last executing test programs:

15m59.018441871s ago: executing program 32 (id=43):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6(0xa, 0x5, 0x0)
listen(r1, 0x2)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r4 = fcntl$dupfd(r1, 0x406, r0)
recvmmsg(r4, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}, 0x60000}], 0x1, 0x0, 0x0)

15m26.182856987s ago: executing program 33 (id=168):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x238, &(0x7f00000002c0)={0x0, 0x4533, 0x10100}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000340)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4})
io_uring_enter(r2, 0x2ded, 0xe3c5, 0x0, 0x0, 0x0)
r5 = syz_open_dev$evdev(&(0x7f0000000800), 0x0, 0x0)
read(r5, &(0x7f0000000140)=""/109, 0x6d)

15m0.64825805s ago: executing program 34 (id=248):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0x202, 0x2)
fanotify_mark(r1, 0x11, 0x4800001b, r0, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
r2 = fanotify_init(0x200, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000c80)='./file1\x00', 0x800, 0x8)
fanotify_mark(r2, 0x455, 0x8000003, r3, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r4, 0xffffffffffffffff, 0x0)

14m51.942674274s ago: executing program 6 (id=274):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x150, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in6=@rand_addr=' \x01\x00', @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x4e21, 0x2, 0x0, 0x0, 0x0, 0x6c, 0x0, 0xee00}, {@in6=@private1, 0xfe, 0x32}, @in=@multicast2, {0x0, 0x0, 0x0, 0x8, 0xffffffff00000001, 0x0, 0x80000001, 0x543}, {0x4, 0x7fffffffffffffff, 0x0, 0x1}, {}, 0x70bd2c, 0x3500, 0x2, 0x0, 0x0, 0x50}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "210466d38547aa140db9a200000000c538c7cb7a"}}]}, 0x150}, 0x1, 0x0, 0x0, 0x880}, 0x2000)

14m50.701525549s ago: executing program 6 (id=276):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x70cb0}], 0xc}, 0x1f00)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x2c}, [@ldst={0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1010000}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xb682, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x2, 0xa00, 0x3, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0xe}, 0x0, &(0x7f0000000300)={0x3ff, 0x7e7, 0x0, 0x9, 0x4, 0x0, 0x7fffffff, 0x3f8}, 0x0, 0x0)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)

14m49.631345503s ago: executing program 6 (id=281):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040), 0x6)
clock_settime(0x0, &(0x7f0000000240)={0x77359400})
clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0x9, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x0, 0xae, 0x6, 0x7, 0x4, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x6, 0x0, 0x100, 0x4, 0x2, 0x5, 0x3, 0x8, 0x8})
clock_adjtime(0x0, &(0x7f0000000900)={0x6, 0xe, 0xf, 0x0, 0xf, 0x8000000000000000, 0xa, 0x2, 0x6, 0x2, 0x4, 0x8000000000000000, 0xc, 0x9, 0x7, 0x9, 0x7, 0x3, 0x8, 0xfffffffffffffffa, 0x0, 0x5, 0x8, 0x7, 0x5, 0x6})
dup3(r1, r0, 0x80000)

14m47.049506422s ago: executing program 6 (id=291):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000680)={[{@test_dummy_encryption}, {@jqfmt_vfsv1}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x3, 0x460, &(0x7f00000008c0)="$eJzs3MtvVNUfAPDvve2UX38FWxFf4KOKRuKjpYDKwoUaTVxgYqILXU7aQpAChtZESBOLC1wZY+LeuPRfcKUbY1yZuNW9ISGGjeBqzJ25t/NgZvpgpoPM55MMfM99zDnfuffMnHvPTAMYWtPZP0nE7oj4PSIma8XmDaZr/924vjp/8/rqfBKVyrt/JdXt/r6+Ol9sWuw30ViIJA60qXf54qUz5aWlxQt5eXbl7EezyxcvvXD6bPnU4qnFc0eOHz92dO7ll4682JM8JyLNo7c++OrtE1805d+SR49Md1v5dKXS4+oGa09DnIwOsCFsyUhEZIerVO3/kzES9YM3GW9+tl74dEANBPqmUqlUJjqvXqsAd7Ekmsu6PAyL4oO+uP5tdx38at9GH4N37bXaBVCW9438UVszun7HoNRyfdtL0xHx/to/32SP6M99CACAJj9k45/ns9HO6nw29qiPP9J4oGG7e/K5oamIuDci9kbEfXEu9kXE/RHVbR+MiIe2WH/rJMmt45/06rYS26Rs/PdKPrfVPP4rRn8xNZKX9lTzLyUnTy8tHs5fk0NR2pWV57rU8eMbv33ZaV3j+C97ZPUXY8G8HVdHdzXvs1BeKd9Ozo2uXY7YP9ou/2R9JiCJiIcjYn+7J0g3ruP0s9890mndxvl30YN5psq3Ec/Ujv9atORfSLrPT87+L5YWD88WZ8Wtfvn1yjud6r+t/HsgO/7/b3v+r+c/lTTO1y5vvY4rf3ze8ZpmO+f/WnmlPJa8V43H8mWflFdWLsxFjCUnao1uXH6kvm9RLrbP8j90sH3/3xv1V+JARGQn8aMR8VhEPJ63/YmIeDIiDnbJ/+fXn/qwddn4pvPvryz/hS0d/3owFq1L2gcjZ376vqnSqXqY53+z+/E/Vo0O5Us28/63mXZt72wGAACA/540InZHks6sx2k6M1P7Dv++iHTp/PLKcyfPf3xuofYbgakopcWdrsmG+6Fz+WV9rXw5ImpfLSjWH420et/465Hxanlm/vzSwqCThyE30aH/Z/4cGXTrgL7zey0YXvo/DK+u/b+0c+0Adt4t/b9rn9/V17YAO6vN5//4INoB7Lx2439/7weGQ0v/N+0HQ8T9fxhe+j8ML/0fhtLyeGz8I/muQfFM29z9rg2idEc0o29BpHdEMwR9Cgb7vgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAr/wYAAP//HtbacA==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x206e)

14m46.175677481s ago: executing program 6 (id=294):
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b3d090987f70e06d038e7ff7fc6e5539b0d480e8b089b3f350068090890e0878f0e1ac6e7049b336d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d076d0936cd3b78130daa61d8e8040000005802b77f07227227b7fa67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e9871540000000000004ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e4843e2808d4743b95bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c6f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20e8911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab9d6203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edcad74b221cfec48000000000000000d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea50000000000000068987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c10900df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d8008d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c46bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78bb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bf340b17cfcfd9c52c9711937f79abb1a124f121fc65483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4f01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8650000878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95a498b562d71565f924779ca1f731b3346ff177050373d79ff7bc1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f79a598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015a08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b686081b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24ae918423922e4e0167584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f13a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307f561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffe40}}, 0x1047)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x4, 0x80100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x3d}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x7d}, @exit={0x95, 0x0, 0x33}], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xb8000000}, 0x70)

14m45.560163879s ago: executing program 6 (id=298):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
syz_open_dev$MSR(&(0x7f0000000040), 0x100000001, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETA(r1, 0x560a, &(0x7f0000001040)={0x0, 0x3, 0x0, 0x20, 0x2, "08000000f28f00"})

14m44.866261987s ago: executing program 35 (id=298):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
syz_open_dev$MSR(&(0x7f0000000040), 0x100000001, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETA(r1, 0x560a, &(0x7f0000001040)={0x0, 0x3, 0x0, 0x20, 0x2, "08000000f28f00"})

12m32.338281289s ago: executing program 1 (id=756):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x1244, &(0x7f00000004c0)={0x0, 0xd5a5, 0x1, 0x1, 0x147}, &(0x7f0000000400)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0xdfffffffffffffff, &(0x7f0000000340)=[0xffffffffffffffff], 0x1, 0x0, 0x1})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)

12m29.892237157s ago: executing program 1 (id=764):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x800000002, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x3, 0x1)
shutdown(r1, 0x0)
recvmmsg(r1, &(0x7f0000008880), 0x45b, 0x2, 0x0)

12m27.234256674s ago: executing program 1 (id=775):
r0 = socket$kcm(0x29, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001cc0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123f51c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e3962dcddef6af1a11972a6b4975022278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd0971d379380bf63432872cfed453870000b219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d3f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a74e04bde740750fa4d9aaa705989b8e673e3296e52d3112874ec51d6fe048ba6866adebab53168770a71ad901ace383e7927de217d6bf74daf41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafce5c1b3f97a297c9e490f241999085afabdd529f62ca0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637f99f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec737555392a0b06491cba71f897144910fe050038ec9e475e89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb6179d257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0117c9b737b9b59418006c1bc1aafa2768e82597251e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b101000f49e298727340e87cdefb40e56e9cfad973347d0de7ba4754ff231a1b933d8f931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf444b032dad13007b82e6044f643fc8cd07a97e2bbe636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935f602325984386b21b96492ae662082b56cf666e63a757c0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e71338a40c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2603bfab96831957a08e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d01af43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0fd9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627ebe92d48aa5fc0a7bf1b5108b34d22ad004de8274c22c8ba823d964969c9f02bb78c598fa8701b000884de710b54e5ab2e8ff0c7ae23e0b601ac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105b65007c8ff1f00a8ce7e31f7c9c3e3fa61aab967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa1904122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700ba363ca3182105960bef3378a980000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450cfe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c32e4f1f22af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b404797056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa58291c4eb9d4e08ad7a9c5f04be1ab59719a8200007bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b7f76c78ba0b44ec0bdfa0d32d7030000003a073b12eb579032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e02b7cd25385f3b9628471b4364987b0b2c82a8b0f976387ebb62ead0e1b761e6ec9b824fe006ea52c0c469e3bd8fed05a486bd5511144ebb63d56d61da5fcb58e196a8923edaf228b0cb96b856b15c90b154494fb0cff768b3417fcc89acb9b9b4f8581c82ff3121b5920f4e71508eea4341ec618f4d9110928ea8dd17e36f3beb0c07d911c00eb4054ad48cab563c5ad97d732c3653635df7600091973d44ff94ac6d670ecc085501bd91b586adf858b41d918fd58f8577adb541857dbbf33be97c4809c6595ebfff19b34cec7fd877e8f2aad6a1a6a4ec6dbb3de42bb2e75b4768d139d7b7ff5d51e6863b6704901b59fd92495608395fce98c267a3846b67e7a5b57d995e07dca8db555aea5a0f6f1cd85d791f22d06ff37fcbb22b2d9296b36faee22e513b276fc8494ce31699343278aa8f531ee549d2ba495059c80d5748d8a0cb19df27338aaafbf0849c31572d17a786383b3f619212651a076e5148fa6421f5405e65ee31e6fbd510d92c17fe12a7f203066848e2a9adef66ad7ae8edea20fb8c7233de3736949e15b88699c2f8576060cf95d2593828abde6e2eed2a717655782ae9e589f5de9792c810ec07a842bca96e594f13211eae7ee1919b7af1e33ff726792cbb1366fb8a3684370e35122b0ad40f55846ca7d39cf6f9a1cfa5460f537e89e1c5f3cd10a3d8ae3ecec0c7e4114aec30742d88f313d74447723808da0889e34b31c13a79b8bb105cdcb234d56246bbf003c0ad03ff20f573df9604720d652b0a0cc5d90a284b5c7824bfdc4e3f18eaf9820ffbd8c4f32c8de631c181ab76505dac753fec759b0414cb3c5dfa02b6a3b93ff79bcf8c613b4a9124923e7e6ce74266fd78564000000000ce0d3ac2350502cf4a410152ee893d57622bee2b52df83cd30b4ae17d507fba05e7055db7e6d4cfc085773b900ca50bee4d49529f24bab389fb87fbb481340e8ce1810727212dc5e96d99de07611cb588a5d8b5c510c1f5b3fb568971646821b50dc2542003eb60a4ee9398ae4b6681c29cd921fb35b12ca111f12c59ac39dde4bf4f7524362304610979f5199ef9d271af60a421e29c6483423157ed4c2721123ddf33313a97ec1a55115b6df23157ad17b5e544db26c46d31b2e7375c37ace025955c9482e1ef841554c202c356842233c57c258f8f2043b4b6de433e8a2fb9365b65496c5777c1a1a223763d51190a24fb4047ad7ff6258f1b000000000000000000000000e0ef07726228fb150d09f697ee3db6cc096676225780d422fe917a5c57bedabb42399727b386e979dde3b7243dad1f78e8592937866cfc017f3a8ad31c53115fb7f3452bd3318c4a17cc80bcab32d9ed35273c3c930719ddb5b757f9d85cc86ddd"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r2 = socket$kcm(0x2, 0x1, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000001c0)=r1, 0x4)
sendmsg$inet(r2, &(0x7f0000000300)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x20000015)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000180)={<r3=>r0})
sendmsg$inet(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000200)='R', 0x1}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000040)={r2, r1})
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000100)={r2})
close(r3)

12m26.092893328s ago: executing program 1 (id=778):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x14711, &(0x7f00000003c0)={[{@lazytime}, {@inlinecrypt}, {@noblock_validity}, {@abort}, {@mblk_io_submit}, {@dioread_nolock}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x222a}}, {@nouid32}, {@test_dummy_encryption}, {@bsdgroups}]}, 0x3, 0x453, &(0x7f0000000c40)="$eJzs281vFOUfAPDvzLbw+/HWivgColbR2PjS0oLKwYtGEw+amOgBj7UtBFmooTUR0mg1Bo+GxLvxaOJf4EkvRj2ZeNW7ISHaC+hpzczOlO2yu7R06xb280kGnmfm2T7Pt888O8/MMw2gb41k/yQRuyLit4gYqmdXFxip/3dteXH67+XF6SRqtTf/TPJyV5cXp8ui5ed2FpnRNCL9NCkqWW3+/IXTU9Xq7LkiP75w5r3x+fMXnjl1Zurk7MnZs5PHjh09MvH8c5PPrj2YJGl7aHfW1gMfzh3c/+rbl16fPn7pnZ++yUrvKo43xrERaUN6JAv8r1quudzj3ahsC9ndkE4Gbl6GraESEVl3Debjfygqcb3zhuKVT3raOGBTZdem7e0PL9VaqbTcC9x2kuh1C4DeKC/02f1vuf1HU48t4cqL9Rugq8ni9LXl+lY/MrByLz+4ifeuIxFxfOmfL7MtuvgcAgCgne+y+c/TreZ/adzbUG5PsTY0HBF3RcTeiLg7IvZFxD0Redn7IuL+G2pIO9bfvDR04/wnvXzLwa1BNv97oVjbWj3/W2n3cKXI7c7jH0xOnKrOHi5+J6MxuD3LT3So4/uXf/283bHG+V+2ZfWXc8GiHZcHmh7QzUwtTOWT0i648nHEgYFW8ScrKwFJROyPiAPr+9F7ysSpJ78+2K7QzePvoM0603rUvop4Iuv/WrIUTfGXks7rk+P/i+rs4fHyrLjRz79cfKNd/RuKvwuy/t+x+vxvLjKcNK7Xzq+/jou/f9b2nuZWz/9tyVt5v2wr9n0wtbBwbiJiW/Janl+1f/L6Z8t8WT6Lf/RQ6/G/t/hMVs8DEZGdxA9GxEMR8XDR9kci4tGIONQh/h9feuzdW49/c2Xxz7T8/ls5/5v6f/2Jyukfvm1X/9r6/2ieGi325N9/N7HWBm7kdwcAAAC3izR/Bz5Jx1bSaTo2Vn+Hf1/sSKtz8wtPnZh7/+xM/V354RhMyyddQw3PQyeSpeIn1vOTxbPi8viR4rnxF5X/5/mx6bnqTI9jh363s834z/xR6XXrgE3XhXU04DbVPP47v7IB3Elc/6F/Gf/Qv4x/6F+txv9HTXlrAXBncv2H/mX8Q/8y/qF/Gf/Qlzbyd/0S/ZyIdEs0Y5MSQ1ujGT1M9PqbCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDv+DQAA//82merZ")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x42)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @d}})
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r1, &(0x7f0000006b40)={0x2020}, 0x206e)

12m25.634951483s ago: executing program 1 (id=783):
socket$packet(0x11, 0x3, 0x300)
connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x4e23, 0x3, @remote, 0x3}, 0x1c)
r0 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x334e, 0x10, 0x3, 0x801}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x60, 0x185100})
io_uring_enter(r0, 0x7277, 0x0, 0x28, 0x0, 0x0)

12m25.212042031s ago: executing program 1 (id=785):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8)
close(r1)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$LINK_DETACH(0x22, 0x0, 0x0)
syz_clone(0x400c0000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)

12m23.311452572s ago: executing program 36 (id=785):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8)
close(r1)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$LINK_DETACH(0x22, 0x0, 0x0)
syz_clone(0x400c0000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)

11m29.632861347s ago: executing program 0 (id=963):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet(r0, &(0x7f00000006c0)={0x2, 0x0, @dev}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4)
sendmmsg$inet(r0, &(0x7f0000000600)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000080)="a9", 0x1}], 0x1}}], 0x1, 0x4008440)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$uinput_user_dev(r1, &(0x7f0000001080)={'syz0\x00', {0xf, 0x7, 0x7, 0x1}, 0x4a, [0x5f11bec3, 0x3, 0x5, 0x40, 0x0, 0xffffffff, 0x0, 0x7d, 0x13, 0x5, 0x0, 0x6, 0x0, 0x9, 0x4000000, 0x0, 0x1a4, 0xfffff605, 0x3, 0x0, 0x46e9, 0x7ff, 0x9, 0xb, 0x681c1eb2, 0x11e, 0x0, 0x0, 0x0, 0x800002, 0x12, 0xffffffff, 0x7, 0x4, 0x0, 0x3, 0x0, 0x0, 0x1fd, 0x20, 0x0, 0x0, 0xa, 0xfffffffe, 0x1, 0x0, 0x0, 0x0, 0x0, 0xe0, 0x3fd, 0x5, 0xfffffff6, 0x0, 0xf681, 0x0, 0x1ab9, 0xffffffff, 0x0, 0x0, 0xfffffffb, 0x1c15d73a], [0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x8, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xb, 0x8, 0x7, 0x200, 0x1, 0x0, 0x61c5fb46, 0x10000, 0x0, 0x4, 0x10001, 0x75, 0x0, 0x4, 0x0, 0xd, 0x80000000, 0x0, 0x0, 0x9, 0x0, 0x9, 0x4, 0xff, 0x0, 0x10001, 0x3, 0x0, 0x4, 0xfffffffb, 0xbc, 0x0, 0x10, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x441238ca, 0x0, 0x0, 0x0, 0xfffffff9, 0x2, 0x7fffffff, 0x6, 0x9], [0x0, 0x5, 0x3, 0x9f5, 0x0, 0xa02, 0x1c75, 0xf51, 0x0, 0x40, 0x0, 0xc7, 0x7, 0x0, 0x6, 0x0, 0x0, 0x0, 0x205, 0x5, 0x80000, 0xc, 0x5, 0x200, 0xcc0, 0x0, 0x6, 0x63, 0x0, 0x0, 0x0, 0xe, 0x929, 0x202f, 0x20000000, 0x0, 0x0, 0x0, 0x15960318, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x6574, 0x0, 0x0, 0xcd59, 0xfb], [0x216, 0x6, 0x0, 0x2, 0x1, 0x2, 0x1, 0x7000000, 0x0, 0xd63, 0x6, 0x0, 0x0, 0x0, 0xfffffffa, 0xfa3, 0x400, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0xffffff14, 0x0, 0x194e, 0x0, 0xe793, 0xddda, 0x3, 0x0, 0x80000001, 0x3, 0x0, 0x0, 0x8, 0x0, 0x4, 0x1004000, 0x40, 0x0, 0x0, 0x5, 0x0, 0x0, 0x7fff, 0x6, 0x800, 0xfffffffc, 0xd, 0x0, 0x0, 0x0, 0x0, 0x45d, 0x4, 0x0, 0x1000, 0xb2, 0x9, 0xb]}, 0x45c)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r1, 0x0)
unshare(0x22020600)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

11m28.224141159s ago: executing program 0 (id=965):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$alg(0x26, 0x5, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x5885, 0x100, 0x0, 0xffeffc03}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r2, 0x32, &(0x7f00000000c0)=@un=@abs={0x1, 0x0, 0x4e20}})
io_uring_enter(r3, 0x3516, 0x67f, 0x64, 0x0, 0x0)

11m23.083695943s ago: executing program 0 (id=978):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
bind$bt_l2cap(r0, &(0x7f0000000380)={0x1f, 0x6, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x2}, 0xe)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000b80), 0xde, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
r1 = socket$inet6_icmp(0xa, 0x2, 0x3a)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vxcan0\x00'})
r2 = bpf$PROG_LOAD(0x5, 0xfffffffffffffffc, 0x9e)
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@ipv6_getroute={0x24, 0x1a, 0x115, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x7f}, [@RTA_METRICS={0x5, 0x8, 0x0, 0x1, "8e"}]}, 0x24}, 0x1, 0x0, 0x0, 0x40440c0}, 0x240000d4)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="c50a000000000000791048000000000061044f0000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xce, &(0x7f00000000c0)=""/206, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2}, 0x94)
creat(&(0x7f0000000040)='./bus\x00', 0x0)

11m21.913576852s ago: executing program 0 (id=982):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x469, &(0x7f0000000ac0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
io_setup(0x2, &(0x7f0000000200)=<r2=>0x0)
r3 = io_uring_setup(0x2237, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r3, 0xd, 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r3, 0xe, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0}, 0x20)
io_submit(r2, 0x48, &(0x7f0000000540)=[&(0x7f0000000280)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x16000, 0x200}])
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

