last executing test programs:

3m40.897853269s ago: executing program 2 (id=1285):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x48e80, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x3)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x2, 0x0, @ioapic={0x0, 0x2, 0x3, 0x3eca, 0x0, [{0x0, 0x80}, {0x19, 0x5, 0x0, '\x00', 0x10}, {0xfc, 0x4}, {0xfe, 0xf0, 0x7f, '\x00', 0x2}, {0x8, 0x0, 0x5, '\x00', 0x5}, {0x1, 0x0, 0x0, '\x00', 0x39}, {0x0, 0x82, 0xbc}, {0x40, 0x6, 0x9}, {0x0, 0x0, 0x0, '\x00', 0xff}, {0x8, 0x6, 0xc, '\x00', 0x42}, {0x1, 0x2}, {0x0, 0x50, 0x40}, {0x4, 0x0, 0x4, '\x00', 0x3}, {0x1, 0x74, 0xfc}, {0x2, 0x2, 0x8, '\x00', 0x9}, {0x0, 0x0, 0x6}, {0x1, 0x0, 0x4, '\x00', 0x4}, {0x0, 0x0, 0x0, '\x00', 0xfd}, {0x1, 0x4, 0x7, '\x00', 0x13}, {0x80, 0x0, 0x0, '\x00', 0x6}, {0x0, 0x4}, {0x0, 0x0, 0x0, '\x00', 0x70}, {0x1, 0xfe, 0x0, '\x00', 0xe}, {0x10, 0x83, 0x9}]}})

3m40.48611585s ago: executing program 2 (id=1293):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000005c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000004140)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_WRITE(r0, &(0x7f0000000240)={0x18, 0x0, r1, {0x7}}, 0x18)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

3m39.466232406s ago: executing program 2 (id=1302):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000ac0)=@raw={'raw\x00', 0x3c1, 0x1a6cc7, 0x2a8, 0xf0, 0x5802, 0x294, 0xf0, 0x294, 0x1d8, 0x378, 0x378, 0x1d8, 0x378, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @empty}, @private0, [], [], 'macvtap0\x00', 'vlan1\x00', {}, {}, 0x0, 0x0, 0x9}, 0x0, 0xa8, 0xf0, 0x52020000}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', {0x3}}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x3, 0x0, 0x6536, 0xdfc, 0x25676d1d, 0x1000, 0x1ff, 0x81]}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x308)

