last executing test programs:

16m32.386467498s ago: executing program 1 (id=35):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
sendmsg$inet(r4, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000140)="be38", 0xffdf}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}, @ip_retopts={{0x1c, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x73}, @noop]}}}], 0x40}, 0x0)

16m30.274982895s ago: executing program 1 (id=36):
socket$igmp(0x2, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xffffffff, 0x0, "ff3f66fa733f1b33e356d25b90c98fe587b88a"})
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba0700000000ebffffff0000f77fff00"})
r2 = syz_open_pts(r1, 0x0)
ioctl$TCSETAF(r2, 0x5408, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x2, 0x0, "1f00000800"})
r3 = dup3(r2, r1, 0x0)
read$rfkill(r3, &(0x7f00000002c0), 0x8)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000180))

16m28.623603382s ago: executing program 1 (id=42):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioprio_set$pid(0x3, 0x0, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000400)='net/dev_mcast\x00')
read$FUSE(r3, &(0x7f00000099c0)={0x2020}, 0x2020)

16m26.94945309s ago: executing program 1 (id=46):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setresuid(0xee01, 0x0, 0x0)
sendmmsg$unix(r0, &(0x7f0000007cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001780)=[@cred={{0x1c}}], 0x20}}], 0x1, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x845, &(0x7f00000005c0)={[{@shortname_winnt}, {@shortname_winnt}, {@shortname_lower}, {@shortname_winnt}, {@shortname_winnt}, {@fat=@discard}, {@fat=@check_strict}, {@shortname_mixed}, {@shortname_winnt}, {@rodir}, {@shortname_win95}, {@fat=@sys_immutable}, {@utf8}]}, 0x0, 0x274, &(0x7f0000000780)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000500)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11080, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
read$FUSE(r1, &(0x7f0000002140)={0x2020}, 0x2100)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000380)={0x300, 0x0, 0x103ff})
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18020000fcffffff000000000000210085000000360000009500070000000000b83f3584230b8f5ec8921327291cf4880dd3a91af830f8a476ba1b51d4eb67103b000000000000000000000000000000640f9922d207e93470686f20ad"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x70)

16m25.085633557s ago: executing program 1 (id=52):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = dup(r3)
ioctl$PTP_EXTTS_REQUEST2(r4, 0xc0403d11, 0x0)

16m24.375156006s ago: executing program 1 (id=58):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="060000000000000071100a00000000000f000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc9, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ip6gre0\x00'})
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = fsopen(&(0x7f0000000000)='cgroup\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000400)='name', &(0x7f0000000440)='.%\x90-{\x00', 0x0)
getsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f00000003c0), &(0x7f0000000380)=0x1)
r3 = socket(0x10, 0x803, 0x2)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f0000004000)={0x14, 0x0, 0x300, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4004}, 0x8010)
syz_usb_connect(0x1, 0x24, &(0x7f0000002280)={{0x12, 0x1, 0x200, 0x5, 0x92, 0x2, 0x8, 0x681, 0x5, 0x56c0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x7, 0x3, 0x40, 0xf2, [{{0x9, 0x4, 0xfc, 0x8, 0x0, 0xa, 0xf4, 0x77, 0x5}}]}}]}}, &(0x7f0000003600)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r5, 0x701, 0x70bd25, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20000090}, 0x40000)

16m24.111722696s ago: executing program 32 (id=58):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="060000000000000071100a00000000000f000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc9, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ip6gre0\x00'})
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = fsopen(&(0x7f0000000000)='cgroup\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000400)='name', &(0x7f0000000440)='.%\x90-{\x00', 0x0)
getsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f00000003c0), &(0x7f0000000380)=0x1)
r3 = socket(0x10, 0x803, 0x2)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f0000004000)={0x14, 0x0, 0x300, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4004}, 0x8010)
syz_usb_connect(0x1, 0x24, &(0x7f0000002280)={{0x12, 0x1, 0x200, 0x5, 0x92, 0x2, 0x8, 0x681, 0x5, 0x56c0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x7, 0x3, 0x40, 0xf2, [{{0x9, 0x4, 0xfc, 0x8, 0x0, 0xa, 0xf4, 0x77, 0x5}}]}}]}}, &(0x7f0000003600)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r5, 0x701, 0x70bd25, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20000090}, 0x40000)

15m32.746927439s ago: executing program 4 (id=186):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0x4})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000240)={0x30, 0x30, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000001, 0x59033, 0xffffffffffffffff, 0x0)
r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)

15m31.338685898s ago: executing program 4 (id=189):
sendmsg$IPSET_CMD_GET_BYINDEX(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x84}, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000740)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64-generic\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00001b1000/0x4000)=nil, 0x400000, 0x2, 0x2})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2101, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)

15m27.877810502s ago: executing program 4 (id=197):
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r2 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
socket(0x1d, 0x2, 0x6)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f00000001c0)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020100000a0000000600000000000000030006000000000002000000ffffffff0000000000000000030005000000000002000000ac1e00010000000000000000020013"], 0x50}}, 0x0)

15m25.768389049s ago: executing program 4 (id=205):
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000001180)=ANY=[], 0x1, 0x185, &(0x7f0000000500)="$eJzskrGO00AQhr+1neRAxwkkqmvuipOAAuL4ANFxZejpaLASEyIcIHEkSJTCCKEUFIiSJ8hrIPECUCAeIHWKiBoZ7e7YcsIjsF+xf+bf2dmdiZ9n46wF/Nkuelxg8Dnih1IEwImy3saz+ln0p+gnK3yXvEfivxc9zmbzpuSccs0aL+I0TSanwG/jVVb28J3HxpT6JYeeAkVRFODRB53OYZmzXfR8YFzlwHEA100TRZWjG9HBDaA9Hb1uZ7P57eEoHiSD5GXkn98P74bhvaj9bJgmoV1V7QppBa23gNaBGPGh2W8AH8S6zC6q9jTZV5d4Qlm7Wc7wSLGPVztbquJr9a4W5f8Fjy9AP+tNrmrumakSYFrqovAl6AS199m7DszGnd6rtL9EocpjK4KqRmdNowqienD+IOeKLbWUkmeiXdGV6Fr0ZO+TCXK9fpToZg5N3sbT6aSjh2R/NeTsJKq86GpeH5i+9Yu329w375/ZOhwOh8PhcDgcDsf/xt8AAAD//4Yhcvw=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
lseek(r0, 0xfffffffffffffffc, 0x2)
getdents(r0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000080)={0x0, @in6={{0xa, 0x4e20, 0x6, @private0={0xfc, 0x0, '\x00', 0x1}, 0xc8c}}, 0x4, 0x0, 0x3, 0x8, 0x1}, &(0x7f0000000140)=0x98)
sendmsg$IPSET_CMD_RENAME(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x28, 0x5, 0x6, 0x301, 0x0, 0x0, {0x2, 0x0, 0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000080)='./file0\x00', 0x40, &(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRESOCT=r1, @ANYRESOCT=0x0], 0x4, 0xf82, &(0x7f0000000f00)="$eJzs3U9sHNX9APA36/W/2MRr4AcGfoQUWhEo2CGJ1PQWBOqlEuLSOygkNMJQ1NBKREBMD4hKiCIhThUHEBdKpRSpSKBKFeqp7alVb+0F9UKlKpWCemgjJa5iv1nvPu9k12N7dtf7+UjffX7zZuf7HXsTz4xn3wZgZNXWHo8dW8hCeOeztx99+ansk2vL7mqucXDtMYu9RghhvKWfJdv7Ii64cumlk53aLBxZe8z74bGLzefOhBBWwsHweWiEj5aWv/rw3UcOffza1C1vnnvmlV3a/aZ0PwAAYC+68Mflv973jz88MH/5woETYbK5PD8+b8T+TDzuPxwPlPPj5Vpo72ct0WoiWW8sRi1ZbyxZr57kqRfkG0+2M16w3kSXfGMtyzrtJwAAAAyj/Ly2EbLaYlu/VltcXD/vv+aLuYls8bkzy6fP9qlQAAAAoLR/n1+76XaIY2oAahBpTOcvsK0976Pvbv0524paxfnqFecbmSj3ehNCCCGE2LlwPCKGIFbnKrzYAAAAANBhvrBNVnZ2pq7m1hq95b/4cK3z82EHJK+/zdNO7PDr//r5pzavUGn+DnY//3if8193/z941f84AACUt1ePJvP9yo+j83kM0nkEx9qeNTO21fOPWrKd+hbrLJpXcFjmGyyqc6ziOsoqqn+rP8d+Kao/nQ9zUBXVn87TOaiK6p+suI6yiurvcOUnDOI/66L6pyuuo6yi+vdVXEdZRfXPVFxHWUX1z1ZcR1lF9d9QcR1lFdW/v+I6yiqqf1huqy2qv1FxHWUV1T+/3gz8YURR/TdWXEdZRfXfVHEdZRXVf3PFdfTLnbHNvw8HCtab6XDwN3AHgwAAAEBH/x36+f9GNOoDUIMQQgx9vLr+y7B9+VSHZWJbURuAGnYrpju9hoQQQoiBjPN9vPYAAAAADIb8fQH5u95Xo3x8bNP4396/9piP11vHpzY2kI+Pd9n+RJfxyS7jAAAAQAi/ef30bW9lG/Pdpe/p3+p8ePm8UdPhk6uhxDxG6XyEW82/3XnPtpu/84QjwzIbGwAAAHtV9p3Pr97/6HsvzF++cOBEy9nv1Xi+m88DWo/XBj6N/fy+gNmkn+Xn0Cfa89QK1kuvD9xQtL3Ht7mjAAAAMMLy8/dGyGqLLefdjVCrLS5unI8vhPHs9JnlU4djP/98lt/PjU9eW/5QxXUDAAAAvds43+98/p9/ju9CmMgWnzuzfPrsen+2uXy81npdYG5jedZ6XaCRLD9SsPxo7MfP7wzfn5teW7548gfLT+30zgMAAMCIOPviuWeeXF4+9cPR+aIeQtjWdsIg7IUvfLGrX/T7fyYAAGCnffnl2+M/Ojr72/X3/2/Mf3c1fnEw9htxbr8/xeX5fQL5+wA2vV//ifY8c0XrPd++XiNZbyzGZFL3VMt2wtp8g+3Pmy/K12jfzkRBvpkk32ySL52noJ6sn3WYSzB0mAkwX28uWZ7Ow1hPcmRJ/rs75AIAAIDc0gvPPr909sVzD5559smnTz196rmjR45/+/jxww9966Gltfv6l1rv7gcAAACG0cZNv/2uBAAAAAAAAAAAAAAAAAAAAEZXFR8n1u99BAAAgFH3r/MhhBUhCiL/gMF+1zHskQ1ADbsXq5P9r2FvR/DvUAghhBDbjP6e9005lhmMWF1NP2keAAAAYHddufTSydZ2k5VsR/M1t9ZYb67GvHk7++Bf5q9FvtrFh9uvl+zb0WoYdVW//uUf1PyTHcc/eHVn869diG9s9Lv//1dr38CJtcd67E33mvfepV8sNPOHEG6v95g/3f/He83Y7lCS/97QW/7V95L8T7T1ar3mvy/Jv6/H/Jv2//miDFPXzX9/zL8Q+4fu6TV/+y5OJtl6fQF8M9n/p0Kv+ZP9b/SYMPFAzA8Ao6j523z1fH8L2WH5UUJ+PD0T+/n+5ges6d0PWz3+ryXbqW+78vbt5sdBt8Z+86hupT1vbqv159+X2djeULLO1LDcVVJU/079HHdbUf3jFddRVlH9ExXXUVZR/Z3P3gdPUf3XP3scHEX193whos+K6h+W68pF9c9UXEdZRfXPVlxHWUX1b/X3eL8U1b+/4jrKKqp/ruI6yiqqv+RltcoV1T9fcR1lFdV/Y8V1lFVU/00V11FWUf03V1xHv9wR26Lz4fz8cy6O5f1G0p/s8L3s+Y8hAAAAwK7650DO/9dy5aDvtQghhBBiGGJsAGoQYpjjP6vr+l2HEGL3YnW1n1cf6LdsiO4VB2Dn7O5sFgw6P//R5uc/2vz8uZ78L/FZ0s+NdRmvdxkf7zI+kYxnyRMni8ajm5LtrubXNaObu4z/X9yDovH9yfN/nIzf2mX7C13Gb+syfnuX8Tu6jAMAADAabomt80MAAADYu17+5adv/PreJy7NX75w4ESY2DTv/OHYn4x/W3899tN573Pj8W/+P4n992P7u9j+PVnf/ScAAACw+/LPifH3fwAAANi78s8pdf4PAAAAe9d8bJ3/AwAAwN51Y2yd/wMAAMAelk11Xhzb/LrA3bHtdV4/AGDw/X9s74ztgdjeFduvxTY/Drgntl+vqD4AYOf8/Hs/Pf5WtjHf/9Fk/EpcnrebrKxfKchq7TP5T8d2X2y/0WM96ecB9Jo/t7/HPLuVf26b+QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvaO29njs2EIWwjufvf3ozybe+PO1ZXc11zi49pjFXiOEMN58Xj660f9VXPHKpZdOtrZXY5uFIyELWXN5eOxiM9NMCGElHAyfh0b4aGn5qw/ffeTQx69N3fLmuWde2cVvQdv+AQAAwF70vwAAAP//7lUWHg==")
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r3, 0x6, 0x9, &(0x7f0000000100)=0x8000, 0x4)
syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)

15m23.169732077s ago: executing program 4 (id=216):
mount$tmpfs(0x0, 0x0, 0x0, 0xa08400, &(0x7f0000000080))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0)
recvmmsg(r3, &(0x7f0000001b40)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/189, 0xbd}, {&(0x7f00000003c0)=""/152, 0x98}, {&(0x7f0000000480)=""/4096, 0x1000}], 0x3}}], 0x7, 0x0, 0x0)

15m22.717897694s ago: executing program 4 (id=221):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
socket(0x1e, 0x1, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)

15m22.411628369s ago: executing program 33 (id=221):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
socket(0x1e, 0x1, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)

14m28.432040264s ago: executing program 6 (id=367):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e8500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000000)={0x0, 0x1, 0x0, 0x8000040000000001, 0xffffffffffffffff})
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r2, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

14m27.763989544s ago: executing program 6 (id=370):
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x123400, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000240), &(0x7f00000003c0)=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r5, r2, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0xe, &(0x7f0000001980)={@remote, @empty, @void, {@generic={0x8884}}}, 0x0)

14m27.157230473s ago: executing program 6 (id=373):
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, 0x0, &(0x7f0000000500))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000640)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000900)={0x48, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x329}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1cd}, @NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x48}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

14m26.834982188s ago: executing program 6 (id=374):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f00000005c0)={[{@discard}, {@grpid}, {@debug}, {@noload}, {@mblk_io_submit}, {@commit={'commit', 0x3d, 0x5}}, {@quota}, {@debug}, {@usrjquota}, {@nolazytime}, {@mblk_io_submit}]}, 0xfe, 0x477, &(0x7f0000000780)="$eJzs3M1vFOUfAPDvTLctLz9+rYgvIEgVjcSXlpYXOXjRaMJBExM9YDzVtpDKQg2tiRCi1QMeDYl3439hPOnFqBdNvOrdkBDDBdTLmtmZKUvZLVu67QL7+STTPs/M0z7Pd2ae2Wfm2d0AetZI9iOJ+F9E/B4RQ3n25gIj+a/rVy9M/X31wlQStdpbfyX1cteuXpgqi5Z/tzXP1GpFfrBJvRffjZisVmfOFvmxhdMfjM2fO//C7OnJkzMnZ85MHD166OCegSMThzsSZxbXtV0fz+3eeeydS29MHb/03k9JJfK4Y1kcnTKS792mnu50ZV22rSFd37FL9v5yI93sTKCb+iIiO1z99f4/FH2xeWnbULz2WVcbB6yrWq1WW+GqvFgD7mNJdLsFQHcUtwD1+99y2cDhR9ddeTm/Acrivl4s+ZZKpHlib/+y+9tOGomI44v/fJUtsU7PIQAAGn2XjX+ebzb+S+PhPDGQ/fh/MYcyHBEPRMT2iHgwInZExEMR9bKPRMSjq6x/+QzJreOf9PIdB9eGbPz3UjG3dfP4Ly2LDPcVuW31+PuTE7PVmQPFPtkf/YMnZpOZ8RXq+P7V375ota1x/JctWf3lWLBox+XK4Kab/mZ6cmFyTUE3uPJpxK5Ks/iTKKdxkojYGRG77rCO2WcrLbfdPv4VtP63bat9HfFMfvwXY1n8paTl/OT4i0cmDo9tiurMgbHyrLjVz79efLNV/WuKvwOy47+l6fm/FP9wsili/tz5U/X52vnV13Hxj89b3tO0d/4vZY5tK87/geTt+oqBYsNHkwsLZ8cjBpLXb10/ceO/lfmyfBb//n3N+//2uLEnHouI3RGxJyIez24Ki7Y/ERFPRsS+FeL/8ZWn3l99/BszV5rFP3274x+Nx3/1ib5TP3x7+/iza1yr43+ontpfrGnn+tduA9ey7wAAAOBekdbfA5+ko0mlSKfp6Gj+Hv4dsSWtzs0vPHdi7sMz0/l75YejPy2fdA01PA8dL54Nl/mJZfmDxXPjL/s21/OjU3PV6W4HDz1ua9n/l64Fef/P/NnX7dYB664D82jAPUr/h96l/0NvSvR/6Gn6P/SuZv3/k5alR79Z18YAG8rrP/SuNvr/Yv6r9agAuDd5/Yfepf9DT2r52fh0TR/53/DEv8X3Gd4t7bn/E5HeFc24/xOVtr/MYhWJ2lDe/7M1g03LdPvKBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bn/BQAA///T8uXN")
creat(&(0x7f0000000340)='./bus\x00', 0x11a)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f00000003c0)='./bus\x00', 0x0, 0x41800, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x84)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2000003, 0x28011, r0, 0x0)
socket(0x10, 0x3, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
syz_mount_image$hfsplus(&(0x7f0000000180), &(0x7f0000001480)='./file1\x00', 0xc00a, &(0x7f0000000040)=ANY=[], 0x11, 0x6ae, &(0x7f0000000400)="$eJzs3c1vHHcZB/DvrF83lRy3TdOAKtU0UkFENHGsFMIlASEUpApV4cDZIk5jZZMGx0VpD8QFJK4c+APKIVzgBEJISEiRyhluFTeLUyUkLj2lPTBoZmfttbtrb5Im69DPJ5qdZ+Y385tnnnnZl8iaAJ9bF05k8m7auXDitVvV9Oadpc7mnaVr3bjVSTKTpJVMdkcprifF+8n5dId8oZrZdFcM286vV89e/OCjzQ+7U5PZ7q96aQ9PcHKUvdhohiwkmWjGD2FHfz96sP5mtsNiqzJVwY73CgfjNpWk3OHHR7dbBikn+iaGXu/Ak6Povm/26V7/88mhJLO9N7SNbmPr8We4r/u6F208ujwAAADgwDh873ZyK3PjzgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeJM3z/4tmaPXihRS95/9P9z1jf3rM6Q63d2azveBu63EkAwAAAAAAAACP1ov38ruLZTnXmy6L+v/8X6onjtSvT+Wt3MxK1vJKbmU561nPWhaTzPd1NH1reX19bbG35idlWQ5Z8/T2/773rXl6xITbD7/PAAAAAAAAAPB/5Fwz/lkuZG7MuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwA5FMtEd1cORXjyf1mSS2STT1XIbyT968ZPs7rgTAAAAgMfg8L3cy63M9abLov7Of7T+3j+bt3I961nNejpZyaX6t4Dut/7W5p2lzuadpWvV8Ol+v/Wf7fiPc/umUfeY7m8Pg7d8rF6inctZbZZK3kwnl9Kq16wc6+UzOK93q5yKc11lmZlRCnSpGVd7/qtmfDDM1xWZqitS1ehUk1tVjaf3rkT/0XmALS2mtfXLz5H7qPm5PbdS/Lcsu9Gh3pzkqe/tX/Op+9qZh7K7Eqf7zr6je1ci+fKffv/DK53rV68UGycOzmk0yIuDZ8/8q3eEepXo2shKlvoq8XxTgeo63bsSl28e8EqMqJXntuIL+W5+kBNZyOtZy2p+kuWsZyUL+U4dLTfnc/U6v/c5c37H1Ov7ZTHdHJeJXTl96XB3vFdOL9XrzmU138+buZSVvFr/O53FfD1nciZn+47wcyNc9a0BV/2fhyd//CtN0E7yy2Z8MFR1fbqvrv333Pm6rX9OK2XzzvLMZ3Zv3DL5xSaojsTP+67B8duqxGy23iV62T3bq8DUwEr8pr6t3Oxcv7p2ZfnGrn6LjcHbezk7d//g3Eiq8+WZ6mDVUzvPjqrt2YFti3Xbka221u6237a32va7Uqebz3Cf7ul03fb8wLaluu1YX1v1eWs2yUo+Kcuy+3kLgAPv0FcPTbf/3f57+732L9pX2q/NfnvmGzMvTGfqb1PfnDw18XLrheIPeS8/zf7f0AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3dfPudq8udzsrarqAsy9tDmh5JkMlkx5y//qUJmqe81Q8DGr3DaunzraSeM5kmuL/Ebj/Y7rz7oEX4Z3NMHkvBP5Ngduj5szv4uCzLg5HzKEHZOCj5jCMY3z0JeDxOrl+7cfLm2+98bfVa642VN1aunz1z5uyps2deXTp5ebUzO+70gEeofq+vP+eMOxMAAAAAAAAAAABgVKP9cU7xcH/bAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAQLpzI5N0UWTz1yqlqevPOUqcaevH2kh8naSUpFpLi/eR8ukPm+7orhm1nI7n4wUebH3anJpuhXr6113qj2WiGLCSZaMYDzCY5tHtmeXtYf0Xdz43h/Y2o2NrDqmDHe4WDcftfAAAA//8p+RGB")
read$FUSE(r1, &(0x7f0000003480)={0x2020}, 0x2020)