11m18.173873689s ago: executing program 0 (id=991):
accept$phonet_pipe(0xffffffffffffffff, 0x0, &(0x7f00000001c0))
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/73, 0x49}, {&(0x7f0000000200)=""/83, 0x53}], 0x3a}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r1)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$alg(r1, &(0x7f0000000fc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4011}, 0x40)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000001, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0xec1b3000)

11m16.236253406s ago: executing program 0 (id=994):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c636865636b3d7374726963742c756d61736b3d30303030303030303030303030303030303133363033302c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303034302c757466383d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c74696d655f6f66667365743d3078303030303030303030303030303166622c666c7573682c756e695f786c6174653d302c73686f72746e616d653d77696e39352c00208893fdd4787adad4209069"], 0x6, 0x2ab, &(0x7f0000000a80)="$eJzs3b1rLFUUAPAzyX6pxW5hJYIDWlg9Xl5rs0HyILiVsoVa6MP3Hkh2ERII+IFrKlsbS/8CQbDzn7CxsBdsBTtTBEZmZya7ibObTHATP36/Jjd3zrn3zOQmYYs9+/6L04PHaTw9+eyX6PWS2BrGME6TGMRWVL6IC4ZfBQDwb3aaZfF7VmiSl0REb3NlAQAb1Pj///cbLwkA2LC33n7njd3RaO/NNO3Fw+mXx+P8lX3+tbi++zQ+jEk8ifvRj7OI7Fwxfphl2ayV5gbxynR2PM4zp+/9WK6/+1vEPH8n+jGYT13M3x/t7aSFpfxZXsez5f7DPP9B9OP5mv33R3sPavJj3IlXX16q/17046cP4qOYxON5EYv8z3fS9PXs6z8+fTcvL89PZsfj7jxuIdu+5R8NAAAAAAAAAAAAAAAAAAAAAAD/YffK3jndmPfvyafK/jvbZ/k37Ugrg4v9eYr8pFroUn+gWRbfVP117qdpmpWBi/xWvNCK1t3cNQAAAAAAAAAAAAAAAAAAAPyzHH38ycGjyeTJ4d8yqLoBVG/rv+k6w6WZl6ImZhDnM93FllvltmtWju0qJolYW0a+YqPi21fvvmLwzKqsb79r+uh6V8e0b1Bhw0F1ug4eJfXPsBvVTK86JD8sx3Timnt1Vl3KGh2/Tu2lfuN77zw3H8zWxESyrrDXfi2eXDmTXL6Lzvyp1qa3y0Hxu1B3Nhqd57/+rUh06wAAAAAAAAAAAAAAAAAAgI1avOm35uLJiqSf94sP+Y/BhqsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNux+Pz/BoNZmXyN4E4cHt3xLQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA/8GcAAAD//wrtYeE=")
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x4, 0x0, &(0x7f0000000100)="5dda2f3b", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x44)
mount$nfs(&(0x7f0000000100)='+\x80.', 0x0, 0x0, 0x136808, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000500)=ANY=[], 0x9, 0x201, &(0x7f0000000f40)="$eJzsVUtrU0EU/s7NJLfRLAru3BpsN9rmFsS1G7vXH2BIr7WY+OhENKFgdNONgvgnCv4JXQi6dyEiuNGFgi4qrioSOTNnJpMH9ra+NvPB5XznPY87M1f0TZ0C+LG71cI8DAg1vCWCArBA1rZXsfKryKHgo7J6Q+xPRH4QqXv9Vw8s7V9tttv5pu79mqQgYJ+YcTJtOvf04bHi+RPk5f1xC6FIFqnD9Po90i3ZlZ12PRqzpLNiJBeTlRsX/vEsDk+qU4N35FsNCC2f/mD3Mq9mGTNjiA70r88gXMAQwLu+16a3aZK8eWw7z4wpSXoV48uyL+FT/L93mQnfRYYkB0rXkP3Q5+8l+EJAGa93t1psvSS3GLvX7OeOhMli5XkQc1wBA4BKGJqiXEdJ7AKApW7nxpLu9U9tdJrr+Xp+LctWziy/OCpHdHgX2Gjny2SGYdMTJgoefE6rgZ//tHcj/wABKBgaeF4jsy/pLufFE0FIFUiC3KCGFHjm+6diu6U7uIiTmANwe8DuTBaoDq6mcJmntgpCSZSGCgeEPSSYM47TrevttW0QyKXtQPkajfcoeyUThRvlK2f99LdF1kWuitwZ9TNwb5d7k5Sp8Fm0xQFQwZ1mt7tpHi/L2FbxFYwtm/edE+nqXkPXrJ6iII4UDYyIiIiIiIiI+Ev4GQAA//8sQT03")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x10012, r0, 0x1000)
rt_sigprocmask(0x2, &(0x7f0000000180)={[0xfffffffffffffffc]}, 0x0, 0x8)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1c, 0x0, 0x15)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1c0)

11m14.419629527s ago: executing program 37 (id=994):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c636865636b3d7374726963742c756d61736b3d30303030303030303030303030303030303133363033302c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303034302c757466383d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c74696d655f6f66667365743d3078303030303030303030303030303166622c666c7573682c756e695f786c6174653d302c73686f72746e616d653d77696e39352c00208893fdd4787adad4209069"], 0x6, 0x2ab, &(0x7f0000000a80)="$eJzs3b1rLFUUAPAzyX6pxW5hJYIDWlg9Xl5rs0HyILiVsoVa6MP3Hkh2ERII+IFrKlsbS/8CQbDzn7CxsBdsBTtTBEZmZya7ibObTHATP36/Jjd3zrn3zOQmYYs9+/6L04PHaTw9+eyX6PWS2BrGME6TGMRWVL6IC4ZfBQDwb3aaZfF7VmiSl0REb3NlAQAb1Pj///cbLwkA2LC33n7njd3RaO/NNO3Fw+mXx+P8lX3+tbi++zQ+jEk8ifvRj7OI7Fwxfphl2ayV5gbxynR2PM4zp+/9WK6/+1vEPH8n+jGYT13M3x/t7aSFpfxZXsez5f7DPP9B9OP5mv33R3sPavJj3IlXX16q/17046cP4qOYxON5EYv8z3fS9PXs6z8+fTcvL89PZsfj7jxuIdu+5R8NAAAAAAAAAAAAAAAAAAAAAAD/YffK3jndmPfvyafK/jvbZ/k37Ugrg4v9eYr8pFroUn+gWRbfVP117qdpmpWBi/xWvNCK1t3cNQAAAAAAAAAAAAAAAAAAAPyzHH38ycGjyeTJ4d8yqLoBVG/rv+k6w6WZl6ImZhDnM93FllvltmtWju0qJolYW0a+YqPi21fvvmLwzKqsb79r+uh6V8e0b1Bhw0F1ug4eJfXPsBvVTK86JD8sx3Timnt1Vl3KGh2/Tu2lfuN77zw3H8zWxESyrrDXfi2eXDmTXL6Lzvyp1qa3y0Hxu1B3Nhqd57/+rUh06wAAAAAAAAAAAAAAAAAAgI1avOm35uLJiqSf94sP+Y/BhqsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNux+Pz/BoNZmXyN4E4cHt3xLQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA/8GcAAAD//wrtYeE=")
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x4, 0x0, &(0x7f0000000100)="5dda2f3b", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x44)
mount$nfs(&(0x7f0000000100)='+\x80.', 0x0, 0x0, 0x136808, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000500)=ANY=[], 0x9, 0x201, &(0x7f0000000f40)="$eJzsVUtrU0EU/s7NJLfRLAru3BpsN9rmFsS1G7vXH2BIr7WY+OhENKFgdNONgvgnCv4JXQi6dyEiuNGFgi4qrioSOTNnJpMH9ra+NvPB5XznPY87M1f0TZ0C+LG71cI8DAg1vCWCArBA1rZXsfKryKHgo7J6Q+xPRH4QqXv9Vw8s7V9tttv5pu79mqQgYJ+YcTJtOvf04bHi+RPk5f1xC6FIFqnD9Po90i3ZlZ12PRqzpLNiJBeTlRsX/vEsDk+qU4N35FsNCC2f/mD3Mq9mGTNjiA70r88gXMAQwLu+16a3aZK8eWw7z4wpSXoV48uyL+FT/L93mQnfRYYkB0rXkP3Q5+8l+EJAGa93t1psvSS3GLvX7OeOhMli5XkQc1wBA4BKGJqiXEdJ7AKApW7nxpLu9U9tdJrr+Xp+LctWziy/OCpHdHgX2Gjny2SGYdMTJgoefE6rgZ//tHcj/wABKBgaeF4jsy/pLufFE0FIFUiC3KCGFHjm+6diu6U7uIiTmANwe8DuTBaoDq6mcJmntgpCSZSGCgeEPSSYM47TrevttW0QyKXtQPkajfcoeyUThRvlK2f99LdF1kWuitwZ9TNwb5d7k5Sp8Fm0xQFQwZ1mt7tpHi/L2FbxFYwtm/edE+nqXkPXrJ6iII4UDYyIiIiIiIiI+Ev4GQAA//8sQT03")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x10012, r0, 0x1000)
rt_sigprocmask(0x2, &(0x7f0000000180)={[0xfffffffffffffffc]}, 0x0, 0x8)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1c, 0x0, 0x15)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1c0)

7m0.76114534s ago: executing program 7 (id=1617):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$packet(0x11, 0x3, 0x300)
pipe(&(0x7f0000000000))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r4, &(0x7f0000000480), &(0x7f0000000340)=@udp6=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r5, r2, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@local, @random="7f0a00034011", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2f, 0x2f, 0x0, @loopback, @broadcast}}}}}}, 0x0)

6m58.411251404s ago: executing program 7 (id=1621):
r0 = memfd_create(&(0x7f00000002c0)='\x103q}2\x9a\xce\xaf\x03\x86\xe7\xc0\x14\x8f^\xd5\xfd\xa1\r\xac7A\x94\xeb\xcd\t\x00\x90k\xd6\x05\r\x84\x87\x1c\b\x8c`\xea\x13A\x90m\xb6&\xd0\x9daA\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2_\xdb\xc0\x8b\x19\x17\xb7Rvd\xcb:\b\xeeC0\xa3\xa6\xcf\x00\x00\xac\xc5h&+\t\x98\'\xfd|\x11\x99\xa2*6{\xd2C>2\x0e\"\xbc\xda\xee\xb0\xd8\xbf\xaf)\xf58c\x189K\x82\xd1(\xceY*\xcb\x9b\xbdn\x8e\x88m\x10L\xec\xfdWF\x7fj\x19\xb8<\xd2\x9d\xf0\xe9Qy\xe32\xed\x16f\xfe&\x1a\xdb\xeb\xad\xaaE\b\xa9\xf8\xa9s\xc4d\xd4\x03\xf1\xb7xO\x99\x804m[Ai\x13\x02\xf0\x84c2s\xd5P\t`\x9b\x12&\x8cx\x8eg\x9d\xe6g', 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0x0, 0x2012, r0, 0x5401000)
r4 = io_uring_setup(0x148e, &(0x7f0000000100)={0x0, 0x10000000, 0x1, 0x1, 0x35a})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

6m57.376637728s ago: executing program 7 (id=1627):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0x28, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x40}]}, 0x28}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c80)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r2, @ANYBLOB="05005b"], 0x24}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_INTERFACE(r8, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)

6m56.615657501s ago: executing program 7 (id=1631):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r2, 0x0)
setpgid(0x0, r2)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000, 0x0)
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, r3}, './file0\x00'})

6m56.286002785s ago: executing program 7 (id=1635):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffdfe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
pipe2(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
recvmmsg$unix(r3, 0x0, 0x0, 0x10002, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_fscache}, {@cachetag={'cachetag', 0x3d, '\x14\xe2\xc3\x11\xe2\xcb\x86\xc8-Hs\xc6\xafm\xdc{\xde<Q\x1a\x13\x15\xe4\xf8YH\xa9\x8a\xe3\x88\x12;V6\x1e\xd3\xccL>U#\xebp7-\x9f\xb8\xf3A\xb2CX\xd3//\xdd28+\x9dS\"\x9bm\x19\xd0K4a\xe6\xfb\xdb\xf7\xe4K\xb5\xc8\x94_\a\xe61\x91\xe4<@\xc37+\x9c\xb2\xe8E=T\xd5\xb1\'\xc3w\f\'\xd4\x97\xf8\xba\xe8\xa0\n\x8d\xc7\xc9\x7f\xa8\x1d\x88\xa3\x17\xca\xa5e\x7fYj\x82Z\xe9K\xa0T\\\x87u\x8coL\a|\xc8f^\x01\x04\xe4\x8e\x0f\xfe\x16\xa7G\xd4\xa1\xef\xc5\xa7k\x1dE\xb0\x9d!i\x99\\^\\]G?E+\xcd}\xf7i\xe2\xa2\x8dEW\xab\xdc\x8c\xe9Y\xb1\xc8\xc4\x97!\xbc\xf4\xef\xc9\x03v\xf3 \xb2\xc5\xd5\xf0$\xa0KD5\xf4\x9c\xe1\r\xc4\xa0\xd1\'\xadC\xb7Z\f[t\xd1\xadYk\x90v<id\x92\x02\x16\x9d\xe1rmkU\x90\x994\x06\xe5\\\x80\xfb'}}]}})

6m55.237044917s ago: executing program 7 (id=1637):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000280)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, 0x1480, 0x2104}}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x80)

6m53.519856972s ago: executing program 38 (id=1637):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000280)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, 0x1480, 0x2104}}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x80)

5m30.661241198s ago: executing program 4 (id=1810):
socket$nl_audit(0x10, 0x3, 0x9)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
bpf$MAP_CREATE(0x600000000000000, &(0x7f0000000580)=@base={0xf, 0x4, 0x4, 0x20002, 0x0, 0x1, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48)
io_destroy(0x0)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000100))
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000001440)={'bridge0\x00', 0x0})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000740)={&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000600)="1c8ec6752be378e4975226946c9de7a697052e2ae0e02a61115fe2855555ae15298b5750c8558b0187fda86960f18b56f317ffea27cb3bae6907bc26ac2b6c2a0fe5fca7d6a90e38de874099aa20b91d4ca96b1155c94380487a465ca5ea49569be0cc73f634be4a54f4a1c585b0aa3a611f573cf9406c164d371c435c32d057a1f657a1f1a2f1dad6f3c01fc7b74df38117058a8f0537f7eee60d9bb46e7f028efc8b4f8a97d5c5ab01f0a4ba20d256b305bc7513719d92f9d90ab7ba07f7cc5aee7ae4f9320b58f3747ee66589ef51feaa2ae71a8e31049f495cea580d13ffff99c558f4", 0xe5}, 0x68)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000df0f000007"], 0x48)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x3000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19)

5m29.115690064s ago: executing program 4 (id=1813):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f00000004c0)=ANY=[@ANYBLOB="911041000000000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$MAP_CREATE(0x1100000000000000, &(0x7f0000000440)=@base={0x18, 0x4, 0xf7, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0xffffffff}, 0x50)

5m27.469752107s ago: executing program 4 (id=1814):
mkdir(&(0x7f0000000000)='./file0\x00', 0xfffffffffffffffe)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = socket$unix(0x1, 0x2, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r3, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r4 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESDEC=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
r5 = socket$unix(0x1, 0x5, 0x0)
r6 = dup2(r5, r0)
close_range(r6, 0xffffffffffffffff, 0x0)

5m27.202165283s ago: executing program 4 (id=1816):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x15, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737fe0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf75592f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000400)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-ssse3\x00'}, 0x58)

5m25.73616669s ago: executing program 4 (id=1820):
socket$inet_sctp(0x2, 0x0, 0x84)
syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, 0x0, &(0x7f0000000040))
syz_mount_image$erofs(&(0x7f0000000200), &(0x7f0000000100)='./file0\x00', 0x1000801, &(0x7f0000000140)=ANY=[], 0x2, 0x22d, &(0x7f0000000a40)="$eJzslb9v00AUx793dpy0gkoMMLCkQyWKRB3bBdSFoexISC0Cxoheq4DbVGmGthJSKxYWZsQfwMbM0ImBDSZmBkBCYqAjC0gcuvM5Ptd22igIhr6PlMv33t27H8/PzyAI4tTy5fOPT89uLixfAXAGM6gb+zcnm8Ot+R9fODUj325MPT6whhqqYQCkzIzuMft7AN4sOsBesqyUmfcr86/WXAbHjOnfAcdlo++CwU/PKjNvAYb7xvxwUw5u050wIhbsQTdeWe3EIlBNqJpotfOyljufOv/hPsOKuaDagVnjWzu7j9ox0EtELFJRk+k+haFUJDcDSoZyYlj89PkWOW5YIVDP697TJ/uq7xt7YMUvBEdo9DwYloxeQB2+7zdNV4TW/S+62fpO8tgS9qrPXRSNUSaPL87N5SzTUEJl+HD3iVio2/61Y/yWQ+bUR16Qmazycin476JansrA6F68WfTyius0zEW1RRzzkpxgd3bUwuyUuHB48K7o9fW/hnc8ARNAe+i5CtSHyTi+Vep1PmeZrnhlPJzVJaEyJZL6wVzgklWfXOur0Oqvb7a2dnbnOuvtNbEmNqJo/npwNQiuRS1dm5PWLndH6l9D16dJa/1aRa30mIftdr/fC7eBfi8c9KOktZJp6XX3u/bhuv5xzP6SMv286Bcv/VCy/B7M/Lj+V2rWqTgOQRAEQRAEQRAEQRAEQRDECfhp6SYY3k8NurIcN7qth/8EAAD//7LLT5w=")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
setxattr$incfs_id(&(0x7f0000000200)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000440), 0x0, 0x0, 0x2)

5m22.248012264s ago: executing program 4 (id=1830):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$rds(0x15, 0x5, 0x0)
syz_io_uring_setup(0x3093, &(0x7f00000003c0)={0x0, 0x3a7d, 0x20, 0x3ffe, 0x80000}, 0x0, 0x0)
syz_usb_connect(0x2, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xfb, 0x63, 0xcb, 0x40, 0xbfd, 0x10c, 0xe639, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x6, 0x0, 0x0, [{{0x9, 0x4, 0x4c, 0x1, 0x0, 0x7d, 0xff, 0x7c, 0x8}}]}}]}}, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0x20, &(0x7f0000001200)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}}, 0x0, 0x0, 0xd, 0x0, "50e482af8a3b3953d7d2ddc26f6d7fcfdcef78b3bb7ca71d37000667e0b8dd3a89446b04761c340f273410ad620a1d1d1e8e3d5d07cb37da86503ff8eadd32f0fc9a56bcd7a401a991c216437633b722"}, 0xd8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3c}}, 0x0)
rt_sigqueueinfo(0x0, 0x14, &(0x7f0000000380)={0x6, 0x8, 0x10})
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="5800000000090102000000000000000001000009240002000c00028005000100000000001400018008000114ac14141d08000200ac1e000108000540000000040900010073797a31000000000c0004"], 0x58}}, 0x4000)

5m21.326678946s ago: executing program 39 (id=1830):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$rds(0x15, 0x5, 0x0)
syz_io_uring_setup(0x3093, &(0x7f00000003c0)={0x0, 0x3a7d, 0x20, 0x3ffe, 0x80000}, 0x0, 0x0)
syz_usb_connect(0x2, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xfb, 0x63, 0xcb, 0x40, 0xbfd, 0x10c, 0xe639, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x6, 0x0, 0x0, [{{0x9, 0x4, 0x4c, 0x1, 0x0, 0x7d, 0xff, 0x7c, 0x8}}]}}]}}, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0x20, &(0x7f0000001200)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}}, 0x0, 0x0, 0xd, 0x0, "50e482af8a3b3953d7d2ddc26f6d7fcfdcef78b3bb7ca71d37000667e0b8dd3a89446b04761c340f273410ad620a1d1d1e8e3d5d07cb37da86503ff8eadd32f0fc9a56bcd7a401a991c216437633b722"}, 0xd8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3c}}, 0x0)
rt_sigqueueinfo(0x0, 0x14, &(0x7f0000000380)={0x6, 0x8, 0x10})
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=ANY=[@ANYBLOB="5800000000090102000000000000000001000009240002000c00028005000100000000001400018008000114ac14141d08000200ac1e000108000540000000040900010073797a31000000000c0004"], 0x58}}, 0x4000)

21.048914192s ago: executing program 2 (id=2399):
pipe(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r0, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00'}, 0x30)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
io_setup(0x9, &(0x7f0000000240)=<r4=>0x0)
connect$can_bcm(r3, &(0x7f0000000040), 0x10)
io_submit(r4, 0x1, &(0x7f00000012c0)=[&(0x7f00000000c0)={0x400000, 0x0, 0x0, 0x1, 0x0, r3, &(0x7f0000000200)="0500000093cb1faf16da39de706f646800580f02000000003f420f0000000000ff030f02000000003f420f00000000003bf81b05ff000000", 0x38}])

18.524225657s ago: executing program 2 (id=2402):
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_PEER_GET(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0d03000000000000000013"], 0x30}}, 0x0)

16.386328069s ago: executing program 2 (id=2404):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x891c, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4048aecb, &(0x7f00000001c0)=ANY=[])
mremap(&(0x7f0000724000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000290000/0x4000)=nil)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)

