mempolicy_home_node(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0) open_tree(0xffffffffffffff9c, 0x0, 0x89901) ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, 0x0) r2 = socket(0xa, 0x3, 0x87) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x18}) ioctl$sock_inet6_tcp_SIOCINQ(r2, 0x8916, 0x0) bind$alg(0xffffffffffffffff, 0x0, 0x0) accept$alg(0xffffffffffffffff, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0) 8m4.046272414s ago: executing program 4 (id=2971): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) mkdirat(0xffffffffffffffff, &(0x7f0000000080)='./file1\x00', 0x100) mkdirat(0xffffffffffffff9c, 0x0, 0x0) mknodat(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r4, 0xc4c85512, &(0x7f00000026c0)={{0x8, 0x0, 0x0, 0x1020000, 'syz0\x00'}, 0x0, [0x0, 0x7, 0x73, 0x0, 0x0, 0x0, 0x1, 0x10000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x44, 0x8, 0xfffffffffffffffd, 0x100000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, 0xd451, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x10000, 0x7785, 0x0, 0x0, 0x0, 0x3, 0x2000000000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x80000000000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x1000000000, 0x0, 0x4, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1900, 0x3, 0x1000000000000, 0x0, 0x0, 0x5, 0xf7fffffffffffffd, 0x0, 0x0, 0x0, 0x1, 0x0, 0x7ff, 0x5, 0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80000001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001]}) r5 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_int(r5, 0x1, 0x2b, 0x0, &(0x7f0000000040)) 7m57.608775799s ago: executing program 4 (id=2979): socket$nl_route(0x10, 0x3, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f0000000040)='./file1\x00', 0x2800810, &(0x7f00000003c0)=ANY=[@ANYBLOB="646f74732c747a3d5554432c646f74732c646f74732c6e6f646f74732c666c7573682c646f74732c6e6f646f74732c71756965742c00b3d27234e95eb4b44190021bbbe89ab824d38c571641668d362b4dff6e47bdf1638c7462a3bd66a53b404ae08c32af6843a2469c7210381b9d48047c77540b6447a8e50c2b6a44f91e4264a37e0209c3a234f4803ba56b7a24536ee396f4838f4143b92ad909efb23eb22dce6477c2bb5b8f793b9e07c2120d566cf1f6ba51e4d01e8ef223a2ba72cfb3127844c045765149fb1219f433feb977496596e07082254e9930296256df143ff96377d8c28c533724fbd9fdad260e7d875d0f17374141abc60c8e3c07e4a7bc381791172c217f00964aaf6e213a252b9689ae38342862d27437921e13229d407e1a6037e3f16a2cdab8f9c76a66a700f9fbb9d78ce426b37310b9f127e7b1207c74eff7b853de7043a001de85931463c7fc7c78be9eb9b5f88c0067aabb3a5d1f94d0e647eef1362bd59450160cea622e395dad0000000000000000"], 0x3, 0x16a, &(0x7f0000000240)="$eJzs2zHLUlEYB/Dnpryv0fLO0XChpUmqqbEIg+hCUTjUVGAtGkIutybpk7T24YJwcghO1E0tU8JQr+jvt/jgn4PPEe45nAvn5bW3/d5w9Gb4ZBKtLIvm3chjmsVFXIpGVMYBAByTaUrxNaWUzsdx+VOklOruCADYNfs/AJyef+7/d2pqDADYGed/ADg9z56/eHSvKDpP87wV8WVcdstu9VnlDx4WnZv5TxeLUZOy7Dbm+a0qz//M0/ksv70yP4sb16v8R3b/cbGUX4neuqazbf4DAAAAcPza+dzK8327vS6vqt/eDyyd35txtbm3aQAAGxi9/9B/NRi8frev4qyOH1Ucc/EtpfQfwz9+rh6BA5nFdossIjYb1fq1Isy+qXNVAvZhsQwsJ416GgIAAAAAAAAAAAAAAP6y29tI7hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwmL4HAAD//w6xShU=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) statfs(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0)=""/48) r4 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001ec0), 0x800, 0x0) read$msr(r4, &(0x7f0000000000)=""/212, 0xd4) socket$netlink(0x10, 0x3, 0x6) socket$nl_xfrm(0x10, 0x3, 0x6) 7m42.523385532s ago: executing program 36 (id=2979): socket$nl_route(0x10, 0x3, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) syz_mount_image$msdos(&(0x7f0000000080), &(0x7f0000000040)='./file1\x00', 0x2800810, &(0x7f00000003c0)=ANY=[@ANYBLOB="646f74732c747a3d5554432c646f74732c646f74732c6e6f646f74732c666c7573682c646f74732c6e6f646f74732c71756965742c00b3d27234e95eb4b44190021bbbe89ab824d38c571641668d362b4dff6e47bdf1638c7462a3bd66a53b404ae08c32af6843a2469c7210381b9d48047c77540b6447a8e50c2b6a44f91e4264a37e0209c3a234f4803ba56b7a24536ee396f4838f4143b92ad909efb23eb22dce6477c2bb5b8f793b9e07c2120d566cf1f6ba51e4d01e8ef223a2ba72cfb3127844c045765149fb1219f433feb977496596e07082254e9930296256df143ff96377d8c28c533724fbd9fdad260e7d875d0f17374141abc60c8e3c07e4a7bc381791172c217f00964aaf6e213a252b9689ae38342862d27437921e13229d407e1a6037e3f16a2cdab8f9c76a66a700f9fbb9d78ce426b37310b9f127e7b1207c74eff7b853de7043a001de85931463c7fc7c78be9eb9b5f88c0067aabb3a5d1f94d0e647eef1362bd59450160cea622e395dad0000000000000000"], 0x3, 0x16a, &(0x7f0000000240)="$eJzs2zHLUlEYB/Dnpryv0fLO0XChpUmqqbEIg+hCUTjUVGAtGkIutybpk7T24YJwcghO1E0tU8JQr+jvt/jgn4PPEe45nAvn5bW3/d5w9Gb4ZBKtLIvm3chjmsVFXIpGVMYBAByTaUrxNaWUzsdx+VOklOruCADYNfs/AJyef+7/d2pqDADYGed/ADg9z56/eHSvKDpP87wV8WVcdstu9VnlDx4WnZv5TxeLUZOy7Dbm+a0qz//M0/ksv70yP4sb16v8R3b/cbGUX4neuqazbf4DAAAAcPza+dzK8327vS6vqt/eDyyd35txtbm3aQAAGxi9/9B/NRi8frev4qyOH1Ucc/EtpfQfwz9+rh6BA5nFdossIjYb1fq1Isy+qXNVAvZhsQwsJ416GgIAAAAAAAAAAAAAAP6y29tI7hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwmL4HAAD//w6xShU=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) statfs(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0)=""/48) r4 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001ec0), 0x800, 0x0) read$msr(r4, &(0x7f0000000000)=""/212, 0xd4) socket$netlink(0x10, 0x3, 0x6) socket$nl_xfrm(0x10, 0x3, 0x6) 6m11.724853963s ago: executing program 7 (id=3132): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000003c0)={0x0}) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x4, 0x0, 0x7fff0006}]}) connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000880)={0x28, 0x0, 0x0, @local}, 0x10) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r3 = syz_io_uring_setup(0x10d6, 0x0, &(0x7f0000000000)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, 0x0, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r3, 0x47bc, 0x0, 0x0, 0x0, 0x0) syz_open_procfs(0xffffffffffffffff, 0x0) shutdown(0xffffffffffffffff, 0x2) r6 = timerfd_create(0x0, 0x0) timerfd_settime(r6, 0x3, &(0x7f0000000440)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) timerfd_gettime(r6, &(0x7f0000000180)) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 6m9.648494616s ago: executing program 7 (id=3137): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="09000000010000004200000040"], 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) setrlimit(0x8, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x140, 0x0) ioctl$RTC_UIE_ON(r4, 0x7003) ioctl$RTC_AIE_ON(r4, 0x7001) ioctl$RTC_SET_TIME(r4, 0x4024700a, &(0x7f0000000040)={0x2b, 0x13, 0x0, 0x2, 0xb, 0xa9, 0x5, 0x2, 0x1}) bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0), 0x0, 0x7, r0}, 0x38) bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[], 0x50) r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000140)={0xffffffffffffffff, 0x0, 0x25, 0x4, @void}, 0x10) write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={0xffffffffffffffff}, 0x111, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, &(0x7f0000000340)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x7ee, @empty, 0x1}, {0xa, 0x4e21, 0x8, @dev={0xfe, 0x80, '\x00', 0x37}, 0x108}, r6, 0xb}}, 0x48) write$RDMA_USER_CM_CMD_DESTROY_ID(r5, &(0x7f0000000f80)={0x1, 0x10, 0xfa00, {&(0x7f00000001c0), r6}}, 0x18) 6m7.673623417s ago: executing program 7 (id=3139): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000001c0)='./bus\x00') rmdir(&(0x7f0000000380)='./file0/../file0\x00') symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00') renameat(r3, &(0x7f0000000080)='./mnt\x00', r3, &(0x7f0000000100)='./mnt\x00') 6m2.106127469s ago: executing program 7 (id=3147): r0 = socket$alg(0x26, 0x5, 0x0) syz_open_dev$vim2m(0x0, 0x10002, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x44004) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8943, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile(0xffffffffffffffff, r4, 0x0, 0x20000023893) capget(&(0x7f0000000100)={0x20080522, r1}, &(0x7f0000000180)={0x9, 0xab22, 0xffffff00, 0x1000, 0x87a, 0x7}) mkdirat(0xffffffffffffff9c, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) syz_open_dev$sg(&(0x7f0000000340), 0xa, 0x8000) 5m56.15756664s ago: executing program 7 (id=3158): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000b00)={[{@quota}, {@init_itable}]}, 0x1, 0x24e, &(0x7f0000000340)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwVgo2Z6NwIMchIqhwImKj3AkxwS5rZWOhlYVKKpsgdkZLSRNsFMEqaorYCBosDBZarOxOImuyEsmuO5L5fGAyM5n35veGne/bbWY3QGOdT3IxSSvJfJJOkmK0wd3Vcn5/d3Vu82rS7z/5SzFsV+1XDvqdS9JL8nCSjbLIy+1kef3Znd+2Hr/vraXOvR+uPzM304vct7uz/cTeB5ff/OTSg8tfffPT5SIX0/3bdU1fMeZ/7SK55b8o9j9RtOseAf/Gldc//naQ+1uT3DPMfydlqhfv7cUbNjp54P1/6vvOz1/fPsuxAtPX73cG74G9PtA4ZZJuinIhSbVdlgsL1Wf471pny1euL742/9L1pWsv1j1TAdPSTbYf++zMp+cO5f/HVpV/4PQa5P+pK2vfD7b3WnWPBpiJO6rVIP/zz6/cH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHU6xzsNEbe1j+obnkH5pL/qG5RvMPADRL/0zdTyADdal7/gEAAAAAAAAAAAAAAAAAAI5andu8erDMquYX7yW7jyZpj6vfGv4ecXLj8O/ZX4tBs78UVbeJPHfXhCeY0Ec1P3190w/11v/yznrrr1xLem8kudBuH73/iv377+RuPuZ454UJC4x46N3j2xSH9h95enr1T+KPtXrrX9pKPh/MPxfGzT9lbhuux88/3dGvWD6hV3+f8AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADMzJ8BAAD//2Dqbpo=") openat(0xffffffffffffff9c, &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x42, 0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000300), 0x400c00, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) r3 = syz_io_uring_setup(0x3a65, &(0x7f0000000700)={0x0, 0xb1b1, 0x10100, 0x0, 0xfffffffe}, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r6, &(0x7f00000001c0)=ANY=[@ANYBLOB=';'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x2a, 0x0, r6, 0x0, 0x0, 0x0, 0x12001, 0x1}) io_uring_enter(r3, 0x5d62, 0x0, 0x0, 0x0, 0x0) 5m51.913706487s ago: executing program 7 (id=3167): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000100)={0x0, 0x4, 0x0, 0x1}, 0x10) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a000000", 0x4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendto$inet6(r0, &(0x7f0000000400)="cd", 0x1, 0x8010, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback, 0xfffffffe}, 0x1c) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x0, 0x0}) shutdown(r0, 0x1) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x20000004, &(0x7f0000000040)={0xffffffffffffffff}, 0x2, 0x6}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_afonly={0x0, r3}}, 0x20) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0)={0xffffffffffffffff}, 0x2, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000540)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0, r5}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r4, &(0x7f0000000240)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e23, 0x6, @empty, 0x3}, r5}}, 0x30) socket$nl_generic(0x10, 0x3, 0x10) fchownat(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0, 0x0) 5m35.480938434s ago: executing program 37 (id=3167): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000100)={0x0, 0x4, 0x0, 0x1}, 0x10) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a000000", 0x4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendto$inet6(r0, &(0x7f0000000400)="cd", 0x1, 0x8010, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback, 0xfffffffe}, 0x1c) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x0, 0x0}) shutdown(r0, 0x1) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x20000004, &(0x7f0000000040)={0xffffffffffffffff}, 0x2, 0x6}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_afonly={0x0, r3}}, 0x20) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0)={0xffffffffffffffff}, 0x2, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000540)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0, r5}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r4, &(0x7f0000000240)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e23, 0x6, @empty, 0x3}, r5}}, 0x30) socket$nl_generic(0x10, 0x3, 0x10) fchownat(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0, 0x0) 4m59.099632233s ago: executing program 2 (id=3243): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) fanotify_init(0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = epoll_create1(0x0) epoll_wait(r0, &(0x7f0000000180)=[{}], 0x1, 0x86) r1 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x103000) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)}, &(0x7f00000007c0)=0x10) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r2, 0x8982, &(0x7f00000006c0)={0x0, 'bridge0\x00', {0x101}, 0x2}) r3 = socket$nl_route(0x10, 0x3, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x2241, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x68010}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000700)=ANY=[@ANYBLOB="300000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="000900006440000008001b00000000000500100004"], 0x30}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) ioctl$CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f00000001c0)={"f2efe21e", 0x0, 0x6, 0x4d, 0x0, 0x1ff, "2179d46fd08e3c0ced34c7d0c7e6d7", "7ca24a13", '\x00', "a2d1d4a2", ["1af0b1ba1cb8fd54c9c9b587", "bed0f3d6ce7a5f7389827f04", "33af343c60abc64f2fdc9ddf", "9b3842fc63849f62b6eb1c3c"]}) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000740)) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000900)={&(0x7f0000000880)={0x14, 0x0, 0x400, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8}, 0x89) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x2c, r4, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x40}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000}, 0x4000020) r5 = syz_open_dev$cec(&(0x7f0000000d00), 0x0, 0xc0b02) ioctl$CEC_TRANSMIT(r5, 0xc0386105, &(0x7f0000000d40)={0x0, 0x1, 0x4, 0x0, 0x0, 0x4063, "57c1169b6664ea61326ac71ae7213059"}) 4m58.341951949s ago: executing program 2 (id=3245): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket(0x2, 0x80805, 0x0) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r4, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010101}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, 0x0, &(0x7f00000003c0)) 4m57.075472331s ago: executing program 2 (id=3248): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00'}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'gretap0\x00'}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'veth1_macvtap\x00'}) r2 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_TTY_SET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x18, 0x3f9, 0x800, 0x70bd2c, 0x25dfdbfd, {0x0, 0x1}}, 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x200000c4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000440)) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00'}) fcntl$F_GET_RW_HINT(0xffffffffffffffff, 0x40b, &(0x7f0000000180)) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000fc0)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a0, 0x1c0, 0x111, 0x4b4, 0x0, 0xd4feffff, 0x2d0, 0x20a, 0x278, 0x2d0, 0x278, 0x3, 0x0, {[{{@ipv6={@empty, @empty, [0x0, 0xffffff00], [0x0, 0x0, 0x0, 0xffffffff], 'ipvlan0\x00', 'team_slave_0\x00', {}, {}, 0x6, 0xfe}, 0x0, 0x198, 0x1c0, 0x0, {}, [@common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x2, 0x8}}, @common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "6d93eb04697dfa39de04767f46614613a407abbf4ed2e83a63b484dbb3bf6b2a850e79009e2905d2f98ba19f91f3c9faee6d3686e9bee067f4e77d9ad66238750c4100d7ee97ec7646259d90edece6e9787a97bc956c01754c34c5c9518c46178ed5f9194454980e579c80eca35a58dc47d1d5e4ff6e216c724e88c702448587", 0xa}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ipv6={@loopback, @mcast2, [], [], 'veth1_to_hsr\x00', 'pim6reg1\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x20, 0x0, 0x0, 0x0, 'snmp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400) 4m52.241036463s ago: executing program 2 (id=3252): r0 = socket$kcm(0x2, 0x200000000000001, 0x106) socket$inet(0x10, 0x3, 0x0) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000280)='./bus\x00', 0x1a404bc, &(0x7f0000001fc0)=ANY=[@ANYBLOB="ebbd4140", @ANYRES32=0x0, @ANYRES64, @ANYRESHEX, @ANYRESDEC, @ANYRES32, @ANYRESDEC, @ANYRES64, @ANYRES8, @ANYRES32, @ANYRES16, @ANYBLOB="e1d1b255b4eb5f7ce5cabfaa8a31fcb491915ed1121629c89803e5ee0c991af7d1459747a51bb4aefcb8ab7d721d76eb99ad97e1d70adc338da072ec3b49b23a8da3dd31ccbdfab2467a077078b50ca51139d4713acb42fa9e8f4d08e7c178f538b5dfefb4964e01a0cfa9ed7a636921161338dadfdfd055a5d651d68194e6239be784a880c61ab050a82dbc95daba03a8a48f6f55ed615d6bb4c4ab6df5c1a7c85cddb187bbcce01a5b2d86e17ff68d9a4044a8338d754c9daba97c34f55696b542b457505b868bf8cd3e9a7c03b72acd99dcd68362366226f2a78bcaa8ba0e7d33285a9fbfa4c2a70dd915d4a7959e08a8c592", @ANYRES16], 0x1, 0x0, &(0x7f0000000000)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) fanotify_init(0x40, 0x400) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ffad53010000000000840400000000000005000000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa7664012d42961e1445ce83def332233b081df18961d6822d133bf72a4de1cc0800004537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5bb6f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c767030090a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e42e150d4a2fddd9a976774"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0xffcf}, 0x48) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)={r4, r4, 0x5, 0x0, @val=@tracing={0x0, 0x8000000000000000}}, 0x20) sendmsg$inet(r0, 0x0, 0x300060c1) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000600)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0) mkdir(&(0x7f0000000000)='./bus\x00', 0x0) setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', 0x0, 0x0, 0x0) rmdir(&(0x7f0000000040)='./bus\x00') 4m51.179690163s ago: executing program 2 (id=3254): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000600)=ANY=[@ANYBLOB="180100003500010000000000fcdbdf250701f2800c0004000bac0f0000000000140001"], 0x118}], 0x1, 0x0, 0x0, 0x1}, 0x48810) ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000180)={0x8000, 0xc5fb, @value=0x3}) r4 = socket$packet(0x11, 0x3, 0x300) r5 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000080), &(0x7f0000000240)=0x4) r6 = socket$inet6_udplite(0xa, 0x2, 0x88) bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e21, 0x3, @ipv4={'\x00', '\xff\xff', @empty}, 0x4}, 0x1c) connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c) r7 = fcntl$dupfd(r6, 0x0, r4) sendmmsg$unix(r7, &(0x7f0000007400)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=[@rights={{0x10}}, @cred={{0x1c}}], 0x30, 0x20000000}}], 0x1, 0x2004a880) r8 = add_key$user(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x0}, &(0x7f0000000540)="bc3009bb66682c9d4233b0cc644f5fdae5b9d17f7ada03bc77aea173022c18232e1fb162caf50d08fda40c6e9c515c4a2c7245660296c0460cbff563b781695432f5a83f5ab8979bf6fd1c17aa", 0x4d, 0xfffffffffffffffe) r9 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r8, r9, r8}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) 4m47.537460515s ago: executing program 2 (id=3255): ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ustat(0x801, 0x0) r3 = socket$inet(0x2, 0x3, 0x8d) setsockopt$inet_msfilter(r3, 0x0, 0x8, &(0x7f0000000340)=ANY=[], 0x1) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$SIOCSIFHWADDR(r4, 0x8b0b, &(0x7f0000000000)={'wlan1\x00', @random="0100"}) getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f00000000c0)={0x0, @local, @local}, 0x0) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) r6 = socket(0x400000000010, 0x3, 0x0) r7 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'veth1_vlan\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000003640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000003680)=@newtfilter={0x84, 0x2c, 0xd27, 0x2, 0x0, {0x0, 0x0, 0x0, r8, {0xd, 0x7}, {}, {0x7, 0x1}}, [@filter_kind_options=@f_u32={{0x8}, {0x58, 0x2, [@TCA_U32_SEL={0x54, 0x5, {0x11, 0xef, 0x6, 0x8, 0x5, 0x5, 0x7, 0x0, [{0x1000, 0x4, 0x8001, 0x6}, {0xfffffff9, 0x43, 0x8001, 0x4}, {0x7fde, 0x8, 0x51, 0x3ff}, {0x5, 0x4, 0x8, 0x8}]}}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x84}, 0x40) ioctl$sock_inet6_SIOCSIFADDR(r5, 0x8916, 0x0) 4m31.677912527s ago: executing program 38 (id=3255): ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ustat(0x801, 0x0) r3 = socket$inet(0x2, 0x3, 0x8d) setsockopt$inet_msfilter(r3, 0x0, 0x8, &(0x7f0000000340)=ANY=[], 0x1) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$SIOCSIFHWADDR(r4, 0x8b0b, &(0x7f0000000000)={'wlan1\x00', @random="0100"}) getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f00000000c0)={0x0, @local, @local}, 0x0) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) r6 = socket(0x400000000010, 0x3, 0x0) r7 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'veth1_vlan\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000003640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000003680)=@newtfilter={0x84, 0x2c, 0xd27, 0x2, 0x0, {0x0, 0x0, 0x0, r8, {0xd, 0x7}, {}, {0x7, 0x1}}, [@filter_kind_options=@f_u32={{0x8}, {0x58, 0x2, [@TCA_U32_SEL={0x54, 0x5, {0x11, 0xef, 0x6, 0x8, 0x5, 0x5, 0x7, 0x0, [{0x1000, 0x4, 0x8001, 0x6}, {0xfffffff9, 0x43, 0x8001, 0x4}, {0x7fde, 0x8, 0x51, 0x3ff}, {0x5, 0x4, 0x8, 0x8}]}}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x84}, 0x40) ioctl$sock_inet6_SIOCSIFADDR(r5, 0x8916, 0x0) 4m1.871999183s ago: executing program 3 (id=3310): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, 0x0, 0x20800) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000007fc0)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000100)=0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000040), 0x55af) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r2, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x7a, &(0x7f0000000080), &(0x7f0000000000)=0x8) 3m54.43896921s ago: executing program 3 (id=3316): r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f0100000000000001000006241a00000a0905810300020007000904010000020d00000904010102020d00000936c63e47020000000905030200020000"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 3m52.083246323s ago: executing program 3 (id=3319): socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0xa, 0x300) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r4 = io_uring_setup(0x1bc2, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x7, 0x20002f9}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000240), 0x0, 0x501, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x50) r5 = socket$inet(0x2, 0x80001, 0x84) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{0x0, 0x10}], 0x1}, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8) sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)='8', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845) io_uring_enter(r4, 0x2219, 0x7721, 0x16, 0x0, 0x0) 3m50.08644873s ago: executing program 3 (id=3321): r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1) sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, 0x0, 0x809d) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0xf8, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f000000e0c0)=""/102400, 0x19000) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc004}, 0xc000) sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000001500)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a90000000060a010400000000000000000a0004050900010073797a310000000064000480600001800a000100696e6e65720000005000028008000440000000172c0005800c00010070617903006164001c00028008000340000000920800024000000001080004400000000008000340000000020800024000d2008408000140000000000900020073797a32"], 0xb8}, 0x1, 0x0, 0x0, 0x8890}, 0x24000000) pread64(r0, &(0x7f0000000080)=""/185, 0xb9, 0x4) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000400)={0xf0f021}) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f0000000040)='!,\x00') r4 = fanotify_init(0x1a, 0x800) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0xa8) fanotify_mark(r4, 0x1, 0x48000038, r5, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) lseek(r6, 0x2, 0x1) mremap(&(0x7f0000ff1000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000ffb000/0x4000)=nil) 3m46.3196182s ago: executing program 3 (id=3326): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x5, &(0x7f0000000040)=0x29) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) munlockall() mremap(&(0x7f000040b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00004b3000/0x4000)=nil) syz_usb_connect$hid(0x4, 0x3f, 0x0, 0x0) r4 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_linger(r4, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001, 0x89}, 0x8) sendto$inet6(r4, &(0x7f0000000200), 0x0, 0x48c5, &(0x7f0000000340)={0xa, 0x4e23, 0x14d, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x17}}, 0x8}, 0x1c) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x1b, &(0x7f0000000140)={@remote, 0x1, 0x0, 0x3, 0x0, 0x77f, 0x4000}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}, 0x0, 0x0, 0xff, 0x2}, 0x20) r6 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00') preadv(r6, &(0x7f0000000040)=[{&(0x7f0000000180)=""/88, 0x58}], 0x1, 0x78, 0x0) 3m42.906212075s ago: executing program 3 (id=3331): syz_mount_image$bfs(&(0x7f00000002c0), &(0x7f0000000180)='./bus\x00', 0x98, &(0x7f00000004c0)=ANY=[], 0xff, 0xb6, &(0x7f0000000700)="$eJzs0j1KxkAQBuD3iyAJiB7AO6S2NIfwBDmClRBQz2LtVTxCWiuLtDaR1fgLBiwCfvA8xewsLwMDuw/P96c5TubrZD7Iu7m4vLrNmsPVlH1QLWddHv3k7f7UJedJdiUvZRr6cTrrx2nof4xf1F8+zXd3SY423h4AAPiL3UfXvdYqbfuZPjZL0/w2f7PhbgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/wUsAAAD//2vbGSg=") r0 = socket$inet_mptcp(0x2, 0x1, 0x106) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1) shutdown(r0, 0x1) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f00000000c0)='./bus\x00', 0x107) mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x44, &(0x7f0000000100)='trans=rdma,\xd6\xd2\x1e\x80\xc2W\xbe\xbf\x16S\x84j\xea1Z\x8e\xe9\xc7\x0ep*\xd9\x94Mk\xb9\xc6\x9e\xcf\xd7\x9eoc\xe2(\x03\xc3!