3m37.562105052s ago: executing program 2 (id=1308):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r0, &(0x7f00000007c0)="a1af56567af19ce4706948d30f35abf6494690656d554e6190797369db23a302f328aa47a2e54509379ba2e477e6e0461d2e45920d509fa49de04732cd2f4a4e34d73eb464d09605a698ad2219a2175ebcc560f740fe531ba46ded4232d273d1865282844f5a3b54d7f154c21a8a82228e27b2c1af662a92e53d81cae3ea68707ce43f89c3321797039a0a39e24b83035dbfb1ac9668b5f87c4ae50250e92c8b113ed58f60015d9c1990253e6646c02901b08a2ec0acceb7ac1e28f59b1e22663432bd5435083b604934bda5f4897467677ac5609bb6e1d1f938a1a8238d2df6db69fcffa48a08ef9231830ceb045a999a9ba43b4d605ce7bb4736ee8bdaac3399576ad3d434c12f1ae8fc5e06dbbfac985d7105c3b7f431854465b6f732e1397e4647e88e86b0a3b01c1ef689a4bd3963deb3b06190576c690ab257b9845b4d412f248184e124b5228f4236d020d4b80ff0772d9515685918c41cad06498a6833d591c191916067759bfeceec176d582621bf23b8d827e2c8977822d64ca19c168fa8a4ea90a60ed60854342e7c42ce11f414dcff1fff715d10ed263d305e5c563ee13a1527795b012e01b8442026032a761cf5104f00dc28a761596d8393e3750be1a8788fa7152a3cd8e051a963120417af9bd3e659bbaac6406a70ba347641aeffac9436fc2352bf7822dabd7a4911a5b947f9c07f805e67ec8c7d787ff358b426494b87aaac46c2d4061ccf3d19201d8d099dddf2b257cacbba656cb7626b0d3fa11881e99799b92f0a07813eac359a64a61a03d6527a24a4fee8e6cbd74932adba5ad3a865788e874b796cc8555522b19f76676646f21f31fad8c360982ce2b23fd4aec43bff16e0f3f1e1e804daf28f236081d0686108fde25f7e6a7bef08b793beca5b21b5f4893543ef1e3a216378cb76a54fa879ad9624a60a0b3306c8548e1a22b735213969421dc9ef70338bb780ad55adfb6b4f4ca3d8ce7c697ce3f0a6210a27cc900ea2218c52ac06bbcbb91adff643f1a3b93db67d7902f23eb89ab2f892970551127b39e7bb9f37c62adb8abed20c8c84531d143c6be2b8b05766e248a94aae400b36a3399ba174ffe14ffd354f508ce30ea991f57018a3534e0eac9cb49d0e6085f93b367d817ee83b24c11f9d38044a9739f4fd41b6a8129fda808bb930beba6223dfe154b23d7c39ac4fb6656169275c31e15d37d3d96b0aaa13637f1c28178f5fc4ebbe1af6acc985c783a30dffde8d7eb0c8863e3481caf2606a4b6930c234736404d4eeefdda697193f57d332540a423831db671d7d3e8e15ef3d6a26b83a5053bdc2f0b378c6b39ad0b8b9c7bd5c4bf81018ce15d0b344772f6c6f469e40c9848cbcb1b3ccb721b4b1f895a6e034380d882bd30a20f1c2b8ae138e6728306e16f6093774d21b798cd73a16bc577be751deb434ef019dd454fa3ce3cc3b2634ea4957548bf226d0b24bce757382c639dae891e55dcb24ffc9dc2c08acfafabd4565dbcad34e1a8e781c56e9144f0e85a5cf6c79a5d1a8b3479cdc178215f05081eebdc03607798c66fd043824756e896c2b69fe5e843e0eb26c86a37a8944e93a7f3b2a863136d56579d0377f9424cf00dd6da7b19066f990ce05e1b93479f125cbcc5c91aea56ef04950164079f5e22ebfd77d54676b2de392ab20298876bce1ae9941ae109d7088edb29d02539aec8f276b862bb28fa6a68bb1a0bda1b0ec6e5891e93777d9b126d6add7eb36a7f75c435618d368c04156f8a116d0c843ad04842d7b7c84cd87e75fb81ec16ef184fd3119c16c950b84bca9a12a86f0e333d9fe34622f5a51e9772dc8b94c491e16db0c537e211b01c9f13f9e7a7b2f4d8053baded5d6018561b547562efbeab2946f3ef872d0256196c75fd7f520da7aea0f63a278052925c6c88307bed0336c5632ca98086e7712af309f99a6adb3ec4417eaa9aefe3fd43c4402bc13868832d6dfaa97de7ed43fe3711917de97058d60067d5eeb90ecb428182d07092c516e6eef6781756e308926faa9796dd1a29dd4c3827115fa8e14bbe449f4144785b9581a198273adb8bab0d4080adbb592b25fd74d426233f537562a4a98b07f4b2060b4f496c66a0169391b713fdd991fa90cfc313245f57900d980adcbd46ada0a7bdfdfec4bf8ba12e37724c9dfd7fbbe4541bf21cc393249a555746268e7e33bdb43f2cd4932e39fc818e49d0e588d12a3a297be074ad83db57be9d4455ab0685b087e8ee9f5c7c33e10c9d6be572b58c88b79756c45eb9eed6d0275944d9cc1cbc8c498917aa2fd79c00567d4f9f768579f891e23fa9548c5fbff150d2873ecc72da8d0077a223f9d18700b690d8046783bba756a2c9863b7ffc7022b2da68a332f72f704bc38a0fcc4f445891f1ca1ef5dad28b87ce8bdef23ffe29ee23f2c0a002c80cf99399dc7276aec6f9d8b6ff3d7554409a4e38d2029a43f8a70da62b33c44f5f4f299eec825302c52e5f83d462b81512775107059826c8880578f01d8cb53af86ad61a7e36c2ccdf55ce197ec2a78219a5b952a9bd12ac2cc3271e84e6dad464c7ec9d9f0310614200a98cfa933d5db05c00c95c59fc5bb8844ff856ee7f9b091700b1a93ae1c00a40d9e5e6ce036f90a6dc34faa9dc8e8972c49b055f9a43ae10251705a960f2cfc8430cf9bcafc26c8eccc8b75a788beb41d180d4364f3083f3ffb5e39049979903c76f440810b7ea608ff84f5e56f9e0653bf15b6b6332d458f8d2e2b17d7bd2305a8909996d2ebfc2ee2ff697fccb215bd8c73d4b9f5b597308f98ed8fbda58f52cf8443f5a9db7f0f6e75e1c9e47d73f8d0624e9e6f33c2dee3c6ff394082d78ffd3a68309b3085e1a7c106f62c3959a353672cadadf6c058fe366b03fcd95a23f564c55a3ce9a914c11c8b2d6040147a1539b106adecce531646fea4db06775fe5d1bf9cb0107941b620043ac9b7936b2af9849eca9c46062945b137dfa355a7ee0c81a0193fa60a70e59b407af06a7f181a3e4ccc81f2c580a6c6cf67a8bf93eb8ff2151b7074144bf7c5cff97814e0c00c138d984559ac8b95a45a4497174130bbb0db22fa53187db1d923d9ded441a4d2fcbe0ff5736ecc3d94bfbb2df632ac88a02f2c9f73312e7a9c2d8d6c0bbfc774595e2e63669f2b5bbf6ee6a1ab0c25e313d819b02c785494eda4cace033e96b1ecc5b155a14e0c8d51d54d8bf33e499d0913d9605a419bc6c73c6bb07d1a306adb27dfedbe81a386fb3bb659764442c4d9d66673a916ee5a6ae59abc994fff64f2db0c83e2b18944f619cfdea0ea0911064ab690b2e03670a3e3667651c1980d0491a40312307e4534671c9c8ca8712506eff211577783c81dc05ffae4a9c6d7554f9fec07b25451c70e6f4d4b160544b66d66dd88ef1c77f09133db317c39fca05b68ef3eee3c28cbe31982adb0693fe9699d06654150346915ccdb17c69ea3aa8bb36b5f321060f6237dec73a011b233b81a6337bd77da5da753593fe30282456a0da2c4a18911ab5a8af13c8f623e5684f74f322ba103482d9abec31a684707671759ac8bb2592d66350745f77f18bd6a6cba542644f1fdf0dca14a08f4ffd1365969ee896cb39e845f71590eb4c73cc624cdcfbdea2352ad5173e5e919fcb98f6d960341047d181075ec8b1e92f40ecd5a1bf157925329748cc7af0239a7803a0c947479e070b026baf6738c29c9a8351685abd43775726ec0bfeff4d51fd3fcb04b108de286c5f61a82ef496e20133ef8b4ae243e81b20822ea6285c70bf1a33cb9f4ceeec053f60992c0023bd5acb0d4a9a55ef377f2837784ada634070a85b0a42fabf288130d6b74ca23473fbce932bedb44cd51dae78efd058dde5d7eb4aadfe3dd8346420567e745ced5189db6df22edbc66580a236f6ab148a3efd69bdea3dac7cffb47df44dbef7fcb436902bb30d65d65d5320c3b76ac17f43d27b2deda8692ba03ac2ae60e4ed2a9232c71a98b9869259a410b901f38cd6712f69f2dc3f92b7c5909f3595e99c9fc77d4d33f9a0e57d5f121e2de782b22cf7fb9bf22fc6afde5e42876ff8005f8a042bb5a9b67d60f40a7ad1cd73810a4f704f14823d4074e5a32b028c8360432b8aff539705961fee84d6c60b2b4d2efad60fb20c1da653869349b81e6c3d56c96ce56a833ee9a2b3e92a4b96c5a545910406751b4e7da24a328de0e20042d1ecc3bf7fd97071bb2740f497307501d90fa9c8e5cd63a703096955f4934d9140ad295cae59232cf005574d875e098637ecb757305a51d102ae5323b23a61c1a1b888c5974a243e42bfc391114ba5ba28e2375cf1d6d1a63e6bd5cf9aff9af16bdc927f642151597fe6d18ab008426f25054ee8e39136e2c217ad1f4cbfccdaf9a0cbd97edef5fef9b2ec486a4b21d79021103deec2ceb26c0b0035856ea2370aa3a8de925797722aeeee2d504184988f9f8727915c389f043c3de2b0d8e3046c46b33cb1615f291f272ade0029cad1f1d2e723e62cf739b667b005de14c3ed265e3bc2d553bb232f88b92a8284996c50e141608623ca7677a9cefb85fb0e0e77e23b9767dd65fbc119a15969ecd10f8033d9f37a748a895fd39390563f5f7998bb10eda8610855eaeb2499d8234975edb16c438069e8701bec0a86ae108a19b9f54782648af4b7b04a1d7b6b3a853c24f2393120918d1eed7b40f467c88857ee9cddf5f01db495f3138984387adfe3cf51a47dca021f9f31b44af1d1ae7c9f4c768f2a46d5c012a937985f56436ae15528ae3597590c927be9676a4ca80a19d44457b06991c02488c96e31094cd963b64e8623fc7000009ddb29b0dbb13671c321d24e322a05cf215dd04eabc2cc6fdaed762d3f9da0f1e0e4b7ba13a6036771c9403457dfddecb71579de33c597860a2e49d7b5052a6b018ddb409a7a84f8f6651d070a4c913b7a721490c8f97c085de8315019952deae16434a3e5fd5d242b1b333d8a801aaa67e4aa599b818c8e747ecac2e9c6176bec7e34ecb84450903f5aa6c6c6bf539b240506562d73c5dfbacdfbcc9db3089701f2c7fe6d6b8d6728f8a1b90a911338463e6fd824ecda51578865b3c363b4b79f6c698e27760c1090f8ae52d6fd3f0f9488f1c25feab4b48c03ddcf74a8b6d2b0fc6b5a89b8051c99edee357fcb875f523f7a88a5f25222fc0ba159873b47fe906e88f920943e453048cdea455dd98fe77f55d9c92e205b87120ac5ef791cd7d6ce7d2cfe689db61096c6e4fc359c9aa4dd3d1205358da38882073ef7268239f7c74b0f3cd60ca239b2fcdc3f5c774559ffbb2b821f1314987d8cbe5342db9567a864d569abfde85f1124e2b178be4d020c4244ddb0cf4ef7124f295a81b9c10227ea886e6f6ea2dca031a026a4f946f49598b76141a0b18170bb3cfa9136c49c69d71732aa223db1e65553aa03bec9b0a35c31eb4e6b0dab02ec2c2d851a731be9cec6078456631c68761e14dbc9afa2c3f631a160ebf9d1fd3c2ecccf6d4aebaf0fafe2e9f47ea9d386425a7950671cde77c6951ef43a1ed32f0ed6fcda74ca9333d2513e4a40cfca01a17bfbc13b0229e2b16400880d96e4c687fc54ed0b34326126f845bd7cd2063c51abbf8bb61f6f1dc3606959f2dececc6e3e08d808841c4779ca0f5f51e7e03260d0b75b1b0355f8544c1639b2f0bfd6f95c4f6d151073a086ecc890d6366acbcee869020cf347e700a8361bd8d5c53e6480526aaf31c9c655eae11831184746a709387e60d68c062e5e05e578d11687f6a5411ffac4cfd62331f63a9726ae77c5799bcca05d6983c985cd23d025e3367ef8c7ee903de557322f38629628ee3076ac483f8257c6335a478412cad1d73b6fd43c37a62dd7a0ae7601f12b4478c3f2ee105a915ff2052d23a8b9af3ca59013f553006259d4cce52212862d22c08c29affa3520b33a6b68cf2b9f91d9258dc5052bf360977ba81a37701118f635379d852b6481843604c111bcfa4970afd5a0fa52824cb27ac9a77b7575e3e0cd043c29c5682a47fe94fd6c2c225b6d9939b99c18b5fb898c5f28e87a5b6a0bbeaa2c4725cf5494765d79a50d2417e84130bb37f540e8db7064e57935ec3c6f9caa2a9a1ced0f8c6eebcb9b688490b31f864dcd9b726628218b42f45aa82f2bcdf2c7532c9669ea7ffb6842451ac314a35cdb0855312448c24efd6583a582e15ad5e7f7b714f0ac703a24e2ee8769a868079af8660931ba325ea1c9b636ef7b13766204dd733c3bc69f11e026c382ac0fa5ce8413fb9f84408e4648a5e66b8592093a17a42cb105b616b8239d2031200eecb9beca6d411a71f072fd159eac0a4f4392a0cedb96248dad497b2379f3162254045ce276503093e5e7ab062b942cf6f2302a5ab9af1b3a315ec67faf84b70fdbdb39044a22cd7bd0f62ba66ce2257f3aa0f56d53c8157c4db3297087e25ec24696813430f386f5ad55bf6289f62e1492dc6ac3bb5047e933d54ec338cafb3bfae8336215611bc3e8a5cafaca7c70f580570518a675cc2075c7593e1d98ef02b74f06b041b6ed9b06e820d32b413de06235441a52346c3fd2e723816c7b481fbf564a525646ba62c615060b2f9fb0ff0f00c376c6dfcdb060aca7af2f07f6030a2ca324c8380c11f9c1182acdea2123c52f5a40b44909180a14037c760c4ecc10f20206445aa65cf835f09633491f608598f1fe5cb5175ddc48070fe0608335af27ded864f97dd52c235b7c4ece6bda153224b773c64235c1099054a55849cd1af7832abd1383e82f63715c9cc24543397bd56e34fd5d28e49021bb483617a3444fdcf8cdeb33bd8675334a897e17966fcbc1e5c5c5399bb6bf02a9bbfaa5f3c58d2efd007dcb1190af4ab4b71987ff7824bd9b9c6d6fb0b144c1fd462805aabf2c7fbb043ff22b496e41a4a81957892efe74d614d62d4b04bbf544fb03826e9baa2a84f32da4d1154c1d0fbdcc17f24a49633761d2b5962e618d8a9be2bf373cdc9c45ecff0148f355075fde5ad5e8da5d59498eb2b7f77a4c0622edd29d7dfedd748b750d0b48057fa7b8ff575714a408a926f6e0cad081eb24780fdbb116fb8dfefb2006f765ff95fe4def6b83fa97b3f54204a0c00cf71c4a1efeface1198a94610570816d08c19af76b03afa42f722abbfebb2c99a905300918dbcd131fce84632bf4f7f5dabd1b5b05742755b45e50eb89ee278e0f6f1a8ad3d9f907b9accbe4845f6591f8361b52e4dd8f19823efd7e89c2ba80c70671eea397e1953daa12907ce59d940a6dcfb3eef7ba7405bb489c38319ac4fee62dec986f4f0975dc1b9f576ebdbca90c42e7f3b1928154af66de5e54b16d8b6541f55daa90812ea7dab78a87d969e4bf95c47f70ce84f9e41e542bbb91f77105c8314e8bd5d8d37e11d9af07c5dcedfab1f21642bb30fb332f7c6bfe13cde2f28f104344777066afe5b0f6db14390f587e64417b0dab027cef4c5daedc75812a7452d45e57e8e274ad8cd8a10b2b9ce0f371809101e9340f2fa0a59501020e48f862572fef70b350938e00a921fb1c080e933eaad2d56daeed692e7d69d4b95a2d1a620da88247314bd73a20cc7a504427df77ba969b5adbf74321e982c2a1913b66a8687960c8fb71a850c1003c76fe1c3bbbc8eb142dfa01f5df52b72bde0c8884374f72eeb8038ad57beb6c732c511bd5847ae8d4b69e195f87b03379279936dda69e11cfda279f37e53a05cb787f118d66f62a87037981937d6083e47e31de6a2700cb7976c0dfcf972bdd458e561f13b3e30368c8bacb722611db7627ad4e00a34f69a5eb9edc7eae464b2422a4c38bed04c49b15fce25ccd22347720273127236d6e8178cb414d1b4dc36cabd19f713782bde48db7094577042083cf5d42224eaa69e0d70b57e6f1764a825909c48858cda13ab13ee203fd0d57291acf508f91f9bc428d4c9ea06a9df3c9ce183e0c101a4d52fd87866c2146219beb15e616ce239cb025ef3dfdb3a2568a833c88a66a580ca9d3f2b770647d5baa42a707351688dc0be3b15d2cead64792e9f9688ef95ea5274c08ee13c4a3797ce346dceeaf7d81a18181839ebeed412baf43ec1abb35b7930ed7a528f9a0bbccd1ea6eb525488c6731150afe791bf58e524de4cc62e174d134bf5d170132efdb2cbb42b882219de563cbe6280ce4cd8482699442b236d1bd54517c3ad25fb3d68a649920357d85f343f0b46ce4a78b1836b6ecb198f1f1686597206c09ad4534717402eefc0d5a90639f91b84d3de00e7d815059640ada64140687c3e404432c74e91907cdcf3e07e997eed9de114767829833920a9fa5bebf7d99fc4f461375f3426b136b680230c7aa135f0d2d72be7bdf8667a8cf0dd0bf5490e393b5a465d37b9ee0d659c8c0f96681b71a867978b3503a45dfe95e49b9d11b8ca953ab01ec1714ca9ca1e1ed5998e02934901dcac10a2553a94618db7d79c4a48741afe3bceaa994833595808f8080f6eafadd31caee252a7d115db962320be9503147d39adbd11b1cd4cf2cd4bf94d9036ea61b2d4791c6326af653847d2b6dd83f5df51eb9473ae0c305abe5f3896175d82a2b569bf100166004886dc58432cd678c0a4a152013b2646a68284567b898e6f3d38a9187b6d10075234b2e11b7c929b308bbcb82f4a8ceafc503f18536092f2965d13875060c926b5404ccf3bcfb1389688fb4bf57ff79201d8a00cbb54a12b3be4693b4a295284c90e7d0f08b632eb0411bbd01d51112afe5db173a8159dd38fe6e9804f6ae779479ffdc697ec572b0934704dfcc3e9b2bec95587285299d1d79192b2324e4eaf4de74df050170562c08e0a821f47745f63ecbbb767846ddcc331f459013ec90de697346f1e57345a51fd9d2233cb3591c406bc25ff5c098c331cd026aca7ac1fb1c35c3d3597c7deb89620a364044b30c77d5071bea5b196a0c380ad40370985713838b1c830130a5fc15c5501748a2c8369e77c3fd4ec2f5de572ee183f526359f28865d68eb87c21f8fcd4a09d76ee6d9ef31561d9c97ae3672500e342a798b04177f2c5896bd06b4c96a58aa839185ae44b838d763872bbf1e7b665848f1e186b5ab6cd4628f4725324981b0aff0b9af2f78883dc8433d2dc26c1766e0ec77c4eb63da1f859c09ace8889fd2c5ec7f7e11eeb547900dd9332b7b96ea6be35aea692e54c1cc3d1211bc843f8e8ce71abb88873e132fe214a7e7670fcac38516b6935b9e0a2eeb43a0aebd25676db551d8cff4fe0b6cecbd59701317022511a2d612864c09496c99af48e1cd066c5bae55b415ec08e99947ac94885ddf875d8f8af199aba32c0bfc27f6e19e57380618e7940481077edf6270ea3befce28a55c2a68a961142e959690ba294afd57c5530a5fbd5f60d791a3f06720947c74cec26a571a9f2e5cf98cccefba8beff72f2570f8a0e1a130c0e85d4fbb6a6f0b881af274c9eb063ef09176d43f8f18bdb35a0acb1c6305ba5563d1b6baff53b1251305de413052667c4cf9f94460bf348fb27ab5719ae44faf02dae55d8eab643040834b04aab15a197568e8ebd296638b01e5ea34e39ed47ffb58a47027d4b7d978028b7812a141df233065e93c20dc736af1cdcedcf7e766eab238b3b4d3df022f50b43973c47d1c80055e4fdf569e50fd382e840b76a6db6c06b1f0603a2234b9175c5e15a22855b57cd5257d9b5a456712f281f83e1c6c87f58be8166f8b2e85e9f54d24fe3b420d77a22745dfc7ebc89e21acf1c6649324f4c5bf53e188ce3216dbdec21a06fa9e61d830814697727305fb48c705c4d6c4bdfb874e43a8fb1423e2d2d6bdfe22a0d2b211d3beb86937c639c934cfe9a4b6c2853ff353829028854e8d7d75f29f01c4d7c297fe0236345ecce914b3be4907788a39c093c9f9e2c930a15563cc453d08123deadf853c83db0e3986d993e44e441a874411b7905708462e1ba42ea22521d7c57089a77b14b6dbe57f0ce69c7c4f1c0d53385655a8ed6294f113d33ad8867ac05e80403e6a8103d1574fab80f43a4a3af93a67678346d7b3b977a1381afb93990b1cc3aa73cc463f72bd898f647f3f5a3b342fb5e37140ddc499edda92ee624039ef3f802c9055e20b7d6e4f5a109cb4ca1bf84d37d1e78d45a10f45602b61216ea8969eba3a0075256faf8e577de835bf0b37311d16310645effca6751cf502a035d7ac7d1ca2c23547a739116efb586dfe2762ca4bf5ce5fc48913efb41a4a93fdb240f0895cdf306ddd13337d38a58402561dd663bbc675e1a378d4f770ba5e308c6ada84faf18ab2b387b0ac139a57dc534e278a1afecafcaed3746701cee14edce6c85cc39c91ed5be8a178d2fcd97567e8ab661d573278062bfc3c83acbfcdeec7f08d3c1197ccf830c883eaaa01e2cc44e91cdc1c47c03797528a9dd63cde259b4b211b57af121b125fefb26c110da83bbc150e2663a22273cc855cb3c52d02fd92db59a7c876d1a18e66cd64708aa478f3f10e726210dbbe2fb1afedb2034a7d59ad774e73f97d7b4b121cc25b90dd4fb5179816174dc4650b2da366d11a519f4310972944625c839b01040c712c635d967269c6c07189b5b1b496403e35e9ef01ecf7e795c357ae08b4736d2c1bcbe556cc671ffa37677b740baebaeb1b74c922d1ac83cb3ab86735d07ebffe072ca08ebd56d0ae89d5535a63bee75810468b1560534ecdb4a16495f9a7f42164df055942e94011848c5dac783a69fbdcac9c477850320af0c10da48775434088c7d090202f927463123639dbc1d48a871e4f20f75563f6dba586db6d12e2e7f36e7da4915037fcddb4413336b423f6b888bcf297fb8d33493e9fc2e992afeb1b83aaeaf46f4aba9bb0aa2708272ce5b0c90ef9f6c366c20e90d0f87aeba828196acdc4306131c515319776dfab27de1e3a501cfc560bd3a1dd29e54b87de9a01d0351184ed5cc3323cef72fd423dfbb0ac90eeec5474432ec1e4c64d68605c378320c0e97a3d89a409b7d969d6e116c2ba861f57418d8eaac5bff85c416ec5224d92df53d8f272c7e02e832bd21ef4d6b4a9bd307f8c1756c3e6c155bb2ce5807311d60b2fb31357c89119af443af2d3a4d08fb6221aaeee97bfdae51ebf6c51f98300033ec513ad6996041441d474ccf3a2548a11b94527ebc2e24d7519b1ded645da3af62060a4ae19eddc3bf331c4c762d9672de22558c655ba05338d985da134230fef2d0639743bdb4695517dd9e3733827050617b3cc792d12b3280e0000b22ad5130b27f9a5e25b965028874db5b5efdf881043e1279187294bbc35865af7662b23b9adf614a9af41fe4d0c9cfe62106a2bb6d294d3ca554062b2c7a0299f82fd5eb6841fedf096753b1a63a6b4dcce3837ee36062055c9f52b3272f411709db86d59db530fd1ed9cc2138817c290a2777d1d54cf4b7b2f8737444b58334a1c26f63ffda10b749b5796fa61ce6f74fecef2c4766a05d0468c1d7056beb8fa9cf7d51d5115690bcb889f09dbe01b1c55ac860a00cc159f6683d33fdca16d815fab5bbf00", 0x2000, &(0x7f00000005c0)={&(0x7f0000000340)={0x50, 0x0, 0x40, {0x7, 0x28, 0x7f, 0x9010, 0x0, 0x0, 0x400, 0x3, 0x0, 0x0, 0x0, 0x10001}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
faccessat2(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x3, 0x1000)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
syz_fuse_handle_req(r0, &(0x7f0000006140)="e0332f8f5747b9f778142cc174a9b5f0244b78bb6346cb5fc9135b8220090ee698fddc241870359d32327f299718466d88c89e68097036bb35abfe03e3c02234dcdb2c7d1209c657485ca1aa3f2fb80e71397b80fca6f3cf2367fb19eb95e5b4a0170063374645d9e020099ffd7def3d94cd29412b3d7b7a47bc70121be848cfcecea78d41a93622b134bd06e84dec07a9e5abc29cb02d5b9091e748cffacf48352628822bab7b24a17bdf4b3f3bd9fb17793496aa6490da3f58039ce5b40745dd63f82d93bed80b50ca5742d67d39029a98db95c9392e2d5fd9a35bad30cfe98682b5a069738a12c3cfd25949106cfc839202fd21c2b28e44be73280d5037351ead2dd1c277d9cc9088c6b14365eb0937ea9685f6b26232293803260f2c8cfe176b55df304bc2865b8f52581afc4beed445ae8cc405cb7bcc51103aef812c41437c5b070a3591ad0964677f4f9017bb300727dfab009056bee3671a9694be2e2f2173fcc06ceba5aed0d93a3d7cd88365c5c354788efcc705e90d572e34e9e566fc206a8167970ecb9cbc43f4d9de4d43688582b6600dfcfc7379c831e756a45835647bd87879a3e3942c61b9ea2c2af35d49a4caa9a109b0beb972996ff8924ea371e15dc48efd12b1203a7f1fe354977fcf9e4ee2c8f210387e551ddb55e5f67ee6bb9bc8772649693b0adf24606e8ccc59f020834d8cbfcadfa1770549fe464dfc412308fbaee8d30bd20c002794bfb923bac6b490841248d12ad9a0e54d1d96e3aff5dc4930a6c8b7c75264a46af7a6339725fb84e0363463ebaaaf58d6b9309ae7c87a8df8c68d2487d684011de1fa7645f3f48cf3bb61bee8bcace2f8ef5f967f2765f8086aeaa5dcc34c84e379a7ddd6438cccb5b8098dfbffffffffffffeadbc4ad2b2ef98412a46f74a171ad056429dbb723cdb9ca9f9f03170dba2870e5988b7cb755599d1eb8f7eaf5c8ded4b56022cb479d0bdfae18f69f9ecc42f4c181ea10838229ba5db7f088ad8d5f77e49c1fd93ed6b983c43b23c7eeb1233f0c114885057a27cd3f67a309e3fecba241836bc92308b830b10b04af6c9595b44e859b9ca7ef079e151fdd500060787be3a7a5b3e23b06ec70f087134504f8b8e7b6799ebfe14f698ba7a813a380e6f92cace9230aa8094a2465f7224e2becad469d0aaf0e48b0098eacfb17abdb69bb2ebba97a09d2b739b532d70db91fcb0fcb38bccdc01d7c8113024ea8b619e385e58d31899721416e10b408504a9c4fcf870d21051227440a616cf62f6637b62eceaee09029f88009be02269cb5e5ed090c6f5e6c652c31214aef301bd23ec2504f90991cd27539c1b8b54db51825e951d076cd0e70f56de4b91894ce22049205483a0fe7d7886b36118bebd96d138980e26604b6e70a7275c6b81501143119a8c2c271558202eda196704ef9ae3c33301e1afbe56d069ce4926bf531d960f3df58192f3da558adc169d48d39e24e04e95c406b34b1f4ed2726ef0f6a67dd84c75636984191d019cebfa883fdf99affcdb4c874614a5312455403895891daf7469d6721583ccd1290ab05b14516f22965fc52c4a528f1a5c20cc133fea279d9efc991ec4d51d2654daceda234f6d3b0c635db697aba3eeaf8356319adba42428266ac09a6e6495ca8f60c1c4e052068511696296e88ef86a591948627ba97df634e0063eb5f208df00a069b1213c29e58cf76f591253d60de9d7c01d29992ccc728140299c429fec0df9d90f83fa2467ce00de83b16d10c7edb80ff8d4b1b19eea9bd1e2783a0d41215c9cf23bc3ca1ff414e3f29aadba00c5a8d5b44c28c10e99140e5428278e54bfd880a93fd1b54b560422ab2bfcf120a7902373b6442c6e9867b19aa0a6b77b1634ab6fd1c8a1d90d99ebb9ebcb89d593562b266fbc53c40501f9298690283c45059b3f6ee278e46cb3904c947446c28af8855b2a68e6e0c0da205a6e12fdd15b393d579039b31c1a54230ac2ea13cf1f5540046b4dcccdd731fff7323c4880e5d2d8668d8a7f08920715c06ef9652eb55f224c82a6fdb970dbf1032403f283bd868a23f4785a6ab9c0bcd2308dba1a1f258ae512cf64784e501008db366ab7093a6cc4b6ee86154d44a1a15c10834602dd5ccf730f6d1142ac19d113496dbcb80021cb5733924265d082a8453b5c21e0245e4a2627e8df090da6a129ee49c58c1a7437369acdee15f5e4e5638f05d9f6391572d9890219def702a013a2b05239664dba44feec2a9508a3200b47de03e6a784bca2f3633df534af33da0a95a34ca845b61a22ff55a5a4c04ff9e06e7162f458a8c56e106e75ffb76a921f4057dd73d5f3801aa78ca4c78d6b79bce560404c2fe3d57876287f73e84c27c486ffb997951f9e0b3aa81a5e7804ac7360add11e7851842d0ed8df041c999e50226fef006373bbb53d5d8e9d1653924e60234fd0b6645b821746f3d88591ff66e294e8e958ca425ddbc7d604f7cbbcb9d5fe0d4ad53878eb16bc801def1005e1eb12a6d4924d2179948e7aa542f2600ba3c6c600629d64c529c7326c1f38aa4e1a6cc259e58f86400d65d67856c8f4fffc33ad4c279dc05367307f562f8127f37b03c3cf38a97cfde0c02aad8ac40d347a9e0a496f227c068dc6c666fb2b6a18990f607399b0707d135752d93739e1840b5b4c125c81eeeb318869b408f87778451e49f3ad988a8aa97672989ad367833ff7e7f0e79c37ac794fe466623e122127fb94ebbc01bc775183b26b2dc407b1aa1a55d4ce04dbe1df4fba0377fea4c4bfa5a37c4dd733fd116b9c7f50b11dd512ad68646b9ddca295fe27bee78476901fbb5c8d2856ae0e9e21ab26e3587c1325f1fa28edb4081f2ba309d5fc39f7f54abbd0d5a152c2f7e3a8b3a5ef6e097b109061c91124f41f33055a7bb86706629f614d40346715cf2fe387ef4e4fc6646839824d3ef85eeac85bc5e681320f6fa7057e0a10de8c4678b48510f77b91bb397dd1209eaba8ea1f237c348e9e0d7af1229e2c04b6560e48e3a7491f3066b63a8923becdcfd8594c1c55098a51283b599765b049831cacd9478e5e996c778d524b476f6677218c94886d7548be7617e5796e35bb3c9b13d70e4897867d85f0350e9329985f051fb556b861aef7dead54e6b29b9ad837cb4774f47a5371ef034e3ce0113e67eba8842f4ac5b51a61315bf050078c710dcf14371d9593730b1d0302ef999f488bbf42b7360171da98ad68932bda4937358fd1d0c2bcd04f7dbe2beaffa0d53cccda316cb19270cf4aa56695ef3203b49fe92d1623cc1d714da6b8f94112db1781562ab2ae50bda23debd55da440434299c992f2f8c264310d6d8ccdd042737db0253d6889d8bf36fe99a131b73300c9798b8fd58b5fc681b97e71230cd3094e441fe5cf1294bbc28f41146f06e39d5e19e673dd489dbddfc16fe281160a8008e375025cbf25e84945f2f0a5ffb2cd58273328ea9d7533b2f0861eff95823cea18dc1877183fefab808bda0890f91f1d79b36953b138fd62caea3411900647a4afadfecade2ff6274175f06614d108daaf9821c413a137e33c826957953bb39e2f852097f978c3577abcb71d68b45794247d8e82614979708f6d6d0e469828206b22913d6d320d815d42c0d943640c63196f703f946089f535eac511e26c6a5a529e875eb15aaf65fd50dcbaf37a009f2f9081cdbc744cf7aa2336913e89f1961581ad4bb6aeb1d23a787e2d3f99639871df5842c30581263d5139128f0a3f37ef48bb636d7aae06581de6baa55a12019d3ed831950915fdc1eee819dd01047bda606f2852699529718c99606246a92bb1dd9435d8f3a48646c0e423441bc783be358c0c91e6846419b6c0a81354500cb2721834dc11ba40c3bbe5717e5142922a168ca0e20fc269ea584c7f68ff7cced62c4277385368b4ad596b79c45a9c4575c37f300cab37a5693cb777fabed412934d3a77505b17cb2628119ddff45f3fcbffb50386eb9cfb6f82b37fa852ad4b65bf8e2898b11bf051cb7fb0fa81cbf81b9ceebb05498aeb2691eb15297edd682976d5a4f444cdaa82f063bc4482c28c4e6257c7cf3e5ee5a502c6527b77b12725e7526ff896ee2f8066536dce04d63072a34c19d533d4dbdb93e7185482cbf7510c5eef2f8aebebad011727cd8061a367b7e1868252bb43d9a74c9c6a10539e357d5367fac69a9296fe5a79a2e5b45950ff462e0e882aa32ff7f29b5644e5311f3e0b076c58683de29ad9dd8b2c92a41ca8313ac997e44981e82aec550bbf6c88adf3d54e9fdf93d9dce95289e9086043d888f19d209cbea79f8f5b2c81b2c3889eae1cb5305e282b883c4cfa3798eceeabb442a74ff6a8470020a296ef01d8e32553663c844e67e5a3a44375f0074ce9547a6c489ee86d7652219491f35c6b904d51a26c3d2cc77d8ff97050dd0d0aed4a1ecf1db7ac48673a1dcc70ac16f709dcf4b90148aede5302111ceaa3a81c49b724cfa206283b62513f96c1da77efafe2d2d08a5f391ab690b5d974ceed2e95e85b1039def0e94c79cc0aa1de1f8133e985adfadf4a657710487b265bb6692fd2b91a06ac98d50b052b8a13168e2638b93209238fbe67f4590a81a2cdbcc479ca9178720a6ec05bc9457f27ad2e2fd2f4e9c643ef85b6287a01f7fd597799cce7d6464ed3c95110733d4ba92314ba3dd81e51f541a6e37f8bb14376e41560f9049b4ff349a467defc205f915a345b5f06d090645180ca642c719f03e9813bff7fd635660efe38b022130d42f2cedd792bcba2bfb14385c6d1cbe5ff2e38c22f1f8d5e4d93d296042507e43f24ff904827b16f2a3572d26078d7fdb0cfdbe2e6bee07b94ae441e510681c96f97ef0ddbd7efbd80ce0689f6e2022a189dd2937d3eadd82a154a5fac91b5ef48523706957b8d5f55077973e9a036009d745a6df39ba154dc59c4ef784d62b3f2d782dc508242a1b0e4cc294b6e62e98ef946f0d984c3174cf86b8a0beb615f046ec50dd0c8a9c0f36df60bd162f1130f894085e7c47b6c28ff336f5d75166c1840e7ad07204fc10ce976505f6aece0316d8c65b973f61cea2fe4c6db722717985c25249f041c07a86b878702a8c9ab7c33fe41039041aa38489b02a28f18d69ab34619e9e35514c54592c8059984ace64b5302b5f22d68c35c7ffb23c63ce877a1e1b160dd2c329eabcc0e1e3072021bd811de3c0c7a68af20ddb9e2912b7eecc2a8cf083a252d0fe31629b20559f7b976e4d8625644385c692b8cdc2886a42d750962d0dee10a1546ecb7ef961216cc456d2450a44aab07014fe0be076ca6bcb46b644af844b2ad8b3817f1895a5d579af3dc937541f4b7e9203e7a7af534b406d8f6e3bc555d767603122ab1c4e62de19d6af63be8e39fe45732859d6d92e11f1a847f7d62764b6364aa7f95f03cc7deba467da5be71657ae50ff6bf93c51efb7d19ac9887e92fe5f3c9d545209eff307c9e02073bd3404827e148aa63c135ed668589bdfec38cb47716201a9d02f1b03993f89e96b33b32e52ddffb0580dac45422ba7a3fef76e519a3dc8d12eac60c2d2f8c4303aafa3e80135c403360d51c9cdeba3ffb31e664302f587e0e983ede7f9b2bfe2bc64bd5029cfa88445e043e08f3e9affee25e980e75d2664738726e3d2eade7dce0ece78a514bbbe5a54c121374d079e3b05996052d66889742232b73e950e1a9892e7352c9e546a8cfb48332d2b2be6327208ca51dc2869a562581947f62b0d5bfb3e0911d4854f822d6738b4deb195840d2bbae0b074b8d1e1010c24ec00052dce7d259e3044aab1a99d261fb3b49cf09dfc85473f94db06d49e202ca12182283d48144f8389a5301679901600bf8130d36315b277a99204b85a1598f84bd2d4c4893108f6717bf44234181467d6eeee61e1823268b5c60bf04d0e13e429f411b51adfca20ff1a1b1eee203d59b03da1643c3e9fc474a91470116c6c5275542adb10f3adae2ae87e88b93f334e0ceb6216fc081e8d84d8b0a503196dc50599b22b89b807627b427a815aea0dbca69e5fb215ee996395d8a21a1c67ac295be33c6517504e1f00f579f8c484873cc670b5b9e787b1c30ca1f0b25f8bb8f4bde3b3f4fa730c292cbf97b25068ba9c65f78c555d5f75d52a57958d7111e824f3afa16484f625abf62afc80654c36fd9f8284466422fb18e08274e8febc719d45b784974d50d187ad2349429af3f7930252a4d45997762e9d5f5493d408ca144532aa89aa3d43c46951dafb8f81794e2e9679ce238cfe86e104461032819d62f217faa71fa9dc6da8861015567d1f7309090e25b7015dcc6d72a5e7ba53296ab1bc72467ac50831628cf5238155aed3fb189a8b527ebd38771e16454fe51e3edde55cea454414690491207c23f6cf33aaeeda432de2d1ede04e039a16245e66cce6f4e4ea534f290f02a2a81a46d6ffea7967dfbe37461f83d472091156594852823392efc953f4ac099d74e2d0328d9f47bd952352981a34055acd0273309484ab56afa85ff0c22fb53ac5d7cc8e346b4c2f38a4e2451738146b7b90c14f826c7dbc1b2be79d83772a8d629f2dfaf15286a15be1ea22a05d4ee3de6a6bfb7e208dbbcc88e77baac940d6438aeeb77c3a32db08b46e79545b65f7f3c1bd433092bc9116668c338ab35c01cb5871167868c6b61bd4c0ca5f96e5ce2465da06c4a320839f3bb7c0dffd40d5bb9a32fcbc6f691787de7211da062616272c77c62ac83e4cb29fb954ab27d9009877b79be54acd336bfe2a6e087abaab004743f5ea4ec8ddfb8086920e8e458a413adb98077a3cf860513cc8a453eb129556c871be7e7232a6130c4332819ad17b289fdb31f8f8854dffb4cfeca6d792567b444c750820a2a8a2e0f93779e61a4966650909369fc8bd5bd2bad4ff95cc8a14f6cd83ae6411b4bfe1a9b5cdf1fcf32c54cef1731edc47d41fa581376b25006fc859b98805d70a157e501a2cb2ab425340965213adfecdb5addb2b4b2ec5cc6935e4e279bb98283fb20dfcd8a2c91aefda9dc5a57bba4d8803d1eb0f4ba9529de01e39c2aa60a91267c31d036a3f669b9377661837f58c6950fdf38986ea13ff5e9c4d966bf999002da1a854d54aa225b259d91eb88425328e7d13b06dea321a151a8dfc44755214da97168e8acf027d66b7fff45ded94fcde53ff80342d4595644549c4ed827225596e2b30480e94eb049b6cd718fe8424d044bb5098e0206047ddb81755e3cb92131dd47ec754b64c4b78f663e364cf8a74cdd9857c81316dc4ccd5f02a84b310abfbc9d6a23ee6d1eaf6b8fc1544cfeb06002c8a40fb0e49859d2073a7b1cb112713518ad5e007d0a256f901469bfa5cae98841f877faeb584d41bfe695da72ca5700ae085f39c99f769502ea9f43c0b84ca4611441d5adb3e5d0a426297e535258748169cad487f97d171c0630642943508206ce648aad2971297f3d4037d73e5fbc73460ca7401b7dbd7807273ae077a81fd0d4bc90b6068e3ec95afcfeab16619306fb23942a4308e8253b35f4912df392dfc5daf35dd842a5a1f78fc294cbdbd504056f0c7779121b5b3db7461e437347452476f3b0bb22e63aa23cb9d3e797c6c95513058d8fb2c27864ac0e1f5001c988e29c79bfa4236c7be41dee5561d825c1f0fbebc0c06cc4712e88ad5efd94f4eb4e93794af42a9752a2ebc57dc2f3881c75bbb23ad25b69619f9f5b07fe114ba291d2b5b4c1c175e1aa3ee3eda55e6126b3ad1e613bf8e0bbac727b879e7796fa0ad100893677a18b53f5eb31db43a97370d3749afbeb43b9c1c11d9515976976d1cc1e44f35d317299ceb68ea2545f2a2b92b4e1046f6f92c33aae6995593189bb2611576599fd765b8e6fe2e88674ffd57ee8252287b1904d622c36a502db45c72b0d5fc3d983cc44bc955eb43911404667a4ab147d72b69ff2514dfb820ad75758e85df88499cea94ed658b4c1c2f49fe2bbb8d2dd97f844a6df289296cfb9cd5bc8d17aa235e2c4501b1422b25acd6dbc3a91d03904c545320524f9034955ab02f5d058097c37d23984baf808d28b3e12821eb8919a77c1b6a8bdeceecfcc487c39db592817dd378a7c5127b427e7279b2a82f6b8eec6b3fabe0947e353e7a386475b15011de93e2f2891f772ef90f4aba1ee1c4d7321c81ce4dcaa378daeabb93182c319494436dbe67d252a01291cacb59686ebd53c6df21c083e98fa299cf5e9b59f1ccea95c62b1437c8ff8754a6372b5b879ebc3241f6430871eafe35337d75cb68c42862846df4342ab434f7f0a7b9f66824e1e696e3dbecde179592774b7511e5a7a1a06ba601eb5f2a935c7cef0f83ecd412a84afdd05120fceb1afb6445ebfcdff8fffffffb75dddccc45afb4f5bb1308d39309c92c0b61a322d5229881fa5d598113cce54107036ca9f63fe863d257c706fe89d5c7ae59a459c6f15ba48d80da4aff541797b26418acddb987df3544bc4918cdbbdd8dd1bc2163c89635044e7b4da878457727a667c0146a12b4c46639497243259bfe4aa5ea50eb79f39fa9209256c9a685e3e39d6d8b6a9ca7d3554fbff0908ad6c6ecf68e506c20b16cd4a98e3ada9eb0cb3eb0b75b13b6d80bf99eddf2282da52cec085d3a725b71c29395d605e1eb26143290946a3a0d24347fa46145735dbf4eabc12150b8d5f7eeca804d7ed1fecd0132d1b94ebec65cbc07dfd4d54a5140567e77c646bd92666922c43aca8e482c59b970fa43087eb76d6715e4e8e5ebe54ca391383ef685b133534fcc1e5c5eb56f9d76a888506c4ac8d289c37039e0c4f927b0e11e85c5c7ec1cf4b19bebee6014cb89ee57f2ade8d166005e956d46a0c01f60b58299479e8a59a2e88f1a7ffd08b27d92fc2772b338959bd0a1c9cb95075c3cc17043c818345b29b76c0b8ed41c8c7259cc780c657cb9509daec1558453cfe061f54e08523a55d3223897559d51096b680802140800000000000000322e007c2af0c08867291dd732bfe4b24d1d5ae517a7f5903c369ac6b157d42eb6ca8c0d7b50fd533a56c814e7cf04db3012eebd53ec1b123d65ab1e462dc19182b690d56a88ad5a1f4d89f1749b005e88085505cc6d7de8eeee08def67bc1d1519d44b7a62dc07e491f328f786956d9200f00d78829e6af7c1a5835366201374b9487330920d4c57e2f7073292e173acc2424bb0d5e0e9448b4c02f9cfc99bc408110b6a3e9bc3799e4b178c2871069bc7d9ceba564378f02b2932c36f159478b5facd452b595a86d119216af9d860bd3997305320159a69a70fc62284141d23d2dc1e5394b271d99e5570450f1c55807e96c7cbe1b7c2e3e96f69fecf0f375e36e0d2acf145ce2d996c1909402744cce63664a75e480b197c345360321e830e5912d1d7bfe5a129a67fa98e6eda5268fa588047859daa11d087d0dbf0ccc7e120e3a5820cb4f5dc06748317e3f866518eb66e39dc8a68a7411b3403fc8eeab8283dee4d767e8e5842ed922e03ae5b3c9c494d5ebc61527ccd1222740fedd9e469ba6b30761cf387d654081c7e63182860e4548748058914a9cea01caf074fe6a78fafa2b45c516f9f20af9ac6773a400fa9661a872f6b55f0ed52a9be9e9c35502604b924f0eb628d6545da322e0713f9a5587e87e4b04fa495423b7c72093b764adfd1430a2e608b7af3d2bf80fef00e5b69abe386618274921ff57621bb99739de2e066ff17e95eba027f6a35170af3a69e93359a9643e155832d45c1aa9a8f71ad35504b99d3d0a1c11ae108664ea36f4dcded083aee17ac9efe7ee3fdf7b63c7c09bcef62caa88708510d45cea79d323083ddbfe7e5d3d9138f206a7af82ef1d26c85015c3e55a285a35d0052546493536b9061db27291a9292033753b7bddac63dac6f6271689240e43523c434a65e1d35299e386c953d0c92f21057e0b7883e049d20961e75069587eb3df6206496f76bbfd96635bb19837ba2ab193d79072ffb8829306b63697ff104a65031b8a38c24cca9ba23d5cdf753169a00fe2b2c3849f234a7029b657b3324c10d553e601aa97d17024f7bf5a99f96392f4a079a83daa27f4e3b512ee8536e764ce4dc36fb7810a9a502a693e55bd9f116202c5e906703e2c43d84448598b7af78aa60a205c152841e75e23436738ccaa6bbcef87e6a237d86d1a5e38e56c162cd6d61a4fb8b410b1643ad557a22348edfa82c23db11c9abdd8141fce263a66537512e93a930a4801ad862a902c7c1e00eb7c7466b1351318b7196c2a9016c55a05e104e124bdb568132f9397e31b10d04e5284bd029ea2f6a3ed11854e09b5871d6a725c21a9ef5d7e729a90a8206d5f61e6e42e47dda3e31b9134d47872a0dd7a576b665ec6ceaa5fd7d85ed7feede9ac9fc23e40241c0318077edda75b62eb271e28fb3705f7b4950c14b721a3a74a7a4e4de02cef5de76a1602b906016c0892ef37db51b0a1dd53f28b3d896f20abbad1ad0e0220960423267fc6e1779d1150fd584dd184bb43278d2d68ff21ac0daeef5408348cb80f4a9e0e606f6048bbaa517289451f084fffb63c5d904788cfc310b5495528a58f4650dafc4e4675b99d35ebab710ac6fefcee6c51a2835510fb6d2dbd8f97c3e53fb7a23c3f3c0283eb2271504581b9c1fa31e35c117e56a5d668a9c57df3b4e1129ca019a8b877fa4a22768dfbdd9d2154e17f4a7755b065090d88982471bfb242d89af5c6782693a6ab1b1be74dfa5655ac3b5ef4ace8dc595803cf4025bdf5c0e9fbe7a12a3a313311809591da08a2cc6cd8480dc960e1f79fa208440a0e589be5756c36d5830a51c4bdc39c2a85c0431bae3a7331b2ffdf23623693d343a7938a8a8a4dd4d523c6450a705bccbb38427f06f4f84a18adf303c0ddecf4ce2b6cdde4e09a4c31816195f0fe9f05fcdc0609f8a75ad2f23d5c24faaf346c13ec0512a5c29477ac561c878085d1a323f6bab08e2fb9ee57d7bb621ef21caf3609d74036c6dc1d7be0b6058d89dcb8d9aa4462fa0a740be66e3fdaa957f27c5a26dc586ac8c927ab2d7cf1b761798ea4191be8f4423cf1a6727d0c5f27a9969a753573afa584dea82678f3471ba36d726c396d68c671e579120f1a11cd50fa66b26fc2d6cb74ba07edbd5d3a288cf58ed1255381df02b2fb8983b7cf833433d1ab8fdef12651c3507e4b69fbc4b234678cca36761e8da434e5f036f204a1400da15277ef27ac140e2d574b89c0fd617da27e6ce862883bbe81c288834b9477d0d440c15dad505b363fcc1cfef8e2e3a96438809505844196acd0af751dedfced67f209c2ffa9c6da842c93ff4b5fd54a67df904f2f31b4236728c99582a667a8461d397770a657ffa7d514b0f076d7f35e9704a836e7882a2acf0a0ec2158ac7234953c3696abdc791c0b163ee76fbcc5adc18b6fa0f51f76f3d313a0d891f1deb69f6e44289b1aa43a768b8d13270959763a2c45129daeea493a5b0d7b36753b223dca9a8037368653400", 0x2000, &(0x7f0000000700)={&(0x7f0000000100)={0x50, 0xffffffffffffff8c, 0x0, {0x7, 0x2b, 0x1, 0x300900, 0x0, 0x3, 0x5, 0xded, 0x0, 0x0, 0x0, 0xffffffff}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3m36.729986693s ago: executing program 2 (id=1313):
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539esp(ctr-camellia-aesni,rmd256)\x00'}, 0x58)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r1, &(0x7f0000000000)={0x27}, 0x62)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r2, &(0x7f0000000000)={0x27}, 0x62)