14m24.241854178s ago: executing program 6 (id=380):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x48, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_TOS={0x5}]}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x48}, 0x1, 0x0, 0x0, 0x24000804}, 0x8000)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000802800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32=r8, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r8, @ANYBLOB], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0)

14m22.920897018s ago: executing program 6 (id=382):
socket(0x15, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_GET(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, r4, 0x1, 0x0, 0x3, {0x37}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48014}, 0x20000000)

14m22.595452893s ago: executing program 34 (id=382):
socket(0x15, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_GET(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, r4, 0x1, 0x0, 0x3, {0x37}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48014}, 0x20000000)

13m0.805443233s ago: executing program 3 (id=649):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x4000000)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/sync_on_suspend', 0x200d80, 0x10f)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="66baa000ecc744240011000000c7442402b16e0000ff2c2443f466baf80cb8f2c96789ef66bafc0c66ed0f072e0f01c248b820450000000000000f23d00f21f835000000010f23f8c46289900cabb9f9080000b8c93c0000ba000000000f30c4816857a601000000", 0x68}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

13m0.142069823s ago: executing program 3 (id=652):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
preadv2(r3, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x1fee00}], 0x2, 0x0, 0x0, 0x0)

12m58.961224491s ago: executing program 3 (id=656):
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x15, 0x5, 0x0)
getsockopt(r3, 0x200000000114, 0x2710, &(0x7f0000005ec0)=""/102394, &(0x7f0000000040)=0x18ffa)

12m57.846047198s ago: executing program 3 (id=662):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f00000005c0)={[{@discard}, {@grpid}, {@debug}, {@noload}, {@mblk_io_submit}, {@commit={'commit', 0x3d, 0x5}}, {@quota}, {@debug}, {@usrjquota}, {@nolazytime}, {@mblk_io_submit}]}, 0xfe, 0x477, &(0x7f0000000780)="$eJzs3M1vFOUfAPDvTLctLz9+rYgvIEgVjcSXlpYXOXjRaMJBExM9YDzVtpDKQg2tiRCi1QMeDYl3439hPOnFqBdNvOrdkBDDBdTLmtmZKUvZLVu67QL7+STTPs/M0z7Pd2ae2Wfm2d0AetZI9iOJ+F9E/B4RQ3n25gIj+a/rVy9M/X31wlQStdpbfyX1cteuXpgqi5Z/tzXP1GpFfrBJvRffjZisVmfOFvmxhdMfjM2fO//C7OnJkzMnZ85MHD166OCegSMThzsSZxbXtV0fz+3eeeydS29MHb/03k9JJfK4Y1kcnTKS792mnu50ZV22rSFd37FL9v5yI93sTKCb+iIiO1z99f4/FH2xeWnbULz2WVcbB6yrWq1WW+GqvFgD7mNJdLsFQHcUtwD1+99y2cDhR9ddeTm/Acrivl4s+ZZKpHlib/+y+9tOGomI44v/fJUtsU7PIQAAGn2XjX+ebzb+S+PhPDGQ/fh/MYcyHBEPRMT2iHgwInZExEMR9bKPRMSjq6x/+QzJreOf9PIdB9eGbPz3UjG3dfP4Ly2LDPcVuW31+PuTE7PVmQPFPtkf/YMnZpOZ8RXq+P7V375ota1x/JctWf3lWLBox+XK4Kab/mZ6cmFyTUE3uPJpxK5Ks/iTKKdxkojYGRG77rCO2WcrLbfdPv4VtP63bat9HfFMfvwXY1n8paTl/OT4i0cmDo9tiurMgbHyrLjVz79efLNV/WuKvwOy47+l6fm/FP9wsili/tz5U/X52vnV13Hxj89b3tO0d/4vZY5tK87/geTt+oqBYsNHkwsLZ8cjBpLXb10/ceO/lfmyfBb//n3N+//2uLEnHouI3RGxJyIez24Ki7Y/ERFPRsS+FeL/8ZWn3l99/BszV5rFP3274x+Nx3/1ib5TP3x7+/iza1yr43+ontpfrGnn+tduA9ey7wAAAOBekdbfA5+ko0mlSKfp6Gj+Hv4dsSWtzs0vPHdi7sMz0/l75YejPy2fdA01PA8dL54Nl/mJZfmDxXPjL/s21/OjU3PV6W4HDz1ua9n/l64Fef/P/NnX7dYB664D82jAPUr/h96l/0NvSvR/6Gn6P/SuZv3/k5alR79Z18YAG8rrP/SuNvr/Yv6r9agAuDd5/Yfepf9DT2r52fh0TR/53/DEv8X3Gd4t7bn/E5HeFc24/xOVtr/MYhWJ2lDe/7M1g03LdPvKBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bn/BQAA///T8uXN")
creat(&(0x7f0000000340)='./bus\x00', 0x11a)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f00000003c0)='./bus\x00', 0x0, 0x41800, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x84)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2000003, 0x28011, r0, 0x0)
socket(0x10, 0x3, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
syz_mount_image$hfsplus(&(0x7f0000000180), &(0x7f0000001480)='./file1\x00', 0xc00a, &(0x7f0000000040)=ANY=[], 0x11, 0x6ae, &(0x7f0000000400)="$eJzs3c1vHHcZB/DvrF83lRy3TdOAKtU0UkFENHGsFMIlASEUpApV4cDZIk5jZZMGx0VpD8QFJK4c+APKIVzgBEJISEiRyhluFTeLUyUkLj2lPTBoZmfttbtrb5Im69DPJ5qdZ+Y385tnnnnZl8iaAJ9bF05k8m7auXDitVvV9Oadpc7mnaVr3bjVSTKTpJVMdkcprifF+8n5dId8oZrZdFcM286vV89e/OCjzQ+7U5PZ7q96aQ9PcHKUvdhohiwkmWjGD2FHfz96sP5mtsNiqzJVwY73CgfjNpWk3OHHR7dbBikn+iaGXu/Ak6Povm/26V7/88mhJLO9N7SNbmPr8We4r/u6F208ujwAAADgwDh873ZyK3PjzgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeJM3z/4tmaPXihRS95/9P9z1jf3rM6Q63d2azveBu63EkAwAAAAAAAACP1ov38ruLZTnXmy6L+v/8X6onjtSvT+Wt3MxK1vJKbmU561nPWhaTzPd1NH1reX19bbG35idlWQ5Z8/T2/773rXl6xITbD7/PAAAAAAAAAPB/5Fwz/lkuZG7MuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwA5FMtEd1cORXjyf1mSS2STT1XIbyT968ZPs7rgTAAAAgMfg8L3cy63M9abLov7Of7T+3j+bt3I961nNejpZyaX6t4Dut/7W5p2lzuadpWvV8Ol+v/Wf7fiPc/umUfeY7m8Pg7d8rF6inctZbZZK3kwnl9Kq16wc6+UzOK93q5yKc11lmZlRCnSpGVd7/qtmfDDM1xWZqitS1ehUk1tVjaf3rkT/0XmALS2mtfXLz5H7qPm5PbdS/Lcsu9Gh3pzkqe/tX/Op+9qZh7K7Eqf7zr6je1ci+fKffv/DK53rV68UGycOzmk0yIuDZ8/8q3eEepXo2shKlvoq8XxTgeo63bsSl28e8EqMqJXntuIL+W5+kBNZyOtZy2p+kuWsZyUL+U4dLTfnc/U6v/c5c37H1Ov7ZTHdHJeJXTl96XB3vFdOL9XrzmU138+buZSVvFr/O53FfD1nciZn+47wcyNc9a0BV/2fhyd//CtN0E7yy2Z8MFR1fbqvrv333Pm6rX9OK2XzzvLMZ3Zv3DL5xSaojsTP+67B8duqxGy23iV62T3bq8DUwEr8pr6t3Oxcv7p2ZfnGrn6LjcHbezk7d//g3Eiq8+WZ6mDVUzvPjqrt2YFti3Xbka221u6237a32va7Uqebz3Cf7ul03fb8wLaluu1YX1v1eWs2yUo+Kcuy+3kLgAPv0FcPTbf/3f57+732L9pX2q/NfnvmGzMvTGfqb1PfnDw18XLrheIPeS8/zf7f0AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3dfPudq8udzsrarqAsy9tDmh5JkMlkx5y//qUJmqe81Q8DGr3DaunzraSeM5kmuL/Ebj/Y7rz7oEX4Z3NMHkvBP5Ngduj5szv4uCzLg5HzKEHZOCj5jCMY3z0JeDxOrl+7cfLm2+98bfVa642VN1aunz1z5uyps2deXTp5ebUzO+70gEeofq+vP+eMOxMAAAAAAAAAAABgVKP9cU7xcH/bAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAQLpzI5N0UWTz1yqlqevPOUqcaevH2kh8naSUpFpLi/eR8ukPm+7orhm1nI7n4wUebH3anJpuhXr6113qj2WiGLCSZaMYDzCY5tHtmeXtYf0Xdz43h/Y2o2NrDqmDHe4WDcftfAAAA//8p+RGB")
read$FUSE(r1, &(0x7f0000003480)={0x2020}, 0x2020)

12m54.713890526s ago: executing program 3 (id=673):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvmmsg$unix(r1, &(0x7f00000043c0)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000002c0)=""/240, 0xf0}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)

12m52.50461697s ago: executing program 3 (id=679):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x8)
pwrite64(r0, &(0x7f00000007c0)='2', 0x1, 0x316)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x4, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$inet(r2, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x3284b164842c97f7, 0x8014)

12m52.323381432s ago: executing program 35 (id=679):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x8)
pwrite64(r0, &(0x7f00000007c0)='2', 0x1, 0x316)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x4, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$inet(r2, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x3284b164842c97f7, 0x8014)

11m14.29261106s ago: executing program 5 (id=944):
socket(0x10, 0x803, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000200)={0xffff, 0x0, 0x0, 0x800a, 0x2, "5f7300fbffffff00"})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r1, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f0000000400)=[{0x0}], 0x1}}], 0x1, 0x9200000000000000)
r2 = socket(0x1e, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r4, 0x201, 0x400000, 0x0, {{}, {}, {0x8, 0x11, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
close(r2)

11m14.171484782s ago: executing program 5 (id=945):
r0 = getpid()
syz_pidfd_open(r0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, &(0x7f0000000000)={0x0, 0xb, 0x10, 0x5, 0x0, 0x10001, 0x0})
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r1 = socket$kcm(0x2, 0x200000000000001, 0x106)
request_key(0x0, 0x0, &(0x7f0000000440)='**+\x00', 0xfffffffffffffffd)
sendmsg$inet(r1, 0x0, 0x340c4191)
syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r2, 0x4020565a, &(0x7f0000000080)={0x5, 0x2, 0x2})
openat$vimc2(0xffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f00000000c0)=0x3)

11m14.062931464s ago: executing program 5 (id=946):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0xa0602, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet(0x2, 0xa, 0xcaa)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_io_uring_setup(0x9ea, &(0x7f0000000540)={0x0, 0x7734, 0x8, 0x1, 0x34f}, &(0x7f0000000600)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x4, 0x1cd83f7c25e05491, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x100, 0x1, {0x3}})
socketpair$unix(0x1, 0x2, 0x0, 0x0)
io_uring_enter(r1, 0x47bc, 0x0, 0x0, 0x0, 0x0)

11m12.225271922s ago: executing program 5 (id=949):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='devices.list\x00', 0x26e1, 0x0)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
close(0x3)
close(0x4)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r2)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
close(0x4)

11m12.005978396s ago: executing program 5 (id=952):
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f00000000c0)=0x1, 0x4)
bind$alg(0xffffffffffffffff, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(des-generic)\x00'}, 0x58)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80001d00c0d1)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000200)=0x8, 0x4)
bind$inet6(r0, &(0x7f0000f65000)={0xa, 0x4e21, 0x7, @empty, 0xfffffff8}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x20000002, &(0x7f00000001c0)={0xa, 0x4e21, 0x0, @loopback}, 0x1c)
r1 = socket$inet(0x2, 0x3, 0x2)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, 0x0, 0x0}, 0x108)
getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000080))
arch_prctl$ARCH_REQ_XCOMP_PERM(0x1023, 0x6)
clock_adjtime(0x0, 0x0)

11m11.04214369s ago: executing program 5 (id=957):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440)={0x28, 0x0, 0x2710, @host}, 0x10)
unshare(0x6a040000)
mmap(&(0x7f00002ad000/0xc00000)=nil, 0xc00000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
listen(r0, 0x7ff)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$nl_sock_diag(0x10, 0x3, 0x4)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
sendmsg$SOCK_DIAG_BY_FAMILY(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)=ANY=[@ANYBLOB="2800000014001901000000000000000228"], 0x28}}, 0x0)

10m55.818351733s ago: executing program 36 (id=957):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440)={0x28, 0x0, 0x2710, @host}, 0x10)
unshare(0x6a040000)
mmap(&(0x7f00002ad000/0xc00000)=nil, 0xc00000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
listen(r0, 0x7ff)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$nl_sock_diag(0x10, 0x3, 0x4)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
sendmsg$SOCK_DIAG_BY_FAMILY(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)=ANY=[@ANYBLOB="2800000014001901000000000000000228"], 0x28}}, 0x0)

15.378415103s ago: executing program 2 (id=2819):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file1/file4\x00', &(0x7f00000001c0), 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000200)='./file1/file4/file5\x00', 0x81c0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file4/file6\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file1/file4/file7\x00', 0x1c0)
r0 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x2000, r1}, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
landlock_restrict_self(r0, 0x0)
linkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file2\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000440)='./file0/file3\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
linkat(0xffffffffffffff9c, &(0x7f0000000500)='./file1/file4/file5\x00', 0xffffffffffffff9c, &(0x7f0000000540)='./file1/file4/file7/file5\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1/file4/file6\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file1/file4/file7/file6\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000600)='./file1/file4/file5\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file1/file4/file7/file6\x00', 0x2)

14.956592129s ago: executing program 2 (id=2822):
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x14, 0x4, 0x4, 0x22}, 0x50)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x70d31000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$igmp6(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r4, 0x29, 0x22, &(0x7f0000000000)={{0xa, 0x0, 0x101, @loopback, 0x18000}, {0xa, 0x0, 0xfffffffd, @dev, 0x4}, 0x0, {[0xe, 0xfffffffd, 0x0, 0xfffffef9, 0x0, 0x1, 0x8]}}, 0x5c)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r5, 0xffffffffffffffff, 0x0)

13.435694022s ago: executing program 2 (id=2826):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=@newlink={0x24, 0x10, 0x49920d862a92153b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1084}, [@IFLA_PROP_LIST={0x4}]}, 0x24}}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x7, 0x0, 0x2, 0x1}, 0x20)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0xd0, 0x268, 0x311, 0x0, 0x268, 0x1e0, 0x460, 0x460, 0x1e0, 0x460, 0x9, 0x0, {[{{@uncond, 0x160, 0xa8, 0xd0, 0x0, {0x9401}}, @common=@unspec=@NFQUEUE2={0x28}}, {{@uncond, 0x0, 0xd0, 0x110, 0xe4030000, {}, [@common=@ipv6header={{0x28}, {0x0, 0x0, 0x5}}]}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x9, 0x3, 0x1, 0x3, 0x2, 0x8, 0x1, 0x2]}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000ac0), r4)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f00000003c0)={0x20, r5, 0x5, 0x0, 0x0, {0x22}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x20}}, 0x2000c094)
syz_genetlink_get_family_id$nbd(0x0, r4)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(0xffffffffffffffff, 0x28, 0x1, &(0x7f0000000380)=0xe, 0x8)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000440), 0x10)
connect$802154_dgram(r0, &(0x7f0000000340)={0x24, @short={0x2, 0xffff, 0xaaa1}}, 0x14)
sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000680)={0x0}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)

13.347102393s ago: executing program 8 (id=2828):
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r4 = syz_init_net_socket$ax25(0x3, 0x3, 0xca)
listen(r4, 0x0)
syz_open_dev$video(0x0, 0xc000, 0x0)
r5 = syz_init_net_socket$ax25(0x3, 0x2, 0xc4)
ioctl$SIOCAX25CTLCON(r5, 0x89e8, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
socket$inet(0x2, 0x3, 0x4)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)

13.265938235s ago: executing program 2 (id=2830):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b700000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/14, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r5 = inotify_init()
r6 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r7 = inotify_add_watch(r5, &(0x7f0000000200)='./file0\x00', 0x400008bf)
write$binfmt_elf32(r6, &(0x7f0000000040)=ANY=[@ANYRES64=r7], 0x69)
close(r6)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

11.975656683s ago: executing program 8 (id=2832):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
socket$l2tp(0x2, 0x2, 0x73)
r1 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r1, &(0x7f00000001c0)={'#! ', './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0'}, 0x1002)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_SETCONFIGURATION(r0, 0x80045505, &(0x7f0000000000)=0x1)

9.50360113s ago: executing program 2 (id=2834):
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='./file1\x00', 0x2000040, &(0x7f0000000000)={[{@codepage={'codepage', 0x3d, 'cp949'}}, {@uid}, {@iocharset={'iocharset', 0x3d, 'cp936'}}]}, 0x1, 0x302, &(0x7f00000008c0)="$eJzs3c9qE0EcB/DvTDZt+oe6thXBi6Va0Eux6qF4iUiu3j2J2qQQXCq2FdSLrXgUH8C7r+DFN/Ci+AJ6EgQfoLeR+e1sskl2J6Yk2bT9fiDpZnZm9zfsbHZ+C82CiM6se7Wfn279ti8FlFACcAfQACpAAOACLlZe7Ow396NG3behkrSwL4W4peqps7XTyGpq20kLJ7SfAsyny9JU75bpmIwxd38VHQQVTs7+DBqYduehrK+MOa5ROQAuFx3DuKUPsDrCEV5iocBwiIhoArjrv3aXiXkpUtAaWHOX/VN1/T8qOoDhuh31FBlvg9T1X2Z3Rtnje05WtfM9SbTsep1kif0CseOj3FU2hXhkdUwwVb+sUmLRM9vNAOtbh6hrvEXVSVVblvd6PHQTfaJdzchNPfK3Vsb92bg3MqPsloS03Ywa03YhFX8SwdJge/T44l/9x/1VX9V39VCF+Ih6a/4XGGUPkxypsOtI6bKN/0b+luekla0F17Fqtao7qpyXnVxye3D69LKSnZGkt5ncIDhoReCLU/a9iM7bCnHvNvq0WspqFbY+5bRa7mhVciNhfetZ5L2VMhpJF9UH9UCt4i8+o5aa/2sb3xpSZ6bvq15JTTcy4v5MZdcMpGbYc+Vony4rrQic6YH7RkDe3bIc7/EEm1jYe/X6aSmKGrt24XHGwvP5XeVKyu+AzDpDXgiize5VJXha4aBdYqw3xvzvvswou3N9qBu03x+7G4hL7OmTVdmeZa0SPdLDdIYXat/gG5CTtXCYHhJdC8YAOatG9j1FE2RPJQddPgaYKToiGjM771Jx/iczeTerkwTFvoWeebo/yUTHFjdaGVznVHBR3mcHyuDm8jM4t0fVjBo3c3JGybmuXAOupgoVvHsMXZynhKrhBx7x/j8RERERERERERERERERERERERER0Ukzjn9CKLqPREREREREREREREREREREREREREREREQn3bGe/5v1G/Hy/N9wwOf/xk+Kkp8DX2mX9nv+LxENx78AAAD//1Lod7w=")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180100"/16], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x43, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r3, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f00000001c0)={0x0, 0x3d, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0x1a000}}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r4, r4, 0x0, 0x800000009)

9.4721352s ago: executing program 9 (id=2835):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
syz_open_dev$sndpcmc(&(0x7f0000000300), 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_io_uring_setup(0x24f6, 0x0, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x72, 0x4004, @fd=r1, 0x80000000, 0x0, 0x0, 0x5})
ioctl$USBDEVFS_IOCTL(r0, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)

