last executing test programs:

28m29.977938833s ago: executing program 32 (id=20):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_setup(0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000540)=@gcm_128={{0x303}, "ffffffffffffffe2", "8e083700daf38a6d69e9b5e9c2f133d7", "6a3a05b9", "12772541f8eb02bb"}, 0x28)
shutdown(r2, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0)
write$cgroup_int(r3, &(0x7f0000000000), 0xffffff6a)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000024d00)={0x0, 0x0, &(0x7f0000024cc0)={&(0x7f0000000580)=@newqdisc={0xd0, 0x24, 0x100, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x3, 0xfff1}, {0xffe0, 0xfff3}, {0x10}}, [@q_dsmark={{0xb}, {0x1c, 0x2, [@TCA_DSMARK_INDICES={0x6, 0x1, 0x4a799acc49114233}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x40}, @TCA_DSMARK_SET_TC_INDEX={0x4}]}}, @q_dsmark={{0xb}, {0xc, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x401}]}}, @q_dsmark={{0xb}, {0x4}}, @q_dsmark={{0xb}, {0x4}}, @q_dsmark={{0xb}, {0x4}}, @q_dsmark={{0xb}, {0x30, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x2}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x3}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6, 0x1, 0xb}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xf}]}}]}, 0xd0}, 0x1, 0x0, 0x0, 0x14}, 0x1)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24004045)
io_uring_setup(0x524, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
sendfile(r2, r3, 0x0, 0xffffffff004)

28m27.354460896s ago: executing program 33 (id=21):
r0 = userfaultfd(0x801)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$dsp1(0xffffffffffffff9c, 0x0, 0x361082, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x100000f, 0x810, r0, 0x57c68000)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000d00)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xef\xc8\xccH\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x01\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xddRB$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b+-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x90\xaf1\x86b\x81J\xb7E\xb0\xe2\xd6\x93S\xb3\x98\xcb\xf9\xde=\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea', 0xe)
ftruncate(r3, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @random="10200500c54d", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010102, @local}, {{0x1, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0xa, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "b3e480a7613088fd71106c027deb3b11"}]}}}}}}}, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r4, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r4, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)

28m25.856548613s ago: executing program 34 (id=24):
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x8, 0x4, 0x4, 0x4, 0x0, 0x1}, 0x48)
r0 = socket(0x840000000002, 0x3, 0x100)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x103)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0xd, 0x200200090}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone3(&(0x7f0000000680)={0x0, 0x0, 0x0, &(0x7f0000000440), {0x3}, &(0x7f0000000480)=""/148, 0x94, 0x0, &(0x7f0000000640)}, 0x58)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4, 0x0, 0x8}, 0x18)
inotify_add_watch(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x20000510)
r5 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000700), 0x420400, 0x0)
open_by_handle_at(r5, &(0x7f0000000740)=@fuse_with_parent={0x18, 0x82, {{0xe6, 0x10003ff, 0xffff}, {0x4, 0x4, 0x6}}}, 0x200000)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @loopback}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)

20m35.329398419s ago: executing program 35 (id=669):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
close(0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x20702, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000027c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0xfffffff5, 0x6, 0x100, 0x2}}}}]}, 0x48}}, 0x0)
r6 = socket$unix(0x1, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000140)=@raw=[@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x28}, @exit], &(0x7f0000000200)='GPL\x00'}, 0x90)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x20000, {0x0, 0x0, 0x0, r7, {0x1, 0xfff2}, {}, {0x8, 0xf}}}, 0x24}}, 0x40004)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440)
r9 = accept4(r2, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000200)={0x0, 0x7bff, &(0x7f0000000180)={&(0x7f0000000140)=@delqdisc={0xfffffffffffffc9b}, 0x49d32d254ae22f79}}, 0x0)

15m55.397928718s ago: executing program 1 (id=1000):
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000480)='./bus\x00', 0x800, &(0x7f0000000040)={[{@jqfmt_vfsv0}, {@test_dummy_encryption}, {}]}, 0x1, 0x453, &(0x7f00000004c0)="$eJzs3E1PXNUbAPDnXqDNn/YvVfENW0VbW7QKQhU1MU3YuSC60IXbCVBs5EULJrYhBhIXbk3sB9C4tR/BaBNfNroy3arRhZoQU1g0sYsxd94Y6AztKPQa5vdL7vScO2d6zr1Pnzt3Tk9uAG2rP3tJIg5GxA8R0VOubm7QX/5j/erSRLYlUSy++mdSard2dWmi2rT6uQPZSxoxkEak7yfxYIN+F85feLMwMzN1rlIfWpx9a2jh/IWnzs4Wpqemp+aGTw2Pjj737PMjw9sNv+9gC8f60vfrv37S+fLcpxfX5q6dHunOxlv9fP1x7JT+6N98Lusc3+nOcnZPXTnpzHEgtKQjIrJwdZXyvyc6YiN4PfHNT7kODthVxcz+pm8vF4E9LIm8RwDko/pFn/3+rW4N7gP+Ku7WDQi5Wh0r/wBcq8ztrNfi3xlpufD28a++3PT7fif1R8Tr468cybbYpXkYAAAAgHb2xVhEPNlo/i+Ne+vaZeX7IuL+iHggIvoiSut6DkfEkYh4KCIerq4nasHW9lvmf5r/zyQ7YnUs4sW6tV3rdfGvONRRqf0/q0RXcubszNTTEXFHRAxE1/6svt0qrdk3Ct81e29j/u9yd3nP0kR1LrAyjj86t/wrmCwsFv7xAbPJ6kpEX2ej+Ce1lUBJRDwSEY/eyl/4dWlF3XTvpeu1XS98cPeVZs3r53+zLet/c/zZTcWPI040zP+VWptk+/WZQ6XrwVD1qnCjby+Oftasf/HPV5b/3Q3jX1u5eiipX6+70Hofl3t//rHZe9eLxeL28W98/d+XvFYa4L7KvncLi4vnhiP2JeM37h9pfcx7VfV8VM9XFv+Boxvx32iZxl2VUnZCj0bEsYh4rLJ2+UTpuz/i8Yh4IiJObtPn8vQvTe/j5H++svhPtpT/rRd+X/nwWLP+bx7/LP+fKQ1moLLH/d/N3WqA8h4nAAAAAAAAADsjLT0DL0kHa+U0HRwsP8OvN7rTmfmFxZNn5t+Zmyw/K+9QdKXVlV49detBh0vljfrIlvqpiLgzIj7q+F+pPjgxPzOZ98FDmzvQJP8zv3XkPTpg13leK7Qv+Q/tS/5D+5L/0L7kP7Qv+Q/tS/5D+6rk/3Le4wBuv63f/+9dGT997fPDl3IaDnAbuf+HtvRvnuunoKCwVwt5X5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/hv+DgAA///vYdKh")
io_setup(0x800, 0x0)
fallocate(r0, 0x20, 0x100, 0xb)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
fallocate(r1, 0x0, 0x0, 0x10fff9)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x7000001, 0x12, r1, 0x0)
r2 = userfaultfd(0x1)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000180)={0xaa, 0x4a4})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1})
ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa07, &(0x7f0000000280)={{&(0x7f0000ffc000/0x1000)=nil, 0x1000}})
wait4(r3, &(0x7f0000000100), 0x1000000, &(0x7f0000000980))
r6 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2)
ioctl$vim2m_VIDIOC_STREAMOFF(r6, 0x40045612, 0x0)
pselect6(0x40, &(0x7f0000000000)={0xa, 0x80000001, 0x2, 0x10000000000006, 0x12, 0x8, 0x80000000, 0x8}, 0x0, 0x0, 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000940)=[&(0x7f0000000240)={0x0, 0x0, 0x8, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x4f}])
socket$inet6_udplite(0xa, 0x2, 0x88)

15m43.972750237s ago: executing program 1 (id=1015):
socket$netlink(0x10, 0x3, 0x4)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, 0x0, 0x0)
listen(r0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x8000000000002)
sched_setscheduler(r1, 0x2, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000093c0), r4)
sendmsg$IEEE802154_LIST_IFACE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)={0x1c, r5, 0x100, 0x72bd27, 0x25dfdbfb, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004004}, 0x20004880)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000240))
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)={0x14, r9, 0x1, 0x70bd2b, 0x0, {0x54}}, 0x14}, 0x1, 0x0, 0x0, 0x20000850}, 0x4000000)
close(r8)

15m40.776597763s ago: executing program 1 (id=1017):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000540)='mnt', 0x0, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a})
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x1c0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a})
socket$kcm(0x29, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000001a40)=""/102392, 0x18ff8)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="6e6577206400000000000000007365723a73797a30303030303030c767303830303030343039330000"], 0x2a, 0x0)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), 0x0, 0x0, 0xfffffffffffffffe)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_MASTER(r4, 0x641e)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000a00)={0xffffffffffffffff, 0xe0, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
connect$inet(r3, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r3, 0x1, 0x9, &(0x7f0000000100)=0xfffffffc, 0x56)
openat(0xffffffffffffff9c, &(0x7f0000000700)='mnt/encrypted_dir/file\x00', 0x42, 0x180)

15m39.259441988s ago: executing program 1 (id=1021):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="020000000400000006000000050000"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r0, 0x0, 0x0)
fchdir(r6)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)
setxattr$security_evm(0x0, &(0x7f0000000300), 0x0, 0x1, 0x3)
ftruncate(r7, 0x2007ffb)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendfile(r7, r7, 0x0, 0x1000000201005)

15m35.056927151s ago: executing program 1 (id=1026):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000012c0)={&(0x7f0000000000)={0x38, r1, 0x601, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x5, 0x4}]}]}]}, 0x38}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mknodat(0xffffffffffffff9c, 0x0, 0x8000, 0xfffffffa)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
lsetxattr$security_ima(0x0, 0x0, 0x0, 0x0, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x28, 0x1, 0x0)
getsockname$packet(r3, 0x0, &(0x7f0000000200))
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000240)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000100)='./bus\x00')
rename(&(0x7f0000000400)='./bus\x00', &(0x7f0000000f00)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000000)='./file0/../file0\x00')
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r5 = open$dir(&(0x7f00000000c0)='./file0/../file0\x00', 0x10000, 0x1)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r5, 0xc0406618, &(0x7f0000000140)={@desc={0x1, 0x0, @auto="c6d8d47cca047a24"}})
getpeername(r4, &(0x7f00000001c0)=@sco={0x1f, @none}, &(0x7f0000000040)=0x80)

15m34.267409338s ago: executing program 1 (id=1028):
getsockopt$bt_BT_SNDMTU(0xffffffffffffffff, 0x112, 0xc, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r3 = open_tree(0xffffffffffffff9c, 0x0, 0x9001)
renameat2(r3, 0x0, r3, &(0x7f0000000040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4)
setresgid(0xee00, 0xee01, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x2810)
syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
pread64(0xffffffffffffffff, &(0x7f0000000080)=""/181, 0xb5, 0x365)
keyctl$chown(0x4, 0x0, 0x0, 0xee01)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
mprotect(&(0x7f0000740000/0x1000)=nil, 0x1000, 0x9)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x2}, 0x28)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000009000000dfa2bff372df8cdbeb318ab2bec8fc36903c0ec359caa1af3c914019395cc154010c693709800000000000000016a85adef34bf78c76e6222337923e1bea6ef682cc4375f594425d408ccc58187feb0e3d43347f989007a7c63f6dae2acb4af936461f34a8a32a50bbbb69ec85168947b86df9f2609bf93f7a1be259621818c3c75da31290bce645451b851111dd98ac4d8da9317c2c082020e0b2d634086785f3fe41a3053645cc413790faf7e229c782845b5bb774f7f154263178151ea93ff2cac4b181332c9c9a1c7d85616c8100000000000000d8300d19d585000000fc005774b56a7142047326f940e95b8489e1c5650f5c61299a295f39c88456391cffdef93e29f10f4a11f0cfbfc0ff976b20fef6033495b9b94777db9bb9b678ffc1130000009faa798226a080c01e47151268a02dc1a557cfdcf76305fbf6643df66b1b4d2d5e7bf698fc5a18d984ecb91e6683a5f522d536e2f3c43b89823659d1945258fc668950e5aacfffffffffffffff7f7a266c90e64efc8d8f730867202a9ee94e6a00"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0xf5010000}, 0x6d)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={r6, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, &(0x7f0000001a00), 0x0, 0xfeffffff, 0x10, 0x8, 0x0, 0x0}}, 0x10)

15m19.233238463s ago: executing program 36 (id=1025):
r0 = fsopen(&(0x7f00000002c0)='minix\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x80c406, &(0x7f0000000540)=ANY=[], 0x1, 0x2a7, &(0x7f0000000b80)="$eJzs3M9r02AYwPGn6dZ0lf04CXrxQS96CbNe9VBlA7GgdMtQD0LGMi2t7UiKtiLYs6f9HcOjN0E8eN1/4W0IstNORtZmWVa7za2t3brvB0ae5Mk7nuQl8LyFZOvp+uvSqm+tOjUx0iqGSFN2RGakKHsS4TbVilPRcbmXlabcmn2z/XHh2fNHuXx+rqA6n1u8k1XVqWtf377/dP1b7dLS5ynTlM2ZF1u/sj82L29e2fq9+Kroa9HXSrWmji5XqzVnuezqStEvWapPyq7ju1qs+K53IL9arq6tNdSprExm1jzX99WpNNSQhtaqmg6rqqhlWTqZ2Y3TcoGkTjzC3igUnNxAisGZ4Xk5JykiE389DfbGcCoCAADDdHj/b0Tn7PX/Rmf/L3JM//8hPGvqS9/7/6RE/X/JbfX/Na+hzkunGO//u1kazJ08j07X/xuDKQa9SDRjO/cPpDwvN9F9EP0/AAAAAAAAAAAAAAAAAAAAAADnwU4QTAdBML27NUQkCPdNEUnG9rsMvVDv1o+q+PwHsT8znOAj5h8jIPbiXvp7RqRu1+2E/GzW7XZ+/mF+blZbYi/+bdfrdjLK327n9WB+XDJhPts1n5KbN9r53dyDx/l4fr1uT8jKkZU3+3ULAAAAAAAYeZZGZqKDaYnW95alpnTmW+v3dtTc/32gY30/JlfH/t91AAAAAACAw/mNdyWnXHa9ziAlIoekegiSJxtlhlX2u4yjA5FTjQo/i9t7GUkROeacwsIgZqfnwJQzUcYoB3f79g+DhEj7yHj4mHU8BQAAAABGy/56YNiVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwcf3Dp8IC6fFLY8O+RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCs+BMAAP//5uK0Zg==")
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
fanotify_init(0xf00, 0x1000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r2)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x2, &(0x7f0000006680))
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f000001f6c0)=""/102400, 0x19000)
openat$sw_sync_info(0xffffffffffffff9c, 0x0, 0x101743, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x7a, 0x130c13, 0xfffffffa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r4)
sendmsg$IEEE802154_ADD_IFACE(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="143100009557eae1e6e910d2aca9238cec93c3b8be015efeec72db7b2f39e95f7cfcfb51a6389d7fcba0138916a8b85b5888d9f5b101999a1db0eb2d1e4d4d7cae87d25b9f0d1f7051aa4f8cfd9a282d561654f229f46c14ce8144cec0bacfc84804528f6d7a1b5eba53880ce28b457cdb277514ed80abecd071ec43052621e1d7dd60c761440976fa6d8c8a896a1f392c5db5776d3e4092d78b6663635a2882275a3d37dbf84602b2258b0430b2676f5a99d9f2a4ac565aefe461dc2f4a4008fd3246694dcd04b02b7fc2d036f029ad56a4f0a7ca19b59419c899532a04b708edad635850315a9b7ae2f04763f6dc8267cae55bdb9604c88932ca8b29c4b8885f08a55b744e16ab649cd766a123ceb077a7413ea0e9917e0d1262df5122096dcf9517871fe70e104fa7d2476823cd844b", @ANYRESOCT=r1, @ANYBLOB="01022dbd7000ffdbdf2521000000"], 0x14}}, 0x40d0)
openat$sequencer2(0xffffffffffffff9c, 0x0, 0x80d02, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f00000000c0)='source=\xee\xd64\xd5\xb6_\xe6\xf2\x87c4*F\x0e\xfc\x04\xf6\xdc\x13\xa1\x1d\v;F}\x11EN\xc9A\xfb\xeb\r\x8f\xb8\x99\x11T<6\xcbIM\xd9\xe3T-r\xa6l\x9a\x93\xe2\xd4\x1f\x9a\x89\x0e\xe3\x98zR\x1by/\xf0\xb8\x8e\v?\n\xba\xf8\xba\x8e\xff\xd4\xf0\x13\xa6\x9e\x1b\xd3\x16]Cm.\xd3^~\xbb\x90h\x84\xcc?\xa5\xe1\xc1\x91', &(0x7f0000000180)='b:::\x00\xef\xdfB\xfa=\xe3\xd1\x9d\xe1\xbfUlJ4]y-,\x8a\x03\x91xu\x9cP\xdc\xe5\x95\xa2@\x9c\x98\xa4\xd2\xd4}\xc8]7N\xf3\x0e\'\xa0x\xfbdt\xb4\x1fW\xe7\xbe\xaf\x01.zT\xab\x92I\x104\x8c\x18\x16\x1c\x8a\x8e\xfd\x8b{ZVHZ2\xd3\xd6-~\x96\x80#\xee)+L\xf1\x00\xd5p\xe7 \x8c\xd2\a\x1e\xae\xb4\xe8\xd1\xe1\xed\xb8\x94\xb2*\x1c\xaeG\x1e\xdb\xc0Q\xb9`K\xffG\xc0\xa2\xb41\xac\x98\x01\xde}:\b\xa0Oq\xec\xa8\xf0\x8f\xe3\xa17\xe3\xd7\x9c^\x90\xfal\xbe\x81\x9a\xa4\x00K', 0x0)