3m34.478082247s ago: executing program 2 (id=1319):
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000140), 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
chdir(&(0x7f00000001c0)='./bus\x00')
rmdir(&(0x7f0000000380)='./file0/../file0\x00')

3m34.10624866s ago: executing program 32 (id=1319):
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000140), 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
chdir(&(0x7f00000001c0)='./bus\x00')
rmdir(&(0x7f0000000380)='./file0/../file0\x00')

3m2.86975752s ago: executing program 4 (id=1466):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4cd99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x200000, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x56000}], 0x1)

3m2.664423725s ago: executing program 4 (id=1468):
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
unshare(0x22020600)
r0 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPIOCGMRU(r0, 0x80047453, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffed]}, 0x0, 0x8)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000400)={[0xfffffffffffffff5]}, 0x8, 0x80000)
ppoll(&(0x7f0000000000)=[{r1, 0x4d1}], 0x1, 0x0, 0x0, 0x0)
timer_create(0x3, &(0x7f000049efa0)={0x0, 0x14, 0x4}, &(0x7f0000044000))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000240)=@newqdisc={0x30, 0x10, 0x1, 0x70bd2d, 0x0, {0x10, 0x0, 0x4c, 0x0, {}, {0xd, 0xe}, {0x10}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x4}]}, 0x30}}, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000140)={0x1, @pix={0x935b, 0x6, 0x34524742, 0x7, 0x7, 0xfff, 0xa, 0xc, 0x0, 0x1, 0x0, 0x6}})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket(0x2b, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e20, 0x2, @loopback, 0xd}, 0x1c)
syz_emit_ethernet(0xfc0, &(0x7f0000000bc0)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0xf8a, 0x3a, 0x0, @remote, @mcast2, {[], @echo_request={0x80, 0x0, 0x0, 0x0, 0x6, "114b915f4a5275708a7ab51c37246d82519a1f0e5b9f8c629a915c4268a99b14fa96e47de4fb2ca9dfd5b23bb6d0bb2afd005b356906e9b4b1ede533c40ea982b37fe7b1fbea585fe78c68f0063902c9b868af690b23f8db0917f1c3d77a6b6b4eba68cc01c895a6a5b5b6f3006c3baa1fd7ca856f3d537f660e0ca8e84683369183d903bac26eaf3971f7750c7909baa62e02b2cb5fa6d058dd541ea535f363e08785e488f2a0cf775b49d7f7d9624777c79293b5c7387db04997772f28ec360e7a22955441b3c1e0e05a239643cbd654c5809536cf803f92a9855608aa1bfe24123f2b178b88c9ea632078553ccbd96398446cbbb6ab068e19c521010555dabb8b646caf1ba08deb2647544fe076e68b161708ef2ba72b4f113e76b7e7d9fd574a01f1196541e96aa58d104aea38900f84b0e2cb9ef910b0fbea13349a7237bcf012c5dd1e6427ca7d226fbb060bdd41bf90998c517e1328d003b496fa1161a347d4cd9bd65c3030266e1838f9ece9a9736a003a136134f1e681935ee73f56b66828280491e5a352574b001ec09b0dc73d0d313e44cebf877f708373d04d0b0a54be236e46d2a3f6c562b31de07c54a061e36241540b334645dff78b3cdcf4c9486c33518849a5157e3987207cd0b9761bebef7ee1f9c7010ac94269de3515db8bf5169ef608fc2f71067a6377c7713c69ef5269db06ae405df7505b06c447ea23763b0c97d110eb36adbdf0fd7db584f97ed4b05cde94fb55502b380df2b5c694d629cdacae68054809af619925bca7e7a2ef68bf1305bcd0c94f8c931c1824249afa757ef2af3ed540615261ea697a3b557d9f68ebe32955a4922291e41c29d31edbec01c1098dddec3bd9037c62fbc2562f6d2739f6c18c69d6c2d40de6808df14efc66bd4009a42238641a123c56129e922eee469691388b100ec7424e8daeef081b97a4b54bf07077bd75990574babdca476722dbbbe889392d884cca0f092ee52bd7fab0e8fd39e064c7e7fccb94cedb70a407b0b3212721cda3b2613d501ea6b1ed903238f880d6bc7299db43de3ec07545c660da8390acb056daa7f9c14e77440aab7e0a8a35ef2abe4e3c0f7db72c024515815983addde5dc338c2fa68ed316631dbe755679e66e03e4477b472a0df94eeb41118b9e12597d9849cee613ba7af089fd69dd491f8c586c7fb0699156b1208581c904f74166a73ba5f5dea705993ff5d60971aaf37298776f3240dc0e06932d111acb54a422b300d3adfdb37095ae10a49c4f9cb3c1fb651d6a316fbcedf6776e3bf4b757d2d651ce2d68d77bb192151014b4a746171aa5840d1e487c599aaacc864fa50671cfd73d4d488859a1a39852022900c1321972f63d790968f98c0ceb976a9197c7a31d9d65f4bcd36d55485a07ff2145e168b17a9f4a815deb80ac18b1a97cf4a6097ea42f0202ac0747e8bd263c37ae8c2dab7b09dd2390cc503df2c3e982c12c07b217857bb009b44cea2a00930acd59b695aaa71b960cb40f2b1ec93f98e2c5a419c0d2705dc803024a1bb31806028920efd4b3bd397d95819fca5b602ea525519f57a327a49eee823171b776c1e73fe45dc09f73b3576178d4f02c5a9ce201654d3e04096aa9bab5fc3359247bb63d476fa8bb4fed1b30a8b3cd75659f2847dd138942052be43ae0a5b5437c5509b8bd3fcc0982e676e39c763f66b846cad8fc36ce572cf9347d1ba338aa738a7e0aee32d3ffa378f580db9a5ade6b00c3954000f2832ec806cfb6cd1590baa2f5b2d9e074b00386ebc1b3ecd9929210300d24b73e298f529df58f36f80921203a6a400ef25eedcd49142922a4a5af756436d9f7ba8437c24e68c70026effcc9e78813037dac535720adbcfd9e4b27b4d8700c18d2fac6c247fa44426317491554545e805c9f1130d20dca63249e43c4b65864c8e99602357e8740ffa95490505863738dafd55b53a7e303048bf46454a7c372708d662d46c9bb7e364a46a5400be6e5acc8862e1664f8a6f60ebef836d434d6913e8fcf09680cb9a51dabbe842b81b45dc3f3d35cdd05bf616eb93abdbcb1f46334abb18880b6d97380b010acb962506b690f333a00c8ab2cbe04fe17ad310bc2dfd0b3140da3917f36a97b1fc2befb5d6b23f2ebb5fc46240909471175cb04a80ddc877f387ed7c4018d39d9274ab2a8c45c710bac37a05bbc47ae289109417d5c3be6466eedac7b25cda671a77ea8cf35348e9fbcdb74b398918194918aa6b169716826c576f516049e6d6d95402286b71c7c24adc8a65df30d943ebb5dd202b05fa1be371af6888961d6f151e303e0d1c6ba9202cec532c293d6517c60158b122a856408f3ce2d041eff31ad5d581d18a8fc3afad8e69d0089df8806b0ffa67f38e4f61a6643c1a926c4fac0f523ab44fbc84c9fe9ab83017dd963aa7c200c00eb97714a60363018e57b22fda00fb402a85e08eaf88bc99fda4df3ae1eaf8e6f737addf4b5c4de85e27fb555f5a1b47d2fbecf44b5575ff59c49a466a0d2849f714fd72595a1fc68855f51c9330bd0b28fc3fe63d4f4162ab9d303b123818100f056a688c7dbd8052fd22d32803b147dffb3dbc74987075a90ce6907e77e9b5364fc946f72a88a43523476476a6a1a616cf854e77963cea897ae9e7ab9f760af476f19193cff9f66152dcea8fc6cc5619d2cebd2603d9a2d38d63a282bdbbe65088909fac9cfeb22bf5dbdda906393376681a611c4f06d792bd2d7a2ba752b18de6b44353f1a4ab54a9f34dc64305c459069b604e5c96760edeb7b5324be0c42463147d3e0e855d791ce32c71e0acfe15b3f3e554d64c2257d3922e570119c1b30ef27c3682fd610451a58da93cb78159e8aded69aacd29c7e1954e92b86df434c3926dbfd5b740ab32174251bfd957873cd2ddce5f610b6a3431b03be96407b631843b53c4774c63b668d66018feb90342b566e34f399dd04477f5f3e421be53014c07f58c9bdb0d5b090280245eabf454fb190b697b1948a63aa424b1378f7e9ec30d2be3d645ce270d6e92d62bcbd20521b51ba98bce6143ebfd8ea7ac80048e49ad87edc6268d4aa7eb9d1fa10f2f3a845e46f7c677da353ee488141cc05a08c471d07dbf50be6986818c5402d489403190ddb9d0e574a885b92af67e0bbe64ea0d0fb6d52c936df3c5e57058fd3fcd933159813abe8aee34a92dca91dfa67bf4732247a68e024afe77f3e8d2a45186ae9ffaa062f5ff0cd2109d93a4ab0f994a444195c56f96078d9490dd7cbdb0c98d90f87815df2e317cbf04627fe810fe5178d13160ff631c540bb127298e8d96c023b4106e74e132e14ab1690ff5e0a121f0c3212797c5cb99c7400f2c04ba3005876d6b8be59f97a1731fa87e55b0f1d754632b2ff37f3dc2ddd4d1bc507bae74f05c7d4671e30e622f96bae63ad13c6dbe22c939decb842713f14fff7c8b323abe45f8536f2373eb166386d4e74ef8818b88df9bfb9b11a9b59b39ca339fdf473c081d6838cba8413220f25ef74b7ae1c550c7a032484183157fe75c87ee7d220010d959b8b9f7108673a156a985c06d4fce484366a456cbedaf66fe0837c0dd10c2292f394b3fc52a1f56aa509b05d9f291af4bc79fe24aa8539357fdb1ab0998a0d81bc43e4dbcbfe081a19120d536bb9f8dc58efc016dee9fb160859c04e3b65f1d53b8d2f54aab0cdaf8ec8d701306b6a17172c696c09a7778ea59de8e8e8bab805aef895b0a2c8fbe0350c85cadb56d24ac2727a6ea0322e90ff59283cf95a3d4369a37a0edfeb738d972820fe9d8b4c3c9aa384bd4c2389563e97d86a350fd6c670a13338a1af8230e428dc74a304ad1d360ca3c866b3ab222c93c4a019ce4f3f8d4a1c5c5ce66c2b938c252ec732fde53265fd906d4185cce310c7d2ffd7eec861186344f11cd1c775106382aa9fdd70fe6f351d2ad9624a085e41a2eb43784c01d9be33b53f1cc274810fc32bd8e7179dda2d1c1417e223b2390cc96a7bc6294b06025ab65aed1af16629ba8194f8604af223203a220397ed16eb406904cda3c507d20ba8bb9218106f1908815fe05ab5603c17d4e93ef7f4a633c101da729a7707fa8a75e2e2c13f9e328d2c02160ffe0f706ffaafa0c6bb42a55ed963d7303da689465fe65a2c110e3e40ca0d714d399b68bacaf25e0b7671942239de92338baed2986962b389b449aaf77667215042cc5bd0aca2a1427b882835eb79bc6c773086baf9603a917d3cb139e74c814f7681264a39aa0231334e7475338f066504624b1f8ad8f0e879f7d7a2b52b6a8bb41a5ad484051bc99029340e660a25136335ade6836246b0bff7e7595a783d3805b3f4598d68dbbffc72758383acaf6ba4585f413e243dd2986ae7291f77f6ca4ed01f33b1b5cfb699d8384abc8f2a93ece9632b8874386e304a1cbf3d4e88030d0b7490e69e2a739b8d7deb14a3f1d4ef695c8fb9c953e301a503d3eb1bce2e13762ba510af18619d594ecb173a83d252e2eb3c6d02cab9d8c8961118d23f301ffdbc682f5afd6286d15d79a6bbe2adda69ef136b98a1ecd44d72c48da4f6a960f41adb40e0f158269d3192b22f6dd048d87dfd99a782d74e0052048bbec47fdef29e26ed27f139eaa679aa94258feaf2f08f0635ac389a5a534c110080cba10888209843132f2f8051610db18bf2da2de852fb83063500f16d9dd81314285c1f06fe149a2f84734484980028aab8cb82220f513ff9946f4b21a13db68192e1d1a2e8cc83c4f020e35f3ce7000d3f58e2b115104f827c45c7fc5ae3ea99ff280321078d05eabf40cd71ec0803b69a8addcc3f29d002619ff5ab50a8c4fcbb8fae1d8571a69bed051d0d6f6e4eb2451a3415d0e2fffeca09c7c714cf5f109bcdc57602265f719ab7cfc409ff15e5750537f2086523c2720ed2a0d9ded98616980d1780c3fca9909693070f749fff3e6db05b7f90bd22a230f7592a5e94c83e6be0b94778ad396e3d1af45f2c6762ee02266838fe0d4754024829e743b70572c9865aab5af994b8af0bee7686f093b45650da2089fbf69ce4782b49d874d3dc34a688b8ff9d2548b1881aa28952d0819f8da6c0f774d4c102b0f5bd7f4ca9f92e4ca96c49fb422ac8bdbf97d5ccbce696441dc172a573ac6917bb02f2136a99f4723c8599166b4c0d6efc0bc1ed10ad625eb1088bf04c9b7f38b4cb468040ee9f3ed125cc92abc15d126b2fd455736860e70d5ec495e46d856f05368ee5457c93eb53498197cfb463e1ff11d05e8aa387b728a28b9b97dfcb01ec84464e9ee88210ac83ee034e360e9b508bee82cb5a05016aa63a8d4f8c913b97dafa906e2d52e3dc00903fd6833f8a46244298189b914dcbf5b57a77f24706b00577fea6930effe2d168580aa9dbd4a6a38dff9ab24d32756e16f29a808cfc7eb3032be63c154b6bb5606aec4fc381aabdfb07e1a4240c248651a620fd97b2db1e2d47174f60922ccdad1f660eaca829a052a4dc94ec1fdcafa1f534dc841b0ad19755985eee1e65b50586d5a22dbb79c8b47e0544c7ddc438099f4c6b3d7a0bd41ed5166dcc685cc5a2bb74c0e003d0b4f3f0390b71c24d2265c5261b0d7fb3a8e5"}}}}}}, 0x0)
getsockopt$kcm_KCM_RECV_DISABLE(r5, 0x11e, 0x1, 0x0, 0x20000000)
setsockopt$inet6_int(r4, 0x29, 0x31, &(0x7f00000000c0)=0x3ffffff, 0x4)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCADDRT(r6, 0x890b, &(0x7f00000002c0)={@remote, @ipv4={'\x00', '\xff\xff', @multicast1}, @private0, 0x2, 0x8, 0x0, 0x500})
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xa, 0x4010, r6, 0xc2bbf000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a54000000060a0104000000000000000002000000200004801c0001801900010400617368000000000c00028008000740000000010900010073797a30000000000900020073797a320000000005000740df000000140000001100010000000000000000004000000a"], 0x7c}}, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001480)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, <r7=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001680)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, <r8=>0x0})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000001880)={"9ca61a5935dc0b201481ef3f57e55f3a", r7, r8, {0x2, 0xffff2cc8}, {0xb45, 0xfffffc01}, 0x3, [0xcb5, 0x8d0, 0x9, 0x2, 0x0, 0x8000000000000000, 0x800, 0xffffffff, 0x7, 0x1, 0x6, 0x8000, 0x10, 0x3ff, 0x4, 0x2]})
ioctl$BTRFS_IOC_WAIT_SYNC(r3, 0x40089416, &(0x7f0000000080)=r8)
getsockopt$inet6_buf(r4, 0x29, 0x6, &(0x7f0000001500)=""/19, &(0x7f0000000240)=0x24)

3m1.70990124s ago: executing program 4 (id=1476):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8002, 0x0)
read$msr(r1, &(0x7f0000019540)=""/102400, 0x19000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c40)={{0x14}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8}, @NFTA_RANGE_OP={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_RANGE_TO_DATA={0x4}, @NFTA_RANGE_FROM_DATA={0x8, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x4}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x88}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000a40)=@newtaction={0x44, 0x32, 0x216822a75a8bdd29, 0xffe4, 0x0, {}, [{0x30, 0x1, [@m_ct={0x2c, 0x1, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}}, 0x0)
socket$kcm(0x23, 0x5, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$rds(0x15, 0x5, 0x0)
mkdir(0x0, 0xc8)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r4, 0x114, 0xa, 0x0, 0x0)
r5 = syz_io_uring_setup(0x10c, &(0x7f00000000c0)={0x0, 0x62ff, 0x400, 0x40000, 0x115}, &(0x7f0000000400)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000240)=@IORING_OP_CONNECT={0x10, 0x1d, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r5, 0x5830, 0x0, 0x41, 0x0, 0x0)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv2(r8, &(0x7f0000001540)=[{0x0}, {&(0x7f0000001380)=""/129, 0x7ffff000}], 0x2, 0x0, 0x0, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4000003, 0x13, r9, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x5, &(0x7f0000000100)=@framed={{}, [@map_idx_val={0x18, 0x9, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffc}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, r9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r10}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="0200", @ANYBLOB="010000000000000000000b0000"], 0x20}}, 0x0)

2m59.577765411s ago: executing program 4 (id=1481):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
open(&(0x7f0000000140)='./file0\x00', 0x179000, 0x40)
open(&(0x7f0000000440)='./file0\x00', 0x0, 0xe8)