16.385167535s ago: executing program 3 (id=2406):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r0, 0xf504, 0x0)
fsopen(&(0x7f0000000000)='ceph\x00', 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000094}, 0x800)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r1, &(0x7f0000000040), 0x0, 0x1, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r2, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)

13.230875516s ago: executing program 3 (id=2411):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
eventfd(0x5f0)
socket$can_j1939(0x1d, 0x2, 0x7)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r2, 0x4020aed2, &(0x7f0000000000)={0x8000000, 0x101000, 0x8})

10.698756838s ago: executing program 3 (id=2414):
dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={r4, &(0x7f00000047c0), &(0x7f0000004880)=@udp=r3}, 0x20)
recvmmsg(r3, &(0x7f0000000b80)=[{{0x0, 0xffffffffffffff6c, 0x0, 0x0, 0x0, 0x52}, 0xa}], 0x360, 0x120, 0x0)

10.617725832s ago: executing program 9 (id=2415):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x3000c041)
r5 = socket$kcm(0x10, 0x2, 0x4)
recvmsg$kcm(r5, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x2002)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000060000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f2130809d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff000000000000000000", 0x89}], 0x1}, 0x0)

9.336448783s ago: executing program 9 (id=2416):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000340)=0x8000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000400)={'batadv_slave_1\x00', <r3=>0x0})
bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
ppoll(&(0x7f0000000500)=[{r4}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x7fffffff, 0x7, 0x4, 0x1000000, 0x800, 0x8, 0x4}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x1, 0x8, 0x3f9a, 0x0, 0x8000000010001, 0x3}, 0x0, 0x0)
sendto$packet(r0, 0x0, 0x0, 0x4000090, 0x0, 0x0)

9.333086578s ago: executing program 8 (id=2417):
socket$rxrpc(0x21, 0x2, 0xa)
socket$packet(0x11, 0x3, 0x300)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket(0x1d, 0x2, 0x6)
socket(0x1, 0x1, 0x0)
epoll_create(0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x240303, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$unix(0x1, 0x5, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket(0x400000000010, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0)=[0x7fffffff]})

8.675352253s ago: executing program 3 (id=2418):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket(0x1, 0x1, 0x0)
ioctl$SIOCGETSGCNT(r2, 0x89a0, &(0x7f0000000200)={@dev={0xac, 0x14, 0x14, 0x25}, @rand_addr=0x64010125})
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
mount(0x0, 0x0, &(0x7f0000000000)='proc\x00', 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, 0x0, 0x0)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'macvtap0\x00'}}, 0x1e)
sendmmsg(r3, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}], 0x34000, 0x0)

8.625777837s ago: executing program 2 (id=2419):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
futex(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
futex(0x0, 0x84, 0x0, 0x0, 0x0, 0x1)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)

7.569817274s ago: executing program 8 (id=2420):
syz_mount_image$udf(&(0x7f0000000040), &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, &(0x7f0000000f00)=ANY=[@ANYRES8=0x0, @ANYRESOCT=0x0, @ANYRES8, @ANYRESDEC], 0x11, 0x489, &(0x7f0000000a40)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO")
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000080)={0x402, 0x3}, 0x8)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000380)={0x0, 0x1}, 0x8)
sendto$inet(r0, &(0x7f0000000100)="ab", 0x34000, 0x40048c4, &(0x7f00000000c0)={0x2, 0x4e22, @local}, 0x10)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
rename(&(0x7f00000006c0)='./file0\x00', 0x0)

7.507905178s ago: executing program 2 (id=2421):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_clone3(&(0x7f0000000380)={0xefc729e57f243959, &(0x7f0000000040), 0x0, &(0x7f0000000100), {0x1f}, &(0x7f0000000240)=""/232, 0xe8, &(0x7f0000000f40)=""/4096, 0x0}, 0x58)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x14)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f0000000080)='./file0\x00')
fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x0, 0x0, 0x1000)

7.196496569s ago: executing program 5 (id=2423):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x10000}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c00028005000100000000000800074000000000080003400000100e14000580050001"], 0x80}}, 0x0)

6.844040703s ago: executing program 9 (id=2424):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000001540)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)

6.189976848s ago: executing program 5 (id=2425):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
gettid()
timer_create(0x8, 0x0, &(0x7f0000bbdffc))
r4 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), r0)
sendmsg$GTP_CMD_GETPDP(r0, &(0x7f0000002880)={0x0, 0x0, &(0x7f0000002840)={&(0x7f00000027c0)={0x14, r4, 0x301, 0x70bd25, 0x25dfdc00}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x24008040)

5.156109503s ago: executing program 9 (id=2426):
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffffffffffe68, &(0x7f00000002c0)=0x1000000000002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r1, 0xc018aa06, 0x0)
syz_io_uring_setup(0x5b0f, &(0x7f0000000000)={0x0, 0xfffffffc, 0x1000, 0x0, 0x359}, &(0x7f00000002c0), &(0x7f0000ff4000))
close_range(r1, r1, 0x0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)

3.741992628s ago: executing program 5 (id=2427):
syz_io_uring_setup(0xb7f, &(0x7f0000000180)={0x0, 0x38ab, 0x1000, 0x0, 0x1e6}, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
creat(0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setrlimit(0x8, 0x0)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2d, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @private2}}}, 0x108)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000404000000002e"], 0x0, 0x37}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0x4, 0xa, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, r2, 0x2, 0x1}, 0x48)

3.648180587s ago: executing program 8 (id=2428):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mremap(&(0x7f00009d1000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f00002a0000/0x4000)=nil)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x22301, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000080)=0x100)
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000f00))

3.617942156s ago: executing program 9 (id=2429):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40840}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x30, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000280)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @random=0x9, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x1, [{0x2, 0x1}]}, @void, @void, @void, @void, @val={0x72, 0x6}, @val={0x71, 0x7, {0x1, 0xffffffffffffffff, 0x1, 0x1, 0x0, 0x4, 0x21}}}, 0x40)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val, @void}, 0x20)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000440)=@mgmt_frame=@beacon={{{}, {}, @device_b, @device_b, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @val={0x5, 0x3, {0x7c, 0x20, 0x8}}, @val={0x25, 0x3, {0x0, 0x2, 0x4}}, @val={0x2a, 0x1, {0x1, 0x1}}, @val={0x3c, 0x4, {0x0, 0x3d, 0xab, 0x5}}, @val={0x2d, 0x1a, {0x8, 0x3, 0x1, 0x0, {0x5, 0x1005, 0x0, 0x6, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x400, 0x4, 0x5}}, @void, @val={0x71, 0x7, {0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x21}}, @val={0x76, 0x6, {0x0, 0x9, 0x3d, 0x1}}}, 0x64)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
splice(r0, 0x0, r1, 0x0, 0x4ffe6, 0x0)

3.573747454s ago: executing program 5 (id=2430):
socket$inet6(0xa, 0x3, 0x5)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd, 0x103}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r4)
sendmsg$DEVLINK_CMD_RATE_GET(r4, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, r5, 0x303, 0x0, 0x25dfdbfd, {0x3d}}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x0)

2.514684213s ago: executing program 5 (id=2431):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = memfd_create(&(0x7f0000000380)='\x103q}2\x9a\xce\xaf\x03\xdfyR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7R\x94\xaf\xbb\xdcM\x90k\xd6\x05\r\x84\x87\x1e?\x10\x95SWFO{\x1f\x1b!\xd5\x991D\x1c\b\x8c`\xeaSA\x90m\xb6&\xd0\xf1\xb3\xed:\x82\xbd\xe3i|BL\x1f\x9d\x00\x00\xc5\xb8$\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\r\xd6h\x80\x8fQ|\xf5d\x10\x10\xd7\t\x00\x00\x00\x00\x00\x00\x00<\xfeeS\xb2l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfaa\xd3\xf1\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7~x\xb8vo\xe6\x15@\xc9\"CY\x11\xb9u\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D4E^7%8\x94y\x90\xf0l\xa0\'L%\xd4\xda\xee\x81\x98\xcc\xfd\xa2\x89$\x9by\xf1\xbb\x01\xb7\xcd\xbf\x99\x1f\x90@b\x03\xb3\xe0CfU\x16{\xbey\xa1cs\x96U\x11\xdb*\xdf\xcdG\xc7z\x85\x8aE\xf7\xd5\x9dAj\xe3\xfb\xc4\xa0\x14\x87\x19\x17\xed\xd1\x185%Q%\x81\xfaK\x82\xec=\xa3\xb8~\xb6O\xbd\x19*\xdb\x1c\x10\xa4\x8dIl\xc1\xceG\xd0h\xa1\xab:dP\xb6\xa0BR\xbe\x03\xac\xd9\x87\x00@\x80\x94\xd88\xc9\x03\x97\x17r\x85#\x7f\x8cu\x8f\xcc\x7fF\xb5\xea\xa6\xc1\x9d\xac\x89\xc9\xa1tuJw\xee\x1a\xe73\xa8\xadS\xd1\x11#d\xc2\xcfdj\x9ec\x93\xd5K\x90*_3\x89\v\xab\x04ih\x12\x93\xc5m\x8f~{\xe5\x85\xa5g\x00\x00\x00\xe45Q\xab%\xa8[\xf3\x17\x94\xf8\xdfq\xff\xd2?\xafW\xde\x1bW]\x1f\aaV\xc5\xc82*\xc7\xc5\"C}L\x10e\xc6\x90\xc0\xf9z\xb6+/d\x86\xf2\xbe\xc9:u\t\\e\x05)\xe4\xd2\xc4\x1a\xc9\xac\xdb\x925\x02\x94@\xa2\xe1\xee\x16\xb4\x98\xff\x0f\xbb\xb2\x81\xcf\x13g6l\xcc\xc8\x02\v\xa2\xb2\xf6\xbf@d\xcecC\x9fVz\xf4\x14\xa5\x8b|\xe1\xc0\xfa3X\xf4\xd9L\xe6\x8f\x9dy\x0fX.\xc5EQ\xd1/\xa1\xd0\x03>\xf0\x90\x13B\xe2\x97\x8b!\xf7\"\xecX\x92\xab\xbc^\xb2\x80@\xcc+\xbbp\xdc|N\xd3[=G\xb2\xe1\x9c\xc5\x81y\x84\xef\xacQ\x01\xdd\xe7<\xb8\xf1Hn\x86\xa6\xe3\x18N\x19\"[-\xdb\xef\xc3\xe0\xa8}', 0x0)
ftruncate(r3, 0x800799c)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r4, &(0x7f00000002c0)={0xa, 0x4e20, 0xffffffff, @mcast2, 0x9}, 0x1c)
sendfile(r4, r3, 0x0, 0xfeff)

2.513431268s ago: executing program 8 (id=2432):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x85}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, 0x29, 0xb, 0x70bd27, 0x0, {0x5}}, 0x14}}, 0x0)

1.636130222s ago: executing program 3 (id=2433):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r4 = socket$inet6(0xa, 0x3, 0x6)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@mcast2, 0x0, 0x0, 0x1, 0x4, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0xbd1, 0x0, 0x3}, {0x81, 0x2}, 0x1fffffc, 0x0, 0x1, 0x0, 0x0, 0x2}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x8000, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1, 0x0, 0x0, 0x7, 0x7, 0x0, 0x4}}, 0xe8)
sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0xffe0)

1.451834399s ago: executing program 2 (id=2434):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
getpriority(0x2, r0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000003, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
setreuid(0x0, 0x0)
r3 = io_uring_setup(0x2754, &(0x7f0000000080)={0x0, 0xfffffffc, 0x800, 0xfffffffe, 0x800001b4})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000003740)=""/4096, 0x1900}], 0x0, 0x11a}, 0x20)

1.451076136s ago: executing program 8 (id=2435):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000212c1400001e0a05010000000000000000070000000900020073797a31000000000900010073797a300000000000140380300000802c000180250001007bb0c03ce8ed22d039cce454fd98ae614b08a9f3d4ddf1f742d55995afac076948000000cc1300800c00054000000000000000000c00054000000000000000000c0004400000000000000000e0000a80480002800800034000000003080003400000000308000340000000020900020073797a31000000000800034000000001080003400000000108000180fffffffb08000180fffffffe3a000100d5867498a18a515bfa0df242b8dd5cc3eb5106a4f3109f9909cb0aa08db584ba5ee6d4bbb45478287310a5b3a2d6b9d7dcb8abfa1d100000580002800900020073797a3200000000080003400000000408000180fffffffc080003400000000408000180ffffffff0900020073797a320000000008000180fffffffe08000340000000030900020073797a30000000000600064019d20000040201802400028008000340000000000800034000000000080003400000000008000180000000003800028008000340000000000800018000000000080003400000000008000340000000000900020073797a300000000008000340000000002c00028008000340000000000900020073797a31000000000900020073797a320000000008000340000000003400028008000180000000000900020073797a310000000008000340000000000900020073797a3200000000080003400000000004000280440002800900020073797a310000000008000340000000000900020073797a32000000000900020073797a320000000008000180000000000900020073797a3200000000fc000100789be1"], 0x14b0}}, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_extract_tcp_res(0x0, 0x6, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x5, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d1000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000003100000095"], &(0x7f0000000080)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c00000003060101000000007e625f4609ca6fd90500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)

1.207134981s ago: executing program 5 (id=2436):
read$alg(0xffffffffffffffff, &(0x7f0000000200)=""/96, 0x60)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfa11, 0xffffffff}, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
set_mempolicy(0x3, &(0x7f00000000c0)=0x3, 0x5)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_emit_ethernet(0x52, 0x0, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)

79.864068ms ago: executing program 8 (id=2437):
capset(0x0, 0x0)
r0 = socket$kcm(0xa, 0x1, 0x106)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = eventfd(0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f0000000140), 0x10)
r5 = syz_io_uring_setup(0x835, &(0x7f00000000c0)={0x0, 0x679a, 0x400, 0x2000006, 0x3ce}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r4, 0x0, &(0x7f0000000240)="144024aeae8b2b5d63f7449a372e1406d4defe495b5744eed6801d1d51e1d3fcdcf25bdf4a5f2ef4b45d6898757795c858f0c3d4b26bd644", 0x38, 0x2400c0c7, 0x1})
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240)=r3)
sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000011)

78.794043ms ago: executing program 3 (id=2438):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="611528000000000061138c0000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b33e0f32f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3cd3cedd01fdc59589ea6bacde1e40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7a7216f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbe00000000000000000000000000fdba1133066c4a21a7149f32"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)

0s ago: executing program 9 (id=2439):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xcc657405ba8b63ff}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2a, 0xa9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
open(&(0x7f0000000100)='./file0\x00', 0x8100, 0x31)
r3 = fsopen(&(0x7f0000000000)='devtmpfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