15m19.003734667s ago: executing program 37 (id=1028):
getsockopt$bt_BT_SNDMTU(0xffffffffffffffff, 0x112, 0xc, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r3 = open_tree(0xffffffffffffff9c, 0x0, 0x9001)
renameat2(r3, 0x0, r3, &(0x7f0000000040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4)
setresgid(0xee00, 0xee01, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x2810)
syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
pread64(0xffffffffffffffff, &(0x7f0000000080)=""/181, 0xb5, 0x365)
keyctl$chown(0x4, 0x0, 0x0, 0xee01)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
mprotect(&(0x7f0000740000/0x1000)=nil, 0x1000, 0x9)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x2}, 0x28)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000009000000dfa2bff372df8cdbeb318ab2bec8fc36903c0ec359caa1af3c914019395cc154010c693709800000000000000016a85adef34bf78c76e6222337923e1bea6ef682cc4375f594425d408ccc58187feb0e3d43347f989007a7c63f6dae2acb4af936461f34a8a32a50bbbb69ec85168947b86df9f2609bf93f7a1be259621818c3c75da31290bce645451b851111dd98ac4d8da9317c2c082020e0b2d634086785f3fe41a3053645cc413790faf7e229c782845b5bb774f7f154263178151ea93ff2cac4b181332c9c9a1c7d85616c8100000000000000d8300d19d585000000fc005774b56a7142047326f940e95b8489e1c5650f5c61299a295f39c88456391cffdef93e29f10f4a11f0cfbfc0ff976b20fef6033495b9b94777db9bb9b678ffc1130000009faa798226a080c01e47151268a02dc1a557cfdcf76305fbf6643df66b1b4d2d5e7bf698fc5a18d984ecb91e6683a5f522d536e2f3c43b89823659d1945258fc668950e5aacfffffffffffffff7f7a266c90e64efc8d8f730867202a9ee94e6a00"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0xf5010000}, 0x6d)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={r6, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, &(0x7f0000001a00), 0x0, 0xfeffffff, 0x10, 0x8, 0x0, 0x0}}, 0x10)

14m25.975765701s ago: executing program 8 (id=1111):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000014c0)=@newsa={0x114, 0x10, 0x1, 0x0, 0x0, {{@in6=@loopback, @in6=@mcast1, 0x0, 0x0, 0x4e22, 0x0, 0xa, 0x0, 0x80}, {@in=@multicast1, 0x0, 0x32}, @in6=@mcast1, {0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x1000}, {}, {0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xa, 0x0, 0x0, 0xaf}, [@replay_esn_val={0x1c}, @replay_thresh={0x8, 0xb, 0x6}]}, 0x114}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, 0x0, &(0x7f00000000c0)='devtmpfs\x00', 0x0, 0x0)
r4 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
fsetxattr$security_ima(r4, &(0x7f0000000040), &(0x7f0000000280)=ANY=[@ANYBLOB], 0xfe49, 0x0)
execveat(r4, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r5 = socket$inet(0x2, 0x2, 0x1)
setsockopt$inet_int(r5, 0x0, 0x13, &(0x7f0000000040)=0x7, 0x4)
bind$inet(r5, &(0x7f0000000140)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, &(0x7f0000000600)=0xdfa, 0x4)
syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x1000000, &(0x7f0000000140)={[{@nodecompose}, {@umask={'umask', 0x3d, 0x4}}, {@barrier}, {@uid}, {@nobarrier}, {@barrier}, {@nls={'nls', 0x3d, 'maciceland'}}]}, 0x3, 0x632, &(0x7f0000000800)="$eJzs3UtsG2kdAPD/OI4TB9TN7qa7Ba1EtJUWRESbh7IQLpSHUA4rtFoOnKPWbay6aZW4KK0QCi9x4MKh4lwOuXFC6j1SOcMF9ZpjJVAvPaDcjGY8dpy386qd7e8Xjb/v8zfzzX/+9jzsyJoA3lrzE1HciCTmJz5bTdub6zO1zfWZoby7FhFpvRBRbBaRLEUkz5vdN9KHr6VP5vMnB63nSXXuixevN182W8XWwkkprQ0fvNxRmguu5VOMR8RAXu412O2oO8a7eeB4+/nvn/YPshlous1XW4mDXmvssXacxU+83wL9I2meN/cYjRjJztDN64DIjw6FNxvd2TvWUQ4AAAAuqHe2Ymut0Wj0Og4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4SPL7/yf5VGjVxyNp3f+/1DF7qYehnomNXgcAAAAAAAAAACfSGOhsfWMrtmI1LrV7k+x//h9njbHs8SvxMFaiEstxLVZjIepRj+WYiojRjoFKqwv1+vJUF0tO77vk9LluNAAAAAAAAAB82f025rf//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP0giRhoFtk01qqPRqEYEcMRUUrnW4v4V6t+kW30OgAAAAB4A97Ziq1YjUutdiPJPvN/kH3uH46HsRT1qEY9alGJW9l3Ac1P/YXN9Zna5vrMvXTaO+5f/tfIdBlGNmI0v3vYf81XsjnKcTuq2TPX4mbcj1q5c5QrrXj2j+s3r9Kxf5DrMrJbeZlu+Z/zsj+MZhkZbGdkMo8tzeO7h2fih69OtaapKLS/+Rk7h5yP5GWyq+y93ZmYjkKW79QHh2ci4pvP/vaLxdrS3cXbKxP9s0kn1MxEo9HMxFDWamXiw7cqE5PZtl9ut+fjp/HzmIjx+DyWoxq/jIWoRyXG4ydZbSF/P6ePo7syVdg59I0drc+PiqSUvy7No+jxYvo4W/ZSVONncT9uRSU+zf6mYyq+G7MxG3Mdr/DlLvb6wvH2+qvfyivpIf2Pedkf0ry+25HXzmPuaNbX+cx2lt47+2Nj8et5JV3H7yLix2e4naezOxPpWeLZV5t97x+eib9m1wkrtaW7y4sLD7pc3yd5me5Hf+irs0T6fnkvfbGy1s53R9r3/r59U1nfWLuvsKfvcrvvqD21lF/D7R1pOuv7cN++mazvSkffnuut9vUQAH1s5NsjpfJ/yv8sPy3/vrxY/mz4R0PfG/qoFIP/GPx+cXLgk8JHyd/jafx6+/M/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwciuPHt9dqNUqy0dWkuzm/xFdzdxRad3O6fCZk/xGPscZWaVWqwxHX4RxrErt3xEdzyS9jqcfKkP99ubv7XEJOH/X6/ceXF959Pg71XsLdyp3KkuDs7Nzk3Ozn85cv12tDUT6WJnsdZTAedg+6fc6EgAAAAAAAAAAAKBbh/8MYDCf63Q/J+jxJgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX3PxEFDciianJa5Npe3N9ppZOrfr2nMWIKERE8quI5HnEjWhOMdoxXHLQep5U57548Xrz5fZYxdb8hcOW685aPsV4RAzk5VmNd/PU4yXtLUwTdrV0uuDgzPw/AAD//4oVCL4=")
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000, 0x1)

14m24.371703803s ago: executing program 8 (id=1112):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000400)={@fallback, 0x2, 0x0, 0x4, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x0, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@empty, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x1, 0x0, 0x1}}, 0xb8}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@empty, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x20, 0x0, 0x1}}, 0xb8}}, 0x0)

14m24.126284173s ago: executing program 8 (id=1114):
socket$inet6_mptcp(0xa, 0x1, 0x106)
open(0x0, 0x14000, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x40008c1}, 0x84)
close(0xffffffffffffffff)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mkdir(&(0x7f0000000200)='./bus\x00', 0x10)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chroot(&(0x7f0000000000)='./bus\x00')
syz_open_dev$tty1(0xc, 0x4, 0x1)

14m22.193564076s ago: executing program 8 (id=1117):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014001b00b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$evdev(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
openat$sw_sync(0xffffffffffffff9c, &(0x7f00000001c0), 0x10000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/wakeup_count', 0x101a02, 0x0)
mmap$binder(&(0x7f00008d6000/0x2000)=nil, 0x2000, 0x1, 0x11, r6, 0x5)
getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x28, 0x0, 0x0)
r7 = memfd_create(&(0x7f0000000300)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xae\xd1md\xc8\x85\x00\x00\xfb\xff\x00\x18\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;2\xb5\xe1jS\xeb\xbf%||\xa0\x8e\x01\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x4)
execveat(r7, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
symlink(&(0x7f00000049c0)='.\x00', &(0x7f00000059c0)='./file0\x00')
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000280)={0xffffffffffffffff, 0x1, 0x4}, 0xc)
r8 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r8, 0x40946400, 0x0)

14m17.211704544s ago: executing program 8 (id=1122):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r5, &(0x7f0000000740)="5e000d001b71ecab36c7f263c06bddc65b99fb63499dd5c8ef68ff53e24127f1a538594685e48943f26ed6e8d84b02464cc13dd7cc64d3a5a334a763cad337436ce16682040000000000000041579f9e3959de3e9f8005da735613f1fc390f61811b62d69e", 0x65, 0x40000, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x2000000000000061)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r5, &(0x7f00000004c0)='<', 0x381, 0x805, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r4, 0x0, 0x20008000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))

14m16.014056284s ago: executing program 8 (id=1123):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000000000000100000008000600e0000001050004000100000008000b0027"], 0x2c}, 0x1, 0x0, 0x0, 0x20048091}, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000000c0)={<r5=>0xffffffffffffffff}, 0x106, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r4, &(0x7f00000002c0)={0x7, 0x8, 0xfa00, {r5, 0x7}}, 0x10)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_FLUSH(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r6, @ANYBLOB="0100000000000000000001"], 0xc4}}, 0x240008c0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r10 = socket(0x400000000010, 0x3, 0x0)
r11 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000200)={'syzkaller0\x00', <r12=>0x0})
r13 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r13, 0x84, 0x6b, &(0x7f00000003c0)=[@in={0x2, 0x4e20, @private=0xa010102}], 0x10)
setsockopt(r13, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8)
recvmsg(r13, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r12, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001300)=@newtfilter={0xe84, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r12, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_fw={{0x7}, {0xe58, 0x2, [@TCA_FW_ACT={0xe54, 0x4, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x4, 0x1ff, 0x20000000, 0xc, 0x6}, 0x7f, 0x5}, [{0x2a9, 0x6, 0x810, 0x4, 0x5}, {0x4a7, 0x1ff, 0x4, 0x1, 0x7, 0xdd}, {0x9, 0x7, 0x3ff, 0x97, 0xfffffffd, 0x4}, {0x8, 0x0, 0x6, 0x2, 0x7fff, 0x3}, {0x4f9a, 0x5, 0x1, 0x1, 0x2, 0x8}, {0x0, 0x5, 0x1437, 0x1, 0xee57, 0xd}, {0x77d, 0x6, 0x9, 0x6, 0x8, 0x1}, {0x5, 0x6, 0x0, 0x2, 0x1, 0x7fff}, {0x0, 0x3, 0x4235da1, 0x9, 0x7ec9, 0x8}, {0x10000, 0x2, 0x0, 0x1, 0x6, 0x9}, {0xd, 0xffff0001, 0x0, 0x6, 0x81, 0x4}, {0xfffffffc, 0x4, 0xffff, 0x2, 0xffffffff, 0xfffffffa}, {0x5, 0xd29, 0x101, 0x3, 0x7, 0xc}, {0x0, 0xfffffff7, 0x1, 0x72b2, 0xc874, 0x3}, {0x3, 0xf, 0x5, 0x1, 0x1ff, 0x6}, {0x9b9b, 0xffff, 0x6, 0xb, 0xb3d, 0x812}, {0x5, 0x7, 0x2, 0x5, 0x5, 0x4}, {0x6, 0x0, 0x9, 0x2, 0x82, 0x2}, {0xfffffff7, 0x6, 0x2, 0x9, 0xff}, {0x4, 0x1, 0x371, 0x8, 0x0, 0xeac}, {0x9, 0x2, 0xd77, 0x8, 0x113, 0x8d3f}, {0x7, 0xffffffff, 0x4, 0x92a4, 0x9, 0x10}, {0x1a4a13f0, 0x4, 0xe, 0x3, 0xad47, 0xf83b}, {0x1ff, 0x5, 0x7, 0xfff, 0x9}, {0x100, 0x4, 0x200, 0x9, 0x1, 0x9df}, {0x9, 0x1, 0x65, 0x9, 0x7}, {0x401, 0x10001, 0x9, 0x200, 0x9, 0x1}, {0x6, 0x10, 0xf, 0x2, 0x6, 0x3}, {0xf23, 0x3ff, 0x0, 0x9, 0xfffffffc}, {0x80000000, 0x6, 0x0, 0x6, 0x6, 0xd}, {0x0, 0x9, 0xd, 0x8000, 0x3, 0x2}, {0x800, 0x9, 0x6, 0x3, 0x7, 0x8}, {0x7, 0x8, 0x7358, 0x7, 0x8, 0xffffffff}, {0x4d9, 0x45db8bad, 0xb3dd, 0x1, 0xbc, 0x7ff}, {0x7, 0x1, 0x3, 0x3, 0x3, 0x7a}, {0x5a1b, 0x1, 0x1, 0x7ff, 0x3, 0x4}, {0x3, 0x7, 0x4, 0x4, 0x1c716ddc, 0x8}, {0xffffffa5, 0x7, 0x0, 0x10, 0x3, 0x5}, {0x8219, 0x0, 0x1000002, 0x6, 0x3, 0x2}, {0x62, 0xf4, 0x5, 0x4, 0x4, 0x67}, {0x5, 0x4, 0x53, 0x8, 0xc0000000, 0x7}, {0x2, 0x5, 0x2, 0xffff, 0x2, 0x2}, {0x80000001, 0x94c, 0x6, 0xfffffe00, 0x5, 0x7b27}, {0x2, 0x6, 0x1000, 0x9, 0x9}, {0xa, 0x0, 0x9, 0x4, 0xe, 0x9}, {0xdf, 0x7fff, 0x8000, 0x81, 0xff, 0xfffffff8}, {0x2, 0x10000, 0x9, 0x2, 0x2}, {0x2, 0x6, 0x9, 0x1, 0x2, 0x40}, {0xfffffe00, 0x3, 0x74d2, 0x3, 0x80000001, 0x6}, {0x2, 0x8, 0xfffffff7, 0x1, 0x6, 0xa}, {0x8, 0x9, 0x8e, 0x33, 0x10001, 0x22cb}, {0x2, 0x31f5, 0x7, 0x5, 0x7fffffff, 0x1}, {0x9, 0x10001, 0x4, 0x8, 0x7, 0x9}, {0xb, 0x1ff, 0xb, 0x8001, 0x5, 0x80000001}, {0x7, 0x80, 0x69b, 0x3, 0x8, 0x339}, {0xee, 0x80000000, 0xfba6, 0x101, 0x5, 0xb}, {0x3, 0x458, 0x6, 0xf, 0x7, 0x8000}, {0x9, 0xfffffffa, 0x1000, 0x8, 0xb, 0x2}, {0x400, 0xffff, 0x3, 0xbcbb, 0x7, 0xb}, {0x0, 0x7fffffff, 0x8, 0x8, 0x2, 0x1}, {0x1, 0x2, 0x3, 0x9, 0x0, 0x401}, {0xd, 0x1, 0x2, 0xf, 0x81, 0x5}, {0x6, 0xfff, 0x5, 0x5, 0x4, 0x3649}, {0x7, 0x2, 0x80000000, 0x9, 0x1630, 0x9e73}, {0xb, 0x1b6, 0xc4, 0x7, 0x4, 0xca}, {0x4, 0x5, 0x401, 0x4, 0xfffffff8, 0x40}, {0x8, 0x4594, 0x8, 0x4, 0x0, 0xffff}, {0x100, 0xfffffffb, 0x6, 0x0, 0x9, 0x6}, {0x3, 0xf7b, 0x3, 0x8, 0x6, 0x3}, {0x1, 0x5, 0x3, 0xab9, 0x7, 0x9}, {0xffffffff, 0x0, 0xfc, 0x7, 0x6, 0xc}, {0xf, 0x1, 0xa000000, 0x1, 0x101, 0x1f3}, {0x7ff, 0x9, 0xfffff001, 0x8001, 0x2, 0x2}, {0x4, 0xd9, 0x6, 0x1, 0x9, 0xfffffff8}, {0x3, 0x3, 0x7, 0x9, 0x10, 0x1}, {0x8f000000, 0x100, 0xffffffff, 0x963, 0x2, 0xc}, {0x6, 0x50, 0x6, 0xa, 0x0, 0x3}, {0x649, 0x2, 0x80000001, 0x8, 0x0, 0xffffffff}, {0x8, 0xfff, 0x6, 0x80000001, 0x7fffffff, 0x4}, {0xa3, 0x81, 0x9fcb, 0x1, 0x8, 0x7fff}, {0x0, 0x2, 0x750c, 0x0, 0x1, 0xfffffffc}, {0x7ff, 0x7, 0x10000, 0x9, 0x0, 0x88}, {0x5, 0x10001, 0x7fff, 0x81, 0xfffffff4, 0x7}, {0xfce, 0x80000001, 0x5, 0x4, 0x1ff}, {0x3, 0x3, 0x3ff, 0x7fffffff, 0x9, 0x7}, {0xdac, 0x0, 0x4, 0x80000001, 0x3, 0x8}, {0x7, 0xffffffff, 0x6, 0x8, 0x80000001, 0xa}, {0x2, 0x4, 0x2, 0x401, 0xe32}, {0x5, 0x7, 0x6, 0x8, 0x2, 0x2}, {0x10001, 0x100, 0x3, 0x4, 0x9, 0xfffffffa}, {0x2, 0x40000, 0x3, 0x6, 0x800, 0x3}, {0x0, 0x0, 0x3, 0x8, 0x1, 0x3}, {0x3, 0x3, 0xffffffff, 0x3, 0x800, 0xde}, {0x5, 0x66, 0x41d0, 0x8001, 0x1, 0x3}, {0x5, 0x7, 0xfffffffc, 0x4, 0x3, 0x92c}, {0x4, 0xffff, 0x0, 0x101, 0x4, 0x1}, {0x9, 0xf667, 0x5, 0x3, 0x5, 0x4}, {0x1731, 0xa, 0x9960, 0x9, 0x1, 0x7}, {0xd, 0xfffffffa, 0x1, 0x800003, 0x40, 0x2}, {0x1, 0x4, 0x80000000, 0x80000001, 0x2, 0x6}, {0x7, 0x2, 0xffffff3a, 0x4cf, 0x800, 0x6}, {0x8000, 0x6, 0x1, 0x0, 0x100, 0x80000000}, {0x3b, 0x5562334a, 0x2, 0x2, 0x6, 0x81}, {0x4, 0x96, 0x81, 0x0, 0x101, 0xa}, {0x4, 0xff, 0x9, 0x0, 0x81, 0x29}, {0xa, 0x5, 0x0, 0x9, 0xffffffff, 0xfb4}, {0x80000000, 0x2, 0xffff, 0x39b4, 0x1, 0x6}, {0x61, 0x2d, 0x6, 0x1fe4c5d2, 0x1, 0x3}, {0x1, 0xe2, 0x7ff, 0x7ff, 0x7f, 0x29d0}, {0x0, 0x4, 0xc, 0xd594, 0x9, 0x7}, {0x6, 0x0, 0x7, 0x9, 0x7, 0x9}, {0x80e9, 0x7, 0x9, 0x1, 0x1, 0x18000}, {0x400, 0x9, 0x0, 0x6f}, {0x2, 0x1, 0x6, 0x3, 0xfffff71b, 0xce}, {0x1, 0xff, 0xb, 0x4, 0x800, 0x1}, {0x6, 0x2, 0x8, 0xfff, 0x4, 0x7fff}, {0x0, 0x0, 0x7f, 0x401, 0x7, 0x7fff}, {0x7, 0xb, 0x10000, 0x1, 0x8000, 0xfffff830}, {0x2, 0x4, 0x2, 0x1, 0x6, 0x2b4}, {0x3cd2dbce, 0x929a, 0x9dc, 0x0, 0x8, 0xfffffffc}, {0x6, 0x0, 0xe71, 0xc5c3, 0x3, 0x1}, {0x7, 0x2, 0x197a, 0x7, 0x1, 0x8}, {0xff, 0x2c, 0xfffffc01, 0x1, 0x3, 0x100}, {0x0, 0x6, 0x10001, 0xce7, 0xec, 0x1000}, {0xffffffff, 0x6, 0xffffffff, 0x9, 0x2, 0x6}, {0xfa, 0x9, 0xbf1d, 0x9, 0x80, 0x5}, {0x1c91, 0x5f27, 0x1, 0x0, 0x6, 0x6}, {0x37, 0x622, 0x2, 0x1, 0x7, 0x2}], [{0x5}, {0xccffbfc290ab3baa}, {}, {0x2}, {0x2}, {0x0, 0x1}, {0x3}, {0x4, 0x1}, {}, {0x1, 0x1}, {0x1}, {0x2}, {0x3}, {0x0, 0x1}, {0x5, 0x1}, {0x2}, {0x3, 0x1}, {0x1}, {0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {}, {0x2, 0x1}, {0x2}, {0x2}, {0x2, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {}, {0x3}, {0x3, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {}, {0x5, 0x1}, {0x3}, {0x2}, {0x4}, {0x5}, {0x5, 0x1}, {0x2}, {0x1, 0x1}, {0x4}, {0x4, 0x1}, {0x4, 0x1}, {0x2}, {0x4, 0x1}, {0x2}, {0x1, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x4, 0x1}, {0x4, 0x1}, {}, {0x3}, {0x4, 0x1}, {0x4, 0x1}, {0xed3229170eca159, 0x1}, {0x2, 0x1}, {0x1}, {0x3}, {0x3, 0x1}, {}, {0x2, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x3}, {0x4}, {0x3, 0x1}, {0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x2}, {0x5, 0x1}, {0x4}, {0x5, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x3, 0x1}, {0x4}, {0x7, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x5}, {0x5}, {0x4, 0x1}, {0x4, 0x1}, {0x4}, {0x5}, {0x54e1b160e6ec45e8, 0x1}, {0x1, 0x1}, {0x2}, {0x3, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {}, {0x4, 0x1}, {0x4}, {0x5, 0x1}, {0x0, 0x1}, {0x3}, {0x0, 0x1}, {0x2}, {}, {0x2}, {0x5, 0x1}, {0x4}, {0x2}, {0x9baeccaf277094c4, 0x1}, {0x4}, {0x2, 0x1}, {}, {}, {0x8f9fc2e2ef57f2f0}, {0x3, 0x1}, {0x2, 0x1}, {0x2}, {0x3}, {0x3}, {0x2, 0x1}, {0x3, 0x1}, {}, {0x1, 0x1}], 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0xe84}, 0x1, 0x0, 0x0, 0x81}, 0x800)