2m58.668688296s ago: executing program 4 (id=1486):
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
unshare(0x22020600)
r0 = socket$pppoe(0x18, 0x1, 0x0)
ioctl$PPPIOCGMRU(r0, 0x80047453, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffed]}, 0x0, 0x8)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000400)={[0xfffffffffffffff5]}, 0x8, 0x80000)
ppoll(&(0x7f0000000000)=[{r1, 0x4d1}], 0x1, 0x0, 0x0, 0x0)
timer_create(0x3, &(0x7f000049efa0)={0x0, 0x14, 0x4}, &(0x7f0000044000))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000240)=@newqdisc={0x30, 0x10, 0x1, 0x70bd2d, 0x0, {0x10, 0x0, 0x4c, 0x0, {}, {0xd, 0xe}, {0x10}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x4}]}, 0x30}}, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000140)={0x1, @pix={0x935b, 0x6, 0x34524742, 0x7, 0x7, 0xfff, 0xa, 0xc, 0x0, 0x1, 0x0, 0x6}})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket(0x2b, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e20, 0x2, @loopback, 0xd}, 0x1c)
syz_emit_ethernet(0xfc0, &(0x7f0000000bc0)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0xf8a, 0x3a, 0x0, @remote, @mcast2, {[], @echo_request={0x80, 0x0, 0x0, 0x0, 0x6, "114b915f4a5275708a7ab51c37246d82519a1f0e5b9f8c629a915c4268a99b14fa96e47de4fb2ca9dfd5b23bb6d0bb2afd005b356906e9b4b1ede533c40ea982b37fe7b1fbea585fe78c68f0063902c9b868af690b23f8db0917f1c3d77a6b6b4eba68cc01c895a6a5b5b6f3006c3baa1fd7ca856f3d537f660e0ca8e84683369183d903bac26eaf3971f7750c7909baa62e02b2cb5fa6d058dd541ea535f363e08785e488f2a0cf775b49d7f7d9624777c79293b5c7387db04997772f28ec360e7a22955441b3c1e0e05a239643cbd654c5809536cf803f92a9855608aa1bfe24123f2b178b88c9ea632078553ccbd96398446cbbb6ab068e19c521010555dabb8b646caf1ba08deb2647544fe076e68b161708ef2ba72b4f113e76b7e7d9fd574a01f1196541e96aa58d104aea38900f84b0e2cb9ef910b0fbea13349a7237bcf012c5dd1e6427ca7d226fbb060bdd41bf90998c517e1328d003b496fa1161a347d4cd9bd65c3030266e1838f9ece9a9736a003a136134f1e681935ee73f56b66828280491e5a352574b001ec09b0dc73d0d313e44cebf877f708373d04d0b0a54be236e46d2a3f6c562b31de07c54a061e36241540b334645dff78b3cdcf4c9486c33518849a5157e3987207cd0b9761bebef7ee1f9c7010ac94269de3515db8bf5169ef608fc2f71067a6377c7713c69ef5269db06ae405df7505b06c447ea23763b0c97d110eb36adbdf0fd7db584f97ed4b05cde94fb55502b380df2b5c694d629cdacae68054809af619925bca7e7a2ef68bf1305bcd0c94f8c931c1824249afa757ef2af3ed540615261ea697a3b557d9f68ebe32955a4922291e41c29d31edbec01c1098dddec3bd9037c62fbc2562f6d2739f6c18c69d6c2d40de6808df14efc66bd4009a42238641a123c56129e922eee469691388b100ec7424e8daeef081b97a4b54bf07077bd75990574babdca476722dbbbe889392d884cca0f092ee52bd7fab0e8fd39e064c7e7fccb94cedb70a407b0b3212721cda3b2613d501ea6b1ed903238f880d6bc7299db43de3ec07545c660da8390acb056daa7f9c14e77440aab7e0a8a35ef2abe4e3c0f7db72c024515815983addde5dc338c2fa68ed316631dbe755679e66e03e4477b472a0df94eeb41118b9e12597d9849cee613ba7af089fd69dd491f8c586c7fb0699156b1208581c904f74166a73ba5f5dea705993ff5d60971aaf37298776f3240dc0e06932d111acb54a422b300d3adfdb37095ae10a49c4f9cb3c1fb651d6a316fbcedf6776e3bf4b757d2d651ce2d68d77bb192151014b4a746171aa5840d1e487c599aaacc864fa50671cfd73d4d488859a1a39852022900c1321972f63d790968f98c0ceb976a9197c7a31d9d65f4bcd36d55485a07ff2145e168b17a9f4a815deb80ac18b1a97cf4a6097ea42f0202ac0747e8bd263c37ae8c2dab7b09dd2390cc503df2c3e982c12c07b217857bb009b44cea2a00930acd59b695aaa71b960cb40f2b1ec93f98e2c5a419c0d2705dc803024a1bb31806028920efd4b3bd397d95819fca5b602ea525519f57a327a49eee823171b776c1e73fe45dc09f73b3576178d4f02c5a9ce201654d3e04096aa9bab5fc3359247bb63d476fa8bb4fed1b30a8b3cd75659f2847dd138942052be43ae0a5b5437c5509b8bd3fcc0982e676e39c763f66b846cad8fc36ce572cf9347d1ba338aa738a7e0aee32d3ffa378f580db9a5ade6b00c3954000f2832ec806cfb6cd1590baa2f5b2d9e074b00386ebc1b3ecd9929210300d24b73e298f529df58f36f80921203a6a400ef25eedcd49142922a4a5af756436d9f7ba8437c24e68c70026effcc9e78813037dac535720adbcfd9e4b27b4d8700c18d2fac6c247fa44426317491554545e805c9f1130d20dca63249e43c4b65864c8e99602357e8740ffa95490505863738dafd55b53a7e303048bf46454a7c372708d662d46c9bb7e364a46a5400be6e5acc8862e1664f8a6f60ebef836d434d6913e8fcf09680cb9a51dabbe842b81b45dc3f3d35cdd05bf616eb93abdbcb1f46334abb18880b6d97380b010acb962506b690f333a00c8ab2cbe04fe17ad310bc2dfd0b3140da3917f36a97b1fc2befb5d6b23f2ebb5fc46240909471175cb04a80ddc877f387ed7c4018d39d9274ab2a8c45c710bac37a05bbc47ae289109417d5c3be6466eedac7b25cda671a77ea8cf35348e9fbcdb74b398918194918aa6b169716826c576f516049e6d6d95402286b71c7c24adc8a65df30d943ebb5dd202b05fa1be371af6888961d6f151e303e0d1c6ba9202cec532c293d6517c60158b122a856408f3ce2d041eff31ad5d581d18a8fc3afad8e69d0089df8806b0ffa67f38e4f61a6643c1a926c4fac0f523ab44fbc84c9fe9ab83017dd963aa7c200c00eb97714a60363018e57b22fda00fb402a85e08eaf88bc99fda4df3ae1eaf8e6f737addf4b5c4de85e27fb555f5a1b47d2fbecf44b5575ff59c49a466a0d2849f714fd72595a1fc68855f51c9330bd0b28fc3fe63d4f4162ab9d303b123818100f056a688c7dbd8052fd22d32803b147dffb3dbc74987075a90ce6907e77e9b5364fc946f72a88a43523476476a6a1a616cf854e77963cea897ae9e7ab9f760af476f19193cff9f66152dcea8fc6cc5619d2cebd2603d9a2d38d63a282bdbbe65088909fac9cfeb22bf5dbdda906393376681a611c4f06d792bd2d7a2ba752b18de6b44353f1a4ab54a9f34dc64305c459069b604e5c96760edeb7b5324be0c42463147d3e0e855d791ce32c71e0acfe15b3f3e554d64c2257d3922e570119c1b30ef27c3682fd610451a58da93cb78159e8aded69aacd29c7e1954e92b86df434c3926dbfd5b740ab32174251bfd957873cd2ddce5f610b6a3431b03be96407b631843b53c4774c63b668d66018feb90342b566e34f399dd04477f5f3e421be53014c07f58c9bdb0d5b090280245eabf454fb190b697b1948a63aa424b1378f7e9ec30d2be3d645ce270d6e92d62bcbd20521b51ba98bce6143ebfd8ea7ac80048e49ad87edc6268d4aa7eb9d1fa10f2f3a845e46f7c677da353ee488141cc05a08c471d07dbf50be6986818c5402d489403190ddb9d0e574a885b92af67e0bbe64ea0d0fb6d52c936df3c5e57058fd3fcd933159813abe8aee34a92dca91dfa67bf4732247a68e024afe77f3e8d2a45186ae9ffaa062f5ff0cd2109d93a4ab0f994a444195c56f96078d9490dd7cbdb0c98d90f87815df2e317cbf04627fe810fe5178d13160ff631c540bb127298e8d96c023b4106e74e132e14ab1690ff5e0a121f0c3212797c5cb99c7400f2c04ba3005876d6b8be59f97a1731fa87e55b0f1d754632b2ff37f3dc2ddd4d1bc507bae74f05c7d4671e30e622f96bae63ad13c6dbe22c939decb842713f14fff7c8b323abe45f8536f2373eb166386d4e74ef8818b88df9bfb9b11a9b59b39ca339fdf473c081d6838cba8413220f25ef74b7ae1c550c7a032484183157fe75c87ee7d220010d959b8b9f7108673a156a985c06d4fce484366a456cbedaf66fe0837c0dd10c2292f394b3fc52a1f56aa509b05d9f291af4bc79fe24aa8539357fdb1ab0998a0d81bc43e4dbcbfe081a19120d536bb9f8dc58efc016dee9fb160859c04e3b65f1d53b8d2f54aab0cdaf8ec8d701306b6a17172c696c09a7778ea59de8e8e8bab805aef895b0a2c8fbe0350c85cadb56d24ac2727a6ea0322e90ff59283cf95a3d4369a37a0edfeb738d972820fe9d8b4c3c9aa384bd4c2389563e97d86a350fd6c670a13338a1af8230e428dc74a304ad1d360ca3c866b3ab222c93c4a019ce4f3f8d4a1c5c5ce66c2b938c252ec732fde53265fd906d4185cce310c7d2ffd7eec861186344f11cd1c775106382aa9fdd70fe6f351d2ad9624a085e41a2eb43784c01d9be33b53f1cc274810fc32bd8e7179dda2d1c1417e223b2390cc96a7bc6294b06025ab65aed1af16629ba8194f8604af223203a220397ed16eb406904cda3c507d20ba8bb9218106f1908815fe05ab5603c17d4e93ef7f4a633c101da729a7707fa8a75e2e2c13f9e328d2c02160ffe0f706ffaafa0c6bb42a55ed963d7303da689465fe65a2c110e3e40ca0d714d399b68bacaf25e0b7671942239de92338baed2986962b389b449aaf77667215042cc5bd0aca2a1427b882835eb79bc6c773086baf9603a917d3cb139e74c814f7681264a39aa0231334e7475338f066504624b1f8ad8f0e879f7d7a2b52b6a8bb41a5ad484051bc99029340e660a25136335ade6836246b0bff7e7595a783d3805b3f4598d68dbbffc72758383acaf6ba4585f413e243dd2986ae7291f77f6ca4ed01f33b1b5cfb699d8384abc8f2a93ece9632b8874386e304a1cbf3d4e88030d0b7490e69e2a739b8d7deb14a3f1d4ef695c8fb9c953e301a503d3eb1bce2e13762ba510af18619d594ecb173a83d252e2eb3c6d02cab9d8c8961118d23f301ffdbc682f5afd6286d15d79a6bbe2adda69ef136b98a1ecd44d72c48da4f6a960f41adb40e0f158269d3192b22f6dd048d87dfd99a782d74e0052048bbec47fdef29e26ed27f139eaa679aa94258feaf2f08f0635ac389a5a534c110080cba10888209843132f2f8051610db18bf2da2de852fb83063500f16d9dd81314285c1f06fe149a2f84734484980028aab8cb82220f513ff9946f4b21a13db68192e1d1a2e8cc83c4f020e35f3ce7000d3f58e2b115104f827c45c7fc5ae3ea99ff280321078d05eabf40cd71ec0803b69a8addcc3f29d002619ff5ab50a8c4fcbb8fae1d8571a69bed051d0d6f6e4eb2451a3415d0e2fffeca09c7c714cf5f109bcdc57602265f719ab7cfc409ff15e5750537f2086523c2720ed2a0d9ded98616980d1780c3fca9909693070f749fff3e6db05b7f90bd22a230f7592a5e94c83e6be0b94778ad396e3d1af45f2c6762ee02266838fe0d4754024829e743b70572c9865aab5af994b8af0bee7686f093b45650da2089fbf69ce4782b49d874d3dc34a688b8ff9d2548b1881aa28952d0819f8da6c0f774d4c102b0f5bd7f4ca9f92e4ca96c49fb422ac8bdbf97d5ccbce696441dc172a573ac6917bb02f2136a99f4723c8599166b4c0d6efc0bc1ed10ad625eb1088bf04c9b7f38b4cb468040ee9f3ed125cc92abc15d126b2fd455736860e70d5ec495e46d856f05368ee5457c93eb53498197cfb463e1ff11d05e8aa387b728a28b9b97dfcb01ec84464e9ee88210ac83ee034e360e9b508bee82cb5a05016aa63a8d4f8c913b97dafa906e2d52e3dc00903fd6833f8a46244298189b914dcbf5b57a77f24706b00577fea6930effe2d168580aa9dbd4a6a38dff9ab24d32756e16f29a808cfc7eb3032be63c154b6bb5606aec4fc381aabdfb07e1a4240c248651a620fd97b2db1e2d47174f60922ccdad1f660eaca829a052a4dc94ec1fdcafa1f534dc841b0ad19755985eee1e65b50586d5a22dbb79c8b47e0544c7ddc438099f4c6b3d7a0bd41ed5166dcc685cc5a2bb74c0e003d0b4f3f0390b71c24d2265c5261b0d7fb3a8e5"}}}}}}, 0x0)
getsockopt$kcm_KCM_RECV_DISABLE(r5, 0x11e, 0x1, 0x0, 0x20000000)
setsockopt$inet6_int(r4, 0x29, 0x31, &(0x7f00000000c0)=0x3ffffff, 0x4)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCADDRT(r6, 0x890b, &(0x7f00000002c0)={@remote, @ipv4={'\x00', '\xff\xff', @multicast1}, @private0, 0x2, 0x8, 0x0, 0x500})
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xa, 0x4010, r6, 0xc2bbf000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a54000000060a0104000000000000000002000000200004801c0001801900010400617368000000000c00028008000740000000010900010073797a30000000000900020073797a320000000005000740df000000140000001100010000000000000000004000000a"], 0x7c}}, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001480)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0, 0x0, <r7=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000001680)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, <r8=>0x0})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000001880)={"9ca61a5935dc0b201481ef3f57e55f3a", r7, r8, {0x2, 0xffff2cc8}, {0xb45, 0xfffffc01}, 0x3, [0xcb5, 0x8d0, 0x9, 0x2, 0x0, 0x8000000000000000, 0x800, 0xffffffff, 0x7, 0x1, 0x6, 0x8000, 0x10, 0x3ff, 0x4, 0x2]})
ioctl$BTRFS_IOC_WAIT_SYNC(r3, 0x40089416, &(0x7f0000000080)=r8)
getsockopt$inet6_buf(r4, 0x29, 0x6, &(0x7f0000001500)=""/19, &(0x7f0000000240)=0x24)

2m58.050629513s ago: executing program 4 (id=1489):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', <r2=>0x0})
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)
mmap$xdp(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x8, 0x11, r0, 0x100000000)

2m57.544930066s ago: executing program 33 (id=1489):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'sit0\x00', <r2=>0x0})
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)
mmap$xdp(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x8, 0x11, r0, 0x100000000)

2m54.669994975s ago: executing program 3 (id=1368):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe3000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000180)={0x20003, 0x0, [0x1, 0xe0e0, 0x2, 0xc, 0x0, 0x7, 0x0, 0x8000]})

2m31.014905024s ago: executing program 3 (id=1368):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe3000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000180)={0x20003, 0x0, [0x1, 0xe0e0, 0x2, 0xc, 0x0, 0x7, 0x0, 0x8000]})

2m0.791140597s ago: executing program 3 (id=1368):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe3000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000180)={0x20003, 0x0, [0x1, 0xe0e0, 0x2, 0xc, 0x0, 0x7, 0x0, 0x8000]})

1m20.138382574s ago: executing program 3 (id=1368):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe3000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000180)={0x20003, 0x0, [0x1, 0xe0e0, 0x2, 0xc, 0x0, 0x7, 0x0, 0x8000]})

50.626184617s ago: executing program 3 (id=1368):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe3000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000180)={0x20003, 0x0, [0x1, 0xe0e0, 0x2, 0xc, 0x0, 0x7, 0x0, 0x8000]})

15.055569978s ago: executing program 6 (id=1904):
socket$alg(0x26, 0x5, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r1 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x2, 0x6, 0x2, 0x0, 0x2, 0x0, 0x2}, 0x10}}, 0x0)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0xffffffff, @empty, 0x5}, 0x1c)
r3 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x3243, 0x0, 0x5, 0x1000}, &(0x7f0000000340), &(0x7f0000000040))
io_uring_enter(r3, 0x3516, 0x3e44, 0x8, 0x0, 0x0)
r4 = syz_open_dev$video(&(0x7f0000000000), 0xfffffffffffffff1, 0x14f301)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, 0x810, r4, 0xdb945000)

12.712987529s ago: executing program 6 (id=1907):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x9, 0x10, &(0x7f0000000380)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x4)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="640000001e00530f00007000fbdbdf2520010000000000000000000000000002000002880a003300ff0200000000000000000000000000010d0000000000000024000900"], 0x64}, 0x1, 0x0, 0x0, 0x200040c0}, 0x800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'ip6_vti0\x00', 0x0})
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000080)=0x6)
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54d24f15655595860608d70566e425a6c36af37b33fac9d31c8a9c7044410d324b03e044e454d2092a62fea8f13441431ce248bfc73a6726ee61ba491d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d15ea05e97ed3dcad452db6e08a991e2c78b057f55de7fdeba7411ce65700c0a1ad7946ff7c355db87566e3e5abb7a37a06731ed19ddfa970bb58a27fd9fa194c092730319"})
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
unshare(0x4000280)
landlock_create_ruleset(&(0x7f0000000180)={0x100, 0x0, 0x80ffff}, 0x18, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001b40)=@expire={0xf8, 0x18, 0x1, 0x0, 0x0, {{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast2}, {@in6=@rand_addr=' \x01\x00'}, @in=@dev={0xac, 0x14, 0x14, 0x13}, {}, {}, {}, 0x0, 0x0, 0x0, 0x2}}}, 0xf8}}, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x8}})
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0))

11.340616216s ago: executing program 0 (id=1910):
r0 = socket(0x10, 0x3, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000280))
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000)
r2 = dup2(r1, r1)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x40000, 0x0)
r4 = syz_io_uring_setup(0x416f, &(0x7f0000000780)={0x0, 0xfffffffd, 0x10100, 0x200, 0x11a}, &(0x7f0000000100)=<r5=>0x0, &(0x7f00000000c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x1}, 0x50)
io_uring_enter(r4, 0x567, 0x1000a387, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000001140), 0x700, 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000040)=0x1)
sendmsg$nl_route_sched(r0, 0x0, 0x40844)

10.659479992s ago: executing program 5 (id=1911):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$sequencer(0xffffff9c, &(0x7f00000000c0), 0x1, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
preadv(r2, &(0x7f0000000380)=[{&(0x7f0000000340)=""/54, 0x36}], 0x1, 0x5b, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x100000000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

9.469097007s ago: executing program 0 (id=1912):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000240), 0x4000000044402, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000640), 0x40840, 0x0)
ioctl$BINDER_FREEZE(r0, 0x400c620e, &(0x7f0000000600)={0x0, 0x1, 0x5db})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0xb, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0xfcff, &(0x7f00000002c0)='\x00'})

9.347179598s ago: executing program 5 (id=1913):
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x2b, @multicast1, 0x4e23, 0x2, 'dh\x00', 0x1, 0x5, 0x52}, 0x2c)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000440)=[@in={0x2, 0x4e22, @private=0xa010101}]}, &(0x7f00000003c0)=0x10)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x84, &(0x7f0000000480)={r3, @in={{0x2, 0x0, @empty}}}, 0x90)

9.251426192s ago: executing program 3 (id=1368):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe3000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000180)={0x20003, 0x0, [0x1, 0xe0e0, 0x2, 0xc, 0x0, 0x7, 0x0, 0x8000]})

9.214118196s ago: executing program 0 (id=1914):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x9, 0x10, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="640000001e00530f00007000fbdbdf2520010000000000000000000000000002000002880a003300ff0200000000000000000000000000010d0000000000000024000900"], 0x64}, 0x1, 0x0, 0x0, 0x200040c0}, 0x800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
r5 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000000)={'ip6_vti0\x00', 0x0})
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000080)=0x6)
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54d24f15655595860608d70566e425a6c36af37b33fac9d31c8a9c7044410d324b03e044e454d2092a62fea8f13441431ce248bfc73a6726ee61ba491d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d15ea05e97ed3dcad452db6e08a991e2c78b057f55de7fdeba7411ce65700c0a1ad7946ff7c355db87566e3e5abb7a37a06731ed19ddfa970bb58a27fd9fa194c092730319"})
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
unshare(0x4000280)
landlock_create_ruleset(&(0x7f0000000180)={0x100, 0x0, 0x80ffff}, 0x18, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001b40)=@expire={0xf8, 0x18, 0x1, 0x0, 0x0, {{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast2}, {@in6=@rand_addr=' \x01\x00'}, @in=@dev={0xac, 0x14, 0x14, 0x13}, {}, {}, {}, 0x0, 0x0, 0x0, 0x2}}}, 0xf8}}, 0x0)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r9, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x8}})
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0))

7.204733795s ago: executing program 1 (id=1915):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x5, &(0x7f0000006680))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000000cc0), 0x0, 0x48094)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}, 0x10000000}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
ioctl$SNAPSHOT_FREE(r2, 0x3305)
syz_open_dev$tty1(0xc, 0x4, 0x1)

7.204446444s ago: executing program 5 (id=1916):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100), 0x40202, 0x0)
ioctl$SNDCTL_DSP_STEREO(r1, 0xc0045003, &(0x7f00000000c0)=0x1)
mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000007, 0x12, r1, 0x0)
ioctl$SNDCTL_DSP_POST(r1, 0x5008, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r1, 0x800c5012, 0x0)
r2 = dup(r0)
socket$inet(0x2, 0x4000000000080001, 0x0)
r3 = syz_io_uring_setup(0x4e1, &(0x7f0000000380)={0x0, 0x11ffffa, 0x10100, 0x3, 0x0, 0x0, r2}, &(0x7f0000000080)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x708, 0xafef, 0x0, 0x0, 0x0)
r6 = socket(0x40000000015, 0x5, 0x0)
readv(r6, &(0x7f0000000880)=[{&(0x7f0000000400)=""/50, 0x32}], 0x1)

7.204101783s ago: executing program 6 (id=1917):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x80000000005, 0x100000001000087}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
io_uring_register$IORING_UNREGISTER_EVENTFD(0xffffffffffffffff, 0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x0, 0x1}, &(0x7f0000000040))
timer_settime(0x0, 0x236bd4336e4642df, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$kcm(0xa, 0x2, 0x73)
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r1, 0x0, 0x40080d0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x4)
mount(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

7.120310903s ago: executing program 0 (id=1918):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xc8f}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x58}}, 0x20004000)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@gettaction={0x28, 0x5a, 0x1, 0x0, 0x0, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1}}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8}]}, 0x28}}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_request={{0x31, 0x6}}}, 0x9)
setrlimit(0x1, &(0x7f0000000000)={0x5, 0x3ff})
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000280)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x4}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000340)='dctcp\x00', 0x6)

5.632530636s ago: executing program 5 (id=1919):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.swap.events\x00', 0x275a, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$lock(r3, 0x25, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e000000001800028006000100010000000c000200540a00001800000008000500", @ANYRES32=r2], 0x50}, 0x1, 0xba01}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
r5 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r5, 0xc)
ioctl$SIOCX25SCUDMATCHLEN(r5, 0x89e7, 0x0)
sendmsg$kcm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x404c080)
write(r4, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24)

5.590534619s ago: executing program 6 (id=1920):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmsg$alg(r4, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
recvmmsg(r4, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000400)=""/101, 0x65}], 0x1}}], 0x1, 0x60, 0x0)

5.589550608s ago: executing program 1 (id=1921):
r0 = io_uring_setup(0x355b, &(0x7f0000000140)={0x0, 0xe24b, 0x10, 0x5, 0x4000020})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x80000000005, 0x100000001000087}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r2, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r3})
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f0000000180)={0x28, 0x4, r3, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x7})
close_range(r0, 0xffffffffffffffff, 0x0)

4.542275813s ago: executing program 6 (id=1922):
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x20)
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0xff800000, 0x361382)
fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, <r1=>0x0})
syz_open_procfs(r1, &(0x7f0000000200)='limits\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000002c0)={'veth0_virt_wifi\x00', &(0x7f00000001c0)=@ethtool_rxfh={0x47, 0x9, 0x7fff, 0x8, 0x1, "d20dec", 0x80000001}})

3.248010572s ago: executing program 1 (id=1923):
r0 = semget$private(0x0, 0x4, 0x72e)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$dsp1(0xffffffffffffff9c, 0x0, 0x40, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r4, 0xc0045006, 0x0)
r5 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_SECURITY_KEYRING(r5, 0x110, 0x2, &(0x7f0000000540)='string\x00\xa2\xb5\xbf4\x04`P\xfb\b}\xd6\xe1\"\xf9\xae\xa4N\x10\x13!\x04\x00\x97\xb6\x94\xc2\x0f8\x997Vg\xa2\xeb\xb4RU|\x99t\xe0N\x1c\xf4-\t\x80?\x10\xf7J\',\xd1Bxq\x16R\xe4\x88\x02\xfd\x81q<5n^.izR*\xcfL\xb7Q\xb8\xf2e\xbb\xd3r>\x86\x14\x963\xc0N\x18\x1cm%\x01w\xba*\xd1\xfa\xf8\xa3\xfabP\xaf\x9a\x0e\x9fjZ\xcaX\xdaV\x88<A\r\xe6\xe5\xb8u\x10Q\x13\xef\xfe>`\xac\xe4\x86(\xfd\x0f\x96\xffd9;\xb5\xdd?\xbcc#\x17\xea\\\xc1\x12\xa2\xdcb\fB\xddk\xb3\x14=T\xcb\xe0\v\xeb\x18!_\xa6\x06\xb5*_^ns\xd7\xfe\xc1t\'\x1bJ4V\rV\xf0\xabP]\x18\x8c\xe3\xb0@\xe0A:', 0xca)
semctl$GETNCNT(r0, 0x1, 0xe, 0x0)

2.252549427s ago: executing program 1 (id=1924):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e22}, 0xbc)
r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x4, 0x0, 0x7})
ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_DQBUF(r1, 0xc0585611, &(0x7f0000000200)=@multiplanar_mmap={0x5, 0x1, 0x4, 0x172004, 0x9, {}, {0x2, 0x0, 0x7, 0x6, 0x9, 0xf9}, 0x19e, 0x1, {0x0}, 0x5})
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r2, 0xc008561c, &(0x7f0000000040)={0xf0f046})
syz_open_dev$vim2m(&(0x7f00000002c0), 0x621, 0x2)
syz_emit_ethernet(0x3e, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x4)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000380), 0xc)

2.233270403s ago: executing program 0 (id=1925):
syz_open_dev$admmidi(0x0, 0x100000001, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffdfe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x4000000000002e6, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffd)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x20440, 0x0)
r3 = fsopen(&(0x7f0000000100)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='user\x00', &(0x7f00000000c0)='ocfs2\x00', 0x0)

2.018176561s ago: executing program 1 (id=1926):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@float={0x4, 0x0, 0x0, 0x10, 0x8}]}, {0x0, [0x0, 0x61, 0x30]}}, 0x0, 0x29, 0x0, 0x1, 0xe88}, 0x28)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$xdp(0x2c, 0x3, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502", @ANYRES8=r1], 0x3c}}, 0x10)

1.35492622s ago: executing program 0 (id=1927):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x9, 0x10, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="640000001e00530f00007000fbdbdf2520010000000000000000000000000002000002880a003300ff0200000000000000000000000000010d0000000000000024000900"], 0x64}, 0x1, 0x0, 0x0, 0x200040c0}, 0x800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
r5 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000000)={'ip6_vti0\x00', 0x0})
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000080)=0x6)
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54d24f15655595860608d70566e425a6c36af37b33fac9d31c8a9c7044410d324b03e044e454d2092a62fea8f13441431ce248bfc73a6726ee61ba491d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d15ea05e97ed3dcad452db6e08a991e2c78b057f55de7fdeba7411ce65700c0a1ad7946ff7c355db87566e3e5abb7a37a06731ed19ddfa970bb58a27fd9fa194c092730319"})
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
unshare(0x4000280)
landlock_create_ruleset(&(0x7f0000000180)={0x100, 0x0, 0x80ffff}, 0x18, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001b40)=@expire={0xf8, 0x18, 0x1, 0x0, 0x0, {{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast2}, {@in6=@rand_addr=' \x01\x00'}, @in=@dev={0xac, 0x14, 0x14, 0x13}, {}, {}, {}, 0x0, 0x0, 0x0, 0x2}}}, 0xf8}}, 0x0)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r9, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x8}})
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0))

1.204761003s ago: executing program 6 (id=1928):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x9, 0x10, &(0x7f0000000380)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x4)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="640000001e00530f00007000fbdbdf2520010000000000000000000000000002000002880a003300ff0200000000000000000000000000010d0000000000000024000900"], 0x64}, 0x1, 0x0, 0x0, 0x200040c0}, 0x800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'ip6_vti0\x00', 0x0})
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000080)=0x6)
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54d24f15655595860608d70566e425a6c36af37b33fac9d31c8a9c7044410d324b03e044e454d2092a62fea8f13441431ce248bfc73a6726ee61ba491d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d15ea05e97ed3dcad452db6e08a991e2c78b057f55de7fdeba7411ce65700c0a1ad7946ff7c355db87566e3e5abb7a37a06731ed19ddfa970bb58a27fd9fa194c092730319"})
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
unshare(0x4000280)
landlock_create_ruleset(&(0x7f0000000180)={0x100, 0x0, 0x80ffff}, 0x18, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001b40)=@expire={0xf8, 0x18, 0x1, 0x0, 0x0, {{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast2}, {@in6=@rand_addr=' \x01\x00'}, @in=@dev={0xac, 0x14, 0x14, 0x13}, {}, {}, {}, 0x0, 0x0, 0x0, 0x2}}}, 0xf8}}, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x8}})
sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0))

974.073413ms ago: executing program 5 (id=1929):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000340)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched_retired(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000003a40)=@newchain={0x80, 0x64, 0x100, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x7}, {0xfff1}, {0xc, 0xe}}, [@f_rsvp6={{0xa}, {0x50, 0x2, [@TCA_RSVP_POLICE={0xc, 0x5, [@TCA_POLICE_RESULT={0x8, 0x5, 0x5}]}, @TCA_RSVP_ACT={0x40, 0x6, [@m_simple={0x3c, 0x1b, 0x0, 0x0, {{0xb}, {0x4}, {0xd, 0x6, "a0983c6eae097254cf"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}}]}, 0x80}, 0x1, 0x0, 0x0, 0x1}, 0x40881)
recvmmsg$unix(r4, &(0x7f00000029c0)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000680)=""/128, 0x80}], 0x1}}], 0x1, 0x1, 0x0)

564.340698ms ago: executing program 1 (id=1930):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd5e, 0x240000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
write$char_usb(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r1 = socket$rxrpc(0x21, 0x2, 0x4)
setsockopt$RXRPC_SECURITY_KEY(r1, 0x110, 0x1, &(0x7f0000000240)='[-$*\x00', 0x5)
pipe2$9p(0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x42, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
clock_adjtime(0x0, &(0x7f0000000480)={0xd54, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000})

0s ago: executing program 5 (id=1931):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getpid()
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r3, 0x0, 0x2c, 0x0, @val=@uprobe_multi={0x0, &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x1}}, 0x40)

kernel console output (not intermixed with test programs):