e to read fragment index table
[  503.615635][   T30] audit: type=1326 audit(2000000328.120:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10952 comm="syz.2.1294" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fabcb18ebe9 code=0x0
[  503.984993][ T8080] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[  504.181508][ T8080] usb 3-1: unable to get BOS descriptor or descriptor too short
[  504.743979][ T8080] usb 3-1: not running at top speed; connect to a high speed hub
[  505.317157][ T8080] usb 3-1: config 7 has an invalid interface number: 44 but max is 0
[  505.347365][ T8080] usb 3-1: config 7 has no interface number 0
[  505.359592][ T8080] usb 3-1: config 7 interface 44 altsetting 14 endpoint 0x6 has an invalid bInterval 0, changing to 10
[  505.438875][ T8080] usb 3-1: config 7 interface 44 altsetting 14 endpoint 0x6 has invalid wMaxPacketSize 0
[  505.524499][ T8080] usb 3-1: config 7 interface 44 has no altsetting 0
[  505.580358][ T8080] usb 3-1: New USB device found, idVendor=798d, idProduct=9787, bcdDevice=fc.51
[  505.624205][ T8080] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  505.664359][ T8080] usb 3-1: Product: syz
[  505.674485][ T8080] usb 3-1: Manufacturer: syz
[  505.714778][ T8080] usb 3-1: SerialNumber: syz
[  505.723339][T10971] Illegal XDP return value 63213624 on prog  (id 274) dev N/A, expect packet loss!
[  506.187099][T10973] netlink: 'syz.8.1300': attribute type 4 has an invalid length.
[  507.345556][ T8080] usb 3-1: USB disconnect, device number 2
[  509.235413][ T8066] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  509.518073][ T8066] usb 3-1: unable to get BOS descriptor or descriptor too short
[  509.530857][ T8066] usb 3-1: not running at top speed; connect to a high speed hub
[  509.583791][ T8066] usb 3-1: config 129 has an invalid interface number: 135 but max is 0
[  510.182282][ T8066] usb 3-1: config 129 has an invalid interface number: 5 but max is 0
[  510.202159][ T8066] usb 3-1: config 129 descriptor has 1 excess byte, ignoring
[  510.209771][ T8066] usb 3-1: config 129 has 2 interfaces, different from the descriptor's value: 1
[  510.314315][ T8066] usb 3-1: config 129 has no interface number 0
[  510.337891][ T8066] usb 3-1: config 129 has no interface number 1
[  510.358486][ T8066] usb 3-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[  510.382956][ T8066] usb 3-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30
[  510.406752][T11004] netlink: 'syz.9.1310': attribute type 10 has an invalid length.
[  510.414592][T11004] netlink: 40 bytes leftover after parsing attributes in process `syz.9.1310'.
[  510.443928][ T8066] usb 3-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37
[  510.458613][ T8066] usb 3-1: config 129 interface 135 has no altsetting 0
[  510.466086][ T8066] usb 3-1: config 129 interface 5 has no altsetting 0
[  510.484785][T11004] team0: Port device geneve0 added
[  510.525584][ T8066] usb 3-1: string descriptor 0 read error: -22
[  510.535362][ T8066] usb 3-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.62
[  510.605212][ T8066] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  510.697605][ T8066] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  510.738376][ T8066] usb 3-1: MIDIStreaming interface descriptor not found
[  510.932182][ T8066] usb 3-1: USB disconnect, device number 3
[  513.276952][   T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  513.436817][   T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  514.589039][   T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  515.585138][   T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  517.166658][   T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  517.215348][   T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  518.851580][   T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  518.918431][   T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  518.995081][T11055] Bluetooth: hci1: command 0x0406 tx timeout
[  519.001374][T11054] Bluetooth: hci3: command 0x0406 tx timeout
[  519.935242][   T13] bridge_slave_1: left allmulticast mode
[  519.940961][   T13] bridge_slave_1: left promiscuous mode
[  519.962095][T11060] loop8: detected capacity change from 0 to 32768
[  520.058204][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  520.770162][   T13] bridge_slave_0: left allmulticast mode
[  520.776339][T11060] ocfs2: Mounting device (7,8) on (node local, slot 0) with writeback data mode.
[  520.877526][   T13] bridge_slave_0: left promiscuous mode
[  520.896410][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  521.137113][T11084] overlayfs: failed to resolve './file0': -2
[  521.707944][ T9934] ocfs2: Unmounting device (7,8) on (node local)
[  521.821088][T11091] loop2: detected capacity change from 0 to 512
[  521.912710][T11093] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1336'.
[  521.972560][T11091] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  522.063724][T11091] ext4 filesystem being mounted at /63/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  522.211594][   T30] audit: type=1800 audit(2000000346.750:153): pid=11091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1334" name="file1" dev="loop2" ino=15 res=0 errno=0
[  522.243798][   T30] audit: type=1800 audit(2000000346.780:154): pid=11103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1334" name="file2" dev="loop2" ino=16 res=0 errno=0
[  522.497947][ T8080] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  522.679766][ T8080] usb 3-1: config 0 has an invalid interface number: 48 but max is 2
[  522.691664][ T8080] usb 3-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  522.718538][ T8080] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 3
[  522.731074][ T8080] usb 3-1: config 0 has no interface number 0
[  522.935127][ T8080] usb 3-1: too many endpoints for config 0 interface 48 altsetting 48: 48, using maximum allowed: 30
[  523.010221][T11112] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  523.036661][T11112] CIFS mount error: No usable UNC path provided in device string!
[  523.036661][T11112] 
[  523.047316][T11112] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  523.694957][ T8080] usb 3-1: config 0 interface 48 altsetting 48 has 0 endpoint descriptors, different from the interface descriptor's value: 48
[  523.711995][ T8080] usb 3-1: config 0 interface 48 has no altsetting 0
[  523.720379][ T8080] usb 3-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  523.730367][ T8080] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  523.741247][ T8080] usb 3-1: config 0 descriptor??
[  525.565055][ T8080] usb 3-1: string descriptor 0 read error: -71
[  526.299324][ T8080] usb 3-1: USB disconnect, device number 4
[  526.524669][ T9908] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.593648][T11142] loop2: detected capacity change from 0 to 128
[  527.602548][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  527.654835][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  527.695627][   T13] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  527.760345][   T13] bond0 (unregistering): Released all slaves
[  528.253958][   T13] bond1 (unregistering): Released all slaves
[  528.281838][T11158] Invalid ELF header magic: != ELF
[  528.331127][T11158] loop8: detected capacity change from 0 to 1024
[  528.490830][T11158] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  529.551346][ T9934] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  529.856376][   T13] bond2 (unregistering): Released all slaves
[  530.030863][T11181] netlink: 28 bytes leftover after parsing attributes in process `syz.9.1360'.
[  530.040174][T11181] netlink: 28 bytes leftover after parsing attributes in process `syz.9.1360'.
[  530.154392][T11182] lo: entered allmulticast mode
[  530.255254][T11182] tunl0: entered allmulticast mode
[  530.366548][T11182] gre0: entered allmulticast mode
[  532.066056][T11182] gretap0: entered allmulticast mode
[  532.121664][T11182] erspan0: entered allmulticast mode
[  532.138478][T11182] ip_vti0: entered allmulticast mode
[  532.170846][T11182] ip6_vti0: entered allmulticast mode
[  532.196545][T11182] sit0: entered allmulticast mode
[  532.344508][T11182] ip6tnl0: entered allmulticast mode
[  532.431362][T11182] ip6gre0: entered allmulticast mode
[  532.580514][T11182] syz_tun: entered allmulticast mode
[  532.636014][T11182] ip6gretap0: entered allmulticast mode
[  532.665143][T11182] bridge0: port 2(bridge_slave_1) entered disabled state
[  532.674369][T11182] bridge0: port 1(bridge_slave_0) entered disabled state
[  532.728348][T11182] bridge0: entered allmulticast mode
[  532.810279][T11182] vcan0: entered allmulticast mode
[  532.823158][T11182] bond0: entered allmulticast mode
[  532.833052][T11182] bond_slave_0: entered allmulticast mode
[  532.843182][T11182] bond_slave_1: entered allmulticast mode
[  532.862686][T11182] team0: entered allmulticast mode
[  532.995281][T11182] team_slave_0: entered allmulticast mode
[  533.085202][T11182] team_slave_1: entered allmulticast mode
[  533.126815][T11182] nlmon0: entered allmulticast mode
[  533.150382][T11182] caif0: entered allmulticast mode
[  533.161865][T11182] batadv0: entered allmulticast mode
[  533.178172][T11182] vxcan0: entered allmulticast mode
[  533.191584][T11182] vxcan1: entered allmulticast mode
[  533.211262][T11182] veth0: entered allmulticast mode
[  533.222950][T11182] veth1: entered allmulticast mode
[  533.237677][T11182] wg0: entered allmulticast mode
[  533.246063][T11182] wg1: entered allmulticast mode
[  533.259438][T11182] wg2: left promiscuous mode
[  533.266279][T11182] veth0_to_bridge: entered allmulticast mode
[  533.285954][T11182] veth1_to_bridge: entered allmulticast mode
[  533.297757][T11182] veth0_to_bond: entered allmulticast mode
[  533.329770][T11182] veth1_to_bond: entered allmulticast mode
[  533.346186][T11182] veth0_to_team: entered allmulticast mode
[  533.361716][T11182] veth1_to_team: entered allmulticast mode
[  533.388662][T11182] veth0_to_batadv: entered allmulticast mode
[  533.401574][T11182] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  533.413263][T11182] batadv_slave_0: entered allmulticast mode
[  533.535373][T11182] veth1_to_batadv: entered allmulticast mode
[  533.549432][T11182] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  533.585822][T11182] batadv_slave_1: entered allmulticast mode
[  533.687039][T11182] xfrm0: entered allmulticast mode
[  533.699200][T11182] veth0_to_hsr: entered allmulticast mode
[  533.711272][T11182] hsr_slave_0: entered allmulticast mode
[  533.857483][T11182] veth1_to_hsr: entered allmulticast mode
[  533.958366][T11182] hsr_slave_1: entered allmulticast mode
[  534.086557][T11182] hsr0: entered allmulticast mode
[  534.273290][T11182] veth1_virt_wifi: entered allmulticast mode
[  534.405295][T11182] veth0_virt_wifi: left promiscuous mode
[  534.424252][T11182] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  534.463818][T11182] veth1_vlan: entered allmulticast mode
[  534.474038][T11182] veth0_vlan: entered allmulticast mode
[  534.576808][T11182] vlan0: entered allmulticast mode
[  534.582159][T11182] vlan1: entered allmulticast mode
[  534.651132][T11182] macvlan0: entered allmulticast mode
[  534.700089][T11182] macvlan1: entered allmulticast mode
[  534.748510][T11182] ipvlan0: entered allmulticast mode
[  534.768749][T11182] ipvlan1: entered allmulticast mode
[  534.827821][T11182] veth1_macvtap: entered allmulticast mode
[  534.873753][T11182] veth0_macvtap: entered allmulticast mode
[  534.981737][T11182] macvtap0: entered allmulticast mode
[  535.058483][T11182] macsec0: entered allmulticast mode
[  535.145834][T11182] geneve0: entered allmulticast mode
[  535.368266][T11182] geneve1: entered allmulticast mode
[  536.092384][T11182] netdevsim netdevsim8 netdevsim0: entered allmulticast mode
[  536.408081][T11182] netdevsim netdevsim8 netdevsim1: entered allmulticast mode
[  536.439799][T11182] netdevsim netdevsim8 netdevsim2: entered allmulticast mode
[  536.572639][T11182] netdevsim netdevsim8 netdevsim3: entered allmulticast mode
[  536.659891][T11182] mac80211_hwsim hwsim26 wlan0: entered allmulticast mode
[  537.328146][T11182] mac80211_hwsim hwsim27 wlan1: entered allmulticast mode
[  537.570869][T11182] bond1: entered allmulticast mode
[  537.670283][T11207] macsec0: entered allmulticast mode
[  537.676015][T11207] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  537.688265][T11207] netdevsim netdevsim4 netdevsim0: left allmulticast mode
[  537.742615][T11228] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  537.828827][T11228] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  537.934563][T11228] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  537.961172][T11228] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  538.279880][T11260] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1376'.
[  538.818376][   T13] hsr_slave_0: left promiscuous mode
[  538.897207][   T13] hsr_slave_1: left promiscuous mode
[  538.933511][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  539.088780][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  539.386885][   T30] audit: type=1326 audit(2000000363.920:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11266 comm="syz.9.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309578ebe9 code=0x7ffc0000
[  539.490005][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  539.518332][   T30] audit: type=1326 audit(2000000363.950:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11266 comm="syz.9.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f309578ebe9 code=0x7ffc0000
[  539.560046][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  539.672075][   T30] audit: type=1326 audit(2000000363.950:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11266 comm="syz.9.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309578ebe9 code=0x7ffc0000
[  539.718678][   T30] audit: type=1326 audit(2000000363.950:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11266 comm="syz.9.1378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f309578ebe9 code=0x7ffc0000
[  540.060562][ T8066] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  540.122129][   T13] veth1_macvtap: left promiscuous mode
[  540.127929][   T13] veth0_macvtap: left promiscuous mode
[  540.136647][   T13] veth1_vlan: left promiscuous mode
[  540.142102][   T13] veth0_vlan: left promiscuous mode
[  540.258379][ T8066] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  540.282236][ T8066] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  540.374371][ T8066] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  540.490529][ T8066] usb 8-1: config 0 descriptor??
[  541.557027][ T8066] pwc: Askey VC010 type 2 USB webcam detected.
[  542.148232][ T8066] pwc: recv_control_msg error -32 req 02 val 2b00
[  542.237603][ T8066] pwc: recv_control_msg error -32 req 02 val 2700
[  542.315345][ T8066] pwc: recv_control_msg error -32 req 02 val 2c00
[  542.338784][ T8066] pwc: recv_control_msg error -32 req 04 val 1000
[  542.376817][ T8066] pwc: recv_control_msg error -32 req 04 val 1300
[  542.428085][ T8066] pwc: recv_control_msg error -32 req 04 val 1400
[  542.725027][ T8066] pwc: recv_control_msg error -32 req 02 val 2000
[  542.752682][ T8066] pwc: recv_control_msg error -32 req 02 val 2100
[  542.788483][ T8066] pwc: recv_control_msg error -32 req 04 val 1500
[  543.086218][ T8066] pwc: recv_control_msg error -71 req 02 val 2400
[  543.094655][ T8066] pwc: recv_control_msg error -71 req 02 val 2600
[  543.798971][ T8066] pwc: recv_control_msg error -71 req 02 val 2900
[  543.829825][ T8066] pwc: recv_control_msg error -71 req 02 val 2800
[  543.871036][ T8066] pwc: recv_control_msg error -71 req 04 val 1100
[  544.115603][ T8066] pwc: recv_control_msg error -71 req 04 val 1200
[  544.863890][ T8066] pwc: Registered as video103.
[  544.911450][ T8066] input: PWC snapshot button as /devices/platform/dummy_hcd.7/usb8/8-1/input/input10
[  544.950759][T11298] netlink: 16 bytes leftover after parsing attributes in process `syz.8.1385'.
[  545.213152][ T8066] usb 8-1: USB disconnect, device number 8
[  546.482695][T11309] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1385'.
[  546.976018][   T30] audit: type=1326 audit(2000000371.520:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11315 comm="syz.4.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb950f8ebe9 code=0x7ffc0000
[  547.043140][   T30] audit: type=1326 audit(2000000371.520:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11315 comm="syz.4.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb950f8ebe9 code=0x7ffc0000
[  547.105954][   T30] audit: type=1326 audit(2000000371.520:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11315 comm="syz.4.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb950f8ebe9 code=0x7ffc0000
[  547.142494][   T30] audit: type=1326 audit(2000000371.520:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11315 comm="syz.4.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb950f8ebe9 code=0x7ffc0000
[  547.200370][   T30] audit: type=1326 audit(2000000371.540:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11315 comm="syz.4.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fb950f8ebe9 code=0x7ffc0000
[  547.245527][   T30] audit: type=1326 audit(2000000371.540:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11315 comm="syz.4.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb950f8ebe9 code=0x7ffc0000
[  547.297850][   T30] audit: type=1326 audit(2000000371.540:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11315 comm="syz.4.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb950f8ebe9 code=0x7ffc0000
[  547.339778][   T30] audit: type=1326 audit(2000000371.540:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11315 comm="syz.4.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb950f8ebe9 code=0x7ffc0000
[  547.380039][   T30] audit: type=1326 audit(2000000371.540:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11315 comm="syz.4.1390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb950f8ebe9 code=0x7ffc0000
[  547.477887][T11330] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1393'.
[  547.965105][T11316] netlink: 180 bytes leftover after parsing attributes in process `syz.4.1390'.
[  548.112805][T11330] team1: entered promiscuous mode
[  548.122348][T11330] team1: entered allmulticast mode
[  549.098585][T11350] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1399'.
[  549.107344][   T13] IPVS: stop unused estimator thread 0...
[  551.477992][T11366] loop4: detected capacity change from 0 to 1024
[  552.568087][T11366] hfsplus: b-tree write err: -5, ino 3
[  552.638334][T11389] ptrace attach of "./syz-executor exec"[9934] was attempted by "ß–é·´�)Qoƒ ¬¶ ÿ\x0dvé”Ò¢Ï9T{¨-9È2\x0ap_3j ¥í…nòÐÞ­O³a“)b¡¿†k´ü¿—Òߟ.µ¸\x0aKæ~òœ›±¿´Øª¾³þKOkF^ªƒ3Üý¶ò�B3»ç)Ðùè«åç¦Æ{\x5cüäõrHBd¿,µÛX¨\x09\x0bì3îc›÷\x22¬&WÜ\x22Ð\x1b·T¾L'Á‡\x09êÁ!_†NÍhÙ¹=ún>ÒaÚõûð� £(G6¨¶èŒ·…A+&ϋЈU©›ß�¡a¾{@{ø\x0bî[ɸýÛYaºócßξA¯™ò¥ÁÈÌ
„‰‡zœàÂGl:d<]ýu~v•�!Â9÷,Ú?Å´‘>\x22ar\x1b�ªl¦KÚ¬ôYêüå*VÌßSŽ”8›…È�6]àk‡½KÌ.�¨=°’ÚÛ`#æòðåž\x07Ÿ„x!œ—‹g·MDôŒÉÿÿRå*áOLK\x0cÛ}oKáb�
¼A>{Ã@aÞM¨dÇnQj›ãÌ–—„�ó
ÂÀ5)üö]Ú;r¦­,L± \x0cÃ=\x0d«ûïW¢’¡ÓAE½ ¤nË`>åÆŸçòs-Ä3…ì`y«feH�‹»¦½^/$¨L1&·¡™N‹P\x0d1�ß‘D<­\x07c§Pd(ß·E¤ÓdžÛt¦¦çaÀE’�!úÒ­ Ã\x09@¤ÝžHG—~è·H<ÜÒD$¥\x0crXŒ´œ`Ç-ͪ/‡IF�¾þ�ÈÑÚEÛàtIáìâˆ;{�¬ÿ„Æ«—ë—*W\x0c÷¢�\x0a¶:ßÒE­–Ì€«V'ˆ\x0cº†È8sÍejkþ¡ÅÓe~É«ÉÿRò ÊãîÜLìÒêôB*´\x0b-¡ræÈ@\x07ËÒV˜MÅ¡ývà¿ù%OymÇ‚WGüÜ•‹�ó|òÈʤ=¨týƒ¦®»U§Þñ?‡£h£ØKÉ0uÓ£Ùœþ½0ÒG Ì'Ãb,‚þè\x22ߊåÿ
õ;2£Õˆ±'G/Þ³7ò´Wd\x5c!ów%°èñxgŸ\x22âÍx•± ì[4!Nl’˜òQ(\x0a@é[Å+ ÌØ�ÝǬ[[zN¨þ úîs¡B&ãµâÿ�™XïƒÅ>%©ö3Š‘�
{¦- —^ÀÇQÇš4e3\x0b�>ÊsFÌ—ÝH]+\x
[  553.474424][T11392] loop7: detected capacity change from 0 to 8192
[  553.666470][   T30] audit: type=1800 audit(2000000378.210:168): pid=11392 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1411" name="file1" dev="loop7" ino=1048656 res=0 errno=0
[  553.860169][T11400] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1415'.
[  554.079793][T11409] loop2: detected capacity change from 0 to 256
[  554.145096][T11409] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  554.224697][   T30] audit: type=1800 audit(2000000378.750:169): pid=11409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1416" name="bus" dev="loop2" ino=1048657 res=0 errno=0
[  554.930074][T11423] binder: 11422:11423 ioctl c0306201 2000000005c0 returned -14
[  556.083675][T11443] 9pnet_fd: Insufficient options for proto=fd
[  558.370697][T11475] netlink: 'syz.4.1435': attribute type 11 has an invalid length.
[  563.003072][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  563.260063][T11517] random: crng reseeded on system resumption
[  566.217634][T11534] syz.2.1451: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[  566.234115][T11534] CPU: 0 UID: 0 PID: 11534 Comm: syz.2.1451 Not tainted syzkaller #0 PREEMPT(full) 
[  566.234148][T11534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  566.234172][T11534] Call Trace:
[  566.234182][T11534]  <TASK>
[  566.234192][T11534]  dump_stack_lvl+0x189/0x250
[  566.234225][T11534]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  566.234256][T11534]  ? __pfx_dump_stack_lvl+0x10/0x10
[  566.234292][T11534]  ? __pfx__printk+0x10/0x10
[  566.234324][T11534]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  566.234350][T11534]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  566.234383][T11534]  warn_alloc+0x214/0x310
[  566.234416][T11534]  ? stack_depot_save_flags+0x40/0x860
[  566.234454][T11534]  ? __pfx_warn_alloc+0x10/0x10
[  566.234486][T11534]  ? kasan_save_track+0x3e/0x80
[  566.234512][T11534]  ? __kasan_kmalloc+0x93/0xb0
[  566.234541][T11534]  ? xsk_setsockopt+0x4dc/0x8d0
[  566.234569][T11534]  ? do_sock_setsockopt+0x17c/0x1b0
[  566.234591][T11534]  ? __x64_sys_setsockopt+0x13f/0x1b0
[  566.234612][T11534]  ? do_syscall_64+0xfa/0xfa0
[  566.234631][T11534]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.234664][T11534]  __vmalloc_node_range_noprof+0x125/0x12f0
[  566.234729][T11534]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  566.234765][T11534]  ? __kasan_kmalloc+0x93/0xb0
[  566.234801][T11534]  vmalloc_user_noprof+0xad/0xf0
[  566.234830][T11534]  ? xskq_create+0xbf/0x170
[  566.234864][T11534]  xskq_create+0xbf/0x170
[  566.234896][T11534]  xsk_init_queue+0xb0/0x110
[  566.234928][T11534]  xsk_setsockopt+0x4dc/0x8d0
[  566.234960][T11534]  ? __pfx_xsk_setsockopt+0x10/0x10
[  566.234991][T11534]  ? __pfx_aa_sk_perm+0x10/0x10
[  566.235022][T11534]  ? aa_sock_opt_perm+0xff/0x1b0
[  566.235044][T11534]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  566.235064][T11534]  ? __pfx_xsk_setsockopt+0x10/0x10
[  566.235094][T11534]  do_sock_setsockopt+0x17c/0x1b0
[  566.235125][T11534]  __x64_sys_setsockopt+0x13f/0x1b0
[  566.235156][T11534]  do_syscall_64+0xfa/0xfa0
[  566.235178][T11534]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.235198][T11534]  ? asm_sysvec_call_function_single+0x1a/0x20
[  566.235220][T11534]  ? clear_bhb_loop+0x60/0xb0
[  566.235257][T11534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.235295][T11534] RIP: 0033:0x7fabcb18ebe9
[  566.235321][T11534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  566.235339][T11534] RSP: 002b:00007fabcc063038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  566.235362][T11534] RAX: ffffffffffffffda RBX: 00007fabcb3c6090 RCX: 00007fabcb18ebe9
[  566.235378][T11534] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000007
[  566.235391][T11534] RBP: 00007fabcb211e19 R08: 0000000000000004 R09: 0000000000000000
[  566.235404][T11534] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  566.235417][T11534] R13: 00007fabcb3c6128 R14: 00007fabcb3c6090 R15: 00007fff2aee4128
[  566.235453][T11534]  </TASK>
[  566.525280][T11534] Mem-Info:
[  566.528601][T11534] active_anon:7375 inactive_anon:0 isolated_anon:0