9.245690124s ago: executing program 8 (id=2836):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x6f)
r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$dsp(r1, &(0x7f00000002c0)=""/4096, 0x1000)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
read$dsp(r1, &(0x7f0000001380)=""/229, 0xe5)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$UHID_INPUT(r2, &(0x7f0000001480)={0x8, {"e5c5652de78df0c261f66d66cdcd1b9cf4d5c4c4efd9f955b698eab69d278f82e58e0bc0468d9ff24f18de943a87ae937379dc443ad69b1651199ee5de29cebb0b59363260987e6172cf90a46dff9deb1999212173b6f19ab4688a61dd33a4ae4824c004c11ef5fd339198ffcc243c0f81c1601e2598a5bad74dafa7b2f65cc2c5abec3e4953c334e1491cb12ca59d58e65c35fd63c15a75bb57cb0d743bd2f3464f804f9f7e6032a6736dc16eac2c31599dd90d55cdf310f7b3a702bb30a32439f66c0fa5e26bf0cafbcf0d4dd2e5e4d8723f1ce414ac50e1d09f0305f63f6dc37d739bc067c783f95dbe4f162c3be881097e8c27ceeabd42ca4a0a896f0e3c22911f6f95c2ec1863c8a3ff726418185705f48cb38e900de6f3e740d700b9782ba9738adbcbcb635d719fbd3ccf1bad31363d3958bdd0b559c51e0c8a4d08d178ec7ba7f1f419cedc690d31f060d011fd5aa5e15722fb484a48b46f7816d47a7d1217f8f653ba9731c58620c06390714b69393b9cdc92711dba511565a32cb4a01f44d2b08c9b4faabdbadf04cc146da0005426926b6899aecc936368ea5ceb4fafb69d6788af2206a9bce49cbcaf9ce21b4386bab5b6ab33b250498893654c1ed15b1b4d103c6638564e6522e661d86e3be2acdd0423b759070268d7c77f4ed8d8a3504fbacd980b3e23e5029f33902ac5d4aa15489aa524e13d331cbff950e5b68a6b0cb460f50a801225f0f9687b2d68aa89e8f251542adc0dd66aeadf168e9aa9f7aed82986aae9174aecff1eb3bd6b8b75a1d264e8ef791be467d01762ec54e3b448fba618c42ea041e34e6bdb18e65e62639662ce5fb7d26750541ab5d762878c6e48e45d3fb8ae813d94b2c95042d607d2efa9702f1c7b24484fe575ff562980c93ccfe28afb4f8c9d1437a02e7c637ea94ca3ed6848a29808d3871fc7d732b5bf10cdda693e70016205d6758470d12a535822648b900a9918416af8c1a31f04a4b0b2ea3dcbb11c6ec4a2e70d7ff081b4f3cb14b3e7fd015c7ea827845a792c00a039050076b92f0e751f66aa0dd50712a92f89efd74c9720d59279e0ab147328767a401992a2abdf49f153edbec3e039ffc557a9b183cd55941ea17199784f6b54e21c50f9ea5aa84fcfb889cdb68e0b5a280b5749ed1c412c6ce23130064cdd69565d46aec83211a2b8996c6be00a8333b8e9e20e382ab1f18a8e6d3755f4254faec59602b644cb686d71bbcbee3a1aff55cb5026f98681f60cdd72c3cdb2d29d5206e2cfd9b8f464fd17ab3c90813d99f128a7a907d9d9a5e5af8da9245572c21b7f56767a92f9d8e484796cb88ad7bb5918221daee817378054889b69c77e0ef0542912b1cafda8b2b661fadfbce13721d0a58ee116c09b7843065251a10d504276d16ec602cd70ec4927d9810b98693ae7d194d9211a6a606f1661aa3d8fc1cc3532acbbe854d07275952331cf28df22adf269db2a3e45960f2549da11f17566fdaef717a5b3b76c8ddd544655548e0b3c235362c221289da7912d1d0648d8f234497a2fefbb74bc97a705db1c94770f7b3f83e1e5f20af29d4ff6d7ecbee429c26af4342924196cb7f717c13ee677a3d9a2a3d9202fab7ffc0b64c29d134485ffb56870e585a0aac949fd396e853686427ffeb340880cc7e96b8ff1d87de4b1b65648eaea274581fd96eb0b87ebd4907a3628ddcae7138ebbe600f926d2bc1898d1d19feb7dca00d0965fa23bb6277f2070a536fa1ae31db20d8b7aa8f8b019accbf41a7e2af73ca7c06ad0faedb03dabbf7307cfd5548fb3205a8e411c6543a42641963c27f0e0e4dfe88cfe95b22658c63d45d42abfc93319b427d67fdbc95f79a3864aefe12da38f15ca8e05bc8919e5abf973245cdef1e8578146f68d930bb2dd827038418f48b4663430b07761e20b95114fc44eee9c43bc7804920fb7280de12fc12ee35ddf5c13d710ec833cd274edc28abd42bbde516f672c92c993f4d38cfe8270fe6408c9c2f2cef73c4fdc49a284b212f282dbfa4f4917d7db94ccf04831c5e341a533554b99740c36cd94c58f729bdbb2d3ee35ece030d79a9a277dec6da93254844987d53b1426288769beca5721e189a87294631175d9092d61f04a5d2b5e17fac9ee9d0db841ead9c155d2cef42310a7c950e4bf43bd082f9321390600a7bad8091fd8e465fc767e66c1d42aad74a845688049af0a0c86074f6a7808437cdd752b2ef971080da1ab6fed5aba46e6682433f6e0b7d7de48325b88acadc6e310a506ca696319af307565a08cff9cdb98b0a6a95fa4c4f17cad948ec77e662036c483bf748ba0e3b4bdaa91e90c6e07c4f382293624c8865281eaca8b9276422acf983397c4bbbb9e05b747354f20aa0ea5f536e7c83aa7ea70995678914027ce892ae0d66cde8ee656d350d12e23cfd5def52a2c37585935f93889f9b897b4486aca06f62ac7a77b743ccb560d9c55b25090ae4a724e58ab273cd12fafddc18b53f170ced297ab5f4bad5fa38be63725016658e0768a9cf3a02f093fbdf539a40e3db55c6cab184e8266bcff03ee143676bf0a18ffb721150e4f3861c0a7787579dbc7238566318ca778f5a17222269a8f83b6a9a169b9274d766308d9e43e220fe59ec6dba4871bf3f1cf8f7b831b73c3c66058ab7f7ff3d59ba636c8278dbb7d908e355e397618d573d1d49ba925e96add37e74b0b7cad14364d1833fc4f34688398f3c52a840f6c6795c3feb6d2201cb7efb4debb494faab894c9a687613a565a5c6a1778b209cd7b2f68c8568e156bcde658dafeed460e63b57f935c072db53b08013c24dc95086d254c8476d96f27bb3a6d23bd903b6f47c9cad87e9ab9bb1a53a0186a8aa88870de55e2c2cf44674d41bae5a973402b3bf691696e27dc5856b1f25483c06a8866be7cdb99a80d93442a958c4346b275ff532aa836429880fd95452c26dfa87ecd199082a13121e80e3fd9985e6f5fed97c253cdd03a20647e21c361e35492e9a34931fcfcf5e5ec60ca5d0a98adb7af152bd590233df47ce39f45bea7f5fd5a966fd1e43dcfd223fdd93d406bc07d683febd91718869b1598d6a8f059ad281c0191085e196574685e634fcaa372b76af413438ae1c77826e62152ce8eecbeb44a449466822011e000b9002f09f55f9d5c43aecee98d52982b4172f9beb3aaf0a04dc2ed9a21fbb0de712dc9c2765e7fd2f8b8c2c6a0a9075b52ff29df5b96f2b67d18ea838c40aff1021bdbbf55fb41dfe970950990596f4724ad997490ca147b0d24b5384306d28382e94badb8b9a2116077138fe112d8993b555c34bfbaee415660c6fee893292e48089485d207e54ffcc96d442d841259dc127043bdbb0d4d3b4e3904f63b86bd5e974dfdd7f5c2f2e2062736a10323a1bc360922e7301e6c142ec3a459b4b386fc9efce0bc044c92f82f795cb248aeeb205ea471f767f55de15efc3eb2161ecb427812a980fb9e800a6aec9d3c745906253ff452bf65a939838ec7a5548b3e873fccd24d81c1595b800dbbf33e9da16e36173aa521cad36e31de57f4d3f730d0138d7e756cc7e13eb880bf3dce8a7e48d136574ed2e2c51496f66f95e6bd61f70f30ba722e054e878024a04bbee29a0b5c1a948ec922777047b2c7241efc26569ffeac87bb9e2ecafba081bc66f941da84bf0d2743c126c85de4ededff09cd12075f12ed702e02b70b2ede61b7a3ae7ccf60721f2d5a78c3a5de8b3d8894d25414c2bbe384e8f703dea4bd60e14f9238afb31a0e675f5b816fbea0cf4435484d37487a4fd45d307196bd65063cd9b249cc29c5db883bd166227ad1ab7d9a57edc4b8bd14d0e4feb8b0ae2f365e17953f8ea35b663c699ee8b10767e28229d423642fd8a10a6f7bd40f14b20499d16eddccfe74c74adb57c92d644a8ac5629a7bac7682fa23890abf4748f6de8fe890067903e62c9d89c97346179a24b236e9e2989bdaca063dd7d85820d8370d0da38349debea630e350931be6a6c05d9ee3540c8b238aee667eba1e169b5477b62868c998bd6031ac3f7b8ce83aa3b816d7b3084e828485c2931f8020aa8e9707642011303e6e8462e57fd0f5b26ba16695b198aa20c71b6e3961343be71c97f7dcf702ad374cad9864042793dd0167b3d21522fa61d3c70971bbf8834e81e21dcf83a2947d3a0ac39e86d25cbc4e9a6608fa5161ae97e36d8ace2f90beff3090f3330034fc7acfdd323907eab32572e5d4f3d7dca1335cfe5c81efd93e09e6a5ca905a6d52bfd128db9002d3b80cb84d586a7cc8de31cc976e50f9a7c1fcd3734dbbda50e77a6219e7ec1d4486a9f5aeb3d27f8bad66273c09d3dd33b4d7990b3d0e228dee9a30af775b671fc62dc24c95e3501b2b40678a3ed0a0d7d9e45dff0d196c46304555c1d5af98760b6e4ca7863bf5470e292713eaf8fb4c26092d375fa8e9609d54664bd72916f0b5914bf9fe7451cca26d74d3ea65a47041704e3b72f1cb2d38e9ea92df8113fb5f0619be4e7bf5af34f2ebdb625fa5a95043faa88e57d43022a494eed2ce9fe6714d8bb030d6e2b582ed680d7ba9b5b1be73f249e3d75bc481dcf15b3130acbbcd479403e507f6bc188163c6e111ddc44b9475041e84a7f2ea0892b77fcc3f8fa9823e2ef302d9d5bd261c019a714e68daf4e66a96249441a4666c9dfd90cacb523e972a6111749764b85e60d2989a4d7ae5c18aee4276dbf2e9d0c525bbda451537006d2fa13efa2ef80aab83876f19245ffe302a61e1c5e3751cbf536c35ea629f46f87bb98fef4154cf60811df88f549b56ddae003fdc73acb3f18631109670d840171af844c42aa3923d232f4aee27c39fef7c48521072d350c466064b4a319f0f31907e7ceeb82650694cfe98af50d6bc41271714b30f669f2a56ef48e04c0959d15b96a656b4a866280e52ef4a740855efd04207212406504d8d4c9e671d5fda87fa7c817c8c9c4b2bbd656b94d7643f70fae7b52e08c619c7cb09a5bac6b2474719407f08c6b2120373774f8d118ba00db29696570fc8eaba886dce0ab6745bee65e88642d888d4f76b2d2089cb82cf8b5e614671113496919ad9824e72eccb957ec61e170e4ee72d461495194efcddcbfe8a0f90b90021e63b865a2725ddad569ba62abff6af0d8a0f4d13f6e7351293b4550a7769a36db64c9f617f39494909b02d8bec439be9bcc46464c46e09e47d263c85325f5a5309988b4f101be91034d3cd637d50d95d8e9506dd252f8e9e1c4bfcc5ad340ee82518e574a31d9c7e437d1d5e23dd36798922523b6ee97a41b97945f643ab1af33d522442a4dbc0015464210eaa8e99d93ab331bce0d86b9b4d78c5a9ba66762e2aacd160cb9af1238decf096e920f3a27c2670b2f6fec05bd59fee71a1ad5aa1e4d2135ec1db9c3cd0e4954c194578d665643d1f8c7ea8be3ec5c0ac071ecae3062718e8eed05f86b593551d5ef274fa77a2789ecee2e7f1ea1a25b80920a10667f986a43e9b8c2ad0ced860cdb7d602bc5789ee341b0b48447b2fe8cf26634d0a1bda1965357f6074a528ec6f30c7043f4ee7ecdb65fbd4384c27087ed513600e789fa97afc6e77141f6436b42b6905d69007a573701a1a3a96b49246f36d98b1fbcbf13fc4758719d5daeb0701036e6a421175c93e737a2c43bdf9d2d0902800ba32e9ab472a925bb1be0a21e73d58176d9d136a687ab07e9cb631807dde5e4041fe7cee7fe79c2bccf5b362e1b6df7b294580b0a257334aa401a3a64fc01df96b6e50ffff5891b66b45", 0x1000}}, 0x1006)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
epoll_create1(0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
io_uring_enter(0xffffffffffffffff, 0x47f9, 0x0, 0x0, 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x1, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x4, 0x200000400000000, 0x4, 0x344}, 0x0, 0x0)

8.516075434s ago: executing program 2 (id=2838):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1200800, &(0x7f00000008c0)=ANY=[@ANYRES64=0x0, @ANYRES8=0x0, @ANYBLOB="00010000f5", @ANYRESHEX=0x0, @ANYBLOB="056c"], 0x3, 0x6ae, &(0x7f0000000e40)="$eJzs3U9sHFcdB/DvbDbrbJBSt03TgJBqNVIFjUjsrEqChNSAEMohQhFcerUSp7GySSvHRWmEyAYoSJw4oR44FKFw6AkhhFQOCFHOSEhcOOUeiRuHHABXM7O7Xtsbx25ir9t+PtJ43ts3773f/DJ/dsexNsBn1rnXsr+XIueOn79Z1u/d7XTv3e1cG5STTCVpJM16laKdFB8mZ1Mv+Xz5Yn+44mHzvHL/g6L57vudutbsL9X2jc36bTB2y15yYFjZl2SmLv53y8NuGK9aqnEuro73cFObNRbDuMuEHRskDiZtZYPeamPjkd23ft4Ce9bt+r65wXRyMPXdtbrF9a8Oj74yTN6m16be7sUBAAAAO2XsZ/lRTz3Ig9zMod0JBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4divo7A4v+0hiUZ1IMvv+/NfKd+q0Jh/uY3rlcrb771KQDAQAAAAAAAIDH8sKDPMjNHBrUV4rqd/4vVpXD1c/P5a3cyEKWciI3M5/lLGcpc0mmRwZq3ZxfXl6a29jzlyl7rqys3O73PDW256m1cfXWBzrufxps2AgAAAAAAAAAPrN+lHOrv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC9oEj21atqOTwoT6fRTHIgSauYGW7emmiwT8BfJh0AAAAA7Lx2f32o+H9dWCmqz/xHqs/9B/JWrmc5i1lONwu5VD0LqD/1N/7R63Tv3e1cK5eNA3/j39uKoxox9bOH8TPPVls8N+xxLt/O93I8M7mQpSzm+5nPchYyk29VpfkUme4/vZi+d7edQawb4z27pnZhfWwvjJTL+I5WkbRzOYtVbCdysTUIvdHf7ujIbH9sJetmvFNmp3i1b4s5utRfl3v0i/56b5iu9nz/MCOz/dyX2Xh6NO8bc7/N42T9THNpDJ9BHV6dpayun+lj5fxgf13m+qc7m/NtPkpbm4nez8va4Og7snnOky//868XrjSuX71y+cbxvXMYfUzrj4nOSCae31ImumUmeo+RiQOPE/+T0+pno76Kbu9q+WLV91AW8528kUtZyOnMZi5nMpuv5VQ6OTWS1+c2z2t1rjW2d64d+1K/UN6TfjZyb9o1Uw9rKPP69EheR69001Xb6CurWXpmC1kqWhmfpX+NDaX5hX6hnOPHI3ecyVufibmRTDy7eSZ+/b+VJDe6168uXZl/c5M5bv354EuD8qBQnrbvrL02/+ZJ7tc29He3PF6eKf+xUt82Ro+Osu3ZQVudr6KZ1X6Hh21r73OtVqrzuW571JlajnTkzriR6rbnx87SqdqOjrSteZeTN9IdvgsBYA87+PLBVvt+++/t99o/aV9pnz/wzakzU19sZf/fmn/a97vGbxtfL17Oe/lhDk06UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS48fatq/Pd7sLSHiyk8YQHvDO2aZCK+pXW3tj3T2pharMj6vdJNunemkTM7SR7InVp7sJcUxnTdH74SjtpDONJcnWPfMEdsBNOLl978+SNt299ZfHa/OsLry9cP3Xm9KunO1+du33y8mJ3Ybb+OekogZ2w+jZg0pEAAAAAAAAAAAAAW7Ubf94wZtqiN4F9BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6Zzr2W/b0UmZs9MVvW793tdMtlUF7dspmkkaT4QVJ8mJxNvWR6ZLjiYfO8cv+DX7307vud1bGag+0b6/r94T8rK9vci15/yUySff31o01tabyLI+P1thlYrRjuYZmwY4PEwaR9FAAA///howfX")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
r2 = fsopen(&(0x7f0000000100)='binder\x00', 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
memfd_create(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)

8.467908435s ago: executing program 0 (id=2839):
socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x10, 0x2, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0x23, 0x2, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000007c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x40000000, '\x00', 0x0, 0x0}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x1, 0x0)
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x2000000, 0x0, 0xfffffffc, 0x13b}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000200)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @mcast2}, 0xffffffffffffffff, 0xfffffffc}}, 0x48)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r0, 0x2b76, 0x0, 0x0, 0x0, 0x0)

7.912808713s ago: executing program 9 (id=2841):
mknodat$loop(0xffffffffffffff9c, 0x0, 0x6004, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000e0000002000000000000000000"], 0xb8}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
sendmsg$netlink(r3, 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
preadv(r5, &(0x7f0000004380)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x1, 0x7, 0x16)

7.912545224s ago: executing program 8 (id=2842):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
r1 = socket$l2tp(0x2, 0x2, 0x73)
r2 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r2, &(0x7f00000001c0)={'#! ', './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0'}, 0x1002)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmmsg(r1, &(0x7f000000dd80)=[{{&(0x7f00000000c0)=@in={0x2, 0x4e22, @remote}, 0x80, &(0x7f0000000400)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_SETCONFIGURATION(r0, 0x80045505, &(0x7f0000000000)=0x1)

7.864365734s ago: executing program 7 (id=2843):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r3}, 0x18)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000680)={'wlan0\x00'})
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x4c}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
open_by_handle_at(r3, 0x0, 0x60380)
openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/timer_list\x00', 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r5 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r5, 0xc0184800, &(0x7f0000000040)={0x4, <r6=>r4, 0x1})
ioctl$DMA_BUF_IOCTL_SYNC(r6, 0x40086200, &(0x7f0000000080)=0x7)

6.435684865s ago: executing program 8 (id=2844):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
getrlimit(0x5, &(0x7f00000000c0))
ioctl$UI_BEGIN_FF_UPLOAD(0xffffffffffffffff, 0xc06855c8, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)

6.434944145s ago: executing program 7 (id=2845):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b700000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/14, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r5 = inotify_init()
r6 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r7 = inotify_add_watch(r5, &(0x7f0000000200)='./file0\x00', 0x400008bf)
write$binfmt_elf32(r6, &(0x7f0000000040)=ANY=[@ANYRES64=r7], 0x69)
close(r6)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

6.407161885s ago: executing program 9 (id=2846):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
socket$l2tp(0x2, 0x2, 0x73)
r1 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r1, &(0x7f00000001c0)={'#! ', './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0'}, 0x1002)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_SETCONFIGURATION(r0, 0x80045505, &(0x7f0000000000)=0x1)

6.403935745s ago: executing program 0 (id=2847):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
r3 = syz_pidfd_open(0x0, 0x0)
pidfd_getfd(r3, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r4, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
connect$inet(r4, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0xe000)

3.690748655s ago: executing program 0 (id=2848):
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0xffffffb3, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fffffff, 0x2)
r3 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r3, 0xc0205648, &(0x7f00000001c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0xf0f041, 0x0, '\x00', @ptr}})
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000004c0)={'vcan0\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f0000000300)={0x1d, r5, 0x0, {}, 0x1}, 0x18)
connect$can_j1939(r4, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

3.645683156s ago: executing program 8 (id=2849):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1200800, &(0x7f00000008c0)=ANY=[@ANYRES64=0x0, @ANYRES8=0x0, @ANYBLOB="00010000f5", @ANYRESHEX=0x0, @ANYBLOB="056c"], 0x3, 0x6ae, &(0x7f0000000e40)="$eJzs3U9sHFcdB/DvbDbrbJBSt03TgJBqNVIFjUjsrEqChNSAEMohQhFcerUSp7GySSvHRWmEyAYoSJw4oR44FKFw6AkhhFQOCFHOSEhcOOUeiRuHHABXM7O7Xtsbx25ir9t+PtJ43ts3773f/DJ/dsexNsBn1rnXsr+XIueOn79Z1u/d7XTv3e1cG5STTCVpJM16laKdFB8mZ1Mv+Xz5Yn+44mHzvHL/g6L57vudutbsL9X2jc36bTB2y15yYFjZl2SmLv53y8NuGK9aqnEuro73cFObNRbDuMuEHRskDiZtZYPeamPjkd23ft4Ce9bt+r65wXRyMPXdtbrF9a8Oj74yTN6m16be7sUBAAAAO2XsZ/lRTz3Ig9zMod0JBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4divo7A4v+0hiUZ1IMvv+/NfKd+q0Jh/uY3rlcrb771KQDAQAAAAAAAIDH8sKDPMjNHBrUV4rqd/4vVpXD1c/P5a3cyEKWciI3M5/lLGcpc0mmRwZq3ZxfXl6a29jzlyl7rqys3O73PDW256m1cfXWBzrufxps2AgAAAAAAAAAPrN+lHOrv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC9oEj21atqOTwoT6fRTHIgSauYGW7emmiwT8BfJh0AAAAA7Lx2f32o+H9dWCmqz/xHqs/9B/JWrmc5i1lONwu5VD0LqD/1N/7R63Tv3e1cK5eNA3/j39uKoxox9bOH8TPPVls8N+xxLt/O93I8M7mQpSzm+5nPchYyk29VpfkUme4/vZi+d7edQawb4z27pnZhfWwvjJTL+I5WkbRzOYtVbCdysTUIvdHf7ujIbH9sJetmvFNmp3i1b4s5utRfl3v0i/56b5iu9nz/MCOz/dyX2Xh6NO8bc7/N42T9THNpDJ9BHV6dpayun+lj5fxgf13m+qc7m/NtPkpbm4nez8va4Og7snnOky//868XrjSuX71y+cbxvXMYfUzrj4nOSCae31ImumUmeo+RiQOPE/+T0+pno76Kbu9q+WLV91AW8528kUtZyOnMZi5nMpuv5VQ6OTWS1+c2z2t1rjW2d64d+1K/UN6TfjZyb9o1Uw9rKPP69EheR69001Xb6CurWXpmC1kqWhmfpX+NDaX5hX6hnOPHI3ecyVufibmRTDy7eSZ+/b+VJDe6168uXZl/c5M5bv354EuD8qBQnrbvrL02/+ZJ7tc29He3PF6eKf+xUt82Ro+Osu3ZQVudr6KZ1X6Hh21r73OtVqrzuW571JlajnTkzriR6rbnx87SqdqOjrSteZeTN9IdvgsBYA87+PLBVvt+++/t99o/aV9pnz/wzakzU19sZf/fmn/a97vGbxtfL17Oe/lhDk06UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS48fatq/Pd7sLSHiyk8YQHvDO2aZCK+pXW3tj3T2pharMj6vdJNunemkTM7SR7InVp7sJcUxnTdH74SjtpDONJcnWPfMEdsBNOLl978+SNt299ZfHa/OsLry9cP3Xm9KunO1+du33y8mJ3Ybb+OekogZ2w+jZg0pEAAAAAAAAAAAAAW7Ubf94wZtqiN4F9BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6Zzr2W/b0UmZs9MVvW793tdMtlUF7dspmkkaT4QVJ8mJxNvWR6ZLjiYfO8cv+DX7307vud1bGag+0b6/r94T8rK9vci15/yUySff31o01tabyLI+P1thlYrRjuYZmwY4PEwaR9FAAA///howfX")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)

