last executing test programs: 14.074597552s ago: executing program 1 (id=2): bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$pptp(0x18, 0x1, 0x2) socket$phonet(0x23, 0x2, 0x1) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x7ff, 0xef9, 0x1}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0x5, 0x8, 0x7fff}) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x1000f0000) 12.699860584s ago: executing program 1 (id=6): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0}, &(0x7f0000000280)=0xc) ptrace$ARCH_SET_CPUID(0x1e, r0, 0x0, 0x1012) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_dev$rtc(&(0x7f0000000000), 0x2000000003, 0x50dc82) socket$inet_tcp(0x2, 0x1, 0x0) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8) close(r4) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00') r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TCFLSH(r6, 0x400455c8, 0x0) bind$bt_hci(r5, &(0x7f0000000140), 0x6) ioctl$sock_bt_hci(r5, 0x400448e7, 0x0) 11.04253568s ago: executing program 1 (id=8): socket$inet_mptcp(0x2, 0x1, 0x106) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r3 = userfaultfd(0x1) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000004c0)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000180)={'wlan0\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x240080, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r6 = openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x2042, 0x0) ioctl$VIDIOC_S_INPUT(r6, 0xc0045627, &(0x7f0000000300)=0x1000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r5}, 0x18) bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0) ioctl$UFFDIO_ZEROPAGE(r3, 0xc020aa04, &(0x7f0000000140)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}}) 10.852609531s ago: executing program 2 (id=9): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) syz_init_net_socket$llc(0x1a, 0x2, 0x0) r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r1, 0x40045542, &(0x7f0000000b00)) syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x0) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 9.974222834s ago: executing program 1 (id=10): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x8, 0x0, &(0x7f0000000040)="2b1c52ac82e71ea0", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000001a000f01"], 0x1c}}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, 0xffffffffffffffff, 0x0) r2 = dup(r1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 9.966799707s ago: executing program 2 (id=11): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$sock_SIOCADDDLCI(0xffffffffffffffff, 0x8980, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x1, 0x2, 0x0, 0x0, 0x8c}, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) io_setup(0x5, &(0x7f00000002c0)=0x0) io_submit(r5, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r4, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}]) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x4ffe4, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) r6 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r6, 0xc0045002, &(0x7f0000000180)=0x7) read$dsp(r6, &(0x7f0000002200)=""/4121, 0x1019) r7 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r7, &(0x7f0000000100)={0x18, 0x0, {0x1, @dev, 'macvlan1\x00'}}, 0x1e) 9.685537842s ago: executing program 0 (id=1): r0 = socket$netlink(0x10, 0x3, 0x15) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3}}, './file0\x00'}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) io_setup(0xffff, 0x0) syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00') bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$sock_bt_hci(r5, 0x400448e0, 0x0) r6 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x149000, 0x0) ioctl$PTP_EXTTS_REQUEST2(r6, 0xc4c03d12, 0x0) utimensat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', &(0x7f00000001c0), 0x100) mknodat$null(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x103) mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='affs\x00', 0x8090, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x100000f, 0x28011, r1, 0x1000) r7 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00') ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0xc0686611, &(0x7f0000000180)={0x68, 0x0, 0x3f, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) write(r0, &(0x7f00000002c0)="29000000140005b7ff00000004eabdeb0101b6ff02159f7e5520756b1933b49db96ad24d12595fbea5", 0x29) 8.85473149s ago: executing program 1 (id=12): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x800714, &(0x7f00000004c0)={[{@orlov}, {@nodelalloc}, {@errors_remount}, {@grpquota}, {@auto_da_alloc}, {@dioread_nolock}, {@quota}, {@grpjquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}]}, 0xff, 0x493, &(0x7f0000000640)="$eJzs3M1vFGUYAPBnth9804qIgqCraCR+tLSgcvCgRhMPmpjoAY+1LYgs1NCaCGm0GINHQ+LdeDTxL/DmxagHY+JVE4+GhGhjQvFUM1+w3W5LW9oudH+/ZDvvO5/vMzPv7jvzdiaAtlVN/yQR2yPi94joybNzZ6jmg5npyeHr05PDSczOvvV3ks13bXpyuJy1XG5bkTlUiah8lsSLyfztjp+/cHqoVhs9V+T7J8580D9+/sIzp84MnRw9OXp28Nixo0cGnn9u8NlViTON69q+j8f2733tnctvDB+//O5P36bF2nMgn14fxy1dbxJQE9V0r/0zm2mc9vgyyn432FGXTjpbWBCWpSMi0sPVldX/nuiImwevJ179tKWFA9ZU+tu0aeHJU7PABpZEq0sAtEb5Q59e/5afdWp63BGuvhTRXaRnpieHZ27E3xmVYnzXGm6/GhHHp/77Kv3Ecu9DAACsQNa2ebpZ+68Se7Jh3texs+hD6Y2IeyJiV0TcGxG7I+K+iGze+yPigXzh2Z4lbr/akJ/f/qlcaVrmVZK2/16oa/vN1MVfDHo7ityOLP6u5MSp2ujhYp8ciq5NaX5gkW18/8pvXyw0rb79l37S7ZdtwaIAVzobbtCNDE0MrdZOuHoxYl9ns/iTGz0B6RmwNyL2LW/VO8vEqSe/2b/QTLeOfxGr0M80+3XEE/nxn4qG+EvJ4v2T/ZujNnq4vzwr5vv510tvFsnuxmm3Ff8qSI//1rnnfzHlYjHs+TfJ+2u7olYbPTe+/G1c+uPzBa9pVnr+dydvZ33Wv7yXj/toaGLi3EBEd/J6li93dDZ+8OayZb6cP43/0MHm9X9XsUwa/4MRkZ7EByLioYh4uCj7IxHxaEQcXCT+H19+7P1F4k8iiZYe/5Gm3383zv/epL6/fgWJjtM/fLdQj/nSjv/RmMq+a3PZ998tLLWAt7n7AAAA4K5QiYjtkVT68nR1e1QqfX35//Dvjq2V2tj4xFMnxj48O5I/I9AbXZXyTldP3f3QgWSqWGOeHyzuFZfTjxT3jb/s2JLl+4bHaiMtjh3a3ba59T/K+p/6q6PVpQPWnOe1oH011v9Ki8oBrL+l/P67FoCNqUn939KKcgDrz/U/tK9m9f+Thrz2P2xM8+v/n01eWQdsRNr/0L7Uf2hf6j+0paU+xV++T2HFLwGYkygfFlj5ejYv+Qn/Oy9RXZM1l0doLQu/JW6OicodsTPbJJHWmPXdaJOX1QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANyF/g8AAP//Z0bjpw==") r2 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) ftruncate(r2, 0x20cf01) mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000080)=""/152) r3 = getpid() sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$cgroup_int(r1, &(0x7f0000000040)=0x1c8, 0x12) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r7, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x8808) 8.732983667s ago: executing program 2 (id=13): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, &(0x7f0000000680), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_emit_ethernet(0xd2, &(0x7f00000009c0)=ANY=[@ANYBLOB="0180c2000000ece65fbcee5586dd60010100009c1100fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000e22009c90780100000000000000643022af983e0c3b942b96be5bcfe0cc1000a8b3f45f8d2f465bb22b32241fd3065534169ea4d202515690405e33b4f672dc79ccfd457f772607a23172a1b9bdeb5bdafcc4cc0b06263bfe37effa8ec61fcb165c8cfe7da02b42c77f62999fee935f4552b68b2cab59381c17e3295fb3a7636a16686c00020d3ad685507bf8adc0edc769d0be352856"], 