: p1
[  368.366981][ T9613] loop2: partition table partially beyond EOD, truncated
[  368.454904][ T9613] loop2: p1 size 3506438144 extends beyond EOD, truncated
[  368.647100][ T7622] udevd[7622]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  368.735794][ T9626] dlm: non-version read from control device 211
[  368.744649][ T9626] dlm: non-version read from control device 211
[  368.750954][ T9626] dlm: non-version read from control device 211
[  368.757292][ T9626] dlm: non-version read from control device 211
[  368.763621][ T9626] dlm: non-version read from control device 211
[  368.769887][ T9626] dlm: non-version read from control device 211
[  368.776190][ T9626] dlm: non-version read from control device 211
[  368.782503][ T9626] dlm: non-version read from control device 211
[  368.788784][ T9626] dlm: non-version read from control device 211
[  368.795744][ T9626] dlm: non-version read from control device 211
[  368.803820][ T9626] dlm: non-version read from control device 211
[  368.810223][ T9626] dlm: non-version read from control device 211
[  368.816720][ T9626] dlm: non-version read from control device 211
[  368.823296][ T9626] dlm: non-version read from control device 211
[  368.829602][ T9626] dlm: non-version read from control device 211
[  368.835906][ T9626] dlm: non-version read from control device 211
[  368.842193][ T9626] dlm: non-version read from control device 211
[  368.848467][ T9626] dlm: non-version read from control device 211
[  368.854751][ T9626] dlm: non-version read from control device 211
[  368.861164][ T9626] dlm: non-version read from control device 211
[  368.867431][ T9626] dlm: non-version read from control device 211
[  368.873744][ T9626] dlm: non-version read from control device 211
[  368.880027][ T9626] dlm: non-version read from control device 211
[  368.886332][ T9626] dlm: non-version read from control device 211
[  368.892643][ T9626] dlm: non-version read from control device 211
[  368.898911][ T9626] dlm: non-version read from control device 211
[  368.905948][ T9626] dlm: non-version read from control device 211
[  368.912286][ T9626] dlm: non-version read from control device 211
[  368.918543][ T9626] dlm: non-version read from control device 211
[  368.925296][ T9626] dlm: non-version read from control device 211
[  368.931617][ T9626] dlm: non-version read from control device 211
[  368.937875][ T9626] dlm: non-version read from control device 211
[  368.944178][ T9626] dlm: non-version read from control device 211
[  368.950462][ T9626] dlm: non-version read from control device 211
[  368.956759][ T9626] dlm: non-version read from control device 211
[  368.963129][ T9626] dlm: non-version read from control device 211
[  368.969784][ T9626] dlm: non-version read from control device 211
[  368.976140][ T9626] dlm: non-version read from control device 211
[  368.982541][ T9626] dlm: non-version read from control device 211
[  368.988810][ T9626] dlm: non-version read from control device 211
[  368.995139][ T9626] dlm: non-version read from control device 211
[  369.001465][ T9626] dlm: non-version read from control device 211
[  369.008381][ T9626] dlm: non-version read from control device 211
[  369.014759][ T9626] dlm: non-version read from control device 211
[  369.021222][ T9626] dlm: non-version read from control device 211
[  369.027823][ T9626] dlm: non-version read from control device 211
[  369.034110][ T9626] dlm: non-version read from control device 211
[  369.040367][ T9626] dlm: non-version read from control device 211
[  369.046651][ T9626] dlm: non-version read from control device 211
[  369.053093][ T9626] dlm: non-version read from control device 211
[  369.059350][ T9626] dlm: non-version read from control device 211
[  369.065794][ T9626] dlm: non-version read from control device 211
[  369.072072][ T9626] dlm: non-version read from control device 211
[  369.078342][ T9626] dlm: non-version read from control device 211
[  369.084656][ T9626] dlm: non-version read from control device 211
[  369.090904][ T9626] dlm: non-version read from control device 211
[  369.097196][ T9626] dlm: non-version read from control device 211
[  369.103486][ T9626] dlm: non-version read from control device 211
[  369.110472][ T9626] dlm: non-version read from control device 211
[  369.116869][ T9626] dlm: non-version read from control device 211
[  369.123159][ T9626] dlm: non-version read from control device 211
[  369.129782][ T9626] dlm: non-version read from control device 211
[  369.136107][ T9626] dlm: non-version read from control device 211
[  369.142410][ T9626] dlm: non-version read from control device 211
[  369.148695][ T9626] dlm: non-version read from control device 211
[  369.154966][ T9626] dlm: non-version read from control device 211
[  369.161269][ T9626] dlm: non-version read from control device 211
[  369.167606][ T9626] dlm: non-version read from control device 211
[  369.173915][ T9626] dlm: non-version read from control device 211
[  369.180189][ T9626] dlm: non-version read from control device 211
[  369.186474][ T9626] dlm: non-version read from control device 211
[  369.192745][ T9626] dlm: non-version read from control device 211
[  369.199011][ T9626] dlm: non-version read from control device 211
[  369.205328][ T9626] dlm: non-version read from control device 211
[  369.213324][ T9626] dlm: non-version read from control device 211
[  369.219702][ T9626] dlm: non-version read from control device 211
[  369.226215][ T9626] dlm: non-version read from control device 211
[  369.232685][ T9626] dlm: non-version read from control device 211
[  369.238931][ T9626] dlm: non-version read from control device 211
[  369.245220][ T9626] dlm: non-version read from control device 211
[  369.251563][ T9626] dlm: non-version read from control device 211
[  369.257791][ T9626] dlm: non-version read from control device 211
[  369.264066][ T9626] dlm: non-version read from control device 211
[  369.270486][ T9626] dlm: non-version read from control device 211
[  369.276818][ T9626] dlm: non-version read from control device 211
[  369.283123][ T9626] dlm: non-version read from control device 211
[  369.289361][ T9626] dlm: non-version read from control device 211
[  369.295692][ T9626] dlm: non-version read from control device 211
[  369.302006][ T9626] dlm: non-version read from control device 211
[  369.308269][ T9626] dlm: non-version read from control device 211
[  369.315543][ T9626] dlm: non-version read from control device 211
[  369.321986][ T9626] dlm: non-version read from control device 211
[  369.329058][ T9626] dlm: non-version read from control device 211
[  369.335645][ T9626] dlm: non-version read from control device 211
[  369.341945][ T9626] dlm: non-version read from control device 211
[  369.348215][ T9626] dlm: non-version read from control device 211
[  369.354525][ T9626] dlm: non-version read from control device 211
[  369.360811][ T9626] dlm: non-version read from control device 211
[  369.367107][ T9626] dlm: non-version read from control device 211
[  369.721144][ T9641] netlink: 'syz.1.1155': attribute type 10 has an invalid length.
[  369.765700][ T9641] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  369.786805][ T9633] kvm: MWAIT instruction emulated as NOP!
[  369.800098][ T9641] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  369.845344][ T5966] lo speed is unknown, defaulting to 1000
[  369.865900][ T5966] syz0: Port: 1 Link DOWN
[  369.905642][ T9646] netlink: 'syz.2.1153': attribute type 10 has an invalid length.
[  370.064582][ T9653] overlayfs: failed to create directory ./bus/work (errno: 1); mounting read-only
[  370.078310][ T9653] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  370.119213][ T9653] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  370.187161][ T9653] overlayfs: failed to create directory ./bus/work (errno: 1); mounting read-only
[  370.200892][ T9657] overlayfs: failed to decode file handle (len=5, type=248, flags=0, err=-22)
[  370.774727][ T9673] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  370.789622][ T9673] overlayfs: overlapping lowerdir path
[  370.947836][   T30] audit: type=1800 audit(1750821285.136:112): pid=9682 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.1169" name="file2" dev="overlay" ino=1295 res=0 errno=0
[  371.774910][ T9703] validate_nla: 6 callbacks suppressed
[  371.774928][ T9703] netlink: 'syz.4.1177': attribute type 10 has an invalid length.
[  371.822346][ T9703] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  371.851697][ T9703] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  372.961418][   T24] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  373.091220][ T9726] netlink: 'syz.0.1185': attribute type 1 has an invalid length.
[  373.125177][ T9726] netlink: 'syz.0.1185': attribute type 1 has an invalid length.
[  373.445265][   T24] usb 2-1: Using ep0 maxpacket: 32
[  373.491531][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  373.596670][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  373.608127][   T24] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  373.636051][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.680260][   T24] usb 2-1: config 0 descriptor??
[  374.133793][   T24] ft260 0003:0403:6030.0011: unknown main item tag 0x0
[  374.327018][   T24] ft260 0003:0403:6030.0011: chip code: 6424 8183
[  374.528820][   T24] ft260 0003:0403:6030.0011: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.1-1/input0
[  374.736198][   T24] ft260 0003:0403:6030.0011: failed to retrieve status: -32, no wakeup
[  374.962874][   T24] ft260 0003:0403:6030.0011: failed to reset I2C controller: -71
[  375.027175][   T24] usb 2-1: USB disconnect, device number 17
[  375.443417][ T9769] netlink: 'syz.2.1198': attribute type 10 has an invalid length.
[  376.683943][ T9721] veth1_to_bond: entered allmulticast mode
[  376.699196][ T9745] veth1_to_bond: entered promiscuous mode
[  376.707857][ T9745] veth1_to_bond: left promiscuous mode
[  376.718115][ T9745] veth1_to_bond: left allmulticast mode
[  376.746014][ T9747] lo speed is unknown, defaulting to 1000
[  376.753988][ T9747] lo speed is unknown, defaulting to 1000
[  377.359078][ T9800] xt_time: invalid argument - start or stop time greater than 23:59:59
[  377.441125][ T9800] netlink: 'syz.1.1209': attribute type 1 has an invalid length.
[  377.553489][ T9804] netlink: 'syz.1.1209': attribute type 1 has an invalid length.
[  377.935589][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  378.419700][ T9818] netlink: 'syz.1.1214': attribute type 10 has an invalid length.
[  378.437933][ T9824] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1216'.
[  379.494778][ T9845] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1223'.
[  379.729834][ T9849] af_packet: tpacket_rcv: packet too big, clamped from 36 to 4294967272. macoff=96
[  379.899262][ T9854] netlink: 'syz.1.1227': attribute type 10 has an invalid length.
[  380.451264][   T24] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  380.511211][ T3080] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  380.611422][   T24] usb 2-1: Using ep0 maxpacket: 32
[  380.621613][   T24] usb 2-1: config 5 has an invalid interface number: 100 but max is 0
[  380.630501][   T24] usb 2-1: config 5 has no interface number 0
[  380.644750][   T24] usb 2-1: config 5 interface 100 altsetting 6 endpoint 0x8 has an invalid bInterval 0, changing to 7
[  380.657060][   T24] usb 2-1: config 5 interface 100 has no altsetting 0
[  380.664264][ T3080] usb 5-1: Using ep0 maxpacket: 32
[  380.728843][   T24] usb 2-1: New USB device found, idVendor=10c4, idProduct=1101, bcdDevice=e0.cc
[  380.739921][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  380.750686][ T3080] usb 5-1: config 0 has an invalid interface number: 67 but max is 0
[  380.762791][ T3080] usb 5-1: config 0 has no interface number 0
[  380.769095][   T24] usb 2-1: Product: syz
[  380.774473][   T24] usb 2-1: Manufacturer: syz
[  380.779093][   T24] usb 2-1: SerialNumber: syz
[  380.789383][ T3080] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  380.803118][ T3080] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  380.816636][ T5885] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  380.840519][ T3080] usb 5-1: Product: syz
[  380.847374][ T3080] usb 5-1: Manufacturer: syz
[  380.853697][ T3080] usb 5-1: SerialNumber: syz
[  380.863507][ T3080] usb 5-1: config 0 descriptor??
[  381.768168][   T24] cp210x 2-1:5.100: cp210x converter detected
[  381.774573][    C1] bridge0: port 2(bridge_slave_1) entered forwarding state
[  381.774632][    C1] bridge0: topology change detected, propagating
[  381.775121][    C1] bridge0: port 1(bridge_slave_0) entered forwarding state
[  381.775138][    C1] bridge0: topology change detected, propagating
[  381.803727][ T3080] smsc95xx v2.0.0
[  381.851214][ T5885] usb 3-1: Using ep0 maxpacket: 8
[  381.878301][   T24] cp210x 2-1:5.100: failed to get vendor val 0x370b size 1: -71
[  381.886710][ T5885] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  381.893736][   T24] cp210x 2-1:5.100: querying part number failed
[  381.898878][ T5885] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  381.912140][ T5885] usb 3-1: Product: syz
[  381.916594][ T5885] usb 3-1: Manufacturer: syz
[  381.927032][ T5885] usb 3-1: SerialNumber: syz
[  381.935815][   T24] usb 2-1: cp210x converter now attached to ttyUSB0
[  381.940250][ T5885] usb 3-1: config 0 descriptor??
[  381.971777][   T24] usb 2-1: USB disconnect, device number 18
[  381.983542][   T24] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  381.992262][   T24] cp210x 2-1:5.100: device disconnected
[  382.034092][ T3080] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  382.051446][ T3080] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  382.159011][ T5885] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  382.240054][ T9891] netlink: 'syz.0.1239': attribute type 10 has an invalid length.
[  382.406976][ T5966] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  382.472012][ T9899] netlink: 'syz.0.1241': attribute type 10 has an invalid length.
[  382.480572][ T9899] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  382.491221][ T9899] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  382.561164][ T5966] usb 4-1: Using ep0 maxpacket: 8
[  382.569124][ T5966] usb 4-1: config index 0 descriptor too short (expected 33298, got 18)
[  382.579392][ T5966] usb 4-1: config 12 has too many interfaces: 249, using maximum allowed: 32
[  382.588308][ T5966] usb 4-1: config 12 has an invalid descriptor of length 26, skipping remainder of the config
[  382.599541][ T5966] usb 4-1: config 12 has 0 interfaces, different from the descriptor's value: 249
[  382.611060][ T5966] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  382.620562][ T5966] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.629819][ T5966] usb 4-1: Product: syz
[  382.634113][ T5966] usb 4-1: Manufacturer: syz
[  382.638745][ T5966] usb 4-1: SerialNumber: syz
[  382.779968][ T5885] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  382.795415][ T5885] usb 3-1: USB disconnect, device number 23
[  382.852627][    C0] raw-gadget.0 gadget.3: ignoring, device is not running
[  382.860098][    C0] raw-gadget.0 gadget.3: ignoring, device is not running
[  382.867519][    C0] raw-gadget.0 gadget.3: ignoring, device is not running
[  382.876850][ T5966] usb 4-1: USB disconnect, device number 24
[  383.147112][ T3080] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  383.160015][ T3080] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -71
[  383.172330][ T3080] usb 5-1: USB disconnect, device number 24
[  383.333224][ T9905] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1244'.
[  383.748477][ T9919] loop6: detected capacity change from 0 to 7
[  383.758708][ T9919]  loop6: [POWERTEC] p1 p2 p3
[  383.763954][ T9919] loop6: p1 start 808464432 is beyond EOD, truncated
[  383.770926][ T9919] loop6: p2 start 808464432 is beyond EOD, truncated
[  383.778373][ T9919] loop6: p3 size 1680801792 extends beyond EOD, truncated
[  384.341869][ T7622] udevd[7622]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory
[  384.526680][ T9925] netlink: 'syz.4.1251': attribute type 10 has an invalid length.
[  384.900295][   T30] audit: type=1804 audit(1750821299.086:113): pid=9936 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.1256" name="/newroot/231/file0" dev="tmpfs" ino=1219 res=1 errno=0
[  385.272982][ T9949] loop2: detected capacity change from 0 to 7
[  385.282313][ T9949]  loop2: p1 p4
[  385.285825][ T9949] loop2: partition table partially beyond EOD, truncated
[  385.316866][ T9949] loop2: p1 size 1919251295 extends beyond EOD, truncated
[  385.394355][ T5993] udevd[5993]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  385.426899][ T7622] udevd[7622]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  386.491433][   T30] audit: type=1800 audit(1750821300.676:114): pid=9971 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.1269" name="bus" dev="overlay" ino=1264 res=0 errno=0
[  387.007373][ T9985] netlink: 'syz.3.1273': attribute type 10 has an invalid length.
[  387.031681][ T9987] loop2: detected capacity change from 0 to 7
[  387.044127][ T7622] Dev loop2: unable to read RDB block 7
[  387.058397][ T7622]  loop2: unable to read partition table
[  387.069660][ T7622] loop2: partition table beyond EOD, truncated
[  387.080368][ T9987] Dev loop2: unable to read RDB block 7
[  387.086303][ T9987]  loop2: unable to read partition table
[  387.092511][ T9987] loop2: partition table beyond EOD, truncated
[  387.118309][ T9987] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  387.179755][ T5190] Dev loop2: unable to read RDB block 7
[  387.190961][ T5190]  loop2: unable to read partition table
[  387.204643][ T5190] loop2: partition table beyond EOD, truncated
[  387.265487][ T9989] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1275'.
[  387.395525][ T9995] wg2: entered promiscuous mode
[  387.401811][ T9995] wg2: entered allmulticast mode
[  387.457223][ T9997] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  387.864703][T10014] netlink: 136 bytes leftover after parsing attributes in process `syz.1.1286'.
[  387.887482][T10014] netlink: 136 bytes leftover after parsing attributes in process `syz.1.1286'.
[  388.568309][T10050] netlink: 'syz.4.1297': attribute type 10 has an invalid length.
[  388.584033][T10044] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  389.030118][T10033] overlayfs: statfs failed on './file0'
[  389.744464][T10062] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  390.264606][T10069] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1304'.
[  390.949397][T10073] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  391.089475][T10078] syzkaller0: entered promiscuous mode
[  391.133898][T10078] syzkaller0: entered allmulticast mode
[  391.172955][ T5966] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  391.181693][ T4556] syzkaller0: tun_net_xmit 48
[  391.242489][T10081] syzkaller0: tun_chr_ioctl cmd 1074025677
[  391.259557][ T5966] hid-generic 0000:0000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  391.285651][T10081] syzkaller0: Linktype set failed because interface is up
[  391.695414][T10097] netlink: 'syz.3.1309': attribute type 10 has an invalid length.
[  393.714546][ T3080] usb 5-1: new full-speed USB device number 25 using dummy_hcd
[  393.875599][ T3080] usb 5-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  393.886978][ T3080] usb 5-1: config 1 interface 0 has no altsetting 0
[  393.899694][ T3080] usb 5-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40
[  393.909188][ T3080] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  393.917991][ T3080] usb 5-1: Product: syz
[  393.922587][ T3080] usb 5-1: Manufacturer: syz
[  393.927203][ T3080] usb 5-1: SerialNumber: syz
[  394.023624][ T7309] bond0: (slave syz_tun): Releasing backup interface
[  394.154030][ T3080] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input16
[  394.221235][ T3080] usb 5-1: USB disconnect, device number 25
[  394.221292][    C1] pxrc 5-1:1.0: pxrc_usb_irq - usb_submit_urb failed with result: -19
[  394.236933][ T5175] pxrc 5-1:1.0: pxrc_open - usb_submit_urb failed, error: -19
[  394.567276][T10121] binder: BINDER_SET_CONTEXT_MGR already set
[  394.576747][T10121] binder: 10119:10121 ioctl 4018620d 200000000040 returned -16
[  394.702422][T10124] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  394.779382][T10130] capability: warning: `syz.4.1326' uses 32-bit capabilities (legacy support in use)
[  395.732989][ T5140] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  395.744578][ T5140] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  395.754324][   T30] audit: type=1800 audit(1750821309.946:115): pid=10144 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.1330" name="file1" dev="tmpfs" ino=1332 res=0 errno=0
[  395.781598][ T5140] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  395.820798][ T5140] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  395.842573][ T5140] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  395.944521][T10148] loop2: detected capacity change from 0 to 7
[  395.973012][T10148] Dev loop2: unable to read RDB block 7
[  395.978651][T10148]  loop2: unable to read partition table
[  395.999356][T10141] lo speed is unknown, defaulting to 1000
[  396.012556][T10148] loop2: partition table beyond EOD, truncated
[  396.019927][T10148] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  396.078723][T10141] lo speed is unknown, defaulting to 1000
[  396.133979][T10154] xt_time: invalid argument - start or stop time greater than 23:59:59
[  396.145139][T10154] netlink: 'syz.3.1334': attribute type 1 has an invalid length.
[  396.185871][T10154] netlink: 'syz.3.1334': attribute type 1 has an invalid length.
[  396.442236][T10162] netlink: 'syz.3.1337': attribute type 8 has an invalid length.
[  396.535744][T10168] binder: 10167:10168 ioctl c0306201 200000000640 returned -22
[  397.932574][   T51] Bluetooth: hci0: command tx timeout
[  398.417435][T10188] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1344'.
[  398.468363][T10185] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1343'.
[  398.527591][T10185] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  398.536927][T10185] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  398.546304][T10185] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  398.555380][T10185] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  398.628891][T10185] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  398.638433][T10185] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  398.647841][T10185] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  398.651252][ T5885] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  398.656881][T10185] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  398.809632][T10141] chnl_net:caif_netlink_parms(): no params data found
[  398.825192][ T5885] usb 2-1: Using ep0 maxpacket: 32
[  398.851833][ T5885] usb 2-1: config 0 has no interfaces?
[  398.862894][ T5885] usb 2-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  398.880234][ T5885] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  398.888894][ T5885] usb 2-1: Product: syz
[  398.894780][ T5885] usb 2-1: Manufacturer: syz
[  398.901020][ T5885] usb 2-1: SerialNumber: syz
[  398.924491][ T5885] usb 2-1: config 0 descriptor??
[  399.058378][T10207] netlink: 'syz.4.1349': attribute type 1 has an invalid length.
[  399.305914][T10213] netlink: 'syz.4.1349': attribute type 1 has an invalid length.
[  399.560739][   T24] usb 2-1: USB disconnect, device number 19
[  400.122272][   T51] Bluetooth: hci0: command tx timeout
[  400.181443][T10141] bridge0: port 1(bridge_slave_0) entered blocking state
[  400.201686][T10141] bridge0: port 1(bridge_slave_0) entered disabled state
[  400.211719][T10141] bridge_slave_0: entered allmulticast mode
[  400.220353][T10141] bridge_slave_0: entered promiscuous mode
[  400.244634][T10141] bridge0: port 2(bridge_slave_1) entered blocking state
[  400.256491][T10141] bridge0: port 2(bridge_slave_1) entered disabled state
[  400.266811][T10141] bridge_slave_1: entered allmulticast mode
[  400.274924][T10141] bridge_slave_1: entered promiscuous mode
[  400.407370][T10141] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  400.429498][T10141] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  400.529581][T10141] team0: Port device team_slave_0 added
[  400.556092][T10141] team0: Port device team_slave_1 added
[  400.657881][T10141] batman_adv: batadv0: Adding interface: batadv_slave_0
[  400.666681][T10141] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  400.693004][T10141] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  400.709857][T10141] batman_adv: batadv0: Adding interface: batadv_slave_1
[  400.718189][T10141] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  400.744206][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.753333][T10141] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  400.889139][T10141] hsr_slave_0: entered promiscuous mode
[  400.900991][T10141] hsr_slave_1: entered promiscuous mode
[  400.909677][T10141] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  400.921177][T10141] Cannot create hsr debugfs directory
[  401.460883][T10236] netlink: 'syz.3.1357': attribute type 10 has an invalid length.
[  402.171712][   T51] Bluetooth: hci0: command tx timeout
[  402.208005][T10141] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  402.433242][T10141] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  403.012340][T10141] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  403.039428][T10141] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  403.378932][ T1002] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.413334][T10263] netlink: 'syz.1.1369': attribute type 10 has an invalid length.
[  403.592556][ T1002] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.634926][T10250] mpoa:atm_mpoa_vcc_attach: mpoa:Short read (missed 12 bytes) from userland
[  403.670865][T10141] 8021q: adding VLAN 0 to HW filter on device bond0
[  403.792431][ T1002] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.868079][T10141] 8021q: adding VLAN 0 to HW filter on device team0
[  403.936988][ T1002] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  403.993337][ T2991] bridge0: port 1(bridge_slave_0) entered blocking state
[  404.000523][ T2991] bridge0: port 1(bridge_slave_0) entered forwarding state
[  404.055609][ T2991] bridge0: port 2(bridge_slave_1) entered blocking state
[  404.062856][ T2991] bridge0: port 2(bridge_slave_1) entered forwarding state
[  404.258540][   T51] Bluetooth: hci0: command tx timeout
[  404.377180][T10290] netlink: 'syz.1.1372': attribute type 10 has an invalid length.
[  404.795327][ T5140] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  404.806694][ T5140] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  404.816161][ T5140] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  404.826859][ T5140] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  404.834795][ T5140] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  404.992335][T10295] team0: No ports can be present during mode change
[  405.094179][T10289] lo speed is unknown, defaulting to 1000
[  405.109400][ T1002] bridge_slave_1: left allmulticast mode
[  405.123412][ T1002] bridge_slave_1: left promiscuous mode
[  405.137579][ T1002] bridge0: port 2(bridge_slave_1) entered disabled state
[  405.163675][ T1002] bridge_slave_0: left allmulticast mode
[  405.172323][T10302] netlink: 'syz.0.1377': attribute type 10 has an invalid length.
[  405.180186][T10302] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1377'.
[  405.181568][ T1002] bridge_slave_0: left promiscuous mode
[  405.202723][ T1002] bridge0: port 1(bridge_slave_0) entered disabled state
[  405.250628][T10306] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1379'.
[  406.387922][ T1002] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  406.402356][ T1002] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  406.417818][ T1002] bond0 (unregistering): Released all slaves
[  406.437165][ T1002] bond1 (unregistering): Released all slaves
[  406.457542][ T1002] bond2 (unregistering): Released all slaves
[  406.478636][ T1002] bond3 (unregistering): Released all slaves
[  406.503431][ T1002] bond4 (unregistering): Released all slaves
[  406.529067][ T1002] bond5 (unregistering): Released all slaves
[  406.547664][ T1002] bond6 (unregistering): Released all slaves
[  406.566494][ T1002] bond7 (unregistering): Released all slaves
[  406.580167][ T1002] bond8 (unregistering): Released all slaves
[  406.600468][T10289] lo speed is unknown, defaulting to 1000
[  406.646099][T10302] team0: Port device geneve0 added
[  406.892807][   T51] Bluetooth: hci4: command tx timeout
[  406.893329][T10321] netlink: 'syz.1.1382': attribute type 10 has an invalid length.
[  406.930981][T10141] 8021q: adding VLAN 0 to HW filter on device batadv0
[  408.682136][T10141] veth0_vlan: entered promiscuous mode
[  408.969325][ T1002] veth1_macvtap: left promiscuous mode
[  408.971373][   T51] Bluetooth: hci4: command tx timeout
[  408.976537][ T1002] veth0_macvtap: left promiscuous mode
[  408.986142][ T1002] veth1_vlan: left promiscuous mode
[  408.992176][ T1002] veth0_vlan: left promiscuous mode
[  409.065374][ T3080] usb 2-1: new full-speed USB device number 20 using dummy_hcd
[  409.230484][ T3080] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[  409.243404][ T3080] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  409.271529][ T3080] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  409.284271][ T3080] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64
[  409.310156][ T3080] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  409.324935][ T3080] usb 2-1: config 0 interface 0 has no altsetting 0