3.461372679s ago: executing program 7 (id=2850):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6(0xa, 0x3, 0x6)
socket$inet6_sctp(0xa, 0x5, 0x84)
pipe(&(0x7f0000000240))
socket$packet(0x11, 0x3, 0x300)
socket$netlink(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00')
socket$nl_route(0x10, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz1\x00', {0x1b10, 0x0, 0x1, 0x2}, 0x400002f, [0x2, 0x1, 0x7051, 0x1, 0x5, 0x1, 0x2, 0x7db, 0x4, 0xfffffc01, 0xfffffffb, 0x8, 0x202001, 0x100, 0xfe, 0x4a, 0x7, 0x5, 0x2ca, 0x8, 0x76, 0x8, 0x0, 0x200, 0x40, 0x19b1, 0x8000, 0x7, 0xc1, 0x4000000, 0x7, 0x3, 0xe, 0x7, 0x1, 0x1, 0x5, 0xf, 0x7, 0x10001, 0x9, 0x7f, 0x8, 0x3, 0xb, 0x4, 0x20000006, 0x40, 0x7f, 0x9, 0x1, 0x6, 0x3, 0x2284919, 0x4, 0x5643fa73, 0xfffeffff, 0x7, 0x800, 0x2, 0x8a, 0x6, 0x1, 0x6], [0xfffffed2, 0x7fffffff, 0xffff, 0x8, 0xe62, 0x3, 0x0, 0x9, 0xc33, 0x3, 0x7, 0x800, 0x6c368000, 0x4, 0x1000007, 0x0, 0x10, 0x5, 0x8, 0x8001, 0x3, 0x7fff, 0x9, 0x0, 0x5, 0x4, 0x4, 0x8, 0x40, 0xc14, 0x80000001, 0x3, 0x9, 0x7, 0x7, 0x8, 0x8, 0x5, 0x4, 0x9, 0x5, 0x3, 0x2, 0x4, 0x4, 0xfff, 0xa4, 0x4, 0x5, 0xd69, 0x9, 0xf404, 0xf1, 0x3, 0x3, 0x1, 0x6, 0x0, 0x0, 0x6, 0x8, 0x9, 0x4, 0x1000068], [0x1, 0x8, 0x4, 0xfffffffc, 0x0, 0x7fff, 0x405, 0x9, 0x2, 0xffc, 0x7, 0x4, 0xc, 0x7, 0xa, 0xa, 0x6, 0x4, 0x5, 0x5, 0x2, 0x30000000, 0x644, 0x2, 0xfffffffd, 0x7, 0x10000, 0x7f, 0x7ff, 0xd, 0x400, 0x0, 0x41, 0x81, 0xc99, 0x25a, 0x2, 0x0, 0x2, 0x5d9fff6, 0x3ff, 0xff, 0x4, 0x8, 0x10000, 0xe7, 0x200, 0x7af5, 0x0, 0x9, 0x0, 0xffff, 0x7, 0x6, 0x0, 0x81, 0x9, 0x2000002, 0xb, 0x100, 0x8, 0x800, 0x6, 0x10], [0xffffff80, 0xd5800000, 0x0, 0x4, 0x2, 0x62a, 0x6, 0x407, 0xb343, 0x4, 0x1, 0x8, 0x8000, 0x8, 0xffffff81, 0x80000000, 0x5, 0x3, 0x201, 0xfff, 0x3, 0x0, 0x3c63, 0xa, 0x6, 0x80, 0xffffffff, 0x3, 0x2, 0x7, 0x1, 0x7, 0x7, 0x8, 0x1, 0x10000, 0x9, 0x17ce, 0x0, 0x3, 0x6fe, 0xe, 0x7, 0x13b, 0x7, 0x8, 0xb757, 0x2, 0x117, 0x996, 0x54, 0x8c1, 0x0, 0x5, 0x5, 0xf, 0x100, 0x10000400, 0x9, 0x5, 0x6, 0xfffffffb, 0xc, 0x2]}, 0x45c)
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000500)={0x0, 0x2000000, 0x800, 0x0, 0xc0}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

3.115954204s ago: executing program 9 (id=2851):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
syz_open_dev$sndpcmc(&(0x7f0000000300), 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_io_uring_setup(0x24f6, 0x0, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x72, 0x4004, @fd=r1, 0x80000000, 0x0, 0x0, 0x5})
ioctl$USBDEVFS_IOCTL(r0, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)

2.379451115s ago: executing program 7 (id=2852):
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x14, 0x4, 0x4, 0x22}, 0x50)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x70d31000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket$igmp6(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r2, 0x29, 0x22, &(0x7f0000000000)={{0xa, 0x0, 0x101, @loopback, 0x18000}, {0xa, 0x0, 0xfffffffd, @dev, 0x4}, 0x0, {[0xe, 0xfffffffd, 0x0, 0xfffffef9, 0x0, 0x1, 0x8]}}, 0x5c)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r3, 0xffffffffffffffff, 0x0)

2.378860275s ago: executing program 9 (id=2853):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
socket$packet(0x11, 0x2, 0x300)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
brk(0x1)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x74, 0x101301)
ioctl$USBDEVFS_CONTROL(r3, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0x2fe, 0x0, 0x0, 0x80000002, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1a, 0x0, 0x0, 0x0, 0x2205, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
getsockopt$inet6_mptcp_buf(0xffffffffffffffff, 0x11c, 0x3, 0x0, &(0x7f0000000000))

2.257247687s ago: executing program 0 (id=2854):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
r1 = socket$l2tp(0x2, 0x2, 0x73)
r2 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r2, &(0x7f00000001c0)={'#! ', './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0'}, 0x1002)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmmsg(r1, &(0x7f000000dd80)=[{{&(0x7f00000000c0)=@in={0x2, 0x4e22, @remote}, 0x80, &(0x7f0000000400)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_SETCONFIGURATION(r0, 0x80045505, &(0x7f0000000000)=0x1)

1.161733593s ago: executing program 0 (id=2855):
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x1c, 0x1, 0x4, 0x801, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x240000}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x54)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r2, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000340)={r3, 0x0, 0x0, 0x0, 0x1, [], [0x0, 0x7], [0x0, 0x80000002, 0x2], [0x0, 0x0, 0x1, 0x1]})
unshare(0x22020600)
r4 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x4)
r6 = openat$cgroup_ro(r5, &(0x7f00000000c0)='cgroup.controllers\x00', 0x5000000, 0x0)
readv(r6, &(0x7f00000012c0)=[{&(0x7f0000000100)=""/4096, 0x1000}], 0x1)

1.158139043s ago: executing program 7 (id=2856):
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x8b}, 0x0)
getrlimit(0xe, &(0x7f00000000c0))
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
keyctl$setperm(0x5, 0x0, 0x9290101)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCXONC(r4, 0x4b3a, 0x2)
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

383.430374ms ago: executing program 9 (id=2857):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, 0x0, &(0x7f00000007c0)='{\xe0e%m\"\x92\xb5\xcb\x00\x01\x0e!5\xd8\xf2\x92\x97\x86\xf9\xa8\xe7;\xdff3\x83\xb1a\xf2j\t\x7f??,\xd9\xe28\xae\xd6>\xbaN\x1d_N\xcbdIP2$\xbc\xc9\x89\xb5\n\x90-i%\xe2\x94\fH\xf1\xed\r\b\x1c\x81>\t\xc30-\xe2\xb3\xb0<m\x8ePDhx\x04\xd8\x17\xbcP\x8bl\xd5\x00\x00\x00\x00\x00\x00\xa3E\x9a_\x9b\x98#\xb2\x03\x18!V\x1b\xcbk\xf8\xd6JE4,\xdf\x96\x80j#\xf9\xd8\x13,\x89\x10\x90:l/\xb9T\x9a', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
gettid()
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r1, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd038786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500031681905db88235f8a5447dd2a2fd6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd500800000000000000e4a62fb73c33424b437bb192c9b06ea6ed04983fe5c5ca033dfce0a82577ef14eee5e6be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b394de70400d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca147df97db"})
ioctl$USBDEVFS_SETINTERFACE(r1, 0x80085504, &(0x7f0000000180))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
clock_settime(0x0, &(0x7f0000000240)={0x77359400})
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x1)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0x8, 0x0, 0x0, 0x0, 0x47}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

85.570309ms ago: executing program 7 (id=2858):
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
setsockopt$MRT6_TABLE(0xffffffffffffffff, 0x29, 0xcf, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
syz_open_dev$video(&(0x7f0000000040), 0x9, 0x40400)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000240)=0x1)
r4 = syz_io_uring_setup(0x80000497, &(0x7f00000000c0)={0x0, 0x9013, 0x100, 0x2, 0xd0}, 0x0, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_PBUF_RING(r4, 0x16, &(0x7f0000000140)={&(0x7f0000001000)={[{0x0, 0x5, 0x3, 0x700}]}, 0x1, 0x1}, 0x1)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x64, 0x3, 0x300, 0x6e, 0xffffffad, 0x190, 0x190, 0x190, 0x268, 0x268, 0x268, 0x268, 0x268, 0x3, 0x0, {[{{@ip={@remote, @local={0xac, 0x14, 0xd}, 0x0, 0x0, 'caif0\x00', 'ip6tnl0\x00'}, 0x0, 0x130, 0x190, 0xffffffc5, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "bdc74c01369df17d17ac76fa5f9b3bfa0c34430d864040bc25b2b73a59aa6ecab6b1d2cc05e3182f64694d7d05fb8b8c8f56627a54f905d564eeeb8334f650ca0f3c44f7fda4d20a55050342ea85ecc8838e7088de33582f36a0a375bb7008adc297a5ece1bb2df53d17bef26bb6f800", 0x7f, 0x2}}]}, @common=@SET={0x60}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, 0x0, 0x0, 'team0\x00', 'team0\x00'}, 0x0, 0x98, 0xd8, 0x0, {}, [@common=@inet=@set1={{0x28}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x360)

0s ago: executing program 0 (id=2859):
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x175)
close(r0)
epoll_create(0x5)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x119)
r5 = fanotify_init(0x12, 0x1000)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r5}})

kernel console output (not intermixed with test programs):