0x0) write$UHID_SET_REPORT_REPLY(r0, &(0x7f0000000240)={0xe, {0x7, 0xff, 0xd7, 0x5e, "fef84d04ff52a2debb8cfc48c97312603b8447fc6f65ff718443d6ba7da46673130b2d3ebc89e7cd904c3427b746e7370122a77e880b862fdcaabded040cf5450baa5cb077131453885f9974b67e0a7f386399f5000a439f9889060c2209"}}, 0x6a) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x48}, {0x6}]}, 0x10) syz_emit_ethernet(0x4e, &(0x7f0000000140)={@multicast, @random="43ef452f40e7", @void, {@ipv6={0x86dd, @tipc_packet={0x9, 0x6, "b293c0", 0x18, 0x6, 0xff, @local, @empty, {[], @payload_conn={{{0x18, 0x0, 0x0, 0x0, 0x1, 0x6, 0x3, 0x2, 0x0, 0x0, 0x3, 0x3, 0x2, 0x0, 0x2, 0x8, 0x2, 0x4e23, 0x4e21}}}}}}}}, 0x0) symlinkat(&(0x7f0000000040)='./file0\x00', 0xffffffffffffffff, &(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 8.244754961s ago: executing program 0 (id=14): mkdirat(0xffffffffffffff9c, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) 7.325658163s ago: executing program 1 (id=15): r0 = socket$netlink(0x10, 0x3, 0x15) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3}}, './file0\x00'}) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) io_setup(0xffff, 0x0) syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00') bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$sock_bt_hci(r4, 0x400448e0, 0x0) r5 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x149000, 0x0) ioctl$PTP_EXTTS_REQUEST2(r5, 0xc4c03d12, 0x0) utimensat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', &(0x7f00000001c0), 0x100) mknodat$null(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x103) mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='affs\x00', 0x8090, 0x0) r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00') ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0xc0686611, &(0x7f0000000180)={0x68, 0x0, 0x3f, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) write(r0, &(0x7f00000002c0)="29000000140005b7ff00000004eabdeb0101b6ff02159f7e5520756b1933b49db96ad24d12595fbea5", 0x29) 7.316828421s ago: executing program 0 (id=16): socket$vsock_stream(0x28, 0x1, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000180), 0x0, 0x0) readv(r1, &(0x7f00000015c0), 0x0) 7.159192782s ago: executing program 3 (id=4): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1100050, &(0x7f0000000680), 0xfe, 0x24f, &(0x7f0000000400)="$eJzs3T9oJGUYBvBnZnc9c7fIqY0g/gER0UA4O8HmbBQO5AgiggoRERslEWKCXWJlY6G1SiqbIHZGS0kTbBTBKmqK2AgaLAwWWqzsThJisproxh3N/H4wyUzm++adIfO8k2ayARrrcpKrSVpJJpN0khSHB9xdLZf3NlcmNmaSXu+Jn4rBuGq7sj/vUpLlJA8lWS+LvNROFtee2f5l87H73lzo3Pv+2tMTY73IPTvbW4/vvnf9jY+uPbj4xVc/XC9yNd0/XNfZK4b8rF0kt/wbxf4jinbdZ8BpTL/24df93N+a5J5B/jspU/3y3pq/Yb2TB979s7lv//jl7eM8V+Ds9Xqd/jNwuQc0Tpmkm6KcSlKtl+XUVPU3/Deti+XLc/OvTr44tzD7Qt2dCjhJ65TjusnWo59c+PjSkfx/36ryD5xf/fw/Ob36bX9997RNA/h/u6P61s//5HNL90f+oXEO8l/KPzSN5z80l/xDc8k/NJf8Q3PJP5xjnb/ePTz/J0wCzgXPf2gu+YfmOpx/AKBZehfqfgMZqEvd/QcAAAAAAAAAAAAAAAAAADhuZWJjZn8ZV83P3kl2HknSHla/Nfg84uTGwdeLPxf9YQeKatpInr1rxAOM6IOa376+6bt6639+Z731l2aT5deTXGm3j99/xd7998/dfML+zvMjFvibiiPbDz813vpH/bZab/1rm8mn/f5zZVj/KXPboPkM7z/dM/hvya/8OuIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGJvfAwAA///eRG1e") openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$ttys(0xc, 0x2, 0x1) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$dupfd(r0, 0x0, r1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000001840)={0x1, &(0x7f0000001880)=[{0x6, 0x5c, 0x0, 0xe4}]}, 0x10) sendmmsg$inet(r3, &(0x7f0000001000)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000640)="0036d551863e190212", 0x9}], 0x1}}], 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000040)='bbr\x00', 0x4) sendmmsg$inet(r3, &(0x7f0000003b00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000180)=';', 0xfffffdef}], 0x1}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000400)="bb", 0x1}], 0x1}}], 0x2, 0x16da) 6.930789164s ago: executing program 0 (id=17): setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x18808, 0x0, 0xf9, 0x0, 0x0) syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) setgroups(0x1, &(0x7f0000000080)=[0x0]) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) rename(&(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r3, 0x0, 0x58) 6.116194482s ago: executing program 4 (id=5): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0}, &(0x7f0000000280)=0xc) ptrace$ARCH_SET_CPUID(0x1e, r0, 0x0, 0x1012) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00'}, 0x10) bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r4}, 0x8) 5.413728548s ago: executing program 3 (id=18): socket$inet_mptcp(0x2, 0x1, 0x106) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) r3 = userfaultfd(0x1) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000004c0)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_STATION(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010000ffffffffffffff9600000008000300", @ANYRES32=r6, @ANYBLOB="0a00060008021100000100000c0043"], 0x34}}, 0x0) openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x240080, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r8 = openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x2042, 0x0) ioctl$VIDIOC_S_INPUT(r8, 0xc0045627, &(0x7f0000000300)=0x1000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r7}, 0x18) bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0) ioctl$UFFDIO_ZEROPAGE(r3, 0xc020aa04, &(0x7f0000000140)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}}) 5.412943703s ago: executing program 4 (id=19): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = socket$inet6(0xa, 0x80002, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000001", @ANYRES32=0x0, @ANYRES32], 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000340)={{r5, 0xffffffffffffffff}, &(0x7f0000000240), &(0x7f0000000b80)='%pB \x00'}, 0x20) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001300)={{r6}, &(0x7f0000001280), &(0x7f0000000100)='%-010d \x00'}, 0x20) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x6, 0x18, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b708000000000e007b8af0ff0000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4) tkill(r2, 0x32) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6}]}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x44, &(0x7f0000000000)={0x0, 0x0}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) 5.198171685s ago: executing program 2 (id=20): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) socket$netlink(0x10, 0x3, 0xb61409d0347c9d95) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) listen(0xffffffffffffffff, 0x20000005) r3 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r3, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty}, 0x1c) ioctl$VIDIOC_TRY_ENCODER_CMD(0xffffffffffffffff, 0xc0305602, &(0x7f0000000040)={0x1, 0x5, [0x3, 0x0, 0x4, 0x1, 0x7fff]}) r4 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xff0f}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r5}, &(0x7f0000000540), &(0x7f0000000580)=r6}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r5, &(0x7f0000000780)}, 