[  409.356628][ T3080] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  409.383088][ T3080] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  409.402230][ T3080] usb 2-1: Product: syz
[  409.406536][ T3080] usb 2-1: Manufacturer: syz
[  409.423399][ T3080] usb 2-1: SerialNumber: syz
[  409.438354][ T3080] usb 2-1: config 0 descriptor??
[  409.444842][T10364] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  409.457549][ T3080] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  409.487216][ T3080] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  409.667772][ T1002] team0 (unregistering): Port device team_slave_1 removed
[  409.719075][T10374] netlink: 'syz.4.1392': attribute type 10 has an invalid length.
[  409.744168][ T1002] team0 (unregistering): Port device team_slave_0 removed
[  409.925392][ T3080] usb 2-1: USB disconnect, device number 20
[  409.933862][ T3080] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[  410.226709][T10289] chnl_net:caif_netlink_parms(): no params data found
[  410.243404][T10374] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  410.253441][T10374] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  410.273856][T10141] veth1_vlan: entered promiscuous mode
[  410.412723][T10289] bridge0: port 1(bridge_slave_0) entered blocking state
[  410.419861][T10289] bridge0: port 1(bridge_slave_0) entered disabled state
[  410.449561][T10289] bridge_slave_0: entered allmulticast mode
[  410.458434][T10289] bridge_slave_0: entered promiscuous mode
[  410.469451][T10289] bridge0: port 2(bridge_slave_1) entered blocking state
[  410.481597][T10289] bridge0: port 2(bridge_slave_1) entered disabled state
[  410.488852][T10289] bridge_slave_1: entered allmulticast mode
[  410.508399][T10289] bridge_slave_1: entered promiscuous mode
[  410.675935][T10289] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  410.710454][T10289] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  410.836730][T10289] team0: Port device team_slave_0 added
[  410.854060][T10289] team0: Port device team_slave_1 added
[  410.890121][T10395] loop2: detected capacity change from 0 to 7
[  410.901166][ T5962] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  410.904316][ T7622]  loop2:
[  410.914148][ T7622] loop2: partition table partially beyond EOD, truncated
[  410.931216][ T3080] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  410.965103][T10395]  loop2:
[  410.968237][T10395] loop2: partition table partially beyond EOD, truncated
[  410.984977][T10141] veth0_macvtap: entered promiscuous mode
[  411.008753][T10141] veth1_macvtap: entered promiscuous mode
[  411.036394][T10289] batman_adv: batadv0: Adding interface: batadv_slave_0
[  411.051563][   T51] Bluetooth: hci4: command tx timeout
[  411.058008][T10289] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  411.102069][ T5962] usb 2-1: Using ep0 maxpacket: 8
[  411.124908][T10289] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  411.131289][ T3080] usb 5-1: Using ep0 maxpacket: 8
[  411.148267][ T5962] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  411.149568][T10289] batman_adv: batadv0: Adding interface: batadv_slave_1
[  411.165573][T10289] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  411.169627][ T3080] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  411.214667][ T5962] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.240389][T10289] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  411.242114][ T5962] usb 2-1: Product: syz
[  411.265013][ T5962] usb 2-1: Manufacturer: syz
[  411.268579][T10141] batman_adv: batadv0: Interface activated: batadv_slave_0
[  411.277710][ T3080] usb 5-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.00
[  411.289287][T10141] batman_adv: batadv0: Interface activated: batadv_slave_1
[  411.289306][ T5962] usb 2-1: SerialNumber: syz
[  411.309680][ T3080] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  411.339616][ T5962] usb 2-1: config 0 descriptor??
[  411.345848][ T3080] usb 5-1: config 0 descriptor??
[  411.410310][T10141] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  411.444075][T10141] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  411.454147][T10141] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  411.466085][T10141] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  411.520629][T10289] hsr_slave_0: entered promiscuous mode
[  411.527961][T10289] hsr_slave_1: entered promiscuous mode
[  411.535404][T10289] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  411.543907][T10289] Cannot create hsr debugfs directory
[  411.562392][ T5962] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  411.778994][ T3080] belkin 0003:050D:3201.0013: unknown main item tag 0x0
[  411.810005][ T3080] belkin 0003:050D:3201.0013: unknown main item tag 0x0
[  411.829724][ T3080] belkin 0003:050D:3201.0013: item fetching failed at offset 2/5
[  411.844148][ T3080] belkin 0003:050D:3201.0013: parse failed
[  411.854593][ T3080] belkin 0003:050D:3201.0013: probe with driver belkin failed with error -22
[  411.992821][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  412.000710][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  412.115714][ T5966] usb 5-1: USB disconnect, device number 26
[  412.290874][ T4556] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  412.334625][ T4556] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  412.824721][T10289] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  412.882852][T10289] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  412.918484][T10289] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  412.957727][T10289] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  412.980792][ T5962] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  413.024991][ T5962] usb 2-1: USB disconnect, device number 21
[  413.133523][   T51] Bluetooth: hci4: command tx timeout
[  413.237199][T10448] netlink: 'syz.0.1404': attribute type 10 has an invalid length.
[  413.257770][T10448] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  413.269649][T10448] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  413.317586][T10289] 8021q: adding VLAN 0 to HW filter on device bond0
[  413.380099][T10289] 8021q: adding VLAN 0 to HW filter on device team0
[  413.406279][ T1002] bridge0: port 1(bridge_slave_0) entered blocking state
[  413.413518][ T1002] bridge0: port 1(bridge_slave_0) entered forwarding state
[  413.464867][ T1002] bridge0: port 2(bridge_slave_1) entered blocking state
[  413.472086][ T1002] bridge0: port 2(bridge_slave_1) entered forwarding state
[  414.028577][T10289] 8021q: adding VLAN 0 to HW filter on device batadv0
[  414.185944][T10289] veth0_vlan: entered promiscuous mode
[  414.227868][T10289] veth1_vlan: entered promiscuous mode
[  414.271541][ T5885] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  414.317335][T10289] veth0_macvtap: entered promiscuous mode
[  414.377299][T10289] veth1_macvtap: entered promiscuous mode
[  414.426600][T10289] batman_adv: batadv0: Interface activated: batadv_slave_0
[  414.443877][ T5885] usb 5-1: Using ep0 maxpacket: 8
[  414.454957][ T5885] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  414.476287][T10289] batman_adv: batadv0: Interface activated: batadv_slave_1
[  414.483691][ T5885] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  414.497091][ T5885] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  414.507204][ T5885] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  414.522978][T10289] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  414.536585][T10289] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  414.547754][ T5885] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  414.557339][T10289] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  414.566133][ T5885] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  414.575501][T10289] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  414.757015][ T2961] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  414.772431][ T2961] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  414.792382][ T5885] usb 5-1: GET_CAPABILITIES returned 0
[  414.812016][ T5885] usbtmc 5-1:16.0: can't read capabilities
[  414.839250][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  414.869815][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  415.023914][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  415.035271][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  415.051986][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  415.061143][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  415.116126][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  415.125278][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  415.134381][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  415.143450][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  415.181629][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  415.190785][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  415.199898][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  415.242192][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  415.251359][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  415.260479][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  415.308993][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  415.318156][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -2
[  415.411535][ T5919] usb 5-1: USB disconnect, device number 27
[  415.708873][T10522] loop8: detected capacity change from 0 to 7
[  415.720149][T10522]  loop8: [POWERTEC] p1 p2 p3 p4
[  415.735333][T10522] loop8: p1 size 8519680 extends beyond EOD, truncated
[  415.753857][T10522] loop8: p2 size 3670016 extends beyond EOD, truncated
[  415.765751][T10522] loop8: p3 start 3932160 is beyond EOD, truncated
[  415.776360][T10522] loop8: p4 start 524288 is beyond EOD, truncated
[  415.910425][ T5993] udevd[5993]: inotify_add_watch(7, /dev/loop8p2, 10) failed: No such file or directory
[  415.931285][ T7622] udevd[7622]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[  415.999555][T10526] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  416.197810][T10538] netlink: 'syz.4.1423': attribute type 10 has an invalid length.
[  416.200976][ T7937] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.268202][T10538] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  416.278198][T10538] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  416.646307][ T7937] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.911315][T10556] input: syz1 as /devices/virtual/input/input17
[  417.067005][ T7937] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  417.093335][T10559] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1427'.
[  417.214487][ T7937] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  417.264504][ T5140] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  417.276416][ T5140] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  417.287877][ T5140] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  417.314451][ T5140] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  417.326847][ T5140] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  417.707918][T10561] lo speed is unknown, defaulting to 1000
[  417.737210][T10561] lo speed is unknown, defaulting to 1000
[  417.887454][ T7937] bridge_slave_1: left allmulticast mode
[  417.905206][ T7937] bridge_slave_1: left promiscuous mode
[  417.911024][ T7937] bridge0: port 2(bridge_slave_1) entered disabled state
[  417.998429][ T7937] bridge_slave_0: left allmulticast mode
[  418.019810][ T7937] bridge_slave_0: left promiscuous mode
[  418.041613][ T7937] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.526072][ T5961] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  418.776880][ T5961] usb 2-1: Using ep0 maxpacket: 32
[  418.830314][ T5961] usb 2-1: config 0 has an invalid interface number: 231 but max is 0
[  418.839324][ T5961] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  418.879697][ T5961] usb 2-1: config 0 has no interface number 0
[  418.887347][ T5961] usb 2-1: config 0 interface 231 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  418.914840][ T5961] usb 2-1: config 0 interface 231 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  418.975955][ T5961] usb 2-1: New USB device found, idVendor=d024, idProduct=5e5a, bcdDevice=16.a9
[  419.007233][ T5961] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  419.016856][ T5961] usb 2-1: Product: syz
[  419.021437][ T5961] usb 2-1: Manufacturer: syz
[  419.061117][ T5961] usb 2-1: SerialNumber: syz
[  419.092192][ T5961] usb 2-1: config 0 descriptor??
[  419.108465][T10582] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  419.122646][ T5961] usb-storage 2-1:0.231: USB Mass Storage device detected
[  419.378110][   T51] Bluetooth: hci4: command tx timeout
[  419.382927][ T5961] usb 2-1: USB disconnect, device number 22
[  419.397998][ T7937] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  419.440065][ T7937] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  419.465610][ T7937] bond0 (unregistering): Released all slaves
[  420.327564][T10604] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1438'.
[  420.376255][T10608] vcan0: tx drop: invalid da for name 0x0000000000000001
[  420.525763][T10561] chnl_net:caif_netlink_parms(): no params data found
[  420.915574][T10619] syzkaller0: entered promiscuous mode
[  420.921215][T10619] syzkaller0: entered allmulticast mode
[  420.975350][ T7937] hsr_slave_0: left promiscuous mode
[  420.988531][ T7937] hsr_slave_1: left promiscuous mode
[  421.018964][ T7937] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  421.051417][ T7937] batman_adv: batadv0: Removing interface: batadv_slave_0
[  421.074680][ T7937] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  421.088145][ T7937] batman_adv: batadv0: Removing interface: batadv_slave_1
[  421.170351][ T7937] veth1_macvtap: left promiscuous mode
[  421.188275][ T7937] veth0_macvtap: left promiscuous mode
[  421.200921][ T7937] veth1_vlan: left promiscuous mode
[  421.207957][ T7937] veth0_vlan: left promiscuous mode
[  421.451906][   T51] Bluetooth: hci4: command tx timeout
[  422.303430][T10665] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1454'.
[  422.328653][T10665] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1454'.
[  422.579889][ T7937] team0 (unregistering): Port device team_slave_1 removed
[  422.671656][ T7937] team0 (unregistering): Port device team_slave_0 removed
[  422.771250][ T5966] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  422.938869][ T5966] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  422.954143][ T5966] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  422.964568][ T5966] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  422.975210][ T5966] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.989938][ T5966] usb 5-1: config 0 descriptor??
[  423.424148][ T5966] cp2112 0003:10C4:EA90.0014: unknown main item tag 0x0
[  423.441612][ T5966] cp2112 0003:10C4:EA90.0014: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.4-1/input0
[  423.538597][ T5140] Bluetooth: hci4: command tx timeout
[  423.625425][ T5966] cp2112 0003:10C4:EA90.0014: Part Number: 0x82 Device Version: 0xFE
[  424.250589][ T5966] cp2112 0003:10C4:EA90.0014: error reading lock byte: -32
[  424.258352][T10672] cp2112 0003:10C4:EA90.0014: Error starting transaction: -38
[  424.280665][ T5966] usb 5-1: USB disconnect, device number 28
[  425.507405][T10561] bridge0: port 1(bridge_slave_0) entered blocking state
[  425.543667][T10561] bridge0: port 1(bridge_slave_0) entered disabled state
[  425.550955][T10561] bridge_slave_0: entered allmulticast mode
[  425.592984][T10561] bridge_slave_0: entered promiscuous mode
[  425.611268][ T5140] Bluetooth: hci4: command 0x0419 tx timeout
[  425.636695][T10692] bridge_slave_0: left allmulticast mode
[  425.642518][T10692] bridge_slave_0: left promiscuous mode
[  425.649895][T10692] bridge0: port 1(bridge_slave_0) entered disabled state
[  425.678230][T10692] bridge_slave_1: left allmulticast mode
[  425.684325][T10692] bridge_slave_1: left promiscuous mode
[  425.690960][T10692] bridge0: port 2(bridge_slave_1) entered disabled state
[  425.757573][T10692] bond0: (slave bond_slave_0): Releasing backup interface
[  425.774739][T10692] bond0: (slave bond_slave_1): Releasing backup interface
[  425.805579][T10692] team0: Port device team_slave_0 removed
[  425.819453][T10692] team0: Port device team_slave_1 removed
[  425.832951][T10561] bridge0: port 2(bridge_slave_1) entered blocking state
[  425.844226][T10561] bridge0: port 2(bridge_slave_1) entered disabled state
[  425.862988][T10561] bridge_slave_1: entered allmulticast mode
[  425.879663][T10561] bridge_slave_1: entered promiscuous mode
[  426.035719][T10561] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  426.049300][T10561] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  426.127677][T10561] team0: Port device team_slave_0 added
[  426.147982][T10561] team0: Port device team_slave_1 added
[  426.214507][T10561] batman_adv: batadv0: Adding interface: batadv_slave_0
[  426.225817][T10561] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  426.282299][T10561] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  426.307235][T10561] batman_adv: batadv0: Adding interface: batadv_slave_1
[  426.319505][T10561] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  426.347039][T10561] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  426.514231][T10561] hsr_slave_0: entered promiscuous mode
[  426.521622][T10561] hsr_slave_1: entered promiscuous mode
[  426.528674][T10561] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  426.536999][T10561] Cannot create hsr debugfs directory
[  427.701488][ T5140] Bluetooth: hci4: command 0x0419 tx timeout
[  429.102848][T10771] x_tables: ip_tables: osf match: only valid for protocol 6
[  429.771219][ T5140] Bluetooth: hci4: command 0x0419 tx timeout
[  430.195171][T10561] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  430.234125][T10561] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  430.259587][T10561] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  430.284530][T10561] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  430.649766][T10561] 8021q: adding VLAN 0 to HW filter on device bond0
[  430.737404][T10561] 8021q: adding VLAN 0 to HW filter on device team0
[  430.773452][ T4556] bridge0: port 1(bridge_slave_0) entered blocking state
[  430.780649][ T4556] bridge0: port 1(bridge_slave_0) entered forwarding state
[  430.833212][ T7937] bridge0: port 2(bridge_slave_1) entered blocking state
[  430.840371][ T7937] bridge0: port 2(bridge_slave_1) entered forwarding state
[  430.920904][T10561] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  430.951452][T10561] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  431.478433][T10561] 8021q: adding VLAN 0 to HW filter on device batadv0
[  431.680123][T10561] veth0_vlan: entered promiscuous mode
[  431.734220][T10561] veth1_vlan: entered promiscuous mode
[  431.868449][T10561] veth0_macvtap: entered promiscuous mode
[  431.914160][T10561] veth1_macvtap: entered promiscuous mode
[  431.980059][   T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  432.003757][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  432.012730][   T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  432.037223][   T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  432.068113][   T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  432.143905][T10561] batman_adv: batadv0: Interface activated: batadv_slave_0
[  432.255888][T10561] batman_adv: batadv0: Interface activated: batadv_slave_1
[  432.309710][T10561] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  432.363343][T10561] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  432.381529][T10561] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  432.405206][T10561] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  432.473303][T10842] lo speed is unknown, defaulting to 1000
[  432.553019][T10842] lo speed is unknown, defaulting to 1000
[  432.760282][ T7937] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  432.787728][ T7937] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  433.016201][ T7937] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  433.065066][ T7937] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  433.687564][T10873] netlink: 'syz.1.1499': attribute type 10 has an invalid length.
[  433.704971][T10873] netlink: 'syz.1.1499': attribute type 27 has an invalid length.
[  433.805229][T10876] netlink: 'syz.5.1500': attribute type 1 has an invalid length.
[  434.024205][T10879] bond1: (slave veth3): Enslaving as an active interface with a down link
[  434.118176][T10876] bond1: (slave veth5): Enslaving as an active interface with a down link
[  434.172298][   T51] Bluetooth: hci2: command tx timeout
[  434.305461][ T1002] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  434.456335][T10884] syzkaller1: entered promiscuous mode
[  434.494009][T10884] syzkaller1: entered allmulticast mode
[  434.572005][T10898] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1503'.
[  434.624017][ T1002] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  434.767861][T10842] chnl_net:caif_netlink_parms(): no params data found
[  434.934430][ T1002] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  435.189458][ T1002] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  435.208178][ T5140] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  435.220780][ T5140] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  435.230031][ T5140] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  435.238213][ T5140] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  435.246523][ T5140] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  435.358023][T10929] lo speed is unknown, defaulting to 1000
[  435.367106][T10929] lo speed is unknown, defaulting to 1000
[  435.725430][T10842] bridge0: port 1(bridge_slave_0) entered blocking state
[  435.739930][T10842] bridge0: port 1(bridge_slave_0) entered disabled state
[  435.764617][T10842] bridge_slave_0: entered allmulticast mode
[  435.790813][T10842] bridge_slave_0: entered promiscuous mode
[  435.825276][T10842] bridge0: port 2(bridge_slave_1) entered blocking state
[  435.845471][T10842] bridge0: port 2(bridge_slave_1) entered disabled state
[  435.879663][T10842] bridge_slave_1: entered allmulticast mode
[  435.905710][T10842] bridge_slave_1: entered promiscuous mode
[  435.947726][T10949] netlink: 'syz.1.1513': attribute type 10 has an invalid length.
[  435.967960][T10949] netlink: 'syz.1.1513': attribute type 27 has an invalid length.
[  436.153783][T10842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  436.264692][T10842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  436.315111][ T5140] Bluetooth: hci2: command tx timeout
[  436.440788][ T1002] bridge_slave_1: left allmulticast mode
[  436.449099][ T1002] bridge_slave_1: left promiscuous mode
[  436.459936][ T1002] bridge0: port 2(bridge_slave_1) entered disabled state
[  436.475013][ T1002] bridge_slave_0: left allmulticast mode
[  436.480816][ T1002] bridge_slave_0: left promiscuous mode
[  436.500534][ T1002] bridge0: port 1(bridge_slave_0) entered disabled state
[  437.302786][ T5140] Bluetooth: hci4: command tx timeout
[  437.786757][ T1002] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  437.803182][ T1002] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  438.367476][ T5140] Bluetooth: hci2: command tx timeout
[  438.447658][ T1002] bond0 (unregistering): Released all slaves
[  438.629192][T10842] team0: Port device team_slave_0 added
[  438.913516][T10842] team0: Port device team_slave_1 added
[  439.296987][T10842] batman_adv: batadv0: Adding interface: batadv_slave_0
[  439.297005][T10842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  439.297044][T10842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  439.363501][T10495] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  439.382852][ T5140] Bluetooth: hci4: command tx timeout
[  439.387136][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  439.511347][T10495] usb 2-1: Using ep0 maxpacket: 8
[  439.558906][T10495] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  439.579293][T10495] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.599551][T10495] usb 2-1: Product: syz
[  439.608159][T10495] usb 2-1: Manufacturer: syz
[  439.642792][T10495] usb 2-1: SerialNumber: syz
[  439.669280][T10495] usb 2-1: config 0 descriptor??
[  439.706012][T10842] batman_adv: batadv0: Adding interface: batadv_slave_1
[  439.719166][T10842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  439.769606][T10842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  439.809549][T10996] netlink: 'syz.5.1525': attribute type 10 has an invalid length.
[  439.841238][T10996] netlink: 'syz.5.1525': attribute type 27 has an invalid length.
[  439.894788][T10495] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  440.203392][T10929] chnl_net:caif_netlink_parms(): no params data found
[  440.287262][T10842] hsr_slave_0: entered promiscuous mode
[  440.302397][T10842] hsr_slave_1: entered promiscuous mode
[  440.308775][T10842] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  440.329335][T10842] Cannot create hsr debugfs directory
[  440.382642][ T1002] hsr_slave_0: left promiscuous mode
[  440.389069][ T1002] hsr_slave_1: left promiscuous mode
[  440.396350][ T1002] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  440.404144][ T1002] batman_adv: batadv0: Removing interface: batadv_slave_0
[  440.412551][ T1002] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  440.420003][ T1002] batman_adv: batadv0: Removing interface: batadv_slave_1
[  440.421309][ T5140] Bluetooth: hci2: command tx timeout
[  440.452200][ T1002] veth1_macvtap: left promiscuous mode
[  440.457822][ T1002] veth0_macvtap: left promiscuous mode
[  440.463721][ T1002] veth1_vlan: left promiscuous mode
[  440.469201][ T1002] veth0_vlan: left promiscuous mode
[  440.769278][T10495] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  440.799294][T10495] usb 2-1: USB disconnect, device number 23
[  441.484799][ T5140] Bluetooth: hci4: command tx timeout
[  441.549349][ T1002] team0 (unregistering): Port device team_slave_1 removed
[  441.673339][ T1002] team0 (unregistering): Port device team_slave_0 removed
[  442.968197][T11035] XFS (nullb0): Invalid superblock magic number
[  443.399790][T11033] tipc: Started in network mode
[  443.414507][T11033] tipc: Node identity b6e16ac08f63, cluster identity 4711
[  443.422508][T11033] tipc: Enabled bearer <eth:syzkaller0>, priority 10
[  443.485216][T11040] tipc: Resetting bearer <eth:syzkaller0>
[  443.531298][ T5140] Bluetooth: hci4: command tx timeout
[  443.810431][T11029] tipc: Resetting bearer <eth:syzkaller0>
[  443.872538][T11057] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1539'.
[  444.517635][   T24] tipc: Node number set to 964848320
[  445.560926][T11029] tipc: Disabling bearer <eth:syzkaller0>
[  445.796051][T10929] bridge0: port 1(bridge_slave_0) entered blocking state
[  445.817990][T11073] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1543'.
[  445.827602][T10929] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.856323][T10929] bridge_slave_0: entered allmulticast mode
[  445.882534][T10929] bridge_slave_0: entered promiscuous mode
[  445.919791][T10929] bridge0: port 2(bridge_slave_1) entered blocking state
[  445.961367][T10929] bridge0: port 2(bridge_slave_1) entered disabled state
[  445.968670][T10929] bridge_slave_1: entered allmulticast mode
[  446.033089][T10929] bridge_slave_1: entered promiscuous mode
[  446.343843][T10929] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  446.427948][T10929] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  446.570674][T11104] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1551'.
[  446.616316][T10929] team0: Port device team_slave_0 added
[  446.705484][T10929] team0: Port device team_slave_1 added
[  446.784829][   T30] audit: type=1326 audit(1750821360.976:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11109 comm="syz.5.1553" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5c1fd8e929 code=0x0
[  446.786815][T11108] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  446.828247][T10929] batman_adv: batadv0: Adding interface: batadv_slave_0
[  446.837760][T10929] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  446.901184][T10929] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  446.930690][T10929] batman_adv: batadv0: Adding interface: batadv_slave_1
[  446.950077][T10929] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  446.979477][T10929] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  447.136013][T10929] hsr_slave_0: entered promiscuous mode
[  447.147451][T10929] hsr_slave_1: entered promiscuous mode
[  447.154315][T10929] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  447.163211][T10929] Cannot create hsr debugfs directory
[  447.169116][T10842] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  447.195854][T10842] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  447.206486][T10842] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  447.241747][T10842] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  447.761799][T10842] 8021q: adding VLAN 0 to HW filter on device bond0
[  447.914412][T10842] 8021q: adding VLAN 0 to HW filter on device team0
[  447.932645][ T1002] bridge0: port 1(bridge_slave_0) entered blocking state
[  447.939831][ T1002] bridge0: port 1(bridge_slave_0) entered forwarding state
[  448.009802][ T2961] bridge0: port 2(bridge_slave_1) entered blocking state
[  448.017079][ T2961] bridge0: port 2(bridge_slave_1) entered forwarding state
[  448.098651][T11146] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  448.170524][   T30] audit: type=1400 audit(1750821362.356:117): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=11145 comm="syz.5.1557" daddr=::ffff:172.20.20.59 dest=20003