[  566.528601][T11534]  active_file:3429 inactive_file:40446 isolated_file:0
[  566.528601][T11534]  unevictable:768 dirty:338 writeback:0
[  566.528601][T11534]  slab_reclaimable:11626 slab_unreclaimable:99165
[  566.528601][T11534]  mapped:32711 shmem:4428 pagetables:1000
[  566.528601][T11534]  sec_pagetables:0 bounce:0
[  566.528601][T11534]  kernel_misc_reclaimable:0
[  566.528601][T11534]  free:1306578 free_pcp:24482 free_cma:0
[  566.574296][T11534] Node 0 active_anon:29500kB inactive_anon:0kB active_file:13716kB inactive_file:161584kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:130844kB dirty:1352kB writeback:0kB shmem:16176kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12252kB pagetables:3784kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  566.606663][T11534] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:216kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  566.638226][T11534] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  566.668635][T11534] lowmem_reserve[]: 0 2497 2498 2498 2498
[  566.674730][T11534] Node 0 DMA32 free:1318732kB boost:0kB min:34232kB low:42788kB high:51344kB reserved_highatomic:0KB free_highatomic:0KB active_anon:29452kB inactive_anon:0kB active_file:13716kB inactive_file:160260kB unevictable:1536kB writepending:1352kB zspages:0kB present:3129332kB managed:2557168kB mlocked:0kB bounce:0kB free_pcp:74216kB local_pcp:55184kB free_cma:0kB
[  566.708854][T11534] lowmem_reserve[]: 0 0 1 1 1
[  566.713808][T11534] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1324kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  566.745452][T11534] lowmem_reserve[]: 0 0 0 0 0
[  566.750514][T11534] Node 1 Normal free:3892212kB boost:0kB min:55652kB low:69564kB high:83476kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:23704kB local_pcp:12832kB free_cma:0kB
[  566.783620][T11534] lowmem_reserve[]: 0 0 0 0 0
[  566.788878][T11534] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  566.803323][T11534] Node 0 DMA32: 654*4kB (UE) 640*8kB (UME) 304*16kB (UE) 1389*32kB (UME) 667*64kB (UME) 237*128kB (UME) 69*256kB (UME) 43*512kB (UM) 24*1024kB (UME) 5*2048kB (UME) 272*4096kB (M) = 1318680kB
[  566.823954][T11534] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  566.839992][T11534] Node 1 Normal: 199*4kB (UE) 73*8kB (UME) 41*16kB (UME) 154*32kB (UME) 49*64kB (UME) 11*128kB (UME) 9*256kB (UME) 7*512kB (UM) 6*1024kB (UME) 5*2048kB (UE) 942*4096kB (UM) = 3892212kB
[  566.859439][T11534] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  566.869557][T11534] Node 0 hugepages_total=3 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  566.879156][T11534] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  566.888917][T11534] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  566.898629][T11534] 48286 total pagecache pages
[  566.903479][T11534] 0 pages in swap cache
[  566.907877][T11534] Free swap  = 124996kB
[  566.912166][T11534] Total swap = 124996kB
[  566.916668][T11534] 2097051 pages RAM
[  566.920810][T11534] 0 pages HighMem/MovableOnly
[  566.925831][T11534] 425797 pages reserved
[  566.931106][T11534] 0 pages cma reserved
[  569.919502][T11547] afs: Unknown parameter 'ÿÿ'
[  571.260510][T11571] tipc: Failed to remove unknown binding: 66,1,1/0:546405929/546405931
[  571.271805][T11571] tipc: Failed to remove unknown binding: 66,1,1/0:546405929/546405931
[  573.741255][T11591] F2FS-fs (loop8): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  573.749599][T11591] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  573.761065][T11591] F2FS-fs (loop8): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  573.768930][T11591] F2FS-fs (loop8): Can't find valid F2FS filesystem in 2th superblock
[  577.043181][T11589] syz.2.1467: vmalloc error: size 33558528, failed to allocated page array size 65544, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[  577.064277][T11589] CPU: 0 UID: 0 PID: 11589 Comm: syz.2.1467 Not tainted syzkaller #0 PREEMPT(full) 
[  577.064311][T11589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  577.064326][T11589] Call Trace:
[  577.064335][T11589]  <TASK>
[  577.064345][T11589]  dump_stack_lvl+0x189/0x250
[  577.064383][T11589]  ? __pfx_dump_stack_lvl+0x10/0x10
[  577.064410][T11589]  ? __pfx__printk+0x10/0x10
[  577.064448][T11589]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  577.064472][T11589]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  577.064499][T11589]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  577.064526][T11589]  warn_alloc+0x214/0x310
[  577.064565][T11589]  ? __pfx_warn_alloc+0x10/0x10
[  577.064605][T11589]  ? __get_vm_area_node+0x28f/0x300
[  577.064631][T11589]  ? hash_ipmark_create+0x3e6/0x1080
[  577.064659][T11589]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  577.064709][T11589]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  577.064733][T11589]  ? hash_ipmark_create+0x3e6/0x1080
[  577.064759][T11589]  ? rcu_is_watching+0x15/0xb0
[  577.064776][T11589]  ? hash_ipmark_create+0x3e6/0x1080
[  577.064799][T11589]  __kvmalloc_node_noprof+0x674/0x910
[  577.064824][T11589]  ? hash_ipmark_create+0x3e6/0x1080
[  577.064855][T11589]  ? __kmalloc_cache_noprof+0x3d5/0x6f0
[  577.064884][T11589]  ? hash_ipmark_create+0x387/0x1080
[  577.064918][T11589]  hash_ipmark_create+0x3e6/0x1080
[  577.064957][T11589]  ? __nla_parse+0x40/0x60
[  577.064980][T11589]  ? __pfx_hash_ipmark_create+0x10/0x10
[  577.065012][T11589]  ip_set_create+0xa97/0x1940
[  577.065043][T11589]  ? ip_set_create+0x4a2/0x1940
[  577.065086][T11589]  ? __pfx_ip_set_create+0x10/0x10
[  577.065154][T11589]  nfnetlink_rcv_msg+0xb4a/0x1130
[  577.065187][T11589]  ? nfnetlink_rcv_msg+0x20d/0x1130
[  577.065251][T11589]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  577.065279][T11589]  ? kmem_cache_free+0x19a/0x690
[  577.065361][T11589]  netlink_rcv_skb+0x205/0x470
[  577.065382][T11589]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  577.065408][T11589]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  577.065440][T11589]  ? bpf_lsm_capable+0x9/0x20
[  577.065462][T11589]  ? security_capable+0x7e/0x2e0
[  577.065492][T11589]  nfnetlink_rcv+0x26a/0x2520
[  577.065520][T11589]  ? __dev_queue_xmit+0x1d79/0x3b50
[  577.065552][T11589]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  577.065577][T11589]  ? lockdep_hardirqs_on+0x9c/0x150
[  577.065594][T11589]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  577.065619][T11589]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  577.065645][T11589]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  577.065674][T11589]  ? rcu_preempt_deferred_qs_irqrestore+0x89c/0xce0
[  577.065711][T11589]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  577.065741][T11589]  ? rcu_is_watching+0x15/0xb0
[  577.065757][T11589]  ? rcu_read_unlock_special+0x3a2/0x4b0
[  577.065780][T11589]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  577.065800][T11589]  ? netlink_deliver_tap+0x2e/0x1b0
[  577.065821][T11589]  ? netlink_deliver_tap+0x2e/0x1b0
[  577.065843][T11589]  netlink_unicast+0x82c/0x9e0
[  577.065874][T11589]  ? __pfx_netlink_unicast+0x10/0x10
[  577.065899][T11589]  ? netlink_sendmsg+0x642/0xb30
[  577.065913][T11589]  ? skb_put+0x11b/0x210
[  577.065933][T11589]  netlink_sendmsg+0x805/0xb30
[  577.065957][T11589]  ? __pfx_netlink_sendmsg+0x10/0x10
[  577.065976][T11589]  ? aa_sock_msg_perm+0xf1/0x1d0
[  577.065993][T11589]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  577.066008][T11589]  ? __pfx_netlink_sendmsg+0x10/0x10
[  577.066025][T11589]  __sock_sendmsg+0x21c/0x270
[  577.066051][T11589]  ____sys_sendmsg+0x505/0x830
[  577.066074][T11589]  ? __pfx_____sys_sendmsg+0x10/0x10
[  577.066101][T11589]  ? import_iovec+0x74/0xa0
[  577.066125][T11589]  ___sys_sendmsg+0x21f/0x2a0
[  577.066146][T11589]  ? __pfx____sys_sendmsg+0x10/0x10
[  577.066198][T11589]  ? __fget_files+0x2a/0x420
[  577.066220][T11589]  ? __fget_files+0x3a0/0x420
[  577.066252][T11589]  __x64_sys_sendmsg+0x19b/0x260
[  577.066273][T11589]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  577.066306][T11589]  ? do_syscall_64+0xbe/0xfa0
[  577.066325][T11589]  do_syscall_64+0xfa/0xfa0
[  577.066339][T11589]  ? lockdep_hardirqs_on+0x9c/0x150
[  577.066353][T11589]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  577.066369][T11589]  ? clear_bhb_loop+0x60/0xb0
[  577.066390][T11589]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  577.066407][T11589] RIP: 0033:0x7fabcb18ebe9
[  577.066426][T11589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  577.066449][T11589] RSP: 002b:00007fabcc042038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  577.066471][T11589] RAX: ffffffffffffffda RBX: 00007fabcb3c6180 RCX: 00007fabcb18ebe9
[  577.066486][T11589] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000007
[  577.066498][T11589] RBP: 00007fabcb211e19 R08: 0000000000000000 R09: 0000000000000000
[  577.066509][T11589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  577.066521][T11589] R13: 00007fabcb3c6218 R14: 00007fabcb3c6180 R15: 00007fff2aee4128
[  577.066557][T11589]  </TASK>
[  577.548131][T11589] Mem-Info:
[  577.551286][T11589] active_anon:9241 inactive_anon:0 isolated_anon:0
[  577.551286][T11589]  active_file:3429 inactive_file:40452 isolated_file:0
[  577.551286][T11589]  unevictable:768 dirty:362 writeback:0
[  577.551286][T11589]  slab_reclaimable:11708 slab_unreclaimable:98384
[  577.551286][T11589]  mapped:32241 shmem:4448 pagetables:1010
[  577.551286][T11589]  sec_pagetables:0 bounce:0
[  577.551286][T11589]  kernel_misc_reclaimable:0
[  577.551286][T11589]  free:1306420 free_pcp:24157 free_cma:0
[  577.827570][T11589] Node 0 active_anon:32764kB inactive_anon:0kB active_file:13716kB inactive_file:161608kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:128832kB dirty:1444kB writeback:0kB shmem:16256kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12080kB pagetables:3824kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  577.859622][T11589] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:216kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  577.894917][T11589] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  577.924947][T11589] lowmem_reserve[]: 0 2497 2498 2498 2498
[  577.934108][T11589] Node 0 DMA32 free:1317372kB boost:0kB min:34232kB low:42788kB high:51344kB reserved_highatomic:0KB free_highatomic:0KB active_anon:32816kB inactive_anon:0kB active_file:13716kB inactive_file:160284kB unevictable:1536kB writepending:1444kB zspages:0kB present:3129332kB managed:2557168kB mlocked:0kB bounce:0kB free_pcp:78604kB local_pcp:59276kB free_cma:0kB
[  577.969744][T11589] lowmem_reserve[]: 0 0 1 1 1
[  577.974517][T11589] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1324kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  578.004697][T11589] lowmem_reserve[]: 0 0 0 0 0
[  578.009499][T11589] Node 1 Normal free:3892972kB boost:0kB min:55652kB low:69564kB high:83476kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:22944kB local_pcp:12832kB free_cma:0kB
[  578.047897][T11589] lowmem_reserve[]: 0 0 0 0 0
[  578.052771][T11589] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  578.305043][T11589] Node 0 DMA32: 725*4kB (UME) 441*8kB (UME) 278*16kB (UME) 1471*32kB (UE) 577*64kB (UME) 284*128kB (UME) 71*256kB (UME) 43*512kB (UM) 25*1024kB (UME) 4*2048kB (ME) 271*4096kB (M) = 1315228kB
[  579.781264][T11602] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  579.799858][T11589] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  579.825426][T11589] Node 1 Normal: 199*4kB (UE) 72*8kB (UME) 41*16kB (UME) 156*32kB (UME) 48*64kB (UME) 11*128kB (UME) 6*256kB (UME) 6*512kB (UM) 6*1024kB (UME) 4*2048kB (UE) 943*4096kB (UM) = 3892972kB
[  579.888521][T11589] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  580.109929][T11589] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  580.840346][T11589] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  580.885062][T11589] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  580.894421][T11589] 49137 total pagecache pages
[  580.904779][T11589] 0 pages in swap cache
[  580.931586][T11589] Free swap  = 124996kB
[  581.142254][T11589] Total swap = 124996kB
[  581.908939][T11589] 2097051 pages RAM
[  581.932601][T11589] 0 pages HighMem/MovableOnly
[  581.947785][T11621] netlink: 92 bytes leftover after parsing attributes in process `syz.9.1477'.
[  581.957246][T11589] 425797 pages reserved
[  581.962665][T11602] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  581.999029][T11589] 0 pages cma reserved
[  582.269894][T11628] netlink: 'syz.9.1480': attribute type 10 has an invalid length.
[  582.961554][T11602] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.990897][T11628] batman_adv: batadv0: Interface deactivated: dummy0
[  583.062724][T11628] batman_adv: batadv0: Removing interface: dummy0
[  583.083698][T11628] team0: Port device dummy0 added
[  583.152442][T11602] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  583.372419][T11284] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  583.394808][T11284] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  583.403086][T11636] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  583.417565][T11284] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  583.429159][T11284] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  583.518594][T11636] netlink: 'syz.8.1481': attribute type 1 has an invalid length.
[  583.982574][T11636] 8021q: adding VLAN 0 to HW filter on device bond2
[  585.439668][T11639] vlan2: entered allmulticast mode
[  585.496361][T11639] bond2: (slave vlan2): Opening slave failed
[  585.532843][T11649] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1485'.
[  585.737625][T11649] hsr_slave_0: left promiscuous mode
[  586.129339][T11649] hsr_slave_1: left promiscuous mode
[  587.548521][T11664] loop2: detected capacity change from 0 to 128
[  587.677265][ T5864] Bluetooth: hci0: unexpected event for opcode 0x2006
[  587.697199][T11664] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  587.799229][T11664] ext4 filesystem being mounted at /89/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  588.093186][T11664] EXT4-fs error (device loop2): dx_make_map:1296: inode #2: block 20: comm syz.2.1490: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[  588.708515][T11664] EXT4-fs (loop2): Remounting filesystem read-only
[  589.082021][ T9908] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  594.211666][T11723] loop7: detected capacity change from 0 to 16
[  594.230027][T11723] erofs (device loop7): mounted with root inode @ nid 36.
[  594.375150][T11724] erofs (device loop7): bogus lookback distance 1586 @ lcn 46 of nid 36
[  594.383920][T11724] erofs (device loop7): readahead error at folio 47 @ nid 36
[  594.391622][T11724] erofs (device loop7): bogus lookback distance 1586 @ lcn 46 of nid 36
[  594.400040][T11724] erofs (device loop7): readahead error at folio 46 @ nid 36
[  594.407870][T11724] erofs (device loop7): readahead error at folio 45 @ nid 36
[  594.418679][T11724] erofs (device loop7): bogus lookback distance 1388 @ lcn 42 of nid 36
[  594.427418][T11724] erofs (device loop7): readahead error at folio 43 @ nid 36
[  594.435063][T11724] erofs (device loop7): bogus lookback distance 1388 @ lcn 42 of nid 36
[  594.443664][T11724] erofs (device loop7): readahead error at folio 42 @ nid 36
[  594.451381][T11724] erofs (device loop7): bogus lookback distance 774 @ lcn 40 of nid 36
[  594.459840][T11724] erofs (device loop7): readahead error at folio 41 @ nid 36
[  594.467487][T11724] erofs (device loop7): bogus lookback distance 774 @ lcn 40 of nid 36
[  594.476105][T11724] erofs (device loop7): readahead error at folio 40 @ nid 36
[  594.483816][T11724] erofs (device loop7): readahead error at folio 39 @ nid 36
[  594.491453][T11724] erofs (device loop7): readahead error at folio 38 @ nid 36
[  594.502083][T11724] erofs (device loop7): readahead error at folio 36 @ nid 36
[  594.510668][T11724] erofs (device loop7): bogus lookback distance 1468 @ lcn 31 of nid 36
[  594.519405][T11724] erofs (device loop7): readahead error at folio 31 @ nid 36
[  594.528245][T11724] erofs (device loop7): readahead error at folio 25 @ nid 36
[  594.536096][T11724] erofs (device loop7): readahead error at folio 24 @ nid 36
[  594.544526][T11724] erofs (device loop7): readahead error at folio 19 @ nid 36
[  594.557717][T11724] bio_check_eod: 4 callbacks suppressed
[  594.557743][T11724] syz.7.1504: attempt to access beyond end of device
[  594.557743][T11724] loop7: rw=524288, sector=784, nr_sectors = 64 limit=16
[  594.578139][T11724] syz.7.1504: attempt to access beyond end of device
[  594.578139][T11724] loop7: rw=524288, sector=13478624080, nr_sectors = 24 limit=16
[  594.593362][T11724] syz.7.1504: attempt to access beyond end of device
[  594.593362][T11724] loop7: rw=524288, sector=13478624032, nr_sectors = 48 limit=16
[  594.608588][T11724] syz.7.1504: attempt to access beyond end of device
[  594.608588][T11724] loop7: rw=524288, sector=16, nr_sectors = 16 limit=16
[  597.677346][T11736] netlink: 28 bytes leftover after parsing attributes in process `syz.9.1508'.
[  597.686476][T11736] netlink: 28 bytes leftover after parsing attributes in process `syz.9.1508'.
[  597.762342][T11736] team0: entered promiscuous mode
[  597.789208][T11736] team_slave_1: entered promiscuous mode
[  597.805208][T11736] geneve0: entered promiscuous mode
[  597.810708][T11736] dummy0: entered promiscuous mode
[  597.856702][T11736] erspan0: entered promiscuous mode
[  597.892832][T11736] debugfs: 'hsr0' already exists in 'hsr'
[  597.923317][T11736] Cannot create hsr debugfs directory
[  597.932040][T11736] hsr0: Slave A (team0) is not up; please bring it up to get a fully working HSR network
[  605.607348][T11795] netlink: 'syz.2.1525': attribute type 3 has an invalid length.
[  605.617397][T11795] netlink: 'syz.2.1525': attribute type 3 has an invalid length.
[  605.629963][T11795] netlink: 'syz.2.1525': attribute type 3 has an invalid length.
[  605.640983][T11795] netlink: 'syz.2.1525': attribute type 3 has an invalid length.
[  605.835388][T11795] netlink: 'syz.2.1525': attribute type 3 has an invalid length.
[  605.847682][T11795] netlink: 'syz.2.1525': attribute type 3 has an invalid length.
[  605.857050][T11795] netlink: 'syz.2.1525': attribute type 3 has an invalid length.
[  605.865742][T11795] netlink: 'syz.2.1525': attribute type 3 has an invalid length.
[  605.874559][T11795] netlink: 'syz.2.1525': attribute type 3 has an invalid length.
[  606.464799][T11795] netlink: 'syz.2.1525': attribute type 3 has an invalid length.
[  607.219298][T11808] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1528'.
[  607.229075][T11808] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1528'.
[  608.373499][T11813] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1541'.
[  611.138007][T11835] loop4: detected capacity change from 0 to 64
[  611.416767][T11838] loop7: detected capacity change from 0 to 1024
[  611.677520][T11837] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  611.710205][T11837] hfsplus: xattr searching failed
[  611.758801][   T30] audit: type=1800 audit(2000000436.300:170): pid=11837 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1535" name="memory.events" dev="loop7" ino=26 res=0 errno=0
[  611.760653][T11838] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  611.840171][T11844] loop8: detected capacity change from 0 to 1024
[  611.855573][T11838] hfsplus: xattr searching failed
[  611.921371][T11844] EXT4-fs: Ignoring removed orlov option
[  611.964021][T11844] EXT4-fs: Ignoring removed nomblk_io_submit option
[  612.066141][T11837] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  612.080962][T11837] hfsplus: xattr search failed
[  612.087812][T11837] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  612.125241][T11837] hfsplus: xattr search failed
[  612.190474][T11844] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  612.295324][T11284] hfsplus: b-tree write err: -5, ino 4
[  613.202952][T11857] 9pnet_virtio: no channels available for device syz
[  613.495405][ T9934] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  617.576484][T11877] netlink: 28 bytes leftover after parsing attributes in process `syz.9.1546'.
[  618.018659][T11885] netlink: 28 bytes leftover after parsing attributes in process `syz.9.1546'.
[  619.330966][T11887] loop7: detected capacity change from 0 to 1024
[  619.379160][   T30] audit: type=1800 audit(2000000443.920:171): pid=11887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1549" name="file1" dev="loop7" ino=20 res=0 errno=0
[  619.437955][T11900] overlayfs: failed to get inode (-116)
[  619.444484][T11900] overlayfs: failed to get inode (-116)
[  619.472878][T11887] veth3: entered promiscuous mode
[  619.517672][T11903] validate_nla: 43 callbacks suppressed
[  619.517688][T11903] netlink: 'syz.2.1553': attribute type 1 has an invalid length.
[  619.894693][   T30] audit: type=1326 audit(2000000444.430:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11904 comm="syz.4.1555" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb950f8ebe9 code=0x0
[  620.685023][ T8066] usb 9-1: new full-speed USB device number 4 using dummy_hcd
[  620.820179][T11920] netlink: 2 bytes leftover after parsing attributes in process `syz.9.1559'.
[  621.510429][ T8066] usb 9-1: config index 0 descriptor too short (expected 35577, got 27)
[  621.522905][ T8066] usb 9-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  621.539038][ T8066] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 92
[  621.548572][ T8066] usb 9-1: config 1 has no interface number 0
[  621.558511][ T8066] usb 9-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  621.617938][ T8066] usb 9-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  621.649840][ T8066] usb 9-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  621.699885][ T8066] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  621.744357][ T8066] snd_usb_pod 9-1:1.1: Line 6 Pocket POD found
[  622.000938][T11936] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1563'.
[  622.011632][T11936] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1563'.
[  622.028883][ T8066] snd_usb_pod 9-1:1.1: Line 6 Pocket POD now attached
[  622.035954][ T8065] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  622.131038][ T8066] usb 9-1: USB disconnect, device number 4
[  622.146070][ T8066] snd_usb_pod 9-1:1.1: Line 6 Pocket POD now disconnected
[  622.234961][ T8065] usb 3-1: Using ep0 maxpacket: 8
[  622.243475][ T8065] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  622.257932][ T8065] usb 3-1: config 0 has no interfaces?
[  622.741427][ T8065] usb 3-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  622.751913][ T8065] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  622.776022][ T8065] usb 3-1: Product: syz
[  622.786787][ T8065] usb 3-1: Manufacturer: syz
[  622.808262][ T8065] usb 3-1: SerialNumber: syz
[  622.830751][ T8065] usb 3-1: config 0 descriptor??
[  623.070524][T11931] tipc: Started in network mode
[  623.075702][T11931] tipc: Node identity 7f000001, cluster identity 4711
[  623.288829][T11931] tipc: Enabled bearer <udp:syz2>, priority 10
[  623.483095][T11931] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  623.530437][T11931] tipc: Enabled bearer <udp:syz0>, priority 10
[  623.548312][ T8080] usb 3-1: USB disconnect, device number 5
[  624.575353][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  624.584037][ T8065] tipc: Node number set to 2130706433
[  625.282820][   T30] audit: type=1326 audit(2000000449.720:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11958 comm="syz.2.1570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabcb18ebe9 code=0x7ffc0000
[  625.507938][   T30] audit: type=1326 audit(2000000449.720:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11958 comm="syz.2.1570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabcb18ebe9 code=0x7ffc0000