0x20) accept4$nfc_llcp(r4, &(0x7f0000000240), 0x0, 0x0) r7 = syz_open_dev$evdev(0x0, 0x2, 0x822b01) write$char_usb(r7, &(0x7f0000000040)="e2", 0x12d8) 3.257804285s ago: executing program 4 (id=21): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x8, 0x0, &(0x7f0000000040)="2b1c52ac82e71ea0", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000001a000f01"], 0x1c}}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, 0xffffffffffffffff, 0x0) r2 = dup(r1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_RUN(r3, 0xae80, 0x0) 3.193808715s ago: executing program 3 (id=22): bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x1}, 0x8) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, 0x0, 0x0) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = syz_io_uring_setup(0x10e, &(0x7f0000000140), &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x13, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, {0x0, r7}}) io_uring_enter(r4, 0x47f9, 0x0, 0x0, 0x0, 0x0) 1.182766009s ago: executing program 2 (id=23): r0 = socket$netlink(0x10, 0x3, 0x15) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x3}}, './file0\x00'}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) io_setup(0xffff, 0x0) syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00') bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$sock_bt_hci(r5, 0x400448e0, 0x0) r6 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x149000, 0x0) ioctl$PTP_EXTTS_REQUEST2(r6, 0xc4c03d12, 0x0) utimensat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', &(0x7f00000001c0), 0x100) mknodat$null(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x103) mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='affs\x00', 0x8090, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x100000f, 0x28011, r1, 0x1000) r7 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00') ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0xc0686611, &(0x7f0000000180)={0x68, 0x0, 0x3f, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) write(r0, &(0x7f00000002c0)="29000000140005b7ff00000004eabdeb0101b6ff02159f7e5520756b1933b49db96ad24d12595fbea5", 0x29) 1.036675478s ago: executing program 3 (id=24): mkdirat(0xffffffffffffff9c, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) 986.534566ms ago: executing program 4 (id=25): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x800714, &(0x7f00000004c0)={[{@orlov}, {@nodelalloc}, {@errors_remount}, {@grpquota}, {@auto_da_alloc}, {@dioread_nolock}, {@quota}, {@grpjquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}]}, 0xff, 0x493, &(0x7f0000000640)="$eJzs3M1vFGUYAPBnth9804qIgqCraCR+tLSgcvCgRhMPmpjoAY+1LYgs1NCaCGm0GINHQ+LdeDTxL/DmxagHY+JVE4+GhGhjQvFUM1+w3W5LW9oudH+/ZDvvO5/vMzPv7jvzdiaAtlVN/yQR2yPi94joybNzZ6jmg5npyeHr05PDSczOvvV3ks13bXpyuJy1XG5bkTlUiah8lsSLyfztjp+/cHqoVhs9V+T7J8580D9+/sIzp84MnRw9OXp28Nixo0cGnn9u8NlViTON69q+j8f2733tnctvDB+//O5P36bF2nMgn14fxy1dbxJQE9V0r/0zm2mc9vgyyn432FGXTjpbWBCWpSMi0sPVldX/nuiImwevJ179tKWFA9ZU+tu0aeHJU7PABpZEq0sAtEb5Q59e/5afdWp63BGuvhTRXaRnpieHZ27E3xmVYnzXGm6/GhHHp/77Kv3Ecu9DAACsQNa2ebpZ+68Se7Jh3texs+hD6Y2IeyJiV0TcGxG7I+K+iGze+yPigXzh2Z4lbr/akJ/f/qlcaVrmVZK2/16oa/vN1MVfDHo7ityOLP6u5MSp2ujhYp8ciq5NaX5gkW18/8pvXyw0rb79l37S7ZdtwaIAVzobbtCNDE0MrdZOuHoxYl9ns/iTGz0B6RmwNyL2LW/VO8vEqSe/2b/QTLeOfxGr0M80+3XEE/nxn4qG+EvJ4v2T/ZujNnq4vzwr5vv510tvFsnuxmm3Ff8qSI//1rnnfzHlYjHs+TfJ+2u7olYbPTe+/G1c+uPzBa9pVnr+dydvZ33Wv7yXj/toaGLi3EBEd/J6li93dDZ+8OayZb6cP43/0MHm9X9XsUwa/4MRkZ7EByLioYh4uCj7IxHxaEQcXCT+H19+7P1F4k8iiZYe/5Gm3383zv/epL6/fgWJjtM/fLdQj/nSjv/RmMq+a3PZ998tLLWAt7n7AAAA4K5QiYjtkVT68nR1e1QqfX35//Dvjq2V2tj4xFMnxj48O5I/I9AbXZXyTldP3f3QgWSqWGOeHyzuFZfTjxT3jb/s2JLl+4bHaiMtjh3a3ba59T/K+p/6q6PVpQPWnOe1oH011v9Ki8oBrL+l/P67FoCNqUn939KKcgDrz/U/tK9m9f+Thrz2P2xM8+v/n01eWQdsRNr/0L7Uf2hf6j+0paU+xV++T2HFLwGYkygfFlj5ejYv+Qn/Oy9RXZM1l0doLQu/JW6OicodsTPbJJHWmPXdaJOX1QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANyF/g8AAP//Z0bjpw==") r2 = open(&(0x7f0000000200)='./bus\x00', 0x10103e, 0x0) ftruncate(r2, 0x20cf01) mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000080)=""/152) r3 = getpid() sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) write$cgroup_int(r1, &(0x7f0000000040)=0x1c8, 0x12) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r7, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x8808) 133.048829ms ago: executing program 2 (id=26): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) getpid() bind$unix(0xffffffffffffffff, 0x0, 0x3b) prlimit64(0x0, 0x0, &(0x7f0000000140)={0x0, 0x4000008b}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_pts(r0, 0x208103) ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f0000000180)={0x0, 0x2, 0x83, 0x8, 0x10}) getpid() socketpair(0x2b, 0x1, 0x0, &(0x7f0000000200)) setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x3e, 0x0, 0x0) io_setup(0x9, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000800), 0x0, 0x0, 0x0, 0x0) llistxattr(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r3 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) listen(r3, 0x9) r4 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt(r4, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) connect$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) 0s ago: executing program 0 (id=27): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, &(0x7f0000000680), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000006c0)) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) syz_emit_ethernet(0xd2, &(0x7f00000009c0)=ANY=[@ANYBLOB="0180c2000000ece65fbcee5586dd60010100009c1100fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000e22009c90780100000000000000643022af983e0c3b942b96be5bcfe0cc1000a8b3f45f8d2f465bb22b32241fd3065534169ea4d202515690405e33b4f672dc79ccfd457f772607a23172a1b9bdeb5bdafcc4cc0b06263bfe37effa8ec61fcb165c8cfe7da02b42c77f62999fee935f4552b68b2cab59381c17e3295fb3a7636a16686c00020d3ad685507bf8adc0edc769d0be352856"], 0x0) r2 = socket$packet(0x11, 0x2, 0x300) write$UHID_SET_REPORT_REPLY(r0, &(0x7f0000000240)={0xe, {0x7, 0xff, 0xd7, 0x5e, "fef84d04ff52a2debb8cfc48c97312603b8447fc6f65ff718443d6ba7da46673130b2d3ebc89e7cd904c3427b746e7370122a77e880b862fdcaabded040cf5450baa5cb077131453885f9974b67e0a7f386399f5000a439f9889060c2209"}}, 0x6a) setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x48}, {0x6}]}, 0x10) syz_emit_ethernet(0x4e, &(0x7f0000000140)={@multicast, @random="43ef452f40e7", @void, {@ipv6={0x86dd, @tipc_packet={0x9, 0x6, "b293c0", 0x18, 0x6, 0xff, @local, @empty, {[], @payload_conn={{{0x18, 0x0, 0x0, 0x0, 0x1, 0x6, 0x3, 0x2, 0x0, 0x0, 0x3, 0x3, 0x2, 0x0, 0x2, 0x8, 0x2, 0x4e23, 0x4e21}}}}}}}}, 0x0) symlinkat(&(0x7f0000000040)='./file0\x00', 0xffffffffffffffff, &(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f00000000c0)={{}, 0x100, './file0\x00'}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.41' (ED25519) to the list of known hosts. [ 60.796669][ T5834] cgroup: Unknown subsys name 'net' [ 60.937531][ T5834] cgroup: Unknown subsys name 'cpuset' [ 60.945558][ T5834] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 62.326774][ T5834] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 65.839460][ T5854] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 65.848275][ T5854] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 65.857426][ T5854] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 65.859943][ T5858] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 65.874046][ T5854] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 65.875863][ T5858] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 65.888536][ T5863] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 65.904811][ T5858] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 65.919507][ T5862] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 65.926871][ T5863] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 65.926870][ T5858] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 65.927839][ T5858] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 65.935183][ T5863] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 65.943375][ T5862] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 65.963935][ T5854] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 65.964055][ T5864] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 65.972262][ T5854] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 65.980589][ T5864] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 65.987558][ T5854] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 65.993581][ T5864] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 66.003539][ T5160] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 66.009169][ T5864] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 66.014759][ T5854] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 66.021699][ T5864] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 66.028156][ T5160] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 66.051640][ T5864] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 66.052544][ T5160] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 66.066206][ T5864] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 66.069676][ T5160] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 66.083644][ T5160] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 66.516374][ T5857] chnl_net:caif_netlink_parms(): no params data found [ 66.556390][ T5856] chnl_net:caif_netlink_parms(): no params data found [ 66.662625][ T5844] chnl_net:caif_netlink_parms(): no params data found [ 66.686078][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 66.709907][ T5846] chnl_net:caif_netlink_parms(): no params data found [ 66.736676][ T5857] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.744056][ T5857] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.751516][ T5857] bridge_slave_0: entered allmulticast mode [ 66.759401][ T5857] bridge_slave_0: entered promiscuous mode [ 66.778211][ T5856] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.785584][ T5856] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.793520][ T5856] bridge_slave_0: entered allmulticast mode [ 66.800546][ T5856] bridge_slave_0: entered promiscuous mode [ 66.830835][ T5857] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.840054][ T5857] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.848793][ T5857] bridge_slave_1: entered allmulticast mode [ 66.857324][ T5857] bridge_slave_1: entered promiscuous mode [ 66.881548][ T5856] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.889557][ T5856] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.898548][ T5856] bridge_slave_1: entered allmulticast mode [ 66.906127][ T5856] bridge_slave_1: entered promiscuous mode [ 66.965234][ T5856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.977421][ T5856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.004902][ T5857] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.040353][ T5857] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.082399][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.090318][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.098233][ T5845] bridge_slave_0: entered allmulticast mode [ 67.105231][ T5845] bridge_slave_0: entered promiscuous mode [ 67.124094][ T5856] team0: Port device team_slave_0 added [ 67.130476][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.138015][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.145374][ T5845] bridge_slave_1: entered allmulticast mode [ 67.152334][ T5845] bridge_slave_1: entered promiscuous mode [ 67.169978][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.177323][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.187754][ T5844] bridge_slave_0: entered allmulticast mode [ 67.194561][ T5844] bridge_slave_0: entered promiscuous mode [ 67.203638][ T5856] team0: Port device team_slave_1 added [ 67.227069][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.234328][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.241596][ T5846] bridge_slave_0: entered allmulticast mode [ 67.248906][ T5846] bridge_slave_0: entered promiscuous mode [ 67.257789][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.265378][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.272609][ T5844] bridge_slave_1: entered allmulticast mode [ 67.279897][ T5844] bridge_slave_1: entered promiscuous mode [ 67.288408][ T5857] team0: Port device team_slave_0 added [ 67.298147][ T5857] team0: Port device team_slave_1 added [ 67.319264][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.327705][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.335579][ T5846] bridge_slave_1: entered allmulticast mode [ 67.342362][ T5846] bridge_slave_1: entered promiscuous mode [ 67.383524][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.395632][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.420583][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.431014][ T5857] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.438481][ T5857] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.464970][ T5857] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.479036][ T5856] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.486183][ T5856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.512722][ T5856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.540342][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.559248][ T5857] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.566494][ T5857] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.592700][ T5857] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.611936][ T5856] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.620219][ T5856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.646436][ T5856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.678842][ T5845] team0: Port device team_slave_0 added [ 67.687142][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.722344][ T5844] team0: Port device team_slave_0 added [ 67.739375][ T5845] team0: Port device team_slave_1 added [ 67.757169][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.789099][ T5844] team0: Port device team_slave_1 added [ 67.803203][ T5856] hsr_slave_0: entered promiscuous mode [ 67.809597][ T5856] hsr_slave_1: entered promiscuous mode [ 67.832594][ T5846] team0: Port device team_slave_0 added [ 67.839958][ T5846] team0: Port device team_slave_1 added [ 67.854498][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.861469][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.888362][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.901108][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.908205][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.934191][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.955367][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.962466][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.988604][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.024733][ T5857] hsr_slave_0: entered promiscuous mode [ 68.031096][ T5857] hsr_slave_1: entered promiscuous mode [ 68.037730][ T5857] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.046028][ T5857] Cannot create hsr debugfs directory [ 68.052198][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.060148][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.086291][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.097967][ T5852] Bluetooth: hci3: command tx timeout [ 68.104309][ T5160] Bluetooth: hci1: command tx timeout [ 68.131223][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.138461][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.164894][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.173373][ T5852] Bluetooth: hci4: command tx timeout [ 68.177784][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.181153][ T55] Bluetooth: hci2: command tx timeout [ 68.188550][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.194580][ T5160] Bluetooth: hci0: command tx timeout [ 68.220710][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.298868][ T5844] hsr_slave_0: entered promiscuous mode [ 68.305308][ T5844] hsr_slave_1: entered promiscuous mode [ 68.311418][ T5844] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.319663][ T5844] Cannot create hsr debugfs directory [ 68.357110][ T5845] hsr_slave_0: entered promiscuous mode [ 68.364289][ T5845] hsr_slave_1: entered promiscuous mode [ 68.370813][ T5845] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.378931][ T5845] Cannot create hsr debugfs directory [ 68.419971][ T5846] hsr_slave_0: entered promiscuous mode [ 68.427485][ T5846] hsr_slave_1: entered promiscuous mode [ 68.434805][ T5846] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.442419][ T5846] Cannot create hsr debugfs directory [ 68.696733][ T5856] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 68.721913][ T5856] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 68.756267][ T5856] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 68.774182][ T5856] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 68.822060][ T5857] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 68.845209][ T5857] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 68.861097][ T5857] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 68.871251][ T5857] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 68.928317][ T5844] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 68.938807][ T5844] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 68.960084][ T5844] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 68.970193][ T5844] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 69.038892][ T5845] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 69.049473][ T5845] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 69.077962][ T5845] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 69.087174][ T5845] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 69.169855][ T5857] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.181851][ T5846] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 69.203304][ T5846] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 69.223857][ T5856] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.232137][ T5846] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 69.256613][ T5846] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 69.282270][ T5857] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.296402][ T5856] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.324964][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.333593][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.345140][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.352418][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.411180][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.418361][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.431185][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.438871][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.530339][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.591893][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.643445][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.668565][ T1327] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.675754][ T1327] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.716871][ T1327] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.724184][ T1327] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.742705][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.796979][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.823993][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.831159][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.889426][ T2987] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.896760][ T2987] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.943667][ T5846] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.967241][ T5857] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 69.990375][ T1327] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.998138][ T1327] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.028968][ T5845] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 70.080818][ T2987] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.088067][ T2987] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.152344][ T5856] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.174235][ T55] Bluetooth: hci3: command tx timeout [ 70.180020][ T5160] Bluetooth: hci1: command tx timeout [ 70.205304][ T5857] veth0_vlan: entered promiscuous mode [ 70.229711][ T5857] veth1_vlan: entered promiscuous mode [ 70.255342][ T5160] Bluetooth: hci2: command tx timeout [ 70.260824][ T5160] Bluetooth: hci0: command tx timeout [ 70.267185][ T55] Bluetooth: hci4: command tx timeout [ 70.348345][ T5856] veth0_vlan: entered promiscuous mode [ 70.367712][ T5856] veth1_vlan: entered promiscuous mode [ 70.406296][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.444762][ T5857] veth0_macvtap: entered promiscuous mode [ 70.480191][ T5857] veth1_macvtap: entered promiscuous mode [ 70.537643][ T5856] veth0_macvtap: entered promiscuous