{\x8aY\x17\xd0\xa3\xfe\xe3/\xc4\f\b2t\x1c4\x93/^\x91\xe8\xabK\x9e\x14j\xb3\x92\x13\x80\x96m\xc7\x96\"\xcb\xdc\xcc\xd8\x18\"\x9eT\x97Kh5i\x8f\xfc\xd8=\x8b\xe9\x1b\xce\xe4\xf5$\xf1sa,\x8f\xb6\x89\xcfZ\xa0\xae>Xs=\xadu\x9aQ\xe2z\xaf\x90\x90\x9b\x92\x9b\xeb\aQb#\xec}\xa79\xd7\xe6<6\xadL\xd8$\xd3\xa9\x1d\xd9W\x8a\xb9F\x982%g!\x8a\"@*\xb8\xc6\xddw\xefY\xefJ\x0e\xc5%S.\n\xde\x95l\xd9\x1cPp\xb3\xfe+rY\xc24\x99\x88\xe7\njs\xb2\x8f') 3m27.582238709s ago: executing program 39 (id=3331): syz_mount_image$bfs(&(0x7f00000002c0), &(0x7f0000000180)='./bus\x00', 0x98, &(0x7f00000004c0)=ANY=[], 0xff, 0xb6, &(0x7f0000000700)="$eJzs0j1KxkAQBuD3iyAJiB7AO6S2NIfwBDmClRBQz2LtVTxCWiuLtDaR1fgLBiwCfvA8xewsLwMDuw/P96c5TubrZD7Iu7m4vLrNmsPVlH1QLWddHv3k7f7UJedJdiUvZRr6cTrrx2nof4xf1F8+zXd3SY423h4AAPiL3UfXvdYqbfuZPjZL0/w2f7PhbgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/wUsAAAD//2vbGSg=") r0 = socket$inet_mptcp(0x2, 0x1, 0x106) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1) shutdown(r0, 0x1) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f00000000c0)='./bus\x00', 0x107) mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x44, &(0x7f0000000100)='trans=rdma,\xd6\xd2\x1e\x80\xc2W\xbe\xbf\x16S\x84j\xea1Z\x8e\xe9\xc7\x0ep*\xd9\x94Mk\xb9\xc6\x9e\xcf\xd7\x9eoc\xe2(\x03\xc3!{\x8aY\x17\xd0\xa3\xfe\xe3/\xc4\f\b2t\x1c4\x93/^\x91\xe8\xabK\x9e\x14j\xb3\x92\x13\x80\x96m\xc7\x96\"\xcb\xdc\xcc\xd8\x18\"\x9eT\x97Kh5i\x8f\xfc\xd8=\x8b\xe9\x1b\xce\xe4\xf5$\xf1sa,\x8f\xb6\x89\xcfZ\xa0\xae>Xs=\xadu\x9aQ\xe2z\xaf\x90\x90\x9b\x92\x9b\xeb\aQb#\xec}\xa79\xd7\xe6<6\xadL\xd8$\xd3\xa9\x1d\xd9W\x8a\xb9F\x982%g!\x8a\"@*\xb8\xc6\xddw\xefY\xefJ\x0e\xc5%S.\n\xde\x95l\xd9\x1cPp\xb3\xfe+rY\xc24\x99\x88\xe7\njs\xb2\x8f') 3m8.059648023s ago: executing program 8 (id=3374): syz_mount_image$ext4(&(0x7f0000000600)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@nodioread_nolock}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@mblk_io_submit}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x2e}, 0x84, 0x450, &(0x7f0000000dc0)="$eJzs289vFFUcAPDvzLYgv2xF/MEPtYrGxh8tLagcvGg04WJiogc81lIIslBDayKESDUGj4a/QD2a+Bd40otRTxqvejcmxHARPZgxszsDS7tbd7tbtrCfTzLtezNv973vzLzdN/N2AhhYY/mfJGJ7RPwaESP17M0Fxur/rl29MPv31QuzSWTZG38mtXJ/Xb0wWxYtX7etyIynEenHSextUu/CufOnZqrVubNFfnLx9LuTC+fOP3vy9MyJuRNzZ6YPHz50cOqF56ef60mcO/K27vlgft/uI29dfm326OW3f/gqb+/2YntjHHWjXdc5FmM378sGT3T97hvLjoZ0MtTHhtCRSkTkh2u41v9HohI3Dt5IvPpRXxsHrKssy7LNK9ZWysRSBtzBkuh3C4D+KL/o8+vfcrmFw4++u/JS/QIoj/tasdS3DEValBledn3bS2MRcXTpn8/yJZrehwAA6K1v8vHPM83Gf2nc31Du7mJuaDQi7omInRFxb0Tsioj7ImplH4iIBzusf2xZfuX45+ctawqsTfn478Vibuvm8V85+ovRSpHbUYt/ODl+sjp3oNgn4zG8Oc9PrVLHt6/88mmrbY3jv3zJ6y/HgkU7/hhadoPu2MziTDcxN7ryYcSeoWbxJ9fnrvL/uyNizxreP99nJ5/6cl+r7f8f/yp6MM+UfRHxZP34L8Wy+EvJ6vOTk3dFde7AZHlWrPTjT5deb1V/V/H3QH78tzY9/6/HP5o0ztcudF7Hpd8+aXlNs9bzf1PyZi29qVj3/szi4tmpiE3J0sr10zdeW+bL8nn84/ub9/+dEf9+Xrxub0TkJ/FDEfFwRDxStP3RiHgsIvavEv/3Lz/+ztrjX195/Mc6Ov6dJyqnvvu6Vf3tHf9DtdR4saadz792G9jNvgMAAIDbRVr7DXySTlxPp+nERP03/Ltia1qdX1h8+vj8e2eO1X8rPxrDaXmna6ThfuhUcW+4zE8vyx+s3TfOsizbUstPzM5X12tOHWjPthb9P/d7pd+tA9ZdR/NorZ5oA25LnteEwaX/w+DS/2Fw6f8wuJr1/4sR1/rQFOAW8/0Pg0v/h8Gl/8Pg0v9hIHXzXP9qiZ1H1uud77REZWM0o+NEpBuiGWtLpBujGfXE5ohot/DFuFUN6/cnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQG/8FwAA//8Hl+jb") prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket(0x10, 0x803, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) io_setup(0x987, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff) chdir(&(0x7f0000000040)='./file0\x00') quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000000)='./file0\x00') r3 = socket(0x11, 0xa, 0x5) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) sendto$inet(r3, 0x0, 0x0, 0x40800, &(0x7f0000000040)={0x2, 0x4e20, @remote}, 0x10) close_range(r3, r1, 0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) 3m4.34886256s ago: executing program 8 (id=3381): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fb, 0x101301) ioctl$USBDEVFS_ALLOW_SUSPEND(r1, 0x5522) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) socket$inet6(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xae, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10) setsockopt$sock_int(r3, 0x1, 0x1, &(0x7f0000000200), 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000070000000000000000800027350000007500000095"], 0x0, 0xbb5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$inet6(0xa, 0x3, 0x3c) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) connect$inet6(r4, &(0x7f0000000000)={0xa, 0x5000, 0x0, @loopback, 0x5}, 0x1c) writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1) ioctl$VT_DISALLOCATE(r2, 0x5608) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100)={'#! ', './file0', [{0x20, '*'}, {0x20, '\\'}, {0x20, '\xe7\x17'}, {0x20, '$\xb9@[,-+.-'}, {0x20, '.'}, {0x20, ']!'}, {0x20, '-]'}, {}, {0x20, '%#'}, {0x20, 'C{\x96\x9d\xc9\xfe\xa0\x1c\xc5\xa8\x1a\x83<\x05\x12\xd6]rD\xc1)!m\x94\x87n\x0e\x14hLh\xed`u\x0f1\xbb\x81\x92\xa98y\x9az\xd8L\xbe\x9a\xe9/\xa7\xbb\xac\x9c\a9\xe7\xc6\xbe\xb3\xb9\x8a\x92\xf0e\x06\xbbe\xe1\xcc\x83\xfe\x16\x81\x80f\xdeqj\x1f\xc0\x8d\x1c?\x8a\"\x86@|\xd8\x047\xf2\xe2\xf3?\x8c^o2\x19\xb2NM\xa1\xc6\x99\xa14)}\x93\xfd\x14\xf9\xde\xa2\'\xab3\x8f]I\xbcg\xa5\xb6\v\x9b\\\xc4\xd0\xad\xc6\x11\x8f\x851>Y\xf9L\xa7\xad\xb0Uh\xa7\xa25\xb3\xf6\xbd\x06*\xd6%LS\x04\xa3\x9aP\x94\xdfj\x11\a\x94Y\xed\xf5\rS\x9e\xd6=\x14\xb7\xc7'}], 0xa, "98d910a3e7331fbff7263d47ee2b72cf5444cbb7af63de4a86efe5aad48db7640f5302865bf3170c323d8cdfa8a9a53e574ee190db45de8a08c82c14d98b0567c0fc8d0cd720b513075b2aead04f5533c05b1cec84dd53ed047fe5f2f8965ce1cd8abf5d1ab49cb73540077b993ee8a2a5ec58172d03a92c5fc9dedb4cda43e74f1a8b173bfe90dc8cd1ed789aaa7c909732aa14e24c7a8a69dcd776858817b7d0cf132b6782a8e3437d53ab59e55f6ab8e1468d355455744fca5812e7383d8689b694ed6484db1b3b930102bfbc473b1a"}, 0x1ae) 3m1.94943057s ago: executing program 8 (id=3385): sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000a00)=ANY=[@ANYBLOB="400000001800150000000000ffffffff"], 0x40}], 0x1, 0x0, 0x0, 0x40065}, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0x1a, {"a2e3ad21ed6b52f99cfbf4c087f71e9b230963ff7fc6e5539b9b3b09719b711b5d52101b080d29428f0e1ac6e7049b3468959b189a242a9b45f3988f7ef319520100ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae11a973735b36d5b1b63e91c00305d9be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c580263093ca9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6fa94fc488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c766000a5e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1386abdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060fb30e900caab415db6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3c901cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ffffff7f000000007f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca405d8c5f64fdb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb40800000077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e5e2c664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53dc10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fa6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf475bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c02b5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadbb25c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d060000008926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000ec0)=[@hoplimit={{0x14, 0x29, 0x34, 0xfffffffd}}, @dstopts_2292={{0x90, 0x29, 0x4, {0x4, 0xe, '\x00', [@calipso={0x7, 0x10, {0x1, 0x2, 0x9, 0x9f, [0x8]}}, @generic={0xfe, 0x31, "f4a4a3142ee1e12b9826287997a6b33d89f3d60da1641d9fe3896c3c1b6c130ef4f01be8f5836d417874540898619050b1"}, @generic={0x80, 0x14, "09e12e5f0b6bdcf72f2ec7008a15fa88b025e0ad"}, @pad1, @ra={0x5, 0x2, 0xbf4}, @hao={0xc9, 0x10, @private2}]}}}, @hoplimit={{0x14}}, @hopopts={{0x48, 0x29, 0x36, {0x5e, 0x5, '\x00', [@generic={0xff, 0x19, "50d650847249ad288702ebd0d654b985e8908defb7ec6c5ff1"}, @pad1, @pad1, @calipso={0x7, 0x8, {0x3, 0x0, 0x0, 0xfff}}]}}}, @rthdr={{0x18}}], 0x120}}], 0x1, 0x810) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000340)={0xa, 0x4e20, 0xffffffff, @mcast2, 0x7}, 0xfffffffffffffe26) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000200), 0x10) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001740)=[{{&(0x7f0000000480)={0xa, 0x4e23, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c, &(0x7f0000000100)=[{0x0}], 0x1}}], 0x1, 0x24088804) sendto$inet6(0xffffffffffffffff, &(0x7f0000000ec0)='\n', 0x1, 0x44000, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000300)=[{{&(0x7f0000000280)={0xa, 0x4e20, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000600)="6a9ee35872dedd3fa3577ce3d64d437abb6e906ee0d0354bcc7edf38e105d37f635fbb3b9c00a3d3bc61866fb3389eff2a0443cf6c38450ce2732419a8329bbe26f4eb1c9edcbf53fb1b0df9c77d6864e90753e3800dff58b9950616473ea1e55b947db3de3ebb8f63edf11ebec9eef2da6b9f545e28273d239534a4682dc23c44a85f64d17bbf41e291f3e3092626f045d8b2b5df6e478729cc88a79aa5f7fe99e374f09c34fe5b63b6dffd256f4ab6ec553520f191b386b290ce1e7fe4c59288afbcafe11869395eaae3f556234701", 0xd0}, {&(0x7f0000002840)="33db2a1949865d5bb1c5bfb13ffb96a1cdad02489f447c9f6e61ae185cf1962c0bee82f04dfd646365d75c057a118bea734fb3f7e5bd047d4c32bf72ead3fa9aca6aeb1cc044533c24edc3e8ec198203ec244cb6b2b79bedc3a8a74e17e85b4c32c0819c4c77dcc823cb4fa659cffc6e8348b875e177f03f4378da4b36ac7df34de2f67398e62f3708bb83c1b0f505aaa85a3422cf0a710a03415896a50197b4a0624542e33fdad43547a88b0fc5d26804a2c8f54e65fbeaae715fbba862f15688e80655f3890ac49ca3ccb40cb2dd711b88d4480d20c760f12c23568c8b5fe181abc11d1f2ab914f875ba85f8355c9d248deef68e71555867160c0161a078f42d6778ee2bcc3015ccb433ff9022b312b620c18e4f4b3824d186e3051adf3a6e0332222108e63f6eda5a1517ee3765ae0677f165fde798d1917a2583aa4b52e67438cf61f0cadd336edf8b5f132d54f4ca42b3d8d39ccba6293913d4f233f29af17bcf049306e43f99ad7c321bacbfa17c2e8d8269e42c5390e279a1a1370c15bec875beb8542823f5ab28abb5d48fd5662bbf3516ef63120e56fffe7d1e86748b788f80ef4deaaaeb0815d8fa04bdd351a00618ff45c64a886de5a7b51408a1d53ce8d4d7c2891492e10d1de29d4e0ef564a859500f97048c1a0b319e1305c1f228882d02a227dea730ce09b1200813bfbf6750800d1bd8d2c264ac6063d4b0fb4cb42c1924a6fac095d848450a00dcc6a827b9d0bcc0131ff3da234568d469f1246848b71bd3dfbe767de19ffe542a0a37317d84bfc63c9449a4cc04446c859f972b77188eb5b7517540b70c5a0701c78ca108c09aadd28a91278cb6633d88cff45cfd5e30f87d6be9eb53cf89d5c047f3c36f490fa652a148c5d824b2d9cb8ffe1edb80cd48922aede8f3b22d21806572bf5b7bbcd27555b41e137eb06e5a3f514780796a2c8700d13eeb1800227298d82e42388a3aad5293562cc05650ef93d23d5290dc0de915d8143f76b2838cea8db2ca4cc802cd8d6d2c43c95f919bf0ebd7403f8047a0c010dcbc26a4bead1b274b573773ad2a2000c7730b49d5a97505024b905be151207a4d737233ccd853c4420391150e546b205181aa376088c5ccfe1b42da805cb6eca7e7d622daeff2c66d75697f7cc50ce2cc096cfedfd5d6cc5551a83dd3beb24ecf9c0160e190138e8eb9e86de71ccd5d76a258844e34683f7accd5f0b07a87be90b7ae6976f4a89183ab489754c9034eee063309f8d8f36914cc56887e80acb660b40f8960df4280641cc2199fd90d4f71923f041396b834d3af2558f04055e1133140d3a4399cf32a1a1d441056c114a5311f0a9a13ee68ddc1481ccad45bcec671d980f8cc1e2155a637bd2f9dcc8f7ab57683c841545f4c6a1e75ebf778b518e2185935f7c6b020ee30a29355f6bf0e5adaac184a25aba83aa5221d983235d8c277c81c26497c1d019056a56abf062203887bd4a1143b991ac51b2aa136793e331ef84556ec6d254e2adadf0d77c21d46fadbe3cd187bf36f18905e24f6dbeb7e2a75119f943d1cd55ec316a58116fb2f00d511ddddc7baa8dd8e67a7b2a6a5bcac586115dd8ff84a899503d06d62e1d51f82d2681811da3ac71c76133f81308e048734030f24e6988b1cc512c9518365f87c0f00776ef77cab78d0f04f4d077dec4705da22593d934ad32b7bd17c6dc9957d5b742ef8f0894b15c27c3fac6775bbf4cbe107b1d726d1ef6f6b1d20a7ea23b34b87cb3dfcd5747f4f598bb4832de298032db313bbc727f1ea41ac96c8979387b375490e3199585d2a932734ab265afc1fb12253ede0c5dfcf702c88619919c8b8aff987ceaddd9e40bb43d34599b50b07bf2fc605e5e2c8e8b70e63bc0893af943641c3ae65cf717aa01d537e44eab989fff563d22be3c6ba7e25bd4ef6c8001e87a59788ac3140143620cf8a6e62cdad64a11fca4bbdece3d3c8032850f40de027e2dbaa3b250af2babc1549b8f8fa72c52e868743ba43e183f50c8b9d8ce45d0acf64758fd65edb776199ee84c6da0d228e0627e0ea92949e4dc6ef5f023b7c6e1a9d261384fa4db33962341c330b710405b1a339209fdfc6cb2eb29a7fb3ccbe4a1c7e2daf4f6f1c227ed4b77384938d082f59bfee13585ca9fc46c232f62ebb6287c3e02018313f22c0c8096a37c1506873294ede68b3eba8cc66ca31f40f0d19ff1536fd8fb42b3ff2fa3b191194d6d04e2d056b0c3c0c4abd88bc1c7e4c5b1e7b31245acebf616d2746d461c8a75ae762b2df0862c7705f2cad59f00303afaa9d9e774d005eecb3fe80c5bee4266703c2981803d7aad43c42d312e9376fc2a03b3a9067e88e1a4c063646493a63cc95082ad51505176a7dda5b4493dbc78a4021f6a0d31868d75ee08bb6129e84f247eb3ad352ec045c8d5dc8ee5ad7b7eae948ae056f523a4745f3839cb763505afe12e8b0a988caba151b38549e06738a15dfec6a5597b31f47fbbcb622b4b6dce331b50a4a7561396da5e3cd3383840afc00ac0537bf03a8aab179330a38d15115a01b0db44c9302bc908a5d86c5acef4859fc7464a0e4f2970f4221bffdd617bff126e6256cfbd24be7dc1eee65996013cd23a184ba66c7c0cdeb6b551fab006fda43591645106cf836bed95c143df06918fc0a3c32f6eea50a5208550fb42503987e64571d718b751597998d76941feed27076b64492eea782db891df0f69e89a6211d584f9f9c7d090ec9f6dd70a590436dfa4790a534bdfc1f46fd1ddbbcee124cd9668d968d95add753b630262989cf986b146722242b17cb2bbb083b590ab4946cf25326024a6d4377a9988a3335a84e0eba9c4287cf5fd3304e11cba1119c22a6ae371aa82cd398499a80be864159c08b6925ecc3d25b2aa9a841a5131123e09697cc5e516e9a117b6e86a6ebee3bb39f0801ffcc65f1acbd69f8cab1a1ec921d144366af2049aac2d58cbc20333d1fd63695891d50209e50a281f3a1906d8d12b5dd1610c307901d6283db0e8833bb63714785332cc03f28111d64a6649267da73ef1d9ebb0bd584fd651cce2518ce7bf40c48b07d6f50b1aa224d656d1cd8db83f250ddac303ff8076a4c151abacb7ceb18b10cc3c3de6f929d3858074223765d0e0005606b550f4a00cc855a8d8a99dac57a4a8b15729638dd982aec22e79c42bf3b5f67fe2ab4632acadc954444fb54806d730880b48cb10d641f3b607e6413d106c0622ba4670c169c0bc3073cf6bf160e7989b78aaae81e7306727c2d13776d827a209a4a84805f2b8f5bbf2950e9d213a344f236c9dfbfe0a4fed7eb5d27d3bb15e89d454bc3dc83df918e57e8b4c763aeabdd00cd768b69a052e848694b97cef6c333eed2d3278cefa13c73c4d1b886c1c23c3a9a5533d4f0aea3416fb0054a42c3b61ec6eebd0cadff6106cc7b58e2b5aefd2d9482d37cdbc04cfff4e8efde9397598d3f164483613391be5d96eab911ab979c9418b26abcf05d14e1c1fc84a943829d3a84d08ea171034c60a953fca50fb373aa1ffe26cf1ed8f1e2b64b50f05f22af000ccdfc87fc5d999ee0d5ade3e1438747a55ac95482b6619c4bf41dea7d164aaa6922b2f563a95ac5f4b906c3bc8172a184e7d28a1e10e0a38455a4a326610b41da0e48fcd60be7417b9a92ad92ecc6068dbcb93543f02c1ca310d45d118869e06169f2164d4ce5a6f96a5b8b75bbcd945c8f7e947cb435051fcf6f8f8244269b4d3412aaf91374b18f385ba052eedd9613793a9d1382d30b912f0af55bd3b7a821fb1fc32c62434970afd2af33707487beb86fae9a927e1a10e20803ff58bf02213ff4b019df223589710d2fb436a930c009e513cec0a3733badfb7c183bb4fe18f3c1f3efabc18629462fb16a82aaae57e976f233d8debf50c6f2b7b1e53870103bcd4ce8ed53e5effffccd5fb0d45a235a326aa3d4381d9031b25913203b8eb2f170e30f4e324db5fd01e0ae5b86dd48a27aba37871fb7d3f4be672f1191bca2516d2c17a9aaba68ffa02fb999f7441e7238341fbea72a00b7f9f9acbca02a3157984f7a88ec809c1083dddec5151bedc6892d77cbb0f878ff2bbdb61922daaaf99a419bb9aaf41c2e49f9470dee0fbac03b84272626eb1e11b37b3b9d735df63f08965d3cd2bcdda5d34fe7919c976702a01d9a18bf6b1d2cc5ba4d78bb38634198003cf17a33e17391b3e0ff25368e8adf469861496dcd5868d163a2087c584df9874f4185752cc16ebdb852d60932ece37096301a718b7489f3688848996b649775533aa55918327ca1b5de7abb448c178d98e7e13cd4ce939326edefeb9ea6bb65fb6131cf0749425df1afb553411dad6041232ff4493aa644624b960badd643ebbd84e7c80bcf9acd1aa3bcb0bac9208b05098c6005b8efff52699a04111bf93591b95c8800ad9adb3c33044684fbac1b05db253874b9fb00f428707e3da0bbedd7d290a4b17ec3e73f28bba6c27d83b8517b5c2e4ac0d26f5a524ec91d02bd118f0e68a286b1bf456702a3001ab0754c87895976ccb202e4d75171fe005a18ed6a7fbeb9d678b73a751a0d18c7e2d615b572f79902510213f7079a736ba035d9590c12d9a628f8babf40391cf592eb0c0a224d16a436b6c99170faf80551b010d2da7a8a215d23bc63dd100752da133107d255b53c20357bf975e19bfa383d316cbb1c6bade2fd47cacf1eb0f484b98a269ed56c7c03c65a99a5adcd4602109d0b02a9593b79eb11c60df9edf423c977c49c44378ffe874cb35314ccec8816097959ee7b6001854fb026c3be5e44859d09cad6ecb9b207adfc77c2b638f4debb693829da35769aaa5c7b06b920b75af374f68a649970e5f3f9d0e55ef72faa9b62fb36c42eeaf08b0951966d3c5636ddcf3639685980aa6b02082cd458b2ffefd57309f5865090e1aaec6c5fc48a8890b91a7836b901366e5397f5b711622371cf5f6614c74b4a4920e6165534a6245cff80f831ea59a43457329d2f5bfe294849dddf2abb78869e5b2d0762faa56f4b28924597b7e61770351f157449eadb502281053629cdd3167a1fab6f25d97fd592b629eac315b360ead34c76feed0b09ccab14012debc07fac6fafdfba2a72a7cd257434cdc46d549a0fa665528b981cb169f65c6a0c9f3d2b2d0e58590415aff05a95c34af395ab3c9f11626419a980ff3a99de36fb10f85cb1cb04d3e65520de992c7314dcbafdf6f286b38f64a318775cbf9534343e0096b681a02818bbafa4ee5c3c7c1dea42f5a355a889368bc7962bbf3916f35ce69f074fb1cf04ce05cbfaac7eaf8251840a1b6ba90080775f6249bf2ab57de976970f3eb734951b75ed2b8eb0d59abba59c6faf3457f2b7b46b68227fe3aa9e0b36fb33b7dfd04bb0d1a253acddbe5c5defcd2b08bd1293d9cbe74c1c106e208d8b4237dd561f0090c2191b07882ce0cb1d159316105ab3d9e2a58fcf12bcd073a123ef4209e9fa152c19c1b837e4b451efa767b5316a3a458147b09592f180d131aa16f93f65bca0ef061f327c9f8799b20cc809919635826a0dc643a5483a5f7b5b5006e61ea3cf1fd4a716e1fd55a99e0a7e1207e483602287f268ed00ed810af0df7ad658db67b5bb934f94bb80f154aa836d283e2234089369bc3e016c9a68b961b4ec0ed395916d1878ec1ea1585e62be87a5aebf373df4d5e1f4492cadff10d48c615a73ec56ecad599a9b70e3477c6d36e6df307d7123f0bc9bc525c4f733ddec8b8dcf87eba4d17c008d15a11462d08b6adec0", 0xfff}], 0x2, &(0x7f0000000b40)}}], 0x1, 0x4000081) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 3m1.167362681s ago: executing program 8 (id=3387): socket(0x2, 0x80805, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)}, &(0x7f0000000140)=0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x2008, 0x5, 0x11) r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x1, 0x0) fchdir(r3) fchmodat(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0xfffffffb) openat(0xffffffffffffff9c, &(0x7f0000001740)='.\x00', 0x515001, 0x408) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r4, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_rx_ring(r4, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0xfffffffc, 0xff, 0x80000000}, 0x1c) r5 = socket$netlink(0x10, 0x3, 0x4) write(r5, &(0x7f0000000040)="2700000014000707030e0000120f0a0011000100f5fe009d2fb112ff000000008a151f75080039", 0x27) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0xd) ioctl$FIONREAD(r6, 0x541b, &(0x7f00000001c0)) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) setxattr$system_posix_acl(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='system.posix_acl_access\x00', &(0x7f0000000080)=ANY=[], 0x24, 0x0) getsockopt(0xffffffffffffffff, 0x200000000114, 0x271e, 0x0, &(0x7f0000000040)) 3m0.142361987s ago: executing program 8 (id=3389): prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, 0x0, 0x20800) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) r3 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000007fc0)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000100)=0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f0000000040), 0x55af) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r4, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r3, 0x84, 0x7a, &(0x7f0000000080), &(0x7f0000000000)=0x8) 2m53.258375022s ago: executing program 8 (id=3402): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x67) mount$9p_rdma(&(0x7f00000000c0), &(0x7f0000000300)='./file0\x00', &(0x7f0000000340), 0x10400, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=rdma,port=0x00000000']) recvmsg$inet_nvme(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000100)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f0000000380)=[{0x0}, {0x0}, {0x0}], 0x3, &(0x7f00000003c0)=""/136, 0x88}, 0x12100) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x80800, 0x10a) r4 = socket$can_bcm(0x1d, 0x2, 0x2) r5 = syz_open_procfs(0x0, &(0x7f0000000240)='net/wireless\x00') r6 = msgget(0x1, 0x244) msgctl$MSG_STAT(r6, 0xb, 0x0) pread64(r5, &(0x7f00000000c0)=""/144, 0x90, 0x2f) connect$can_bcm(r4, &(0x7f00000005c0), 0x10) sendmsg$can_raw(r4, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000380)={&(0x7f000000a000)=@canfd={{0x5}, 0x2, 0x2, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5ee00000000000000094e2f9663a918fa1efd9b0b"}, 0x48}, 0x2}, 0x24000895) ioctl$TIOCMSET(r3, 0x5418, &(0x7f0000000040)=0x1) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@newqdisc={0x78, 0x24, 0xd0f, 0x70bd2b, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0xd9, 0x0, 0x20007, 0x4000}, 0x80, 0x200, 0x4, 0x0, 0x4, 0xf, 0x2, 0x0, 0x0, 0x0, {0x0, 0x0, 0x6, 0x0, 0xfffffffd}}}}]}, 0x78}}, 0x0) 2m38.170599871s ago: executing program 40 (id=3402): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x67) mount$9p_rdma(&(0x7f00000000c0), &(0x7f0000000300)='./file0\x00', &(0x7f0000000340), 0x10400, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=rdma,port=0x00000000']) recvmsg$inet_nvme(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000100)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f0000000380)=[{0x0}, {0x0}, {0x0}], 0x3, &(0x7f00000003c0)=""/136, 0x88}, 0x12100) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x80800, 0x10a) r4 = socket$can_bcm(0x1d, 0x2, 0x2) r5 = syz_open_procfs(0x0, &(0x7f0000000240)='net/wireless\x00') r6 = msgget(0x1, 0x244) msgctl$MSG_STAT(r6, 0xb, 0x0) pread64(r5, &(0x7f00000000c0)=""/144, 0x90, 0x2f) connect$can_bcm(r4, &(0x7f00000005c0), 0x10) sendmsg$can_raw(r4, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000380)={&(0x7f000000a000)=@canfd={{0x5}, 0x2, 0x2, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5ee00000000000000094e2f9663a918fa1efd9b0b"}, 0x48}, 0x2}, 0x24000895) ioctl$TIOCMSET(r3, 0x5418, &(0x7f0000000040)=0x1) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@newqdisc={0x78, 0x24, 0xd0f, 0x70bd2b, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0xd9, 