13m59.698869044s ago: executing program 38 (id=1123):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000000000000100000008000600e0000001050004000100000008000b0027"], 0x2c}, 0x1, 0x0, 0x0, 0x20048091}, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000000c0)={<r5=>0xffffffffffffffff}, 0x106, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r4, &(0x7f00000002c0)={0x7, 0x8, 0xfa00, {r5, 0x7}}, 0x10)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_FLUSH(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r6, @ANYBLOB="0100000000000000000001"], 0xc4}}, 0x240008c0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r10 = socket(0x400000000010, 0x3, 0x0)
r11 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000200)={'syzkaller0\x00', <r12=>0x0})
r13 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r13, 0x84, 0x6b, &(0x7f00000003c0)=[@in={0x2, 0x4e20, @private=0xa010102}], 0x10)
setsockopt(r13, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8)
recvmsg(r13, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r12, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001300)=@newtfilter={0xe84, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r12, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_fw={{0x7}, {0xe58, 0x2, [@TCA_FW_ACT={0xe54, 0x4, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x4, 0x1ff, 0x20000000, 0xc, 0x6}, 0x7f, 0x5}, [{0x2a9, 0x6, 0x810, 0x4, 0x5}, {0x4a7, 0x1ff, 0x4, 0x1, 0x7, 0xdd}, {0x9, 0x7, 0x3ff, 0x97, 0xfffffffd, 0x4}, {0x8, 0x0, 0x6, 0x2, 0x7fff, 0x3}, {0x4f9a, 0x5, 0x1, 0x1, 0x2, 0x8}, {0x0, 0x5, 0x1437, 0x1, 0xee57, 0xd}, {0x77d, 0x6, 0x9, 0x6, 0x8, 0x1}, {0x5, 0x6, 0x0, 0x2, 0x1, 0x7fff}, {0x0, 0x3, 0x4235da1, 0x9, 0x7ec9, 0x8}, {0x10000, 0x2, 0x0, 0x1, 0x6, 0x9}, {0xd, 0xffff0001, 0x0, 0x6, 0x81, 0x4}, {0xfffffffc, 0x4, 0xffff, 0x2, 0xffffffff, 0xfffffffa}, {0x5, 0xd29, 0x101, 0x3, 0x7, 0xc}, {0x0, 0xfffffff7, 0x1, 0x72b2, 0xc874, 0x3}, {0x3, 0xf, 0x5, 0x1, 0x1ff, 0x6}, {0x9b9b, 0xffff, 0x6, 0xb, 0xb3d, 0x812}, {0x5, 0x7, 0x2, 0x5, 0x5, 0x4}, {0x6, 0x0, 0x9, 0x2, 0x82, 0x2}, {0xfffffff7, 0x6, 0x2, 0x9, 0xff}, {0x4, 0x1, 0x371, 0x8, 0x0, 0xeac}, {0x9, 0x2, 0xd77, 0x8, 0x113, 0x8d3f}, {0x7, 0xffffffff, 0x4, 0x92a4, 0x9, 0x10}, {0x1a4a13f0, 0x4, 0xe, 0x3, 0xad47, 0xf83b}, {0x1ff, 0x5, 0x7, 0xfff, 0x9}, {0x100, 0x4, 0x200, 0x9, 0x1, 0x9df}, {0x9, 0x1, 0x65, 0x9, 0x7}, {0x401, 0x10001, 0x9, 0x200, 0x9, 0x1}, {0x6, 0x10, 0xf, 0x2, 0x6, 0x3}, {0xf23, 0x3ff, 0x0, 0x9, 0xfffffffc}, {0x80000000, 0x6, 0x0, 0x6, 0x6, 0xd}, {0x0, 0x9, 0xd, 0x8000, 0x3, 0x2}, {0x800, 0x9, 0x6, 0x3, 0x7, 0x8}, {0x7, 0x8, 0x7358, 0x7, 0x8, 0xffffffff}, {0x4d9, 0x45db8bad, 0xb3dd, 0x1, 0xbc, 0x7ff}, {0x7, 0x1, 0x3, 0x3, 0x3, 0x7a}, {0x5a1b, 0x1, 0x1, 0x7ff, 0x3, 0x4}, {0x3, 0x7, 0x4, 0x4, 0x1c716ddc, 0x8}, {0xffffffa5, 0x7, 0x0, 0x10, 0x3, 0x5}, {0x8219, 0x0, 0x1000002, 0x6, 0x3, 0x2}, {0x62, 0xf4, 0x5, 0x4, 0x4, 0x67}, {0x5, 0x4, 0x53, 0x8, 0xc0000000, 0x7}, {0x2, 0x5, 0x2, 0xffff, 0x2, 0x2}, {0x80000001, 0x94c, 0x6, 0xfffffe00, 0x5, 0x7b27}, {0x2, 0x6, 0x1000, 0x9, 0x9}, {0xa, 0x0, 0x9, 0x4, 0xe, 0x9}, {0xdf, 0x7fff, 0x8000, 0x81, 0xff, 0xfffffff8}, {0x2, 0x10000, 0x9, 0x2, 0x2}, {0x2, 0x6, 0x9, 0x1, 0x2, 0x40}, {0xfffffe00, 0x3, 0x74d2, 0x3, 0x80000001, 0x6}, {0x2, 0x8, 0xfffffff7, 0x1, 0x6, 0xa}, {0x8, 0x9, 0x8e, 0x33, 0x10001, 0x22cb}, {0x2, 0x31f5, 0x7, 0x5, 0x7fffffff, 0x1}, {0x9, 0x10001, 0x4, 0x8, 0x7, 0x9}, {0xb, 0x1ff, 0xb, 0x8001, 0x5, 0x80000001}, {0x7, 0x80, 0x69b, 0x3, 0x8, 0x339}, {0xee, 0x80000000, 0xfba6, 0x101, 0x5, 0xb}, {0x3, 0x458, 0x6, 0xf, 0x7, 0x8000}, {0x9, 0xfffffffa, 0x1000, 0x8, 0xb, 0x2}, {0x400, 0xffff, 0x3, 0xbcbb, 0x7, 0xb}, {0x0, 0x7fffffff, 0x8, 0x8, 0x2, 0x1}, {0x1, 0x2, 0x3, 0x9, 0x0, 0x401}, {0xd, 0x1, 0x2, 0xf, 0x81, 0x5}, {0x6, 0xfff, 0x5, 0x5, 0x4, 0x3649}, {0x7, 0x2, 0x80000000, 0x9, 0x1630, 0x9e73}, {0xb, 0x1b6, 0xc4, 0x7, 0x4, 0xca}, {0x4, 0x5, 0x401, 0x4, 0xfffffff8, 0x40}, {0x8, 0x4594, 0x8, 0x4, 0x0, 0xffff}, {0x100, 0xfffffffb, 0x6, 0x0, 0x9, 0x6}, {0x3, 0xf7b, 0x3, 0x8, 0x6, 0x3}, {0x1, 0x5, 0x3, 0xab9, 0x7, 0x9}, {0xffffffff, 0x0, 0xfc, 0x7, 0x6, 0xc}, {0xf, 0x1, 0xa000000, 0x1, 0x101, 0x1f3}, {0x7ff, 0x9, 0xfffff001, 0x8001, 0x2, 0x2}, {0x4, 0xd9, 0x6, 0x1, 0x9, 0xfffffff8}, {0x3, 0x3, 0x7, 0x9, 0x10, 0x1}, {0x8f000000, 0x100, 0xffffffff, 0x963, 0x2, 0xc}, {0x6, 0x50, 0x6, 0xa, 0x0, 0x3}, {0x649, 0x2, 0x80000001, 0x8, 0x0, 0xffffffff}, {0x8, 0xfff, 0x6, 0x80000001, 0x7fffffff, 0x4}, {0xa3, 0x81, 0x9fcb, 0x1, 0x8, 0x7fff}, {0x0, 0x2, 0x750c, 0x0, 0x1, 0xfffffffc}, {0x7ff, 0x7, 0x10000, 0x9, 0x0, 0x88}, {0x5, 0x10001, 0x7fff, 0x81, 0xfffffff4, 0x7}, {0xfce, 0x80000001, 0x5, 0x4, 0x1ff}, {0x3, 0x3, 0x3ff, 0x7fffffff, 0x9, 0x7}, {0xdac, 0x0, 0x4, 0x80000001, 0x3, 0x8}, {0x7, 0xffffffff, 0x6, 0x8, 0x80000001, 0xa}, {0x2, 0x4, 0x2, 0x401, 0xe32}, {0x5, 0x7, 0x6, 0x8, 0x2, 0x2}, {0x10001, 0x100, 0x3, 0x4, 0x9, 0xfffffffa}, {0x2, 0x40000, 0x3, 0x6, 0x800, 0x3}, {0x0, 0x0, 0x3, 0x8, 0x1, 0x3}, {0x3, 0x3, 0xffffffff, 0x3, 0x800, 0xde}, {0x5, 0x66, 0x41d0, 0x8001, 0x1, 0x3}, {0x5, 0x7, 0xfffffffc, 0x4, 0x3, 0x92c}, {0x4, 0xffff, 0x0, 0x101, 0x4, 0x1}, {0x9, 0xf667, 0x5, 0x3, 0x5, 0x4}, {0x1731, 0xa, 0x9960, 0x9, 0x1, 0x7}, {0xd, 0xfffffffa, 0x1, 0x800003, 0x40, 0x2}, {0x1, 0x4, 0x80000000, 0x80000001, 0x2, 0x6}, {0x7, 0x2, 0xffffff3a, 0x4cf, 0x800, 0x6}, {0x8000, 0x6, 0x1, 0x0, 0x100, 0x80000000}, {0x3b, 0x5562334a, 0x2, 0x2, 0x6, 0x81}, {0x4, 0x96, 0x81, 0x0, 0x101, 0xa}, {0x4, 0xff, 0x9, 0x0, 0x81, 0x29}, {0xa, 0x5, 0x0, 0x9, 0xffffffff, 0xfb4}, {0x80000000, 0x2, 0xffff, 0x39b4, 0x1, 0x6}, {0x61, 0x2d, 0x6, 0x1fe4c5d2, 0x1, 0x3}, {0x1, 0xe2, 0x7ff, 0x7ff, 0x7f, 0x29d0}, {0x0, 0x4, 0xc, 0xd594, 0x9, 0x7}, {0x6, 0x0, 0x7, 0x9, 0x7, 0x9}, {0x80e9, 0x7, 0x9, 0x1, 0x1, 0x18000}, {0x400, 0x9, 0x0, 0x6f}, {0x2, 0x1, 0x6, 0x3, 0xfffff71b, 0xce}, {0x1, 0xff, 0xb, 0x4, 0x800, 0x1}, {0x6, 0x2, 0x8, 0xfff, 0x4, 0x7fff}, {0x0, 0x0, 0x7f, 0x401, 0x7, 0x7fff}, {0x7, 0xb, 0x10000, 0x1, 0x8000, 0xfffff830}, {0x2, 0x4, 0x2, 0x1, 0x6, 0x2b4}, {0x3cd2dbce, 0x929a, 0x9dc, 0x0, 0x8, 0xfffffffc}, {0x6, 0x0, 0xe71, 0xc5c3, 0x3, 0x1}, {0x7, 0x2, 0x197a, 0x7, 0x1, 0x8}, {0xff, 0x2c, 0xfffffc01, 0x1, 0x3, 0x100}, {0x0, 0x6, 0x10001, 0xce7, 0xec, 0x1000}, {0xffffffff, 0x6, 0xffffffff, 0x9, 0x2, 0x6}, {0xfa, 0x9, 0xbf1d, 0x9, 0x80, 0x5}, {0x1c91, 0x5f27, 0x1, 0x0, 0x6, 0x6}, {0x37, 0x622, 0x2, 0x1, 0x7, 0x2}], [{0x5}, {0xccffbfc290ab3baa}, {}, {0x2}, {0x2}, {0x0, 0x1}, {0x3}, {0x4, 0x1}, {}, {0x1, 0x1}, {0x1}, {0x2}, {0x3}, {0x0, 0x1}, {0x5, 0x1}, {0x2}, {0x3, 0x1}, {0x1}, {0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {}, {0x2, 0x1}, {0x2}, {0x2}, {0x2, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {}, {0x3}, {0x3, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {}, {0x5, 0x1}, {0x3}, {0x2}, {0x4}, {0x5}, {0x5, 0x1}, {0x2}, {0x1, 0x1}, {0x4}, {0x4, 0x1}, {0x4, 0x1}, {0x2}, {0x4, 0x1}, {0x2}, {0x1, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x4, 0x1}, {0x4, 0x1}, {}, {0x3}, {0x4, 0x1}, {0x4, 0x1}, {0xed3229170eca159, 0x1}, {0x2, 0x1}, {0x1}, {0x3}, {0x3, 0x1}, {}, {0x2, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x3}, {0x4}, {0x3, 0x1}, {0x1}, {0x3, 0x1}, {0x2, 0x1}, {0x2}, {0x5, 0x1}, {0x4}, {0x5, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x3, 0x1}, {0x4}, {0x7, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x5}, {0x5}, {0x4, 0x1}, {0x4, 0x1}, {0x4}, {0x5}, {0x54e1b160e6ec45e8, 0x1}, {0x1, 0x1}, {0x2}, {0x3, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {}, {0x4, 0x1}, {0x4}, {0x5, 0x1}, {0x0, 0x1}, {0x3}, {0x0, 0x1}, {0x2}, {}, {0x2}, {0x5, 0x1}, {0x4}, {0x2}, {0x9baeccaf277094c4, 0x1}, {0x4}, {0x2, 0x1}, {}, {}, {0x8f9fc2e2ef57f2f0}, {0x3, 0x1}, {0x2, 0x1}, {0x2}, {0x3}, {0x3}, {0x2, 0x1}, {0x3, 0x1}, {}, {0x1, 0x1}], 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0xe84}, 0x1, 0x0, 0x0, 0x81}, 0x800)