 syscall=41 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  341.902207][   T26] audit: type=1326 audit(1751399277.974:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7925 comm="syz.2.748" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  342.641500][ T8008] CIFS mount error: No usable UNC path provided in device string!
[  342.641500][ T8008] 
[  342.651837][ T8008] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  343.753215][ T8024] netlink: 8 bytes leftover after parsing attributes in process `syz.5.774'.
[  344.020714][ T8035] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  344.028054][ T8035] IPv6: NLM_F_CREATE should be set when creating new route
[  344.984197][ T8050] device lo entered promiscuous mode
[  344.989765][ T8050] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  346.971628][ T8067] MPTCP: kernel_bind error, err=-99
[  348.409196][ T8087] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  348.421822][ T8087] IPv6: NLM_F_CREATE should be set when creating new route
[  351.043645][ T8100] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  353.868975][ T8116] loop8: detected capacity change from 0 to 512
[  353.935604][ T8116] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  353.958855][ T8116] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  353.991448][ T8116] EXT4-fs (loop8): 1 truncate cleaned up
[  353.997456][ T8116] EXT4-fs (loop8): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,jqfmt=vfsold,minixdf,quota,,errors=continue. Quota mode: writeback.
[  356.505893][ T8087] bridge0: port 3(syz_tun) entered disabled state
[  356.545944][ T8087] bridge0: port 2(bridge_slave_1) entered disabled state
[  356.553450][ T8087] bridge0: port 1(bridge_slave_0) entered disabled state
[  358.243165][ T8141] netlink: 43 bytes leftover after parsing attributes in process `syz.2.802'.
[  358.255677][ T8087] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  358.347273][ T8087] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  361.428514][ T8087] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  361.438167][ T8087] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  361.469280][ T8087] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  361.478580][ T8087] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  361.585991][ T8141] tipc: Enabled bearer <eth:vlan0>, priority 10
[  361.630962][ T8146] tipc: Resetting bearer <eth:vlan0>
[  361.774691][ T8146] tipc: Disabling bearer <eth:vlan0>
[  361.827761][ T8174] device veth3 entered promiscuous mode
[  362.274012][ T8194] netlink: 32 bytes leftover after parsing attributes in process `syz.5.816'.
[  363.227306][ T8194] netlink: 32 bytes leftover after parsing attributes in process `syz.5.816'.
[  363.329762][ T8206] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  364.480679][ T8215] netlink: 4 bytes leftover after parsing attributes in process `syz.5.821'.
[  364.518875][ T8228] loop8: detected capacity change from 0 to 1024
[  366.052052][ T8228] EXT4-fs (loop8): Ignoring removed nobh option
[  366.109330][ T8228] EXT4-fs (loop8): Ignoring removed bh option
[  366.176293][ T8228] EXT4-fs (loop8): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  367.058571][ T8228] EXT4-fs (loop8): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000003,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  369.065853][ T8304] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  369.144418][ T8304] SQUASHFS error: Failed to read block 0x0: -5
[  369.168943][ T8310] binder: 8307:8310 ioctl c018620c 2000000000c0 returned -22
[  370.113201][   T26] kauditd_printk_skb: 10 callbacks suppressed
[  370.113219][   T26] audit: type=1326 audit(1751399308.959:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8319 comm="syz.8.837" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff98aa1f929 code=0x0
[  372.881558][ T8343] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  372.914986][ T8356] loop2: detected capacity change from 0 to 4096
[  373.020961][ T8356] NILFS (loop2): invalid segment: Checksum error in segment payload
[  373.035505][ T8343] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  373.051214][ T4246] wlan1: authenticate with 08:02:11:00:00:00
[  373.094848][ T4246] wlan1: No basic rates, using min rate instead
[  373.102486][ T8356] NILFS (loop2): trying rollback from an earlier position
[  373.151263][ T8356] NILFS (loop2): recovery complete
[  373.163678][ T4246] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  373.185752][ T8364] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  373.207911][   T26] audit: type=1800 audit(1751399312.059:70): pid=8356 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.849" name="file1" dev="loop2" ino=12 res=0 errno=0
[  373.319018][ T4691] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  373.444099][ T4691] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  373.552934][ T4691] wlan1: authentication with 08:02:11:00:00:00 timed out
[  374.614674][ T8406] loop8: detected capacity change from 0 to 256
[  374.642205][ T8404] bridge0: the hash_elasticity option has been deprecated and is always 16
[  375.078429][ T8405] xt_time: unknown flags 0xc
[  375.214170][ T8406] FAT-fs (loop8): Directory bread(block 64) failed
[  375.234272][ T8406] FAT-fs (loop8): Directory bread(block 65) failed
[  375.240962][ T8406] FAT-fs (loop8): Directory bread(block 66) failed
[  375.320710][ T8406] FAT-fs (loop8): Directory bread(block 67) failed
[  375.378187][ T8406] FAT-fs (loop8): Directory bread(block 68) failed
[  375.398382][ T8406] FAT-fs (loop8): Directory bread(block 69) failed
[  375.532714][ T8406] FAT-fs (loop8): Directory bread(block 70) failed
[  375.539993][ T8406] FAT-fs (loop8): Directory bread(block 71) failed
[  375.546990][ T8406] FAT-fs (loop8): Directory bread(block 72) failed
[  375.553658][ T8406] FAT-fs (loop8): Directory bread(block 73) failed
[  377.919453][ T8430] lo speed is unknown, defaulting to 1000
[  378.095742][ T8430] lo speed is unknown, defaulting to 1000
[  378.664559][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  378.672087][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  378.681042][ T8430] lo speed is unknown, defaulting to 1000
[  379.712501][ T8430] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  379.766284][ T8444] netlink: 'syz.8.865': attribute type 32 has an invalid length.
[  379.817279][ T8430] lo speed is unknown, defaulting to 1000
[  379.827524][ T8430] lo speed is unknown, defaulting to 1000
[  379.926468][ T8430] lo speed is unknown, defaulting to 1000
[  379.957294][ T8430] lo speed is unknown, defaulting to 1000
[  380.001325][ T8430] lo speed is unknown, defaulting to 1000
[  380.278946][ T8454] netlink: 'syz.2.869': attribute type 1 has an invalid length.
[  380.475121][ T8454] netlink: 4 bytes leftover after parsing attributes in process `syz.2.869'.
[  380.557449][ T8454] netlink: 4 bytes leftover after parsing attributes in process `syz.2.869'.
[  381.218555][ T8461] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  381.235400][ T8461] team0: Failed to send port change of device macvlan2 via netlink (err -105)
[  381.769463][ T8461] team0: Failed to send options change via netlink (err -105)
[  381.796430][ T8461] team0: Port device macvlan2 added
[  382.906103][ T8491] device syzkaller0 entered promiscuous mode
[  383.843454][ T8501] loop2: detected capacity change from 0 to 2048
[  384.020065][ T8500] netlink: 8 bytes leftover after parsing attributes in process `syz.5.867'.
[  384.041675][ T8500] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  384.101897][ T8501] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  385.325310][ T8541] netlink: 24 bytes leftover after parsing attributes in process `syz.2.887'.
[  385.439330][ T8541] netlink: 24 bytes leftover after parsing attributes in process `syz.2.887'.
[  387.328890][ T8556] loop2: detected capacity change from 0 to 256
[  387.405953][ T8556] FAT-fs (loop2): Directory bread(block 64) failed
[  387.434720][ T8556] FAT-fs (loop2): Directory bread(block 65) failed
[  387.441490][ T8556] FAT-fs (loop2): Directory bread(block 66) failed
[  387.459710][ T8556] FAT-fs (loop2): Directory bread(block 67) failed
[  387.481869][ T8556] FAT-fs (loop2): Directory bread(block 68) failed
[  387.528701][ T8556] FAT-fs (loop2): Directory bread(block 69) failed
[  387.623932][ T8556] FAT-fs (loop2): Directory bread(block 70) failed
[  387.633991][ T8556] FAT-fs (loop2): Directory bread(block 71) failed
[  387.664935][ T8556] FAT-fs (loop2): Directory bread(block 72) failed
[  387.709496][ T8556] FAT-fs (loop2): Directory bread(block 73) failed
[  388.670996][ T8575] netlink: 28 bytes leftover after parsing attributes in process `syz.8.898'.
[  389.884042][ T8577] netlink: 28 bytes leftover after parsing attributes in process `syz.8.898'.
[  390.383478][ T8593] nfs: Unknown parameter 'ntext'
[  391.238060][ T8601] xt_TPROXY: Can be used only with -p tcp or -p udp
[  394.357822][ T8620] tipc: Started in network mode
[  395.061796][ T8620] tipc: Node identity 7f000001, cluster identity 4711
[  395.181369][ T8620] tipc: Enabled bearer <udp:syz2>, priority 10
[  395.268078][ T8630] netlink: 64 bytes leftover after parsing attributes in process `syz.0.920'.
[  395.270319][ T8633] loop2: detected capacity change from 0 to 1024
[  395.329531][ T8636] netlink: 'syz.0.920': attribute type 11 has an invalid length.
[  395.347544][ T8636] netlink: 428 bytes leftover after parsing attributes in process `syz.0.920'.
[  395.375192][ T8633] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  395.618310][ T8643] loop8: detected capacity change from 0 to 256
[  395.934531][ T8643] exFAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  395.945601][ T8643] exFAT-fs (loop8): Medium has reported failures. Some data may be lost.
[  396.195912][ T8643] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  396.236599][ T8633] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,bsddf,max_dir_size_kb=0x0000000000000002,norecovery,debug_want_extra_isize=0x0000000000000080,block_validity,nodiscard,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  396.283897][ T4246] tipc: Node number set to 2130706433
[  400.873293][ T8715] tmpfs: Unknown parameter 'uid<00000000000000000000,9'
[  400.931538][ T8717] loop5: detected capacity change from 0 to 512
[  401.726360][ T8725] netlink: 104 bytes leftover after parsing attributes in process `syz.5.927'.
[  402.470450][ T8733] netlink: 'syz.0.931': attribute type 12 has an invalid length.
[  403.636511][ T8753] batman_adv: batadv0: Removing interface: batadv_slave_0
[  404.732344][ T8753] batman_adv: batadv0: Removing interface: batadv_slave_1
[  407.054678][ T8788] tipc: Started in network mode
[  407.059800][ T8788] tipc: Node identity 4, cluster identity 4711
[  407.066180][ T8788] tipc: Node number set to 4
[  407.314463][ T8794] dns_resolver: Unsupported server list version (0)
[  408.886958][ T4285] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  409.195024][ T8809] netlink: 4 bytes leftover after parsing attributes in process `syz.8.950'.
[  409.396816][ T8821] netlink: 28 bytes leftover after parsing attributes in process `syz.7.953'.
[  410.126943][   T13] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[  410.324344][ T8838] netlink: 41326 bytes leftover after parsing attributes in process `syz.2.955'.
[  410.514620][ T8844] lo speed is unknown, defaulting to 1000
[  410.523065][ T8840] fido_id[8840]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  411.341368][ T8849] lo speed is unknown, defaulting to 1000
[  411.377991][ T8844] lo speed is unknown, defaulting to 1000
[  412.387715][ T8849] lo speed is unknown, defaulting to 1000
[  413.416210][   T26] audit: type=1326 audit(1751399352.264:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8878 comm="syz.7.966" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe3985ca929 code=0x0
[  413.485199][ T8883] loop2: detected capacity change from 0 to 128
[  413.682044][ T8883] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,discard,nodelalloc,data_err=ignore,quota,,errors=continue. Quota mode: writeback.
[  413.758326][ T8883] ext4 filesystem being mounted at /190/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  416.698097][ T4218] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  417.076737][ T4218] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  417.119889][ T4218] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  417.246854][ T4218] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  417.265881][ T4218] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  417.329280][ T4218] usb 3-1: SerialNumber: syz
[  418.301131][ T4218] usb 3-1: 0:2 : does not exist
[  418.350148][ T8973] loop8: detected capacity change from 0 to 1024
[  418.384696][ T4218] usb 3-1: unit 5 not found!
[  418.498582][ T4218] usb 3-1: USB disconnect, device number 7
[  419.329981][ T4465] udevd[4465]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  419.380353][ T8982] netlink: 28 bytes leftover after parsing attributes in process `syz.0.987'.
[  419.718636][ T8979] hfsplus: invalid extended attribute record
[  419.735226][ T8984] netlink: 4 bytes leftover after parsing attributes in process `syz.2.988'.
[  419.757090][ T8984] device bond_slave_0 entered promiscuous mode
[  419.763887][ T8984] device bond_slave_1 entered promiscuous mode
[  419.809587][ T8984] device macvlan2 entered promiscuous mode
[  419.832692][ T8984] device bond0 entered promiscuous mode
[  419.847925][ T8984] device bridge0 entered promiscuous mode
[  419.856430][ T8984] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  420.010589][ T4691] hfsplus: b-tree write err: -5, ino 4
[  421.296710][   T26] audit: type=1800 audit(1751399360.143:72): pid=9008 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.996" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  421.319176][ T9008] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -4
[  421.338820][ T9008] platform regulatory.0: Direct firmware load for regulatory.db failed with error -4
[  421.409001][ T9008] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  421.918687][ T4218] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  422.648811][ T4218] usb 9-1: device descriptor read/64, error -71
[  422.808602][ T9034] netlink: 'syz.0.1001': attribute type 10 has an invalid length.
[  423.748986][ T4218] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  423.799268][ T9034] team0: Port device dummy0 added
[  423.840101][ T9038] netlink: 'syz.0.1001': attribute type 10 has an invalid length.
[  423.882861][   T26] audit: type=1326 audit(1751399362.732:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9039 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  423.906977][ T9038] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  423.953648][   T26] audit: type=1326 audit(1751399362.732:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9039 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  423.979228][ T4218] usb 9-1: device descriptor read/64, error -71
[  424.030876][ T9038] team0: Failed to send options change via netlink (err -105)
[  424.057768][   T26] audit: type=1326 audit(1751399362.732:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9039 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  424.099329][ T4218] usb usb9-port1: attempt power cycle
[  424.105236][   T26] audit: type=1326 audit(1751399362.732:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9039 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  424.108342][ T9038] team0: Port device dummy0 removed
[  424.143275][ T9038] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  424.196170][   T26] audit: type=1326 audit(1751399362.732:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9039 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  425.361843][   T26] audit: type=1326 audit(1751399362.732:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9039 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=90 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  425.522753][   T26] audit: type=1326 audit(1751399362.732:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9039 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  426.837505][   T26] audit: type=1326 audit(1751399362.732:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9039 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  427.009773][   T26] audit: type=1326 audit(1751399362.732:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9039 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  427.221079][   T26] audit: type=1326 audit(1751399362.742:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9039 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  427.221126][   T26] audit: type=1326 audit(1751399362.872:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9039 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  428.273465][ T9082] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  429.584251][ T9092] lo speed is unknown, defaulting to 1000
[  429.606279][ T9092] lo speed is unknown, defaulting to 1000
[  431.120462][ T9132] netlink: 'syz.0.1024': attribute type 4 has an invalid length.
[  431.126845][   T26] audit: type=1326 audit(1751399369.972:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9126 comm="syz.8.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  431.129864][ T9132] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1024'.
[  431.184835][   T26] audit: type=1326 audit(1751399370.002:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9126 comm="syz.8.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  431.227595][ T9133] cgroup: Unknown subsys name 'obj_role'
[  431.279669][   T26] audit: type=1326 audit(1751399370.002:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9126 comm="syz.8.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  431.390012][ T8163] Bluetooth: hci2: command 0x0409 tx timeout
[  431.414970][ T9092] chnl_net:caif_netlink_parms(): no params data found
[  431.429880][   T26] audit: type=1326 audit(1751399370.002:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9126 comm="syz.8.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  431.544195][   T26] audit: type=1326 audit(1751399370.002:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9126 comm="syz.8.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  431.602064][ T9092] bridge0: port 1(bridge_slave_0) entered blocking state
[  431.609391][   T26] audit: type=1326 audit(1751399370.012:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9126 comm="syz.8.1023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  431.633485][ T9092] bridge0: port 1(bridge_slave_0) entered disabled state
[  431.642496][ T9092] device bridge_slave_0 entered promiscuous mode
[  431.651715][ T9092] bridge0: port 2(bridge_slave_1) entered blocking state
[  431.659433][ T9092] bridge0: port 2(bridge_slave_1) entered disabled state
[  431.667903][ T9092] device bridge_slave_1 entered promiscuous mode
[  431.707936][ T9092] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  431.768060][ T9092] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  432.852425][ T9092] team0: Port device team_slave_0 added
[  432.899206][ T9092] team0: Port device team_slave_1 added
[  433.090330][ T9092] batman_adv: batadv0: Adding interface: batadv_slave_0
[  433.105619][ T9092] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  433.188721][ T9092] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  433.219814][ T9169] device wg2 entered promiscuous mode
[  433.239512][ T9177] netlink: 'syz.0.1033': attribute type 1 has an invalid length.
[  433.294214][ T9177] 8021q: adding VLAN 0 to HW filter on device bond2
[  433.362154][ T9092] batman_adv: batadv0: Adding interface: batadv_slave_1
[  433.400171][ T9092] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  433.461412][ T9092] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  433.567108][ T9179] 8021q: adding VLAN 0 to HW filter on device bond2
[  433.623428][ T1326] Bluetooth: hci2: command 0x041b tx timeout
[  433.643512][ T9179] bond2: (slave vti0): The slave device specified does not support setting the MAC address
[  433.661884][ T9179] bond2: (slave vti0): Error -95 calling set_mac_address
[  433.686114][ T9190] netlink: 16 bytes leftover after parsing attributes in process `syz.8.1036'.
[  434.647810][ T9177] bond2: (slave gretap1): making interface the new active one
[  435.441772][ T9177] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  435.613646][ T9092] device hsr_slave_0 entered promiscuous mode
[  435.623259][ T9092] device hsr_slave_1 entered promiscuous mode
[  435.637106][ T9092] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  435.646389][ T9092] Cannot create hsr debugfs directory
[  435.667796][ T9196] netlink: 'syz.7.1037': attribute type 1 has an invalid length.
[  435.711730][ T6384] Bluetooth: hci2: command 0x040f tx timeout
[  435.749051][ T9196] 8021q: adding VLAN 0 to HW filter on device bond1
[  435.779292][ T9197] device vlan2 entered promiscuous mode
[  435.789522][ T9197] device bond1 entered promiscuous mode
[  435.806006][ T9199] bond1: (slave gretap1): making interface the new active one
[  435.813827][ T9199] device gretap1 entered promiscuous mode
[  435.842669][ T9199] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  435.864304][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  435.886096][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  435.920019][ T9213] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1040'.
[  436.098212][ T9226] 9pnet: Insufficient options for proto=fd
[  437.076546][ T9092] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  437.135318][ T9092] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  437.219788][ T9092] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  437.255697][ T9092] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  437.631753][ T1326] Bluetooth: hci3: command 0x0406 tx timeout
[  437.790712][ T1326] Bluetooth: hci2: command 0x0419 tx timeout
[  438.172006][ T9092] 8021q: adding VLAN 0 to HW filter on device bond0
[  438.332959][ T9092] 8021q: adding VLAN 0 to HW filter on device team0
[  438.369226][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  438.388970][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  438.482066][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  438.498862][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  438.923860][ T4305] bridge0: port 1(bridge_slave_0) entered blocking state
[  438.931092][ T4305] bridge0: port 1(bridge_slave_0) entered forwarding state
[  439.222591][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  439.261731][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  439.270461][ T4305] bridge0: port 2(bridge_slave_1) entered blocking state
[  439.277761][ T4305] bridge0: port 2(bridge_slave_1) entered forwarding state
[  439.364483][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  439.374525][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  439.395706][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  439.414148][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  439.462182][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  439.471504][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  439.482373][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  439.492098][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  439.504369][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  439.515798][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  439.557814][   T26] kauditd_printk_skb: 17 callbacks suppressed
[  439.557830][   T26] audit: type=1326 audit(1751399378.401:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.0.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f095cbec929 code=0x7fc00000
[  439.651743][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  439.741659][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  439.764382][ T9092] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  440.788771][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  440.795161][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  440.996834][ T9297] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1058'.
[  441.125951][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  441.140377][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  441.156242][ T9092] 8021q: adding VLAN 0 to HW filter on device batadv0
[  442.375621][ T9309] loop8: detected capacity change from 0 to 256
[  442.431971][   T26] audit: type=1326 audit(1751399381.280:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9282 comm="syz.0.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f095cb88b19 code=0x7fc00000
[  442.548722][ T9313] loop2: detected capacity change from 0 to 128
[  443.188351][ T9313] EXT4-fs (loop2): Test dummy encryption mode enabled
[  443.195595][ T9313] EXT4-fs (loop2): Test dummy encryption mode enabled
[  443.243414][ T9317] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1063'.
[  443.252909][ T9313] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption=v1,test_dummy_encryption=v1,,errors=continue. Quota mode: none.
[  443.268373][ T9313] ext4 filesystem being mounted at /210/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  444.792673][ T9331] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1067'.
[  444.898728][ T9331] device bridge_slave_0 left promiscuous mode
[  444.924272][ T9331] bridge0: port 1(bridge_slave_0) entered disabled state
[  444.971515][ T9341] netlink: 'syz.2.1066': attribute type 12 has an invalid length.
[  445.049012][ T4658] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  445.068628][ T4658] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  445.315639][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  445.332481][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  446.172243][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  446.215732][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  446.267873][ T9092] device veth0_vlan entered promiscuous mode
[  446.282815][ T9092] device veth1_vlan entered promiscuous mode
[  446.358096][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  446.378042][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  446.397791][ T9092] device veth0_macvtap entered promiscuous mode
[  446.421979][ T9355] netlink: 'syz.8.1073': attribute type 10 has an invalid length.
[  446.447091][ T9355] bridge0: port 2(bridge_slave_1) entered disabled state
[  446.473162][ T9355] device bridge_slave_1 left promiscuous mode
[  446.480766][ T9355] bridge0: port 2(bridge_slave_1) entered disabled state
[  446.505943][ T9355] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  446.524299][ T9092] device veth1_macvtap entered promiscuous mode
[  446.568570][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  446.579576][ T4361] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  446.611181][ T9361] netlink: 14 bytes leftover after parsing attributes in process `syz.8.1073'.
[  446.632421][    C0] Illegal XDP return value 16128, expect packet loss!
[  446.731383][ T9361] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  447.417657][ T9361] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  447.451218][ T9361] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  447.470189][ T9361] bond0 (unregistering): Released all slaves
[  447.504689][ T9092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  447.515304][ T9092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  447.533415][ T9092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  447.544298][ T9092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  447.869533][ T9092] batman_adv: batadv0: Interface activated: batadv_slave_0
[  448.422300][ T4658] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  448.431440][ T4658] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  448.634346][ T9371] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1076'.
[  448.653759][ T9371] device bridge_slave_1 left promiscuous mode
[  449.140488][ T9371] bridge0: port 2(bridge_slave_1) entered disabled state
[  449.540701][ T9371] device bridge_slave_0 left promiscuous mode
[  449.554825][ T9371] bridge0: port 1(bridge_slave_0) entered disabled state
[  449.578169][ T9371] bond0: (slave bridge0): Releasing backup interface
[  449.588246][ T9371] device bridge0 left promiscuous mode
[  449.644013][ T9092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  449.655233][ T9092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  449.665276][ T9092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  449.675895][ T9092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  449.707350][ T9092] batman_adv: batadv0: Interface activated: batadv_slave_1
[  449.723731][ T9389] device batadv0 entered promiscuous mode
[  449.730591][ T9389] 8021q: adding VLAN 0 to HW filter on device batadv0
[  449.907722][ T1230] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  449.928250][ T1230] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  450.318555][ T9092] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  450.497285][ T9092] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  450.514108][ T9092] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  450.527259][ T9092] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  450.703377][ T9396] device macsec1 entered promiscuous mode
[  450.740409][ T9396] device bond0 entered promiscuous mode
[  450.746778][ T9396] device bond_slave_0 entered promiscuous mode
[  450.760874][ T9396] device bond_slave_1 entered promiscuous mode
[  450.870500][ T9396] device bridge0 entered promiscuous mode
[  450.885140][ T9396] device dummy0 entered promiscuous mode
[  450.896300][ T9396] device bond0 left promiscuous mode
[  451.654720][ T9396] device bond_slave_0 left promiscuous mode