[  625.647845][   T30] audit: type=1326 audit(2000000449.720:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11958 comm="syz.2.1570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fabcb18ebe9 code=0x7ffc0000
[  625.753331][   T30] audit: type=1326 audit(2000000449.720:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11958 comm="syz.2.1570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabcb18ebe9 code=0x7ffc0000
[  626.135662][   T30] audit: type=1326 audit(2000000449.720:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11958 comm="syz.2.1570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fabcb18ebe9 code=0x7ffc0000
[  626.171159][T11967] loop7: detected capacity change from 0 to 128
[  626.300498][T11967] qnx6: superblock #1 checksum error
[  626.363582][   T30] audit: type=1326 audit(2000000449.780:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11958 comm="syz.2.1570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabcb18ebe9 code=0x7ffc0000
[  626.459605][   T30] audit: type=1326 audit(2000000449.780:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11958 comm="syz.2.1570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabcb18ebe9 code=0x7ffc0000
[  627.876725][T11983] loop8: detected capacity change from 0 to 256
[  633.358084][T12024] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1590'.
[  635.340495][T12048] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.1595'.
[  635.852928][   T30] audit: type=1326 audit(2000000460.390:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12060 comm="syz.9.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309578ebe9 code=0x7ffc0000
[  635.994184][   T30] audit: type=1326 audit(2000000460.390:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12060 comm="syz.9.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309578ebe9 code=0x7ffc0000
[  636.035985][   T30] audit: type=1326 audit(2000000460.440:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12060 comm="syz.9.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f309578ebe9 code=0x7ffc0000
[  636.065011][   T30] audit: type=1326 audit(2000000460.440:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12060 comm="syz.9.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309578ebe9 code=0x7ffc0000
[  636.770742][   T30] audit: type=1326 audit(2000000460.440:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12060 comm="syz.9.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309578ebe9 code=0x7ffc0000
[  636.806270][   T30] audit: type=1326 audit(2000000460.440:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12060 comm="syz.9.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f309578ebe9 code=0x7ffc0000
[  636.865887][   T30] audit: type=1326 audit(2000000460.440:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12060 comm="syz.9.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309578ebe9 code=0x7ffc0000
[  637.035129][   T30] audit: type=1326 audit(2000000460.440:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12060 comm="syz.9.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309578ebe9 code=0x7ffc0000
[  637.131095][   T30] audit: type=1326 audit(2000000460.440:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12060 comm="syz.9.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7f309578ebe9 code=0x7ffc0000
[  637.288945][   T30] audit: type=1326 audit(2000000460.440:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12060 comm="syz.9.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309578ebe9 code=0x7ffc0000
[  639.576497][T12086] syz.9.1606 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  640.709790][T12090] 9pnet: p9_errstr2errno: server reported unknown error 184467440737095
[  640.722596][T12097] netlink: 'syz.9.1608': attribute type 4 has an invalid length.
[  640.775451][T12102] netlink: 'syz.9.1608': attribute type 4 has an invalid length.
[  643.935289][T12132] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  647.011526][T12161] loop4: detected capacity change from 0 to 1024
[  647.034737][T12161] ext2: Bad value for 'barrier'
[  647.149139][T12166] netlink: 'syz.8.1625': attribute type 3 has an invalid length.
[  647.157459][T12166] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1625'.
[  648.380198][T12190] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  648.380198][T12190] The task syz.8.1630 (12190) triggered the difference, watch for misbehavior.
[  648.392795][T12191] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1633'.
[  648.415372][T12189] loop4: detected capacity change from 0 to 1024
[  648.511883][T12195] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  653.097009][ T5182] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  653.128832][ T5182] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  653.138226][ T5182] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  653.152267][ T5182] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  653.160443][ T5182] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  653.255116][T11283] hfsplus: bad catalog file entry
[  653.290440][T11283] hfsplus: b-tree write err: -5, ino 3
[  654.776707][T12233] chnl_net:caif_netlink_parms(): no params data found
[  654.935174][   T30] kauditd_printk_skb: 19 callbacks suppressed
[  654.935216][   T30] audit: type=1326 audit(2000000479.330:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12250 comm="syz.4.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb950f8ebe9 code=0x7ffc0000
[  655.447816][   T30] audit: type=1326 audit(2000000479.330:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12250 comm="syz.4.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb950f8ebe9 code=0x7ffc0000
[  655.452495][ T5864] Bluetooth: hci4: command tx timeout
[  655.470494][   T30] audit: type=1326 audit(2000000479.330:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12250 comm="syz.4.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb950f8ebe9 code=0x7ffc0000
[  655.470541][   T30] audit: type=1326 audit(2000000479.330:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12250 comm="syz.4.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb950f8ebe9 code=0x7ffc0000
[  655.538633][   T30] audit: type=1326 audit(2000000479.330:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12250 comm="syz.4.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb950f8ebe9 code=0x7ffc0000
[  655.608561][   T30] audit: type=1326 audit(2000000479.330:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12250 comm="syz.4.1652" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb950f8ebe9 code=0x7ffc0000
[  655.901901][T12233] bridge0: port 1(bridge_slave_0) entered blocking state
[  656.135263][T12233] bridge0: port 1(bridge_slave_0) entered disabled state
[  656.858056][T12233] bridge_slave_0: entered allmulticast mode
[  656.867491][T12233] bridge_slave_0: entered promiscuous mode
[  656.906146][T12233] bridge0: port 2(bridge_slave_1) entered blocking state
[  656.933763][T12233] bridge0: port 2(bridge_slave_1) entered disabled state
[  657.015450][T12233] bridge_slave_1: entered allmulticast mode
[  657.030382][T12233] bridge_slave_1: entered promiscuous mode
[  657.370505][T12233] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  657.401142][T12233] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  657.565415][ T5864] Bluetooth: hci4: command tx timeout
[  657.682238][T12233] team0: Port device team_slave_0 added
[  657.837012][T12233] team0: Port device team_slave_1 added
[  658.137516][T12233] batman_adv: batadv0: Adding interface: batadv_slave_0
[  658.172360][T12233] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  658.287122][T12233] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  658.347323][T12233] batman_adv: batadv0: Adding interface: batadv_slave_1
[  658.354335][T12233] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  658.606527][T12233] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  658.705014][ T8080] usb 3-1: new low-speed USB device number 6 using dummy_hcd
[  658.892817][ T8080] usb 3-1: config 0 has no interfaces?
[  659.399001][ T8080] usb 3-1: string descriptor 0 read error: -22
[  659.410703][ T8080] usb 3-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  659.423892][ T8080] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  659.435588][ T8080] usb 3-1: config 0 descriptor??
[  659.644938][ T5864] Bluetooth: hci4: command tx timeout
[  659.674562][T12288] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  660.254003][T12288] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  660.304361][T12288] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  660.402403][T12288] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  660.452002][T12233] hsr_slave_0: entered promiscuous mode
[  660.476139][T12233] hsr_slave_1: entered promiscuous mode
[  660.483127][T12233] debugfs: 'hsr0' already exists in 'hsr'
[  660.495717][T12233] Cannot create hsr debugfs directory
[  661.248234][T12288] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1658'.
[  661.266681][T12288] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1658'.
[  661.578445][ T5950] usb 3-1: USB disconnect, device number 6
[  661.831467][ T5864] Bluetooth: hci4: command tx timeout
[  662.689889][T12323] loop2: detected capacity change from 0 to 128
[  662.739435][T12323] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  662.751885][T12323] ext4 filesystem being mounted at /129/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  662.911495][ T9908] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  663.009742][T12329] syz_tun: entered allmulticast mode
[  663.034536][T12330] vlan2: entered promiscuous mode
[  663.050045][T12330] vlan2: entered allmulticast mode
[  663.059978][T12330] hsr_slave_1: entered allmulticast mode
[  663.164528][T12331] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1671'.
[  664.324576][T12326] syz_tun: left allmulticast mode
[  664.823713][   T30] audit: type=1326 audit(2000000489.360:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12335 comm="syz.8.1673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff725f8ebe9 code=0x7fc00000
[  665.620629][   T30] audit: type=1326 audit(2000000489.360:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12335 comm="syz.8.1673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff725f8ebe9 code=0x7fc00000
[  665.697360][   T30] audit: type=1326 audit(2000000489.360:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12335 comm="syz.8.1673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff725f8ebe9 code=0x7fc00000
[  665.738804][   T30] audit: type=1326 audit(2000000489.360:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12335 comm="syz.8.1673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff725f8ebe9 code=0x7fc00000
[  666.412362][T12233] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  666.421464][   T30] audit: type=1326 audit(2000000489.360:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12335 comm="syz.8.1673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff725f8ebe9 code=0x7fc00000
[  666.459650][T12233] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  666.468106][   T30] audit: type=1326 audit(2000000489.360:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12335 comm="syz.8.1673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff725f8ebe9 code=0x7fc00000
[  666.494393][   T30] audit: type=1326 audit(2000000489.360:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12335 comm="syz.8.1673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff725f8ebe9 code=0x7fc00000
[  666.517333][   T30] audit: type=1326 audit(2000000489.360:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12335 comm="syz.8.1673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff725f8ebe9 code=0x7fc00000
[  666.539952][   T30] audit: type=1326 audit(2000000489.380:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12335 comm="syz.8.1673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff725f8ebe9 code=0x7fc00000
[  666.562842][   T30] audit: type=1326 audit(2000000489.380:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12335 comm="syz.8.1673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff725f8ebe9 code=0x7fc00000
[  666.606737][T12233] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  666.634014][T12233] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  666.934945][T12233] 8021q: adding VLAN 0 to HW filter on device bond0
[  667.574516][T12233] 8021q: adding VLAN 0 to HW filter on device team0
[  667.844442][T12372] xt_time: invalid argument - start or stop time greater than 23:59:59
[  668.264019][T11283] bridge0: port 1(bridge_slave_0) entered blocking state
[  668.271306][T11283] bridge0: port 1(bridge_slave_0) entered forwarding state
[  668.597527][T11283] bridge0: port 2(bridge_slave_1) entered blocking state
[  668.604916][T11283] bridge0: port 2(bridge_slave_1) entered forwarding state
[  668.675088][T12378] random: crng reseeded on system resumption
[  671.695914][T12233] 8021q: adding VLAN 0 to HW filter on device batadv0
[  673.288532][T12233] veth0_vlan: entered promiscuous mode
[  673.388385][T12233] veth1_vlan: entered promiscuous mode
[  673.483409][T12416] netdevsim netdevsim9 : renamed from netdevsim0 (while UP)
[  673.732965][T12233] veth0_macvtap: entered promiscuous mode
[  673.837446][T12233] veth1_macvtap: entered promiscuous mode
[  674.006402][T12233] batman_adv: batadv0: Interface activated: batadv_slave_0
[  674.072927][T12233] batman_adv: batadv0: Interface activated: batadv_slave_1
[  674.177864][ T1338] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  674.226919][ T1338] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  674.310917][ T1338] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  674.350672][ T1338] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  675.691714][T11213] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  675.851796][T11213] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  675.897667][T12432] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1696'.
[  676.685973][T11213] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  676.745056][T11213] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  677.579867][T12451] netlink: 'syz.4.1703': attribute type 39 has an invalid length.
[  680.468615][T12473] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1707'.
[  680.738212][T12478] loop5: detected capacity change from 0 to 8
[  680.958623][T12478] SQUASHFS error: zlib decompression failed, data probably corrupt
[  681.705228][T12478] SQUASHFS error: Failed to read block 0x9b: -5
[  681.711652][T12478] SQUASHFS error: Unable to read metadata cache entry [99]
[  681.825358][T12478] SQUASHFS error: Unable to read inode 0x127
[  682.097202][T12486] netlink: 'syz.2.1711': attribute type 1 has an invalid length.
[  682.233275][T12478] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1708'.
[  682.346301][T12491] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1711'.
[  682.433550][T12486] 8021q: adding VLAN 0 to HW filter on device bond3
[  682.440995][T12478] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1708'.
[  682.909364][T12499] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  684.527633][T12490] bond3: (slave bridge2): making interface the new active one
[  684.569551][T12490] bond3: (slave bridge2): Enslaving as an active interface with an up link
[  685.878355][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  687.594967][ T8079] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  687.914914][ T8079] usb 9-1: Using ep0 maxpacket: 16
[  687.979034][T12520] lo speed is unknown, defaulting to 1000
[  687.995768][T12520] lo speed is unknown, defaulting to 1000
[  687.995976][ T8079] usb 9-1: config 0 has no interfaces?
[  688.022881][T12520] lo speed is unknown, defaulting to 1000
[  688.047051][ T8079] usb 9-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 8.f8
[  688.088122][ T8079] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  688.088326][T12521] netlink: 'syz.4.1721': attribute type 10 has an invalid length.
[  688.152608][ T8079] usb 9-1: Product: syz
[  688.171311][ T8079] usb 9-1: Manufacturer: syz
[  688.173949][T12520] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  688.184937][ T8079] usb 9-1: SerialNumber: syz
[  688.230793][ T8079] usb 9-1: config 0 descriptor??
[  688.263932][T12521] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  688.327682][T12520] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  688.517051][ T8073] usb 9-1: USB disconnect, device number 5
[  688.695110][T12520] lo speed is unknown, defaulting to 1000
[  688.728799][T12520] lo speed is unknown, defaulting to 1000
[  688.818344][T12520] lo speed is unknown, defaulting to 1000
[  688.866659][T12520] lo speed is unknown, defaulting to 1000
[  688.875992][T12520] lo speed is unknown, defaulting to 1000
[  688.886578][T12520] lo speed is unknown, defaulting to 1000
[  689.743422][T12536] ISOFS: Unable to identify CD-ROM format.
[  693.761284][   T30] kauditd_printk_skb: 65 callbacks suppressed
[  693.761303][   T30] audit: type=1326 audit(2000000518.300:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12564 comm="syz.8.1734" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff725f8ebe9 code=0x0
[  693.819389][ T5864] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  698.079756][T12595] Invalid ELF header magic: != ELF
[  703.126137][T12630] loop4: detected capacity change from 0 to 1024
[  703.169546][T12630] EXT4-fs: Ignoring removed nobh option
[  703.196839][T12630] EXT4-fs: Ignoring removed bh option
[  703.275798][T12630] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  703.817345][   T30] audit: type=1804 audit(2000000528.190:291): pid=12643 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1750" name="/newroot/398/bus/bus" dev="loop4" ino=18 res=1 errno=0
[  704.547031][T12652] delete_channel: no stack
[  705.162872][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  706.205120][   T30] audit: type=1326 audit(2000000530.320:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12655 comm="syz.9.1757" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f309578ebe9 code=0x0
[  711.155103][T12687] netlink: 'syz.5.1765': attribute type 83 has an invalid length.
[  715.160712][ T5919] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[  715.328712][ T5919] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  715.356182][T12734] overlayfs: failed to clone lowerpath
[  715.366320][ T5919] usb 3-1: New USB device found, idVendor=046d, idProduct=c08a, bcdDevice= 0.00
[  715.385982][ T5919] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  715.415917][ T5919] usb 3-1: config 0 descriptor??
[  716.952114][T12743] loop8: detected capacity change from 0 to 4096
[  717.088460][T11227] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  717.211977][T12743] ntfs3(loop8): Different NTFS sector size (1024) and media sector size (512).
[  717.401780][T11227] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  717.640735][T11227] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.219634][T11227] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  719.398806][ T5919] usbhid 3-1:0.0: can't add hid device: -71
[  719.410927][ T5919] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  719.495292][ T5919] usb 3-1: USB disconnect, device number 7
[  722.518235][T12784] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1789'.
[  723.282763][T11227] dvmrp0 (unregistering): left allmulticast mode
[  723.856160][T12796] loop4: detected capacity change from 0 to 64
[  723.868009][T12796] hfs: unable to load iocharset "iso8859-3000]b°oö¯ÿ-00002ask=00000002000000000002001"
[  724.450891][ T5864] Bluetooth: hci0: unexpected event for opcode 0x0c7a
[  725.250001][T11227] bond0 (unregistering): Released all slaves
[  730.432946][T12834] loop2: detected capacity change from 0 to 8
[  730.610029][T12834] SQUASHFS error: zlib decompression failed, data probably corrupt
[  730.618815][T12834] SQUASHFS error: Failed to read block 0x9b: -5
[  730.656952][T12834] SQUASHFS error: Unable to read metadata cache entry [99]
[  730.664261][T12834] SQUASHFS error: Unable to read inode 0x127
[  733.505438][T11227] hsr_slave_0: left promiscuous mode
[  733.524386][T12859] netlink: 'syz.9.1809': attribute type 4 has an invalid length.
[  733.555300][T11227] hsr_slave_1: left promiscuous mode
[  733.561211][T11227] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  733.591948][T12860] netlink: 'syz.9.1809': attribute type 4 has an invalid length.
[  733.600558][T11227] batman_adv: batadv0: Removing interface: batadv_slave_0
[  733.631150][T11227] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  733.650106][T11227] batman_adv: batadv0: Removing interface: batadv_slave_1
[  733.764601][T11227] veth1_macvtap: left promiscuous mode
[  733.790318][T11227] veth0_macvtap: left promiscuous mode
[  733.814286][T11227] veth1_vlan: left promiscuous mode
[  733.827232][T11227] veth0_vlan: left promiscuous mode
[  737.628149][T12883] loop4: detected capacity change from 0 to 512
[  737.767464][T12883] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  737.800382][T12883] ext4 filesystem being mounted at /410/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  737.978993][T12883] loop4: detected capacity change from 512 to 127
[  738.028044][T11227] team0 (unregistering): Port device team_slave_1 removed
[  738.107029][T11227] team0 (unregistering): Port device team_slave_0 removed
[  742.416503][T12925] loop8: detected capacity change from 0 to 256
[  742.423812][ T5872] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  742.521642][T12925] exFAT-fs (loop8): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  742.539120][T12925] exFAT-fs (loop8): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  742.730360][T11227] IPVS: stop unused estimator thread 0...
[  743.559859][T12938] loop8: detected capacity change from 0 to 8
[  743.581253][T12938] MTD: Attempt to mount non-MTD device "/dev/loop8"
[  743.588269][T12939] loop2: detected capacity change from 0 to 512
[  744.300291][T12939] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  744.385100][T12939] ext4 filesystem being mounted at /167/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  744.633381][T12947] IPVS: wlc: SCTP 172.20.20.187:0 - no destination available
[  744.781284][ T8066] IPVS: starting estimator thread 0...
[  744.965214][T12948] IPVS: using max 22 ests per chain, 52800 per kthread
[  745.765195][ T9908] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  745.798018][T12955] loop8: detected capacity change from 0 to 16
[  745.858904][T12955] erofs (device loop8): mounted with root inode @ nid 36.
[  745.909937][ T5182] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  745.921016][ T5182] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  745.929866][ T5182] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  745.955498][ T5182] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  745.965301][ T5182] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  746.309816][T12959] erofs (device loop8): readahead error at folio 2 @ nid 89
[  746.321120][T12959] erofs (device loop8): readahead error at folio 1 @ nid 89
[  746.328624][T12959] erofs (device loop8): readahead error at folio 0 @ nid 89
[  746.341555][T12959] syz.8.1836: attempt to access beyond end of device
[  746.341555][T12959] loop8: rw=524288, sector=524296, nr_sectors = 8 limit=16
[  746.357167][T12959] erofs (device loop8): read error -117 @ 0 of nid 89
[  746.417336][   T30] audit: type=1800 audit(2000000570.900:293): pid=12959 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.1836" name="file2" dev="loop8" ino=89 res=0 errno=0
[  746.437060][    C0] vkms_vblank_simulate: vblank timer overrun