6m57.580310665s ago: executing program 5 (id=2602):
r0 = syz_usb_connect(0x5, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r1, 0x5b02, 0x0)

6m52.162717949s ago: executing program 5 (id=2618):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000040), 0x3, 0x5eb, &(0x7f0000000c00)="$eJzs3ctvFEcaAPCvxw9sjNYDWu0ue1gsrVYg7WJjAysU5QDXCFnkoVxyiYMNIRiwsKPEJBJGIpdIUS5RFCmnHEL+iwSFK6fklEMuOUVIKIk4RspEPdNtPHaPX9jTiP79pGG6q6Zd1djfVHVNVU8AlTWS/lOLOBgRc0nEcLK0nNcbWeZI63WPfnv/fPpIotF4+Zckkiwtf32SPQ9lBw9ExHffJnGgZ22584s3Lk/Nzs5cz/bHFq7Mjc0v3jh66crUxZmLM1cn/j9x6uSJk6fGj23rvG4WpJ29/dY7wx9Ovvbl578n41/9OJnE6Xghe+HK89gpIzHS/D9J1mYNndrpwkrSk/2dNBqNRp6W9JZbJzYv//31RcTfYzh64vEvbzg+eLHUygG7qpG03ruBKkrEP1RU3g/Ir+1XXwfXSumVAN3w8ExrAGBt/Pe2xgZjoDk2sPdREiuHdZKI2N7IXLt9EXH/3uTtC/cmb8cujcMBxZZuRcQ/iuI/acZ/PQai3oz/Wlv8p/2Cc9lzmv7SNstfPVQs/qF7WvE/sG78R4f4fz19vtmK4Te2WX798eabg23xP7jdUwIAAAAAAIDKunsmIv5X9Pl/bXn+TxTM/xmKiNM7UP7Iqv21n//XHuxAMUCBh2cini+c/1vLZ//We1YsYa1HX3Lh0uzMsYj4S0Qcib496f74OmUc/ejAZ53yRrL5f/kjLf9+Nhcwq8eD3j3tx0xPLUw9wSkDmYe3Iv5ZOP83WW7/k4L2P31nmNtkGQf+c+dcp7yN4x/YLY0vIg4Xtv+P71qRrH9/jrFmf2As7xWs9a/3Pv66U/nbjX+3mIAnl7b/e9eP/3qy8n4981sv4/hib6NT3nb7//3JK827CvVnae9OLSxcH4/oT872pKlt6RNbrzM8i/J4yOMljf8j/15//K+o/z8YEUurfnbya/ua4tzf/hj6qVN99P+hPGn8T2+p/d/6xsSd+jedyt9c+3+i2dYfyVKM/0HLp3mY9renF4Rjb1FWt+sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+CWkTsi6Q2urxdq42ORgxFxF9jb2322vzCfy9ce/vqdJrX/P7/Wv5Nv8Ot/ST//v/6iv2JVfvHI2J/RHzSM9jcHz1/bXa67JMHAAAAAAAAAAAAAAAAAACAp8RQh/X/qZ97yq4dsOt6y64AUJqC+P++jHoA3af9h+oS/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD8AAAAAADxT9h+6+0MSEUvPDTYfqf4sr6/UmgG7rVZ2BYDSuMUPVJepP1BdrvGBZIP8gY4HbXTkeubOP8HBAAAAAAAAAAAAAFA5hw9a/w9VZf0/VJf1/1Bd+fr/QyXXA+g+1/hAbLCSv3D9/4ZHAQAAAAAAAAAAAAA7aX7xxuWp2dmZ6zZefTqq0c2NRqNxM/0reFrqs/MbSTZDvSuF5lPhu3+m/Zs5wXyt3+Z+cnnvSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLs/AwAA//+JjCTl")
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x16c)
renameat2(0xffffffffffffff9c, &(0x7f0000000140)='./file7\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x4)
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0xe1, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000))

6m51.096843297s ago: executing program 5 (id=2626):
r0 = socket$unix(0x1, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r1=>0x0})
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000200)={0x1d, r1}, 0x10)
sendmsg$can_bcm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="01000000d7fe68ca7e4d5d5bdbe70000", @ANYRESDEC=r1, @ANYRES64=0x0, @ANYRES64=r1, @ANYRES64=r0], 0x20000600}}, 0x0)

6m49.452291168s ago: executing program 5 (id=2630):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=")
syz_mount_image$fuse(0x0, &(0x7f0000000740)='./bus\x00', 0x283016, 0x0, 0x11, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000000)=""/41, 0x29)

6m48.773941379s ago: executing program 5 (id=2640):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f00000001c0)=ANY=[@ANYRES16=0x0], 0x0, 0x1ca, &(0x7f00000004c0)="$eJzsmb+uEkEUxr+Z3QvcG2NiY2GjiTfxmlyW3UUNjQU+gQn4r5PIStAFDGwBJBbExsbH8BUsqCzs7Gy1UBMTCymt18xw2B35J8QQSTy/hNlvZs7MnDnAVwAYhvlv+frl5+dXt0rVUwBncIwsjX+30hhpxH/Kkfj4+l377PPx/H4CQBxvfr4N4G3ZQkT9OP599TE9q5CJvgOJq6TvQcAh/RASd0kHEHhA+omhO4ckwsB51Anrj5th4KrGU42vmuJ8fpORQB1AjvITxnxvMHxaC8OgOy8O4tk5C1Pbij/Uz56UJW4a9VPv1/2XL0aqP6uNa9TPg4RHugiBCukSsnAcJy2Jcf8Ldrq/tcn990Gcy6+LOd2DDFn8AyGMkUMl1Bc6GTk/Gb9fXPVtl4ld2u2VQZ69MPXh6O92zpAJLI1J/VNZ7hXDn2zYiX8UotazQm8wzDdbtUbQCNq+X7zhXnPd635BG9G0XeN/Oe1PR8b+BytiMyKDfi2Kul4fiLpe0venreG4lTedH3qN1P4ncXJ5uof6qOhrZ5efIegl9VOpE2tl8gzDMAzDMAzDMAzDMAzDMFtxEUL/Ckp/VMUr8G/r6F8BAAD///ckZMc=")
chdir(&(0x7f0000000040)='./file0\x00')
open(0x0, 0x8000, 0x50)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x0, 0x0)
getdents64(r0, 0xfffffffffffffffe, 0x29)

6m45.348349854s ago: executing program 5 (id=2653):
ioctl$IOMMU_VFIO_IOAS$SET(0xffffffffffffffff, 0x3b88, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, 0x0)
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xe)
ioctl$TIOCSLCKTRMIOS(r0, 0x5435, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x108111, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000000000000900000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
r6 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r6, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x3}, 0x10)
ioctl$SIOCPNENABLEPIPE(r6, 0x89ed, 0x0)
r7 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r7, 0xc0045005, &(0x7f0000000640)=0x10)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000b, 0x8012, r7, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)

6m44.740813466s ago: executing program 39 (id=2653):
ioctl$IOMMU_VFIO_IOAS$SET(0xffffffffffffffff, 0x3b88, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, 0x0)
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xe)
ioctl$TIOCSLCKTRMIOS(r0, 0x5435, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x108111, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000000000000900000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
r6 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r6, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x3}, 0x10)
ioctl$SIOCPNENABLEPIPE(r6, 0x89ed, 0x0)
r7 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r7, 0xc0045005, &(0x7f0000000640)=0x10)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000b, 0x8012, r7, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)

5m38.714977077s ago: executing program 3 (id=2930):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000500)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000140)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x3}}, 0x26)

5m38.334299525s ago: executing program 3 (id=2931):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000b7403340861a22753635f10203010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000040)={0x1c, &(0x7f0000000080)=ANY=[@ANYBLOB="200302"], 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

5m33.937830855s ago: executing program 3 (id=2940):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=""/41, 0x29}, 0x1ec}], 0x1, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000180)=0x6, 0x4)
setsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000240)=0x10008, 0x4d)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x32, &(0x7f00000006c0)={@broadcast, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x6, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)

5m33.077674614s ago: executing program 3 (id=2942):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x22004002, &(0x7f0000000080)={[{@jqfmt_vfsold}, {@stripe={'stripe', 0x3d, 0xffff}}, {@sysvgroups}, {@jqfmt_vfsold}, {@nouid32}, {@grpjquota, 0x2e}]}, 0x84, 0x46c, &(0x7f00000004c0)="$eJzs3EtvG0UcAPD/rpP0RR6U8ugDaiiIiELSpAV64AICqRckJDjAMaShKnVb1ASJVhUtCJUj4hMARyQ+ASe4IOAE4gp3hFShXggckNHau40TO6njxHWDfz9pk5ndWc/Mzk4yu7PrAPpWOfuRRFQj4teIGK1Hlyco138t3rg8+/eNy7NJVKuv/pnU0v114/JskbTYb1ceGU8j0o+S2N8i3/mLl87MVCpzF/L45MLZdybnL1566vTZmVNzp+bOTR8/fuzo1LPPTD+9KfUczsq67/3zB/aeeOPTl2er8eYPX2XlvSvf3liPurEN51mO8vJjWTNU+/nYhj/9zjLcEE4GelgQ1qUUEVlzDdb6/2iUYqnxRuOlD3taOKCrqtVqdVvT2lIRuFoF/seS6HUJgN4o/tFn17/FchuHHz13/fn6BVBW78V8qW8ZiDT7tb1+xT7cpfzLEfH61X8+y5ZoeR8CAGBzfZONf55sNf4bSe5rSDeSzw2NRcThiNgdEfdExJ6IuDcisrT3R8QD68y/vCLePP75eUdHFWtTNv57Lp/bWj7+S4skY6U8Nlyr/2Dy1unK3JH8mIzH4LYsPrVGHt+++Msnq21rHP9lS5Z/MRbMy/HHwIobdCdnFmY2UudG1z+I2DfQqv7JzZmAJCL2RsS+Dj4/O2ann/jyQBYe2dW8/cAt67+GTZhnqn4R8Xi9/a/GivoXknpOq81PTm6PytyRyeKsaPbjT9deaYwPNoRv3f7dlbX/zpbnf17/ohsU87Xz68/j2m8fr3pN0+n5P5S8VgsP5evem1lYuDAVMZSvWLZ+emnfIl6kz+o/fqhV/UeS3RH/fp7vtz8/Vx+MiIci4mBe9ocj4pGIOLRG/b9/4dG31z5CvW3/k2u1f8RY0jhf30GgdOa7r1fLv732P1YLjedr2vn7124BN3LsAAAAYKtIa8/AJ+nEzXCaTkzUn+HfEzvTyvn5hcPlePfcyfqz8mMxmBZ3ukYb7odO5feGi/j0ivjRiLi79qTRjlp8YvZ8pVtz6kB7dq3S/zO/l3pdOqDr1jWP1vxGG7CFeV8T+pf+D/1L/4f+pf9D/2rV/69ELPagKMBt5v8/9C/9H/qX/g/9S/+HvtT8SnzxdSudvOm/FNh9YkO791Gg1KVPjsYv7ehCINKeH7rOA+mdUIyDeWBbRLS715WutunK8wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDr+y8AAP//BcXhGA==")
ioperm(0x0, 0x7fff, 0x15f9)
r0 = syz_clone(0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ptrace(0x10, r0)
ptrace$getregset(0x4204, r0, 0x201, &(0x7f0000000740)={0x0, 0x96})

5m31.855199503s ago: executing program 3 (id=2946):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
recvmmsg(r0, &(0x7f0000003140)=[{{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, &(0x7f0000000240)=[{0xffffffffffffffff}], 0x1}, 0x10001}], 0x2, 0x2, 0x0)

5m28.726244625s ago: executing program 3 (id=2959):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000340)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000540)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x3, @loopback, 0x3}, 0x1c, &(0x7f00000004c0)=[{&(0x7f0000000240)="dc", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000840)="95", 0x1}], 0x1}}], 0x2, 0x3404c891)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000007c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="f7000200040003"], 0xc)

5m28.304954051s ago: executing program 40 (id=2959):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000340)={0x0, 0xcc}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000540)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x3, @loopback, 0x3}, 0x1c, &(0x7f00000004c0)=[{&(0x7f0000000240)="dc", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000840)="95", 0x1}], 0x1}}], 0x2, 0x3404c891)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000007c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="f7000200040003"], 0xc)

2m11.204402813s ago: executing program 4 (id=3779):
syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
r0 = syz_io_uring_setup(0x239, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x80, &(0x7f0000000cc0)=ANY=[@ANYRES64=r1, @ANYBLOB="79073019d5b3cdac74c4b26d7cd04c994a31c6484bd01434fb2c18456cd90edff34b22213fbf366c66a7ecf2dcad83e1a70fb858a56f3835ceef18170a82d199a361dd736a5149065c636a29f4b4a8e33c42673c494bdffc44f4a3996a2266cc8fc46b68c5446ae032a42f1019226ec0f56859c974a72d5dcca45625726d836c2239f3f67f74bf7209e9f2ed7744d7c9054f6426922e0ca869f3b4e3518a86cce3bbfd21f1293c4310f1e3ec69386e9754ed43f16c0900000069e3ad2baf4ea9661b05341c6feae81cc993f663020e6e162dba0986eb3920f5d40734f5b4919bf8f718edfd6dfb0d3c1a7f5a19cafd83db2ac421f8c294a47fa31ccc0363dae5613f4f0eb40a59b003793477e29eda9e085337396622cca1f5100975f241af5484a315f02bd5cba3a24b32e44426ef79"], 0x44, 0x705, &(0x7f0000000480)="$eJzs3U9sHGfdB/DvrNdrbyq5bpu0fV8hxWpEBA0kdkxJkJAIFUI5VCgSl15N4jRWnDSyXZREiLhA4QgnlAOHoiocekI9IIE4IMoZCYkryj0S94gDRrM7u95d22tvk9ghfD7SeJ6Zef785teZZ3dnG22A/1nn3874eoqcP/HWzXL7/r355fv35q91ykkmktSSenuV4npSfJqcS3vJ/5U7q+6KncZ548Hvf3X87sfz7a16tbTq14a127QxZIT1aslMkrFqPaL6Tv1dzJtb+rszUtdFN+4yYcc6iYODtrHF+ijN93DfAk+7O8nY+Db7p5NDSSar9wGpZofaPof32I00ywEAAMDTaWy3Cs8/zMPczNT+hAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPhqL9m4FFtdQ65ZkUnd//b1T7So3GAcc73Jd2Of7B5X0KBAAAAAAAAACeiE+qL+6PPszD3MxUZ/9G0frO/7XWxuHW3+fyXlazmJWczM0sZC1rWclcMj7V02Hj5sLa2src1pa/TNlyY2PjTtXydJLpLS1P78NJAwAAAAAAAMCz60c5n6mDDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHoVyVh71VoOd8rTqdWTTCZplPXWkz92yk+75pBjf9rHOAAAAOCAdD4aTxX/bhc2itZn/pdbn/sn816uZy1LWctyFnOp9Syg/am/9rf1+eX79+avlcvWjr/5z5HiaPWYZCzv7zDybKvGkW6L8/l2vpsTmcmFrGQp389C1rKYmTTLk8hCikw3208vpjtxbh/vub6tC4OxHR3YfrUVSTOXs9SK7WQuNtJ+bNI6h3LMV3tG+10jGRjx/TI7xTcqe8zRpZ7/Xr+onstUNp7fYx9PxnTrzMe7GZlNs9qXvDA89yNeJ4MjzaXWfQZ1eHOUcnNwpE7OvzdKzg9V6zLXP+3P+eM24qO0wUycTq26+pKX+3N+4/N3X+xv/MW///nCldr1q1cur554gqf0KGZ2qzDeKQxmYr4nE68Mv/qqTCyXmVjfeybGB3dM7rXlk9WostGaivY4W36rVVrIaz2X4Lu5lMWcyWzmcjaz+VpOZ757hZXLkb681uev9eekda/Vts5vw57EHvtCT6Wf7VJ5f5V5eaEnr70z3XTrWLXn3M8z23P1vTj86hv5VaAc//+rcjnGj7uvOE+DvkxUc3MnupeGZ+LXG+Xf1eXrV1euLNzY43jHq3V5237QPzd/tPeoB1/dH4fyeiln3Hprq5WTZud6KY+91I22P1+N6huXdrvalmNHusemM5WlfGfHO7VRvYfb2lP72Cu9x/6xOXM2qvc3nWN973LybpZb70IG7DpVA7AvJrqlQ68fajQfNP/a/LD5k+aV5luTb06cnfhcI+N/qf9h7Le139S+XryeD/PDTB1owAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8IxYvXX76sLy8uJKt5DJwT2PWmjsONbwQmq71rn33N46zHQyfKyiKjQe77mPWvjoUHJwo7cLzQzs6fzC0qP2/EmSIXUajxx8MfI1NnKhzMNj6bDzw2mtPRtjIzSvd1ptX6ee1clcXSjq29xxE5t3QaavLiz/a6OveTO3uz0fzHwE7J9Ta9dunFq9dfvLS9cW3ll8Z/H66bNnzp6Z/+rcV05dXlpenG3/PegogSdh9dbtsYOOAQAAAAAAAAAAABhN9X//r33mf8xQ36VOY2V1+5GP7vepAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+lzr+d8fUUmZs9OVtu3783v1wunfJmzXqSWpLiB0nxaXIu7SXTPd0VO43zxoPUjt/9eH6zr3qnfm1Yu71Zr5bMJBmr1rub2Kabrf1d7Olv/TOFV3TPsEzYsU7i4KD9JwAA//9Xl/Jw")
r4 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
close(0x3)
dup(r4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x2ded, 0x9b1f, 0x8, 0x0, 0xd)