mode [ 70.548909][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.568128][ T5856] veth1_macvtap: entered promiscuous mode [ 70.595026][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.606153][ T5857] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.618567][ T5857] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.665286][ T5857] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.676807][ T5857] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.686538][ T5857] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.695658][ T5857] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.708525][ T5856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 70.720388][ T5856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.731848][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 70.743551][ T5844] veth0_vlan: entered promiscuous mode [ 70.791960][ T5856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 70.810358][ T5856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 70.826578][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 70.870723][ T5844] veth1_vlan: entered promiscuous mode [ 70.888098][ T5856] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.905095][ T5856] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.914988][ T5856] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.924335][ T5856] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.956200][ T5845] veth0_vlan: entered promiscuous mode [ 71.005024][ T5844] veth0_macvtap: entered promiscuous mode [ 71.036600][ T5844] veth1_macvtap: entered promiscuous mode [ 71.082031][ T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.100553][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.111014][ T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.120163][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.131507][ T5845] veth1_vlan: entered promiscuous mode [ 71.181070][ T1327] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.191901][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.204069][ T1327] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.211732][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.221894][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.232562][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.244452][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.272527][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.283750][ T1327] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.284512][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.291602][ T1327] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.318661][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.329243][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.341488][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.356324][ T5846] veth0_vlan: entered promiscuous mode [ 71.382431][ T5844] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.391670][ T5844] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.401999][ T5844] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.411589][ T5844] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.445092][ T5846] veth1_vlan: entered promiscuous mode [ 71.473709][ T5856] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 71.540183][ T5845] veth0_macvtap: entered promiscuous mode [ 71.598852][ T5845] veth1_macvtap: entered promiscuous mode [ 71.883274][ T1327] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.908008][ T1327] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.918695][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.925740][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.443940][ T5936] loop2: detected capacity change from 0 to 8 [ 72.553383][ T5160] Bluetooth: hci1: command tx timeout [ 72.559191][ T5160] Bluetooth: hci3: command tx timeout [ 72.565315][ T5160] Bluetooth: hci0: command tx timeout [ 72.571316][ T5160] Bluetooth: hci4: command tx timeout [ 72.577914][ T5160] Bluetooth: hci2: command tx timeout [ 72.623564][ T5936] unable to read xattr id index table [ 72.898223][ T5936] netlink: 'syz.2.3': attribute type 2 has an invalid length. [ 72.906077][ T5936] netlink: 766 bytes leftover after parsing attributes in process `syz.2.3'. [ 72.968910][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.988522][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.000579][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.021305][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.281894][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.299157][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.311235][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.160713][ T5940] capability: warning: `syz.1.6' uses deprecated v2 capabilities in a way that may be insecure [ 74.324911][ T5846] veth0_macvtap: entered promiscuous mode [ 74.346713][ T5846] veth1_macvtap: entered promiscuous mode [ 74.441905][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.474342][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.502993][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.534303][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.544451][ T5845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.555075][ T5845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.567873][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.586066][ T5845] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.595110][ T5845] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.596026][ T1327] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.604075][ T5845] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.604144][ T5845] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.629920][ T1327] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.673403][ T5852] Bluetooth: hci2: command tx timeout [ 74.679539][ T5852] Bluetooth: hci4: command tx timeout [ 74.685066][ T5852] Bluetooth: hci0: command tx timeout [ 74.692650][ T5852] Bluetooth: hci3: command tx timeout [ 74.698532][ T5852] Bluetooth: hci1: command tx timeout [ 74.716807][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.735835][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.793108][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.809927][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.846274][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.861288][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.873933][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.884632][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.211061][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.637654][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.684461][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.700728][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.709086][ T5954] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 