[  748.040702][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  748.572238][ T5182] Bluetooth: hci2: command tx timeout
[  748.833479][T12973] capability: warning: `syz.8.1841' uses 32-bit capabilities (legacy support in use)
[  748.848540][T12973] netlink: 996 bytes leftover after parsing attributes in process `syz.8.1841'.
[  750.355750][T11227] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  750.372111][T11227] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  750.384691][T11227] bond0 (unregistering): Released all slaves
[  750.420083][T12956] lo speed is unknown, defaulting to 1000
[  750.609043][ T5182] Bluetooth: hci2: command tx timeout
[  751.707659][T12973] gretap0: left allmulticast mode
[  752.319119][T13000] netlink: 'syz.9.1848': attribute type 39 has an invalid length.
[  752.675124][ T5182] Bluetooth: hci2: command tx timeout
[  753.789191][T13011] binder: 13010:13011 ioctl c0306201 200000000080 returned -14
[  753.914325][T12956] chnl_net:caif_netlink_parms(): no params data found
[  754.755011][ T5182] Bluetooth: hci2: command tx timeout
[  755.029804][T11227] hsr_slave_0: left promiscuous mode
[  755.048914][T11227] hsr_slave_1: left promiscuous mode
[  755.119972][T13030] loop2: detected capacity change from 0 to 2048
[  755.158758][T13030] EXT4-fs: Ignoring removed mblk_io_submit option
[  755.232164][T13030] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  756.645283][ T8066] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  756.945083][ T8066] usb 6-1: Using ep0 maxpacket: 16
[  757.009704][ T8066] usb 6-1: config index 0 descriptor too short (expected 24868, got 36)
[  757.057335][ T8066] usb 6-1: config 97 has too many interfaces: 97, using maximum allowed: 32
[  757.114207][ T8066] usb 6-1: config 97 has an invalid descriptor of length 97, skipping remainder of the config
[  757.231760][ T8066] usb 6-1: config 97 has 0 interfaces, different from the descriptor's value: 97
[  757.248747][ T8066] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  757.270810][ T8066] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  757.318131][T11227] team0 (unregistering): Port device team_slave_1 removed
[  757.413622][T11227] team0 (unregistering): Port device team_slave_0 removed
[  757.495665][T13047] 9pnet: p9_errstr2errno: server reported unknown error Vå?ì
[  757.527167][ T8066] usb 6-1: string descriptor 0 read error: -71
[  757.537636][ T8066] usb 6-1: USB disconnect, device number 2
[  759.111666][T12956] bridge0: port 1(bridge_slave_0) entered blocking state
[  759.124989][T12956] bridge0: port 1(bridge_slave_0) entered disabled state
[  759.137892][T12956] bridge_slave_0: entered allmulticast mode
[  759.147217][T12956] bridge_slave_0: entered promiscuous mode
[  759.176478][T12956] bridge0: port 2(bridge_slave_1) entered blocking state
[  759.215255][T12956] bridge0: port 2(bridge_slave_1) entered disabled state
[  759.235255][T13039] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  759.245115][T12956] bridge_slave_1: entered allmulticast mode
[  759.264329][T12956] bridge_slave_1: entered promiscuous mode
[  759.278860][T13039] EXT4-fs (loop2): Remounting filesystem read-only
[  759.291199][ T9908] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  759.337412][T13055] dvmrp1: entered allmulticast mode
[  760.238459][T12956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  761.102613][T12956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  761.545074][T12956] team0: Port device team_slave_0 added
[  761.606991][T13085] IPv6: Can't replace route, no match found
[  762.118052][T12956] team0: Port device team_slave_1 added
[  763.390626][T12956] batman_adv: batadv0: Adding interface: batadv_slave_0
[  764.261892][T12956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  764.484126][T12956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  764.564587][T12956] batman_adv: batadv0: Adding interface: batadv_slave_1
[  764.603446][T12956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  765.019471][T12956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  765.926037][T13114] binder: 13109:13114 ioctl 400c620e 2000000005c0 returned -22
[  766.220450][T12956] hsr_slave_0: entered promiscuous mode
[  766.256252][T12956] hsr_slave_1: entered promiscuous mode
[  766.297511][T12956] debugfs: 'hsr0' already exists in 'hsr'
[  766.331567][T12956] Cannot create hsr debugfs directory
[  777.512100][T13196] bond_slave_0: entered promiscuous mode
[  777.517994][T13196] bond_slave_1: entered promiscuous mode
[  777.523776][T13196] mac80211_hwsim hwsim23 wlan1: entered promiscuous mode
[  777.550084][T13196] vlan2: entered promiscuous mode
[  777.555313][T13196] bond0: entered promiscuous mode
[  780.785833][ T5182] Bluetooth: hci4: command 0x0406 tx timeout
[  781.134694][T12956] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  781.163448][T12956] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  781.239032][T12956] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  781.288395][T12956] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  781.657299][T13249] netlink: 'syz.2.1907': attribute type 29 has an invalid length.
[  781.666614][T13249] netlink: 'syz.2.1907': attribute type 29 has an invalid length.
[  781.675909][T13249] netlink: 500 bytes leftover after parsing attributes in process `syz.2.1907'.
[  781.685346][T13249] unsupported nla_type 58
[  783.353627][T13261] loop2: detected capacity change from 0 to 1024
[  783.443072][T13261] hfsplus: inconsistency in B*Tree (-1,0,1,1,0)
[  783.505862][T13261] hfsplus: failed to load root directory
[  783.518049][T12956] 8021q: adding VLAN 0 to HW filter on device bond0
[  783.592607][T12956] 8021q: adding VLAN 0 to HW filter on device team0
[  783.837492][T11283] bridge0: port 1(bridge_slave_0) entered blocking state
[  783.844741][T11283] bridge0: port 1(bridge_slave_0) entered forwarding state
[  784.165861][T13277] atomic_op ffff888031ab9998 conn xmit_atomic 0000000000000000
[  784.576465][ T8065] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  784.656817][T11224] bridge0: port 2(bridge_slave_1) entered blocking state
[  784.664066][T11224] bridge0: port 2(bridge_slave_1) entered forwarding state
[  784.744728][ T8065] usb 3-1: Using ep0 maxpacket: 8
[  784.775362][ T8065] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  784.814852][ T8065] usb 3-1: New USB device found, idVendor=0eef, idProduct=72c4, bcdDevice= 0.00
[  784.853795][ T8065] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  784.900120][ T8065] usb 3-1: config 0 descriptor??
[  786.253709][   T30] audit: type=1800 audit(2000000866.793:294): pid=13290 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1916" name="/" dev="9p" ino=2 res=0 errno=0
[  787.083867][ T8065] usbhid 3-1:0.0: can't add hid device: -71
[  787.089933][ T8065] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  787.128034][ T8065] usb 3-1: USB disconnect, device number 8
[  787.241872][T12956] 8021q: adding VLAN 0 to HW filter on device batadv0
[  787.605584][T12956] veth0_vlan: entered promiscuous mode
[  787.770372][T12956] veth1_vlan: entered promiscuous mode
[  787.799796][T12956] veth0_macvtap: entered promiscuous mode
[  788.504497][T12956] veth1_macvtap: entered promiscuous mode
[  788.672486][T12956] batman_adv: batadv0: Interface activated: batadv_slave_0
[  788.693542][T13324] netlink: 'syz.5.1925': attribute type 1 has an invalid length.
[  788.710602][T12956] batman_adv: batadv0: Interface activated: batadv_slave_1
[  789.896139][T13324] 8021q: adding VLAN 0 to HW filter on device bond1
[  789.904176][T13331] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1925'.
[  790.001175][T13328] bond1: (slave bridge1): making interface the new active one
[  790.060335][T13328] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  790.171716][T11283] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  790.204822][T11283] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  790.248384][T11283] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  790.298747][T11213] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  791.113088][T11213] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  791.155758][T11213] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  791.226797][T11213] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  791.245440][T11213] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  794.578236][T13362] netlink: 201372 bytes leftover after parsing attributes in process `syz.2.1932'.
[  802.433141][T13393] loop5: detected capacity change from 0 to 40427
[  802.445145][T13393] f2fs: Unknown parameter 'whint_mode'
[  805.905566][T13452] netlink: 36 bytes leftover after parsing attributes in process `syz.9.1955'.
[  808.781059][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  811.318195][T13495] loop5: detected capacity change from 0 to 1024
[  811.427242][T13495] afs: Unknown parameter 'dy'
[  811.591529][T13495] fuse: Bad value for 'fd'
[  811.856349][ T7194] hfsplus: b-tree write err: -5, ino 4
[  815.550903][ T5864] Bluetooth: hci4: command 0x0406 tx timeout
[  819.354238][T13562] loop2: detected capacity change from 0 to 64
[  819.365970][T13562] hfs: unable to load iocharset "iso8859-3000]b°oö¯ÿ-00002ask=00000002000000000002001"
[  826.567906][ T8077] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  826.773577][ T8077] usb 9-1: Using ep0 maxpacket: 16
[  826.892664][ T8077] usb 9-1: config 2 has an invalid interface number: 78 but max is 0
[  826.944869][ T8077] usb 9-1: config 2 has no interface number 0
[  826.964984][ T8077] usb 9-1: config 2 interface 78 has no altsetting 0
[  826.989355][ T8077] usb 9-1: New USB device found, idVendor=19d2, idProduct=ff70, bcdDevice=82.1b
[  827.013436][ T8077] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  827.031952][ T8077] usb 9-1: Product: syz
[  827.043828][ T8077] usb 9-1: Manufacturer: syz
[  827.048477][ T8077] usb 9-1: SerialNumber: syz
[  828.503777][ T8077] option 9-1:2.78: GSM modem (1-port) converter detected
[  828.516034][ T8077] usb 9-1: USB disconnect, device number 6
[  828.525963][ T8077] option 9-1:2.78: device disconnected
[  830.572460][T13643] loop8: detected capacity change from 0 to 256
[  830.767165][T13643] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  831.376142][   T30] audit: type=1326 audit(2000000911.946:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13642 comm="syz.9.2005" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f309578ebe9 code=0x0
[  834.795830][T13671] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2010'.
[  835.464589][T13677] netlink: 'syz.8.2012': attribute type 1 has an invalid length.
[  835.472670][T13677] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2012'.
[  839.058990][T13694] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma?
[  840.485815][T13712] loop2: detected capacity change from 0 to 16
[  841.217791][T13712] erofs (device loop2): mounted with root inode @ nid 36.
[  841.891483][T13723] erofs (device loop2): bogus lookback distance 1388 @ lcn 42 of nid 36
[  841.930109][T13723] erofs (device loop2): failed to decompress -29 in[58, 4038] out[1851]
[  841.952558][T13724] erofs (device loop2): bogus lookback distance 1388 @ lcn 42 of nid 36
[  841.961296][T13724] erofs (device loop2): bogus lookback distance 1388 @ lcn 42 of nid 36
[  841.971052][T13724] erofs (device loop2): readahead error at folio 42 @ nid 36
[  841.982976][T13723] erofs (device loop2): read error -117 @ 43 of nid 36
[  841.992695][T13724] erofs (device loop2): bogus lookback distance 774 @ lcn 40 of nid 36
[  842.008915][T13724] erofs (device loop2): readahead error at folio 41 @ nid 36
[  842.016988][T13724] erofs (device loop2): bogus lookback distance 774 @ lcn 40 of nid 36
[  842.028924][T13724] erofs (device loop2): readahead error at folio 40 @ nid 36
[  842.036985][T13724] erofs (device loop2): readahead error at folio 39 @ nid 36
[  842.046286][T13724] erofs (device loop2): readahead error at folio 38 @ nid 36
[  842.061123][T13724] erofs (device loop2): readahead error at folio 36 @ nid 36
[  842.069757][T13724] erofs (device loop2): bogus lookback distance 1468 @ lcn 31 of nid 36
[  842.079101][T13724] erofs (device loop2): readahead error at folio 31 @ nid 36
[  842.429761][T13724] erofs (device loop2): readahead error at folio 25 @ nid 36
[  842.437464][T13724] erofs (device loop2): readahead error at folio 24 @ nid 36
[  842.446201][T13724] erofs (device loop2): readahead error at folio 19 @ nid 36
[  842.456860][T13724] syz.2.2022: attempt to access beyond end of device
[  842.456860][T13724] loop2: rw=524288, sector=784, nr_sectors = 64 limit=16
[  842.471969][T13724] syz.2.2022: attempt to access beyond end of device
[  842.471969][T13724] loop2: rw=524288, sector=13478624080, nr_sectors = 24 limit=16
[  842.487799][T13724] syz.2.2022: attempt to access beyond end of device
[  842.487799][T13724] loop2: rw=524288, sector=13478624032, nr_sectors = 48 limit=16
[  842.505559][T13724] erofs (device loop2): failed to decompress -29 in[58, 4038] out[2639]
[  842.515855][T13724] erofs (device loop2): bogus lookback distance 1586 @ lcn 46 of nid 36
[  842.524367][T13724] erofs (device loop2): readahead error at folio 47 @ nid 36
[  842.532113][T13724] erofs (device loop2): bogus lookback distance 1586 @ lcn 46 of nid 36
[  842.540823][T13724] erofs (device loop2): readahead error at folio 46 @ nid 36
[  842.548833][T13724] erofs (device loop2): readahead error at folio 45 @ nid 36
[  842.557891][T13724] syz.2.2022: attempt to access beyond end of device
[  842.557891][T13724] loop2: rw=524288, sector=16, nr_sectors = 16 limit=16
[  842.572769][T13724] erofs (device loop2): failed to decompress -29 in[58, 4038] out[3537]
[  845.176238][   T30] audit: type=1326 audit(2000000925.022:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13736 comm="syz.9.2029" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f309578ebe9 code=0x0
[  848.070297][T13769] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  848.292872][T13767] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2037'.
[  850.389358][T13795] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2044'.
[  855.818168][T13830] loop8: detected capacity change from 0 to 8
[  856.787614][T13830] SQUASHFS error: zlib decompression failed, data probably corrupt
[  856.795750][T13830] SQUASHFS error: Failed to read block 0x9b: -5
[  856.802203][T13830] SQUASHFS error: Unable to read metadata cache entry [99]
[  856.809482][T13830] SQUASHFS error: Unable to read inode 0x127
[  858.966940][ T5926] IPVS: starting estimator thread 0...
[  859.829845][T13852] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  859.902215][T13858] IPVS: using max 32 ests per chain, 76800 per kthread
[  861.646605][T13880] netlink: 176 bytes leftover after parsing attributes in process `syz.5.2065'.
[  866.583632][T13912] 8021q: VLANs not supported on ip6gre0
[  868.320524][T13926] gtp0: entered promiscuous mode
[  868.354108][T13918] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2075'.
[  868.921084][T13937] cgroup: No subsys list or none specified
[  870.147118][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  870.154606][T13944] netlink: 'syz.5.2083': attribute type 1 has an invalid length.
[  870.500565][T13944] 8021q: adding VLAN 0 to HW filter on device bond2
[  871.410293][T13944] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2083'.
[  871.659481][T13950] 8021q: adding VLAN 0 to HW filter on device bond2
[  872.350825][T13945] Bluetooth: hci2: command 0x0406 tx timeout
[  872.461134][T13950] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  872.871210][T13950] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  876.418318][T13981] delete_channel: no stack
[  876.779813][T13953] veth3: entered promiscuous mode
[  876.817946][T13953] bond2: (slave veth3): Enslaving as an active interface with a down link
[  876.877005][T13985] loop3: detected capacity change from 0 to 512
[  876.892821][   T30] audit: type=1326 audit(2000000957.459:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.3.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2f378ebe9 code=0x7ffc0000
[  876.967033][T13985] EXT4-fs: Ignoring removed i_version option
[  876.978241][   T30] audit: type=1326 audit(2000000957.459:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.3.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff2f378ebe9 code=0x7ffc0000
[  877.001559][T13985] EXT4-fs: Ignoring removed mblk_io_submit option
[  877.036057][T13985] EXT4-fs (loop3): Test dummy encryption mode enabled
[  877.039057][T13944] 8021q: adding VLAN 0 to HW filter on device bond2
[  877.064549][   T30] audit: type=1326 audit(2000000957.469:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.3.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ff2f378ebe9 code=0x7ffc0000
[  877.126256][T13985] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c018, mo2=0103]
[  877.138889][   T30] audit: type=1326 audit(2000000957.469:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.3.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff2f378ec23 code=0x7ffc0000
[  877.168491][   T30] audit: type=1326 audit(2000000957.469:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.3.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff2f378d69f code=0x7ffc0000
[  877.191113][   T30] audit: type=1326 audit(2000000957.469:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.3.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7ff2f378ec77 code=0x7ffc0000
[  877.219205][   T30] audit: type=1326 audit(2000000957.469:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.3.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff2f378d550 code=0x7ffc0000
[  877.241704][   T30] audit: type=1326 audit(2000000957.469:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.3.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff2f378e7eb code=0x7ffc0000
[  877.245609][T13985] EXT4-fs error (device loop3): ext4_orphan_get:1392: comm syz.3.2093: inode #13: comm syz.3.2093: iget: illegal inode #
[  877.265043][   T30] audit: type=1326 audit(2000000957.559:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.3.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff2f378d84a code=0x7ffc0000
[  877.326161][   T30] audit: type=1326 audit(2000000957.559:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13984 comm="syz.3.2093" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff2f378d84a code=0x7ffc0000
[  877.358602][T13985] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2093: couldn't read orphan inode 13 (err -117)
[  877.373039][T13985] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  880.160169][T14017] netlink: 'syz.5.2100': attribute type 23 has an invalid length.
[  880.172157][T13985] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  882.241302][T14043] loop2: detected capacity change from 0 to 4096
[  882.673045][T14043] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  882.752208][T14043] ntfs3(loop2): ino=19, mi_enum_attr
[  887.251774][T14074] rdma_op ffff88804ef0c1f0 conn xmit_rdma 0000000000000000
[  891.832035][T14102] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  895.862148][T14129] netlink: 'syz.9.2129': attribute type 12 has an invalid length.
[  901.910051][T14172] loop8: detected capacity change from 0 to 512
[  901.976961][T14175] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2139'.
[  902.366251][T14172] EXT4-fs (loop8): Test dummy encryption mode enabled
[  902.392236][T14172] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  902.969061][T14172] EXT4-fs error (device loop8): ext4_orphan_get:1418: comm syz.8.2141: bad orphan inode 131083
[  903.063452][T14172] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  903.872672][T14189] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2136'.
[  904.286780][ T9934] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  904.536493][   T30] kauditd_printk_skb: 34 callbacks suppressed
[  904.536512][   T30] audit: type=1326 audit(2000000985.142:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14200 comm="syz.2.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabcb18ebe9 code=0x7ffc0000
[  904.722662][   T30] audit: type=1326 audit(2000000985.172:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14200 comm="syz.2.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabcb18ebe9 code=0x7ffc0000
[  904.782536][   T30] audit: type=1326 audit(2000000985.182:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14200 comm="syz.2.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7fabcb18ebe9 code=0x7ffc0000
[  904.817172][   T30] audit: type=1326 audit(2000000985.182:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14200 comm="syz.2.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabcb18ebe9 code=0x7ffc0000
[  905.764450][   T30] audit: type=1326 audit(2000000985.182:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14200 comm="syz.2.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabcb18ebe9 code=0x7ffc0000
[  905.788025][   T30] audit: type=1326 audit(2000000985.182:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14200 comm="syz.2.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fabcb18ebe9 code=0x7ffc0000
[  905.889798][   T30] audit: type=1326 audit(2000000985.182:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14200 comm="syz.2.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabcb18ebe9 code=0x7ffc0000
[  906.040639][   T30] audit: type=1326 audit(2000000985.182:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14200 comm="syz.2.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fabcb18ebe9 code=0x7ffc0000
[  906.071121][   T30] audit: type=1326 audit(2000000985.182:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14200 comm="syz.2.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabcb18ebe9 code=0x7ffc0000
[  906.803798][T14220] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2150'.
[  907.263893][   T30] audit: type=1326 audit(2000000985.182:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14200 comm="syz.2.2148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabcb18ebe9 code=0x7ffc0000
[  913.622761][T14267] loop3: detected capacity change from 0 to 40427
[  913.639953][T14267] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  913.647833][T14267] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  913.659447][T14267] F2FS-fs (loop3): invalid crc value
[  913.732609][T14267] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  913.758678][T14267] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  913.765825][T14267] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  914.959437][   T30] kauditd_printk_skb: 13 callbacks suppressed
[  914.959459][   T30] audit: type=1800 audit(2000000994.797:364): pid=14278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2162" name="file1" dev="loop3" ino=10 res=0 errno=0
[  916.368413][T14285] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2169'.
[  916.409444][T11281] kworker/u8:31: attempt to access beyond end of device
[  916.409444][T11281] loop3: rw=1, sector=77824, nr_sectors = 2624 limit=40427
[  916.627737][T11281] kworker/u8:31: attempt to access beyond end of device
[  916.627737][T11281] loop3: rw=1, sector=80448, nr_sectors = 1472 limit=40427
[  916.695995][T11281] kworker/u8:31: attempt to access beyond end of device
[  916.695995][T11281] loop3: rw=1, sector=49152, nr_sectors = 3496 limit=40427
[  917.200986][T14300] netlink: 'syz.8.2171': attribute type 39 has an invalid length.
[  917.713856][T14305] netlink: 'syz.2.2174': attribute type 4 has an invalid length.
[  917.833433][T14308] netlink: 'syz.3.2168': attribute type 1 has an invalid length.
[  918.136262][T14313] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  918.190248][T14313] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  919.867830][T14308] gretap1: entered promiscuous mode