0x0, 0x20007, 0x4000}, 0x80, 0x200, 0x4, 0x0, 0x4, 0xf, 0x2, 0x0, 0x0, 0x0, {0x0, 0x0, 0x6, 0x0, 0xfffffffd}}}}]}, 0x78}}, 0x0) 17.700765434s ago: executing program 1 (id=3584): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) setuid(0x0) read$FUSE(0xffffffffffffffff, &(0x7f00000041c0)={0x2020}, 0x2020) newfstatat(0xffffffffffffff9c, &(0x7f0000000cc0)='./file0\x00', &(0x7f0000000d00), 0x100) getresgid(&(0x7f0000000d80), &(0x7f0000000dc0), &(0x7f0000000e00)) stat(&(0x7f0000000e40)='./file0\x00', &(0x7f0000000e80)) read$FUSE(0xffffffffffffffff, &(0x7f0000008240)={0x2020}, 0x2020) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f00000014c0)={0x1, 0x63, {r0}, {}, 0x9, 0x40}) read$FUSE(0xffffffffffffffff, &(0x7f000000a280)={0x2020}, 0x2020) getresuid(&(0x7f0000001600), &(0x7f0000001640), &(0x7f0000001680)) lstat(&(0x7f00000016c0)='./file0\x00', 0x0) 12.311401775s ago: executing program 1 (id=3593): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) r2 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) syz_80211_inject_frame(0x0, 0x0, 0xa) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0xa2040, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb0100000000003000000030000000020000000000000000663dc19bb63a95b70000000000000902000000000000000900000900"], 0x0, 0x4a}, 0x28) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRESOCT=r2], 0x48) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_CLEAR_HALT(r4, 0xc0105502, &(0x7f0000000300)={0x1, 0x1}) r5 = syz_open_dev$loop(&(0x7f0000000040), 0x100000001, 0x0) ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000080)={'\x00', 0x5, 0x9, 0xa68a, 0x0, 0x608}) 11.328480045s ago: executing program 5 (id=3594): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = io_uring_setup(0x1a8, &(0x7f0000000000)={0x0, 0xb9a0, 0x2, 0x2, 0x372}) ioperm(0x0, 0x2, 0x7e) capget(&(0x7f0000000040)={0x19980330, 0xffffffffffffffff}, 0x0) io_uring_register$IORING_REGISTER_RING_FDS(r3, 0x13, &(0x7f0000001bc0), 0x2) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x19, 0x4, 0x4, 0x2}, 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000000000000fbffffff18110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bca2000000000000a6020000f8"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r5, 0x2000012, 0xe, 0x0, &(0x7f0000000280)="63ec33c9e9b98600000000000000", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(0x0, r6) sendmsg$NL80211_CMD_ABORT_SCAN(r7, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x20, r8, 0x10, 0x70bd25, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x1, 0x1f}}}}, [""]}, 0x20}, 0x1, 0x0, 0x0, 0x8011}, 0x880) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000640)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x2c, r9, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_USE_RRM={0x4}]}, 0x2c}}, 0x0) 10.168385185s ago: executing program 1 (id=3595): r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) move_pages(r0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[0x0, 0x0], 0x4) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000140), 0x0) sendmsg$AUDIT_TTY_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0) r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) write$RDMA_USER_CM_CMD_BIND(r5, &(0x7f0000000340)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x0, 0x0, @in6={0xa, 0x4e21, 0xd, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x480000}}}, 0x90) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x101, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) r6 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0) write$proc_mixer(r6, 0x0, 0x86) r7 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x80, 0x0) dup3(r7, r6, 0x0) 9.917217461s ago: executing program 5 (id=3596): bpf$MAP_CREATE(0x0, 0x0, 0x50) prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000180)={@loopback, 0x8000000, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x8000000, 0x0, 0xff, 0x9, 0x7, 0x2}, 0x20) close(r3) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff) r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f0000000000000000"], &(0x7f0000000140)='GPL\x00'}, 0x94) r5 = bpf$ITER_CREATE(0xb, 0x0, 0x0) close(r5) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r4, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000001a0001000000000000000000020000000000000000000000080002007f"], 0x34}, 0x1, 0x0, 0x0, 0x80d0}, 0x4800) bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000180)=0xffffffffffffffff, 0x4) 9.103506524s ago: executing program 9 (id=3597): syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) socketpair$unix(0x1, 0x3, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r4}, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0xa, 0x10, &(0x7f0000000500)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x85}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}]}, &(0x7f0000000080)='GPL\x00'}, 0x94) bind$inet(r3, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10) setsockopt$inet_tcp_TLS_TX(r3, 0x6, 0x1, &(0x7f0000000140)=@gcm_128={{0x304}, "60000100", "9de66ebc3914c06f0f109088d190e700", '\x00', "f8dde5bf3eba23db"}, 0x28) 8.323105095s ago: executing program 5 (id=3598): gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xffffffffffffffbf) fcntl$setsig(r0, 0xa, 0x12) dup2(r0, r1) syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f00000029c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x8001}}, {@data_ordered}, {@errors_remount}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'ext4\x00'}}, {@fsname={'fsname', 0x3d, 'minixdf'}}], 0x2c}, 0x84, 0x45a, &(0x7f0000000480)="$eJzs20tvG1UbAOB3xknv/ZKvlEsvQKAgIi5Jkxbogg0IpG6QkGBRliFJq9K0QU2QaFXRgFBZov4CYInEL2AFGwSsQGxhj5Aq1A2FBRo09kzrJnaIL6mT+nkkt+d4jn3e1zMnPjNnHEDfGsn/SSJ2RcQvETFUq97eYKT2343rl6b/un5pOokse/2PpNruz+uXpsum5et2FpXRNCL9KIkDDfpduHDxzNTc3Oz5oj6+ePad8YULF585fXbq1Oyp2XOTx44dPTLx/HOTz3Ylz915rPvfnz+47/ibV1+dPnH1re+/zOPdVWyvz6NmuOM+R2Lk9s+yzuMdv/vGsruunAz0MBBaUomIfHcNVsf/UFTi1s4bilc+7GlwwLrKsizbuuLZSllYyoC7WBK9jgDojfKLPj//LR93cPrRc9derJ0A5XnfKB61LQORFm0Gl53fdtNIRJxY+vvT/BENr0MAAHTX1/n85+lG87807qtr979ibWg4Iv4fEXsi4p6I2BsR90ZU294fEQ+02P/IsvrK+c9P29tKbI3y+d8LxdrW7fO/cvYXw5Witrua/2By8vTc7OHiMxmNwa15fWKVPr55+edPmm2rn//lj7z/ci5YxPH7wLILdDNTi1Od5Fzv2gcR+wca5Z/cXAlIImJfROxv4/23RcTpJ7842Gz7f+e/ii6sM2WfRzxR2/9LsSz/UrL6+uT4tpibPTxeHhUr/fDjldea9d9R/l2Q7/8dDY//m/kPJ/XrtQut93Hl14+bntO0e/xvSd6olrcUz703tbh4fiJiS7K08vnJW68t62X7PP/RQ43H/56Ifz4rXncgIvKD+MGIeCgiHi5ifyQiHo2IQ6vk/91Lj73dfv7rK89/pqX933qhcubbr5r1v7b9f7RaGi2emZnKsuzy6nmtNcDOPj0AAADYHNLqPfBJOnaznKZjY7V7+PfGjnRufmHxqZPz756bqd0rPxyDaXmla6jueuhEcW24rE8uqx+pXjfOsizbXq2PTc/PrdeaOrA2O5uM/9xvlV5HB6y7ltbRmv2iDdiU/F4T+pfxD/3L+If+ZfxD/2o0/i9H3OhBKMAd5vsf+pfxD/3L+If+1f74dzMQbGKd/K5/tcKe4+v1zndbobIxwmi5EOmGCKO9QroxwqgVtkbEWhtfjjsVWK//MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTHvwEAAP//H0rrgQ==") r2 = getpgrp(0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x16, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="dbaa00fea00000007110910000000000"], &(0x7f0000000480)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x790f}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80) getdents64(r6, &(0x7f0000001940)=""/4120, 0x1018) memfd_create(&(0x7f00000001c0)='\x02\x00\x00\x00\xc5\x97Z1\x8c\xab\x19\x9a<(\xa5\xe6\xa4\xb9\xba\xf4\x81X,e\xb3$\x0e\x8e\fG\x96\x11$\xca\x06\xba\x9e\xd5\x1c\xb0\xb3\xac\xc9\x16\x06u\xd5\xef\xb2\xd6\x8cC|\x91\t\xcd\xe9|\xb8E\xec\xb0\xc2\x95\xb2$\xb4\xf4\x9b\xb4\x8fP{\xc0|\x8e>\x0f.>\xe5\x87Xk\x96 \x1c\f:w\xc9w\\kB\xa0\xcc=/\xdaNk\x1f\xdd\xe3\xcc@d\xaa3{\xd2G', 0x0) 7.105801768s ago: executing program 1 (id=3599): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x300000000000000, &(0x7f00000004c0)=ANY=[@ANYBLOB="1a0000000000001000000002000000c403ee2feb472f30bbd2c3000000000052e969ef33b9fc6375dd4496019187a2d72100fca3660a8ad8e825ce6372ff0c066a0a2a87d0f8c24282132f06aa2d3fa1fda2e2faf5aeb299efc8f8f03e7ebfb9e53a14bb428adfb968dfb5be9e4527bd774b86f95fdbe600127d5db039b56fb25f3c482f4db25310b32369ed81deae692a72f4d3ff54c17ad0a152b54e8f5a4b2f14deec508d", @ANYRES32=0x1, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r3 = userfaultfd(0x80001) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x60}) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) r4 = epoll_create1(0x80000) socket$inet(0x2, 0x5, 0x2) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000040)={0x2}) mremap(&(0x7f0000638000/0x1000)=nil, 0x6aa000, 0x2000, 0x3, &(0x7f00005c0000/0x2000)=nil) close(r3) prctl$PR_SET_SECUREBITS(0x1c, 0x30) 7.104746005s ago: executing program 9 (id=3600): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = semget$private(0x0, 0x6, 0x0) semtimedop(r3, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a300000000048000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000210c0009800800014000000005600000000c0a010300000000000000000700fffe0900020073797a31000000000900010073797a300000000034000380300000802c000180250001002130404c6bfef3a31e2587ebd76200eb3ea056f39e3ab8a93c358099bf8cf3007d00000014000000110001"], 0xf0}}, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) socket$netlink(0x10, 0x3, 0x10) r4 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) semop(r3, &(0x7f00000000c0)=[{0x4, 0x1}], 0x1) semop(r3, &(0x7f0000000000)=[{0x2, 0x0, 0x2000}, {0x3, 0x1, 0x1000}], 0x2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407030000060000001d440000000000006b0a20fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) 5.282062606s ago: executing program 5 (id=3601): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2a, 0xa9}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)) prlimit64(0x0, 0x0, &(0x7f0000000000)={0x1}, 0x0) close(0xffffffffffffffff) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) r3 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43) mknodat$loop(r3, &(0x7f00000002c0)='./file1\x00', 0x10, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') linkat(r3, &(0x7f0000000100)='./file1\x00', r3, &(0x7f0000000240)='./file0\x00', 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x2) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(0xffffffffffffffff, 0x0) 5.281359065s ago: executing program 9 (id=3602): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, 0x0, 0x20800) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) r3 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000007fc0)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000100)=0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f0000000040), 0x55af) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r4, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r3, 0x84, 0x7a, &(0x7f0000000080), &(0x7f0000000000)=0x8) 4.188623294s ago: executing program 9 (id=3603): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) syz_80211_inject_frame(0x0, 0x0, 0xa) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0xa2040, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb0100000000003000000030000000020000000000000000663dc19bb63a95b70000000000000902000000000000000900000900"], 0x0, 0x4a}, 0x28) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRESOCT=r1], 0x48) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_CLEAR_HALT(r3, 0xc0105502, &(0x7f0000000300)={0x1, 0x1}) r4 = syz_open_dev$loop(&(0x7f0000000040), 0x100000001, 0x0) ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000080)={'\x00', 0x5, 0x9, 0xa68a, 0x0, 0x608}) 2.434333385s ago: executing program 1 (id=3604): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000200)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x0, 0x8, 0x8001, 0x0, 0x2, 0x7, 0xfffffe0001000001, 0xfa11, 0xffffffff}, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) eventfd(0x40048c67) r2 = syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x20c02) writev(r2, &(0x7f0000000000)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1) read(r2, 0x0, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x5, 0x0, 0x0, 0x0, 0x4000000000000b49, 0x7, 0x808, 0x1, 0x3}, 0x0) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_int(r4, 0x6, 0x1, 0x0, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000580)={{{@in=@private, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@initdev}}, &(0x7f0000000100)=0x2a) r5 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f0000000000)={0x1, 0x7}, 0x8) 2.386198534s ago: executing program 9 (id=3605): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(0xffffffffffffffff, 0x0, 0x20800) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000007fc0)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000100)=0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000040), 0x55af) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r2, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x7a, &(0x7f0000000080), &(0x7f0000000000)=0x8) 1.903905388s ago: executing program 9 (id=3606): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0xe, 0x2010, r0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0xa, 0x8000, 0x0, 0x9, 0x1, 0xfffffdffffffffff, 0xfa0f, 0xffffffff}, 0x0) mremap(&(0x7f00007f1000/0x4000)=nil, 0x4000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800) r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/power/mem_sleep', 0xa0502, 0x49) io_setup(0x1, &(0x7f00000016c0)=0x0) io_submit(r8, 0x1, &(0x7f0000000140)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x8, r7, &(0x7f0000000180)="282fa8", 0x3, 0x5}]) sendfile(r3, r4, 0x0, 0x20000023896) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x13c, 0x1a, 0x713, 0x0, 0x25dfdbfc, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x4e21, 0x2, 0x2, 0x0, 0x0, 0x3b, 0x0, 0xee00}, {@in6=@private1, 0xfe, 0x32}, @in6=@dev={0xfe, 0x80, '\x00', 0x1b}, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x543}, {0x4, 0x7fffffffffffffff}, {0xfffffffc}, 0x70bd28, 0x3500, 0xa, 0x4}, [@algo_aead={0x4c, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x0, 0x60}}]}, 0x13c}, 0x1, 0x0, 0x0, 0x880}, 0x0) connect$pppoe(0xffffffffffffffff, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) sendmmsg(0xffffffffffffffff, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}], 0x34000, 0x0) 1.465674709s ago: executing program 5 (id=3607): r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a00", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/14], 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x101301) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x4058534c, &(0x7f00000002c0)={0xff, 0x5, 0x86, 0x1, 0x7, 0x29}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) r5 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_linger(r5, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8) connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c) setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, &(0x7f0000001440)=ANY=[@ANYBLOB="0017"], 0xc0) sendmmsg$inet6(r5, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r5, 0x29, 0x37, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, 0x0) sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000240)={&(0x7f00000009c0)=@delqdisc={0x24, 0x25, 0x0, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xf, 0xf}, {0xa, 0xa}, {0xc, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x20048024}, 0x40) ioctl$USBDEVFS_ALLOC_STREAMS(r1, 0x8008551c, &(0x7f0000000000)={0xd616, 0x1, [{0x1, 0x1}]}) 423.925666ms ago: executing program 5 (id=3608): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4) setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10) r2 = syz_usb_connect$lan78xx(0x5, 0x0, 0x0, 0x0) syz_usb_control_io(r2, &(0x7f00000003c0)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x20, 0x29, 0xf, {0xf, 0x29, 0x85, 0x4, 0x6, 0x4, "8842cc0f", "be9767f5"}}, 0x0}, &(0x7f0000000a80)={0x84, &(0x7f0000000500)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$lan78xx(r2, 0x0, 0x0) r3 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f0000000080)) ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f0000000200)={r3}) ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f0000001000)) syz_usb_control_io$lan78xx(r2, 0x0, &(0x7f0000000680)={0x34, &(0x7f0000000700)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$lan78xx(r2, 0x0, 0x0) syz_usb_control_io$lan78xx(r2, 0x0, &(0x7f0000000180)={0x34, &(0x7f00000008c0)=ANY=[@ANYBLOB="000f00f4000044e5aef79ce88254258b8dfae8b0f7d2cbb9e43bb11533498d2893fb7aa3b3eb74155e7df5f1c3e4e4ca29eecc68c1394820e87dc93dc7224f054273d97a03fa804d22703747d1aa5aefaf66d01717f2e90420f761402105408fae24f254c0a92c258ed71d6c701463269638179c5be0981c05fbd027cd122e8885f6479363ae3633ffa34aa982ffb6c15a0b7d7215a635d9047e6bff80afee7d5e320ede67e30b76d18ca0c0f1f55081231fbc2204dc"], 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r2, 0x0, &(0x7f0000003f00)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$lan78xx(r2, 0x0, &(0x7f0000000880)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @address_request}}}}, 0x0) syz_emit_ethernet(0x66, &(0x7f0000000280)={@multicast, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @private=0xe0, @multicast1=0xe000c800}, {{0x0, 0x0, 0x1, 0x0, 0xb, 0x0, 0x0, 0x4, 0x6558}, {0x0, 0x0, 0x0, 0x0, 0x11}, {}, {0x8, 0x88be, 0x0, {{}, 0xfffff788}}}}}}}, 0x0) syz_usb_connect(0x2, 0x34, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000094d9d4084e080110aeed01020301090222000100", @ANYRES16], 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) 0s ago: executing program 1 (id=3609): syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x105042, 0x1ff) linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0) syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x1000000, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'], 0x2, 0x58a, &(0x7f0000000740)="$eJzs3c1rXWkZAPDnPc1NbzrtzJ22ttaOckHBMmJJ006qpjjWyQSE4oRp04UrY5N2wtwkJclIOgzahejG/8HVbBRkQN0ILnTrQnciA67ErVEGBhRHOSfnfiUZk5mbm4/m94PknnvOcz7eAwk872cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFff/nm8JW0308BAAAA9NM3b786PCL/BwAAgCfaHe3/AAAAAAAAAHDYpcjih5Fi9dRaOll8X1e9NbfwxurU+MTWpw2l4sxjRXz+U70ycvXaC6PXv9T8/P/n77YL8crtOzfrLy3OP1yaXV6enalPLczdW5yZ3fEVej1/o+eLF1Cff/2Nmfv3l+sjl692HV6t/e34U+dqY19++eytZuzU+MTE7Y6YgcrHvvsmengAAAAcbYORxbVIcefiz9OpiMii91x4m7qDfhuKWp5/F4WYGp8oCtKYm15YyQ9ONhPhWndOPNjMkfcgF+9JLeJ0/qyDMnoAAAB2rhJZfCZSXPhgLT0dEceaefAXiokBt79AbQ8ecgsDEXEmIi7FIcjZAQAAYJ8djyxejRS/adTimTKvLvL/r0WM7ffDAQAAALtiILK4HineG1tLtaI/QEQ8PzU+Ub91t/6NhfuLHbGTqWxRP+zjA/aSvgkAAAAcANXI4lTR4r+Wnv2QmIE9fiYAAABgdw1FFv+KFJ9/8bvFvHJRzEv/zNhXTt6Y6Jxh7vw218ljL0fExR2Oya+Ucw1OpsmUsk1Xe7wrhQMAAAAK1ZTFXyPF+3+uFt8vlbl50ugPAAAAT46UxQ8ixVcn11LasC79sY71/VsO+9j//j7/UPWlxYePluYevLay5fET1ZvfWV5Zmr639eH1tQu7ukNst44hAAAA7EAlZfHPSPH7xjutvLNcA6DsAdBONN++0c5Nq2nD0aLe4Omi3qA1huCpkZHO7S1T1o8wP16tvO+x3osNAAAAR0pKWQxGis/97pPl2v8nYlMbdBn3h0hxY/G5Mi4bzOOawwRqxe/q/bnG7HAeOx4pftloxkYRe7yMPdOOvZLH/ja/7nR3bLWMPduOHcljP4gUry1tHfuJduzVPHYpUvzsJ/Vm7Ik89mQZe64de/neYmOmby8YAAAADoBKyuJXkeLH/663hvx3t/+3W9vffqvd3r9pgr4PafPvtf2/1rHvcVkPcbysrxjYpr7ilUhx4dnnmuUp6gqa3QrW1zpo11f8I1Isfas7drCMPd2OvbLjFwsAAAAHSLP//x/v/rrV5b7MgcuvW+f/n9o4P2Cf8v/ONQnzey4/evP16UZjdmk/Nyof8azvR0TXnnQQSmHjv6WD8jx7ulH+UT0+KM/T60Zv/wcBAOAoyPP/u5Fi9b13W+3dZf5fdpVv5//vf6+d/49tvFCf8v/THfvGyvkGKgMR1ZX5h5XzEdXlR29+cW5++sHsg9mFq6MvjA6Pjl6/NlIZbDbut7d6flcAAABwWOX5/3Ck+PuPftoan7+T9v8TGy/Up/z/TMe+/J7tRr98z196LT4AAAAcCXn+/4tI8aeL77Tm0evO/zvm/3+rPc7+0mfXewu0agf6lP+f7dhXK+4bMbRLZQcAAAAAAAAAAAAAAAAAAICDopKy+E+keLc6kMoJ/3c0/9/Mxgv1afz/uY59M7E36//1/FIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkMoii7lI8enza+nFfMe3I052fgIAAACH3v8CAAD//16XHzs=") write$binfmt_script(r0, &(0x7f00000008c0), 0xfecc) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0) openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x161442, 0xb6) syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='pids.current\x00', 0x275a, 0x0) kernel console output (not intermixed with test programs): t_merged_write_cond+0x3c3/0x4e0 [ 1435.798336][T17746] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 1435.798384][T17746] f2fs_write_data_pages+0x2970/0x35e0 [ 1435.798408][T17746] ? __lock_acquire+0x6b5/0x2cf0 [ 1435.798467][T17746] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1435.798545][T17746] ? __lock_acquire+0x6b5/0x2cf0 [ 1435.798583][T17746] ? __lock_acquire+0x6b5/0x2cf0 [ 1435.798614][T17746] ? do_raw_spin_lock+0x12b/0x2f0 [ 1435.798644][T17746] ? do_raw_spin_unlock+0xf5/0x210 [ 1435.798670][T17746] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1435.798697][T17746] do_writepages+0x32e/0x550 [ 1435.798733][T17746] ? do_raw_spin_unlock+0xf5/0x210 [ 1435.798756][T17746] filemap_fdatawrite+0x1e9/0x2f0 [ 1435.798784][T17746] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 1435.798856][T17746] ? do_raw_spin_unlock+0xf5/0x210 [ 1435.798879][T17746] f2fs_sync_dirty_inodes+0x30e/0x810 [ 1435.798922][T17746] f2fs_write_checkpoint+0x9cf/0x2680 [ 1435.798984][T17746] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1435.799054][T17746] ? kfree+0x1c1/0x610 [ 1435.799078][T17746] ? f2fs_stop_gc_thread+0x7f/0xb0 [ 1435.799106][T17746] kill_f2fs_super+0x314/0x720 [ 1435.799139][T17746] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1435.799179][T17746] ? lockdep_hardirqs_on+0x7a/0x110 [ 1435.799214][T17746] deactivate_locked_super+0xbc/0x130 [ 1435.799243][T17746] cleanup_mnt+0x437/0x4d0 [ 1435.799271][T17746] ? _raw_spin_unlock_irq+0x23/0x50 [ 1435.799304][T17746] task_work_run+0x1d9/0x270 [ 1435.799326][T17746] ? __pfx_task_work_run+0x10/0x10 [ 1435.799357][T17746] exit_to_user_mode_loop+0xed/0x480 [ 1435.799379][T17746] ? rcu_is_watching+0x15/0xb0 [ 1435.799406][T17746] do_syscall_64+0x2b7/0xf80 [ 1435.799425][T17746] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1435.799444][T17746] ? trace_irq_disable+0x37/0x100 [ 1435.799469][T17746] ? clear_bhb_loop+0x40/0x90 [ 1435.799492][T17746] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1435.799511][T17746] RIP: 0033:0x7f876659c117 [ 1435.799530][T17746] Code: a2 c7 05 7c 94 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1435.799546][T17746] RSP: 002b:00007ffddc3edbd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1435.799570][T17746] RAX: 0000000000000000 RBX: 00007f876660471f RCX: 00007f876659c117 [ 1435.799580][T17746] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffddc3edc90 [ 1435.799590][T17746] RBP: 00007ffddc3edc90 R08: 00007ffddc3eec90 R09: 00000000ffffffff [ 1435.799601][T17746] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffddc3eed20 [ 1435.799611][T17746] R13: 00007f876660471f R14: 000000000015e2f6 R15: 00007ffddc3eed60 [ 1435.799639][T17746] [ 1436.136128][T17746] F2FS-fs (loop8): Stopped filesystem due to reason: 3 [ 1436.143691][T17746] CPU: 1 UID: 0 PID: 17746 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 1436.143721][T17746] Tainted: [L]=SOFTLOCKUP [ 1436.143728][T17746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1436.143739][T17746] Call Trace: [ 1436.143746][T17746] [ 1436.143754][T17746] dump_stack_lvl+0xe8/0x150 [ 1436.143786][T17746] f2fs_handle_critical_error+0x37c/0x540 [ 1436.143820][T17746] f2fs_write_end_io+0xcdb/0xff0 [ 1436.143868][T17746] __submit_merged_bio+0x256/0x650 [ 1436.143900][T17746] __submit_merged_write_cond+0x3c3/0x4e0 [ 1436.143933][T17746] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 1436.143984][T17746] f2fs_write_data_pages+0x2970/0x35e0 [ 1436.144009][T17746] ? __lock_acquire+0x6b5/0x2cf0 [ 1436.144071][T17746] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1436.144154][T17746] ? __lock_acquire+0x6b5/0x2cf0 [ 1436.144195][T17746] ? __lock_acquire+0x6b5/0x2cf0 [ 1436.144228][T17746] ? do_raw_spin_lock+0x12b/0x2f0 [ 1436.144260][T17746] ? do_raw_spin_unlock+0xf5/0x210 [ 1436.144288][T17746] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1436.144316][T17746] do_writepages+0x32e/0x550 [ 1436.144353][T17746] ? do_raw_spin_unlock+0xf5/0x210 [ 1436.144378][T17746] filemap_fdatawrite+0x1e9/0x2f0 [ 1436.144407][T17746] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 1436.144484][T17746] ? do_raw_spin_unlock+0xf5/0x210 [ 1436.144508][T17746] f2fs_sync_dirty_inodes+0x30e/0x810 [ 1436.144553][T17746] f2fs_write_checkpoint+0x9cf/0x2680 [ 1436.144619][T17746] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1436.144692][T17746] ? kfree+0x1c1/0x610 [ 1436.144717][T17746] ? f2fs_stop_gc_thread+0x7f/0xb0 [ 1436.144746][T17746] kill_f2fs_super+0x314/0x720 [ 1436.144780][T17746] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1436.144821][T17746] ? lockdep_hardirqs_on+0x7a/0x110 [ 1436.144858][T17746] deactivate_locked_super+0xbc/0x130 [ 1436.144887][T17746] cleanup_mnt+0x437/0x4d0 [ 1436.144915][T17746] ? _raw_spin_unlock_irq+0x23/0x50 [ 1436.144949][T17746] task_work_run+0x1d9/0x270 [ 1436.144972][T17746] ? __pfx_task_work_run+0x10/0x10 [ 1436.145004][T17746] exit_to_user_mode_loop+0xed/0x480 [ 1436.145025][T17746] ? rcu_is_watching+0x15/0xb0 [ 1436.145054][T17746] do_syscall_64+0x2b7/0xf80 [ 1436.145074][T17746] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1436.145092][T17746] ? trace_irq_disable+0x37/0x100 [ 1436.145117][T17746] ? clear_bhb_loop+0x40/0x90 [ 1436.145141][T17746] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1436.145159][T17746] RIP: 0033:0x7f876659c117 [ 1436.145178][T17746] Code: a2 c7 05 7c 94 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1436.145194][T17746] RSP: 002b:00007ffddc3edbd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1436.145214][T17746] RAX: 0000000000000000 RBX: 00007f876660471f RCX: 00007f876659c117 [ 1436.145227][T17746] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffddc3edc90 [ 1436.145239][T17746] RBP: 00007ffddc3edc90 R08: 00007ffddc3eec90 R09: 00000000ffffffff [ 1436.145251][T17746] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffddc3eed20 [ 1436.145263][T17746] R13: 00007f876660471f R14: 000000000015e2f6 R15: 00007ffddc3eed60 [ 1436.145305][T17746] [ 1436.145312][T17746] F2FS-fs (loop8): Stopped filesystem due to reason: 3 [ 1436.332741][T19425] loop3: detected capacity change from 0 to 512 [ 1436.490089][T19425] EXT4-fs: Ignoring removed nobh option [ 1436.619731][T19425] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.3253: iget: bad i_size value: 38620345925642 [ 1436.653676][T19425] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1436.654120][T19425] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.3253: couldn't read orphan inode 15 (err -117) [ 1436.663351][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 1436.663374][ C1] EXT4-fs (loop3): initial error at time 2000000073: ext4_orphan_get:1391: inode 15 [ 1436.663406][ C1] EXT4-fs (loop3): last error at time 2000000073: ext4_orphan_get:1391: inode 15 [ 1436.731006][T19425] loop3: lost filesystem error report for type 5 error -117 [ 1436.731032][T19430] loop9: detected capacity change from 0 to 4096 [ 1436.733146][T19425] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1437.940437][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1439.584148][T19451] loop3: detected capacity change from 0 to 2048 [ 1439.610671][T19451] EXT4-fs: Ignoring removed i_version option [ 1440.748115][T19456] loop8: detected capacity change from 0 to 512 [ 1440.792347][T19456] EXT4-fs (loop8): blocks per group (255) and clusters per group (8192) inconsistent [ 1440.851567][T19451] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1440.959188][T19451] ext4 filesystem being mounted at /667/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1441.294106][T19459] netlink: 144 bytes leftover after parsing attributes in process `syz.3.3263'. [ 1441.811648][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1442.032402][T19464] loop9: detected capacity change from 0 to 8 [ 1442.050973][ T29] audit: type=1326 audit(2000000079.009:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19460 comm="syz.3.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8994d9aeb9 code=0x7ffc0000 [ 1442.065194][T19464] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1442.145239][T19464] SQUASHFS error: Failed to read block 0x91: -5 [ 1442.164160][T19464] SQUASHFS error: Unable to read metadata cache entry [8f] [ 1442.172913][T19465] loop3: detected capacity change from 0 to 128 [ 1442.183863][T19465] adfs: Bad value for 'gid' [ 1442.188600][T19465] adfs: Bad value for 'gid' [ 1442.326610][ T29] audit: type=1326 audit(2000000079.009:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19460 comm="syz.3.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8994d9aeb9 code=0x7ffc0000 [ 1442.350121][ T29] audit: type=1326 audit(2000000079.009:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19460 comm="syz.3.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=453 compat=0 ip=0x7f8994d9aeb9 code=0x7ffc0000 [ 1442.423368][T19464] SQUASHFS error: Unable to read inode 0x11f [ 1442.492853][ T29] audit: type=1326 audit(2000000079.009:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19460 comm="syz.3.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8994d9aeb9 code=0x7ffc0000 [ 1442.523523][T19466] loop3: detected capacity change from 0 to 128 [ 1442.599378][T19466] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 1442.645328][T19466] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1442.773569][ T29] audit: type=1326 audit(2000000079.009:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19460 comm="syz.3.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8994d9aeb9 code=0x7ffc0000 [ 1442.796548][ T29] audit: type=1326 audit(2000000079.009:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19460 comm="syz.3.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f8994d9aeb9 code=0x7ffc0000 [ 1442.901431][T19464] loop9: detected capacity change from 0 to 512 [ 1442.915118][ T29] audit: type=1326 audit(2000000079.789:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19460 comm="syz.3.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8994d9aeb9 code=0x7ffc0000 [ 1442.946005][T19464] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 1442.980364][ T29] audit: type=1326 audit(2000000079.789:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19460 comm="syz.3.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8994d9aeb9 code=0x7ffc0000 [ 1443.056324][ T29] audit: type=1326 audit(2000000079.839:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19460 comm="syz.3.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8994d9aeb9 code=0x7ffc0000 [ 1443.064189][T19464] EXT4-fs (loop9): 1 truncate cleaned up [ 1443.080370][ T29] audit: type=1326 audit(2000000079.839:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19460 comm="syz.3.3265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8994d9aeb9 code=0x7ffc0000 [ 1443.107223][T19464] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1443.441173][ T5888] IPVS: starting estimator thread 0... [ 1443.813909][T19476] IPVS: using max 37 ests per chain, 88800 per kthread [ 1444.943899][ T77] team0 (unregistering): Port device team_slave_1 removed [ 1445.523002][T19488] use of bytesused == 0 is deprecated and will be removed in the future, [ 1445.532202][T19488] use the actual size instead. [ 1446.246002][ T77] team0 (unregistering): Port device team_slave_0 removed [ 1448.291863][ T5834] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1448.303421][ T5834] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1448.399847][ T5834] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1448.432285][ T5834] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1448.458479][ T5834] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1448.478412][T19512] loop3: detected capacity change from 0 to 64 [ 1448.648812][T19513] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3274'. [ 1449.962048][T19516] usb usb8: usbfs: process 19516 (syz.3.3275) did not claim interface 0 before use [ 1449.983342][T19516] blktrace: Concurrent blktraces are not allowed on loop7 [ 1450.372829][T19514] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1450.571451][T14249] Bluetooth: hci2: command tx timeout [ 1450.860223][ T5834] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1450.983196][ T5834] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1450.999891][T19480] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 1451.036516][T19480] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 1451.046231][T19480] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1451.729712][ T5834] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1451.780661][ T5834] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1451.788440][ T5834] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1451.836770][T17965] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1451.876342][T19509] wg1 speed is unknown, defaulting to 1000 [ 1453.276803][T14249] Bluetooth: hci2: command tx timeout [ 1453.519447][T19521] wg1 speed is unknown, defaulting to 1000 [ 1453.772734][T19533] loop9: detected capacity change from 0 to 4096 [ 1453.822931][T19533] ntfs3(loop9): Different NTFS sector size (1024) and media sector size (512). [ 1453.832124][T14249] Bluetooth: hci6: command tx timeout [ 1454.026570][T19533] ntfs3(loop9): Failed to initialize $Extend/$Reparse. [ 1454.332651][T19509] chnl_net:caif_netlink_parms(): no params data found [ 1455.253876][T19554] loop8: detected capacity change from 0 to 2048 [ 1455.369922][T14249] Bluetooth: hci2: command tx timeout [ 1455.415298][T19554] UDF-fs: error (device loop8): udf_process_sequence: Primary Volume Descriptor not found! [ 1455.545684][T19554] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1455.881529][T19564] UDF-fs: error (device loop8): udf_verify_fi: directory (ino 1376) has entry at pos 0 with unaligned length of impUse field [ 1455.926805][T14249] Bluetooth: hci6: command tx timeout [ 1455.955728][T19558] kvm: pic: non byte write [ 1456.251026][T19564] UDF-fs: error (device loop8): udf_verify_fi: directory (ino 1376) has entry at pos 0 with unaligned length of impUse field [ 1456.317786][T19509] bridge0: port 1(bridge_slave_0) entered blocking state [ 1456.327948][T19509] bridge0: port 1(bridge_slave_0) entered disabled state [ 1456.339855][T19509] bridge_slave_0: entered allmulticast mode [ 1456.347894][T19509] bridge_slave_0: entered promiscuous mode [ 1456.371474][ T77] bridge_slave_1: left allmulticast mode [ 1456.377147][ T77] bridge_slave_1: left promiscuous mode [ 1456.383494][ T77] bridge0: port 2(bridge_slave_1) entered disabled state [ 1456.428883][ T77] bridge_slave_0: left allmulticast mode [ 1456.439635][ T77] bridge_slave_0: left promiscuous mode [ 1456.445500][ T77] bridge0: port 1(bridge_slave_0) entered disabled state [ 1456.787090][ T77] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1456.849904][ T77] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1456.878737][ T77] bond0 (unregistering): Released all slaves [ 1456.894784][T19509] bridge0: port 2(bridge_slave_1) entered blocking state [ 1456.911836][T19509] bridge0: port 2(bridge_slave_1) entered disabled state [ 1456.929035][T19509] bridge_slave_1: entered allmulticast mode [ 1456.945339][T19509] bridge_slave_1: entered promiscuous mode [ 1457.068657][T19509] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1457.083202][T19509] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1457.115502][T19509] team0: Port device team_slave_0 added [ 1457.219326][ T77] hsr_slave_0: left promiscuous mode [ 1457.273225][ T77] hsr_slave_1: left promiscuous mode [ 1457.308747][ T77] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1457.368567][ T77] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1457.401119][T19578] loop9: detected capacity change from 0 to 512 [ 1457.443091][T14249] Bluetooth: hci2: command tx timeout [ 1457.474054][T19578] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 1458.909009][T14249] Bluetooth: hci6: command tx timeout [ 1458.984418][T19582] random: crng reseeded on system resumption [ 1458.996022][T19578] EXT4-fs (loop9): 1 truncate cleaned up [ 1459.154112][T19578] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1459.255512][T19584] Unrecognized hibernate image header format! [ 1459.262145][T19584] PM: hibernation: Image mismatch: architecture specific data [ 1459.366602][T17965] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1461.107664][T14249] Bluetooth: hci6: command tx timeout [ 1462.746177][T19596] usb usb8: usbfs: process 19596 (syz.9.3288) did not claim interface 0 before use [ 1462.767851][T19596] blktrace: Concurrent blktraces are not allowed on loop7 [ 1463.152819][T19594] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1463.459001][ T77] team0 (unregistering): Port device team_slave_1 removed [ 1463.522563][ T77] team0 (unregistering): Port device team_slave_0 removed [ 1463.991823][T19521] chnl_net:caif_netlink_parms(): no params data found [ 1464.013314][T19509] team0: Port device team_slave_1 added [ 1464.151503][T19509] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1464.159095][T19509] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1464.260435][T19509] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1464.291482][T19509] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1464.307428][T19509] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1464.340234][T19509] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1464.624795][T19610] loop3: detected capacity change from 0 to 512 [ 1464.688925][T19610] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 1464.771014][T19610] EXT4-fs (loop3): 1 truncate cleaned up [ 1464.788326][T19610] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1465.094045][T19509] hsr_slave_0: entered promiscuous mode [ 1465.109020][T19509] hsr_slave_1: entered promiscuous mode [ 1465.241853][T19509] debugfs: 'hsr0' already exists in 'hsr' [ 1465.245794][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1465.252936][T19509] Cannot create hsr debugfs directory [ 1465.322056][T19521] bridge0: port 1(bridge_slave_0) entered blocking state [ 1465.329345][T19521] bridge0: port 1(bridge_slave_0) entered disabled state [ 1465.339147][T19521] bridge_slave_0: entered allmulticast mode [ 1465.351229][T19521] bridge_slave_0: entered promiscuous mode [ 1465.579360][T19521] bridge0: port 2(bridge_slave_1) entered blocking state [ 1465.674532][T19521] bridge0: port 2(bridge_slave_1) entered disabled state [ 1466.116822][T19625] loop8: detected capacity change from 0 to 8 [ 1466.369107][T19521] bridge_slave_1: entered allmulticast mode [ 1466.670198][T19521] bridge_slave_1: entered promiscuous mode [ 1467.063076][T19521] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1467.249030][T19644] loop3: detected capacity change from 0 to 64 [ 1467.263719][T19521] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1467.632243][T19521] team0: Port device team_slave_0 added [ 1467.962743][T19649] loop8: detected capacity change from 0 to 512 [ 1467.975050][T19521] team0: Port device team_slave_1 added [ 1467.982874][T19649] UDF-fs: warning (device loop8): udf_load_vrs: No VRS found [ 1467.994716][T19644] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing [ 1468.018445][T19649] UDF-fs: Scanning with blocksize 512 failed [ 1468.036113][T19649] UDF-fs: warning (device loop8): udf_load_vrs: No VRS found [ 1468.059949][T19649] UDF-fs: Scanning with blocksize 1024 failed [ 1468.102421][T19649] UDF-fs: warning (device loop8): udf_load_vrs: No VRS found [ 1468.119638][T19649] UDF-fs: Scanning with blocksize 2048 failed [ 1469.329195][T19649] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256 [ 1469.392180][T19649] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1469.433061][T19656] netem: incorrect ge model size [ 1469.438658][T19656] netem: change failed [ 1469.495095][T19521] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1469.517527][T19521] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1469.576049][T19521] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1470.769206][T19521] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1470.848476][T19521] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1470.899742][T19521] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1471.015824][ T29] kauditd_printk_skb: 16 callbacks suppressed [ 1471.015842][ T29] audit: type=1800 audit(2000000108.029:474): pid=19649 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.3294" name="file1" dev="loop8" ino=36 res=0 errno=0 [ 1471.093829][T19521] hsr_slave_0: entered promiscuous mode [ 1471.104416][T19521] hsr_slave_1: entered promiscuous mode [ 1471.112418][T19521] debugfs: 'hsr0' already exists in 'hsr' [ 1471.118267][T19521] Cannot create hsr debugfs directory [ 1471.725835][T19682] usb usb8: usbfs: process 19682 (syz.8.3298) did not claim interface 0 before use [ 1471.749258][T19682] blktrace: Concurrent blktraces are not allowed on loop7 [ 1472.132889][T19677] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1472.974805][T19694] loop3: detected capacity change from 0 to 512 [ 1473.100762][T19694] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 1473.391007][T19694] EXT4-fs (loop3): 1 truncate cleaned up [ 1473.397621][T19694] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1473.928088][T19509] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1474.101579][ T5827] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1474.212489][T19700] loop3: detected capacity change from 0 to 8 [ 1474.242889][T19700] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 1474.247249][T17423] udevd[17423]: incorrect cramfs checksum on /dev/loop3 [ 1474.274473][T17423] udevd[17423]: incorrect cramfs checksum on /dev/loop3 [ 1474.284784][T19509] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1474.337237][T19509] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1474.349323][T17423] udevd[17423]: incorrect cramfs checksum on /dev/loop3 [ 1474.367806][T19509] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1474.868850][T19716] loop9: detected capacity change from 0 to 128 [ 1474.881586][T19716] adfs: Bad value for 'gid' [ 1474.886226][T19716] adfs: Bad value for 'gid' [ 1475.192414][ T29] audit: type=1326 audit(2000000111.649:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.9.3296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e7779aeb9 code=0x7ffc0000 [ 1475.224536][T19716] loop9: detected capacity change from 0 to 128 [ 1475.249984][T19716] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=256, location=256 [ 1475.295130][T19716] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1475.305240][ T29] audit: type=1326 audit(2000000111.659:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.9.3296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e7779aeb9 code=0x7ffc0000 [ 1475.445401][ T29] audit: type=1326 audit(2000000111.659:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.9.3296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=453 compat=0 ip=0x7f9e7779aeb9 code=0x7ffc0000 [ 1475.756962][T19721] loop3: detected capacity change from 0 to 40427 [ 1475.765328][ T29] audit: type=1326 audit(2000000111.659:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.9.3296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e7779aeb9 code=0x7ffc0000 [ 1475.787998][T19721] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 1475.796086][T19721] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1475.806007][T19721] F2FS-fs (loop3): invalid crc value [ 1475.811989][ T29] audit: type=1326 audit(2000000111.659:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.9.3296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e7779aeb9 code=0x7ffc0000 [ 1475.836025][ T29] audit: type=1326 audit(2000000111.669:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.9.3296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f9e7779aeb9 code=0x7ffc0000 [ 1475.861730][ T29] audit: type=1326 audit(2000000111.849:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.9.3296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e7779aeb9 code=0x7ffc0000 [ 1475.947023][T19721] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1475.985373][T19721] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1475.993457][T19721] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1476.179900][ T29] audit: type=1326 audit(2000000111.849:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.9.3296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e7779aeb9 code=0x7ffc0000 [ 1477.428067][ T29] audit: type=1326 audit(2000000112.109:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.9.3296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f9e7779aeb9 code=0x7ffc0000 [ 1477.451159][ T29] audit: type=1326 audit(2000000112.129:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.9.3296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e7779aeb9 code=0x7ffc0000 [ 1477.489798][ T29] audit: type=1326 audit(2000000112.129:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.9.3296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e7779aeb9 code=0x7ffc0000 [ 1477.572256][ T29] audit: type=1326 audit(2000000112.159:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.9.3296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f9e7779aeb9 code=0x7ffc0000 [ 1477.597956][T19742] loop9: detected capacity change from 0 to 64 [ 1477.616469][T19742] BFS-fs: bfs_fill_super(): loop9 is unclean, continuing [ 1477.759515][ T29] audit: type=1326 audit(2000000112.159:487): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.9.3296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e7779aeb9 code=0x7ffc0000 [ 1477.815370][ T29] audit: type=1326 audit(2000000112.159:488): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.9.3296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e7779aeb9 code=0x7ffc0000 [ 1477.950188][ T29] audit: type=1326 audit(2000000112.159:489): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.9.3296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f9e7779aeb9 code=0x7ffc0000 [ 1477.973617][ T29] audit: type=1326 audit(2000000112.239:490): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.9.3296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e7779aeb9 code=0x7ffc0000 [ 1478.005737][ T29] audit: type=1326 audit(2000000112.239:491): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=19701 comm="syz.9.3296" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e7779aeb9 code=0x7ffc0000 [ 1478.173201][T19509] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1478.814805][T19509] 8021q: adding VLAN 0 to HW filter on device team0 [ 1478.881646][T16732] bridge0: port 1(bridge_slave_0) entered blocking state [ 1478.888866][T16732] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1478.976319][T16121] bridge0: port 2(bridge_slave_1) entered blocking state [ 1478.983656][T16121] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1480.686952][T19509] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1480.719939][T19509] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1480.736798][T19521] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1481.750655][T19521] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1483.715002][T19521] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1484.003625][T19521] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1485.050360][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1487.507539][T19521] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1487.539490][T19812] loop9: detected capacity change from 0 to 64 [ 