[  451.662041][ T9396] device bond_slave_1 left promiscuous mode
[  451.693677][ T9396] device bridge0 left promiscuous mode
[  451.832435][ T9396] device dummy0 left promiscuous mode
[  452.645702][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880610fac00: rx timeout, send abort
[  452.719239][ T9422] loop8: detected capacity change from 0 to 512
[  452.858059][ T9421] netlink: 'syz.0.1090': attribute type 21 has an invalid length.
[  452.866188][ T9421] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1090'.
[  453.154056][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880610fac00: abort rx timeout. Force session deactivation
[  453.196222][ T9422] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  453.778060][ T9422] EXT4-fs (loop8): 1 truncate cleaned up
[  453.784228][ T9422] EXT4-fs (loop8): mounted filesystem without journal. Opts: minixdf,max_dir_size_kb=0x00000000000001ff,stripe=0x0000000000000000,noblock_validity,debug_want_extra_isize=0x0000000000000006,,errors=continue. Quota mode: none.
[  453.795677][ T4675] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  453.939146][ T9432] EXT4-fs error (device loop8): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.8.1089: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  454.029588][ T4675] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  454.041579][ T4691] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  455.255014][ T1230] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  455.273349][ T9442] bridge0: port 3(batadv1) entered blocking state
[  455.325001][ T9442] bridge0: port 3(batadv1) entered disabled state
[  455.989729][ T1230] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  456.019982][ T9442] device batadv1 entered promiscuous mode
[  456.037313][ T4675] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  456.047599][ T4675] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  456.081345][ T9445] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1094'.
[  456.122988][ T1230] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  456.456285][ T9450] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  456.465276][ T9450] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  456.474212][ T9450] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  456.483231][ T9450] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  456.787139][ T9450] bond0: (slave vxlan0): Enslaving as an active interface with an up link
[  456.823083][ T9452] device bond0 entered promiscuous mode
[  458.284945][ T9452] device bond_slave_0 entered promiscuous mode
[  458.291405][ T9452] device bond_slave_1 entered promiscuous mode
[  458.357023][ T9452] device bridge0 entered promiscuous mode
[  458.376504][ T9461] netlink: 'syz.2.1100': attribute type 1 has an invalid length.
[  458.392806][ T9452] device dummy0 entered promiscuous mode
[  458.422354][ T9452] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[  458.528776][   T26] audit: type=1326 audit(1751399397.368:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm="syz.8.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  458.586245][ T1230] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready
[  458.688362][   T26] audit: type=1326 audit(1751399397.398:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm="syz.8.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  458.738604][ T9474] blk_update_request: I/O error, dev loop15, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  458.770932][   T26] audit: type=1326 audit(1751399397.398:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm="syz.8.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  458.807501][ T9474] isofs_fill_super: bread failed, dev=loop15, iso_blknum=16, block=32
[  458.881611][   T26] audit: type=1326 audit(1751399397.398:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm="syz.8.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  458.904752][   T26] audit: type=1326 audit(1751399397.398:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm="syz.8.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  458.928197][   T26] audit: type=1326 audit(1751399397.398:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm="syz.8.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  458.969039][   T26] audit: type=1326 audit(1751399397.398:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm="syz.8.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  459.045586][   T26] audit: type=1326 audit(1751399397.398:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm="syz.8.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  459.285076][   T26] audit: type=1326 audit(1751399397.408:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9458 comm="syz.8.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  459.604127][ T9485] ªªªªªª: renamed from vlan0
[  459.868104][ T9494] netlink: 'syz.2.1112': attribute type 29 has an invalid length.
[  459.877370][ T9494] netlink: 'syz.2.1112': attribute type 29 has an invalid length.
[  460.675200][ T9494] netlink: 'syz.2.1112': attribute type 29 has an invalid length.
[  460.705766][ T9494] netlink: 'syz.2.1112': attribute type 29 has an invalid length.
[  460.744689][ T9494] netlink: 'syz.2.1112': attribute type 29 has an invalid length.
[  460.771346][ T9494] netlink: 'syz.2.1112': attribute type 29 has an invalid length.
[  460.798947][ T9494] netlink: 'syz.2.1112': attribute type 29 has an invalid length.
[  461.003877][ T9494] netlink: 'syz.2.1112': attribute type 29 has an invalid length.
[  461.862777][ T9504] loop9: detected capacity change from 0 to 1024
[  462.782241][ T9509] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1115'.
[  463.090881][ T9509] netlink: 'syz.0.1115': attribute type 1 has an invalid length.
[  463.131074][ T4669] hfsplus: bad catalog file entry
[  463.257070][ T4669] hfsplus: b-tree write err: -5, ino 3
[  464.026902][ T9514] loop2: detected capacity change from 0 to 2048
[  464.135516][ T9519] validate_nla: 1 callbacks suppressed
[  464.135535][ T9519] netlink: 'syz.9.1118': attribute type 3 has an invalid length.
[  464.164923][ T9514] EXT4-fs (loop2): mounted filesystem without journal. Opts: min_batch_time=0x000000000000000d,mb_optimize_scan=0x0000000000000001,noblock_validity,,errors=continue. Quota mode: none.
[  465.945670][ T9541] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1118'.
[  466.506726][ T9566] loop8: detected capacity change from 0 to 512
[  466.584164][ T9566] EXT4-fs (loop8): Invalid want_extra_isize 2
[  469.879582][ T9604] syz.0.1144[9604] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  469.879728][ T9604] syz.0.1144[9604] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  471.288227][ T9619] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1147'.
[  471.329613][ T9619] netlink: 2 bytes leftover after parsing attributes in process `syz.7.1147'.
[  472.505697][ T9639] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1153'.
[  472.544580][ T9642] loop9: detected capacity change from 0 to 1024
[  472.569442][ T9639] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1153'.
[  472.692375][ T9642] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  474.032251][ T9666] loop2: detected capacity change from 0 to 2048
[  474.128940][ T9666] EXT4-fs (loop2): mounted filesystem without journal. Opts: barrier=0x0000000000000000,resuid=0x0000000000000000,block_validity,errors=remount-ro,. Quota mode: none.
[  474.360058][ T9668] loop9: detected capacity change from 0 to 4096
[  474.448996][ T9677] EXT4-fs error (device loop2): ext4_ext_precache:608: inode #2: comm syz.2.1163: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  474.579211][ T9677] EXT4-fs (loop2): Remounting filesystem read-only
[  475.215812][ T9680] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  475.412790][ T9668] afs: Bad value for 'source'
[  478.048144][ T9707] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  478.055532][ T9707] IPv6: NLM_F_CREATE should be set when creating new route
[  478.096603][ T9715] loop8: detected capacity change from 0 to 128
[  478.196687][ T9715] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  478.305707][ T9715] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  479.572356][ T4259] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  481.970697][ T9761] loop9: detected capacity change from 0 to 512
[  483.155118][ T9761] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  483.263914][ T9761] ext4 filesystem being mounted at /18/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  485.302382][ T9807] blk_update_request: I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  485.366380][ T9807] SQUASHFS error: Failed to read block 0x0: -5
[  485.775621][ T4691] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  485.894253][ T4691] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  485.968158][ T4691] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  486.120410][ T4691] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.273596][ T9849] loop8: detected capacity change from 0 to 512
[  488.040255][ T9849] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  488.261439][ T9855] lo speed is unknown, defaulting to 1000
[  488.288935][ T9849] ext4 filesystem being mounted at /97/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  488.315766][ T9855] lo speed is unknown, defaulting to 1000
[  489.717503][ T4218] Bluetooth: hci2: command 0x0409 tx timeout
[  489.800792][ T9855] chnl_net:caif_netlink_parms(): no params data found
[  489.898142][ T9896] device veth3 entered promiscuous mode
[  489.915639][ T9899] netlink: 40 bytes leftover after parsing attributes in process `syz.8.1227'.
[  490.110724][ T9902] bridge0: the hash_elasticity option has been deprecated and is always 16
[  490.313586][ T9909] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  490.806981][ T9855] bridge0: port 1(bridge_slave_0) entered blocking state
[  490.814097][ T9855] bridge0: port 1(bridge_slave_0) entered disabled state
[  490.847958][ T9909] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  490.860248][ T9909] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  490.879264][ T9855] device bridge_slave_0 entered promiscuous mode
[  490.896841][ T9855] bridge0: port 2(bridge_slave_1) entered blocking state
[  490.953316][ T9855] bridge0: port 2(bridge_slave_1) entered disabled state
[  490.967748][ T9855] device bridge_slave_1 entered promiscuous mode
[  491.797008][ T4308] Bluetooth: hci2: command 0x041b tx timeout
[  491.871842][ T9855] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  492.039939][ T9855] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  492.854799][ T9943] loop8: detected capacity change from 0 to 2048
[  492.998691][ T9943] EXT4-fs (loop8): failed to initialize system zone (-117)
[  493.025050][ T9943] EXT4-fs (loop8): mount failed
[  493.092967][ T9855] team0: Port device team_slave_0 added
[  493.319006][ T9855] team0: Port device team_slave_1 added
[  493.949428][   T23] Bluetooth: hci2: command 0x040f tx timeout
[  494.782972][ T4691] device hsr_slave_0 left promiscuous mode
[  494.789578][ T4691] device hsr_slave_1 left promiscuous mode
[  494.796182][ T4691] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  494.809603][ T4691] batman_adv: batadv0: Removing interface: batadv_slave_0
[  495.147806][ T9991] xt_time: unknown flags 0xc
[  495.169151][ T9991] loop2: detected capacity change from 0 to 2048
[  496.083359][ T4465] GPT:first_usable_lbas don't match.
[  496.088932][ T4465] GPT:34 != 290
[  496.092423][ T4465] GPT: Use GNU Parted to correct GPT errors.
[  496.119983][ T4691] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  496.133726][ T4691] batman_adv: batadv0: Removing interface: batadv_slave_1
[  496.168185][ T4218] Bluetooth: hci2: command 0x0419 tx timeout
[  496.196418][ T4465]  loop2: p1 p2 p3
[  496.253779][ T9991] GPT:first_usable_lbas don't match.
[  496.259166][ T9991] GPT:34 != 290
[  496.262699][ T9991] GPT: Use GNU Parted to correct GPT errors.
[  496.268859][ T9991]  loop2: p1 p2 p3
[  496.377429][ T4691] device bridge_slave_1 left promiscuous mode
[  496.383637][ T4691] bridge0: port 2(bridge_slave_1) entered disabled state
[  496.437578][ T4691] device bridge_slave_0 left promiscuous mode
[  496.443847][ T4691] bridge0: port 1(bridge_slave_0) entered disabled state
[  496.515498][ T4537] udevd[4537]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  496.515659][ T4465] udevd[4465]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  496.542069][ T4179] udevd[4179]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  496.575302][ T4691] device veth1_macvtap left promiscuous mode
[  496.605825][ T4691] device veth0_macvtap left promiscuous mode
[  496.627453][ T4691] device veth1_vlan left promiscuous mode
[  496.633933][ T4691] device veth0_vlan left promiscuous mode
[  496.661934][ T4179] udevd[4179]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  496.675413][ T4465] udevd[4465]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  496.689530][ T4537] udevd[4537]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  496.937928][ T4537] udevd[4537]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  496.938107][ T4179] udevd[4179]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  497.450407][ T4465] udevd[4465]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  498.834241][ T4691] team0 (unregistering): Port device team_slave_1 removed
[  498.867588][ T4691] team0 (unregistering): Port device team_slave_0 removed
[  498.900858][ T4691] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  498.938362][ T4691] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  499.168295][ T4691] bond0 (unregistering): Released all slaves
[  499.919663][ T9855] batman_adv: batadv0: Adding interface: batadv_slave_0
[  499.935676][ T9855] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  499.992200][ T9855] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  500.045165][ T9855] batman_adv: batadv0: Adding interface: batadv_slave_1
[  500.059716][ T9855] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  500.115706][ T9855] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  500.190731][T10044] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  500.230333][T10044] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  500.246476][T10044] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  500.260099][T10044] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  500.455928][ T9855] device hsr_slave_0 entered promiscuous mode
[  500.463802][ T9855] device hsr_slave_1 entered promiscuous mode
[  500.736370][ T9855] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  500.968000][ T9855] Cannot create hsr debugfs directory
[  501.494311][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  501.500864][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  502.441023][T10085] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1269'.
[  503.687057][T10087] loop8: detected capacity change from 0 to 256
[  503.881442][T10087] FAT-fs (loop8): Directory bread(block 64) failed
[  504.072236][T10087] FAT-fs (loop8): Directory bread(block 65) failed
[  504.093214][T10087] FAT-fs (loop8): Directory bread(block 66) failed
[  504.100169][T10087] FAT-fs (loop8): Directory bread(block 67) failed
[  504.118061][T10087] FAT-fs (loop8): Directory bread(block 68) failed
[  504.127079][T10087] FAT-fs (loop8): Directory bread(block 69) failed
[  504.134969][T10087] FAT-fs (loop8): Directory bread(block 70) failed
[  504.244150][T10087] FAT-fs (loop8): Directory bread(block 71) failed
[  504.464086][T10087] FAT-fs (loop8): Directory bread(block 72) failed
[  504.693673][T10087] FAT-fs (loop8): Directory bread(block 73) failed
[  507.447225][T10139] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  507.549094][ T9855] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  507.651349][ T9855] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  507.707708][ T9855] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  507.765565][ T9855] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  508.739868][ T9855] 8021q: adding VLAN 0 to HW filter on device bond0
[  508.829476][  T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  508.845500][  T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  508.893960][ T9855] 8021q: adding VLAN 0 to HW filter on device team0
[  509.388938][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  509.402200][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  509.420205][ T4305] bridge0: port 1(bridge_slave_0) entered blocking state
[  509.427381][ T4305] bridge0: port 1(bridge_slave_0) entered forwarding state
[  509.499339][T10171] loop2: detected capacity change from 0 to 512
[  509.513203][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  509.626083][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  509.645832][ T4305] bridge0: port 2(bridge_slave_1) entered blocking state
[  509.652936][ T4305] bridge0: port 2(bridge_slave_1) entered forwarding state
[  509.686101][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  509.705634][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  509.880068][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  509.886299][T10171] EXT4-fs (loop2): orphan cleanup on readonly fs
[  509.933036][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  510.498030][T10171] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1288: bg 0: block 248: padding at end of block bitmap is not set
[  510.595532][T10171] Quota error (device loop2): write_blk: dquota write failed
[  510.603208][T10171] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  510.623890][T10171] EXT4-fs error (device loop2): ext4_acquire_dquot:6207: comm syz.2.1288: Failed to acquire dquot type 1
[  510.857377][T10171] EXT4-fs (loop2): 1 truncate cleaned up
[  510.872978][T10171] EXT4-fs (loop2): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback.
[  510.910791][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  510.942343][T10191] netlink: 64 bytes leftover after parsing attributes in process `syz.7.1291'.
[  510.953281][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  510.980325][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  511.001913][T10194] netlink: 'syz.7.1291': attribute type 11 has an invalid length.
[  511.005128][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  511.041560][T10194] netlink: 428 bytes leftover after parsing attributes in process `syz.7.1291'.
[  511.074723][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  511.104389][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  511.138916][ T9855] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  511.922220][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  511.984515][ T4259] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  512.656933][T10221] UBIFS error (pid: 10221): cannot open "./file0", error -22
[  513.850216][T10235] loop8: detected capacity change from 0 to 2048
[  513.954956][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  513.962681][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  514.024385][ T9855] 8021q: adding VLAN 0 to HW filter on device batadv0
[  515.133186][T10254] loop2: detected capacity change from 0 to 256
[  515.393113][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  515.481139][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  515.733550][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  515.820196][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  515.831636][T10254] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  515.842484][T10254] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  515.843084][  T298] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  515.869636][T10254] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  515.929731][  T298] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  515.986864][ T9855] device veth0_vlan entered promiscuous mode
[  516.045101][ T9855] device veth1_vlan entered promiscuous mode
[  516.377256][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  516.386791][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  516.395557][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  516.406366][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  516.461237][ T9855] device veth0_macvtap entered promiscuous mode
[  517.281989][ T4305] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  517.349031][T10269] loop8: detected capacity change from 0 to 1024
[  517.487230][T10269] EXT4-fs (loop8): Ignoring removed nomblk_io_submit option
[  517.535493][ T9855] device veth1_macvtap entered promiscuous mode
[  517.561648][ T9855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  517.659749][ T9855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  517.721971][ T9855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  517.779993][ T9855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  519.835218][T10269] EXT4-fs (loop8): mounted filesystem without journal. Opts: noblock_validity,bsddf,max_dir_size_kb=0x0000000000000002,norecovery,debug_want_extra_isize=0x0000000000000080,block_validity,nodiscard,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  519.902708][ T9855] batman_adv: batadv0: Interface activated: batadv_slave_0
[  519.916942][  T298] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  519.942838][  T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  520.015061][ T9855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  520.052051][ T9855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  520.100740][ T9855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  520.142355][ T9855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  520.167936][ T9855] batman_adv: batadv0: Interface activated: batadv_slave_1
[  520.179031][ T9855] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  520.187952][ T9855] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  520.197414][ T9855] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  520.206306][ T9855] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  520.398801][ T4691] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  520.418952][ T4691] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  520.563532][   T23] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  521.306577][ T4259] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  521.324382][T10296] batman_adv: batadv0: Removing interface: batadv_slave_0
[  521.360299][T10296] batman_adv: batadv0: Removing interface: batadv_slave_1
[  521.368183][ T4259] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  521.443760][  T298] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  521.462281][   T23] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  521.471383][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  521.483269][T10308] netlink: 'syz.8.1306': attribute type 12 has an invalid length.
[  521.502861][ T4691] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  521.518462][   T23] usb 3-1: Product: syz
[  521.518483][ T4691] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  521.531215][   T23] usb 3-1: Manufacturer: syz
[  521.537412][   T23] usb 3-1: SerialNumber: syz
[  521.550440][ T4691] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  521.601153][   T23] usb 3-1: config 0 descriptor??
[  521.664940][   T23] ch341 3-1:0.0: ch341-uart converter detected
[  522.838829][T10333] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1313'.
[  523.993987][   T23] usb 3-1: failed to send control message: -110
[  524.000348][   T23] ch341-uart: probe of ttyUSB0 failed with error -110
[  524.033910][T10290] tmpfs: Unknown parameter 'uid<00000000000000000000,9'
[  525.431246][ T4218] usb 3-1: USB disconnect, device number 8
[  525.449372][ T4218] ch341 3-1:0.0: device disconnected
[  525.472122][T10357] xt_TPROXY: Can be used only with -p tcp or -p udp
[  526.570445][T10377] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  526.584786][T10377] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  531.312715][T10423] syz.7.1334 (10423) used greatest stack depth: 18592 bytes left
[  533.685571][T10449] device syzkaller0 entered promiscuous mode
[  539.238492][T10484] netlink: 'syz.7.1349': attribute type 10 has an invalid length.
[  539.310467][T10484] team0: Port device dummy0 added
[  539.321076][T10489] netlink: 'syz.7.1349': attribute type 10 has an invalid length.
[  539.332663][T10489] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  539.355380][T10489] team0: Failed to send options change via netlink (err -105)
[  539.365077][T10489] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  539.377009][T10489] team0: Port device dummy0 removed
[  540.041374][T10489] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  540.055244][T10491] loop8: detected capacity change from 0 to 256
[  540.448382][T10500] dns_resolver: Unsupported server list version (0)
[  543.015637][T10509] loop8: detected capacity change from 0 to 512
[  545.568903][T10509] EXT4-fs (loop8): couldn't mount as ext2 due to feature incompatibilities
[  546.609959][T10540] netlink: 104 bytes leftover after parsing attributes in process `syz.8.1355'.
[  549.895429][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  550.006959][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  550.047052][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  550.118629][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  550.164492][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  550.190735][T10535] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  550.242059][T10549] bridge0: port 2(batadv1) entered blocking state
[  550.250102][T10549] bridge0: port 2(batadv1) entered disabled state
[  550.262686][T10549] device batadv1 entered promiscuous mode
[  550.953923][ T4675] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  550.963547][ T4675] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  553.055967][T10581] device team_slave_0 entered promiscuous mode
[  553.062929][T10581] device team_slave_1 entered promiscuous mode
[  553.135058][T10581] device macsec1 entered promiscuous mode
[  553.160552][T10581] device team0 entered promiscuous mode
[  553.199748][T10581] device team0 left promiscuous mode
[  553.218621][T10581] device team_slave_0 left promiscuous mode
[  553.224689][T10581] device team_slave_1 left promiscuous mode
[  553.363509][T10592] netlink: 'syz.8.1377': attribute type 1 has an invalid length.
[  553.391769][T10592] 8021q: adding VLAN 0 to HW filter on device bond0
[  553.473675][T10592] 8021q: adding VLAN 0 to HW filter on device bond0
[  553.496058][T10592] bond0: (slave vti0): The slave device specified does not support setting the MAC address
[  553.656846][T10592] bond0: (slave vti0): Error -95 calling set_mac_address
[  553.701926][T10599] bond0: (slave gretap1): making interface the new active one
[  556.169142][T10599] bond0: (slave gretap1): Enslaving as an active interface with an up link
[  557.782970][T10623] netlink: 'syz.9.1384': attribute type 12 has an invalid length.
[  562.104721][T10658] xt_hashlimit: Unknown mode mask 258, kernel too old?
[  562.975216][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  562.981555][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  563.445267][T10668] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  563.619168][T10675] device syzkaller0 entered promiscuous mode
[  564.271309][T10668] tipc: Resetting bearer <eth:syzkaller0>
[  564.331305][T10667] tipc: Resetting bearer <eth:syzkaller0>
[  564.573992][T10667] tipc: Disabling bearer <eth:syzkaller0>
[  565.239319][T10688] netlink: 'syz.7.1401': attribute type 1 has an invalid length.
[  565.280959][T10688] 8021q: adding VLAN 0 to HW filter on device bond2
[  565.295994][T10692] netlink: 'syz.2.1400': attribute type 10 has an invalid length.
[  566.222346][T10692] team0: Port device dummy0 added
[  566.260332][T10688] 8021q: adding VLAN 0 to HW filter on device bond2
[  566.307049][T10688] bond2: (slave vti0): The slave device specified does not support setting the MAC address
[  566.331987][T10688] bond2: (slave vti0): Error -95 calling set_mac_address
[  566.354966][T10700] netlink: 'syz.2.1400': attribute type 10 has an invalid length.
[  566.484148][T10700] team0: Port device dummy0 removed
[  566.497092][T10700] device dummy0 entered promiscuous mode
[  567.254867][T10717] loop2: detected capacity change from 0 to 512
[  567.505373][T10717] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  567.651706][T10724] xt_hashlimit: Unknown mode mask 258, kernel too old?
[  567.936992][T10726] device batadv2 entered promiscuous mode
[  567.944374][T10726] 8021q: adding VLAN 0 to HW filter on device batadv2
[  568.842608][T10734] netlink: 'syz.7.1410': attribute type 12 has an invalid length.
[  568.854863][T10717] EXT4-fs (loop2): 1 truncate cleaned up
[  568.860563][T10717] EXT4-fs (loop2): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,jqfmt=vfsold,minixdf,quota,,errors=continue. Quota mode: writeback.
[  571.863709][T10756] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  571.914986][T10756] device syzkaller0 entered promiscuous mode
[  573.733133][T10773] tipc: Resetting bearer <eth:syzkaller0>
[  575.067893][T10773] tipc: Disabling bearer <eth:syzkaller0>
[  575.175684][T10775] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1422'.
[  575.190458][   T26] audit: type=1326 audit(1751402092.044:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.9.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  575.212880][    C1] vkms_vblank_simulate: vblank timer overrun
[  575.241603][   T26] audit: type=1326 audit(1751402092.044:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.9.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  575.263958][    C1] vkms_vblank_simulate: vblank timer overrun
[  575.282576][T10784] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1424'.