75.718876][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.739226][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.749752][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.759769][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.770454][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.811304][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.961303][ T5846] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.970854][ T5846] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.019414][ T5846] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.166986][ T5846] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.770447][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.785506][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.808720][ T5965] loop1: detected capacity change from 0 to 512 [ 76.817283][ T5965] EXT4-fs: Ignoring removed orlov option [ 76.847807][ T5963] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1'. [ 76.874904][ T5965] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 77.436239][ T5968] loop2: detected capacity change from 0 to 128 [ 77.443314][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 77.538203][ T5965] EXT4-fs error (device loop1): ext4_orphan_get:1388: inode #15: comm syz.1.12: casefold flag without casefold feature [ 77.552936][ T5965] EXT4-fs (loop1): Remounting filesystem read-only [ 77.566768][ T5965] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.585449][ T5950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.589121][ T5968] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 77.608458][ T5950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.665113][ T5968] ext4 filesystem being mounted at /4/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 78.031757][ T5950] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.077211][ T5976] block device autoloading is deprecated and will be removed. [ 78.143354][ T5950] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.272020][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 78.316091][ T5857] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.468499][ T5950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.532975][ T5950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.567976][ T5982] loop3: detected capacity change from 0 to 128 [ 78.609478][ T5982] ======================================================= [ 78.609478][ T5982] WARNING: The mand mount option has been deprecated and [ 78.609478][ T5982] and is ignored by this kernel. Remove the mand [ 78.609478][ T5982] option from the mount to silence this warning. [ 78.609478][ T5982] ======================================================= [ 78.757284][ T5988] loop0: detected capacity change from 0 to 128 [ 78.920634][ T5988] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 78.958717][ T5988] ext4 filesystem being mounted at /3/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 79.194035][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 79.611813][ T5992] netlink: 25 bytes leftover after parsing attributes in process `syz.1.15'. [ 80.013138][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 80.726756][ T5856] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 82.423891][ T971] cfg80211: failed to load regulatory.db [ 84.935404][ T6026] netlink: 25 bytes leftover after parsing attributes in process `syz.2.23'. [ 85.544075][ T6028] loop4: detected capacity change from 0 to 512 [ 85.551633][ T6028] EXT4-fs: Ignoring removed orlov option [ 85.559944][ T6028] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 85.603441][ T6028] EXT4-fs error (device loop4): ext4_orphan_get:1388: inode #15: comm syz.4.25: casefold flag without casefold feature [ 85.625154][ T6028] EXT4-fs (loop4): Remounting filesystem read-only [ 85.632310][ T6028] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.672909][ C0] [ 85.675290][ C0] ============================= [ 85.680156][ C0] [ BUG: Invalid wait context ] [ 85.685028][ C0] 6.12.0-rc6-next-20241105-syzkaller #0 Not tainted [ 85.691626][ C0] ----------------------------- [ 85.696479][ C0] syz.2.26/6032 is trying to lock: [ 85.701598][ C0] ffffffff8ea75ed8 (stack_list_lock){-.-.}-{3:3}, at: __set_page_owner+0x5cb/0x800 [ 85.710963][ C0] other info that might help us debug this: [ 85.716866][ C0] context-{2:2} [ 85.720333][ C0] 1 lock held by syz.2.26/6032: [ 85.725190][ C0] #0: ffff888032e5a9e0 (&mm->mmap_lock){++++}-{4:4}, at: __mm_populate+0x1b0/0x460 [ 85.734639][ C0] stack backtrace: [ 85.738376][ C0] CPU: 0 UID: 0 PID: 6032 Comm: syz.2.26 Not tainted 6.12.0-rc6-next-20241105-syzkaller #0 [ 85.748386][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 85.758556][ C0] Call Trace: [ 85.761851][ C0] [ 85.764712][ C0] dump_stack_lvl+0x241/0x360 [ 85.769406][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 85.774593][ C0] ? __pfx__printk+0x10/0x10 [ 85.779170][ C0] ? stack_trace_save+0x118/0x1d0 [ 85.784191][ C0] __lock_acquire+0x15a8/0x2100 [ 85.789026][ C0] ? __alloc_pages_noprof+0x292/0x710 [ 85.794385][ C0] lock_acquire+0x1ed/0x550 [ 85.798882][ C0] ? __set_page_owner+0x5cb/0x800 [ 85.804251][ C0] ? __alloc_pages_noprof+0x292/0x710 [ 85.809607][ C0] ? alloc_pages_mpol_noprof+0x3e8/0x680 [ 85.815244][ C0] ? folio_alloc_mpol_noprof+0x36/0x50 [ 85.820682][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 85.825688][ C0] ? __mm_populate+0x27a/0x460 [ 85.830430][ C0] ? vm_mmap_pgoff+0x303/0x430 [ 85.835171][ C0] ? do_syscall_64+0xf3/0x230 [ 85.839830][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.845881][ C0] _raw_spin_lock_irqsave+0xd5/0x120 [ 85.851155][ C0] ? __set_page_owner+0x5cb/0x800 [ 85.856166][ C0] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 85.862052][ C0] ? __kmalloc_cache_noprof+0x243/0x390 [ 85.867578][ C0] ? __set_page_owner+0x55f/0x800 [ 85.872586][ C0] __set_page_owner+0x5cb/0x800 [ 85.877422][ C0] ? __pfx___set_page_owner+0x10/0x10 [ 85.882773][ C0] post_alloc_hook+0x1f3/0x230 [ 85.887517][ C0] get_page_from_freelist+0x3725/0x3870 [ 85.893063][ C0] ? __lock_acquire+0x1397/0x2100 [ 85.898100][ C0] __alloc_pages_noprof+0x292/0x710 [ 85.903297][ C0] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 85.909003][ C0] ? is_bpf_text_address+0x26/0x2a0 [ 85.914181][ C0] ? kernel_text_address+0xa7/0xe0 [ 85.919272][ C0] ? arch_stack_walk+0xfd/0x150 [ 85.924108][ C0] alloc_pages_mpol_noprof+0x3e8/0x680 [ 85.929556][ C0] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 85.935543][ C0] ? stack_trace_save+0x118/0x1d0 [ 85.940582][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 85.945950][ C0] ? alloc_pages_noprof+0x43/0x170 [ 85.951052][ C0] stack_depot_save_flags+0x666/0x830 [ 85.956419][ C0] kasan_save_stack+0x4f/0x60 [ 85.961081][ C0] ? kasan_save_stack+0x3f/0x60 [ 85.965911][ C0] ? __kasan_record_aux_stack+0xac/0xc0 [ 85.971456][ C0] ? task_work_add+0xd9/0x490 [ 85.976114][ C0] ? run_posix_cpu_timers+0x6ac/0x810 [ 85.981465][ C0] ? tick_nohz_handler+0x37c/0x500 [ 85.986579][ C0] ? __hrtimer_run_queues+0x551/0xd50 [ 85.991939][ C0] ? hrtimer_interrupt+0x396/0x990 [ 85.997030][ C0] ? __sysvec_apic_timer_interrupt+0x110/0x420 [ 86.003168][ C0] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 