1487.568228][T19509] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1487.585303][T19812] BFS-fs: bfs_fill_super(): loop9 is unclean, continuing [ 1487.612471][T19521] 8021q: adding VLAN 0 to HW filter on device team0 [ 1487.657780][T10651] bridge0: port 1(bridge_slave_0) entered blocking state [ 1487.665041][T10651] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1487.686986][T19807] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(7) [ 1487.693523][T19807] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 1487.704042][T19807] vhci_hcd vhci_hcd.0: Device attached [ 1487.712217][T19814] vhci_hcd: connection closed [ 1487.712826][T16732] vhci_hcd vhci_hcd.8: stop threads [ 1487.725406][T16732] vhci_hcd vhci_hcd.8: release socket [ 1487.740218][T10651] bridge0: port 2(bridge_slave_1) entered blocking state [ 1487.747493][T10651] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1487.928970][T16732] vhci_hcd vhci_hcd.8: disconnect device [ 1487.989817][T16387] vhci_hcd vhci_hcd.8: vhci_device speed not set [ 1488.093468][T19509] veth0_vlan: entered promiscuous mode [ 1488.219663][T17991] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 1488.249523][T19509] veth1_vlan: entered promiscuous mode [ 1488.403595][T19509] veth0_macvtap: entered promiscuous mode [ 1488.411645][T17991] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1488.443473][T17991] usb 4-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1488.465399][T19509] veth1_macvtap: entered promiscuous mode [ 1488.493142][T17991] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1488.513515][T17991] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1488.524883][T19509] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1488.564354][T17991] usb 4-1: Product: syz [ 1488.568570][T17991] usb 4-1: Manufacturer: syz [ 1488.594243][T17991] usb 4-1: SerialNumber: syz [ 1488.633072][T19509] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1488.826726][T19837] loop8: detected capacity change from 0 to 2048 [ 1488.866154][T19837] UDF-fs: error (device loop8): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 1488.884162][T19837] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found [ 1488.892417][T19837] UDF-fs: Scanning with blocksize 512 failed [ 1489.038126][T19837] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1489.188842][ T29] kauditd_printk_skb: 18 callbacks suppressed [ 1489.188869][ T29] audit: type=1800 audit(2000000126.139:510): pid=19837 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.3317" name="file1" dev="loop8" ino=838 res=0 errno=0 [ 1489.660139][T17991] cdc_ncm 4-1:1.0: failed GET_NTB_PARAMETERS [ 1489.720403][T17991] cdc_ncm 4-1:1.0: bind() failure [ 1489.795124][T17991] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found [ 1489.862491][T17991] cdc_ncm 4-1:1.1: bind() failure [ 1489.882438][T16351] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1489.910785][T16351] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1489.931577][T17991] usb 4-1: USB disconnect, device number 14 [ 1490.017063][T16351] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1490.029269][T16351] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1490.067922][T19521] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1490.235564][ T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1490.289147][ T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1492.593087][T16345] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1492.609698][T16345] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1494.228568][T19521] veth0_vlan: entered promiscuous mode [ 1494.269157][T19521] veth1_vlan: entered promiscuous mode [ 1494.993002][T19521] veth0_macvtap: entered promiscuous mode [ 1495.233958][T19521] veth1_macvtap: entered promiscuous mode [ 1497.371565][T19521] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1497.385757][T19521] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1498.733147][ T77] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1498.783748][ T77] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1499.154714][ T77] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1499.179964][ T77] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1500.730099][T16345] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1500.737949][T16345] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1501.043533][T16345] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1501.067185][T16345] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1503.332263][T19939] ptrace attach of "./syz-executor exec"[19521] was attempted by ""[19939] [ 1503.827511][T19930] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1504.538027][T19945] usb usb8: usbfs: process 19945 (syz.5.3336) did not claim interface 0 before use [ 1504.556890][T19945] blktrace: Concurrent blktraces are not allowed on loop7 [ 1504.952849][T19943] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1505.694002][T19949] usb usb8: usbfs: process 19949 (syz.1.3337) did not claim interface 0 before use [ 1505.715893][T19949] blktrace: Concurrent blktraces are not allowed on loop7 [ 1506.092816][T19947] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1507.341758][T19961] loop3: detected capacity change from 0 to 64 [ 1507.554221][T19962] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3332'. [ 1507.575031][T19961] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing [ 1508.240774][T19965] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3340'. [ 1508.253657][T19965] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3340'. [ 1508.310158][T19965] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3340'. [ 1508.320753][T19965] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3340'. [ 1509.066932][T19988] loop9: detected capacity change from 0 to 4096 [ 1509.116250][T19988] ntfs3(loop9): Different NTFS sector size (1024) and media sector size (512). [ 1509.140597][T19988] ntfs3(loop9): ino=3, mi_enum_attr [ 1509.463587][T19988] ntfs3(loop9): Mark volume as dirty due to NTFS errors [ 1509.495211][T19987] ntfs3(loop9): ino=1f, "file2" failed to open parent directory r=5 to update [ 1509.650499][T16351] ntfs3(loop9): ino=1f, failed to open parent directory r=5 to update [ 1515.834083][T14249] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1516.184526][T14249] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1516.193902][T14249] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1516.205416][T14249] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1516.213510][T14249] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1516.353559][T20029] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7) [ 1516.360094][T20029] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 1516.368180][T20029] vhci_hcd vhci_hcd.0: Device attached [ 1516.376906][T20033] vhci_hcd: connection closed [ 1516.382038][T20030] wg1 speed is unknown, defaulting to 1000 [ 1516.439606][T10665] vhci_hcd vhci_hcd.1: stop threads [ 1516.444868][T10665] vhci_hcd vhci_hcd.1: release socket [ 1516.499673][T10665] vhci_hcd vhci_hcd.1: disconnect device [ 1516.654273][T20038] loop8: detected capacity change from 0 to 2048 [ 1518.307243][T20030] chnl_net:caif_netlink_parms(): no params data found [ 1518.314301][ T5834] Bluetooth: hci0: command tx timeout [ 1519.044995][T20060] loop1: detected capacity change from 0 to 256 [ 1520.561100][ T5834] Bluetooth: hci0: command tx timeout [ 1521.003622][T20030] bridge0: port 1(bridge_slave_0) entered blocking state [ 1521.013613][T20030] bridge0: port 1(bridge_slave_0) entered disabled state [ 1521.023213][T20030] bridge_slave_0: entered allmulticast mode [ 1521.035796][T20030] bridge_slave_0: entered promiscuous mode [ 1521.624411][T20030] bridge0: port 2(bridge_slave_1) entered blocking state [ 1521.698148][T20030] bridge0: port 2(bridge_slave_1) entered disabled state [ 1521.705795][T20030] bridge_slave_1: entered allmulticast mode [ 1521.716443][T20030] bridge_slave_1: entered promiscuous mode [ 1521.831894][T20030] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1521.845501][T20030] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1521.907906][T20030] team0: Port device team_slave_0 added [ 1521.919249][T20030] team0: Port device team_slave_1 added [ 1521.958039][T20030] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1521.965733][T20030] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1522.115917][T20030] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1522.132531][T20030] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1522.139838][T20030] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1522.168012][T20030] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1522.653729][T20097] usb usb8: usbfs: process 20097 (syz.9.3349) did not claim interface 0 before use [ 1522.672437][T20097] blktrace: Concurrent blktraces are not allowed on loop7 [ 1523.052939][T20095] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1523.379240][ T5834] Bluetooth: hci0: command tx timeout [ 1523.651563][T20103] binder: 20093:20103 ioctl c0306201 200000000680 returned -14 [ 1524.147517][T20030] hsr_slave_0: entered promiscuous mode [ 1524.167249][T20030] hsr_slave_1: entered promiscuous mode [ 1524.178121][T20030] debugfs: 'hsr0' already exists in 'hsr' [ 1524.198656][T20030] Cannot create hsr debugfs directory [ 1524.505781][T20108] loop8: detected capacity change from 0 to 256 [ 1524.518214][T20108] vfat: Unknown parameter 'shwrtname' [ 1525.429924][ T5834] Bluetooth: hci0: command tx timeout [ 1526.189826][T20115] infiniband: Added to hash: ib_dev=ffff88807d3f4000 (0)() ndev=ffff88804ca18000 (27)(lo) [ 1526.200584][T20115] siw: device registration error -23 [ 1526.206072][T20115] infiniband: Removed from hash: ib_dev=ffff88807d3f4000 (0)() ndev=ffff88804ca18000 (27)(lo) [ 1527.118084][T20117] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3363'. [ 1527.127407][T20117] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3363'. [ 1528.366258][T20124] 0x7fffffffffffffff-0x8000000000000006 : "" [ 1528.374567][T20124] mtd: partition "" is out of reach -- disabled [ 1528.431050][T20124] ftl_cs: FTL header not found. [ 1529.237453][T20126] loop1: detected capacity change from 0 to 1024 [ 1530.391602][T20135] hfsplus: xattr searching failed [ 1530.401195][T20136] hfsplus: xattr searching failed [ 1530.401731][ T29] audit: type=1800 audit(2000000167.419:511): pid=20135 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3366" name="file1" dev="loop1" ino=20 res=0 errno=0 [ 1530.647354][T16336] hfsplus: b-tree write err: -5, ino 4 [ 1532.273343][T20160] loop8: detected capacity change from 0 to 128 [ 1532.292033][T20160] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256 [ 1532.529586][T20165] fuse: Unknown parameter '0x0000000000000008' [ 1534.468110][T20184] loop8: detected capacity change from 0 to 512 [ 1534.503593][T20184] EXT4-fs: Ignoring removed mblk_io_submit option [ 1536.173364][T20184] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -13 [ 1536.338618][T20184] EXT4-fs error (device loop8): ext4_clear_blocks:876: inode #13: comm syz.8.3374: attempt to clear invalid blocks 2 len 1 [ 1536.474731][T20184] loop8: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 1536.479574][ C1] EXT4-fs (loop8): error count since last fsck: 1 [ 1536.495271][ C1] EXT4-fs (loop8): initial error at time 2000000173: ext4_clear_blocks:876: inode 13 [ 1536.504844][ C1] EXT4-fs (loop8): last error at time 2000000173: ext4_clear_blocks:876: inode 13 [ 1536.770597][T20184] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 1536.981791][T20184] EXT4-fs error (device loop8): ext4_free_branches:1023: inode #13: comm syz.8.3374: invalid indirect mapped block 1819239214 (level 0) [ 1537.308210][T20184] loop8: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 1537.555969][T20184] EXT4-fs error (device loop8): ext4_free_branches:1023: inode #13: comm syz.8.3374: invalid indirect mapped block 1819239214 (level 1) [ 1537.659697][T20184] loop8: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 1537.676031][T20184] EXT4-fs (loop8): 1 truncate cleaned up [ 1537.733137][T20184] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1537.919470][T17746] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1537.935009][T20030] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 1538.009205][T20219] 9pnet_virtio: no channels available for device syz [ 1538.459124][T20215] loop5: detected capacity change from 0 to 1024 [ 1538.500175][T20030] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 1538.950891][T20225] hfsplus: inconsistency in B*Tree (9,1,255,1,0) [ 1538.957358][T20225] hfsplus: xattr searching failed [ 1538.972957][T20227] hfsplus: inconsistency in B*Tree (9,1,255,1,0) [ 1538.979472][T20227] hfsplus: xattr searching failed [ 1539.126133][T20225] hfsplus: inconsistency in B*Tree (9,1,255,1,0) [ 1539.133163][T20225] hfsplus: xattr search failed [ 1539.186883][ T29] audit: type=1800 audit(2000000176.039:512): pid=20225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3380" name="file1" dev="loop5" ino=20 res=0 errno=0 [ 1539.311671][T20030] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 1539.403587][ T13] hfsplus: b-tree write err: -5, ino 4 [ 1539.407194][T20030] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 1539.541545][T20235] netlink: 'syz.9.3382': attribute type 10 has an invalid length. [ 1539.630304][T20237] loop1: detected capacity change from 0 to 128 [ 1539.820689][T20235] 8021q: adding VLAN 0 to HW filter on device team0 [ 1539.850970][T20235] bond0: (slave team0): Enslaving as an active interface with an up link [ 1540.332965][T20237] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 1540.507959][T20244] loop5: detected capacity change from 0 to 512 [ 1541.070238][T20244] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1541.187118][T20244] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1541.253703][T20244] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1541.349248][T20030] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1541.437924][T20030] 8021q: adding VLAN 0 to HW filter on device team0 [ 1541.478346][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 1541.485623][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1541.885468][T20268] ceph: No mds server is up or the cluster is laggy [ 1541.909739][T16387] libceph: connect (1)[c::]:6789 error -101 [ 1542.023403][T16345] bridge0: port 2(bridge_slave_1) entered blocking state [ 1542.030672][T16345] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1542.079764][T16387] libceph: mon0 (1)[c::]:6789 connect error [ 1542.553789][T20285] overlayfs: overlapping lowerdir path [ 1543.592229][T20030] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1543.618539][T20030] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1546.007192][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1546.453006][T20325] loop9: detected capacity change from 0 to 1024 [ 1546.632621][T20326] loop1: detected capacity change from 0 to 32768 [ 1546.647624][T20326] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3397 (20326) [ 1546.671293][T20030] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1546.673745][T20326] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1546.688507][T20326] BTRFS info (device loop1): using sha256 checksum algorithm [ 1547.411103][T16732] hfsplus: bad catalog file entry [ 1547.424912][T16732] hfsplus: b-tree write err: -5, ino 3 [ 1547.523099][T20326] BTRFS info (device loop1): enabling ssd optimizations [ 1547.530442][T20326] BTRFS info (device loop1): turning on async discard [ 1547.537231][T20326] BTRFS info (device loop1): enabling free space tree [ 1548.224317][ T29] audit: type=1800 audit(2000000185.159:513): pid=20362 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3397" name="file2" dev="loop1" ino=261 res=0 errno=0 [ 1548.599767][T13547] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 1549.002480][T13547] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1549.027108][T13547] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1549.045706][T13547] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1549.065446][T13547] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1549.152322][T20374] netlink: 64138 bytes leftover after parsing attributes in process `syz.9.3400'. [ 1549.565603][T13547] usb 2-1: Product: syz [ 1549.570106][T13547] usb 2-1: Manufacturer: syz [ 1549.574810][T13547] usb 2-1: SerialNumber: syz [ 1549.593204][T13547] usb 2-1: can't set config #1, error -71 [ 1549.829079][T13547] usb 2-1: USB disconnect, device number 6 [ 1550.069964][T10651] bridge_slave_1: left allmulticast mode [ 1550.075651][T10651] bridge_slave_1: left promiscuous mode [ 1550.725623][T10651] bridge0: port 2(bridge_slave_1) entered disabled state [ 1550.885713][T10651] bridge_slave_0: left allmulticast mode [ 1550.919700][T10651] bridge_slave_0: left promiscuous mode [ 1550.951706][T10651] bridge0: port 1(bridge_slave_0) entered disabled state [ 1550.984068][T19509] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1551.179119][T20397] Bluetooth: MGMT ver 1.23 [ 1553.045920][T20414] loop1: detected capacity change from 0 to 164 [ 1556.161166][T20414] Unsupported NM flag settings (8) [ 1556.192511][T20414] 9p: Bad value for 'rfdno' [ 1556.602327][T10651] bond2 (unregistering): (slave geneve2): Releasing active interface [ 1559.253369][T10651] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1559.272935][T10651] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1559.305340][T10651] bond0 (unregistering): Released all slaves [ 1559.462342][T20440] loop9: detected capacity change from 0 to 64 [ 1559.475019][T20440] BFS-fs: bfs_fill_super(): loop9 is unclean, continuing [ 1559.836546][T10651] bond1 (unregistering): Released all slaves [ 1561.058472][T20449] netlink: 'syz.5.3417': attribute type 2 has an invalid length. [ 1561.066325][T20449] netlink: 'syz.5.3417': attribute type 1 has an invalid length. [ 1561.095492][T20449] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3417'. [ 1562.776713][T20462] infiniband: Added to hash: ib_dev=ffff88804f3d0000 (0)() ndev=ffff888078412000 (29)(lo) [ 1562.786816][T20462] siw: device registration error -23 [ 1562.792202][T20462] infiniband: Removed from hash: ib_dev=ffff88804f3d0000 (0)() ndev=ffff888078412000 (29)(lo) [ 1563.852938][T10651] bond2 (unregistering): Released all slaves [ 1564.206878][T20463] could not allocate digest TFM handle blake2s-128-generic [ 1565.098766][T20030] veth0_vlan: entered promiscuous mode [ 1565.232812][T20030] veth1_vlan: entered promiscuous mode [ 1565.288344][T14249] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1565.314956][T10651] tipc: Left network mode [ 1565.334032][T14249] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1565.351690][T14249] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1565.369258][T14249] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1565.400112][T14249] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1565.466904][T20490] loop5: detected capacity change from 0 to 64 [ 1565.564531][T20490] BFS-fs: bfs_fill_super(): loop5 is unclean, continuing [ 1566.044998][T20030] veth0_macvtap: entered promiscuous mode [ 1566.094324][T20482] wg1 speed is unknown, defaulting to 1000 [ 1566.139215][T20030] veth1_macvtap: entered promiscuous mode [ 1566.250010][T17180] IPVS: starting estimator thread 0... [ 1566.430006][T20503] IPVS: using max 28 ests per chain, 67200 per kthread [ 1566.782301][T10651] hsr_slave_0: left promiscuous mode [ 1566.806696][T10651] hsr_slave_1: left promiscuous mode [ 1566.833618][T10651] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1568.048421][T14249] Bluetooth: hci3: command tx timeout [ 1568.393477][T20521] loop5: detected capacity change from 0 to 164 [ 1569.098688][T20525] Unsupported NM flag settings (8) [ 1569.118898][T20525] Unsupported NM flag settings (8) [ 1570.176363][ T5834] Bluetooth: hci3: command tx timeout [ 1571.172923][T20543] loop9: detected capacity change from 0 to 32768 [ 1571.281560][T20543] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.3431 (20543) [ 1571.315451][T20543] BTRFS info (device loop9): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1571.325908][T20543] BTRFS info (device loop9): using sha256 checksum algorithm [ 1571.705064][T20534] loop5: detected capacity change from 0 to 32768 [ 1571.777035][T20543] BTRFS info (device loop9): enabling ssd optimizations [ 1571.784157][T20543] BTRFS info (device loop9): turning on async discard [ 1571.791076][T20543] BTRFS info (device loop9): enabling free space tree [ 1572.415839][T14249] Bluetooth: hci3: command tx timeout [ 1572.425477][ T29] audit: type=1800 audit(2000000209.139:514): pid=20568 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.3431" name="file2" dev="loop9" ino=261 res=0 errno=0 [ 1573.290459][T17178] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 1573.681914][T14249] Bluetooth: hci2: command 0x0406 tx timeout [ 1573.715907][T17178] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1573.985121][T17178] usb 10-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1574.033949][T17965] BTRFS info (device loop9): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1574.100299][T17178] usb 10-1: string descriptor 0 read error: -71 [ 1574.155529][T17178] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1574.198771][T17178] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1574.398289][T17178] usb 10-1: can't set config #1, error -71 [ 1574.468135][T17178] usb 10-1: USB disconnect, device number 2 [ 1574.469908][ T5834] Bluetooth: hci3: command tx timeout [ 1574.835968][ T29] audit: type=1326 audit(2000000211.789:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20583 comm="syz.1.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe7b9aeb9 code=0x7ffc0000 [ 1575.028662][ T29] audit: type=1326 audit(2000000211.799:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20583 comm="syz.1.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe7b9aeb9 code=0x7ffc0000 [ 1575.178240][ T29] audit: type=1326 audit(2000000211.799:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20583 comm="syz.1.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe7b9aeb9 code=0x7ffc0000 [ 1575.201866][ T29] audit: type=1326 audit(2000000211.799:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20583 comm="syz.1.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f7fe7b9aeb9 code=0x7ffc0000 [ 1575.227118][ T29] audit: type=1326 audit(2000000211.799:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20583 comm="syz.1.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe7b9aeb9 code=0x7ffc0000 [ 1575.251391][ T29] audit: type=1326 audit(2000000211.799:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20583 comm="syz.1.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe7b9aeb9 code=0x7ffc0000 [ 1575.279585][ T29] audit: type=1326 audit(2000000211.799:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20583 comm="syz.1.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe7b9aeb9 code=0x7ffc0000 [ 1575.329427][ T29] audit: type=1326 audit(2000000211.799:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20583 comm="syz.1.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7f7fe7b9aeb9 code=0x7ffc0000 [ 1575.380011][ T29] audit: type=1326 audit(2000000211.799:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20583 comm="syz.1.