2m9.518554316s ago: executing program 4 (id=3786):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000300), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000001180)=0x2000000)
mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r0, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r0, 0x5008, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x80400)
syz_usb_connect(0x2, 0x239, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e388d640697a01006ba8010203010902"], 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040))
r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_DRAIN(r2, 0x4144, 0x0)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r2, 0xc0884113, &(0x7f0000000240)={0x1, 0x0, 0x203, 0xfffd, 0xffffffffffffffff, 0x200000000000008, 0xfffffffffffffffd, 0x200, 0x8, 0x2c, 0x80000005, 0x1})

2m6.396644252s ago: executing program 4 (id=3800):
socket$packet(0x11, 0x2, 0x300)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffebe}, 0x90)
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000b80)={0x0, 0x0, 0x10100, 0x0, 0x215}, &(0x7f0000000280)=<r1=>0x0, &(0x7f0000000240)=<r2=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x8, 0x0, @fd, 0x10, 0x0, 0xfffdfff9, 0x5, 0x259792cd96d38d81})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

2m5.74790952s ago: executing program 4 (id=3804):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000040)='cgroup.threads\x00', 0x2, 0x0)
sendfile(r2, r2, 0x0, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f0000000c40), 0x12)
sendfile(r0, r2, 0x0, 0x401)

2m4.285943664s ago: executing program 4 (id=3806):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a})
chdir(&(0x7f00000002c0)='mnt/encrypted_dir\x00')
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000100)='./file0\x00', 0x40, 0x0, 0x0, 0x0, &(0x7f0000000000))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x42)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @c}})
statx(0xffffffffffffffff, 0x0, 0x6000, 0x8, 0x0)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

2m3.700939652s ago: executing program 4 (id=3813):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$rfkill(r1, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1}, 0x8)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000400)=[{0x6, 0x1, 0x2, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)
syz_mount_image$hfsplus(&(0x7f0000001140), &(0x7f00000004c0)='./file1\x00', 0x804c10, &(0x7f0000000180)=ANY=[], 0xfe, 0x66b, &(0x7f0000001180)="$eJzs3c1vHGcdB/DvbDZ2Ni3BTZM2oEq1GgkQFolf5IK5YBBCPlSoKgfOVuI0VjZpsV3kVog6vF576B9QDr4gTkjcIxUOXODWG/KxEhKXXjCnRTuetdfrl66TxrtpP59o93lmnplnfs/vmZl9saIN8IW1MJH6gxRZmHhlvb28tTnT3NqcudupJxlNspHUk9SSFP9ttVofJvNJsdtN0VMe8P7y3GsffbL18c5SvXqU29eO269Htd1Gz+qNzrrxJGeq8hHs6+/GI/dX7EY+n+RqVcLAnU3S2udnf396t6VL47C9z51KjMDjVey8bh4wlpyvLvT2+4DOK2/tdKPr32if2/W+gwAAAIAnTT+fgb+8ne2sFxdOIRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4XNjY+/3/onrUOvXxFJ3f/x+p1qWqD5cXT7b5g8cVBwAAAAAAAACcohe3s531XOgst4ryb/4vlQuXyuen8lZWs5SVXMt6FrOWtaxkKslYV0cj64traytTfew5feie058S6GhVNj6bcQMAAAAAAADA58yvsrD3938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgGRXJmp0hxv2v1WGr1JOeSjLRXbCT/7NSfZA8GHQAAAACcgtFkO+u50FluFbmU5LnyO4BzeSv3spblrKWZpdwsvxfY+dRf29qcaW5tztxtPw72+/3/nCiMssfsfPdw+JGvlFs0civL5ZpruZE30szN1Mo9265U8XR67Ynrfjum4nuVPiO7WZXtkb9XlQe8e6LBHuWEX6aMlRk5u5uRySq2djae6czM4TN0wtnpPdJUarvBXuo50sj+wTxUzs9XZXs8vzsq5wPRm4nprrPvueNznnz9L3/66WRVH54h9edMVbbK58bBTMx0ZeL5fjJxu3nvzu1bqxNPWiYOmCwzcXl3eSE/yk8ykfG8mpUs5+dZzFqWMp4flrXFavKLrkv+iEzN71t69dMiGanO0J3JOllML5X7Xshyfpw3cjNLebn8N52pfDuzmc1c1wxfPn6Gy6u+tu+q35vm1pcODf7qN6pKI8nvq3I4tPP6TFdeu++5Y2Vb95q9LF3sI0snvDfWv1pV2sf4dVUOh95MTHVl4tnjM/GH8ray2rx3Z+X24pv9He7ie1WlfWb9NhkfnhtJ+3y52J6scmn/2dFue/bQtqmy7dJuW+1A2+Xdtp0rdePIK3Wkeg93sKfpsu35Q9tmyrYrXW2Hvd8CYOid/+b5kca/G/9ofND4TeN245VzPxj9zugLIzn717PfrU+e+VrtheLP+SC/3Pv8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzVt9+5s9hsLq30VFqt1rtHNPVZqVdHeMjdH6GS8X891T7yIU2dnzM7xXi+8nRyemMf1sr/Wq1WtaY4Yps//m1oEtWqDEXqBlQZ3D0JOB3X1+6+eX317Xe+tXx38fWl15fuzc3Ozk3Ozb48c/3WcnNpcud50FECj8Pei/6gIwEAAAAAAAAAAAD6dRr/nWDQYwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACebAsTqT9IkanJa5Pt5a3NmWb70anvbVlPUktS/CIpPkzmi6phrKu74qjjvL8899pHn2x9vNdXvbN97bj9+rNRPTKe5MxOef+z6u9GVR6rOG4Ixe4I55NcrUoYuP8HAAD//xokBkA=")
setxattr$trusted_overlay_upper(&(0x7f0000001240)='./file1\x00', &(0x7f0000000180), &(0x7f0000000180)=ANY=[], 0x841, 0x0)
lgetxattr(&(0x7f0000000140)='./file1\x00', &(0x7f0000000080)=@known='trusted.overlay.upper\x00', 0x0, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)

1m47.218464508s ago: executing program 41 (id=3813):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$rfkill(r1, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1}, 0x8)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000400)=[{0x6, 0x1, 0x2, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)
syz_mount_image$hfsplus(&(0x7f0000001140), &(0x7f00000004c0)='./file1\x00', 0x804c10, &(0x7f0000000180)=ANY=[], 0xfe, 0x66b, &(0x7f0000001180)="$eJzs3c1vHGcdB/DvbDZ2Ni3BTZM2oEq1GgkQFolf5IK5YBBCPlSoKgfOVuI0VjZpsV3kVog6vF576B9QDr4gTkjcIxUOXODWG/KxEhKXXjCnRTuetdfrl66TxrtpP59o93lmnplnfs/vmZl9saIN8IW1MJH6gxRZmHhlvb28tTnT3NqcudupJxlNspHUk9SSFP9ttVofJvNJsdtN0VMe8P7y3GsffbL18c5SvXqU29eO269Htd1Gz+qNzrrxJGeq8hHs6+/GI/dX7EY+n+RqVcLAnU3S2udnf396t6VL47C9z51KjMDjVey8bh4wlpyvLvT2+4DOK2/tdKPr32if2/W+gwAAAIAnTT+fgb+8ne2sFxdOIRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4XNjY+/3/onrUOvXxFJ3f/x+p1qWqD5cXT7b5g8cVBwAAAAAAAACcohe3s531XOgst4ryb/4vlQuXyuen8lZWs5SVXMt6FrOWtaxkKslYV0cj64traytTfew5feie058S6GhVNj6bcQMAAAAAAADA58yvsrD3938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgGRXJmp0hxv2v1WGr1JOeSjLRXbCT/7NSfZA8GHQAAAACcgtFkO+u50FluFbmU5LnyO4BzeSv3spblrKWZpdwsvxfY+dRf29qcaW5tztxtPw72+/3/nCiMssfsfPdw+JGvlFs0civL5ZpruZE30szN1Mo9265U8XR67Ynrfjum4nuVPiO7WZXtkb9XlQe8e6LBHuWEX6aMlRk5u5uRySq2djae6czM4TN0wtnpPdJUarvBXuo50sj+wTxUzs9XZXs8vzsq5wPRm4nprrPvueNznnz9L3/66WRVH54h9edMVbbK58bBTMx0ZeL5fjJxu3nvzu1bqxNPWiYOmCwzcXl3eSE/yk8ykfG8mpUs5+dZzFqWMp4flrXFavKLrkv+iEzN71t69dMiGanO0J3JOllML5X7Xshyfpw3cjNLebn8N52pfDuzmc1c1wxfPn6Gy6u+tu+q35vm1pcODf7qN6pKI8nvq3I4tPP6TFdeu++5Y2Vb95q9LF3sI0snvDfWv1pV2sf4dVUOh95MTHVl4tnjM/GH8ray2rx3Z+X24pv9He7ie1WlfWb9NhkfnhtJ+3y52J6scmn/2dFue/bQtqmy7dJuW+1A2+Xdtp0rdePIK3Wkeg93sKfpsu35Q9tmyrYrXW2Hvd8CYOid/+b5kca/G/9ofND4TeN245VzPxj9zugLIzn717PfrU+e+VrtheLP+SC/3Pv8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzVt9+5s9hsLq30VFqt1rtHNPVZqVdHeMjdH6GS8X891T7yIU2dnzM7xXi+8nRyemMf1sr/Wq1WtaY4Yps//m1oEtWqDEXqBlQZ3D0JOB3X1+6+eX317Xe+tXx38fWl15fuzc3Ozk3Ozb48c/3WcnNpcud50FECj8Pei/6gIwEAAAAAAAAAAAD6dRr/nWDQYwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACebAsTqT9IkanJa5Pt5a3NmWb70anvbVlPUktS/CIpPkzmi6phrKu74qjjvL8899pHn2x9vNdXvbN97bj9+rNRPTKe5MxOef+z6u9GVR6rOG4Ixe4I55NcrUoYuP8HAAD//xokBkA=")
setxattr$trusted_overlay_upper(&(0x7f0000001240)='./file1\x00', &(0x7f0000000180), &(0x7f0000000180)=ANY=[], 0x841, 0x0)
lgetxattr(&(0x7f0000000140)='./file1\x00', &(0x7f0000000080)=@known='trusted.overlay.upper\x00', 0x0, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)

1m18.523449539s ago: executing program 0 (id=3962):
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x6}}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000100)='./file1\x00', 0x3214212, &(0x7f00000001c0)=ANY=[], 0x3, 0xf11, &(0x7f0000002400)="$eJzs3U1sHNUdAPA368/EJl7zaaCEFFoRKNghidT0FgTqEXHpHRQSGmEoauiBiI/QA6ISokiIU8WBigulUorUSqBKFeqp7alVbz2hXqhUpVKiXhopcWXnvfX62ZNdT9az3t3fT/r77Zs3O///eCNnZnb2bQBGVmPt59GjC0UIH3zx/hOvPVv8bnXZva01Dqz9LGKvGUKYaOsX2fa+iguuXHz1xFZtEQ6v/Uz98OSF1nNnQgjnwoHwZWiGT5eWL33y4eMHP3tr+vZ3zz7/+g7tfku+HwAAMIzO/2X5Hw/+688Pz18+v/94mGotT8fnzdificf9h+KBcjpeboSN/aIt2k1m643FaGTrjWXrjWd5xkvyTWTbmShZb7JDvrG2ZVvtJwAAAAyidF7bDEVjcUO/0VhcvHbev+qrucli8cXTy6fO9KlQAAAAoLL/vrF2060QQgghhBBCiB5G6x7lXVCLEKuxMtff6w8AAADA6MnnC9vkXG9n6mptrdld/guPNbZ+PvRA3f/+5R+s/B+/6S8OAADVDevRZNqvdByd5jHI5xEcy5633eP/Rrad8W3WWTav4KDMN1hWZ/573a3K6t/u69gvZfXn82HuVmX15/N07lZl9U/VXEdVZfVP11xHVWX176m5jqrK6t9bcx1VldU/U3MdVZXVP1tzHVWV1X9TzXVUVVb/vprrqKqs/kG5rbas/mbNdVRVVv98zXVUVVb/zTXXUVVZ/bfUXEdVZfXfWnMd/XJPbNPvYX823n7+nJ/TDco5HgAAAIy6/5n/TwghhBBiCOK2XVCDEEKI3Rxv9PsCBAAAANB36XMB6VPvK1EaH+swPt5hfKLD+GSH8akO4wAAAEAIv3/71J3vFeuf87/R+fDSvFFp/qXtzmOUz0e43fw3Ou9Z2tq1+i9tO/+gzFsGAADAaCm+/+XVh5746OX5y+f3H287+74az3fTPKDj8drA57Gf7guYzfpFOoc+vjFPo2S9/PrATWXbe+oGdxQAAABGWDp/b4Zi7ZS70eo3GouL6+fjC2GiOHV6+eSh2E/fz/KnuYmp1eWP1ls2AAAAsA3r5/tFY3GL8//0Pb4LYbJYfPH08qkz1/qzreUTjfbrAnPry4v26wLNbPnhkuVHYj99f+cP5/asLV888aPlZ3u98wAAADAizrxy9vlnlpdP/njLB+nT7NdbZzsP0ucLtvOsEIrQm+weeOBBtw/6+EcJAADYEV9//f7ET47M/uHa5//X579Ln/8/EPvNOLffX+MK6T6B9DmATZ/Xf3pjnrmy9V7auF4zW28sxlRW93TbdkLbfIPpefNl+ZobtzNZkm8myzeb5cvnKRjP1k/59mXL8/kJ03pz2fJ8HsbxLEeR5b8vAAAAQLmll194aenMK2cfOf3CM8+dfO7ki0cOH/vesWOHHv3uo0tr9/Uvtd/dDwAAAAyi9Zt++10JAAAAAAAAAAAAAAAAAAAAjK46vk6s3/sIAAAAo+4/b4QQzgkhSuLaV2D2frvr30TZ/30Uwxt7dkENQggheh2XrzM2tgvqE0Ls2lhZyb9pHgAAAGBnXbn46on2dpNzRU/ztbYW3429GvOmdvaRv8+vRlrtwmMbr5fs7Wk1jLq6//3LP1j5P36zt/mn04Ou//41Nm7geLW8Dyz9aqE9/13jXebP9/+pavkPZvkfCN3lX/koy/90tfwPZvn3dpl/0/6/VC3/QzH/QuwfvL/b/Btf/6nYpv3Y02X+72T7/2zoNn+2/80uE2YejvkBYBQ1+l3ADklHCek4eib20/7Gw82Q3/2w3eP/Rrad8RuufON203HQHbGfjpdms7zJduufybZ3U8U6c4NyV0lZ/b16HXdaWf0TNddRVVn9kzXXUVVZ/VM111FVWf3TNddRVVn93Z6H9ltZ/YNyXbms/pma66iqrP7Zmuuoqqz+7f4/3i9l9e+ruY6qyuqfq7mOqsrqr3hZrXZl9c/XXEdVZfXfXHMdVZXVf0vNdVRVVv+tNdfRL3fHtux8OJ1/zsWx1G9m/aktfpfDem0BAAAABs2/zf8nBiWOzva/BiGE6Fns2QU1iNGO+O5P3+sQYjhiZeXqyqp+1yHE9WJlpd9XIOinnf00MwC7lb//o83rP9q8/qPN68/1pHv4i6yfjHUYH+8wPtFhfDIbz/+9TnUYvyXb7kqUxm/tMH5bh/F9Hcbv6DC+0GH8zg7jd3UYv7vDOAAAAKPh9tg6PwQAAIDh9dqvP3/ntw88fXH+8vn9x8PkpnnnD8X+VHxv/e3Yz+e9Tybie/4/jf1fxvaPsf1ntr77TwAAAGDnpe+J8f4/AAAADK/0PaXO/wEAAGB4zcfW+T8AAAAMr5tj6/wfAAAAhlgxvfXi2KbrAvfFttt5/QCA3e8bsb0ntvtje29svxnbdBxwf2y/VVN9AEDv/OIHPzv2XrE+3/+RbPxKXJ7aTc5du1JQNDbO5L8ntntj++0u68m/D6Db/Mm+LvPsVP65G8wPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyPxtrPo0cXihA++OL9J34++c7fVpfd21rjwNrPIvaaIYSJ1vPS6Hr/N3HFKxdfPdHeXo1tEQ6HIhSt5eHJC61MMyGEc+FA+DI0w6dLy5c++fDxg5+9NX37u2eff30HfwUb9g8AAACG0f8DAAD//+bVG3I=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x2, 0x11, r1, 0x0)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000500)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="00089aafc727346c3e0d8728525a2641b3b31621730c58dcf8e0ca2e6767a45a978776e9d2c689feab83a160d00a77ae5112cd4e7141cad333d7cbb69dc6b314609d3827059c11066ba0b4b95c12d2d9ff9c8896d9e247bd55f9ff578a14e0e9d0ca07693396b00d2ef44adb4858475a07d5e8fa3ef5b306fe8a5d1cd2d8e06e7f88226ece092c6aabf8870e140124d5a48670513e0c419c99b7c5105959e7a535f12694634cf272490e0000"], 0x81, 0x4ac, &(0x7f00000011c0)="$eJzs20tsG1UXwPFzPLbruPk+3Adpi6piCSRCS9skLmmrIKE8iEBqG0gaEBUPhdgJJk4cxSkkVUu7BHYsumTJlgUrxBZVYolYoCDUXemGjVeUHeiO52XXSewm8TT1/1e1dx7H7r33zMy914kFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIDL022NOrYdcCAAC00qWJ8Z4M4z8AAG3lMut/AACAdqJiyR+icnKurBft/YrEhfzC1ZXJkdH6L+tQUYmIZcebv4nevsyZl/vPnnPLjV+/3Y7I2MTlwfRwcX5xKVcq5bLpyYX8dDGba/gdtvr6WsftDkjPz13NzsyU0n2nMlWnV1L39+ztSg30vz8cd2MnR0ZHJwIx0dgj/+8PWW+GHxdLXhSVT374Ti+JSES23hebXDs7rcNuxHG7EZMjo3ZDCvmphWVzUiNOVKS6T+JuH7UgF1sSETH10vj2rNliYsmPojJ0uqxjImK5/XDC/mC4ofqEIWqWriLSLbsgZ4+xPWLJh6Jy53RK3nT61c5/XOR62JXDjos6939Ry/qW/Tww95N5bF54O/3GwkwxEKsR545qZnyocw+GPj600mP+bEqIJWP2HV/W8bArg5brEEvmRSX+9af2vELseelTA2ePPXs+OMM4tMn7mNhTzs3VyJgcc6YOGjF/HqHa2BYJteRPUXnwe8Le73Zyw08E2oRaUhCVf26UVWvWpVZgfe/Z7WvDna1/R2K4uLi6lJ/9eLnu+WRi8KPS8tLUdP3TlbWrFTyy2Tq2VqS5JVlSKyu+Lz4re69z1gD/q+z5tfn2un8tdNeUruD108h2w8+ZJuZRpk6qltwTlZkPDlfGGUk23TftwOR/VFRK5V/UzbST/2hlL5D/V/z+S2h16bFz+//K51ruXOLIlYPrHd+J/Js6mfy/KypDfx92PtOo5N+qiTVxXaLy3u2jTlwkbuKibnMq7ziTL+R6TOy/orL/ZzdW7NikE3vAj+01sSVR+fJOdexeJ/agH9tnYtdE5e5v9WOf9mMzJnbV5Otu2o1NmthjTmyXH3tquljIbtatJv99ovLOzdfVbfO6+Q/c/7dqSs9DOd94e7vynwocu+Xk9YqT/+gm+f9KVFb/Ouq22+5797LaZ//r59/Mlb+/XR3rTkb3+7G9jTYrbCb/+0Tl/qtrXpudtjm7foaC+X8mWl16/RpS/vcFjqWcesWb7It2VFq9NjdVKOSW2GCDDTa8jbCfTGgFM/6Pm1G931J3HuOM/52VPX/G9OBzf/wfqCk9IY3/+wPHBpxZSywqklieX4wdEkmUVq+dzM9PzeZmcwuZM/09fefP9GTOxeLu5M7farjvngQm/ydE5cZPv3rrmOr5X/35f7Km9ISU/wPBNlXNaxruirZk8t8pKv331rz15kbzf3f93/1cdendfyHl/2DgWMqpV2eTfQEAAAAAAAAAAAAAAAAAu0lSLXleVFbGX1L3O0SN/P5ftqb0hPT7X12BY9nt/16D+9WoqlONVh0AAAAAAAAAAKCVImLJN6LygpT1pjnQKXIxWOKJ9l8AAAD//16uQhc=")
fdatasync(r1)