[  448.416072][T10929] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  448.453073][T10929] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  448.480591][T10929] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  448.508040][T10929] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  448.616431][T11170] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1561'.
[  448.853535][T10842] 8021q: adding VLAN 0 to HW filter on device batadv0
[  449.380799][T10929] 8021q: adding VLAN 0 to HW filter on device bond0
[  449.474026][T10929] 8021q: adding VLAN 0 to HW filter on device team0
[  449.479225][T11186] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1564'.
[  449.522377][ T2991] bridge0: port 1(bridge_slave_0) entered blocking state
[  449.529576][ T2991] bridge0: port 1(bridge_slave_0) entered forwarding state
[  449.577432][ T7937] bridge0: port 2(bridge_slave_1) entered blocking state
[  449.584664][ T7937] bridge0: port 2(bridge_slave_1) entered forwarding state
[  449.912757][T11197] netlink: 'syz.0.1566': attribute type 10 has an invalid length.
[  449.961408][T11197] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  449.984485][T11197] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  450.250989][T10842] veth0_vlan: entered promiscuous mode
[  450.322895][T11209] netlink: 'syz.5.1563': attribute type 10 has an invalid length.
[  450.405324][T11212] tipc: Failed to remove unknown binding: 66,3,3/0:643750688/643750689
[  450.497582][T11209] 8021q: adding VLAN 0 to HW filter on device batadv0
[  450.558293][T11209] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  450.633745][T10842] veth1_vlan: entered promiscuous mode
[  450.696533][T10929] 8021q: adding VLAN 0 to HW filter on device batadv0
[  450.777777][T10842] veth0_macvtap: entered promiscuous mode
[  451.036755][T10842] veth1_macvtap: entered promiscuous mode
[  452.336705][T10842] batman_adv: batadv0: Interface activated: batadv_slave_0
[  452.413095][T10929] veth0_vlan: entered promiscuous mode
[  452.425326][T10842] batman_adv: batadv0: Interface activated: batadv_slave_1
[  452.455985][T10842] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  452.621252][T10842] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  452.650412][T10842] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  452.683933][T10842] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  452.762480][T10929] veth1_vlan: entered promiscuous mode
[  453.143088][T10929] veth0_macvtap: entered promiscuous mode
[  453.167949][ T1002] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  453.184231][T10929] veth1_macvtap: entered promiscuous mode
[  453.209286][ T1002] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  453.288263][T10929] batman_adv: batadv0: Interface activated: batadv_slave_0
[  453.847463][T10929] batman_adv: batadv0: Interface activated: batadv_slave_1
[  453.989655][ T2961] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  454.194275][ T2961] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  454.212742][T10929] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  454.332423][T10929] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  454.372651][T10929] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  454.384131][T10929] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  455.557507][T11268] overlayfs: failed to get index nlink (file1/bus, err=-61)
[  455.609460][T11271] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1579'.
[  455.797920][ T7937] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  455.905453][ T7937] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  456.126442][ T6740] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  456.228937][ T6740] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  457.873971][   T62] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.004481][   T62] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.126754][   T62] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.224447][   T62] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.871322][   T62] bridge_slave_1: left allmulticast mode
[  458.877022][   T62] bridge_slave_1: left promiscuous mode
[  458.917543][   T62] bridge0: port 2(bridge_slave_1) entered disabled state
[  459.003709][   T62] bridge_slave_0: left allmulticast mode
[  459.009417][   T62] bridge_slave_0: left promiscuous mode
[  459.083286][   T62] bridge0: port 1(bridge_slave_0) entered disabled state
[  460.151468][   T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  460.163726][   T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  460.187109][   T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  460.205635][   T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  460.213708][   T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  460.355332][T11365] netlink: 'syz.0.1596': attribute type 10 has an invalid length.
[  460.983927][T11383] xt_time: invalid argument - start or stop time greater than 23:59:59
[  461.012443][T11383] netlink: 'syz.5.1599': attribute type 1 has an invalid length.
[  461.050276][T11385] netlink: 'syz.5.1599': attribute type 1 has an invalid length.
[  461.585402][   T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  461.610922][   T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  461.635705][   T62] bond0 (unregistering): Released all slaves
[  461.701227][T11365] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  461.710839][T11365] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  461.890795][T11383] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  461.892776][T11385] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  462.125273][T11395] kvm: pic: level sensitive irq not supported
[  462.245347][T11395] kvm: pic: non byte read
[  462.256172][ T5140] Bluetooth: hci4: command tx timeout
[  462.276400][T11395] kvm: pic: non byte read
[  462.280882][T11395] kvm: pic: non byte read
[  462.444279][T11395] kvm: pic: level sensitive irq not supported
[  462.444327][T11395] kvm: pic: non byte read
[  462.504986][T11359] lo speed is unknown, defaulting to 1000
[  462.521505][T11395] kvm: pic: non byte read
[  462.540937][T11395] kvm: pic: level sensitive irq not supported
[  462.540998][T11395] kvm: pic: non byte read
[  462.579617][T11395] kvm: pic: non byte read
[  462.605731][T11395] kvm: pic: level sensitive irq not supported
[  462.605794][T11395] kvm: pic: non byte read
[  462.613549][T11359] lo speed is unknown, defaulting to 1000
[  462.675105][T11395] kvm: pic: non byte read
[  463.094393][T11412] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1604'.
[  463.712199][T11419] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1606'.
[  463.774303][T11419] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1606'.
[  464.362425][ T5140] Bluetooth: hci4: command tx timeout
[  464.933152][T11441] netlink: 'syz.5.1612': attribute type 10 has an invalid length.
[  465.016324][T11441] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  465.107357][T11441] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  465.374822][   T62] hsr_slave_0: left promiscuous mode
[  465.412849][   T62] hsr_slave_1: left promiscuous mode
[  465.430919][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  465.453961][   T62] batman_adv: batadv0: Removing interface: batadv_slave_0
[  465.487491][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  465.498202][   T62] batman_adv: batadv0: Removing interface: batadv_slave_1
[  465.536103][T11459] xt_time: invalid argument - start or stop time greater than 23:59:59
[  465.548756][T11459] netlink: 'syz.1.1614': attribute type 1 has an invalid length.
[  465.609167][T11460] netlink: 'syz.1.1614': attribute type 1 has an invalid length.
[  465.728330][   T62] veth1_macvtap: left promiscuous mode
[  465.753586][   T62] veth0_macvtap: left promiscuous mode
[  465.779689][   T62] veth1_vlan: left promiscuous mode
[  465.819632][   T62] veth0_vlan: left promiscuous mode
[  466.423054][ T5140] Bluetooth: hci4: command tx timeout
[  467.524796][T11479] netlink: 'syz.5.1619': attribute type 10 has an invalid length.
[  467.969072][   T62] team0 (unregistering): Port device team_slave_1 removed
[  468.017222][   T62] team0 (unregistering): Port device team_slave_0 removed
[  468.466616][T11459] workqueue: Failed to create a rescuer kthread for wq "bond7": -EINTR
[  468.468583][T11460] workqueue: Failed to create a rescuer kthread for wq "bond7": -EINTR
[  468.491279][ T5140] Bluetooth: hci4: command tx timeout
[  468.646049][ T7937] bridge0: port 2(bridge_slave_1) entered disabled state
[  468.727556][T11486] binder: 11484:11486 ioctl c0306201 200000000240 returned -14
[  469.138711][T11359] chnl_net:caif_netlink_parms(): no params data found
[  469.252910][T11512] netlink: 'syz.5.1625': attribute type 10 has an invalid length.
[  469.647436][T11512] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  469.661260][T11512] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  470.024831][T11359] bridge0: port 1(bridge_slave_0) entered blocking state
[  470.041233][T11359] bridge0: port 1(bridge_slave_0) entered disabled state
[  470.071547][T11359] bridge_slave_0: entered allmulticast mode
[  470.082475][T11359] bridge_slave_0: entered promiscuous mode
[  470.099987][T11359] bridge0: port 2(bridge_slave_1) entered blocking state
[  470.114630][T11359] bridge0: port 2(bridge_slave_1) entered disabled state
[  470.248972][T11359] bridge_slave_1: entered allmulticast mode
[  470.257341][T11359] bridge_slave_1: entered promiscuous mode
[  471.147705][T11536] netlink: 'syz.0.1630': attribute type 10 has an invalid length.
[  471.455863][T11359] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  471.623952][T11534] xt_time: invalid argument - start or stop time greater than 23:59:59
[  471.648365][T11359] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  471.725776][T11544] netlink: 'syz.1.1632': attribute type 1 has an invalid length.
[  471.743723][T11359] team0: Port device team_slave_0 added
[  471.754640][T11359] team0: Port device team_slave_1 added
[  471.786855][T11544] netlink: 'syz.1.1632': attribute type 1 has an invalid length.
[  471.994434][T11359] batman_adv: batadv0: Adding interface: batadv_slave_0
[  472.005211][T11359] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  472.042718][T11359] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  472.102780][T11359] batman_adv: batadv0: Adding interface: batadv_slave_1
[  472.127580][T11359] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  472.157119][T11359] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  472.284694][T11359] hsr_slave_0: entered promiscuous mode
[  472.292237][T11359] hsr_slave_1: entered promiscuous mode
[  472.299468][T11359] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  472.316982][T11359] Cannot create hsr debugfs directory
[  474.934262][T11587] netlink: 'syz.6.1641': attribute type 10 has an invalid length.
[  475.070750][T11591] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  475.109729][T11591] overlayfs: invalid redirect ((null))
[  477.374431][T11587] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  477.385586][T11587] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  477.811360][ T5966] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  477.831542][T11612] xt_time: invalid argument - start or stop time greater than 23:59:59
[  477.856421][T11612] netlink: 'syz.1.1648': attribute type 1 has an invalid length.
[  477.913930][T11620] netlink: 'syz.1.1648': attribute type 1 has an invalid length.
[  478.011182][ T5966] usb 7-1: Using ep0 maxpacket: 8
[  478.030579][ T5966] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  478.065694][ T5966] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  478.116819][ T5966] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  478.138275][ T5966] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  478.167134][ T5966] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  478.219190][ T5966] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  478.285768][ T5966] hub 7-1:1.0: bad descriptor, ignoring hub
[  478.302892][ T5966] hub 7-1:1.0: probe with driver hub failed with error -5
[  478.323013][ T5966] cdc_wdm 7-1:1.0: skipping garbage
[  478.345130][ T5966] cdc_wdm 7-1:1.0: skipping garbage
[  478.353613][T11359] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  478.386164][ T5966] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  478.542068][T11359] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  478.561843][ T5966] cdc_wdm 7-1:1.0: Unknown control protocol
[  478.566098][T11359] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  479.111641][ T5966] usb 7-1: USB disconnect, device number 2
[  479.200091][T11359] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  480.506705][T11359] 8021q: adding VLAN 0 to HW filter on device bond0
[  480.794938][T11359] 8021q: adding VLAN 0 to HW filter on device team0
[  481.137179][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  481.144442][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  481.259539][ T2946] bridge0: port 2(bridge_slave_1) entered blocking state
[  481.266773][ T2946] bridge0: port 2(bridge_slave_1) entered forwarding state
[  483.256398][T11359] 8021q: adding VLAN 0 to HW filter on device batadv0
[  483.586070][T11359] veth0_vlan: entered promiscuous mode
[  483.668913][T11359] veth1_vlan: entered promiscuous mode
[  484.408306][T11359] veth0_macvtap: entered promiscuous mode
[  484.424457][T11359] veth1_macvtap: entered promiscuous mode
[  484.450844][T11359] batman_adv: batadv0: Interface activated: batadv_slave_0
[  484.462667][T11359] batman_adv: batadv0: Interface activated: batadv_slave_1
[  484.485384][T11359] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  484.552628][T11359] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  484.569173][T11359] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  484.661273][T11359] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  485.994296][ T2946] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  486.027174][ T2946] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  486.283363][ T2991] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  486.322342][ T2991] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  488.104229][T11754] netlink: 'syz.0.1671': attribute type 1 has an invalid length.
[  488.160106][T11756] netlink: 'syz.0.1671': attribute type 1 has an invalid length.
[  488.278250][ T4556] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  488.492424][ T4556] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  488.565033][ T4556] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  488.673465][ T4556] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  488.952239][ T4556] bridge_slave_1: left allmulticast mode
[  488.976117][ T4556] bridge_slave_1: left promiscuous mode
[  489.007903][T11768] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1673'.
[  489.017174][ T4556] bridge0: port 2(bridge_slave_1) entered disabled state
[  489.042423][ T4556] bridge_slave_0: left allmulticast mode
[  489.048321][ T4556] bridge_slave_0: left promiscuous mode
[  489.054959][ T4556] bridge0: port 1(bridge_slave_0) entered disabled state
[  489.350864][T11773] netlink: 'syz.5.1676': attribute type 10 has an invalid length.
[  489.693004][   T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  489.703463][   T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  489.727318][   T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  489.745539][   T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  489.757600][   T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  489.786634][ T4556] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  489.799687][ T4556] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  489.812007][ T4556] bond0 (unregistering): Released all slaves
[  489.935933][T11773] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  489.947361][T11773] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  490.911158][T11775] lo speed is unknown, defaulting to 1000
[  490.924876][T11775] lo speed is unknown, defaulting to 1000
[  491.861165][ T5140] Bluetooth: hci4: command tx timeout
[  493.939347][ T5140] Bluetooth: hci4: command tx timeout
[  494.687870][ T4556] hsr_slave_0: left promiscuous mode
[  494.714402][ T4556] hsr_slave_1: left promiscuous mode
[  494.730238][ T4556] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  494.759460][ T4556] batman_adv: batadv0: Removing interface: batadv_slave_0
[  494.785480][ T4556] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  494.795471][ T4556] batman_adv: batadv0: Removing interface: batadv_slave_1
[  494.830791][ T4556] veth1_macvtap: left promiscuous mode
[  494.838321][ T4556] veth0_macvtap: left promiscuous mode
[  494.846067][ T4556] veth1_vlan: left promiscuous mode
[  494.854521][ T4556] veth0_vlan: left promiscuous mode
[  494.945928][T11836] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  494.953070][T11836] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  494.969397][T11838] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1690'.
[  495.688524][ T4556] team0 (unregistering): Port device team_slave_1 removed
[  495.769892][ T4556] team0 (unregistering): Port device team_slave_0 removed
[  496.011442][ T5140] Bluetooth: hci4: command tx timeout
[  496.124255][T11861] nla_validate_range_unsigned: 11 callbacks suppressed
[  496.124275][T11861] netlink: 'syz.5.1697': attribute type 11 has an invalid length.
[  497.235822][T11883] netlink: 'syz.6.1700': attribute type 10 has an invalid length.
[  497.268331][T11883] 8021q: adding VLAN 0 to HW filter on device batadv0
[  497.295465][T11883] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  497.647835][T11775] chnl_net:caif_netlink_parms(): no params data found
[  498.206154][ T5140] Bluetooth: hci4: command tx timeout
[  498.754713][T11775] bridge0: port 1(bridge_slave_0) entered blocking state
[  498.944725][T11775] bridge0: port 1(bridge_slave_0) entered disabled state
[  499.492487][T11775] bridge_slave_0: entered allmulticast mode
[  499.561355][T11775] bridge_slave_0: entered promiscuous mode
[  499.592874][T11775] bridge0: port 2(bridge_slave_1) entered blocking state
[  499.618356][T11908] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  499.620942][T11775] bridge0: port 2(bridge_slave_1) entered disabled state
[  499.671509][T11775] bridge_slave_1: entered allmulticast mode
[  499.679404][T11775] bridge_slave_1: entered promiscuous mode
[  499.704485][ T1002] Bluetooth: hci5: Frame reassembly failed (-84)
[  499.733674][T11910] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  500.857584][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  500.925040][T11775] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  501.691726][ T5140] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  502.112044][T11775] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  502.264970][T11931] macsec1: entered promiscuous mode
[  502.289483][T11931] bond0: entered promiscuous mode
[  502.319065][T11931] bond0: left promiscuous mode
[  502.585033][T11775] team0: Port device team_slave_0 added
[  502.647479][T11775] team0: Port device team_slave_1 added
[  502.890515][T11775] batman_adv: batadv0: Adding interface: batadv_slave_0
[  502.898773][T11775] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  502.925497][T11775] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  503.159548][T11775] batman_adv: batadv0: Adding interface: batadv_slave_1
[  503.289249][T11775] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  503.435987][T11775] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  504.299532][T11775] hsr_slave_0: entered promiscuous mode
[  504.333176][T11775] hsr_slave_1: entered promiscuous mode
[  504.380095][T11775] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  504.448551][T11775] Cannot create hsr debugfs directory
[  505.059184][T11984] syzkaller0: entered promiscuous mode
[  505.064969][T11984] syzkaller0: entered allmulticast mode
[  505.629518][T11983] loop4: detected capacity change from 0 to 7
[  505.913427][T11983] Dev loop4: unable to read RDB block 7
[  505.920377][T11983]  loop4: unable to read partition table
[  505.926778][T11983] loop4: partition table beyond EOD, truncated
[  505.981425][T11983] loop_reread_partitions: partition scan of loop4 (3Ÿ¾‚³˜) failed (rc=-5)
[  506.005416][T11998] overlayfs: failed to get inode (-116)
[  506.019796][T11998] overlayfs: failed to look up (bus) for ino (-116)
[  508.227284][T12009] netlink: 'syz.1.1731': attribute type 1 has an invalid length.
[  508.442133][T12017] netlink: 'syz.1.1731': attribute type 1 has an invalid length.
[  510.224560][T12028] kvm: pic: non byte read
[  510.311624][T12028] kvm: pic: non byte read
[  510.778330][T12028] kvm: pic: non byte read
[  510.803990][T12028] kvm: pic: non byte read
[  510.817069][T12028] kvm: pic: non byte read
[  510.822851][T12028] kvm: pic: non byte read
[  510.828934][T12028] kvm: pic: non byte read
[  510.855088][T12028] kvm: pic: non byte read
[  510.857527][T12039] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1735'.
[  510.859629][T12028] kvm: pic: non byte read
[  511.002688][T12028] kvm: pic: non byte read
[  513.315304][T12056] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1740'.
[  514.045001][T11775] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  514.227971][T11775] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  514.297030][T11775] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  514.805636][T11775] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  514.841326][T12085] netlink: 'syz.5.1747': attribute type 1 has an invalid length.
[  514.932843][T12091] netlink: 'syz.5.1747': attribute type 1 has an invalid length.
[  517.819781][T11775] 8021q: adding VLAN 0 to HW filter on device bond0
[  518.802932][T11775] 8021q: adding VLAN 0 to HW filter on device team0
[  518.944514][ T2961] bridge0: port 1(bridge_slave_0) entered blocking state
[  518.951763][ T2961] bridge0: port 1(bridge_slave_0) entered forwarding state
[  518.967703][T12143] netlink: 'syz.0.1758': attribute type 10 has an invalid length.
[  519.003790][ T2961] bridge0: port 2(bridge_slave_1) entered blocking state
[  519.011070][ T2961] bridge0: port 2(bridge_slave_1) entered forwarding state
[  519.216410][T12143] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  519.258228][T12143] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  519.711271][T12161] netlink: 'syz.1.1760': attribute type 10 has an invalid length.
[  520.194747][T12164] netlink: 'syz.6.1761': attribute type 4 has an invalid length.
[  520.245189][T12165] netlink: 'syz.6.1761': attribute type 4 has an invalid length.
[  520.386320][   T30] audit: type=1326 audit(1750821434.576:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12162 comm="syz.6.1761" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f113ef8e929 code=0x0
[  521.211488][T12174] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  523.055788][T11775] 8021q: adding VLAN 0 to HW filter on device batadv0
[  523.072491][T12181] netlink: 'syz.1.1764': attribute type 1 has an invalid length.
[  523.360635][T12184] netlink: 'syz.1.1764': attribute type 1 has an invalid length.
[  524.908557][T11775] veth0_vlan: entered promiscuous mode
[  524.985627][T11775] veth1_vlan: entered promiscuous mode
[  525.135908][T11775] veth0_macvtap: entered promiscuous mode
[  525.226376][T11775] veth1_macvtap: entered promiscuous mode
[  525.413597][T11775] batman_adv: batadv0: Interface activated: batadv_slave_0
[  525.488901][T11775] batman_adv: batadv0: Interface activated: batadv_slave_1
[  525.545785][T11775] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  525.591201][T11775] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  525.669065][T11775] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  525.699381][T11775] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  526.135934][ T1002] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  526.209830][ T1002] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  526.428293][ T1002] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  526.450938][ T1002] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  529.603377][   T62] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  529.672228][T12264] @: renamed from vlan0 (while UP)
[  529.799328][   T62] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  529.907108][   T62] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  530.089184][   T62] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  530.391211][   T62] bridge_slave_1: left allmulticast mode
[  530.396917][   T62] bridge_slave_1: left promiscuous mode
[  530.436311][T12286] loop5: detected capacity change from 0 to 1
[  530.443620][   T62] bridge0: port 2(bridge_slave_1) entered disabled state
[  530.900693][   T62] bridge_slave_0: left allmulticast mode
[  530.925067][   T62] bridge_slave_0: left promiscuous mode
[  530.959824][   T62] bridge0: port 1(bridge_slave_0) entered disabled state
[  531.702125][T12316] netlink: 'syz.6.1786': attribute type 10 has an invalid length.
[  532.256335][T12305] syz.5.1785: vmalloc error: size 2768896, failed to allocated page array size 5408, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[  532.275775][T12305] CPU: 0 UID: 0 PID: 12305 Comm: syz.5.1785 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  532.275801][T12305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  532.275819][T12305] Call Trace:
[  532.275829][T12305]  <TASK>
[  532.275838][T12305]  dump_stack_lvl+0x189/0x250
[  532.275873][T12305]  ? __pfx_dump_stack_lvl+0x10/0x10
[  532.275897][T12305]  ? __pfx__printk+0x10/0x10
[  532.275915][T12305]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  532.275942][T12305]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  532.275971][T12305]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  532.276000][T12305]  warn_alloc+0x214/0x310
[  532.276029][T12305]  ? __pfx_warn_alloc+0x10/0x10
[  532.276061][T12305]  ? __get_vm_area_node+0x28f/0x300
[  532.276083][T12305]  ? vb2_vmalloc_alloc+0xef/0x340
[  532.276105][T12305]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  532.276157][T12305]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  532.276186][T12305]  ? __kasan_kmalloc+0x93/0xb0
[  532.276209][T12305]  vmalloc_user_noprof+0xad/0xf0
[  532.276231][T12305]  ? vb2_vmalloc_alloc+0xef/0x340
[  532.276251][T12305]  vb2_vmalloc_alloc+0xef/0x340
[  532.276266][T12305]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  532.276284][T12305]  __vb2_queue_alloc+0x9bf/0x15a0
[  532.276334][T12305]  vb2_core_reqbufs+0xc31/0x1420
[  532.276378][T12305]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  532.276401][T12305]  ? vb2_verify_memory_type+0x1fc/0x570
[  532.276428][T12305]  ? vb2_reqbufs+0x3a9/0x630
[  532.276461][T12305]  v4l2_m2m_ioctl_reqbufs+0x10d/0x200
[  532.276486][T12305]  __video_do_ioctl+0xc9b/0xdb0
[  532.276521][T12305]  ? __pfx___video_do_ioctl+0x10/0x10
[  532.276552][T12305]  video_usercopy+0x86e/0x14f0
[  532.276581][T12305]  ? __pfx___video_do_ioctl+0x10/0x10
[  532.276599][T12305]  ? __pfx_video_usercopy+0x10/0x10
[  532.276614][T12305]  ? smack_file_ioctl+0x2a9/0x340
[  532.276652][T12305]  ? __fget_files+0x2a/0x420
[  532.276673][T12305]  ? __fget_files+0x3a0/0x420
[  532.276699][T12305]  v4l2_ioctl+0x18a/0x1e0
[  532.276717][T12305]  ? __pfx_v4l2_ioctl+0x10/0x10
[  532.276733][T12305]  __se_sys_ioctl+0xf9/0x170
[  532.276753][T12305]  do_syscall_64+0xfa/0x3b0
[  532.276777][T12305]  ? lockdep_hardirqs_on+0x9c/0x150
[  532.276799][T12305]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.276816][T12305]  ? clear_bhb_loop+0x60/0xb0
[  532.276838][T12305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.276854][T12305] RIP: 0033:0x7f5c1fd8e929
[  532.276875][T12305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  532.276891][T12305] RSP: 002b:00007f5c20c44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  532.276910][T12305] RAX: ffffffffffffffda RBX: 00007f5c1ffb5fa0 RCX: 00007f5c1fd8e929
[  532.276923][T12305] RDX: 0000200000000000 RSI: 00000000c0145608 RDI: 0000000000000006
[  532.276935][T12305] RBP: 00007f5c1fe10b39 R08: 0000000000000000 R09: 0000000000000000
[  532.276947][T12305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  532.276957][T12305] R13: 0000000000000000 R14: 00007f5c1ffb5fa0 R15: 00007ffe40233da8
[  532.276986][T12305]  </TASK>
[  532.276997][T12305] Mem-Info:
[  532.338623][   T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  532.445837][T12305] active_anon:257 inactive_anon:13536 isolated_anon:0
[  532.445837][T12305]  active_file:18070 inactive_file:35932 isolated_file:0
[  532.445837][T12305]  unevictable:768 dirty:300 writeback:0
[  532.445837][T12305]  slab_reclaimable:10961 slab_unreclaimable:110830
[  532.445837][T12305]  mapped:41391 shmem:4233 pagetables:1411
[  532.445837][T12305]  sec_pagetables:0 bounce:0
[  532.445837][T12305]  kernel_misc_reclaimable:0
[  532.445837][T12305]  free:1292003 free_pcp:9679 free_cma:0
[  532.452009][   T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  532.467584][T12305] Node 0 active_anon:1028kB inactive_anon:54044kB active_file:72072kB inactive_file:143728kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:165564kB dirty:1200kB writeback:0kB shmem:15396kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:13820kB pagetables:5488kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  532.470805][   T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  532.507785][T12305] Node 1 active_anon:0kB inactive_anon:0kB active_file:208kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  532.513104][   T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  532.545544][T12305] Node 0 