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fe7b9aeb9 code=0x7ffc0000 [ 1576.117150][T14249] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1576.258575][T14249] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1577.353139][T14249] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1577.393096][T14249] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1577.485175][T14249] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1577.668059][T20605] loop5: detected capacity change from 0 to 128 [ 1578.027416][T10651] team0 (unregistering): Port device team_slave_1 removed [ 1578.202557][T10651] team0 (unregistering): Port device team_slave_0 removed [ 1579.702379][T14249] Bluetooth: hci4: command tx timeout [ 1580.778107][T20621] loop5: detected capacity change from 0 to 32768 [ 1580.810105][T20621] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3446 (20621) [ 1580.863940][T20621] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1580.876491][T20621] BTRFS info (device loop5): using sha256 checksum algorithm [ 1581.319850][T20621] BTRFS info (device loop5): enabling ssd optimizations [ 1581.326886][T20621] BTRFS info (device loop5): turning on async discard [ 1581.334057][T20621] BTRFS info (device loop5): enabling free space tree [ 1581.822855][T14249] Bluetooth: hci4: command tx timeout [ 1581.918071][ T29] kauditd_printk_skb: 62 callbacks suppressed [ 1581.918140][ T29] audit: type=1800 audit(2000000218.649:586): pid=20644 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3446" name="file2" dev="loop5" ino=261 res=0 errno=0 [ 1582.100708][T20650] loop9: detected capacity change from 0 to 512 [ 1582.214171][T20650] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1582.226801][T20650] ext4 filesystem being mounted at /96/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1582.832096][T13547] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 1583.068370][T13547] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1583.540443][T13547] usb 6-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1583.581072][T17965] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1583.584039][T13547] usb 6-1: string descriptor 0 read error: -71 [ 1583.631280][T13547] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1583.652164][T13547] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1584.589949][T20660] usb usb8: usbfs: process 20660 (syz.1.3452) did not claim interface 0 before use [ 1584.690374][T20660] blktrace: Concurrent blktraces are not allowed on loop7 [ 1584.746523][T14249] Bluetooth: hci4: command tx timeout [ 1584.771402][T19521] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1584.783978][T13547] usb 6-1: can't set config #1, error -71 [ 1584.821755][T13547] usb 6-1: USB disconnect, device number 10 [ 1585.675720][T20664] loop9: detected capacity change from 0 to 32768 [ 1586.516864][T20593] wg1 speed is unknown, defaulting to 1000 [ 1586.757331][T20676] Bluetooth: MGMT ver 1.23 [ 1586.844311][T14249] Bluetooth: hci4: command tx timeout [ 1587.601433][T20683] loop9: detected capacity change from 0 to 256 [ 1589.146760][T20482] chnl_net:caif_netlink_parms(): no params data found [ 1589.295500][T20692] loop1: detected capacity change from 0 to 32768 [ 1589.311788][T20692] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3456 (20692) [ 1589.330951][T20692] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1589.341197][T20692] BTRFS info (device loop1): using sha256 checksum algorithm [ 1590.419965][T20710] usb usb8: usbfs: process 20710 (syz.9.3457) did not claim interface 0 before use [ 1590.526505][T20710] blktrace: Concurrent blktraces are not allowed on loop7 [ 1590.534063][T20708] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1590.591403][T20692] BTRFS info (device loop1): enabling ssd optimizations [ 1590.598465][T20692] BTRFS info (device loop1): turning on async discard [ 1590.605648][T20692] BTRFS info (device loop1): enabling free space tree [ 1591.183638][T20722] loop5: detected capacity change from 0 to 256 [ 1591.191306][T20722] exfat: Deprecated parameter 'utf8' [ 1591.196615][T20722] exfat: Unexpected value for 'utf8' [ 1592.409614][ T29] audit: type=1800 audit(2000000228.759:587): pid=20726 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3456" name="file2" dev="loop1" ino=261 res=0 errno=0 [ 1592.488813][T10651] IPVS: stop unused estimator thread 0... [ 1592.690683][T13547] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 1592.851640][T13547] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1592.878999][T13547] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1592.912349][T13547] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1592.930433][T13547] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1592.938555][T13547] usb 2-1: Product: syz [ 1592.959666][T13547] usb 2-1: Manufacturer: syz [ 1592.965113][T13547] usb 2-1: SerialNumber: syz [ 1593.332738][T20739] loop5: detected capacity change from 0 to 512 [ 1593.360593][T20739] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1593.475726][T20739] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1593.489024][T20739] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1593.747916][T20482] bridge0: port 1(bridge_slave_0) entered blocking state [ 1593.777306][T20482] bridge0: port 1(bridge_slave_0) entered disabled state [ 1593.815734][T20482] bridge_slave_0: entered allmulticast mode [ 1593.841085][T20482] bridge_slave_0: entered promiscuous mode [ 1593.944728][T19521] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1594.009152][T20482] bridge0: port 2(bridge_slave_1) entered blocking state [ 1594.046501][T20482] bridge0: port 2(bridge_slave_1) entered disabled state [ 1594.054074][T13547] cdc_ncm 2-1:1.0: failed GET_NTB_PARAMETERS [ 1594.061799][T13547] cdc_ncm 2-1:1.0: bind() failure [ 1594.077132][T20482] bridge_slave_1: entered allmulticast mode [ 1594.320110][T20746] loop9: detected capacity change from 0 to 32768 [ 1594.332331][T13547] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found [ 1594.339227][T20746] BTRFS info: device /dev/loop9 (7:9) using temp-fsid 454da19e-3c83-499d-84a6-47c52780d4f8 [ 1594.349918][T20746] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.3459 (20746) [ 1594.364906][T20482] bridge_slave_1: entered promiscuous mode [ 1594.372345][T13547] cdc_ncm 2-1:1.1: bind() failure [ 1594.399695][T20746] BTRFS info (device loop9): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1594.409931][T20746] BTRFS info (device loop9): using sha256 checksum algorithm [ 1594.473018][T13547] usb 2-1: USB disconnect, device number 7 [ 1594.478249][T20593] chnl_net:caif_netlink_parms(): no params data found [ 1594.503239][T19509] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1594.608858][T20746] BTRFS info (device loop9): enabling ssd optimizations [ 1594.616021][T20746] BTRFS info (device loop9): turning on async discard [ 1594.623034][T20746] BTRFS info (device loop9): enabling free space tree [ 1595.014574][ T29] audit: type=1800 audit(2000000232.019:588): pid=20773 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.3459" name="file2" dev="loop9" ino=261 res=0 errno=0 [ 1595.523107][T20482] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1595.571333][T17991] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 1595.754202][T17991] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1595.785950][T17991] usb 10-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1595.855917][T17991] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1595.900334][T17991] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1595.940674][T17991] usb 10-1: Product: syz [ 1595.944980][T17991] usb 10-1: Manufacturer: syz [ 1596.056509][T17991] usb 10-1: SerialNumber: syz [ 1596.440956][T20788] loop5: detected capacity change from 0 to 2048 [ 1596.735512][T20788] NILFS (loop5): invalid segment: Magic number mismatch [ 1596.742625][T20788] NILFS (loop5): trying rollback from an earlier position [ 1596.782643][T20783] loop1: detected capacity change from 0 to 40427 [ 1596.792003][T20788] NILFS (loop5): recovery cancelled because norecovery option was specified for a read/write mount [ 1596.868899][T20783] F2FS-fs (loop1): Image doesn't support compression [ 1596.875783][T20783] F2FS-fs (loop1): build fault injection rate: 690 [ 1596.890125][T20783] F2FS-fs (loop1): invalid crc value [ 1597.086651][T20783] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1597.100085][T20783] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1597.373221][ T29] audit: type=1800 audit(2000000234.379:589): pid=20784 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3462" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 1598.635660][T20482] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1598.919227][T19509] syz-executor: attempt to access beyond end of device [ 1598.919227][T19509] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1598.956105][T19509] CPU: 1 UID: 0 PID: 19509 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 1598.956137][T19509] Tainted: [L]=SOFTLOCKUP [ 1598.956144][T19509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1598.956155][T19509] Call Trace: [ 1598.956162][T19509] [ 1598.956171][T19509] dump_stack_lvl+0xe8/0x150 [ 1598.956203][T19509] f2fs_handle_critical_error+0x37c/0x540 [ 1598.956234][T19509] f2fs_write_end_io+0xcdb/0xff0 [ 1598.956282][T19509] __submit_merged_bio+0x256/0x650 [ 1598.956313][T19509] __submit_merged_write_cond+0x3c3/0x4e0 [ 1598.956369][T19509] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 1598.956418][T19509] f2fs_write_data_pages+0x2970/0x35e0 [ 1598.956444][T19509] ? __lock_acquire+0x6b5/0x2cf0 [ 1598.956505][T19509] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1598.956546][T19509] ? css_rstat_updated+0x23a/0x530 [ 1598.956600][T19509] ? rcu_is_watching+0x15/0xb0 [ 1598.956630][T19509] ? __lock_acquire+0x6b5/0x2cf0 [ 1598.956669][T19509] ? __lock_acquire+0x6b5/0x2cf0 [ 1598.956702][T19509] ? do_raw_spin_lock+0x12b/0x2f0 [ 1598.956732][T19509] ? do_raw_spin_unlock+0xf5/0x210 [ 1598.956751][T19509] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1598.956779][T19509] do_writepages+0x32e/0x550 [ 1598.956815][T19509] ? do_raw_spin_unlock+0xf5/0x210 [ 1598.956839][T19509] filemap_fdatawrite+0x1e9/0x2f0 [ 1598.956868][T19509] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 1598.956943][T19509] ? do_raw_spin_unlock+0xf5/0x210 [ 1598.956965][T19509] f2fs_sync_dirty_inodes+0x30e/0x810 [ 1598.957010][T19509] f2fs_write_checkpoint+0x9cf/0x2680 [ 1598.957073][T19509] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 1598.957160][T19509] kill_f2fs_super+0x314/0x720 [ 1598.957195][T19509] ? __pfx_kill_f2fs_super+0x10/0x10 [ 1598.957236][T19509] ? lockdep_hardirqs_on+0x7a/0x110 [ 1598.957272][T19509] deactivate_locked_super+0xbc/0x130 [ 1598.957301][T19509] cleanup_mnt+0x437/0x4d0 [ 1598.957329][T19509] ? _raw_spin_unlock_irq+0x23/0x50 [ 1598.957363][T19509] task_work_run+0x1d9/0x270 [ 1598.957386][T19509] ? __pfx_task_work_run+0x10/0x10 [ 1598.957417][T19509] exit_to_user_mode_loop+0xed/0x480 [ 1598.957439][T19509] ? rcu_is_watching+0x15/0xb0 [ 1598.957466][T19509] do_syscall_64+0x2b7/0xf80 [ 1598.957487][T19509] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1598.957504][T19509] ? trace_irq_disable+0x37/0x100 [ 1598.957529][T19509] ? clear_bhb_loop+0x40/0x90 [ 1598.957553][T19509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1598.957572][T19509] RIP: 0033:0x7f7fe7b9c117 [ 1598.957599][T19509] Code: a2 c7 05 7c 94 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 1598.957615][T19509] RSP: 002b:00007fff79f79308 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1598.957637][T19509] RAX: 0000000000000000 RBX: 00007f7fe7c0471f RCX: 00007f7fe7b9c117 [ 1598.957650][T19509] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff79f793c0 [ 1598.957662][T19509] RBP: 00007fff79f793c0 R08: 00007fff79f7a3c0 R09: 00000000ffffffff [ 1598.957675][T19509] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff79f7a450 [ 1598.957687][T19509] R13: 00007f7fe7c0471f R14: 0000000000186464 R15: 00007fff79f7a490 [ 1598.957721][T19509] [ 1599.279934][T19509] F2FS-fs (loop1): Remounting filesystem read-only [ 1599.377605][T20809] binder: 20803:20809 ioctl 8933 200000000000 returned -22 [ 1599.415090][T20809] binder: 20803:20809 ioctl c0306201 200000000680 returned -14 [ 1599.940150][T17991] cdc_ncm 10-1:1.0: failed GET_NTB_PARAMETERS [ 1599.946415][T17991] cdc_ncm 10-1:1.0: bind() failure [ 1600.040924][T17965] BTRFS info (device loop9): last unmount of filesystem 454da19e-3c83-499d-84a6-47c52780d4f8 [ 1600.043295][T17991] cdc_ncm 10-1:1.1: CDC Union missing and no IAD found [ 1600.123782][T17991] cdc_ncm 10-1:1.1: bind() failure [ 1600.184308][T17991] usb 10-1: USB disconnect, device number 3 [ 1601.625286][T20482] team0: Port device team_slave_0 added [ 1601.663850][T20482] team0: Port device team_slave_1 added [ 1602.299526][T20822] binder: 20820:20822 ioctl c0306201 0 returned -14 [ 1603.225782][T20593] bridge0: port 1(bridge_slave_0) entered blocking state [ 1603.275233][T20593] bridge0: port 1(bridge_slave_0) entered disabled state [ 1603.286262][T20593] bridge_slave_0: entered allmulticast mode [ 1603.301681][T20593] bridge_slave_0: entered promiscuous mode [ 1603.343167][T20482] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1603.372734][T20482] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1603.439612][T20482] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1603.472054][T20482] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1603.491884][T20482] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1603.632685][T20482] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1603.664836][T20593] bridge0: port 2(bridge_slave_1) entered blocking state [ 1603.862699][ T29] audit: type=1804 audit(2000000240.839:590): pid=20831 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.9.3467" name="/newroot/102/file0" dev="tmpfs" ino=584 res=1 errno=0 [ 1603.892940][T20593] bridge0: port 2(bridge_slave_1) entered disabled state [ 1603.980171][T20593] bridge_slave_1: entered allmulticast mode [ 1604.163818][T20593] bridge_slave_1: entered promiscuous mode [ 1604.606390][T20593] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1604.674688][T20482] hsr_slave_0: entered promiscuous mode [ 1604.728868][T20482] hsr_slave_1: entered promiscuous mode [ 1604.750669][T20482] debugfs: 'hsr0' already exists in 'hsr' [ 1604.769636][T20482] Cannot create hsr debugfs directory [ 1604.859330][T20593] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1607.440987][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1607.775761][T20857] loop9: detected capacity change from 0 to 40427 [ 1607.812981][T20857] F2FS-fs (loop9): invalid crc value [ 1607.886151][T20857] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1607.903950][T20857] F2FS-fs (loop9): Start checkpoint disabled! [ 1607.924213][T20857] F2FS-fs (loop9): f2fs_disable_checkpoint() finish, err:0 [ 1607.933052][T20857] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6 [ 1608.010818][T20856] syz.9.3472: attempt to access beyond end of device [ 1608.010818][T20856] loop9: rw=2049, sector=45096, nr_sectors = 128 limit=40427 [ 1608.030544][T20856] syz.9.3472: attempt to access beyond end of device [ 1608.030544][T20856] loop9: rw=2049, sector=45224, nr_sectors = 128 limit=40427 [ 1608.047470][T20856] syz.9.3472: attempt to access beyond end of device [ 1608.047470][T20856] loop9: rw=2049, sector=45352, nr_sectors = 128 limit=40427 [ 1608.063098][T20856] syz.9.3472: attempt to access beyond end of device [ 1608.063098][T20856] loop9: rw=2049, sector=45480, nr_sectors = 128 limit=40427 [ 1608.079789][T20856] syz.9.3472: attempt to access beyond end of device [ 1608.079789][T20856] loop9: rw=2049, sector=45608, nr_sectors = 128 limit=40427 [ 1608.096294][T20856] syz.9.3472: attempt to access beyond end of device [ 1608.096294][T20856] loop9: rw=2049, sector=45736, nr_sectors = 128 limit=40427 [ 1608.112723][T20856] syz.9.3472: attempt to access beyond end of device [ 1608.112723][T20856] loop9: rw=2049, sector=45864, nr_sectors = 128 limit=40427 [ 1608.129292][T20856] syz.9.3472: attempt to access beyond end of device [ 1608.129292][T20856] loop9: rw=2049, sector=45992, nr_sectors = 128 limit=40427 [ 1608.145458][T20856] syz.9.3472: attempt to access beyond end of device [ 1608.145458][T20856] loop9: rw=2049, sector=46120, nr_sectors = 128 limit=40427 [ 1608.161106][T20856] syz.9.3472: attempt to access beyond end of device [ 1608.161106][T20856] loop9: rw=2049, sector=46248, nr_sectors = 128 limit=40427 [ 1608.176743][T20864] loop5: detected capacity change from 0 to 32768 [ 1608.356083][T20864] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3473 (20864) [ 1608.493459][T20864] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1608.507509][T20864] BTRFS info (device loop5): using sha256 checksum algorithm [ 1608.618386][T16732] CPU: 1 UID: 0 PID: 16732 Comm: kworker/u8:17 Tainted: G L syzkaller #0 PREEMPT(full) [ 1608.618416][T16732] Tainted: [L]=SOFTLOCKUP [ 1608.618421][T16732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1608.618432][T16732] Workqueue: writeback wb_workfn (flush-7:9) [ 1608.618468][T16732] Call Trace: [ 1608.618476][T16732] [ 1608.618484][T16732] dump_stack_lvl+0xe8/0x150 [ 1608.618510][T16732] f2fs_handle_critical_error+0x37c/0x540 [ 1608.618540][T16732] f2fs_write_end_io+0xcdb/0xff0 [ 1608.618582][T16732] __submit_merged_bio+0x256/0x650 [ 1608.618612][T16732] __submit_merged_write_cond+0x3c3/0x4e0 [ 1608.618642][T16732] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 1608.618690][T16732] f2fs_write_data_pages+0x2970/0x35e0 [ 1608.618754][T16732] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1608.618845][T16732] ? __lock_acquire+0x6b5/0x2cf0 [ 1608.618881][T16732] ? f2fs_write_meta_pages+0x38a/0x590 [ 1608.618911][T16732] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 1608.618936][T16732] do_writepages+0x32e/0x550 [ 1608.618965][T16732] ? reacquire_held_locks+0x104/0x190 [ 1608.618986][T16732] ? writeback_sb_inodes+0x42a/0x1940 [ 1608.619012][T16732] __writeback_single_inode+0x133/0x1060 [ 1608.619034][T16732] ? do_raw_spin_unlock+0xf5/0x210 [ 1608.619055][T16732] writeback_sb_inodes+0x92e/0x1940 [ 1608.619105][T16732] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 1608.619125][T16732] ? do_raw_spin_lock+0x12b/0x2f0 [ 1608.619190][T16732] ? rcu_is_watching+0x15/0xb0 [ 1608.619221][T16732] wb_writeback+0x445/0xad0 [ 1608.619246][T16732] ? queue_io+0x291/0x450 [ 1608.619273][T16732] ? __pfx_wb_writeback+0x10/0x10 [ 1608.619292][T16732] ? do_raw_spin_lock+0x12b/0x2f0 [ 1608.619339][T16732] wb_workfn+0x3f8/0xef0 [ 1608.619365][T16732] ? __lock_acquire+0x6b5/0x2cf0 [ 1608.619385][T16732] ? look_up_lock_class+0x57/0x110 [ 1608.619423][T16732] ? __pfx_wb_workfn+0x10/0x10 [ 1608.619455][T16732] ? do_raw_spin_lock+0x12b/0x2f0 [ 1608.619470][T16732] ? lock_acquire+0x106/0x330 [ 1608.619495][T16732] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1608.619513][T16732] ? process_one_work+0x87c/0x15a0 [ 1608.619536][T16732] ? process_one_work+0x87c/0x15a0 [ 1608.619572][T16732] ? process_one_work+0x87c/0x15a0 [ 1608.619603][T16732] process_one_work+0x949/0x15a0 [ 1608.619651][T16732] ? __pfx_process_one_work+0x10/0x10 [ 1608.619670][T16732] ? do_raw_spin_lock+0x12b/0x2f0 [ 1608.619706][T16732] worker_thread+0xb46/0x1140 [ 1608.619762][T16732] kthread+0x388/0x470 [ 1608.619791][T16732] ? __pfx_worker_thread+0x10/0x10 [ 1608.619812][T16732] ? __pfx_kthread+0x10/0x10 [ 1608.619842][T16732] ret_from_fork+0x51b/0xa40 [ 1608.619869][T16732] ? __pfx_ret_from_fork+0x10/0x10 [ 1608.619890][T16732] ? __switch_to+0xc7d/0x1400 [ 1608.619914][T16732] ? __pfx_kthread+0x10/0x10 [ 1608.619943][T16732] ret_from_fork_asm+0x1a/0x30 [ 1608.619991][T16732] [ 1608.993146][T20593] team0: Port device team_slave_0 added [ 1609.002230][T20593] team0: Port device team_slave_1 added [ 1609.041982][T20593] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1609.048959][T20593] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1609.076212][T20593] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1609.089114][T20593] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1609.101362][T20593] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1609.144872][T20593] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1609.165703][T16732] F2FS-fs (loop9): Stopped filesystem due to reason: 3 [ 1609.555201][T20881] loop1: detected capacity change from 0 to 4096 [ 1609.811534][T20874] ntfs3: Unknown parameter '' [ 1609.849881][T20864] BTRFS info (device loop5): enabling ssd optimizations [ 1609.857154][T20864] BTRFS info (device loop5): turning on async discard [ 1609.864065][T20864] BTRFS info (device loop5): enabling free space tree [ 1610.330184][ T29] audit: type=1800 audit(2000000247.209:591): pid=20890 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3473" name="file2" dev="loop5" ino=261 res=0 errno=0 [ 1610.679655][T17180] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 1610.884283][T17180] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1611.358607][T17180] usb 6-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1611.401800][T17180] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1611.418452][T17180] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1611.464131][T17180] usb 6-1: Product: syz [ 1611.468671][T17180] usb 6-1: Manufacturer: syz [ 1611.478529][T10651] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1611.615821][T17180] usb 6-1: SerialNumber: syz [ 1611.680315][T17180] usb 6-1: can't set config #1, error -71 [ 1611.697040][T17180] usb 6-1: USB disconnect, device number 11 [ 1611.705351][T19521] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1611.910757][T20904] loop1: detected capacity change from 0 to 32768 [ 1611.925115][T20904] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3478 (20904) [ 1611.992447][T20904] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1612.002594][T20904] BTRFS info (device loop1): using crc32c checksum algorithm [ 1612.097951][T20593] hsr_slave_0: entered promiscuous mode [ 1612.111837][T20593] hsr_slave_1: entered promiscuous mode [ 1612.118887][T20593] debugfs: 'hsr0' already exists in 'hsr' [ 1612.124763][T20593] Cannot create hsr debugfs directory [ 1612.582767][T20904] BTRFS info (device loop1): turning off barriers [ 1612.589207][T20904] BTRFS info (device loop1): enabling free space tree [ 1612.596704][T20904] BTRFS info (device loop1): use zstd compression, level 3 [ 1613.834142][T19509] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1615.209132][T20942] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3480'. [ 1615.218434][T20942] openvswitch: netlink: Flow key attr not present in new flow. [ 1615.393647][T20942] XFS (nbd5): SB validate failed with error -5. [ 1615.738316][T20950] overlay: ./file0 is not a directory [ 1615.841935][T10651] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1618.981373][T20972] loop9: detected capacity change from 0 to 32768 [ 1618.990543][T20973] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3484'. [ 1619.527927][T20972] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.3485 (20972) [ 1619.548625][T20972] BTRFS info (device loop9): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1619.559164][T20972] BTRFS info (device loop9): using sha256 checksum algorithm [ 1619.598754][T10651] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1619.777195][T20972] BTRFS info (device loop9): enabling ssd optimizations [ 1619.784303][T20972] BTRFS info (device loop9): turning on async discard [ 1619.791507][T20972] BTRFS info (device loop9): enabling free space tree [ 1619.893003][T20994] loop5: detected capacity change from 0 to 512 [ 1619.911771][T20994] EXT4-fs (loop5): blocks per group (71) and clusters per group (20800) inconsistent [ 1621.067907][T20997] PKCS7: Unknown OID: [4] 0.38.107.217331280.32(bad) [ 1621.075294][T20997] PKCS7: Only support pkcs7_signedData type [ 1621.209190][ T29] audit: type=1800 audit(2000000257.459:592): pid=20999 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.3485" name="file2" dev="loop9" ino=261 res=0 errno=0 [ 1622.918453][ T5888] usb 10-1: new high-speed USB device number 4 using dummy_hcd [ 1623.265954][T10651] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1623.305399][T17965] BTRFS info (device loop9): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1623.319677][ T5888] usb 10-1: device not accepting address 4, error -71 [ 1624.428450][T21019] loop5: detected capacity change from 0 to 256 [ 1624.440413][T21019] exfat: Deprecated parameter 'namecase' [ 1624.446706][T21019] exfat: Deprecated parameter 'namecase' [ 1624.610020][T21019] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 1625.701348][T21023] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1625.757250][ T5834] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1625.806135][ T5834] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1625.893582][ T5834] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1626.063608][T11812] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1626.265425][T11812] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1626.730283][T10651] bridge_slave_1: left allmulticast mode [ 1626.736525][T10651] bridge_slave_1: left promiscuous mode [ 1626.778130][T10651] bridge0: port 2(bridge_slave_1) entered disabled state [ 1626.809445][T10651] bridge_slave_0: left allmulticast mode [ 1626.815213][T10651] bridge_slave_0: left promiscuous mode [ 1626.979466][T10651] bridge0: port 1(bridge_slave_0) entered disabled state [ 1627.034151][T21036] usb usb8: usbfs: process 21036 (syz.1.3492) did not claim interface 0 before use [ 1627.046656][T21036] blktrace: Concurrent blktraces are not allowed on loop7 [ 1627.383270][T21032] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1627.548684][T10651] bridge_slave_1: left allmulticast mode [ 1627.565785][T10651] bridge_slave_1: left promiscuous mode [ 1627.576509][T10651] bridge0: port 2(bridge_slave_1) entered disabled state [ 1627.998403][T10651] bridge_slave_0: left allmulticast mode [ 1628.107313][T10651] bridge_slave_0: left promiscuous mode [ 1628.179821][T10651] bridge0: port 1(bridge_slave_0) entered disabled state [ 1628.766792][T14249] Bluetooth: hci0: command tx timeout [ 1629.068988][ T29] audit: type=1804 audit(2000000265.739:593): pid=21050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.3495" name="/newroot/52/file0" dev="tmpfs" ino=306 res=1 errno=0 [ 1629.365085][T21054] loop5: detected capacity change from 0 to 164 [ 1630.497178][T21058] Unsupported NM flag settings (8) [ 1630.505134][T21058] 9p: Bad value for 'rfdno' [ 1630.809668][T14249] Bluetooth: hci0: command tx timeout [ 1631.193412][T21060] loop1: detected capacity change from 0 to 32768 [ 1631.201090][T21060] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3498 (21060) [ 1631.230331][T21060] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1631.240524][T21060] BTRFS info (device loop1): using sha256 checksum algorithm [ 1631.975618][T21060] BTRFS info (device loop1): enabling ssd optimizations [ 1631.982745][T21060] BTRFS info (device loop1): turning on async discard [ 1631.989698][T21060] BTRFS info (device loop1): enabling free space tree [ 1632.332865][ T29] audit: type=1800 audit(2000000269.259:594): pid=21082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3498" name="file2" dev="loop1" ino=261 res=0 errno=0 [ 1632.869683][T14249] Bluetooth: hci0: command tx timeout [ 1634.448293][T19509] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1634.605923][T21091] Bluetooth: MGMT ver 1.23 [ 1634.611950][T21091] Bluetooth: hci0: invalid length 0, exp 2 for type 21 [ 1634.908379][T10651] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1634.952141][T14249] Bluetooth: hci0: command tx timeout [ 1634.987231][T10651] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1635.289417][T10651] bond0 (unregistering): Released all slaves [ 1636.413314][ T29] audit: type=1804 audit(2000000273.439:595): pid=21104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.3506" name="/newroot/57/file0" dev="tmpfs" ino=331 res=1 errno=0 [ 1637.558074][T11812] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1637.571692][T11812] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1637.582187][T11812] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1638.289914][ T5834] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1638.301335][ T5834] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1639.546732][T21127] loop9: detected capacity change from 0 to 32768 [ 1639.591048][T10651] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1639.600111][T21127] ocfs2: Slot 0 on device (7,9) was already allocated to this node! [ 1639.613241][T21127] OCFS2: ERROR (device loop9): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #72: inline data i_size 50331960 exceeds id_count 312 [ 1639.635182][T21127] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 1639.645761][T21127] OCFS2: File system is now read-only. [ 1639.651447][T21127] (syz.9.3509,21127,1):ocfs2_read_locked_inode:599 ERROR: status = -30 [ 1639.660989][T21127] (syz.9.3509,21127,1):_ocfs2_get_system_file_inode:144 ERROR: status = -30 [ 1639.670164][T21127] (syz.9.3509,21127,1):ocfs2_init_local_system_inodes:496 ERROR: status=-30, sysfile=7, slot=0 [ 1639.680700][T21127] (syz.9.3509,21127,1):ocfs2_init_local_system_inodes:505 ERROR: status = -30 [ 1639.689705][T21127] (syz.9.3509,21127,1):ocfs2_mount_volume:1758 ERROR: status = -30 [ 1639.698557][T21127] (syz.9.3509,21127,1):ocfs2_fill_super:1177 ERROR: status = -30 [ 1639.756085][T10651] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1639.768817][T10651] bond0 (unregistering): Released all slaves [ 1639.926121][T21024] wg1 speed is unknown, defaulting to 1000 [ 1640.309776][T14249] Bluetooth: hci6: command 0x0406 tx timeout [ 1640.618018][T21136] loop9: detected capacity change from 0 to 4096 [ 1640.724406][T14249] Bluetooth: hci5: command tx timeout [ 1640.854578][T21134] ntfs3: Unknown parameter '' [ 1640.948911][T21114] wg1 speed is unknown, defaulting to 1000 [ 1641.158028][T21139] loop1: detected capacity change from 0 to 40427 [ 1641.179829][T21139] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(2) root(1) [ 1641.187561][T21139] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1641.204692][T21139] F2FS-fs (loop1): invalid crc value [ 1641.291636][T21139] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1641.301445][T21139] F2FS-fs (loop1): Start checkpoint disabled! [ 1641.344730][T21139] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0 [ 1641.357319][T21139] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1641.365941][T21139] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 1642.214610][T21137] loop5: detected capacity change from 0 to 32768 [ 1642.236991][T21137] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3511 (21137) [ 1642.376693][T21137] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1642.407723][T21137] BTRFS info (device loop5): using sha256 checksum algorithm [ 1642.982956][T11812] Bluetooth: hci5: command tx timeout [ 1643.075800][T21137] BTRFS info (device loop5): enabling ssd optimizations [ 1643.192286][T21137] BTRFS info (device loop5): turning on async discard [ 1643.282543][T21137] BTRFS info (device loop5): enabling free space tree [ 1643.745034][T19521] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1645.159235][T11812] Bluetooth: hci5: command tx timeout [ 1645.550093][T21181] loop1: detected capacity change from 0 to 128 [ 1645.603271][T21181] EXT4-fs (loop1): Test dummy encryption mode enabled [ 1645.655580][T21181] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1645.713176][T21181] ext4 filesystem being mounted at /61/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1645.735879][T10651] hsr_slave_0: left promiscuous mode [ 1645.801289][T10651] hsr_slave_1: left promiscuous mode [ 1645.827917][T10651] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1645.878362][T21187] loop5: detected capacity change from 0 to 2048 [ 1645.930192][T10651] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1645.949713][T21187] UDF-fs: error (device loop5): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 1645.968476][T21187] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found [ 1645.977083][T21187] UDF-fs: Scanning with blocksize 512 failed [ 1646.129766][T21187] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1646.296768][ T29] audit: type=1800 audit(2000000283.199:596): pid=21187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3518" name="file1" dev="loop5" ino=838 res=0 errno=0 [ 1646.521214][T10651] hsr_slave_0: left promiscuous mode [ 1646.582138][T10651] hsr_slave_1: left promiscuous mode [ 1646.616954][T10651] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1646.670573][T10651] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1646.941898][T10651] veth1_macvtap: left promiscuous mode [ 1646.947490][T10651] veth0_macvtap: left promiscuous mode [ 1646.980365][T10651] veth1_vlan: left promiscuous mode [ 1647.011763][T10651] veth0_vlan: left promiscuous mode [ 1647.073747][T10651] veth1_macvtap: left promiscuous mode [ 1647.079244][T10651] veth0_macvtap: left promiscuous mode [ 1647.109673][T10651] veth1_vlan: left promiscuous mode [ 1647.115144][T10651] veth0_vlan: left promiscuous mode [ 1647.190338][T11812] Bluetooth: hci5: command tx timeout [ 1647.266391][T19509] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1647.472022][T21192] loop5: detected capacity change from 0 to 32768 [ 1647.484472][T21192] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3521 (21192) [ 1648.713959][T21192] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1648.724121][T21192] BTRFS info (device loop5): using sha256 checksum algorithm [ 1650.103882][T21192] BTRFS info (device loop5): enabling ssd optimizations [ 1650.112257][T21192] BTRFS info (device loop5): turning on async discard [ 1650.119064][T21192] BTRFS info (device loop5): enabling free space tree [ 1650.527168][ T29] audit: type=1800 audit(2000000287.539:597): pid=21217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3521" name="file2" dev="loop5" ino=261 res=0 errno=0 [ 1651.059951][T21039] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 1651.301080][T21039] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1651.319678][T21039] usb 6-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1651.368726][T21039] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1651.389815][T21039] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1651.397856][T21039] usb 6-1: Product: syz [ 1651.420636][T21039] usb 6-1: Manufacturer: syz [ 1651.443715][T21039] usb 6-1: SerialNumber: syz [ 1653.120575][T21039] cdc_ncm 6-1:1.0: bind() failure [ 1653.132341][T21039] cdc_ncm 6-1:1.1: probe with driver cdc_ncm failed with error -71 [ 1653.141763][T21039] cdc_mbim 6-1:1.1: probe with driver cdc_mbim failed with error -71 [ 1653.151817][T21039] usbtest 6-1:1.1: probe with driver usbtest failed with error -71 [ 1653.166313][T21039] usb 6-1: USB disconnect, device number 12 [ 1653.407355][T21231] loop9: detected capacity change from 0 to 32768 [ 1653.471023][T21231] BTRFS info: device /dev/loop9 (7:9) using temp-fsid e7fb6001-2164-4a7e-8b0b-bfa5b600c314 [ 1653.481996][T21231] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.3526 (21231) [ 1653.499734][T21231] BTRFS info (device loop9): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1653.501608][T19521] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1653.510292][T21231] BTRFS info (device loop9): using sha256 checksum algorithm [ 1653.739035][T21231] BTRFS info (device loop9): enabling ssd optimizations [ 1653.749569][T21231] BTRFS info (device loop9): turning on async discard [ 1653.758019][T21231] BTRFS info (device loop9): enabling free space tree [ 1654.456593][ T29] audit: type=1800 audit(2000000291.119:598): pid=21248 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.3526" name="file2" dev="loop9" ino=261 res=0 errno=0 [ 1656.976823][T10651] team0 (unregistering): Port device team_slave_1 removed [ 1657.122743][T17965] BTRFS info (device loop9): last unmount of filesystem e7fb6001-2164-4a7e-8b0b-bfa5b600c314 [ 1657.240857][T21266] loop5: detected capacity change from 0 to 32768 [ 1657.815169][T21270] usb usb8: usbfs: process 21270 (syz.1.3537) did not claim interface 0 before use [ 1657.827316][T21270] blktrace: Concurrent blktraces are not allowed on loop7 [ 1657.846918][T21266] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3538 (21266) [ 1657.916833][T21266] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1657.927545][T21266] BTRFS info (device loop5): using sha256 checksum algorithm [ 1657.943713][T21267] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1658.245332][T10651] team0 (unregistering): Port device team_slave_0 removed [ 1658.417674][T21266] BTRFS info (device loop5): enabling ssd optimizations [ 1658.424935][T21266] BTRFS info (device loop5): turning on async discard [ 1658.432175][T21266] BTRFS info (device loop5): enabling free space tree [ 1658.804242][ T29] audit: type=1800 audit(2000000295.809:599): pid=21287 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3538" name="file2" dev="loop5" ino=261 res=0 errno=0 [ 1659.930210][T21291] PKCS7: Unknown OID: [4] 0.38.107.217331280.32(bad) [ 1659.937548][T21291] PKCS7: Only support pkcs7_signedData type [ 1660.830347][T19521] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1661.614692][ T29] audit: type=1326 audit(2000000298.539:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21294 comm="syz.5.3531" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7faf0439aeb9 code=0x0 [ 1662.235448][T21303] loop1: detected capacity change from 0 to 2048 [ 1663.238648][T21303] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 1663.252158][T21303] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 1663.259917][T21303] UDF-fs: Scanning with blocksize 512 failed [ 1663.360375][T21303] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1663.447354][ T29] audit: type=1800 audit(2000000300.419:601): pid=21303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3530" name="file1" dev="loop1" ino=838 res=0 errno=0 [ 1663.514866][T11812] Bluetooth: hci5: command tx timeout [ 1664.062108][T21310] loop5: detected capacity change from 0 to 32768 [ 1664.070591][T21310] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3534 (21310) [ 1664.161196][T21310] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1664.171367][T21310] BTRFS info (device loop5): using sha256 checksum algorithm [ 1664.458092][T21310] BTRFS info (device loop5): enabling ssd optimizations [ 1664.465219][T21310] BTRFS info (device loop5): turning on async discard [ 1664.472221][T21310] BTRFS info (device loop5): enabling free space tree [ 1664.792003][ T29] audit: type=1800 audit(2000000301.799:602): pid=21331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3534" name="file2" dev="loop5" ino=261 res=0 errno=0 [ 1665.669664][ T6472] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 1665.844713][ T6472] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1665.888666][ T6472] usb 6-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1665.944006][ T6472] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1665.983861][ T6472] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1666.003260][ T6472] usb 6-1: Product: syz [ 1666.007468][ T6472] usb 6-1: Manufacturer: syz [ 1666.020066][ T6472] usb 6-1: SerialNumber: syz [ 1666.074921][T21327] loop9: detected capacity change from 0 to 32768 [ 1666.118259][T21327] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz" [ 1666.166335][T21327] dlm: no local IP address has been set [ 1666.191694][T21327] dlm: cannot start dlm midcomms -107 [ 1666.197227][T21327] gfs2: fsid=syz:syz: dlm_new_lockspace error -107 [ 1666.889927][T17178] usb 2-1: new full-speed USB device number 8 using dummy_hcd [ 1667.131451][T17178] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1667.179767][T17178] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 1667.216116][T17178] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 1667.227826][T17178] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1667.406660][T17178] usb 2-1: config 0 descriptor?? [ 1667.420399][T17178] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 1667.427222][T17178] dvb-usb: bulk message failed: -22 (3/0) [ 1667.462822][T17178] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 1667.487956][T17178] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 1667.495956][T17178] usb 2-1: media controller created [ 1667.504532][T17178] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1667.529315][T17178] dvb-usb: bulk message failed: -22 (6/0) [ 1667.554371][T17178] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 1667.570549][T17178] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input23 [ 1667.587137][T17178] dvb-usb: schedule remote query interval to 150 msecs. [ 1667.595037][T17178] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 1667.730780][T21338] dvb-usb: bulk message failed: -22 (2/0) [ 1667.748460][ T5943] usb 2-1: USB disconnect, device number 8 [ 1668.012222][ T6472] cdc_ncm 6-1:1.0: failed GET_NTB_PARAMETERS [ 1668.018789][ T6472] cdc_ncm 6-1:1.0: bind() failure [ 1668.032732][T17178] dvb-usb: bulk message failed: -22 (1/0) [ 1668.072013][T17178] dvb-usb: error while querying for an remote control event. [ 1668.195303][ T6472] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found [ 1668.220837][ T6472] cdc_ncm 6-1:1.1: bind() failure [ 1668.222595][T19521] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1668.299407][ T5943] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 1668.316507][ T6472] usb 6-1: USB disconnect, device number 13 [ 1668.972367][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1669.440536][T21350] usb usb8: usbfs: process 21350 (syz.1.3540) did not claim interface 0 before use [ 1669.450694][T21350] blktrace: Concurrent blktraces are not allowed on loop7 [ 1669.458813][T21349] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1669.646861][T10651] team0 (unregistering): Port device team_slave_1 removed [ 1669.851327][T10651] team0 (unregistering): Port device team_slave_0 removed [ 1670.596156][T21361] RDS: rds_bind could not find a transport for fc00::1, load rds_tcp or rds_rdma? [ 1670.714409][T21361] loop1: detected capacity change from 0 to 4096 [ 1671.562554][T16339] ntfs3(loop1): ino=5, mi_enum_attr [ 1672.985313][T21114] chnl_net:caif_netlink_parms(): no params data found [ 1673.234517][T17178] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 1673.305630][T21024] chnl_net:caif_netlink_parms(): no params data found [ 1673.428428][T17178] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 0, changing to 4 [ 1673.479795][T17178] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1673.524930][T17178] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1673.546613][T17178] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 1673.596356][T17178] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 1673.681503][T21387] IPVS: set_ctl: invalid protocol: 2 10.1.1.2:20001 [ 1673.706494][T21387] IPVS: sh: FWM 3 0x00000003 - no destination available [ 1673.713817][ C0] IPVS: sh: FWM 3 0x00000003 - no destination available [ 1674.214320][T17178] usb 2-1: Product: syz [ 1674.218546][T17178] usb 2-1: Manufacturer: syz [ 1674.223305][T17178] usb 2-1: SerialNumber: syz [ 1674.231498][T17178] usb 2-1: config 0 descriptor?? [ 1674.257780][T17178] usb 2-1: selecting invalid altsetting 0 [ 1674.314003][T21389] netlink: 72 bytes leftover after parsing attributes in process `syz.5.3549'. [ 1674.553200][T21379] loop1: detected capacity change from 0 to 256 [ 1675.127732][T21399] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3550'. [ 1675.136958][T21399] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3550'. [ 1676.556684][T21401] snd-usb-audio 2-1:0.0: Runtime PM usage count underflow! [ 1676.708613][T21405] usb usb8: usbfs: process 21405 (syz.9.3551) did not claim interface 0 before use [ 1676.720834][T21405] blktrace: Concurrent blktraces are not allowed on loop7 [ 1677.148922][T21402] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1677.199704][T17180] usb 2-1: USB disconnect, device number 9 [ 1677.258386][T21114] bridge0: port 1(bridge_slave_0) entered blocking state [ 1677.289613][T21114] bridge0: port 1(bridge_slave_0) entered disabled state [ 1677.329166][T21114] bridge_slave_0: entered allmulticast mode [ 1677.371128][T21114] bridge_slave_0: entered promiscuous mode [ 1677.454002][T21024] bridge0: port 1(bridge_slave_0) entered blocking state [ 1677.492058][T19842] udevd[19842]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1677.508178][T21024] bridge0: port 1(bridge_slave_0) entered disabled state [ 1677.526851][T21024] bridge_slave_0: entered allmulticast mode [ 1677.570759][T21024] bridge_slave_0: entered promiscuous mode [ 1678.049222][T21410] loop1: detected capacity change from 0 to 64 [ 1678.238371][ T29] audit: type=1800 audit(2000000315.229:603): pid=21410 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3552" name="file1" dev="loop1" ino=22 res=0 errno=0 [ 1678.335797][T21114] bridge0: port 2(bridge_slave_1) entered blocking state [ 1679.131874][T19509] hfs: node 4:3 still has 1 user(s)! [ 1679.138198][T21114] bridge0: port 2(bridge_slave_1) entered disabled state [ 1679.166187][T21114] bridge_slave_1: entered allmulticast mode [ 1679.273259][T21114] bridge_slave_1: entered promiscuous mode [ 1679.280921][T21024] bridge0: port 2(bridge_slave_1) entered blocking state [ 1679.288494][T21024] bridge0: port 2(bridge_slave_1) entered disabled state [ 1679.296385][T21024] bridge_slave_1: entered allmulticast mode [ 1679.339149][T21024] bridge_slave_1: entered promiscuous mode [ 1679.473324][T21416] loop1: detected capacity change from 0 to 32768 [ 1679.490119][T21416] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3554 (21416) [ 1679.510036][T21416] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1679.520196][T21416] BTRFS info (device loop1): using sha256 checksum algorithm [ 1679.648750][T21416] BTRFS info (device loop1): enabling ssd optimizations [ 1679.656906][T21416] BTRFS info (device loop1): turning on async discard [ 1679.663773][T21416] BTRFS info (device loop1): enabling free space tree [ 1679.684153][T21114] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1679.760910][T21114] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1680.316239][ T29] audit: type=1800 audit(2000000317.089:604): pid=21435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3554" name="file2" dev="loop1" ino=261 res=0 errno=0 [ 1681.771867][T21024] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1681.848484][T21024] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1681.998408][T10651] IPVS: stop unused estimator thread 0... [ 1682.027381][T21024] team0: Port device team_slave_0 added [ 1682.037906][T21114] team0: Port device team_slave_0 added [ 1682.047974][T21024] team0: Port device team_slave_1 added [ 1682.122162][T21114] team0: Port device team_slave_1 added [ 