1m16.740928429s ago: executing program 0 (id=3972):
syz_mount_image$iso9660(&(0x7f0000000cc0), &(0x7f0000000c80)='./file0\x00', 0x1004491, &(0x7f0000000000)=ANY=[], 0xfe, 0x847, &(0x7f00000001c0)="$eJzs3U9sHFf9APDvuHbiOGp+1Q9UoihNJ0mREpG6a6d1sXoo2/XYmXa9a+2uUSJUtVHrlChOW7WqSiNEyKUFxB9x4ljKseqlJ0BIIHEATkj0wIVDpUq9gAoCCYEQwmhnd5N17LXzx3GgfD4r7xu/efPm+2bH83bWO28CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIikMlMqTSRRzWuLJ9PBKjON+vwG83v1/WxVssF6I5L2T4yOxt5O1t5PXpl9d/vpUOzv/LY/RtvJaFzYffddj3xieKi3/AYB3aiDg2eN9P+SRHy1HdS508vLSy/dgkC20Td+0p0YveZF/r7Sfp7Lanmzns+X57I0b9bT6amp0gMnZpvpbF7NmqearWw+rTSycqveSI9UjqYT09PH02z8VH2xNjdTrma9zIfvnyyVptLHxxeycqNZrz3w+HizciKvVvPaXFFmsvRqtMs83N4Rn8hbaSsrz6fpmbPLS8c3C7VdaGJVzs5VO87+++768JUP/nJ2qb1DDqok6e6YkxMTk5MTUw9NP/RwqTQ8WZpcnVG6SlwuEUMRUSoN35Kdlttr9zp5w909Zs2MiJX/25qDN9ykodHuRDXyqMVinIw00hgqnovHt3dFGiNRiZloRD3m23m/Hbkyv/vo6vX/n37gj7/eaL39/X+vl997eV7naHsoDnQyDgzq/9dEsQWP4UG11t7pRNOf93K8FhfiXJyO5ViOpXjp6qV2XL3EOo9rKXPTj52ddGhra52LLGqRRzOSyGM+ykVOWuTUI43pmIqpKMVTcSJmoxlpzEYe1ciiGaeiGa3Iij2qEo3IohytqEcj0jgSlTgaaUzEdEzH8Ugji/E4FfVYjFrMxUyUi1rOrHRcvCquu7/y9I+f+82Hb7an40ycLV6ciQ0akrTfzO1+P+LPGxRa091fR//fLjHU3cG3pU9im4xe56u6FYdt2BIrxfn/8O0OAwAAALiFkuLT9yQiRuKeYmo2r2Zf6M0eub3RAQAAAFuh+Kbd/nZSnOrfE0n7/L+0Tsn3InZue3gAAADAFkiKa+ySiBiLeztTvcul1vsQAAAAAPgvVPz//0A7GYu4WGQ4/wcAAICPma8NGmP/gx3FGLtj0VzYmfz0T9FojCSXFk7el5wvt8uVz9/RWa6bfP5yja3ZfcmebiVFMjV8YXcSEcOVbH/SG/3yn91rCT4qnvddGYBw0Fj/ySYBxMYBFL/FN+Ngp8zBZzvps705nbWMzebVbLxSrz4ykXQ/HGm98vzZL0XR/K/X5vckcebs8tL4My8sFzWcv9R+vnS+Ozx80lsqumMnbBDLSu9qinvWb/FIcSFGd71jnfWW+tvfHU12aOP2J/3rfD0OdcocGuukY6vbP9pe58T4IxNRLu8ZamUnW6+s9LW+G8VEEUXR8p291ibX8Sq8Hoc7ZQ4fOdxJ1oliclUUz6+NYvJKFJeucVtccxRvHrx48q+/qCfZ8c2iOH6TUQDcLmeKUX+u9EK7il7oH51R1X/ww868/n53V2/J6znKnbnyLqO3fF9fNxxrevf0Rnr31+NIp8yRzvuJ4X3r9CuldY7oL5598ZfdI/qDb3/v+08e+NW7V/Xr1xHF23G0U6abxP//fEAf227zt67qVd9qL/HWwPU2q5PJq0mMJJ2bD8WF+8+eP/3c0nNLz09OHp8qPVgqPTQZI8VbhW6yXqRrNioA/2s2u8fOu1++XHTQXXiSBzc5q06Ge18pGI9n4oVYjmfjWHG1QUTcu36tY31fQzi2yVnrWN8dXo5tcm55pezk1WV3Hk5iQNnjfVvsU98tkr/dohcEALbBoU364STu6gz78+qd3SUul1gpPvy9I0mO9Z93fzEi9g3qc9t9+dHOjXN7Z8cxuC/v9/tu+tnt2CgA8DGXNT5KxlpvJI1GvvDUxPT0RLl1Iksb9coTaSOfmcvSvNbKGpUT5dpcli406q16pfdPy5msmTYXFxbqjVY6W2+kC/VmfrK483vavfV7M5sv11p5pblQzcrNLK3Ua61ypZXO5M1KurD4WDVvnsgaxcLNhaySz+aVciuv19JmfbFRycbTtJllfQXzmazWymfzbCTNa+lCI58vNy5FRHVxPktnsmalkS+06p0Ke+vKa7N7GvNFteOx5h8Kf7gd2xwAbreXX7tw7vTy8tJLNzbxu2spfLvbCACsppcGAAAAAAAAAAAAAID/fGsv12vnXteFgCNxw5cPvrwz2hO7bnTx9sSTnYb0xhW+qcsZ104Mb3WFG0985p2ta8XaekZ6OXdudt3nrlWv6Y7utt2mjXDuX1tX4dOPPnruwqWIKHKS4f7N+9jFvSfez6LXug3qWf8vZb1LXd/YE7HjR9/p5HxuQOFkeIu32HvdBvb+qgcVHlqds5Js8Ie/LYcfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALgu/w4AAP//9+1FgQ==")
io_uring_setup(0x1a8, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r0, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @empty}}}, @ip_retopts={{0x10, 0x110, 0xc}}], 0x30}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f0000010200)=""/102400, 0x19000)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)

1m15.776981017s ago: executing program 0 (id=3976):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, &(0x7f0000000300)={0x1, 0x0, 0x0, 0xcccccccc})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000080)=0x80000003)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
r4 = dup2(r3, r3)
read$FUSE(r4, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5, 0x0, 0x3}, 0x18)
socket$packet(0x11, 0x2, 0x300)
r6 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r6, 0x80045505, 0x0)
ioctl$USBDEVFS_SETCONFIGURATION(r6, 0x80045505, &(0x7f0000000000)=0x1)
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000002,nostrict,uid=', @ANYRESOCT=0x0, @ANYRES16], 0x2, 0xc36, &(0x7f0000002540)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2SEmV9Pjb13Z19b/a9eeMZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr56+qz7PwA8Vq75/38AAAAAAAAAAAAAADjoUhTxZKSYvbKaxqr3HfXL7b7bd0aHhreudiRVNQ9V5cuf+pmz585/6YXBC9283J7+gPp77bPx2si1S42XZ27Nzk3Oz09ONEan2+MzE5M73sNu6292sjoAjVuv3564cWO+cfb5cxs+vjPwfv8TxwcuDj576plu2dGh4eGR9SL13vK1+25Ix3YzPA5HEacixXPf+2lqRUQRuz8W9Qc79psdqTpxsurE6NBw1ZGpdmt6ofzwavdAFBGNnkrN7jHaeiyi1vdA+7C9ZsRi2fyywSfL7o3MtuZa16cmG1dbcwvthfbM9NXUaW3Zn0YUcSFFLEXESv+9u+uLImqR4jvHVtP1iDjUPQ5frCYGb9+OYh/7uANlOxt9EUvFIzBmB1h/FPFqpPjZOydiPF9nqmvNFyJeLfMHEW+V+VJEKk+M8xHvbXEe8WiqRRF/WY7/xdU0UV0PuteVy19rfGX6xkxP2e515SPeH+65Ujyk+8ORTflgHPBrUz2KaFVX/NV0/7/ZAQAAAAAAAAAAAAAAAGCvHYkiPhMpXvmPP6nmFUc1L/3YxcE/HPjV3jnjT3/Ifsqyz0fEYrGzObmH88TAq+lqSg95LvHjrB5F/Gme//eth90YAAAAAAAAAAAAAAAAAACAx1oRP4kUL757Ii1F75ri7embjWut61OdVWG7a/9210xfW1tba6RONnOO5VzMuZRzOedKzihy/ZzNnGM5F3Mu5VzOuZIzDuX6OZs5x3Iu5lzKuZxzJWfUcv2czZxjORfLrK93dDlvX8kZB2TtXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAj5MiivhFpPj2N1ZTpIhoRoxFJ5f7H3brAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBSfyri+5Gi8UfNu9tqEZGqfztOlL+cj+bhMj8ZzcEyX4rmpZytKmvNbz2E9rM7famIH0eK/vrbdwc8j39f593d0yDe+ub6u8/WOnmo++HA+/1PHD92cXD4N57e7nXaqgEnL7enb99pjA4ND4/0bK7lb/9kz7aB/L3F3nSdiJh/483XW1NTk3P3/6I8BXZR/RF6kWqPS08f1ovFvTgh9+5F1A5EMx5O33kMlPf/9yLF7777n90bfuf+X49f6by7e4ePn//Z+v3/xc072uH9v7a5Xr7/l/f0re7/T/ZsezH/bqSvFlFfuDXbdzyiPv/Gm6fat1o3J29OTp8/ffrLg4NfPne673BE/UZ7arLn1Z4cLgAAAAAAAAAAAAAAAIAHJxXx+5Gi9ePV1IiIO9V8rYGLg8+eeuZQHKrmW22Yt/3ayLVLjZdnbs3OTc7PT040Rqfb4zMTkzv9uno13Wt0aHhfOvOhjuxz+4/UX56ZfWOuffOPF7b8/Gj90vX5hbnW+NYfx5EoIpq9W05WDR4dGq4aPdVuTVdVr245mf6j60tF/FekGD/fSJ/P2/L8/80z/DfM/1/cvKN9mv//iZ5t5XemVMTPI8Xv/NXT8fmqnUfjnmOWy/1dpDh54XO5XBwuy3Xb0HmuQGdmYFn2/yLFP/1iY9nufMgn18ue2fGBfUSU438sUnz/L74bv5m3bXz+w9bjf3TzjvZp/J/q2XZ0w/MKdt118vifihQvPfl2/Fbe9kHP/+g+e+NELnz3+Rz7NP6f6tk2kL/3t/em6wAAAAAAAAAAAI+0vlTE30eKHw7X0gt5207+/t/E5h3t09//+nTPtom9Wa/oQ1/s+qACAAAAwAHRl4r4SaS4ufD23TnUG+d/98z//L31+Z9DadOn1Z/z/Vr13IC9/PO/XgP5e8d2320AAAAAAAAAAAAAAAAAAAA4UFIq4oW8nvpYNZ9/Ytv11JcjxSv/81wul46X5brrwA9Uv9avzEyfujQ1NTPeWmhdn5psjMy2xifLuk9FitW//VyuW1Trq3fXm++s8b6+FvtcpBj+h27Zzlrs3bXJn1ove6Ys+4lI8d//uLFsdx3rT62XPVuW/ZtI8fV/2brs8fWy58qy340UP/p6o1v2aFm2+3zUT6+XfX58ptiHUQEAAAAAAAAAAAAAAAAAAOBx05eK+PNI8b+3lu7O5c/r//f1vK289c2e9f43uVOt8z9Qrf+/3ev7Wf+/eq7A4nbfCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH08pingzUsxeWU3L/eX7jvrl9vTtO6NDw1tXO5Kqmoeq8uVP/czZc+e/9MLghW5+cP299pl4beTapcbLM7dm5ybn5ycnGqPT7fGZickd72G39Tc7WR2Axq3Xb0/cuDHfOPv8uQ0f3xl4v/+J4wMXB5899Uy37OjQ8PBIT5la331/+z3SNtsPRxF/HSme+95P0w/7I4rY/bH4kHNnvx2pOnGy6sTo0HDVkal2a3qh/PBq90AUEY2eSs3uMXoAY7ErzYjFsvllg0+W3RuZbc21rk9NNq625hbaC+2Z6aup09qyP40o4kKKWIqIlf57d9cXRbweKb5zbDX9a3/Eoe5x+OKVka+ePrt9O4p97OMOlO1s9EUsFY/AmB1g/VHEP0eKn71zIv6tP6IWnZ/4QsSrZf4g4q3ojHcqT4zzEe9tcR7xaKpFEf9fjv/F1fROf3k96F5XLn+t8ZXpGzM9ZbvXlUf+/vAgHfBrUz2K+FF1xV9N/+6/awAAAAAAAAAAAAAAAIADpIhfjxQvvnsiVfOD784pbk/fbFxrXZ/qTOvrzv3rzpleW1tba6RONnOO5VzMuZRzOedKzihy/ZzNMutra2P5/WLOpZzLOVdyxqFcP2cz51jOxZxLOZdzruSMWq6fs5lzLOdizqWcyzlXcsYBmbsHAAAAAAAAAAAAAAAAAAB8vBTVPym+/Y3VtNbfWV96LDq5bD3Qj71fBgAA//8dq/O8")
setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff})
truncate(&(0x7f0000000000)='./file1\x00', 0x20ff7ffffc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='ext4_es_remove_extent\x00', r1}, 0x18)
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000180)='./file1\x00')
syz_open_dev$tty1(0xc, 0x4, 0x1)

1m14.732716453s ago: executing program 0 (id=3979):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da07000000000001090224000100000000090400000903000000092100000001222200090581030800"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @global=@item_4={0x3, 0x1, 0x5, '\f\x00'}, @local=@item_012={0x2, 0x2, 0x2, "9008"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0)
syz_usb_ep_write(r0, 0x81, 0x0, 0x0)
syz_usb_ep_write(r0, 0x81, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000001c0)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r2, 0x3)
syz_emit_ethernet(0x36, &(0x7f0000000300)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x81, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x14, 0xca, 0x0, 0x1000}}}}}}, 0x0)

1m11.014219063s ago: executing program 0 (id=3997):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r0, &(0x7f0000000140)='^', 0x34000, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10)
r1 = syz_io_uring_setup(0x10e, &(0x7f0000000340)={0x0, 0xcb9c, 0x13200, 0x3, 0x801}, &(0x7f00000003c0)=<r2=>0x0, &(0x7f0000000300)=<r3=>0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x60, 0x185100})
io_uring_enter(r1, 0x7277, 0x0, 0x28, 0x0, 0x0)
listen(r0, 0xfff)
accept4(r0, 0x0, 0x0, 0x0)