86.008965][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 86.015102][ C0] ? seqcount_lockdep_reader_access+0x189/0x1e0 [ 86.021321][ C0] ? bad_range+0x5f/0x270 [ 86.025682][ C0] ? get_page_from_freelist+0x3709/0x3870 [ 86.031399][ C0] ? __alloc_pages_noprof+0x292/0x710 [ 86.036936][ C0] ? alloc_pages_mpol_noprof+0x3e8/0x680 [ 86.042571][ C0] ? folio_alloc_mpol_noprof+0x36/0x50 [ 86.048021][ C0] ? shmem_alloc_and_add_folio+0x49b/0x13d0 [ 86.053986][ C0] ? shmem_get_folio_gfp+0x5a9/0x20a0 [ 86.059350][ C0] ? shmem_fault+0x253/0x6f0 [ 86.063945][ C0] ? __do_fault+0x135/0x460 [ 86.068441][ C0] ? handle_pte_fault+0x3c01/0x66b0 [ 86.073635][ C0] ? handle_mm_fault+0x1106/0x1bb0 [ 86.078746][ C0] ? __get_user_pages+0x1c82/0x49e0 [ 86.084117][ C0] ? populate_vma_page_range+0x264/0x330 [ 86.089741][ C0] ? __mm_populate+0x27a/0x460 [ 86.094482][ C0] ? vm_mmap_pgoff+0x303/0x430 [ 86.099227][ C0] ? do_syscall_64+0xf3/0x230 [ 86.103904][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.110048][ C0] ? __phys_addr+0xba/0x170 [ 86.114531][ C0] __kasan_record_aux_stack+0xac/0xc0 [ 86.119887][ C0] task_work_add+0xd9/0x490 [ 86.124385][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 86.129404][ C0] ? __pfx_task_work_add+0x10/0x10 [ 86.134495][ C0] ? __raise_softirq_irqoff+0xa2/0x1c0 [ 86.139939][ C0] run_posix_cpu_timers+0x6ac/0x810 [ 86.145130][ C0] ? __pfx_run_posix_cpu_timers+0x10/0x10 [ 86.150831][ C0] ? sched_balance_trigger+0x1a3/0x890 [ 86.156274][ C0] tick_nohz_handler+0x37c/0x500 [ 86.161202][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 86.166648][ C0] __hrtimer_run_queues+0x551/0xd50 [ 86.171826][ C0] ? ktime_get_update_offsets_now+0x2d/0x3b0 [ 86.177806][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 86.183509][ C0] ? read_tsc+0x9/0x20 [ 86.187563][ C0] ? ktime_get_update_offsets_now+0x393/0x3b0 [ 86.193612][ C0] hrtimer_interrupt+0x396/0x990 [ 86.198534][ C0] __sysvec_apic_timer_interrupt+0x110/0x420 [ 86.204494][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 86.210109][ C0] [ 86.213025][ C0] [ 86.215962][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 86.221925][ C0] RIP: 0010:seqcount_lockdep_reader_access+0x189/0x1e0 [ 86.228764][ C0] Code: 42 80 3c 23 00 74 08 4c 89 ff e8 42 b9 0d 00 f6 44 24 41 02 75 50 f7 44 24 18 00 02 00 00 74 01 fb 48 c7 44 24 20 0e 36 e0 45 <4b> c7 04 34 00 00 00 00 66 43 c7 44 34 09 00 00 43 c6 44 34 0b 00 [ 86.248442][ C0] RSP: 0018:ffffc9000324ea00 EFLAGS: 00000206 [ 86.254670][ C0] RAX: f966c463082bc800 RBX: 1ffff92000649d48 RCX: ffffffff8171768a [ 86.262631][ C0] RDX: dffffc0000000000 RSI: ffffffff8c0ad7a0 RDI: ffffffff8c605480 [ 86.270586][ C0] RBP: ffffc9000324ead8 R08: ffffffff942d1877 R09: 1ffffffff285a30e [ 86.278627][ C0] R10: dffffc0000000000 R11: fffffbfff285a30f R12: dffffc0000000000 [ 86.286596][ C0] R13: ffff88813fffbd58 R14: 1ffff92000649d44 R15: ffffc9000324ea40 [ 86.294565][ C0] ? mark_lock+0x9a/0x360 [ 86.298918][ C0] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 86.305566][ C0] ? get_page_from_freelist+0x8a0/0x3870 [ 86.311204][ C0] ? __pfx_lock_release+0x10/0x10 [ 86.316223][ C0] bad_range+0x5f/0x270 [ 86.320363][ C0] get_page_from_freelist+0x3709/0x3870 [ 86.325916][ C0] ? __alloc_pages_noprof+0x16f/0x710 [ 86.331271][ C0] ? __lock_acquire+0x1397/0x2100 [ 86.336278][ C0] __alloc_pages_noprof+0x292/0x710 [ 86.341462][ C0] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 86.347169][ C0] alloc_pages_mpol_noprof+0x3e8/0x680 [ 86.352608][ C0] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 86.358565][ C0] ? __pfx_lock_release+0x10/0x10 [ 86.363601][ C0] folio_alloc_mpol_noprof+0x36/0x50 [ 86.368874][ C0] shmem_alloc_and_add_folio+0x49b/0x13d0 [ 86.374574][ C0] ? __pfx_filemap_get_entry+0x10/0x10 [ 86.380017][ C0] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 86.386152][ C0] ? shmem_allowable_huge_orders+0x601/0x660 [ 86.392124][ C0] shmem_get_folio_gfp+0x5a9/0x20a0 [ 86.397343][ C0] ? filemap_map_pages+0x19d0/0x20d0 [ 86.402628][ C0] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 86.408264][ C0] shmem_fault+0x253/0x6f0 [ 86.412672][ C0] ? __pfx_shmem_fault+0x10/0x10 [ 86.417688][ C0] ? __pfx_lock_release+0x10/0x10 [ 86.422698][ C0] ? handle_pte_fault+0x2a64/0x66b0 [ 86.427879][ C0] __do_fault+0x135/0x460 [ 86.432193][ C0] ? handle_pte_fault+0x2a64/0x66b0 [ 86.437373][ C0] handle_pte_fault+0x3c01/0x66b0 [ 86.442409][ C0] ? __lock_acquire+0x1397/0x2100 [ 86.447414][ C0] ? __pfx_handle_pte_fault+0x10/0x10 [ 86.452766][ C0] ? __lock_acquire+0x1397/0x2100 [ 86.457784][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 86.462787][ C0] ? count_memcg_event_mm+0x94/0x420 [ 86.468067][ C0] ? do_raw_spin_lock+0x14f/0x370 [ 86.473184][ C0] handle_mm_fault+0x1106/0x1bb0 [ 86.478119][ C0] ? __pfx_handle_mm_fault+0x10/0x10 [ 86.483427][ C0] ? follow_page_pte+0x9ad/0x1db0 [ 86.488441][ C0] ? __pfx_find_vma+0x10/0x10 [ 86.493130][ C0] ? vma_is_secretmem+0xd/0x50 [ 86.497878][ C0] ? check_vma_flags+0x4fa/0x5a0 [ 86.502898][ C0] __get_user_pages+0x1c82/0x49e0 [ 86.507987][ C0] ? __pfx___get_user_pages+0x10/0x10 [ 86.513343][ C0] ? __pfx_mt_find+0x10/0x10 [ 86.517953][ C0] populate_vma_page_range+0x264/0x330 [ 86.523430][ C0] ? __pfx_populate_vma_page_range+0x10/0x10 [ 86.529395][ C0] ? userfaultfd_unmap_complete+0x30c/0x360 [ 86.535296][ C0] ? do_mmap+0x958/0x1000 [ 86.539618][ C0] __mm_populate+0x27a/0x460 [ 86.544203][ C0] ? __pfx___mm_populate+0x10/0x10 [ 86.549317][ C0] vm_mmap_pgoff+0x303/0x430 [ 86.553923][ C0] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 86.559022][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 86.565507][ C0] ? do_syscall_64+0x100/0x230 [ 86.570348][ C0] ? ksys_mmap_pgoff+0xdf/0x720 [ 86.575188][ C0] ? __x64_sys_mmap+0x7f/0x140 [ 86.579939][ C0] do_syscall_64+0xf3/0x230 [ 86.584427][ C0] ? clear_bhb_loop+0x35/0x90 [ 86.589096][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.594988][ C0] RIP: 0033:0x7f2e0257e719 [ 86.599392][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.618983][ C0] RSP: 002b:00007f2e0333b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 86.627381][ C0] RAX: ffffffffffffffda RBX: 00007f2e02735f80 RCX: 00007f2e0257e719 [ 86.635334][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000 [ 86.643373][ C0] RBP: 00007f2e025f139e R08: ffffffffffffffff R09: 0000000000000000 [ 86.651325][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000 [ 86.659279][ C0] R13: 0000000000000000 R14: 00007f2e02735f80 R15: 00007ffc3dbd7348 [ 86.667250][ C0] [ 86.773083][ T6033] PM: Image not found (code -22) [ 86.830310][ T5844] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 86.877949][ T6036] loop0: detected capacity change from 0 to 128 [ 86.942595][ T5846] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.960989][ T6036] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 86.961270][ T6036] ext4 filesystem being mounted at /4/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 87.179409][ T5844] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.