[  575.322249][   T26] audit: type=1326 audit(1751402092.044:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.9.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  575.501563][   T26] audit: type=1326 audit(1751402092.044:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.9.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  575.604502][   T26] audit: type=1326 audit(1751402092.044:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.9.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  575.630014][   T26] audit: type=1326 audit(1751402092.044:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.9.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  575.678810][   T26] audit: type=1326 audit(1751402092.044:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.9.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  575.865251][T10805] netlink: 20 bytes leftover after parsing attributes in process `syz.8.1440'.
[  577.363525][   T26] audit: type=1326 audit(1751402092.044:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.9.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  577.385818][    C0] vkms_vblank_simulate: vblank timer overrun
[  577.454828][   T26] audit: type=1326 audit(1751402092.044:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.9.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  577.644095][   T26] audit: type=1326 audit(1751402092.044:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.9.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  577.694144][T10822] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1436'.
[  577.720838][T10822] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  577.736850][T10821] netlink: 'syz.0.1437': attribute type 12 has an invalid length.
[  577.767376][T10822] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1436'.
[  579.141397][T10843] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  580.073257][T10846] blk_update_request: I/O error, dev loop1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  580.117375][T10846] isofs_fill_super: bread failed, dev=loop1, iso_blknum=16, block=32
[  580.349927][T10863] bond0: (slave vxlan0): Error: Slave device does not support XDP
[  580.384679][T10863] netlink: 'syz.7.1448': attribute type 10 has an invalid length.
[  580.403299][T10863] device bridge_slave_1 left promiscuous mode
[  580.492709][T10863] bridge0: port 2(bridge_slave_1) entered disabled state
[  580.632716][T10863] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  581.865700][T10870] netlink: 14 bytes leftover after parsing attributes in process `syz.7.1448'.
[  581.953126][T10870] team0: Port device macvlan2 removed
[  581.980178][T10870] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  581.999730][T10870] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  582.025660][T10870] bond0 (unregistering): (slave vxlan0): Releasing backup interface
[  582.049375][T10870] netdevsim netdevsim7 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  582.058755][T10870] netdevsim netdevsim7 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  582.067893][T10870] netdevsim netdevsim7 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  582.076876][T10870] netdevsim netdevsim7 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  582.102152][T10870] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  582.123666][T10870] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  582.139044][T10870] bond0 (unregistering): Released all slaves
[  582.802551][T10887] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1458'.
[  582.919792][T10887] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1458'.
[  583.821852][T10892] netlink: 'syz.8.1454': attribute type 12 has an invalid length.
[  583.932652][T10904] usb usb1: usbfs: process 10904 (syz.2.1461) did not claim interface 6 before use
[  583.977072][T10904] loop2: detected capacity change from 0 to 256
[  587.627405][T10937] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1470'.
[  587.642801][T10938] fuse: Unknown parameter ''
[  587.790474][   T26] kauditd_printk_skb: 4 callbacks suppressed
[  587.790491][   T26] audit: type=1326 audit(1751402104.596:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.9.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  588.207385][   T26] audit: type=1326 audit(1751402104.596:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.9.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  588.240482][   T26] audit: type=1326 audit(1751402104.606:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.9.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  588.693420][   T26] audit: type=1326 audit(1751402104.606:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.9.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  588.726714][   T26] audit: type=1326 audit(1751402104.606:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.9.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  588.805960][   T26] audit: type=1326 audit(1751402104.606:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.9.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  588.844212][   T26] audit: type=1326 audit(1751402104.606:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.9.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  588.879760][   T26] audit: type=1326 audit(1751402104.606:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.9.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  588.930496][   T26] audit: type=1326 audit(1751402104.606:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.9.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  588.989212][   T26] audit: type=1326 audit(1751402104.606:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10939 comm="syz.9.1472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e42fd8929 code=0x7ffc0000
[  591.825567][T10977] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1487'.
[  594.445849][T11002] netlink: 'syz.0.1492': attribute type 1 has an invalid length.
[  595.006715][T11002] 8021q: adding VLAN 0 to HW filter on device bond3
[  595.121814][T11010] loop2: detected capacity change from 0 to 4096
[  595.464550][T11024] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  596.187125][T11009] afs: Bad value for 'source'
[  597.540097][T11047] netlink: zone id is out of range
[  597.618311][T11054] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1504'.
[  597.744710][T11057] netlink: 'syz.0.1517': attribute type 3 has an invalid length.
[  597.845656][T11057] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1517'.
[  598.342837][T11066] lo speed is unknown, defaulting to 1000
[  598.359745][T11066] lo speed is unknown, defaulting to 1000
[  599.312869][T11094] overlayfs: failed to clone upperpath
[  599.510888][T11104] loop8: detected capacity change from 0 to 512
[  599.708410][T11110] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1522'.
[  600.003967][T11113] xt_CT: You must specify a L4 protocol and not use inversions on it
[  601.040272][T11128] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  601.869287][T11136] device bridge0 entered promiscuous mode
[  601.983724][T11135] device bridge0 left promiscuous mode
[  604.693837][T11163] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1536'.
[  604.929891][T11173] siw: device registration error -23
[  608.153738][T11188] loop9: detected capacity change from 0 to 2048
[  608.265362][T11188] EXT4-fs (loop9): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  608.417008][T11195] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  608.709145][T11197] xt_CT: You must specify a L4 protocol and not use inversions on it
[  611.618664][   T23] Bluetooth: hci2: command 0x0406 tx timeout
[  612.511536][T11221] loop2: detected capacity change from 0 to 512
[  612.557376][T11220] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1550'.
[  612.670360][T11224] netlink: 'syz.8.1562': attribute type 3 has an invalid length.
[  612.689173][T11221] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  612.738889][T11230] IPVS: set_ctl: invalid protocol: 44 172.20.20.187:20000
[  612.754762][T11230] netlink: 'syz.0.1554': attribute type 16 has an invalid length.
[  612.765097][T11230] netlink: 'syz.0.1554': attribute type 3 has an invalid length.
[  612.772966][T11230] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1554'.
[  612.787483][T11221] ext4 filesystem being mounted at /300/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  612.898781][T11231] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1562'.
[  613.791336][T11257] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1565'.
[  615.698158][T11272] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1568'.
[  617.047388][ T4285] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  617.335739][ T4285] usb 9-1: Using ep0 maxpacket: 16
[  617.495737][ T4285] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  617.555233][ T4285] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  617.926853][ T4285] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  617.986130][ T4285] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  618.087991][ T4285] usb 9-1: Product: syz
[  618.136900][ T4285] usb 9-1: Manufacturer: syz
[  618.195583][ T4285] usb 9-1: SerialNumber: syz
[  618.728726][ T4285] usb 9-1: 0:2 : does not exist
[  619.194441][ T4285] usb 9-1: USB disconnect, device number 5
[  622.865412][T11327] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1584'.
[  622.940576][T11327] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1584'.
[  623.383440][T11340] lo speed is unknown, defaulting to 1000
[  623.448272][T11340] lo speed is unknown, defaulting to 1000
[  623.489646][T11341] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1587'.
[  623.509534][T11341] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1587'.
[  624.547670][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  624.554121][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  626.502982][T11373] syz.9.1594[11373] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  626.503873][T11373] syz.9.1594[11373] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  627.500539][T11384] loop2: detected capacity change from 0 to 256
[  629.622880][T11392] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1603'.
[  633.176662][T11420] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1612'.
[  633.353826][T11428] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1613'.
[  633.667658][T11439] loop8: detected capacity change from 0 to 2048
[  634.961586][T11439] EXT4-fs (loop8): mounted filesystem without journal. Opts: sysvgroups,usrjquota=,quota,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold,,errors=continue. Quota mode: writeback.
[  635.250021][T11462] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.1617: bg 0: block 234: padding at end of block bitmap is not set
[  635.349970][T11462] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 92 with error 28
[  635.363624][T11463] device wg2 left promiscuous mode
[  635.395074][T11461] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  635.423423][T11462] EXT4-fs (loop8): This should not happen!! Data will be lost
[  635.423423][T11462] 
[  635.437012][T11461] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  635.492609][T11461] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  635.534516][T11461] device bridge_slave_0 left promiscuous mode
[  635.561313][T11455] loop2: detected capacity change from 0 to 32768
[  635.566521][T11462] EXT4-fs (loop8): Total free blocks count 0
[  635.580419][T11461] bridge0: port 1(bridge_slave_0) entered disabled state
[  635.606973][T11462] EXT4-fs (loop8): Free/Dirty block details
[  635.632184][T11462] EXT4-fs (loop8): free_blocks=0
[  635.633327][T11461] device bridge_slave_1 left promiscuous mode
[  635.637249][T11462] EXT4-fs (loop8): dirty_blocks=96
[  635.666381][T11455] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1621 (11455)
[  635.685350][T11461] bridge0: port 2(bridge_slave_1) entered disabled state
[  635.711361][T11462] EXT4-fs (loop8): Block reservation details
[  635.725206][T11455] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  635.734076][T11455] BTRFS info (device loop2): turning off barriers
[  635.740669][T11455] BTRFS info (device loop2): setting nodatasum
[  635.746918][T11455] BTRFS info (device loop2): use zlib compression, level 3
[  635.752184][T11462] EXT4-fs (loop8): i_reserved_data_blocks=6
[  635.754196][T11455] BTRFS info (device loop2): using free space tree
[  635.767004][T11455] BTRFS info (device loop2): has skinny extents
[  635.804571][T11461] bond0: (slave bond_slave_0): Releasing backup interface
[  635.838264][T11461] bond0: (slave bond_slave_1): Releasing backup interface
[  635.982311][T11461] team0: Port device team_slave_0 removed
[  636.238652][T11461] team0: Port device team_slave_1 removed
[  636.286748][T11461] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  636.490713][T11461] batman_adv: batadv0: Removing interface: batadv_slave_0
[  636.889301][T11461] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  637.098269][T11461] batman_adv: batadv0: Removing interface: batadv_slave_1
[  637.249788][T11466] team0: Mode changed to "loadbalance"
[  637.287239][T11465] device wg2 entered promiscuous mode
[  637.475737][T11493] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1626'.
[  643.267120][T11552] loop8: detected capacity change from 0 to 131072
[  643.334100][T11552] F2FS-fs (loop8): Wrong CP boundary, start(512) end(1536) blocks(0)
[  643.342561][T11552] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  643.378332][T11552] F2FS-fs (loop8): invalid crc value
[  643.479594][T11552] F2FS-fs (loop8): Found nat_bits in checkpoint
[  643.654280][T11552] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  643.661748][T11552] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e4
[  645.041002][T11564] syz.8.1640 (11564): drop_caches: 2
[  645.213083][T11567] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1642'.
[  645.322230][T11567] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1642'.
[  652.684297][T11579] lo speed is unknown, defaulting to 1000
[  652.691994][T11579] lo speed is unknown, defaulting to 1000
[  653.867644][T11595] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1650'.
[  655.648730][ T4218] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  655.918652][ T4218] usb 10-1: Using ep0 maxpacket: 8
[  656.048929][ T4218] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  656.098858][ T4218] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 2
[  656.133129][ T4218] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  656.198298][T11607] loop8: detected capacity change from 0 to 40427
[  656.208655][ T4218] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  656.332320][ T4218] usb 10-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  656.599822][T11607] F2FS-fs (loop8): invalid crc value
[  656.681095][ T4218] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  656.890882][T11607] F2FS-fs (loop8): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  656.981482][ T4218] hub 10-1:1.0: bad descriptor, ignoring hub
[  656.987589][ T4218] hub: probe of 10-1:1.0 failed with error -5
[  657.041718][ T4218] cdc_wdm 10-1:1.0: skipping garbage
[  657.082107][ T4218] cdc_wdm 10-1:1.0: skipping garbage
[  657.172866][ T4218] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device
[  657.210087][ T4218] cdc_wdm 10-1:1.0: Unknown control protocol
[  657.309469][ T4218] usb 10-1: USB disconnect, device number 2
[  659.244623][T11649] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1664'.
[  659.873690][T11659] mip6: mip6_rthdr_init_state: state's mode is not 2: 4
[  659.910646][T11659] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1666'.
[  660.934107][T11684] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1671'.
[  660.960558][T11685] netlink: 'syz.8.1673': attribute type 24 has an invalid length.
[  660.990709][T11684] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1671'.
[  662.075535][T11702] loop8: detected capacity change from 0 to 8
[  662.814285][T11702] SQUASHFS error: lzo decompression failed, data probably corrupt
[  662.917790][T11702] SQUASHFS error: Failed to read block 0x91: -5
[  662.924103][T11702] SQUASHFS error: Unable to read metadata cache entry [8f]
[  663.039162][T11702] SQUASHFS error: Unable to read inode 0x11f
[  664.598761][T11723] netlink: 'syz.9.1684': attribute type 1 has an invalid length.
[  664.608474][T11702] loop8: detected capacity change from 0 to 64
[  664.729884][T11723] 8021q: adding VLAN 0 to HW filter on device bond1
[  664.921340][T11731] bond1: (slave ip6erspan0): making interface the new active one
[  664.954479][T11731] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link
[  664.967207][ T4675] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  665.191441][   T26] kauditd_printk_skb: 23 callbacks suppressed
[  665.191459][   T26] audit: type=1804 audit(1751402182.060:165): pid=11742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1691" name="file1" dev="ramfs" ino=55898 res=1 errno=0
[  665.272189][ T4303] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  665.338747][   T26] audit: type=1326 audit(1751402182.210:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11746 comm="syz.2.1693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  665.384669][   T26] audit: type=1326 audit(1751402182.210:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11746 comm="syz.2.1693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  665.454717][T11750] lo speed is unknown, defaulting to 1000
[  665.467597][   T26] audit: type=1326 audit(1751402182.210:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11746 comm="syz.2.1693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  665.480604][T11750] lo speed is unknown, defaulting to 1000
[  665.490439][ T4303] usb 9-1: device descriptor read/64, error -71
[  665.542094][   T26] audit: type=1326 audit(1751402182.210:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11746 comm="syz.2.1693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  665.625005][   T26] audit: type=1326 audit(1751402182.210:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11746 comm="syz.2.1693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  665.680540][   T26] audit: type=1326 audit(1751402182.210:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11746 comm="syz.2.1693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  665.739114][   T26] audit: type=1326 audit(1751402182.210:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11746 comm="syz.2.1693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  665.770872][   T26] audit: type=1326 audit(1751402182.210:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11746 comm="syz.2.1693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  665.794329][ T4303] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  665.802228][   T26] audit: type=1326 audit(1751402182.220:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11746 comm="syz.2.1693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  665.873919][T11756] netlink: 'syz.2.1697': attribute type 10 has an invalid length.
[  665.898627][T11756] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1697'.
[  665.919307][T11756] netlink: 'syz.2.1697': attribute type 10 has an invalid length.
[  665.946879][T11756] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1697'.
[  665.997150][ T4303] usb 9-1: device descriptor read/64, error -71
[  666.121893][T11761] loop9: detected capacity change from 0 to 1024
[  666.127155][ T4303] usb usb9-port1: attempt power cycle
[  666.279727][T11764] loop8: detected capacity change from 0 to 128
[  666.347836][T11764] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  667.099409][T11764] nftables ruleset with unbound chain
[  667.738832][T11776] UDF-fs: error (device loop8): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  669.183330][ T4303] Process accounting resumed
[  669.204122][T11800] Process accounting resumed
[  670.567762][T11807] virtio-fs: tag </dev/md0> not found
[  674.127543][T11835] MPTCP: kernel_bind error, err=-99
[  674.192892][T11840] siw: device registration error -23
[  678.707634][T11882] befs: (nbd9): No write support. Marking filesystem read-only
[  679.003599][ T1092] block nbd9: Attempted send on invalid socket
[  679.010934][ T1092] blk_update_request: I/O error, dev nbd9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  679.026476][T11882] befs: (nbd9): unable to read superblock
[  683.603318][T11930] loop9: detected capacity change from 0 to 128
[  683.746589][T11930] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  683.813829][T11930] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  684.234979][T11934] loop2: detected capacity change from 0 to 512
[  684.313176][T11934] EXT4-fs (loop2): Ignoring removed nobh option
[  684.335055][T11934] EXT4-fs (loop2): Unrecognized mount option "" or missing value
[  684.563980][T11924] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  685.846841][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  685.853171][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  686.926704][T11959] xt_socket: unknown flags 0x8
[  688.738496][T11968] loop9: detected capacity change from 0 to 8192
[  689.907871][T11971] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  689.986760][T11971] device batadv_slave_0 entered promiscuous mode
[  692.081270][T11986] loop9: detected capacity change from 0 to 512
[  692.884457][T11986] EXT4-fs (loop9): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  693.017409][T11986] ext4 filesystem being mounted at /77/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  693.044533][T12000] netlink: 16 bytes leftover after parsing attributes in process `syz.8.1763'.
[  693.126821][T12000] netlink: 16 bytes leftover after parsing attributes in process `syz.8.1763'.
[  697.137083][T10745] block nbd9: Attempted send on invalid socket
[  697.402302][T10745] blk_update_request: I/O error, dev nbd9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  697.421151][T12037] efs: cannot read volume header
[  697.691019][T12044] overlayfs: failed to clone upperpath
[  698.679357][T12060] loop9: detected capacity change from 0 to 1024
[  699.020852][T12060] EXT4-fs (loop9): Mount option "noacl" will be removed by 3.5
[  699.020852][T12060] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  699.020852][T12060] 
[  699.092732][T12060] EXT4-fs (loop9): Ignoring removed nobh option
[  699.107913][T12060] EXT4-fs (loop9): Ignoring removed bh option
[  699.120686][T12060] EXT4-fs (loop9): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  700.043895][T12060] EXT4-fs (loop9): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000003,dioread_lock,noacl,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  707.905940][T12156] loop9: detected capacity change from 0 to 40427
[  709.102794][T12156] F2FS-fs (loop9): invalid crc value
[  709.185574][T12156] F2FS-fs (loop9): Found nat_bits in checkpoint
[  709.230685][T12156] F2FS-fs (loop9): Start checkpoint disabled!
[  709.259193][T12156] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[  709.550023][T12180] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  709.711244][T12176] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1811'.
[  712.393970][ T1230] attempt to access beyond end of device
[  712.393970][ T1230] loop9: rw=2049, want=40968, limit=40427
[  716.598188][T12232] loop2: detected capacity change from 0 to 8
[  716.862828][T12232] SQUASHFS error: lzo decompression failed, data probably corrupt
[  716.917316][T12232] SQUASHFS error: Failed to read block 0x91: -5
[  717.099862][T12232] SQUASHFS error: Unable to read metadata cache entry [8f]
[  717.107380][T12232] SQUASHFS error: Unable to read inode 0x11f
[  718.190446][T12240] loop9: detected capacity change from 0 to 32768
[  718.308432][T12246] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1830'.
[  720.246216][T12272] io-wq is not configured for unbound workers
[  721.451869][T12286] netlink: 'syz.7.1842': attribute type 1 has an invalid length.
[  721.749765][T12288] overlayfs: failed to resolve './file1': -2
[  721.774532][T12286] device veth5 entered promiscuous mode
[  722.393117][T12286] bond0: (slave veth5): Enslaving as a backup interface with a down link
[  722.407571][T12291] bond0: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  731.407125][T12399] loop2: detected capacity change from 0 to 8
[  735.729786][T12436] loop2: detected capacity change from 0 to 8
[  735.792246][T12436] SQUASHFS error: lzo decompression failed, data probably corrupt
[  735.806286][T12436] SQUASHFS error: Failed to read block 0x144: -5
[  735.814044][T12436] SQUASHFS error: Unable to read metadata cache entry [142]
[  736.004840][T12436] SQUASHFS error: Unable to read inode 0x11f
[  745.148914][T12524] loop9: detected capacity change from 0 to 512
[  745.673696][T12524] EXT4-fs (loop9): Invalid log cluster size: 22
[  746.454367][T12535] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1909'.
[  746.592771][T12542] cgroup: none used incorrectly
[  747.657184][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  747.663627][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  749.337263][T12557] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1916'.
[  750.091273][T12565] delete_channel: no stack
[  750.213061][T12575] loop9: detected capacity change from 0 to 256
[  750.383685][T12581] loop2: detected capacity change from 0 to 512
[  750.583219][T12581] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  750.801484][T12581] EXT4-fs (loop2): 1 truncate cleaned up
[  750.841842][T12581] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,journal_dev=0x0000000000000003,block_validity,lazytime,nombcache,nodiscard,,errors=continue. Quota mode: none.
[  756.947947][T12638] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1939'.
[  757.731627][T12643] loop8: detected capacity change from 0 to 512
[  757.869581][T12643] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  758.086625][T12643] EXT4-fs (loop8): 1 truncate cleaned up
[  758.092670][T12643] EXT4-fs (loop8): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,journal_dev=0x0000000000000003,block_validity,lazytime,nombcache,nodiscard,,errors=continue. Quota mode: none.
[  764.793887][T12712] loop9: detected capacity change from 0 to 2048
[  765.038711][T12712] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  765.104397][T12719] Device name cannot be null; rc = [-22]
[  770.385540][T12762] lo speed is unknown, defaulting to 1000
[  770.392306][T12762] lo speed is unknown, defaulting to 1000
[  774.341247][T12781] loop8: detected capacity change from 0 to 32768
[  776.901235][T12781] (syz.8.1977,12781,0):ocfs2_initialize_super:2313 ERROR: status = -12
[  777.198252][T12818] loop9: detected capacity change from 0 to 40427
[  777.202444][T12825] loop2: detected capacity change from 0 to 2048
[  777.240863][T12781] (syz.8.1977,12781,1):ocfs2_fill_super:1177 ERROR: status = -12
[  777.267785][T12818] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[  777.276580][T12818] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  777.286151][T12825] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  777.299754][T12818] F2FS-fs (loop9): invalid crc value
[  777.347273][T12818] F2FS-fs (loop9): Found nat_bits in checkpoint
[  777.427515][T12818] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  777.434936][T12818] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  779.925370][T12825] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,resuid=0x0000000000000000,block_validity,min_batch_time=0x0000000000000007,nobarrier,noblock_validity,dioread_nolock,. Quota mode: writeback.
[  781.356275][T12856] lo speed is unknown, defaulting to 1000
[  781.956281][T12856] lo speed is unknown, defaulting to 1000
[  783.687890][T12876] Set syz1 is full, maxelem 1038 reached
[  783.732837][T12885] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  790.490396][T12928] lo speed is unknown, defaulting to 1000
[  790.565230][T12928] lo speed is unknown, defaulting to 1000
[  791.337006][T12936] loop8: detected capacity change from 0 to 256
[  794.426384][T12977] 9pnet: Insufficient options for proto=fd
[  797.810660][T12998] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2030'.
[  797.833634][T12998] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  797.983779][T12998] batman_adv: batadv0: Removing interface: batadv_slave_1
[  798.124812][T13009] netlink: 'syz.9.2017': attribute type 10 has an invalid length.
[  798.169692][T13011] loop2: detected capacity change from 0 to 32768
[  798.193044][T13009] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  798.218724][T13011] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.2033 (13011)
[  798.286297][T13011] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  798.295042][T13011] BTRFS info (device loop2): enabling auto defrag
[  798.301532][T13011] BTRFS info (device loop2): doing ref verification
[  798.308537][T13011] BTRFS warning (device loop2): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  798.319247][T13011] BTRFS info (device loop2): trying to use backup root at mount time
[  798.327488][T13011] BTRFS info (device loop2): max_inline at 4096
[  798.333819][T13011] BTRFS info (device loop2): enabling ssd optimizations
[  798.340784][T13011] BTRFS info (device loop2): using spread ssd allocation scheme
[  798.348732][T13011] BTRFS info (device loop2): using free space tree
[  798.355312][T13011] BTRFS info (device loop2): has skinny extents
[  801.978709][T13061] loop9: detected capacity change from 0 to 128
[  803.017926][T13061] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=256, location=256
[  803.036301][T13061] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  807.771446][T13159] loop2: detected capacity change from 0 to 128