[  919.890069][T14308] bond1: (slave gretap1): making interface the new active one
[  920.625941][T14308] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  921.143237][T14313] macvlan2: entered promiscuous mode
[  921.872638][T14313] macvlan2: entered allmulticast mode
[  922.154330][T14313] bond1: entered promiscuous mode
[  922.163668][T14313] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  922.254521][T14313] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  922.489485][T14313] bond1: left promiscuous mode
[  924.605921][T14363] loop3: detected capacity change from 0 to 8
[  924.671439][T14363] Major/Minor mismatch, older Squashfs 0.0 filesystems are unsupported
[  924.689908][T14365] netlink: 68 bytes leftover after parsing attributes in process `syz.9.2188'.
[  924.772709][T14368] loop2: detected capacity change from 0 to 1024
[  924.986635][T14363] loop3: detected capacity change from 0 to 32768
[  925.006786][T14368] EXT4-fs: Ignoring removed orlov option
[  925.043851][T14363] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  925.102959][T14368] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  925.129985][T14363] XFS (loop3): Ending clean mount
[  925.137919][T14363] XFS (loop3): Quotacheck needed: Please wait.
[  925.214428][T14363] XFS (loop3): Quotacheck: Done.
[  925.778128][   T30] audit: type=1800 audit(2000001006.399:365): pid=14368 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2189" name="bus" dev="loop2" ino=18 res=0 errno=0
[  925.832785][T12956] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  925.948411][ T9908] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  927.774550][ T8079] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  928.224524][ T8079] usb 9-1: Using ep0 maxpacket: 16
[  928.242097][ T8079] usb 9-1: config 0 has no interfaces?
[  928.253266][ T8079] usb 9-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  928.273362][ T8079] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  928.471995][ T8079] usb 9-1: config 0 descriptor??
[  928.501322][T14419] loop3: detected capacity change from 0 to 512
[  928.574493][T14419] EXT4-fs (loop3): Test dummy encryption mode enabled
[  928.581419][T14419] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  928.845168][T14419] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.2202: bad orphan inode 131083
[  929.137349][T14419] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  931.562330][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  931.854556][T12956] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  933.994047][ T8077] usb 9-1: USB disconnect, device number 7
[  937.006217][T14456] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2212'.
[  937.015321][T14456] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2212'.
[  947.365230][T14542] syz.2.2233: vmalloc error: size 35651584, failed to allocated page array size 69632, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[  947.804245][T14542] CPU: 1 UID: 0 PID: 14542 Comm: syz.2.2233 Not tainted syzkaller #0 PREEMPT(full) 
[  947.804283][T14542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  947.804297][T14542] Call Trace:
[  947.804306][T14542]  <TASK>
[  947.804316][T14542]  dump_stack_lvl+0x189/0x250
[  947.804351][T14542]  ? __pfx_dump_stack_lvl+0x10/0x10
[  947.804376][T14542]  ? __pfx__printk+0x10/0x10
[  947.804406][T14542]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  947.804430][T14542]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  947.804454][T14542]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  947.804480][T14542]  warn_alloc+0x214/0x310
[  947.804516][T14542]  ? __pfx_warn_alloc+0x10/0x10
[  947.804546][T14542]  ? __get_vm_area_node+0x28f/0x300
[  947.804566][T14542]  ? hash_ipmac_create+0x358/0xfe0
[  947.804589][T14542]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  947.804633][T14542]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  947.804654][T14542]  ? hash_ipmac_create+0x358/0xfe0
[  947.804675][T14542]  ? rcu_is_watching+0x15/0xb0
[  947.804689][T14542]  ? hash_ipmac_create+0x358/0xfe0
[  947.804708][T14542]  __kvmalloc_node_noprof+0x674/0x910
[  947.804730][T14542]  ? hash_ipmac_create+0x358/0xfe0
[  947.804748][T14542]  ? __kmalloc_cache_noprof+0x3d5/0x6f0
[  947.804768][T14542]  ? hash_ipmac_create+0x2fe/0xfe0
[  947.804790][T14542]  hash_ipmac_create+0x358/0xfe0
[  947.804815][T14542]  ? __nla_parse+0x40/0x60
[  947.804831][T14542]  ? __pfx_hash_ipmac_create+0x10/0x10
[  947.804851][T14542]  ip_set_create+0xa97/0x1940
[  947.804872][T14542]  ? ip_set_create+0x4a2/0x1940
[  947.804903][T14542]  ? __pfx_ip_set_create+0x10/0x10
[  947.804952][T14542]  nfnetlink_rcv_msg+0xb4a/0x1130
[  947.804975][T14542]  ? nfnetlink_rcv_msg+0x20d/0x1130
[  947.805011][T14542]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  947.805030][T14542]  ? kmem_cache_free+0x19a/0x690
[  947.805088][T14542]  netlink_rcv_skb+0x205/0x470
[  947.805105][T14542]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  947.805128][T14542]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  947.805159][T14542]  ? bpf_lsm_capable+0x9/0x20
[  947.805179][T14542]  ? security_capable+0x7e/0x2e0
[  947.805207][T14542]  nfnetlink_rcv+0x26a/0x2520
[  947.805232][T14542]  ? __dev_queue_xmit+0x1d79/0x3b50
[  947.805251][T14542]  ? kasan_save_track+0x3e/0x80
[  947.805269][T14542]  ? __kasan_slab_alloc+0x6c/0x80
[  947.805288][T14542]  ? kmem_cache_alloc_noprof+0x367/0x6e0
[  947.805313][T14542]  ? __dev_queue_xmit+0x27b/0x3b50
[  947.805342][T14542]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  947.805364][T14542]  ? __pfx___dev_queue_xmit+0x10/0x10
[  947.805394][T14542]  ? ref_tracker_free+0x63a/0x7d0
[  947.805409][T14542]  ? __asan_memcpy+0x40/0x70
[  947.805426][T14542]  ? __pfx_ref_tracker_free+0x10/0x10
[  947.805453][T14542]  ? skb_clone+0x246/0x3a0
[  947.805474][T14542]  ? __netlink_deliver_tap+0x807/0x850
[  947.805488][T14542]  ? netlink_deliver_tap+0x2e/0x1b0
[  947.805508][T14542]  ? netlink_deliver_tap+0x2e/0x1b0
[  947.805529][T14542]  netlink_unicast+0x82c/0x9e0
[  947.805559][T14542]  ? __pfx_netlink_unicast+0x10/0x10
[  947.805582][T14542]  ? netlink_sendmsg+0x642/0xb30
[  947.805595][T14542]  ? skb_put+0x11b/0x210
[  947.805613][T14542]  netlink_sendmsg+0x805/0xb30
[  947.805636][T14542]  ? __pfx_netlink_sendmsg+0x10/0x10
[  947.805653][T14542]  ? aa_sock_msg_perm+0xf1/0x1d0
[  947.805669][T14542]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  947.805683][T14542]  ? __pfx_netlink_sendmsg+0x10/0x10
[  947.805699][T14542]  __sock_sendmsg+0x21c/0x270
[  947.805723][T14542]  ____sys_sendmsg+0x505/0x830
[  947.805744][T14542]  ? __pfx_____sys_sendmsg+0x10/0x10
[  947.805769][T14542]  ? import_iovec+0x74/0xa0
[  947.805792][T14542]  ___sys_sendmsg+0x21f/0x2a0
[  947.805811][T14542]  ? __pfx____sys_sendmsg+0x10/0x10
[  947.805857][T14542]  ? __fget_files+0x2a/0x420
[  947.805878][T14542]  ? __fget_files+0x3a0/0x420
[  947.805909][T14542]  __x64_sys_sendmsg+0x19b/0x260
[  947.805930][T14542]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  947.805961][T14542]  ? do_syscall_64+0xbe/0xfa0
[  947.805979][T14542]  do_syscall_64+0xfa/0xfa0
[  947.805994][T14542]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  947.806008][T14542]  ? asm_sysvec_call_function_single+0x1a/0x20
[  947.806023][T14542]  ? clear_bhb_loop+0x60/0xb0
[  947.806041][T14542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  947.806055][T14542] RIP: 0033:0x7fabcb18ebe9
[  947.806070][T14542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  947.806083][T14542] RSP: 002b:00007fabcc063038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  947.806099][T14542] RAX: ffffffffffffffda RBX: 00007fabcb3c6090 RCX: 00007fabcb18ebe9
[  947.806111][T14542] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000006
[  947.806120][T14542] RBP: 00007fabcb211e19 R08: 0000000000000000 R09: 0000000000000000
[  947.806129][T14542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  947.806138][T14542] R13: 00007fabcb3c6128 R14: 00007fabcb3c6090 R15: 00007fff2aee4128
[  947.806168][T14542]  </TASK>
[  948.483742][T14542] Mem-Info:
[  948.487169][T14542] active_anon:4707 inactive_anon:0 isolated_anon:0
[  948.487169][T14542]  active_file:17187 inactive_file:40642 isolated_file:0
[  948.487169][T14542]  unevictable:768 dirty:262 writeback:0
[  948.487169][T14542]  slab_reclaimable:12112 slab_unreclaimable:98629
[  948.487169][T14542]  mapped:29343 shmem:1699 pagetables:1077
[  948.487169][T14542]  sec_pagetables:0 bounce:0
[  948.487169][T14542]  kernel_misc_reclaimable:0
[  948.487169][T14542]  free:1304258 free_pcp:16011 free_cma:0
[  948.555585][T14542] Node 0 active_anon:18928kB inactive_anon:0kB active_file:68748kB inactive_file:162348kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:117372kB dirty:1048kB writeback:0kB shmem:5260kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11396kB pagetables:4192kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  948.650008][T14558] loop3: detected capacity change from 0 to 256
[  948.773719][T14542] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:220kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:216kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  949.553965][T14542] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  949.767326][T14542] lowmem_reserve[]: 0 2497 2498 2498 2498
[  949.886854][T14542] Node 0 DMA32 free:1303528kB boost:0kB min:34232kB low:42788kB high:51344kB reserved_highatomic:0KB free_highatomic:0KB active_anon:20396kB inactive_anon:0kB active_file:68748kB inactive_file:161024kB unevictable:1536kB writepending:1128kB zspages:0kB present:3129332kB managed:2557168kB mlocked:0kB bounce:0kB free_pcp:43488kB local_pcp:22996kB free_cma:0kB
[  949.954403][T14542] lowmem_reserve[]: 0 0 1 1 1
[  949.974683][T14542] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1324kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  950.068063][T14542] lowmem_reserve[]: 0 0 0 0 0
[  950.072866][T14542] Node 1 Normal free:3891340kB boost:0kB min:55652kB low:69564kB high:83476kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:220kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:24576kB local_pcp:8768kB free_cma:0kB
[  950.359062][T14542] lowmem_reserve[]: 0 0 0 0 0
[  950.363818][T14542] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  951.737219][T14542] Node 0 DMA32: 42*4kB (U) 99*8kB (UME) 76*16kB (UME) 505*32kB (UE) 498*64kB (UME) 482*128kB (UME) 145*256kB (UM) 61*512kB (UME) 26*1024kB (UME) 5*2048kB (ME) 261*4096kB (UM) = 1286176kB
[  951.780211][T14542] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  951.802168][T14542] Node 1 Normal: 6*4kB (ME) 8*8kB (E) 7*16kB (UE) 122*32kB (UME) 60*64kB (UME) 15*128kB (UME) 7*256kB (UME) 6*512kB (UM) 6*1024kB (UME) 4*2048kB (UE) 943*4096kB (UM) = 3891592kB
[  951.823341][T14542] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  951.843812][T14542] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  952.072219][T14542] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  952.724374][T14542] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  952.884655][T14542] 59520 total pagecache pages
[  952.914880][T14542] 0 pages in swap cache
[  952.919247][T14542] Free swap  = 124996kB
[  952.926315][T14542] Total swap = 124996kB
[  952.930488][T14542] 2097051 pages RAM
[  952.949598][T14542] 0 pages HighMem/MovableOnly
[  952.954654][T14542] 425797 pages reserved
[  952.964159][T14542] 0 pages cma reserved
[  960.208937][T14644] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  963.266079][T14673] loop8: detected capacity change from 0 to 8
[  963.668293][T14676] SQUASHFS error: zlib decompression failed, data probably corrupt
[  963.677410][T14676] SQUASHFS error: Failed to read block 0x4e8: -5
[  963.689343][T14676] SQUASHFS error: zlib decompression failed, data probably corrupt
[  963.697528][T14676] SQUASHFS error: Failed to read block 0x4ee: -5
[  963.704166][T14676] SQUASHFS error: zlib decompression failed, data probably corrupt
[  963.712268][T14676] SQUASHFS error: Failed to read block 0x4ef: -5
[  963.731006][   T30] audit: type=1800 audit(2000001044.339:366): pid=14676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.2266" name="file1" dev="loop8" ino=5 res=0 errno=0
[  969.157270][T14718] loop8: detected capacity change from 0 to 64
[  974.713724][T14761] ceph: No mds server is up or the cluster is laggy
[  978.766148][T14798] loop2: detected capacity change from 0 to 16
[  978.957753][T14798] erofs (device loop2): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk!
[  979.814636][T14798] erofs (device loop2): mounted with root inode @ nid 36.
[  980.008877][T14798] syz.2.2295: attempt to access beyond end of device
[  980.008877][T14798] loop2: rw=0, sector=1152, nr_sectors = 257 limit=16
[  980.023443][T14798] erofs (device loop2): read error -5 @ 0 of nid 36
[  980.442644][T14811] syz.2.2295: attempt to access beyond end of device
[  980.442644][T14811] loop2: rw=0, sector=1152, nr_sectors = 257 limit=16
[  980.464067][T14811] erofs (device loop2): read error -5 @ 0 of nid 36
[  986.117672][T14834] loop2: detected capacity change from 0 to 131072
[  986.419135][T14834] F2FS-fs (loop2): invalid crc value
[  987.331201][T14834] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  987.376695][T14834] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  988.002528][T14854] overlayfs: missing 'lowerdir'
[  993.141584][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  994.041055][T14902] loop8: detected capacity change from 0 to 128
[  994.872820][T14902] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  994.947751][T14902] ext4 filesystem being mounted at /229/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  996.801241][ T9934] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1007.110036][T14993] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1007.142499][T14993] syzkaller0: entered promiscuous mode
[ 1007.163125][T14993] syzkaller0: entered allmulticast mode
[ 1007.909732][T14999] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2341'.
[ 1008.410130][T15006] overlayfs: failed to resolve './file0': -2
[ 1009.354063][T14992] tipc: Resetting bearer <eth:syzkaller0>
[ 1010.018230][T14992] tipc: Disabling bearer <eth:syzkaller0>
[ 1011.972270][T15030] loop2: detected capacity change from 0 to 4096
[ 1011.980068][T15030] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1012.012486][T15030] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1014.861345][T15030] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1015.404484][T15038] vivid-002: disconnect
[ 1015.411195][T15038] vivid-002: reconnect
[ 1016.239267][ T9908] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1016.639531][T15044] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2353'.
[ 1023.684461][T15091] loop8: detected capacity change from 0 to 4096
[ 1023.691833][T15091] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1026.152199][T15091] EXT4-fs (loop8): Test dummy encryption mode enabled
[ 1026.167910][T15091] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[ 1026.171224][T15091] EXT4-fs: failed to create workqueue
[ 1026.186268][T15091] EXT4-fs (loop8): mount failed
[ 1026.707839][T15107] netlink: 48 bytes leftover after parsing attributes in process `syz.9.2367'.
[ 1028.517254][T15113] wireguard0: entered promiscuous mode
[ 1028.527432][T15113] wireguard0: entered allmulticast mode
[ 1032.707216][T15158] loop2: detected capacity change from 0 to 1024
[ 1032.715985][T15158] EXT4-fs: Ignoring removed nobh option
[ 1032.721631][T15158] EXT4-fs: Ignoring removed bh option
[ 1032.833035][T15158] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1032.978279][T15158] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.2376: Allocating blocks 497-513 which overlap fs metadata
[ 1033.034533][T15158] EXT4-fs (loop2): pa ffff888059e92cb0: logic 256, phys. 385, len 8
[ 1033.042657][T15158] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[ 1034.240347][T15168] loop8: detected capacity change from 0 to 4096
[ 1034.521445][T15174] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1038.604032][T15200] netlink: 'syz.9.2386': attribute type 4 has an invalid length.
[ 1038.716941][ T9908] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1039.960633][T15209] loop2: detected capacity change from 0 to 1024
[ 1040.075836][T15214] netlink: 4280 bytes leftover after parsing attributes in process `syz.3.2392'.
[ 1040.085759][T15214] netlink: 4280 bytes leftover after parsing attributes in process `syz.3.2392'.
[ 1040.719313][T15209] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1040.797916][T15222] loop3: detected capacity change from 0 to 128
[ 1040.867013][T15222] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1040.891237][T15222] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1042.225242][   T30] audit: type=1800 audit(2000001122.759:367): pid=15225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2388" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1042.307288][T14917] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1042.347844][ T9908] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1044.623169][T15251] loop3: detected capacity change from 0 to 256
[ 1044.630370][T15251] exfat: Deprecated parameter 'utf8'
[ 1044.635787][T15251] exfat: Deprecated parameter 'utf8'
[ 1044.641107][T15251] exfat: Bad value for 'uid'
[ 1044.645802][T15251] exfat: Bad value for 'uid'
[ 1044.701768][ T5864] Bluetooth: hci2: unexpected event for opcode 0x200b
[ 1046.506396][T15242] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2397'.
[ 1046.520205][T15242] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1046.699319][T15262] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2402'.
[ 1049.464467][T15242] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1049.485658][T15280] netlink: 'syz.3.2406': attribute type 10 has an invalid length.
[ 1050.275241][T15280] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1051.259648][T15280] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 1051.483657][T15293] loop8: detected capacity change from 0 to 512
[ 1051.554484][T15293] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1051.594680][T15293] EXT4-fs (loop8): 1 truncate cleaned up
[ 1051.607740][T15293] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1053.882800][ T9934] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1055.184793][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1057.490291][T15339] netlink: 148 bytes leftover after parsing attributes in process `syz.5.2422'.
[ 1057.499779][T15339] netlink: 56 bytes leftover after parsing attributes in process `syz.5.2422'.
[ 1057.571652][T15343] loop8: detected capacity change from 0 to 128
[ 1057.852239][T15343] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[ 1057.879493][T15343] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1057.957734][T15348] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2423'.
[ 1063.921176][T15395] netlink: 4280 bytes leftover after parsing attributes in process `syz.8.2435'.
[ 1063.930725][T15395] netlink: 4280 bytes leftover after parsing attributes in process `syz.8.2435'.
[ 1065.116567][T15411] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] SMP KASAN PTI
[ 1065.128545][T15411] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[ 1065.136978][T15411] CPU: 0 UID: 0 PID: 15411 Comm: syz.2.2434 Not tainted syzkaller #0 PREEMPT(full) 
[ 1065.146364][T15411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1065.156448][T15411] RIP: 0010:io_check_coalesce_buffer+0x354/0xb60
[ 1065.162803][T15411] Code: f7 e8 e0 64 63 fd 4c 89 74 24 28 48 8b 44 24 18 4c 8b 74 d8 08 49 8d 6e 08 48 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 ef e8 ae 64 63 fd 48 8b 6d 00 48 89 ee 48
[ 1065.182433][T15411] RSP: 0018:ffffc90003b27a38 EFLAGS: 00010202
[ 1065.188532][T15411] RAX: 0000000000000001 RBX: 00000000000001ff RCX: dffffc0000000000
[ 1065.196526][T15411] RDX: ffffc9000d74f000 RSI: 000000000000162e RDI: 000000000000162f
[ 1065.204548][T15411] RBP: 0000000000000008 R08: ffffea0001008007 R09: 1ffffd4000201000
[ 1065.212566][T15411] R10: dffffc0000000000 R11: fffff94000201001 R12: ffff88807861cff8
[ 1065.220557][T15411] R13: 0000000000000200 R14: 0000000000000000 R15: ffffea0001008000
[ 1065.228539][T15411] FS:  00007fabcc0216c0(0000) GS:ffff8881259fa000(0000) knlGS:0000000000000000
[ 1065.237480][T15411] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1065.244079][T15411] CR2: 000000110c35cde5 CR3: 0000000075c02000 CR4: 00000000003526f0
[ 1065.252055][T15411] Call Trace:
[ 1065.255342][T15411]  <TASK>
[ 1065.258286][T15411]  io_sqe_buffer_register+0x1ef/0x20a0
[ 1065.263795][T15411]  ? __pfx_io_sqe_buffer_register+0x10/0x10
[ 1065.269701][T15411]  ? trace_kmalloc+0x1f/0xd0
[ 1065.274306][T15411]  ? __kvmalloc_node_noprof+0x5ed/0x910
[ 1065.279863][T15411]  ? io_sqe_buffers_register+0x138/0x8e0
[ 1065.285505][T15411]  ? iovec_from_user+0x1ba/0x250
[ 1065.290458][T15411]  io_sqe_buffers_register+0x3b9/0x8e0
[ 1065.295927][T15411]  ? __pfx_io_sqe_buffers_register+0x10/0x10
[ 1065.301913][T15411]  ? __fget_files+0x3a0/0x420
[ 1065.306600][T15411]  ? __fget_files+0x2a/0x420
[ 1065.311224][T15411]  ? io_is_uring_fops+0xd/0x50
[ 1065.316008][T15411]  __se_sys_io_uring_register+0xb85/0x11b0
[ 1065.321823][T15411]  ? __se_sys_futex+0x36f/0x400
[ 1065.326694][T15411]  ? __pfx___se_sys_io_uring_register+0x10/0x10
[ 1065.332944][T15411]  ? rcu_is_watching+0x15/0xb0
[ 1065.337711][T15411]  ? do_syscall_64+0xbe/0xfa0
[ 1065.342394][T15411]  do_syscall_64+0xfa/0xfa0
[ 1065.346900][T15411]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1065.352098][T15411]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1065.358168][T15411]  ? clear_bhb_loop+0x60/0xb0
[ 1065.362848][T15411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1065.368740][T15411] RIP: 0033:0x7fabcb18ebe9
[ 1065.373154][T15411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1065.392766][T15411] RSP: 002b:00007fabcc021038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[ 1065.401202][T15411] RAX: ffffffffffffffda RBX: 00007fabcb3c6270 RCX: 00007fabcb18ebe9
[ 1065.409200][T15411] RDX: 00002000000002c0 RSI: 0000000000000000 RDI: 0000000000000005
[ 1065.417184][T15411] RBP: 00007fabcb211e19 R08: 0000000000000000 R09: 0000000000000000
[ 1065.425158][T15411] R10: 100000000000011a R11: 0000000000000246 R12: 0000000000000000
[ 1065.433133][T15411] R13: 00007fabcb3c6308 R14: 00007fabcb3c6270 R15: 00007fff2aee4128
[ 1065.441119][T15411]  </TASK>
[ 1065.444156][T15411] Modules linked in:
[ 1065.449493][T15411] ---[ end trace 0000000000000000 ]---
[ 1065.455021][T15411] RIP: 0010:io_check_coalesce_buffer+0x354/0xb60
[ 1065.461427][T15411] Code: f7 e8 e0 64 63 fd 4c 89 74 24 28 48 8b 44 24 18 4c 8b 74 d8 08 49 8d 6e 08 48 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 ef e8 ae 64 63 fd 48 8b 6d 00 48 89 ee 48
[ 1065.481114][T15411] RSP: 0018:ffffc90003b27a38 EFLAGS: 00010202
[ 1065.487235][T15411] RAX: 0000000000000001 RBX: 00000000000001ff RCX: dffffc0000000000
[ 1065.495265][T15411] RDX: ffffc9000d74f000 RSI: 000000000000162e RDI: 000000000000162f
[ 1065.503272][T15411] RBP: 0000000000000008 R08: ffffea0001008007 R09: 1ffffd4000201000
[ 1065.511302][T15411] R10: dffffc0000000000 R11: fffff94000201001 R12: ffff88807861cff8
[ 1065.519325][T15411] R13: 0000000000000200 R14: 0000000000000000 R15: ffffea0001008000
[ 1065.534728][T15411] FS:  00007fabcc0216c0(0000) GS:ffff8881259fa000(0000) knlGS:0000000000000000
[ 1065.544345][T15411] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1065.550966][T15411] CR2: 000000110c35cde5 CR3: 0000000075c02000 CR4: 00000000003526f0
[ 1065.559347][T15411] Kernel panic - not syncing: Fatal exception
[ 1065.565782][T15411] Kernel Offset: disabled
[ 1065.570111][T15411] Rebooting in 86400 seconds..