1682.276003][T21024] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1682.300406][T21024] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1682.350699][T21024] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1682.403201][T21024] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1682.419622][T21024] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1682.469941][T21024] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1682.491683][T21114] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1682.498664][T21114] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1682.559783][T21114] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1682.618004][T21114] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1682.625400][T21114] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1682.653522][T21114] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1682.667483][T10651] bridge_slave_1: left allmulticast mode [ 1682.673663][T10651] bridge_slave_1: left promiscuous mode [ 1682.680105][T10651] bridge0: port 2(bridge_slave_1) entered disabled state [ 1682.696620][T10651] bridge_slave_0: left allmulticast mode [ 1682.702679][T10651] bridge_slave_0: left promiscuous mode [ 1682.708801][T10651] bridge0: port 1(bridge_slave_0) entered disabled state [ 1682.743409][T10651] bridge_slave_1: left allmulticast mode [ 1682.755916][T10651] bridge_slave_1: left promiscuous mode [ 1682.773885][T10651] bridge0: port 2(bridge_slave_1) entered disabled state [ 1682.804313][T10651] bridge_slave_0: left allmulticast mode [ 1682.815643][T10651] bridge_slave_0: left promiscuous mode [ 1682.854069][T19509] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1682.864720][T10651] bridge0: port 1(bridge_slave_0) entered disabled state [ 1684.691116][T10651] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1684.941144][T21464] RDS: rds_bind could not find a transport for fc00::1, load rds_tcp or rds_rdma? [ 1685.011961][T14249] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1685.033167][T14249] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1685.046628][T14249] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1685.063140][T14249] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1685.075610][T14249] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1685.417307][T21464] loop9: detected capacity change from 0 to 4096 [ 1685.421456][T21466] usb usb8: usbfs: process 21466 (syz.1.3561) did not claim interface 0 before use [ 1685.505228][T21466] blktrace: Concurrent blktraces are not allowed on loop7 [ 1685.829736][T21460] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1686.060658][T10651] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1686.120545][T10651] bond0 (unregistering): Released all slaves [ 1686.416820][T21470] 9pnet_virtio: no channels available for device syz [ 1687.191687][T14249] Bluetooth: hci3: command tx timeout [ 1687.518332][T21472] comedi comedi3: comedi_config --init_data is deprecated [ 1688.068254][T21474] loop5: detected capacity change from 0 to 256 [ 1688.199607][T21474] exfat: Deprecated parameter 'namecase' [ 1688.205424][T21474] exfat: Bad value for 'gid' [ 1688.245672][T21474] exfat: Bad value for 'gid' [ 1688.493335][ T77] ntfs3(loop9): ino=5, mi_enum_attr [ 1689.196581][T21485] loop9: detected capacity change from 0 to 32768 [ 1689.204932][T21485] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.3565 (21485) [ 1689.279569][T14249] Bluetooth: hci3: command tx timeout [ 1689.310756][T10651] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1689.396025][T21485] BTRFS info (device loop9): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1689.408617][T21485] BTRFS info (device loop9): using sha256 checksum algorithm [ 1690.034892][T10651] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1690.142928][T21485] BTRFS info (device loop9): enabling ssd optimizations [ 1690.150488][T21485] BTRFS info (device loop9): turning on async discard [ 1690.157242][T21485] BTRFS info (device loop9): enabling free space tree [ 1690.497564][ T29] audit: type=1800 audit(2000000327.509:605): pid=21513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.3565" name="file2" dev="loop9" ino=261 res=0 errno=0 [ 1690.996629][T10651] bond0 (unregistering): Released all slaves [ 1691.353742][T14249] Bluetooth: hci3: command tx timeout [ 1691.462988][T10651] hsr_slave_0: left promiscuous mode [ 1691.515624][T10651] hsr_slave_1: left promiscuous mode [ 1691.528315][T10651] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1691.573085][T10651] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1691.588870][T10651] hsr_slave_0: left promiscuous mode [ 1691.612591][T10651] hsr_slave_1: left promiscuous mode [ 1691.626153][T10651] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1691.650547][T10651] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1692.575710][T17965] BTRFS info (device loop9): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1693.612078][T21519] loop1: detected capacity change from 0 to 32768 [ 1693.620223][T14249] Bluetooth: hci3: command tx timeout [ 1693.681457][T21519] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz" [ 1693.689439][T21519] dlm: no local IP address has been set [ 1693.695078][T21519] dlm: cannot start dlm midcomms -107 [ 1693.700505][T21519] gfs2: fsid=syz:syz: dlm_new_lockspace error -107 [ 1694.328566][T21532] usb usb8: usbfs: process 21532 (syz.5.3571) did not claim interface 0 before use [ 1694.341615][T21532] blktrace: Concurrent blktraces are not allowed on loop7 [ 1694.511526][T21528] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1694.813611][T21536] comedi comedi3: comedi_config --init_data is deprecated [ 1694.901568][T21539] x_tables: ip6_tables: socket match: used from hooks FORWARD, but only valid from PREROUTING/INPUT [ 1695.113548][T10651] team0 (unregistering): Port device team_slave_1 removed [ 1695.521334][T10651] team0 (unregistering): Port device team_slave_0 removed [ 1697.337213][T11812] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1697.388891][T11812] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1697.400580][T11812] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1697.408309][T11812] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1697.416395][T11812] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1699.154144][T21567] loop9: detected capacity change from 0 to 32768 [ 1699.162203][T21567] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.3577 (21567) [ 1699.180331][T21567] BTRFS info (device loop9): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1699.190503][T21567] BTRFS info (device loop9): using sha256 checksum algorithm [ 1699.308737][T21583] RDS: rds_bind could not find a transport for fc00::1, load rds_tcp or rds_rdma? [ 1699.439620][T11812] Bluetooth: hci0: command tx timeout [ 1699.449423][T21567] BTRFS info (device loop9): enabling ssd optimizations [ 1699.457059][T21567] BTRFS info (device loop9): turning on async discard [ 1699.463914][T21567] BTRFS info (device loop9): enabling free space tree [ 1699.480079][T21583] loop5: detected capacity change from 0 to 4096 [ 1700.379613][ T29] audit: type=1800 audit(2000000336.859:606): pid=21587 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.3577" name="file2" dev="loop9" ino=261 res=0 errno=0 [ 1701.510196][T11812] Bluetooth: hci0: command tx timeout [ 1701.973731][T10651] team0 (unregistering): Port device team_slave_1 removed [ 1702.155043][T17965] BTRFS info (device loop9): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 1702.224512][T10651] team0 (unregistering): Port device team_slave_0 removed [ 1702.564181][T10665] ntfs3(loop5): ino=5, mi_enum_attr [ 1703.783966][T11812] Bluetooth: hci0: command tx timeout [ 1703.814131][T21604] usb usb8: usbfs: process 21604 (syz.1.3581) did not claim interface 0 before use [ 1703.826027][T21604] blktrace: Concurrent blktraces are not allowed on loop7 [ 1703.991322][T21601] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1704.258084][T21462] wg1 speed is unknown, defaulting to 1000 [ 1704.675845][T21612] overlayfs: missing 'lowerdir' [ 1704.699683][T21612] comedi comedi3: aio_iiro_16: I/O port conflict (0x4f27,8) [ 1706.305181][T11812] Bluetooth: hci0: command tx timeout [ 1707.274829][T21556] wg1 speed is unknown, defaulting to 1000 [ 1707.597402][T21626] loop9: detected capacity change from 0 to 4096 [ 1707.631698][T21627] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3587'. [ 1708.708217][T21462] chnl_net:caif_netlink_parms(): no params data found [ 1709.310550][T21645] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 1709.923009][T21462] bridge0: port 1(bridge_slave_0) entered blocking state [ 1709.943167][T21462] bridge0: port 1(bridge_slave_0) entered disabled state [ 1709.954605][T21462] bridge_slave_0: entered allmulticast mode [ 1709.962822][T21462] bridge_slave_0: entered promiscuous mode [ 1710.102555][T21462] bridge0: port 2(bridge_slave_1) entered blocking state [ 1710.119143][T21462] bridge0: port 2(bridge_slave_1) entered disabled state [ 1710.127101][T21462] bridge_slave_1: entered allmulticast mode [ 1710.135406][T21462] bridge_slave_1: entered promiscuous mode [ 1710.851357][T21462] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1710.916055][T21657] usb usb8: usbfs: process 21657 (syz.1.3593) did not claim interface 0 before use [ 1710.928393][T21657] blktrace: Concurrent blktraces are not allowed on loop7 [ 1711.045962][T21652] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1711.341385][T21462] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1711.380859][T21556] chnl_net:caif_netlink_parms(): no params data found [ 1711.589933][T21462] team0: Port device team_slave_0 added [ 1711.637852][T21462] team0: Port device team_slave_1 added [ 1712.375212][T21462] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1712.382328][T21462] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1712.414638][T21462] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1712.428297][T21462] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1712.435902][T21462] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1712.462978][T21462] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1712.673158][T21669] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3596'. [ 1712.829807][T21556] bridge0: port 1(bridge_slave_0) entered blocking state [ 1712.926703][T21556] bridge0: port 1(bridge_slave_0) entered disabled state [ 1713.017751][T21556] bridge_slave_0: entered allmulticast mode [ 1713.160026][T21556] bridge_slave_0: entered promiscuous mode [ 1714.615109][T21676] ALSA: mixer_oss: invalid OSS volume '' [ 1715.236651][T21462] hsr_slave_0: entered promiscuous mode [ 1715.250749][T21462] hsr_slave_1: entered promiscuous mode [ 1715.259132][T21679] loop5: detected capacity change from 0 to 512 [ 1715.279565][T21462] debugfs: 'hsr0' already exists in 'hsr' [ 1715.290326][T21679] EXT4-fs (loop5): can't mount with data=, fs mounted w/o journal [ 1715.298437][T21462] Cannot create hsr debugfs directory [ 1715.305399][T21556] bridge0: port 2(bridge_slave_1) entered blocking state [ 1715.313782][T21556] bridge0: port 2(bridge_slave_1) entered disabled state [ 1715.322271][T21556] bridge_slave_1: entered allmulticast mode [ 1715.331969][T21556] bridge_slave_1: entered promiscuous mode [ 1716.318288][T21684] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 1717.275363][T21556] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1717.345610][T21556] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1717.903330][T21556] team0: Port device team_slave_0 added [ 1717.936852][T21556] team0: Port device team_slave_1 added [ 1718.015354][T21556] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1718.022522][T21556] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1718.107411][T21556] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1718.136412][T21556] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1718.263470][T21556] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1718.366447][T21692] usb usb8: usbfs: process 21692 (syz.9.3603) did not claim interface 0 before use [ 1718.413394][T21692] blktrace: Concurrent blktraces are not allowed on loop7 [ 1718.756978][T21690] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 1718.777189][T21556] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1719.882908][T21556] hsr_slave_0: entered promiscuous mode [ 1720.091466][T21556] hsr_slave_1: entered promiscuous mode [ 1720.098043][T21556] debugfs: 'hsr0' already exists in 'hsr' [ 1720.127272][T21556] Cannot create hsr debugfs directory [ 1720.138598][T21705] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 1720.828319][T21462] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1720.852755][T10651] bridge_slave_1: left allmulticast mode [ 1720.866593][T10651] bridge_slave_1: left promiscuous mode [ 1720.915373][T10651] bridge0: port 2(bridge_slave_1) entered disabled state [ 1720.981268][T10651] bridge_slave_0: left allmulticast mode [ 1721.159912][T21723] usb usb8: usbfs: process 21723 (syz.5.3607) did not claim interface 0 before use [ 1721.679616][T10651] bridge_slave_0: left promiscuous mode [ 1721.744716][T10651] bridge0: port 1(bridge_slave_0) entered disabled state [ 1722.017018][T10651] gretap0: left allmulticast mode [ 1722.059600][T10651] gretap0: left promiscuous mode [ 1722.073057][T10651] bridge0: port 4(gretap0) entered disabled state [ 1722.141255][T10651] team0: left allmulticast mode [ 1722.146141][T10651] team_slave_0: left allmulticast mode [ 1722.200121][T10651] team_slave_1: left allmulticast mode [ 1722.226183][T10651] geneve0: left allmulticast mode [ 1722.312486][T10651] bridge0: port 3(team0) entered disabled state [ 1722.370795][T21733] loop1: detected capacity change from 0 to 64 [ 1722.400304][T10651] bridge_slave_1: left allmulticast mode [ 1722.434631][T10651] bridge_slave_1: left promiscuous mode [ 1722.457207][T10651] bridge0: port 2(bridge_slave_1) entered disabled state [ 1722.492038][T17178] usb 6-1: new full-speed USB device number 14 using dummy_hcd [ 1722.504466][T10651] bridge_slave_0: left allmulticast mode [ 1722.525038][T10651] bridge_slave_0: left promiscuous mode [ 1722.531745][T10651] bridge0: port 1(bridge_slave_0) entered disabled state [ 1722.556347][T10651] bridge_slave_1: left allmulticast mode [ 1722.569683][T10651] bridge_slave_1: left promiscuous mode [ 1722.576145][T10651] bridge0: port 2(bridge_slave_1) entered disabled state [ 1722.600660][T10651] bridge_slave_0: left allmulticast mode [ 1722.607207][T10651] bridge_slave_0: left promiscuous mode [ 1722.619798][T10651] bridge0: port 1(bridge_slave_0) entered disabled state [ 1722.661056][T21733] ------------[ cut here ]------------ [ 1722.667162][T21733] !buffer_uptodate(bh) [ 1722.667201][T21733] WARNING: fs/buffer.c:1184 at mark_buffer_dirty+0x299/0x3f0, CPU#0: syz.1.3609/21733 [ 1722.681519][T21733] Modules linked in: [ 1722.686154][T21733] CPU: 0 UID: 0 PID: 21733 Comm: syz.1.3609 Tainted: G L syzkaller #0 PREEMPT(full) [ 1722.698250][T21733] Tainted: [L]=SOFTLOCKUP [ 1722.702865][T21733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1722.708331][T17178] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1722.713396][T21733] RIP: 0010:mark_buffer_dirty+0x299/0x3f0 [ 1722.713477][T21733] Code: 4c 89 f7 e8 a9 45 da ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 c4 80 fb ff e8 3f e4 70 ff eb 8c e8 38 e4 70 ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 2a e4 70 ff 90 0f 0b 90 e9 cf fd ff ff [ 1722.713506][T21733] RSP: 0000:ffffc90003b2f608 EFLAGS: 00010283 [ 1722.713526][T21733] RAX: ffffffff82540548 RBX: ffff888034d481d0 RCX: 0000000000080000 [ 1722.765108][T21733] RDX: ffffc90013b5d000 RSI: 0000000000001a60 RDI: 0000000000001a61 [ 1722.773451][T21733] RBP: ffff888077ecc001 R08: ffff888034d481d7 R09: 1ffff110069a903a [ 1722.781559][T21733] R10: dffffc0000000000 R11: ffffed10069a903b R12: ffff88807ec50600 [ 1722.789646][T21733] R13: ffff8880570be9f8 R14: ffff888034d481d0 R15: 000000000000000a [ 1722.797680][T21733] FS: 00007f7fe89a56c0(0000) GS:ffff8881252a4000(0000) knlGS:0000000000000000 [ 1722.797793][T17178] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 1722.806925][T21733] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1722.806951][T21733] CR2: 0000200000003000 CR3: 000000002a21a000 CR4: 00000000003526f0 [ 1722.806972][T21733] Call Trace: [ 1722.806981][T21733] [ 1722.806993][T21733] bfs_get_block+0x5da/0xae0 [ 1722.807049][T21733] __block_write_begin_int+0x6c6/0x1910 [ 1722.807089][T21733] ? __pfx_bfs_get_block+0x10/0x10 [ 1722.807123][T21733] ? __pfx___block_write_begin_int+0x10/0x10 [ 1722.807155][T21733] ? __pfx_bfs_get_block+0x10/0x10 [ 1722.807184][T21733] block_write_begin+0x8d/0x120 [ 1722.807205][T21733] ? bfs_write_begin+0x1e/0xd0 [ 1722.807237][T21733] bfs_write_begin+0x35/0xd0 [ 1722.807270][T21733] generic_perform_write+0x2e2/0x8f0 [ 1722.807306][T21733] ? __pfx_generic_perform_write+0x10/0x10 [ 1722.870490][T17178] usb 6-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae [ 1722.873562][T21733] ? file_update_time_flags+0x219/0x4a0 [ 1722.878462][T17178] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1722.883738][T21733] ? __generic_file_write_iter+0xf9/0x230 [ 1722.883772][T21733] ? generic_file_write_iter+0x136/0x680 [ 1722.894528][T17178] usb 6-1: Product: syz [ 1722.899027][T21733] generic_file_write_iter+0x14a/0x680 [ 1722.908263][T17178] usb 6-1: Manufacturer: syz [ 1722.913054][T21733] ? add_lock_to_list+0xc7/0x100 [ 1722.919321][T17178] usb 6-1: SerialNumber: syz [ 1722.924467][T21733] ? __pfx_generic_file_write_iter+0x10/0x10 [ 1722.924510][T21733] ? lockdep_unlock+0x5d/0xd0 [ 1722.924530][T21733] ? __lock_acquire+0x146e/0x2cf0 [ 1722.924558][T21733] ? __pfx_aa_file_perm+0x10/0x10 [ 1722.924608][T21733] ? vfs_write+0x227/0xb90 [ 1722.924639][T21733] ? vfs_write+0x227/0xb90 [ 1722.978642][T21733] vfs_write+0x61d/0xb90 [ 1722.982986][T21733] ? __pfx_vfs_write+0x10/0x10 [ 1722.987765][T21733] ? __fget_files+0x2a/0x420 [ 1722.992410][T21733] ksys_write+0x150/0x270 [ 1722.996748][T21733] ? __pfx_ksys_write+0x10/0x10 [ 1723.001663][T21733] do_syscall_64+0xe2/0xf80 [ 1723.006161][T21733] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1723.012711][T21733] ? trace_irq_disable+0x37/0x100 [ 1723.017970][T21733] ? clear_bhb_loop+0x40/0x90 [ 1723.022667][T21733] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1723.028587][T21733] RIP: 0033:0x7f7fe7b9aeb9 [ 1723.033048][T21733] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1723.053139][T21733] RSP: 002b:00007f7fe89a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1723.061588][T21733] RAX: ffffffffffffffda RBX: 00007f7fe7e15fa0 RCX: 00007f7fe7b9aeb9 [ 1723.069637][T21733] RDX: 000000000000fecc RSI: 00002000000008c0 RDI: 0000000000000007 [ 1723.077601][T21733] RBP: 00007f7fe7c08c1f R08: 0000000000000000 R09: 0000000000000000 [ 1723.085746][T21733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1723.093725][T21733] R13: 00007f7fe7e16038 R14: 00007f7fe7e15fa0 R15: 00007fff79f7a098 [ 1723.101745][T21733] [ 1723.104764][T21733] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1723.112034][T21733] CPU: 0 UID: 0 PID: 21733 Comm: syz.1.3609 Tainted: G L syzkaller #0 PREEMPT(full) [ 1723.122963][T21733] Tainted: [L]=SOFTLOCKUP [ 1723.127735][T21733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1723.137774][T21733] Call Trace: [ 1723.141040][T21733] [ 1723.143956][T21733] vpanic+0x56c/0xa60 [ 1723.147944][T21733] ? __pfx__printk+0x10/0x10 [ 1723.152536][T21733] ? __pfx_vpanic+0x10/0x10 [ 1723.157092][T21733] ? is_bpf_text_address+0x292/0x2b0 [ 1723.162395][T21733] ? is_bpf_text_address+0x26/0x2b0 [ 1723.167584][T21733] panic+0xc5/0xd0 [ 1723.171294][T21733] ? __pfx_panic+0x10/0x10 [ 1723.175720][T21733] __warn+0x315/0x4a0 [ 1723.179688][T21733] ? mark_buffer_dirty+0x299/0x3f0 [ 1723.184790][T21733] ? mark_buffer_dirty+0x299/0x3f0 [ 1723.189896][T21733] __report_bug+0x29a/0x540 [ 1723.194914][T21733] ? filemap_get_entry+0xca/0x320 [ 1723.199987][T21733] ? mark_buffer_dirty+0x299/0x3f0 [ 1723.205089][T21733] ? __pfx___report_bug+0x10/0x10 [ 1723.210102][T21733] ? __pfx_folio_mark_accessed+0x10/0x10 [ 1723.215744][T21733] ? mark_buffer_dirty+0x299/0x3f0 [ 1723.220857][T21733] report_bug+0x16a/0x220 [ 1723.225186][T21733] ? mark_buffer_dirty+0x299/0x3f0 [ 1723.230375][T21733] ? mark_buffer_dirty+0x29b/0x3f0 [ 1723.235651][T21733] handle_bug+0x98/0x200 [ 1723.239986][T21733] exc_invalid_op+0x1a/0x50 [ 1723.244473][T21733] asm_exc_invalid_op+0x1a/0x20 [ 1723.249306][T21733] RIP: 0010:mark_buffer_dirty+0x299/0x3f0 [ 1723.255062][T21733] Code: 4c 89 f7 e8 a9 45 da ff 49 8b 3e be 40 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 c4 80 fb ff e8 3f e4 70 ff eb 8c e8 38 e4 70 ff 90 <0f> 0b 90 e9 a5 fd ff ff e8 2a e4 70 ff 90 0f 0b 90 e9 cf fd ff ff [ 1723.274748][T21733] RSP: 0000:ffffc90003b2f608 EFLAGS: 00010283 [ 1723.280903][T21733] RAX: ffffffff82540548 RBX: ffff888034d481d0 RCX: 0000000000080000 [ 1723.288860][T21733] RDX: ffffc90013b5d000 RSI: 0000000000001a60 RDI: 0000000000001a61 [ 1723.296816][T21733] RBP: ffff888077ecc001 R08: ffff888034d481d7 R09: 1ffff110069a903a [ 1723.304777][T21733] R10: dffffc0000000000 R11: ffffed10069a903b R12: ffff88807ec50600 [ 1723.312734][T21733] R13: ffff8880570be9f8 R14: ffff888034d481d0 R15: 000000000000000a [ 1723.320699][T21733] ? mark_buffer_dirty+0x298/0x3f0 [ 1723.326160][T21733] ? mark_buffer_dirty+0x298/0x3f0 [ 1723.331346][T21733] bfs_get_block+0x5da/0xae0 [ 1723.335937][T21733] __block_write_begin_int+0x6c6/0x1910 [ 1723.341476][T21733] ? __pfx_bfs_get_block+0x10/0x10 [ 1723.346690][T21733] ? __pfx___block_write_begin_int+0x10/0x10 [ 1723.352778][T21733] ? __pfx_bfs_get_block+0x10/0x10 [ 1723.357890][T21733] block_write_begin+0x8d/0x120 [ 1723.362726][T21733] ? bfs_write_begin+0x1e/0xd0 [ 1723.367487][T21733] bfs_write_begin+0x35/0xd0 [ 1723.372155][T21733] generic_perform_write+0x2e2/0x8f0 [ 1723.377432][T21733] ? __pfx_generic_perform_write+0x10/0x10 [ 1723.383236][T21733] ? file_update_time_flags+0x219/0x4a0 [ 1723.388788][T21733] ? __generic_file_write_iter+0xf9/0x230 [ 1723.394517][T21733] ? generic_file_write_iter+0x136/0x680 [ 1723.400166][T21733] generic_file_write_iter+0x14a/0x680 [ 1723.405693][T21733] ? add_lock_to_list+0xc7/0x100 [ 1723.410621][T21733] ? __pfx_generic_file_write_iter+0x10/0x10 [ 1723.416587][T21733] ? lockdep_unlock+0x5d/0xd0 [ 1723.421254][T21733] ? __lock_acquire+0x146e/0x2cf0 [ 1723.426722][T21733] ? __pfx_aa_file_perm+0x10/0x10 [ 1723.431768][T21733] ? vfs_write+0x227/0xb90 [ 1723.436187][T21733] ? vfs_write+0x227/0xb90 [ 1723.440630][T21733] vfs_write+0x61d/0xb90 [ 1723.444899][T21733] ? __pfx_vfs_write+0x10/0x10 [ 1723.449670][T21733] ? __fget_files+0x2a/0x420 [ 1723.454275][T21733] ksys_write+0x150/0x270 [ 1723.458615][T21733] ? __pfx_ksys_write+0x10/0x10 [ 1723.463469][T21733] do_syscall_64+0xe2/0xf80 [ 1723.467966][T21733] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1723.474013][T21733] ? trace_irq_disable+0x37/0x100 [ 1723.479108][T21733] ? clear_bhb_loop+0x40/0x90 [ 1723.483783][T21733] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1723.489662][T21733] RIP: 0033:0x7f7fe7b9aeb9 [ 1723.494066][T21733] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1723.513657][T21733] RSP: 002b:00007f7fe89a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1723.522057][T21733] RAX: ffffffffffffffda RBX: 00007f7fe7e15fa0 RCX: 00007f7fe7b9aeb9 [ 1723.530016][T21733] RDX: 000000000000fecc RSI: 00002000000008c0 RDI: 0000000000000007 [ 1723.537974][T21733] RBP: 00007f7fe7c08c1f R08: 0000000000000000 R09: 0000000000000000 [ 1723.545933][T21733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1723.553901][T21733] R13: 00007f7fe7e16038 R14: 00007f7fe7e15fa0 R15: 00007fff79f7a098 [ 1723.561876][T21733] [ 1723.565341][T21733] Kernel Offset: disabled [ 1723.569660][T21733] Rebooting in 86400 seconds..