1m9.81310762s ago: executing program 0 (id=4003):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0xfd, 0x2c3, &(0x7f0000000440)="$eJzs3NFLU2EYx/Ent9yc6RZEUFA91E3dHHT9ATVCIRoU5qS6CI55VmOnTc4ZxiJyN9Ftf4d02V1Q/QPeRDfddyeB0I0X0QnP2dFNp26m29LvB/S8O8/7833VozxH8Kw8ePe8mHeNvFmRgbjKgEhN1kRS66O6E/XjgD8elEY1uTb86/uF+w8f3clksxNTqpOZ6etpVR299OnFq/eXv1SGZz6MfozJcurxymr6x/LZ5XMrf6afFVwtuFoqV9TU2XK5Ys7als4V3KKhes+2TNfSQsm1nLAeqy84P19VszQ3kph3LNdVs1TVolXVSlkrTlXNp2ahpIZh6EhCjrdoG3NyS1NTZmbHshfZ6wPEOt0VDtVQq5OOk6m1LuaWurAnAADQZ3bv/4Nef+f+PzsTHA+4/xfZ3v/79bxdbr//b6cBPnZqTa/26P9xJDhOxkzUf35FGu/p6P8BAAAAAAAAAAAAAAAAAAAAAPgfrHle0vO8ZHgM32IiEheR8HWv94nD0fH331pdf3+jl3vGwWn4x724iP12IbeQC45BPZOXgthiyZgk5bd/PdQF48nb2Ykx9aXks71Yzy8u5CL+wyH8fCjVKn/x9HiQ1+b8SUk0rp+WpJxpvX66ZX5Qrl5pyBuSlK9PpCy2zPnX9Wb+9bjqrbvZLfkhfx4AAAAAAEeBoRu23b/7dX9CXLbXg3wHfx/Ycn8dlfM8oQcAAAAAgK5wqy+Lpm1bzj4GMRH5h7g9eyrYwz7j/TqISPMZifbDxm6KSB9so1uDuIgEZ3Q/8Z8b8bZSXhtzoutXeq+/LB0Mev2bCQAAAMBB22z6Owh9e3OIOwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Php93lg4fymUlzcaljYJd6wXKTrnyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQR/4GAAD///fUGeI=")
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x5)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x3)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000140)=0x5)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000400)=0x7)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000200)=0xa)

54.716092303s ago: executing program 42 (id=4003):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0xfd, 0x2c3, &(0x7f0000000440)="$eJzs3NFLU2EYx/Ent9yc6RZEUFA91E3dHHT9ATVCIRoU5qS6CI55VmOnTc4ZxiJyN9Ftf4d02V1Q/QPeRDfddyeB0I0X0QnP2dFNp26m29LvB/S8O8/7833VozxH8Kw8ePe8mHeNvFmRgbjKgEhN1kRS66O6E/XjgD8elEY1uTb86/uF+w8f3clksxNTqpOZ6etpVR299OnFq/eXv1SGZz6MfozJcurxymr6x/LZ5XMrf6afFVwtuFoqV9TU2XK5Ys7als4V3KKhes+2TNfSQsm1nLAeqy84P19VszQ3kph3LNdVs1TVolXVSlkrTlXNp2ahpIZh6EhCjrdoG3NyS1NTZmbHshfZ6wPEOt0VDtVQq5OOk6m1LuaWurAnAADQZ3bv/4Nef+f+PzsTHA+4/xfZ3v/79bxdbr//b6cBPnZqTa/26P9xJDhOxkzUf35FGu/p6P8BAAAAAAAAAAAAAAAAAAAAAPgfrHle0vO8ZHgM32IiEheR8HWv94nD0fH331pdf3+jl3vGwWn4x724iP12IbeQC45BPZOXgthiyZgk5bd/PdQF48nb2Ykx9aXks71Yzy8u5CL+wyH8fCjVKn/x9HiQ1+b8SUk0rp+WpJxpvX66ZX5Qrl5pyBuSlK9PpCy2zPnX9Wb+9bjqrbvZLfkhfx4AAAAAAEeBoRu23b/7dX9CXLbXg3wHfx/Ycn8dlfM8oQcAAAAAgK5wqy+Lpm1bzj4GMRH5h7g9eyrYwz7j/TqISPMZifbDxm6KSB9so1uDuIgEZ3Q/8Z8b8bZSXhtzoutXeq+/LB0Mev2bCQAAAMBB22z6Owh9e3OIOwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Php93lg4fymUlzcaljYJd6wXKTrnyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQR/4GAAD///fUGeI=")
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x5)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x3)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000140)=0x5)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000400)=0x7)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000200)=0xa)

14.500442606s ago: executing program 2 (id=4164):
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000080)=0x80000003)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
r4 = dup2(r3, r3)
read$FUSE(r4, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5, 0x0, 0x3}, 0x18)
r6 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r6, 0x80045505, 0x0)
ioctl$USBDEVFS_SETCONFIGURATION(r6, 0x80045505, &(0x7f0000000000)=0x1)
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000002,nostrict,uid=', @ANYRESOCT=0x0, @ANYRES16], 0x2, 0xc36, &(0x7f0000002540)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2SEmV9Pjb13Z19b/a9eeMZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr56+qz7PwA8Vq75/38AAAAAAAAAAAAAADjoUhTxZKSYvbKaxqr3HfXL7b7bd0aHhreudiRVNQ9V5cuf+pmz585/6YXBC9283J7+gPp77bPx2si1S42XZ27Nzk3Oz09ONEan2+MzE5M73sNu6292sjoAjVuv3564cWO+cfb5cxs+vjPwfv8TxwcuDj576plu2dGh4eGR9SL13vK1+25Ix3YzPA5HEacixXPf+2lqRUQRuz8W9Qc79psdqTpxsurE6NBw1ZGpdmt6ofzwavdAFBGNnkrN7jHaeiyi1vdA+7C9ZsRi2fyywSfL7o3MtuZa16cmG1dbcwvthfbM9NXUaW3Zn0YUcSFFLEXESv+9u+uLImqR4jvHVtP1iDjUPQ5frCYGb9+OYh/7uANlOxt9EUvFIzBmB1h/FPFqpPjZOydiPF9nqmvNFyJeLfMHEW+V+VJEKk+M8xHvbXEe8WiqRRF/WY7/xdU0UV0PuteVy19rfGX6xkxP2e515SPeH+65Ujyk+8ORTflgHPBrUz2KaFVX/NV0/7/ZAQAAAAAAAAAAAAAAAGCvHYkiPhMpXvmPP6nmFUc1L/3YxcE/HPjV3jnjT3/Ifsqyz0fEYrGzObmH88TAq+lqSg95LvHjrB5F/Gme//eth90YAAAAAAAAAAAAAAAAAACAx1oRP4kUL757Ii1F75ri7embjWut61OdVWG7a/9210xfW1tba6RONnOO5VzMuZRzOedKzihy/ZzNnGM5F3Mu5VzOuZIzDuX6OZs5x3Iu5lzKuZxzJWfUcv2czZxjORfLrK93dDlvX8kZB2TtXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAj5MiivhFpPj2N1ZTpIhoRoxFJ5f7H3brAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBSfyri+5Gi8UfNu9tqEZGqfztOlL+cj+bhMj8ZzcEyX4rmpZytKmvNbz2E9rM7famIH0eK/vrbdwc8j39f593d0yDe+ub6u8/WOnmo++HA+/1PHD92cXD4N57e7nXaqgEnL7enb99pjA4ND4/0bK7lb/9kz7aB/L3F3nSdiJh/483XW1NTk3P3/6I8BXZR/RF6kWqPS08f1ovFvTgh9+5F1A5EMx5O33kMlPf/9yLF7777n90bfuf+X49f6by7e4ePn//Z+v3/xc072uH9v7a5Xr7/l/f0re7/T/ZsezH/bqSvFlFfuDXbdzyiPv/Gm6fat1o3J29OTp8/ffrLg4NfPne673BE/UZ7arLn1Z4cLgAAAAAAAAAAAAAAAIAHJxXx+5Gi9ePV1IiIO9V8rYGLg8+eeuZQHKrmW22Yt/3ayLVLjZdnbs3OTc7PT040Rqfb4zMTkzv9uno13Wt0aHhfOvOhjuxz+4/UX56ZfWOuffOPF7b8/Gj90vX5hbnW+NYfx5EoIpq9W05WDR4dGq4aPdVuTVdVr245mf6j60tF/FekGD/fSJ/P2/L8/80z/DfM/1/cvKN9mv//iZ5t5XemVMTPI8Xv/NXT8fmqnUfjnmOWy/1dpDh54XO5XBwuy3Xb0HmuQGdmYFn2/yLFP/1iY9nufMgn18ue2fGBfUSU438sUnz/L74bv5m3bXz+w9bjf3TzjvZp/J/q2XZ0w/MKdt118vifihQvPfl2/Fbe9kHP/+g+e+NELnz3+Rz7NP6f6tk2kL/3t/em6wAAAAAAAAAAAI+0vlTE30eKHw7X0gt5207+/t/E5h3t09//+nTPtom9Wa/oQ1/s+qACAAAAwAHRl4r4SaS4ufD23TnUG+d/98z//L31+Z9DadOn1Z/z/Vr13IC9/PO/XgP5e8d2320AAAAAAAAAAAAAAAAAAAA4UFIq4oW8nvpYNZ9/Ytv11JcjxSv/81wul46X5brrwA9Uv9avzEyfujQ1NTPeWmhdn5psjMy2xifLuk9FitW//VyuW1Trq3fXm++s8b6+FvtcpBj+h27Zzlrs3bXJn1ove6Ys+4lI8d//uLFsdx3rT62XPVuW/ZtI8fV/2brs8fWy58qy340UP/p6o1v2aFm2+3zUT6+XfX58ptiHUQEAAAAAAAAAAAAAAAAAAOBx05eK+PNI8b+3lu7O5c/r//f1vK289c2e9f43uVOt8z9Qrf+/3ev7Wf+/eq7A4nbfCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH08pingzUsxeWU3L/eX7jvrl9vTtO6NDw1tXO5Kqmoeq8uVP/czZc+e/9MLghW5+cP299pl4beTapcbLM7dm5ybn5ycnGqPT7fGZickd72G39Tc7WR2Axq3Xb0/cuDHfOPv8uQ0f3xl4v/+J4wMXB5899Uy37OjQ8PBIT5la331/+z3SNtsPRxF/HSme+95P0w/7I4rY/bH4kHNnvx2pOnGy6sTo0HDVkal2a3qh/PBq90AUEY2eSs3uMXoAY7ErzYjFsvllg0+W3RuZbc21rk9NNq625hbaC+2Z6aup09qyP40o4kKKWIqIlf57d9cXRbweKb5zbDX9a3/Eoe5x+OKVka+ePrt9O4p97OMOlO1s9EUsFY/AmB1g/VHEP0eKn71zIv6tP6IWnZ/4QsSrZf4g4q3ojHcqT4zzEe9tcR7xaKpFEf9fjv/F1fROf3k96F5XLn+t8ZXpGzM9ZbvXlUf+/vAgHfBrUz2K+FF1xV9N/+6/awAAAAAAAAAAAAAAAIADpIhfjxQvvnsiVfOD784pbk/fbFxrXZ/qTOvrzv3rzpleW1tba6RONnOO5VzMuZRzOedKzihy/ZzNMutra2P5/WLOpZzLOVdyxqFcP2cz51jOxZxLOZdzruSMWq6fs5lzLOdizqWcyzlXcsYBmbsHAAAAAAAAAAAAAAAAAAB8vBTVPym+/Y3VtNbfWV96LDq5bD3Qj71fBgAA//8dq/O8")
setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff})
truncate(&(0x7f0000000000)='./file1\x00', 0x20ff7ffffc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='ext4_es_remove_extent\x00', r1}, 0x18)
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000180)='./file1\x00')
syz_open_dev$tty1(0xc, 0x4, 0x1)

13.600588498s ago: executing program 2 (id=4168):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f000001b700)=""/102392, 0x18ff8)
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, 0x0)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000180)={'8255\x00', [0x8001, 0x7, 0x4, 0x0, 0x10001, 0xcc7, 0x10001, 0x800004, 0x7fff, 0x2, 0x40c4f, 0x1, 0x8, 0x1100004, 0x6, 0xa, 0x8, 0x7, 0x43, 0x40000003, 0xc, 0xffffffff, 0xf27, 0x6, 0x800b, 0x8, 0x5, 0x5, 0x8, 0x4, 0xc]})
ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0)

11.896114934s ago: executing program 9 (id=4170):
syz_mount_image$hfsplus(&(0x7f0000000500), &(0x7f0000000280)='./file0\x00', 0x10, &(0x7f0000000040)=ANY=[], 0x4, 0x661, &(0x7f0000000dc0)="$eJzs3U9sHFcdB/DvrNd2bKTEtEkbUKVajVQQEYkdywVzgIAQyqFCVThwthKnsbJxK9tFboXA/Bc3DuVeDr5xAnGPVM5w69XiVITEpSeLQxfNeHa9jtf/asd20s8nmn3vzZt5895vZ97ujBVtgM+tW1fTfJSfd8vra1Ot9bWp4brYSlLmG0mzXlUsJMWHyc1sLvlSubJTudtx3p+fuf3RJ+sfb5aa9VJt39hrv4NZrZeMJxmo050GP1N7d3Zt78CKzgjLgF05+njheLR3WN1W/8fy5eVdd3cewzOg2Pzc3GEsGa0ngOo7QT07NE60c0/A6ml3AAAAAE7AhY1sZCXnT7sfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8BRaTVLUv+9fpsV4itEk55IM1etS559qj4rT7gEAAAAAAAAAHEhzr8qXN7KRlZzvlNtF9Tf/V8psu90uV30h72Qpc1nMtaxkNstZzmImk4z1NDS0Mru8vDhZ7ZlczK57ftruu+eN4x42AAAAAAAAADzjvr2t9Mvc2vr7PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnAVFMrCZVMvFTn4sjWaSc0mGyu1Wk3928mdEY8/a9oW+qx89oc4AAADAWXJhIxtZyfmqMJK0i+qe/4Xqvv9c3slCljOf5bQyl7vVs4DNu/7G+tpUa31t6mG57Gz3u/89VDeG6vv3garU78iXqy1Gci/z1ZpruZO30srdNLp3/pc7/enfr1+UfSq+Uztgz+7WaTnyP9TpDrc/PdRoj8dYFZHBbkQmOg9vSntH4pDvzuNHmkyj++TnYv8jtWv7xXyw3/FG67SM9W97Yr4t9r2Pnv51qOEcweORuNFz9r2wPRI7d/7K3/784/uthQf37y1d7XsaPU0ej8RUTyRe7EahSFb7zA/PVCQmqkhc6pZv5Qf5Ua5mPG9kMfP5SWaznLmM5/tVbrY+j4vdr56Om9tKb+zziLO6JMa6s+jh+vRKte/5zOeHeSt3M5fXqn83MplvZDrTmel5hy8dYKZtHG6mvfLVOjOS5Hd1ejaUcf1iT1x759yxqq53zVaUnts/Sq83Dxel5pfrTHmMX+371PskPR6JyZ5IPL93JP7ULl+XWgsPFu/Pvn3A471ap+V19JvdPpn31Dz0HgdTni/PddvffnaUdc/3rZus6i526xo76i516/a7Uofq73A7W7pR1b3Yt26qqrvcU9fv+9ZJRBCAIxn92ujQyH9G/jHywcivR+6PvH7ue8PfHH5pKIN/H/xWc2Lg1cZLxV/yQX5W3/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABHsvTuew9mWwNZ3My05g6YGc4hNj5Apqh/yOfYGjzTmTSOONLOz+ed+nCGkyOeCX/9/eZQTv1NOY5Ms3xPytF8xnbSOAujqDJDpzgrASfh+vLDt68vvfve1+cfzr459+bcwuD09MzEzPRrU9fvzbfmJjZfT7uXwJOw9aHft/rfJ94hAAAAAAAAAAAAYF8n8d8JTnuMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNPt1tU0H6XI5MS1ibK8vjbVKpdOfmvLZpJGkuKnSfFhcjObS8Z6mit2O8778zO3P/pk/eOttpqd7ctG/9c+0ihW6yXjSQbq9Ljau3Pk9opuZMqAXekEDk7b/wMAAP//YkoNYg==")
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x21, &(0x7f0000000000)=0xfffffffe, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000480)=0x17d3, 0x44)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000640)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x34, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8}]}, 0x34}}, 0x0)

11.8710064s ago: executing program 2 (id=4171):
ioctl$IOMMU_VFIO_IOAS$SET(0xffffffffffffffff, 0x3b88, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, 0x0)
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xe)
ioctl$TIOCSLCKTRMIOS(r0, 0x5435, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x108111, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000000000000900000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r4, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x3}, 0x10)
ioctl$SIOCPNENABLEPIPE(r4, 0x89ed, 0x0)
r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r5, 0xc0045005, &(0x7f0000000640)=0x10)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000b, 0x8012, r5, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)

10.731560732s ago: executing program 2 (id=4173):
socket$inet6_sctp(0xa, 0x5, 0x84)
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x420, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000002a80)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000019200)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0x12, &(0x7f0000006ffc)=0x4000000000000200, 0x4)
bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000002980)=[{{0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x480e0)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000002a00)=[{{&(0x7f00000025c0)=@phonet, 0x80, &(0x7f0000002900)=[{&(0x7f0000002640)=""/115, 0x73}, {0x0}, {&(0x7f0000002700)=""/198, 0xc6}, {&(0x7f0000002800)=""/179, 0xb3}], 0x4}, 0x7}], 0x1, 0x40010100, 0x0)

10.07194675s ago: executing program 9 (id=4174):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x4, {{@in=@remote, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x1000000000000000, 0x7, 0xffffffffffffff8b, 0x0, 0x0, 0x2, 0x0, 0xfffffffffffffffc}, {0x0, 0x2, 0x200000000000}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x2b}, 0xa, @in6=@local, 0x0, 0x4}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x3)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f00000002c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0x2, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
syz_emit_ethernet(0x76, &(0x7f0000000300)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x68, 0x0, 0x0, 0x81, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x15, 0x4, 0xca, 0x0, 0x1000, {[@timestamp={0x8, 0xa, 0x80000000, 0xfbc}, @nop, @exp_smc={0xfe, 0x6}, @timestamp={0x8, 0xa, 0x1, 0x8a}, @exp_fastopen={0xfe, 0x10, 0xf989, "444e38caa511b9096239c28c"}, @md5sig={0x13, 0x12, "0c39e122bd2f7556512830127a3fa7b7"}]}}}}}}}, 0x0)

9.875565807s ago: executing program 2 (id=4175):
open(&(0x7f0000000240)='./file0\x00', 0xa84c0, 0x9a)
inotify_init1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x707c, 0x400, 0x3, 0x288}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x12a8f, 0xf264, 0x40, 0x0, 0x0)