[  808.969387][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  809.006607][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  809.126623][T13167] loop8: detected capacity change from 0 to 128
[  809.188041][T13159] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  809.219559][T13159] ext4 filesystem being mounted at /397/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  809.446683][T13167] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  809.480098][T13167] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  810.433608][T13180] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2063'.
[  816.102218][T13199] CIFS: Unable to determine destination address
[  817.490005][T13217] loop2: detected capacity change from 0 to 2048
[  818.560775][T13217] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  820.776254][T13243] loop2: detected capacity change from 0 to 128
[  820.983031][T13243] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  821.051277][T13249] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2084'.
[  821.082020][T13243] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  821.205406][T13249] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2084'.
[  822.730624][T13275] fuse: Bad value for 'fd'
[  823.504571][T13282] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  823.565831][T13285] tipc: Started in network mode
[  823.570817][T13285] tipc: Node identity ffffa848, cluster identity 4711
[  823.577825][T13285] tipc: Node number set to 4294944840
[  825.331958][T13299] loop9: detected capacity change from 0 to 2048
[  825.667433][T13299] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  826.058816][T13311] overlayfs: failed to clone upperpath
[  829.153394][T13348] Device name cannot be null; rc = [-22]
[  843.184485][T13484] netlink: 'syz.0.2147': attribute type 9 has an invalid length.
[  843.562948][T13499] Device name cannot be null; rc = [-22]
[  843.581578][T13498] loop9: detected capacity change from 0 to 16
[  844.406625][T13498] erofs: (device loop9): mounted with root inode @ nid 36.
[  844.450996][ T4175] erofs: (device loop9): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[9000]
[  844.489386][T13498] erofs: (device loop9): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[8192]
[  844.517648][   T26] kauditd_printk_skb: 25 callbacks suppressed
[  844.517666][   T26] audit: type=1800 audit(1751402361.383:200): pid=13498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.2160" name="file2" dev="loop9" ino=89 res=0 errno=0
[  847.209453][T13544] netlink: 28 bytes leftover after parsing attributes in process `syz.9.2163'.
[  848.600560][T13556] tipc: Started in network mode
[  848.605520][T13556] tipc: Node identity ffffa848, cluster identity 4711
[  848.612279][T13556] tipc: Node number set to 4294944840
[  850.103573][T13570] netlink: 200 bytes leftover after parsing attributes in process `syz.2.2169'.
[  853.878170][T13613] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  853.903558][T13613] xt_TPROXY: Can be used only with -p tcp or -p udp
[  854.039118][T13621] Device name cannot be null; rc = [-22]
[  854.690648][T13618] netlink: 'syz.9.2187': attribute type 10 has an invalid length.
[  854.845915][T13618] 8021q: adding VLAN 0 to HW filter on device team0
[  854.861763][T13618] bond0: (slave team0): Enslaving as an active interface with an up link
[  855.414752][T13645] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2195'.
[  855.845774][T13653] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  856.533593][ T4308] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  856.815718][ T4308] usb 10-1: Using ep0 maxpacket: 8
[  859.855269][ T4308] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  859.865325][ T4308] usb 10-1: config 0 has no interface number 0
[  859.871722][ T4308] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  859.882971][ T4308] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  859.893464][ T4308] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  859.902629][ T4308] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  859.913911][ T4308] usb 10-1: config 0 descriptor??
[  859.953648][ T4308] usb 10-1: can't set config #0, error -71
[  859.982742][ T4308] usb 10-1: USB disconnect, device number 3
[  864.468356][T13738] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  864.520975][T13738] bond0: (slave team0): Releasing backup interface
[  864.738380][T13738] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  864.746284][T13738] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  865.127162][T13738] bond0: (slave wlan1): Releasing backup interface
[  866.454359][T13763] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2225'.
[  866.979923][T13738] bond1: (slave ip6erspan0): Releasing active interface
[  868.851357][T13792] overlayfs: failed to clone upperpath
[  870.301774][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  870.308193][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  874.735125][T13850] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2252'.
[  882.214211][T13907] overlayfs: failed to clone upperpath
[  885.892675][T13929] overlayfs: failed to clone upperpath
[  888.643853][T13952] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  889.528625][T13966] delete_channel: no stack
[  890.426397][T13981] loop9: detected capacity change from 0 to 512
[  890.633457][T13981] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  891.614701][T13981] EXT4-fs (loop9): 1 truncate cleaned up
[  891.620415][T13981] EXT4-fs (loop9): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,jqfmt=vfsold,minixdf,quota,,errors=continue. Quota mode: writeback.
[  896.082022][T14034] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2302'.
[  898.477512][T14065] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2308'.
[  898.494104][T14065] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2308'.
[  898.884466][T14072] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2310'.
[  898.890889][T14072] unsupported nlmsg_type 40
[  903.150271][T14115] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  903.183080][T14115] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  903.209490][T14115] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  903.217217][T14115] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  903.225093][T14115] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  903.232792][T14115] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  903.241825][T14115] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  903.252551][T14115] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  903.260383][T14115] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  903.295735][T14115] bond0: (slave bond_slave_0): Releasing backup interface
[  904.015653][T14115] device bond_slave_0 left promiscuous mode
[  904.127687][T14115] bond0: (slave bond_slave_1): Releasing backup interface
[  904.216342][T14115] device bond_slave_1 left promiscuous mode
[  904.466557][T14115] team0: Port device team_slave_0 removed
[  904.601637][T14115] team0: Port device team_slave_1 removed
[  904.631247][T14115] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  904.687425][T14115] batman_adv: batadv0: Removing interface: batadv_slave_0
[  904.889364][T14115] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  904.899952][T14115] batman_adv: batadv0: Removing interface: batadv_slave_1
[  904.977538][T14115] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  905.011923][T14115] bond1: (slave gretap1): Releasing active interface
[  905.487472][T14127] overlayfs: failed to clone upperpath
[  907.760590][T14159] delete_channel: no stack
[  907.876256][T14157] device syzkaller0 entered promiscuous mode
[  908.576935][T14168] netlink: 'syz.0.2335': attribute type 1 has an invalid length.
[  909.520117][T14172] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  909.544455][T14172] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  909.593587][T14172] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  909.601931][T14172] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  909.656628][T14172] bond4: (slave geneve3): making interface the new active one
[  909.675467][T14172] bond4: (slave geneve3): Enslaving as an active interface with an up link
[  914.627781][T14237] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  914.790723][T14242] loop9: detected capacity change from 0 to 4096
[  915.760574][T14256] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  919.086369][T14296] netlink: 'syz.9.2373': attribute type 1 has an invalid length.
[  919.840963][T14296] bond2: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  919.867408][T14296] 8021q: adding VLAN 0 to HW filter on device bond2
[  919.876190][ T4299] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  919.951426][T14296] device veth5 entered promiscuous mode
[  920.008536][T14296] bond2: (slave veth5): Enslaving as a backup interface with a down link
[  920.034412][  T298] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  920.095106][ T4299] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  920.463243][T14305] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2374'.
[  926.597953][T14382] netlink: 'syz.8.2396': attribute type 1 has an invalid length.
[  927.616432][T14387] netdevsim netdevsim8 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  929.766179][T14387] netdevsim netdevsim8 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  929.785155][T14387] netdevsim netdevsim8 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  929.804334][T14387] netdevsim netdevsim8 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  930.050703][T14387] bond1: (slave geneve2): making interface the new active one
[  930.085138][T14387] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  930.104959][T14388] 8021q: adding VLAN 0 to HW filter on device bond1
[  931.224827][T14415] bridge0: port 1(vlan0) entered blocking state
[  931.254822][T14415] bridge0: port 1(vlan0) entered disabled state
[  932.725192][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  932.731546][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  934.457422][T14444] blk_update_request: I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  934.473915][T14444] FAT-fs (loop17): unable to read boot sector
[  934.834187][   T26] audit: type=1326 audit(1751402706.786:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14433 comm="syz.8.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  934.922098][   T26] audit: type=1326 audit(1751402706.786:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14433 comm="syz.8.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  935.096849][   T26] audit: type=1326 audit(1751402706.866:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14433 comm="syz.8.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  935.130293][   T26] audit: type=1326 audit(1751402706.876:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14433 comm="syz.8.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  935.215399][T14436] loop9: detected capacity change from 0 to 512
[  936.285575][   T26] audit: type=1326 audit(1751402706.886:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14433 comm="syz.8.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  936.452219][   T26] audit: type=1326 audit(1751402707.236:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14433 comm="syz.8.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  936.498327][   T26] audit: type=1326 audit(1751402707.266:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14433 comm="syz.8.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  936.523175][   T26] audit: type=1326 audit(1751402707.276:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14433 comm="syz.8.2413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff98aa1f929 code=0x7ffc0000
[  937.399373][T14482] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2423'.
[  938.675104][T14488] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  938.703687][T14488] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  938.742536][T14504] xt_NFQUEUE: number of total queues is 0
[  938.957008][T14507] lo speed is unknown, defaulting to 1000
[  938.963818][T14507] lo speed is unknown, defaulting to 1000
[  940.062255][T14515] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2432'.
[  940.076983][T14515] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2432'.
[  940.087215][T14515] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2432'.
[  940.097265][T14515] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2432'.
[  940.106697][T14515] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2432'.
[  941.817452][T14527] x_tables: ip6_tables: sctp match: only valid for protocol 132
[  943.901145][T14546] batman_adv: batadv0: Adding interface: vxlan0
[  943.960733][T14546] batman_adv: batadv0: The MTU of interface vxlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  944.022435][T14546] batman_adv: batadv0: Not using interface vxlan0 (retrying later): interface not active
[  944.037149][T14550] gfs2: gfs2 mount does not exist
[  946.282062][T14577] netlink: 'syz.9.2454': attribute type 11 has an invalid length.
[  949.216049][T14594] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2458'.
[  949.592314][T14618] autofs4:pid:14618:autofs_fill_super: called with bogus options
[  950.072964][T14622] syz.0.2465 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  950.638133][T14631] xt_TCPMSS: Only works on TCP SYN packets
[  955.222659][T14671] hfs: can't find a HFS filesystem on dev nullb0
[  961.855043][T14751] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2505'.
[  962.366204][T14766] input: syz0 as /devices/virtual/input/input9
[  966.124945][T14793] 9pnet: Insufficient options for proto=fd
[  967.502696][T14794] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  968.815072][T14825] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2525'.
[  968.825644][T14825] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2525'.
[  968.834872][T14825] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2525'.
[  968.844071][T14825] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2525'.
[  968.853056][T14825] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2525'.
[  971.096563][   T26] audit: type=1326 audit(1751402999.965:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14846 comm="syz.2.2533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  971.182836][T14848] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  972.066441][   T26] audit: type=1326 audit(1751403000.935:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14846 comm="syz.2.2533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  972.106102][T14845] Cannot find map_set index 0 as target
[  972.124901][T14851] overlayfs: failed to clone upperpath
[  972.273792][   T26] audit: type=1326 audit(1751403000.965:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14846 comm="syz.2.2533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  972.370852][   T26] audit: type=1326 audit(1751403000.965:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14846 comm="syz.2.2533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  973.251792][   T26] audit: type=1326 audit(1751403000.965:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14846 comm="syz.2.2533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  973.278342][   T26] audit: type=1326 audit(1751403000.965:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14846 comm="syz.2.2533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  973.303637][   T26] audit: type=1326 audit(1751403000.965:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14846 comm="syz.2.2533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  973.326192][   T26] audit: type=1326 audit(1751403000.965:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14846 comm="syz.2.2533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  973.352899][   T26] audit: type=1326 audit(1751403000.965:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14846 comm="syz.2.2533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  973.377368][   T26] audit: type=1326 audit(1751403000.965:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14846 comm="syz.2.2533" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdfb5937929 code=0x7ffc0000
[  973.561597][T14865] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2539'.
[  973.572895][T14865] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2539'.
[  973.582193][T14865] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2539'.
[  973.591555][T14865] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2539'.
[  973.600764][T14865] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2539'.
[  987.107052][T15011] gfs2: gfs2 mount does not exist
[  988.337217][T15026] SET target dimension over the limit!
[  988.881480][T15030] loop9: detected capacity change from 0 to 32768
[  989.080243][T15030] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  989.089207][T15030] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  989.132322][T15030] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  989.343997][T15030] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  992.966374][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  992.973322][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  994.941334][T15111] overlayfs: failed to clone upperpath
[  995.469733][T15117] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2615'.
[ 1001.156870][T15182] loop9: detected capacity change from 0 to 1024
[ 1002.793398][ T4305] hfsplus: b-tree write err: -5, ino 4
[ 1006.934769][T15243] xt_NFQUEUE: number of total queues is 0
[ 1007.280762][T15251] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[ 1012.697905][T15300] xt_NFQUEUE: number of total queues is 0
[ 1018.119170][T15352] xt_NFQUEUE: number of total queues is 0
[ 1021.205267][T15379] xt_NFQUEUE: number of total queues is 0
[ 1021.605447][T15382] loop9: detected capacity change from 0 to 40427
[ 1022.776143][T15382] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[ 1022.784064][T15382] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[ 1022.802989][T15382] F2FS-fs (loop9): invalid crc value
[ 1022.865587][T15382] F2FS-fs (loop9): Found nat_bits in checkpoint
[ 1022.929863][T15399] xt_NFQUEUE: number of total queues is 0
[ 1023.140164][T15382] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[ 1023.147667][T15382] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[ 1027.692687][T15439] xt_NFQUEUE: number of total queues is 0
[ 1029.405004][T15461] xt_NFQUEUE: number of total queues is 0
[ 1033.422204][T15478] xt_NFQUEUE: number of total queues is 0
[ 1033.965589][T15474] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2716'.
[ 1034.583486][T15499] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[ 1034.583486][T15499] The task syz.2.2719 (15499) triggered the difference, watch for misbehavior.
[ 1035.956436][T15520] xt_NFQUEUE: number of total queues is 0
[ 1035.973976][T15517] loop9: detected capacity change from 0 to 256
[ 1035.980698][T15519] xt_NFQUEUE: number of total queues is 0
[ 1036.004563][T15517] exFAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1036.023797][T15517] exFAT-fs (loop9): Medium has reported failures. Some data may be lost.
[ 1036.848453][T15517] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x062de574, utbl_chksum : 0xe619d30d)
[ 1038.077386][T15547] device bridge0 entered promiscuous mode
[ 1038.083976][T15547] device vlan0 entered promiscuous mode
[ 1039.065816][T15555] hugetlbfs: syz.7.2741 (15555): Using mlock ulimits for SHM_HUGETLB is deprecated
[ 1039.176192][T15559] xt_NFQUEUE: number of total queues is 0
[ 1040.715163][T15584] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2750'.
[ 1042.960964][T15603] xt_NFQUEUE: number of total queues is 0
[ 1044.291886][T15627] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2763'.
[ 1044.301504][T15627] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2763'.
[ 1045.683563][T15638] lo speed is unknown, defaulting to 1000
[ 1045.689388][T15638] lo speed is unknown, defaulting to 1000
[ 1045.695683][T15638] lo speed is unknown, defaulting to 1000
[ 1045.708057][T15638] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[ 1046.117188][T15638] lo speed is unknown, defaulting to 1000
[ 1046.124032][T15638] lo speed is unknown, defaulting to 1000
[ 1046.130751][T15638] lo speed is unknown, defaulting to 1000
[ 1046.137555][T15638] lo speed is unknown, defaulting to 1000
[ 1046.144299][T15638] lo speed is unknown, defaulting to 1000
[ 1046.151176][T15638] lo speed is unknown, defaulting to 1000
[ 1047.031678][T15658] xt_NFQUEUE: number of total queues is 0
[ 1054.556223][T15709] xt_NFQUEUE: number of total queues is 0
[ 1054.752438][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[ 1055.701687][T15730] bond0: option active_slave: mode dependency failed, not supported in mode 802.3ad(4)
[ 1057.546617][T15747] xt_NFQUEUE: number of total queues is 0
[ 1057.910893][T15755] xt_NFQUEUE: number of total queues is 0
[ 1059.279933][T15753] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2797'.
[ 1062.813466][T15803] xt_NFQUEUE: number of total queues is 0
[ 1063.060299][T15810] hub 1-0:1.0: USB hub found
[ 1063.067374][T15810] hub 1-0:1.0: 1 port detected
[ 1063.555200][T15814] xt_NFQUEUE: number of total queues is 0
[ 1067.778870][T15849] xt_NFQUEUE: number of total queues is 0
[ 1186.243133][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1186.250186][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P11924/1:b..l
[ 1186.259051][    C1] 	(detected by 1, t=10502 jiffies, g=54749, q=53)
[ 1186.265569][    C1] task:kworker/u4:0    state:R  running task     stack:24928 pid:11924 ppid:     2 flags:0x00004000
[ 1186.278436][    C1] Workqueue: bat_events batadv_nc_worker
[ 1186.284128][    C1] Call Trace:
[ 1186.287421][    C1]  <TASK>
[ 1186.290376][    C1]  __schedule+0x11b8/0x43b0
[ 1186.294907][    C1]  ? mark_lock+0x94/0x320
[ 1186.299276][    C1]  ? mark_lock+0x94/0x320
[ 1186.303653][    C1]  ? release_firmware_map_entry+0x190/0x190
[ 1186.309658][    C1]  ? mark_lock+0x94/0x320
[ 1186.314008][    C1]  ? preempt_schedule_irq+0xa6/0x150
[ 1186.319318][    C1]  preempt_schedule_irq+0xb1/0x150
[ 1186.324449][    C1]  ? __cond_resched+0xb0/0xb0
[ 1186.329150][    C1]  ? rcu_irq_exit_check_preempt+0xdb/0x200
[ 1186.334979][    C1]  irqentry_exit+0x63/0x70
[ 1186.339416][    C1]  asm_sysvec_reschedule_ipi+0x16/0x20
[ 1186.344898][    C1] RIP: 0010:lock_acquire+0x1f2/0x3f0
[ 1186.350206][    C1] Code: 00 9c 8f 84 24 80 00 00 00 f6 84 24 81 00 00 00 02 0f 85 f6 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 44 3d 00 00 00 00 00 66 43 c7 44 3d 09 00 00 43 c6 44 3d 0b
[ 1186.369828][    C1] RSP: 0018:ffffc90003687aa0 EFLAGS: 00000206
[ 1186.375913][    C1] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 86b4c83722589300
[ 1186.383907][    C1] RDX: 0000000000000000 RSI: ffffffff8a0b2460 RDI: ffffffff8a59a900
[ 1186.391905][    C1] RBP: ffffc90003687bc0 R08: dffffc0000000000 R09: fffffbfff1ff3619
[ 1186.399902][    C1] R10: fffffbfff1ff3619 R11: 1ffffffff1ff3618 R12: ffffffff8c11bfa0
[ 1186.407894][    C1] R13: 1ffff920006d0f60 R14: 0000000000000246 R15: dffffc0000000000
[ 1186.415925][    C1]  ? rcu_lock_release+0x5/0x20
[ 1186.420731][    C1]  ? read_lock_is_recursive+0x10/0x10
[ 1186.426123][    C1]  ? __lock_acquire+0x7c60/0x7c60
[ 1186.431184][    C1]  rcu_lock_acquire+0x2a/0x30
[ 1186.435883][    C1]  ? rcu_lock_acquire+0x5/0x30
[ 1186.440663][    C1]  batadv_nc_worker+0xc9/0x5c0
[ 1186.445462][    C1]  process_one_work+0x863/0x1000
[ 1186.450449][    C1]  ? worker_detach_from_pool+0x240/0x240
[ 1186.456103][    C1]  ? lockdep_hardirqs_off+0x70/0x100
[ 1186.461508][    C1]  ? _raw_spin_lock_irq+0xab/0xe0
[ 1186.466575][    C1]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 1186.471991][    C1]  ? wq_worker_running+0x97/0x170
[ 1186.477037][    C1]  worker_thread+0xaa8/0x12a0
[ 1186.481741][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[ 1186.486970][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[ 1186.492187][    C1]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 1186.498113][    C1]  kthread+0x436/0x520
[ 1186.502195][    C1]  ? rcu_lock_release+0x20/0x20
[ 1186.507059][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 1186.511666][    C1]  ret_from_fork+0x1f/0x30
[ 1186.516117][    C1]  </TASK>
[ 1186.519153][    C1] rcu: rcu_preempt kthread starved for 10482 jiffies! g54749 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[ 1186.530362][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1186.540337][    C1] rcu: RCU grace-period kthread stack dump:
[ 1186.546230][    C1] task:rcu_preempt     state:R  running task     stack:27008 pid:   15 ppid:     2 flags:0x00004000
[ 1186.557026][    C1] Call Trace:
[ 1186.560324][    C1]  <TASK>
[ 1186.563289][    C1]  __schedule+0x11b8/0x43b0
[ 1186.567825][    C1]  ? _raw_spin_lock_irqsave+0x7f/0xf0
[ 1186.573235][    C1]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[ 1186.579162][    C1]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 1186.585080][    C1]  ? _raw_spin_unlock+0x40/0x40
[ 1186.589952][    C1]  ? rcu_is_watching+0x11/0xa0
[ 1186.594731][    C1]  ? release_firmware_map_entry+0x190/0x190
[ 1186.600659][    C1]  schedule+0x11b/0x1e0
[ 1186.604839][    C1]  schedule_timeout+0x15c/0x280
[ 1186.609710][    C1]  ? console_conditional_schedule+0x40/0x40
[ 1186.615625][    C1]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[ 1186.621650][    C1]  ? update_process_times+0x200/0x200
[ 1186.627062][    C1]  ? prepare_to_swait_event+0x331/0x350
[ 1186.632637][    C1]  rcu_gp_fqs_loop+0x29e/0x11b0
[ 1186.637515][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[ 1186.642875][    C1]  ? dyntick_save_progress_counter+0x230/0x230
[ 1186.649082][    C1]  ? rcu_gp_init+0x10e0/0x10e0
[ 1186.653880][    C1]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 1186.659132][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[ 1186.664374][    C1]  rcu_gp_kthread+0x98/0x350
[ 1186.668989][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[ 1186.674123][    C1]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[ 1186.680040][    C1]  ? __kthread_parkme+0x157/0x1b0
[ 1186.685091][    C1]  kthread+0x436/0x520
[ 1186.689173][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[ 1186.694295][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 1186.698898][    C1]  ret_from_fork+0x1f/0x30
[ 1186.703349][    C1]  </TASK>
[ 1186.706380][    C1] rcu: Stack dump where RCU GP kthread last ran:
[ 1186.712708][    C1] NMI backtrace for cpu 1
[ 1186.717046][    C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.15.186-syzkaller #0
[ 1186.724868][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1186.734938][    C1] Call Trace:
[ 1186.738232][    C1]  <IRQ>
[ 1186.741084][    C1]  dump_stack_lvl+0x168/0x230
[ 1186.745780][    C1]  ? show_regs_print_info+0x20/0x20
[ 1186.751003][    C1]  ? load_image+0x3b0/0x3b0
[ 1186.755527][    C1]  ? irq_work_queue+0xbf/0x140
[ 1186.760312][    C1]  nmi_cpu_backtrace+0x397/0x3d0
[ 1186.765267][    C1]  ? nmi_trigger_cpumask_backtrace+0x280/0x280
[ 1186.771434][    C1]  ? _printk+0xcc/0x110
[ 1186.775604][    C1]  ? cpu_online+0x1d/0x30
[ 1186.779956][    C1]  ? load_image+0x3b0/0x3b0
[ 1186.784481][    C1]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[ 1186.790565][    C1]  nmi_trigger_cpumask_backtrace+0x163/0x280
[ 1186.796565][    C1]  rcu_check_gp_kthread_starvation+0x1cd/0x250
[ 1186.802749][    C1]  print_other_cpu_stall+0x10c8/0x1220
[ 1186.808231][    C1]  ? print_cpu_stall+0x5f0/0x5f0
[ 1186.813195][    C1]  ? timekeeping_advance+0x7f6/0xac0
[ 1186.818526][    C1]  rcu_sched_clock_irq+0x831/0x1110
[ 1186.823747][    C1]  ? rcutree_dead_cpu+0x20/0x20
[ 1186.828617][    C1]  ? account_process_tick+0x227/0x3a0
[ 1186.834018][    C1]  update_process_times+0x193/0x200
[ 1186.839239][    C1]  tick_sched_timer+0x37d/0x560
[ 1186.844116][    C1]  __hrtimer_run_queues+0x4fe/0xc40
[ 1186.849337][    C1]  ? tick_setup_sched_timer+0x2c0/0x2c0
[ 1186.854908][    C1]  ? hrtimer_interrupt+0x8d0/0x8d0
[ 1186.860041][    C1]  ? ktime_get_update_offsets_now+0x3ce/0x3e0
[ 1186.866132][    C1]  hrtimer_interrupt+0x3bb/0x8d0
[ 1186.871111][    C1]  __sysvec_apic_timer_interrupt+0x137/0x4a0
[ 1186.877106][    C1]  sysvec_apic_timer_interrupt+0x9b/0xc0
[ 1186.882755][    C1]  </IRQ>
[ 1186.885693][    C1]  <TASK>
[ 1186.888633][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 1186.894626][    C1] RIP: 0010:default_idle+0xb/0x10
[ 1186.899666][    C1] Code: bf 48 89 df e8 66 5d 12 f8 eb b5 e8 3f be f6 ff 00 00 cc cc 00 00 cc cc 00 00 cc cc 00 00 cc 66 90 0f 00 2d f7 e2 5a 00 fb f4 <c3> 0f 1f 40 00 41 57 41 56 53 49 be 00 00 00 00 00 fc ff df 65 48
[ 1186.919287][    C1] RSP: 0018:ffffc90000d67d48 EFLAGS: 000002c2
[ 1186.925372][    C1] RAX: 8e2a82bde3167500 RBX: ffff88813fe40000 RCX: 8e2a82bde3167500
[ 1186.933355][    C1] RDX: 0000000000000001 RSI: ffffffff8a0b11c0 RDI: ffffffff8a59a900
[ 1186.941337][    C1] RBP: ffffc90000d67e80 R08: dffffc0000000000 R09: ffffed101722765a
[ 1186.949321][    C1] R10: ffffed101722765a R11: 1ffff11017227659 R12: ffffffff8d68ac28
[ 1186.957307][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff11027fc8000
[ 1186.965312][    C1]  default_idle_call+0x81/0xc0
[ 1186.970095][    C1]  do_idle+0x21b/0x5b0
[ 1186.974185][    C1]  ? idle_inject_timer_fn+0x60/0x60
[ 1186.979411][    C1]  ? do_idle+0x8/0x5b0
[ 1186.983498][    C1]  cpu_startup_entry+0x14/0x20
[ 1186.988280][    C1]  start_secondary+0x31f/0x430
[ 1186.993066][    C1]  ? arch_scale_freq_tick+0x120/0x120
[ 1186.998465][    C1]  secondary_startup_64_no_verify+0xb1/0xbb
[ 1187.004387][    C1]  </TASK>