[  532.549745][   T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  532.571282][T12305] DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  532.778326][T12305] lowmem_reserve[]: 0 2501 2503 2503 2503
[  532.811230][T12305] Node 0 DMA32 free:1251524kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1024kB inactive_anon:54104kB active_file:70308kB inactive_file:143660kB unevictable:1536kB writepending:1196kB present:3129332kB managed:2561468kB mlocked:0kB bounce:0kB free_pcp:22036kB local_pcp:13504kB free_cma:0kB
[  532.851556][T12305] lowmem_reserve[]: 0 0 1 1 1
[  532.862688][T12305] Node 0 Normal free:20kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:40kB active_file:1764kB inactive_file:68kB unevictable:0kB writepending:4kB present:1048580kB managed:1904kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  532.912819][T12305] lowmem_reserve[]: 0 0 0 0 0
[  532.917613][T12305] Node 1 Normal free:3901108kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:208kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:16640kB local_pcp:7360kB free_cma:0kB
[  532.966775][T12305] lowmem_reserve[]: 0 0 0 0 0
[  533.006542][T12305] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  533.019796][T12305] Node 0 DMA32: 12*4kB (ME) 5*8kB (E) 20*16kB (UE) 113*32kB (ME) 261*64kB (UME) 75*128kB (UME) 37*256kB (ME) 66*512kB (UM) 70*1024kB (UME) 16*2048kB (UME) 262*4096kB (UM) = 1251192kB
[  533.042170][T12305] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB
[  533.055850][T12305] Node 1 Normal: 195*4kB (UME) 47*8kB (UME) 45*16kB (UME) 97*32kB (UME) 37*64kB (UME) 6*128kB (UME) 3*256kB (UM) 2*512kB (UM) 2*1024kB (ME) 1*2048kB (E) 949*4096kB (M) = 3901108kB
[  533.075353][T12305] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  533.085693][T12305] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  533.107964][T12305] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  533.142673][T12305] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  533.170931][T12305] 58231 total pagecache pages
[  533.184995][T12305] 0 pages in swap cache
[  533.192966][T12305] Free swap  = 124996kB
[  533.197352][T12305] Total swap = 124996kB
[  533.218814][T12305] 2097051 pages RAM
[  533.225177][T12305] 0 pages HighMem/MovableOnly
[  533.230050][T12305] 424577 pages reserved
[  533.240536][T12305] 0 pages cma reserved
[  533.354745][   T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  533.378869][   T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  533.393426][   T62] bond0 (unregistering): Released all slaves
[  534.209459][T12323] lo speed is unknown, defaulting to 1000
[  534.233310][T12323] lo speed is unknown, defaulting to 1000
[  534.669160][   T51] Bluetooth: hci4: command tx timeout
[  535.293516][T12360] xt_time: invalid argument - start or stop time greater than 23:59:59
[  535.307583][T12360] netlink: 'syz.5.1790': attribute type 1 has an invalid length.
[  535.386678][T12361] netlink: 'syz.5.1790': attribute type 1 has an invalid length.
[  537.363069][   T51] Bluetooth: hci4: command tx timeout
[  537.524245][T12360] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[  537.525346][T12361] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[  538.541489][ T5919] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  538.787921][T12382] overlayfs: statfs failed on './file0'
[  538.788125][T12386] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  538.821262][ T5919] usb 6-1: Using ep0 maxpacket: 8
[  538.840575][ T5919] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  538.878087][ T5919] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  538.922807][ T5919] usb 6-1: config 0 descriptor??
[  539.050867][   T62] hsr_slave_0: left promiscuous mode
[  539.080576][   T62] hsr_slave_1: left promiscuous mode
[  539.106850][T12391] netlink: 'syz.6.1796': attribute type 10 has an invalid length.
[  539.126587][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  539.162160][   T62] batman_adv: batadv0: Removing interface: batadv_slave_0
[  539.205231][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  539.239316][   T62] batman_adv: batadv0: Removing interface: batadv_slave_1
[  539.371231][   T51] Bluetooth: hci4: command tx timeout
[  539.437751][   T62] veth1_macvtap: left promiscuous mode
[  539.467619][   T62] veth0_macvtap: left promiscuous mode
[  539.479634][   T62] veth1_vlan: left promiscuous mode
[  539.493511][   T62] veth0_vlan: left promiscuous mode
[  540.814204][   T62] team0 (unregistering): Port device team_slave_1 removed
[  540.888583][   T62] team0 (unregistering): Port device team_slave_0 removed
[  541.452861][   T51] Bluetooth: hci4: command tx timeout
[  541.529280][T12391] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  541.539198][T12391] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  541.561179][T12400] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1797'.
[  541.764470][   T30] audit: type=1400 audit(1750821455.936:119): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=12438 comm="syz.0.1801" daddr=::ffff:172.20.20.0
[  541.801752][ T5919] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  541.813146][ T5919] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[  541.825889][ T5919] asix 6-1:0.0: probe with driver asix failed with error -71
[  541.837882][ T5919] usb 6-1: USB disconnect, device number 2
[  542.028279][T12323] chnl_net:caif_netlink_parms(): no params data found
[  544.425164][T12323] bridge0: port 1(bridge_slave_0) entered blocking state
[  544.450270][T12323] bridge0: port 1(bridge_slave_0) entered disabled state
[  544.461262][T12323] bridge_slave_0: entered allmulticast mode
[  544.469067][T12323] bridge_slave_0: entered promiscuous mode
[  544.490019][T12323] bridge0: port 2(bridge_slave_1) entered blocking state
[  544.511138][T12323] bridge0: port 2(bridge_slave_1) entered disabled state
[  544.518436][T12323] bridge_slave_1: entered allmulticast mode
[  544.682884][T12323] bridge_slave_1: entered promiscuous mode
[  545.161985][T12477] netlink: 'syz.5.1809': attribute type 10 has an invalid length.
[  545.501584][T12477] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  545.544352][T12477] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  545.666803][T12323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  545.700745][T12323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  546.037085][T12323] team0: Port device team_slave_0 added
[  546.069457][T12323] team0: Port device team_slave_1 added
[  546.255109][T12497] netlink: 'syz.0.1807': attribute type 10 has an invalid length.
[  546.318953][T12323] batman_adv: batadv0: Adding interface: batadv_slave_0
[  546.329971][T12323] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  546.393999][T12323] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  546.423554][T12323] batman_adv: batadv0: Adding interface: batadv_slave_1
[  546.439009][T12323] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  546.536983][T12323] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  546.836804][T12323] hsr_slave_0: entered promiscuous mode
[  546.848678][T12323] hsr_slave_1: entered promiscuous mode
[  546.857817][T12323] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  546.870753][T12323] Cannot create hsr debugfs directory
[  551.313451][T12546] netlink: 'syz.0.1821': attribute type 10 has an invalid length.
[  551.384253][T12546] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  551.423784][T12546] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  551.758557][T12555] netlink: 'syz.6.1824': attribute type 1 has an invalid length.
[  551.818449][T12554] netlink: 'syz.6.1824': attribute type 1 has an invalid length.
[  551.876381][T12323] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  551.898519][T12323] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  551.989898][T12559] netlink: 'syz.1.1820': attribute type 10 has an invalid length.
[  551.997339][T12323] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  552.018582][T12323] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  552.319133][T12323] 8021q: adding VLAN 0 to HW filter on device bond0
[  552.393199][T12323] 8021q: adding VLAN 0 to HW filter on device team0
[  552.452618][   T62] bridge0: port 1(bridge_slave_0) entered blocking state
[  552.459823][   T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[  552.520289][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  552.527539][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  553.680353][T12598] netlink: 'syz.6.1825': attribute type 10 has an invalid length.
[  553.960234][T12323] 8021q: adding VLAN 0 to HW filter on device batadv0
[  554.148466][T12323] veth0_vlan: entered promiscuous mode
[  554.217075][T12323] veth1_vlan: entered promiscuous mode
[  554.317688][T12608] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 101
[  554.360801][T12608] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1832'.
[  554.364531][T12323] veth0_macvtap: entered promiscuous mode
[  554.419343][T12323] veth1_macvtap: entered promiscuous mode
[  554.545392][T12323] batman_adv: batadv0: Interface activated: batadv_slave_0
[  554.632789][T12323] batman_adv: batadv0: Interface activated: batadv_slave_1
[  554.666132][T12323] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  554.701051][T12323] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  554.719976][T12323] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  554.745575][T12323] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  555.254505][T12621] netlink: 'syz.0.1831': attribute type 10 has an invalid length.
[  555.671449][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  555.715144][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  555.921144][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  555.929016][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  556.204067][ T5962] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  557.153348][T12644] netlink: 'syz.6.1837': attribute type 10 has an invalid length.
[  557.395824][T12644] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  557.428432][T12644] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  557.832159][T12648] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1838'.
[  558.209482][ T2991] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  559.414437][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  560.254373][ T2991] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  560.625052][ T2991] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  560.764546][ T2991] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  561.084851][ T2991] bridge_slave_1: left allmulticast mode
[  561.090552][ T2991] bridge_slave_1: left promiscuous mode
[  561.111643][ T2991] bridge0: port 2(bridge_slave_1) entered disabled state
[  561.125775][ T2991] bridge_slave_0: left allmulticast mode
[  561.132011][ T2991] bridge_slave_0: left promiscuous mode
[  561.137843][ T2991] bridge0: port 1(bridge_slave_0) entered disabled state
[  561.154031][ T5962] usb 6-1: unable to get BOS descriptor or descriptor too short
[  561.167612][ T5962] usb 6-1: unable to read config index 0 descriptor/start: -71
[  561.186213][ T5962] usb 6-1: can't read configurations, error -71
[  561.567590][T12664] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  561.580556][T12664] qnx6: wrong signature (magic) in superblock #1.
[  561.587242][T12664] qnx6: unable to read the first superblock
[  561.885148][T12665] xt_time: invalid argument - start or stop time greater than 23:59:59
[  561.925576][T12665] netlink: 'syz.0.1840': attribute type 1 has an invalid length.
[  561.979005][T12667] netlink: 'syz.0.1840': attribute type 1 has an invalid length.
[  562.255636][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  562.857518][T12676] netlink: 'syz.5.1842': attribute type 10 has an invalid length.
[  563.203963][T12678] PM: Enabling pm_trace changes system date and time during resume.
[  563.203963][T12678] PM: Correct system time has to be restored manually after resume.
[  563.528733][ T2991] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  563.568580][ T2991] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  563.608962][ T2991] bond0 (unregistering): Released all slaves
[  563.712035][   T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  563.735344][   T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  563.757460][   T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  563.766541][   T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  563.777794][   T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  563.989926][T12665] workqueue: Failed to create a rescuer kthread for wq "bond11": -EINTR
[  564.000187][T12667] workqueue: Failed to create a rescuer kthread for wq "bond11": -EINTR
[  565.259572][T12679] lo speed is unknown, defaulting to 1000
[  565.521067][T12679] lo speed is unknown, defaulting to 1000
[  566.713721][   T51] Bluetooth: hci4: command tx timeout
[  567.007680][T12720] netlink: 'syz.6.1848': attribute type 10 has an invalid length.
[  567.529927][T12725] netlink: 'syz.1.1854': attribute type 39 has an invalid length.
[  568.912659][   T51] Bluetooth: hci4: command tx timeout
[  570.971312][ T5140] Bluetooth: hci4: command tx timeout
[  571.731853][ T2991] hsr_slave_0: left promiscuous mode
[  572.039104][ T2991] hsr_slave_1: left promiscuous mode
[  572.081871][ T2991] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  572.089402][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_0
[  572.191573][ T2991] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  572.199042][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_1
[  572.276822][ T2991] veth1_macvtap: left promiscuous mode
[  572.290379][ T2991] veth0_macvtap: left promiscuous mode
[  572.316378][ T2991] veth1_vlan: left promiscuous mode
[  572.323256][ T2991] veth0_vlan: left promiscuous mode
[  573.051330][ T5140] Bluetooth: hci4: command tx timeout
[  574.936798][T12782] netlink: 'syz.1.1860': attribute type 10 has an invalid length.
[  575.800365][T12794] netlink: 'syz.0.1868': attribute type 10 has an invalid length.
[  575.996363][ T2991] team0 (unregistering): Port device team_slave_1 removed
[  576.054857][ T2991] team0 (unregistering): Port device team_slave_0 removed
[  578.749670][T12816] binder: 12813:12816 ioctl 4018620d 0 returned -22
[  580.511216][T12679] chnl_net:caif_netlink_parms(): no params data found
[  581.696715][T12679] bridge0: port 1(bridge_slave_0) entered blocking state
[  581.734208][T12679] bridge0: port 1(bridge_slave_0) entered disabled state
[  581.890010][T12679] bridge_slave_0: entered allmulticast mode
[  582.123580][T12679] bridge_slave_0: entered promiscuous mode
[  582.186206][T12679] bridge0: port 2(bridge_slave_1) entered blocking state
[  582.193458][T12679] bridge0: port 2(bridge_slave_1) entered disabled state
[  582.200732][T12679] bridge_slave_1: entered allmulticast mode
[  582.221471][T12679] bridge_slave_1: entered promiscuous mode
[  582.496278][T12679] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  582.591616][T12863] netlink: 'syz.1.1880': attribute type 10 has an invalid length.
[  582.954530][T12679] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  584.305947][T12876] xt_time: invalid argument - start or stop time greater than 23:59:59
[  584.319166][T12876] netlink: 'syz.5.1886': attribute type 1 has an invalid length.
[  584.338627][T12679] team0: Port device team_slave_0 added
[  584.358039][T12679] team0: Port device team_slave_1 added
[  584.480433][T12878] netlink: 'syz.5.1886': attribute type 1 has an invalid length.
[  584.751197][T12882] netlink: 'syz.6.1887': attribute type 10 has an invalid length.
[  586.004609][T12679] batman_adv: batadv0: Adding interface: batadv_slave_0
[  586.040927][T12679] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  586.157724][T12679] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  586.211847][T12896] netlink: 'syz.1.1888': attribute type 10 has an invalid length.
[  586.950901][T12679] batman_adv: batadv0: Adding interface: batadv_slave_1
[  586.964883][T12679] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  587.600010][T12679] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  588.221862][T12679] hsr_slave_0: entered promiscuous mode
[  588.242110][T12679] hsr_slave_1: entered promiscuous mode
[  588.249310][T12679] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  588.261879][T12679] Cannot create hsr debugfs directory
[  589.673110][T12929] netlink: 'syz.6.1895': attribute type 10 has an invalid length.
[  590.734286][T12930] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  591.285903][T12679] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  591.324828][T12679] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  591.406544][T12679] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  591.466652][T12679] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  591.712714][T12949] xt_time: invalid argument - start or stop time greater than 23:59:59
[  591.770147][T12949] netlink: 'syz.5.1898': attribute type 1 has an invalid length.
[  591.842584][T12950] netlink: 'syz.5.1898': attribute type 1 has an invalid length.
[  592.635337][T12679] 8021q: adding VLAN 0 to HW filter on device bond0
[  592.772937][T12679] 8021q: adding VLAN 0 to HW filter on device team0
[  592.845906][ T6309] bridge0: port 1(bridge_slave_0) entered blocking state
[  592.853150][ T6309] bridge0: port 1(bridge_slave_0) entered forwarding state
[  593.191288][ T5962] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  593.395580][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  593.402781][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  593.513283][ T5962] usb 2-1: config 1 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  593.546570][ T5962] usb 2-1: config 1 interface 0 has no altsetting 0
[  593.552758][T12679] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  593.577223][ T5962] usb 2-1: New USB device found, idVendor=05ac, idProduct=0241, bcdDevice= 0.40
[  593.595623][ T5962] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  593.705065][ T5962] usb 2-1: Product: syz
[  593.715514][ T5962] usb 2-1: Manufacturer: syz
[  593.721330][ T5962] usb 2-1: SerialNumber: syz
[  594.797945][   T30] audit: type=1400 audit(1750821508.856:120): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=12979 comm="syz.6.1904" dest=20000
[  595.262956][T12679] 8021q: adding VLAN 0 to HW filter on device batadv0
[  595.735749][T12679] veth0_vlan: entered promiscuous mode
[  595.742746][ T5962] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input18
[  595.791704][ T5175] bcm5974 2-1:1.0: could not read from device
[  595.837944][T12679] veth1_vlan: entered promiscuous mode
[  595.863411][ T5962] usb 2-1: USB disconnect, device number 24
[  595.897951][ T5175] bcm5974 2-1:1.0: could not read from device
[  596.155885][T12679] veth0_macvtap: entered promiscuous mode
[  596.234156][T12679] veth1_macvtap: entered promiscuous mode
[  596.283586][T12997] netlink: 'syz.1.1906': attribute type 10 has an invalid length.
[  596.438956][T12679] batman_adv: batadv0: Interface activated: batadv_slave_0
[  596.457713][T12679] batman_adv: batadv0: Interface activated: batadv_slave_1
[  597.282879][T12679] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  597.352700][T12679] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  597.443984][T12679] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  597.453771][T12679] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  597.730765][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  597.758547][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  597.840139][T13026] netlink: 'syz.6.1907': attribute type 10 has an invalid length.
[  597.913562][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  597.946457][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  599.186455][T13034] binder: 13033:13034 ioctl 400c620e 200000000600 returned -22
[  599.243812][T13034] binder: 13033:13034 ioctl c0306201 2000000003c0 returned -14
[  599.706050][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  600.297949][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  600.396903][T13042] netlink: 'syz.0.1914': attribute type 10 has an invalid length.
[  600.483146][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  600.806128][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  601.071327][   T12] bridge_slave_1: left allmulticast mode
[  601.079009][   T12] bridge_slave_1: left promiscuous mode
[  601.088769][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  601.113539][   T12] bridge_slave_0: left allmulticast mode
[  601.119230][   T12] bridge_slave_0: left promiscuous mode
[  601.142168][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  601.620071][T13072] random: crng reseeded on system resumption
[  602.271573][T13075] overlayfs: conflicting lowerdir path
[  602.531719][T13083] netlink: 'syz.0.1918': attribute type 2 has an invalid length.
[  603.162523][T13093] netlink: 'syz.5.1919': attribute type 10 has an invalid length.
[  603.327986][T13096] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1919'.
[  604.201047][T13098] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  605.444032][   T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  605.455254][   T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  605.464385][   T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  605.474218][   T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  605.483627][   T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  605.570032][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  605.594649][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  605.650620][   T12] bond0 (unregistering): Released all slaves
[  605.687819][T13093] bridge0: port 2(bridge_slave_1) entered disabled state
[  605.695623][T13093] bridge0: port 1(bridge_slave_0) entered disabled state
[  606.363947][T13093] bridge0: port 2(bridge_slave_1) entered blocking state
[  606.371187][T13093] bridge0: port 2(bridge_slave_1) entered forwarding state
[  606.379776][T13093] bridge0: port 1(bridge_slave_0) entered blocking state
[  606.387022][T13093] bridge0: port 1(bridge_slave_0) entered forwarding state
[  606.448182][T13093] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  606.476273][T13096] bridge_slave_1: left allmulticast mode
[  606.482441][T13096] bridge_slave_1: left promiscuous mode
[  606.520488][T13096] bridge0: port 2(bridge_slave_1) entered disabled state
[  606.637348][T13096] bridge_slave_0: left allmulticast mode
[  606.666435][T13096] bridge_slave_0: left promiscuous mode
[  606.683861][T13096] bridge0: port 1(bridge_slave_0) entered disabled state
[  607.183740][T13096] bond0: (slave bridge0): Releasing backup interface
[  607.557058][   T51] Bluetooth: hci4: command tx timeout
[  607.905037][T13151] netlink: 'syz.0.1927': attribute type 10 has an invalid length.
[  713.610900][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  713.617941][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=56825, q=301 ncpus=2)
[  713.625662][    C1] rcu: All QSes seen, last rcu_preempt kthread activity 10502 (4295008544-4294998042), jiffies_till_next_fqs=1, root ->qsmask 0x0
[  713.639037][    C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g56825 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  713.650232][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  713.660203][    C1] rcu: RCU grace-period kthread stack dump:
[  713.666086][    C1] task:rcu_preempt     state:R  running task     stack:27320 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  713.679587][    C1] Call Trace:
[  713.682866][    C1]  <TASK>
[  713.685810][    C1]  __schedule+0x16a2/0x4cb0
[  713.690335][    C1]  ? sched_clock_cpu+0x74/0x430
[  713.695201][    C1]  ? __switch_to+0xd74/0x1600
[  713.699884][    C1]  ? preempt_schedule_common+0x83/0xd0
[  713.705371][    C1]  ? __pfx___schedule+0x10/0x10
[  713.710264][    C1]  ? __lock_acquire+0xab9/0xd20
[  713.715134][    C1]  ? preempt_schedule+0xae/0xc0
[  713.719997][    C1]  preempt_schedule_common+0x83/0xd0
[  713.725299][    C1]  preempt_schedule+0xae/0xc0
[  713.729986][    C1]  ? __pfx_preempt_schedule+0x10/0x10
[  713.735376][    C1]  preempt_schedule_thunk+0x16/0x30
[  713.740590][    C1]  _raw_spin_unlock_irqrestore+0xfd/0x110
[  713.746322][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  713.752671][    C1]  __try_to_del_timer_sync+0x34a/0x3a0
[  713.758143][    C1]  __timer_delete_sync+0x1fe/0x2d0
[  713.763260][    C1]  ? __pfx___timer_delete_sync+0x10/0x10
[  713.768900][    C1]  ? schedule+0x91/0x360
[  713.773154][    C1]  ? schedule+0x16f/0x360
[  713.777490][    C1]  schedule_timeout+0x133/0x270
[  713.782347][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  713.787725][    C1]  ? __pfx_process_timeout+0x10/0x10
[  713.793030][    C1]  ? prepare_to_swait_event+0x341/0x380
[  713.798588][    C1]  rcu_gp_fqs_loop+0x301/0x1540
[  713.803458][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[  713.808408][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  713.813631][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  713.818926][    C1]  ? _raw_spin_unlock_irq+0x2e/0x50
[  713.824143][    C1]  ? finish_swait+0xcd/0x1f0
[  713.828750][    C1]  rcu_gp_kthread+0x99/0x390
[  713.833360][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  713.838570][    C1]  ? __kthread_parkme+0x7b/0x200
[  713.843522][    C1]  ? __kthread_parkme+0x1a1/0x200
[  713.848569][    C1]  kthread+0x70e/0x8a0
[  713.852650][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  713.857858][    C1]  ? __pfx_kthread+0x10/0x10
[  713.862458][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  713.867667][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  713.872899][    C1]  ? __pfx_kthread+0x10/0x10
[  713.877687][    C1]  ret_from_fork+0x3fc/0x770
[  713.882296][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  713.887429][    C1]  ? __switch_to_asm+0x39/0x70
[  713.892200][    C1]  ? __switch_to_asm+0x33/0x70
[  713.896974][    C1]  ? __pfx_kthread+0x10/0x10
[  713.901571][    C1]  ret_from_fork_asm+0x1a/0x30
[  713.906363][    C1]  </TASK>
[  713.909386][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  713.915719][    C1] Sending NMI from CPU 1 to CPUs 0:
[  713.920943][    C0] NMI backtrace for cpu 0
[  713.920958][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
[  713.920977][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  713.920987][    C0] RIP: 0010:__kasan_check_byte+0x12/0x40
[  713.921011][    C0] Code: cf fe ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 41 56 53 48 89 f3 49 89 fe e8 5e 14 00 00 <84> c0 75 16 be 01 00 00 00 4c 89 f7 31 d2 48 89 d9 89 c3 e8 c6 03
[  713.921025][    C0] RSP: 0018:ffffc90000007ba8 EFLAGS: 00000093
[  713.921040][    C0] RAX: 0000000000000001 RBX: ffffffff8b6221ae RCX: dd718c8ae21ce100
[  713.921052][    C0] RDX: 0000000000000000 RSI: ffffffff8b6221ae RDI: 1ffff11005aad260
[  713.921063][    C0] RBP: ffffffff897f2b64 R08: 0000000000000001 R09: 0000000000000000
[  713.921073][    C0] R10: dffffc0000000000 R11: ffffffff897f2aa0 R12: 0000000000000000
[  713.921083][    C0] R13: ffff88802d569300 R14: ffff88802d569300 R15: 0000000000000001
[  713.921094][    C0] FS:  0000000000000000(0000) GS:ffff888125c83000(0000) knlGS:0000000000000000
[  713.921107][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  713.921117][    C0] CR2: 000000110c3c2caf CR3: 0000000064dbc000 CR4: 00000000003526f0
[  713.921131][    C0] DR0: 0000000000000007 DR1: 000000000000009b DR2: 00040000ffffffff
[  713.921141][    C0] DR3: 0000000000000009 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  713.921151][    C0] Call Trace:
[  713.921158][    C0]  <IRQ>
[  713.921166][    C0]  lock_acquire+0x8d/0x360
[  713.921217][    C0]  _raw_spin_lock+0x2e/0x40
[  713.921251][    C0]  ? advance_sched+0xc4/0xc90
[  713.921269][    C0]  advance_sched+0xc4/0xc90
[  713.921287][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  713.921306][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  713.921330][    C0]  ? __pfx_advance_sched+0x10/0x10
[  713.921346][    C0]  __hrtimer_run_queues+0x529/0xc60
[  713.921377][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  713.921397][    C0]  ? read_tsc+0x9/0x20
[  713.921418][    C0]  hrtimer_interrupt+0x45b/0xaa0
[  713.921452][    C0]  __sysvec_apic_timer_interrupt+0x10b/0x410
[  713.921476][    C0]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  713.921496][    C0]  </IRQ>
[  713.921501][    C0]  <TASK>
[  713.921508][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  713.921532][    C0] RIP: 0010:kasan_check_range+0x9/0x2c0
[  713.921550][    C0] Code: 5b e4 ff 90 0f 0b cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 55 41 57 41 56 <41> 55 41 54 53 b0 01 48 85 f6 0f 84 ba 01 00 00 4c 8d 04 37 49 39
[  713.921563][    C0] RSP: 0018:ffffffff8de07d50 EFLAGS: 00000287
[  713.921575][    C0] RAX: 0000000000000000 RBX: ffffffff8db92c60 RCX: ffffffff819481b9
[  713.921586][    C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffff8880b8639e84
[  713.921596][    C0] RBP: 0000000000000000 R08: ffffffff8f9fe1f7 R09: 1ffffffff1f3fc3e
[  713.921607][    C0] R10: dffffc0000000000 R11: fffffbfff1f3fc3f R12: 1ffffffff1b7258c
[  713.921618][    C0] R13: 0000000000000000 R14: ffff8880b8639e84 R15: dffffc0000000000
[  713.921634][    C0]  ? nohz_run_idle_balance+0x59/0x150
[  713.921653][    C0]  nohz_run_idle_balance+0x59/0x150
[  713.921669][    C0]  do_idle+0x8b/0x510
[  713.921693][    C0]  ? __pfx_do_idle+0x10/0x10
[  713.921721][    C0]  cpu_startup_entry+0x44/0x60
[  713.921742][    C0]  rest_init+0x2de/0x300
[  713.921756][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  713.921774][    C0]  start_kernel+0x47d/0x500
[  713.921798][    C0]  x86_64_start_reservations+0x24/0x30
[  713.921814][    C0]  x86_64_start_kernel+0x143/0x1c0
[  713.921830][    C0]  common_startup_64+0x13e/0x147
[  713.921854][    C0]  </TASK>