9.775498551s ago: executing program 6 (id=4176):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
keyctl$read(0x2, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x3, 0x0)
socket$inet6(0xa, 0xb, 0x0)
getpid()
r1 = syz_open_dev$radio(&(0x7f0000002900), 0x2, 0x2)
ioctl$VIDIOC_LOG_STATUS(r1, 0x5646, 0x0)

9.76278006s ago: executing program 9 (id=4177):
r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000300)={{0x12, 0x1, 0x0, 0xa, 0x58, 0x5d, 0x20, 0x40a, 0x2, 0x518f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x8, 0x10, 0x0, [{{0x9, 0x4, 0x9, 0x0, 0x0, 0xfb, 0x52, 0x99}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

8.681956316s ago: executing program 6 (id=4178):
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r0, 0xc01864ba, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000080)=0x80000003)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
r4 = dup2(r3, r3)
read$FUSE(r4, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5, 0x0, 0x3}, 0x18)
r6 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r6, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r6, 0x80045505, 0x0)
ioctl$USBDEVFS_SETCONFIGURATION(r6, 0x80045505, &(0x7f0000000000)=0x1)
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000002,nostrict,uid=', @ANYRESOCT=0x0, @ANYRES16], 0x2, 0xc36, &(0x7f0000002540)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2SEmV9Pjb13Z19b/a9eeMZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr56+qz7PwA8Vq75/38AAAAAAAAAAAAAADjoUhTxZKSYvbKaxqr3HfXL7b7bd0aHhreudiRVNQ9V5cuf+pmz585/6YXBC9283J7+gPp77bPx2si1S42XZ27Nzk3Oz09ONEan2+MzE5M73sNu6292sjoAjVuv3564cWO+cfb5cxs+vjPwfv8TxwcuDj576plu2dGh4eGR9SL13vK1+25Ix3YzPA5HEacixXPf+2lqRUQRuz8W9Qc79psdqTpxsurE6NBw1ZGpdmt6ofzwavdAFBGNnkrN7jHaeiyi1vdA+7C9ZsRi2fyywSfL7o3MtuZa16cmG1dbcwvthfbM9NXUaW3Zn0YUcSFFLEXESv+9u+uLImqR4jvHVtP1iDjUPQ5frCYGb9+OYh/7uANlOxt9EUvFIzBmB1h/FPFqpPjZOydiPF9nqmvNFyJeLfMHEW+V+VJEKk+M8xHvbXEe8WiqRRF/WY7/xdU0UV0PuteVy19rfGX6xkxP2e515SPeH+65Ujyk+8ORTflgHPBrUz2KaFVX/NV0/7/ZAQAAAAAAAAAAAAAAAGCvHYkiPhMpXvmPP6nmFUc1L/3YxcE/HPjV3jnjT3/Ifsqyz0fEYrGzObmH88TAq+lqSg95LvHjrB5F/Gme//eth90YAAAAAAAAAAAAAAAAAACAx1oRP4kUL757Ii1F75ri7embjWut61OdVWG7a/9210xfW1tba6RONnOO5VzMuZRzOedKzihy/ZzNnGM5F3Mu5VzOuZIzDuX6OZs5x3Iu5lzKuZxzJWfUcv2czZxjORfLrK93dDlvX8kZB2TtXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAj5MiivhFpPj2N1ZTpIhoRoxFJ5f7H3brAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBSfyri+5Gi8UfNu9tqEZGqfztOlL+cj+bhMj8ZzcEyX4rmpZytKmvNbz2E9rM7famIH0eK/vrbdwc8j39f593d0yDe+ub6u8/WOnmo++HA+/1PHD92cXD4N57e7nXaqgEnL7enb99pjA4ND4/0bK7lb/9kz7aB/L3F3nSdiJh/483XW1NTk3P3/6I8BXZR/RF6kWqPS08f1ovFvTgh9+5F1A5EMx5O33kMlPf/9yLF7777n90bfuf+X49f6by7e4ePn//Z+v3/xc072uH9v7a5Xr7/l/f0re7/T/ZsezH/bqSvFlFfuDXbdzyiPv/Gm6fat1o3J29OTp8/ffrLg4NfPne673BE/UZ7arLn1Z4cLgAAAAAAAAAAAAAAAIAHJxXx+5Gi9ePV1IiIO9V8rYGLg8+eeuZQHKrmW22Yt/3ayLVLjZdnbs3OTc7PT040Rqfb4zMTkzv9uno13Wt0aHhfOvOhjuxz+4/UX56ZfWOuffOPF7b8/Gj90vX5hbnW+NYfx5EoIpq9W05WDR4dGq4aPdVuTVdVr245mf6j60tF/FekGD/fSJ/P2/L8/80z/DfM/1/cvKN9mv//iZ5t5XemVMTPI8Xv/NXT8fmqnUfjnmOWy/1dpDh54XO5XBwuy3Xb0HmuQGdmYFn2/yLFP/1iY9nufMgn18ue2fGBfUSU438sUnz/L74bv5m3bXz+w9bjf3TzjvZp/J/q2XZ0w/MKdt118vifihQvPfl2/Fbe9kHP/+g+e+NELnz3+Rz7NP6f6tk2kL/3t/em6wAAAAAAAAAAAI+0vlTE30eKHw7X0gt5207+/t/E5h3t09//+nTPtom9Wa/oQ1/s+qACAAAAwAHRl4r4SaS4ufD23TnUG+d/98z//L31+Z9DadOn1Z/z/Vr13IC9/PO/XgP5e8d2320AAAAAAAAAAAAAAAAAAAA4UFIq4oW8nvpYNZ9/Ytv11JcjxSv/81wul46X5brrwA9Uv9avzEyfujQ1NTPeWmhdn5psjMy2xifLuk9FitW//VyuW1Trq3fXm++s8b6+FvtcpBj+h27Zzlrs3bXJn1ove6Ys+4lI8d//uLFsdx3rT62XPVuW/ZtI8fV/2brs8fWy58qy340UP/p6o1v2aFm2+3zUT6+XfX58ptiHUQEAAAAAAAAAAAAAAAAAAOBx05eK+PNI8b+3lu7O5c/r//f1vK289c2e9f43uVOt8z9Qrf+/3ev7Wf+/eq7A4nbfCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH08pingzUsxeWU3L/eX7jvrl9vTtO6NDw1tXO5Kqmoeq8uVP/czZc+e/9MLghW5+cP299pl4beTapcbLM7dm5ybn5ycnGqPT7fGZickd72G39Tc7WR2Axq3Xb0/cuDHfOPv8uQ0f3xl4v/+J4wMXB5899Uy37OjQ8PBIT5la331/+z3SNtsPRxF/HSme+95P0w/7I4rY/bH4kHNnvx2pOnGy6sTo0HDVkal2a3qh/PBq90AUEY2eSs3uMXoAY7ErzYjFsvllg0+W3RuZbc21rk9NNq625hbaC+2Z6aup09qyP40o4kKKWIqIlf57d9cXRbweKb5zbDX9a3/Eoe5x+OKVka+ePrt9O4p97OMOlO1s9EUsFY/AmB1g/VHEP0eKn71zIv6tP6IWnZ/4QsSrZf4g4q3ojHcqT4zzEe9tcR7xaKpFEf9fjv/F1fROf3k96F5XLn+t8ZXpGzM9ZbvXlUf+/vAgHfBrUz2K+FF1xV9N/+6/awAAAAAAAAAAAAAAAIADpIhfjxQvvnsiVfOD784pbk/fbFxrXZ/qTOvrzv3rzpleW1tba6RONnOO5VzMuZRzOedKzihy/ZzNMutra2P5/WLOpZzLOVdyxqFcP2cz51jOxZxLOZdzruSMWq6fs5lzLOdizqWcyzlXcsYBmbsHAAAAAAAAAAAAAAAAAAB8vBTVPym+/Y3VtNbfWV96LDq5bD3Qj71fBgAA//8dq/O8")
setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff})
truncate(&(0x7f0000000000)='./file1\x00', 0x20ff7ffffc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='ext4_es_remove_extent\x00', r1}, 0x18)
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000180)='./file1\x00')
syz_open_dev$tty1(0xc, 0x4, 0x1)

8.286848036s ago: executing program 9 (id=4179):
ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, 0x0)
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xe)
ioctl$TIOCSLCKTRMIOS(r0, 0x5435, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x108111, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000000000000900000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
r6 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r6, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x3}, 0x10)
ioctl$SIOCPNENABLEPIPE(r6, 0x89ed, 0x0)
r7 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r7, 0xc0045005, &(0x7f0000000640)=0x10)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000b, 0x8012, r7, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)

7.151666121s ago: executing program 9 (id=4180):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff0000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = io_uring_setup(0x1195, &(0x7f0000000040)={0x0, 0x2150, 0xc000, 0x3, 0xc4})
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000001480)}, {&(0x7f0000000100)}], 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='*'], 0x50)
io_uring_enter(r2, 0x2219, 0xcf74, 0x16, 0x0, 0x0)

6.911666303s ago: executing program 6 (id=4181):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
rseq(&(0x7f0000000140), 0x20, 0x0, 0x0)
r3 = landlock_create_ruleset(&(0x7f0000000440)={0x6621}, 0x18, 0x0)
landlock_restrict_self(r3, 0x0)

6.536118846s ago: executing program 7 (id=4182):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r3, 0xc4c85513, &(0x7f0000000b00)={{0x2, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x400000, 0x0, 0x100000001, 0xfffffffffffffffe, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xc6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x1000000000000, 0x0, 0x10, 0x0, 0x0, 0x7fff, 0x80000001, 0x0, 0x0, 0xfffffffffffffffd, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, 0x0, 0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000003, 0x6, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x3, 0x800000000000000, 0x1, 0x8, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x8, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, 0x8, 0x8, 0x0, 0x0, 0x6, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x9]})

5.874554449s ago: executing program 6 (id=4183):
ioctl$IOMMU_VFIO_IOAS$SET(0xffffffffffffffff, 0x3b88, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, 0x0)
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0xe)
ioctl$TIOCSLCKTRMIOS(r0, 0x5435, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x108111, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000000000000900000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r4, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x3}, 0x10)
ioctl$SIOCPNENABLEPIPE(r4, 0x89ed, 0x0)
r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r5, 0xc0045005, &(0x7f0000000640)=0x10)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000b, 0x8012, r5, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)

4.008541052s ago: executing program 7 (id=4184):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e23, 0xfffffffc, @loopback}, 0x1c)
listen(r1, 0x4)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000140)={0x0, 0x5}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x4}, 0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)="89", 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(0xffffffffffffffff, 0x84, 0x19, &(0x7f0000000140)={0x0, 0x2}, 0x8)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000140)=ANY=[], 0x8397de475a1b5b02)

3.900589404s ago: executing program 6 (id=4185):
socket$inet6_sctp(0xa, 0x5, 0x84)
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x420, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000002a80)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000019200)={0x8, 0x0, &(0x7f0000000180)=[@increfs], 0x0, 0x0, 0x0})
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0x12, &(0x7f0000006ffc)=0x4000000000000200, 0x4)
bind$packet(r4, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000002980)=[{{0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x480e0)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000002a00)=[{{&(0x7f00000025c0)=@phonet, 0x80, &(0x7f0000002900)=[{&(0x7f0000002640)=""/115, 0x73}, {0x0}, {&(0x7f0000002700)=""/198, 0xc6}, {&(0x7f0000002800)=""/179, 0xb3}], 0x4}, 0x7}], 0x1, 0x40010100, 0x0)

3.109092255s ago: executing program 2 (id=4186):
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x1)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0xc0b0)
creat(0x0, 0x2)
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000640)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000080)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xfffa, 0x2}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x800}, @TCA_FLOWER_KEY_IP_PROTO={0x5, 0x9, 0x84}]}}]}, 0x44}}, 0x24004000)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.962464422s ago: executing program 6 (id=4187):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
bind$inet(r2, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
connect$inet(r2, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r2, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00)

2.769038696s ago: executing program 7 (id=4188):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xeb38e000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$TIPC_IMPORTANCE(r3, 0x10f, 0x7f, &(0x7f0000000180)=0x31f9, 0x4)

1.675440089s ago: executing program 7 (id=4189):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000280), 0x400000000000180, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x80601)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x9a89852df90617b2, 0x12, 0x0, 0x800000c, 0xffffffff, 0x4, 0x3, 0x0, 0x7cce8c743ee810df})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r3, 0x40505330, &(0x7f0000000bc0)={0x800100, 0x6, 0x3, 0x724f, 0x0, 0xf})

458.304766ms ago: executing program 7 (id=4190):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x54, 0x0, &(0x7f0000000e00)=[@acquire, @transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000400)={@flat=@weak_handle={0x77682a85, 0x0, 0x1}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0x22}, @fd={0x66642a85, 0x0, r1}}, &(0x7f0000000bc0)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f00000004c0)={@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r3}, @flat=@weak_handle={0x77682a85, 0x1001}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
prlimit64(0x0, 0x7, &(0x7f0000000ec0), 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000001c0), 0x1, 0x1000000000000, &(0x7f0000000340)="cb"})

57.270437ms ago: executing program 7 (id=4191):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89101)
r1 = openat$cgroup_ro(r0, &(0x7f00000002c0)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="b4020000000000006111480000000000850000003b"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0)
clock_adjtime(0x0, &(0x7f00000001c0)={0x8b8d, 0x1000000000000, 0x512, 0x9, 0x0, 0xfffffffffffffffd, 0xe00, 0x0, 0x80, 0xffc99a3b, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10007f, 0x0, 0x0, 0x0, 0x60d2, 0x0, 0x5, 0x1, 0x2})
socket$nl_xfrm(0x10, 0x3, 0x6)
pipe2(&(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05", @ANYRES16=r0, @ANYRES8, @ANYRES16=r1, @ANYRES16=r2], 0x0)

0s ago: executing program 9 (id=4192):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000700)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000040)={0x18, 0x0, {0x4001, @empty, 'ip6gre0\x00'}}, 0x1e)
sendmmsg(r3, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x3e8, 0x0)

kernel console output (not intermixed with test programs):

ue: 3
[ 1425.394056][ T5908] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1425.404908][ T5908] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1425.633107][ T5908] usb 5-1: GET_CAPABILITIES returned 0
[ 1425.639212][ T5908] usbtmc 5-1:16.0: can't read capabilities
[ 1425.869023][ T5908] usb 5-1: USB disconnect, device number 18
[ 1426.748452][T12921] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[ 1427.804105][T12921] usb 7-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1427.816331][T17594] netlink: 16 bytes leftover after parsing attributes in process `syz.9.2567'.
[ 1427.849932][T12921] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1427.854038][T17594] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2567'.
[ 1427.889742][T12921] usb 7-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1427.915048][T17594] netlink: 16 bytes leftover after parsing attributes in process `syz.9.2567'.
[ 1427.916940][T12921] usb 7-1: Manufacturer: syz
[ 1428.000773][T12921] usb 7-1: config 0 descriptor??
[ 1428.070094][T12921] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[ 1428.949351][T17615] loop5: detected capacity change from 0 to 1024
[ 1431.136089][T17627] loop5: detected capacity change from 0 to 512
[ 1431.152753][T17627] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1431.339493][T17630] loop4: detected capacity change from 0 to 1024
[ 1431.866348][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[ 1431.872859][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1431.910210][T17627] EXT4-fs (loop5): 1 truncate cleaned up
[ 1431.933116][T17627] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1432.064001][T17627] EXT4-fs error (device loop5): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.5.2579: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[ 1432.362911][T17627] EXT4-fs (loop5): Remounting filesystem read-only
[ 1432.422154][T17627] EXT4-fs warning (device loop5): ext4_rename_delete:3731: inode #2: comm syz.5.2579: Deleting old file: nlink 5, error=-117
[ 1433.578875][T17638] loop4: detected capacity change from 0 to 256
[ 1433.672309][T17638] exfat: Deprecated parameter 'namecase'
[ 1433.830003][T10101] usb 7-1: USB disconnect, device number 17
[ 1433.866809][T13408] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1433.927728][T17638] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[ 1435.360173][T17663] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[ 1435.367276][T17663] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1435.405326][T17665] loop4: detected capacity change from 0 to 1024
[ 1435.428205][T17663] vhci_hcd vhci_hcd.0: Device attached
[ 1435.449632][T17665] EXT4-fs: Ignoring removed nobh option
[ 1435.457035][T17667] vhci_hcd: connection closed
[ 1435.458868][T11802] vhci_hcd: stop threads
[ 1435.467888][T11802] vhci_hcd: release socket
[ 1435.506520][T11802] vhci_hcd: disconnect device
[ 1435.515995][T17665] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1435.835345][T17679] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2593'.
[ 1436.735065][T13722] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1437.991540][T17696] loop4: detected capacity change from 0 to 40427
[ 1438.053353][T17696] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[ 1438.061719][T17696] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1438.076935][T17696] F2FS-fs (loop4): invalid crc value
[ 1438.865274][T17696] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1438.922963][T17696] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1438.930311][T17696] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[ 1438.966312][T17696] syz.4.2598: attempt to access beyond end of device
[ 1438.966312][T17696] loop4: rw=2051, sector=36912, nr_sectors = 8144 limit=40427
[ 1438.981913][T17696] syz.4.2598: attempt to access beyond end of device
[ 1438.981913][T17696] loop4: rw=2051, sector=45096, nr_sectors = 85976 limit=40427
[ 1439.063569][T17696] F2FS-fs (loop4): Issue discard(4614, 4614, 1018) failed, ret: -5
[ 1439.072162][T17696] F2FS-fs (loop4): Issue discard(5637, 5637, 10747) failed, ret: -5
[ 1439.250206][T12824] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[ 1439.442907][T12824] usb 6-1: Using ep0 maxpacket: 8
[ 1439.461672][T12824] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[ 1439.478066][T12824] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1439.500087][T12824] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1439.522045][T12824] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1439.568276][T12824] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1440.189154][T12824] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1440.333469][T12824] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1440.577382][T12824] usb 6-1: usb_control_msg returned -32
[ 1440.593557][T12824] usbtmc 6-1:16.0: can't read capabilities
[ 1440.946752][T17729] usbtmc 6-1:16.0: INITIATE_CLEAR returned 0
[ 1441.696082][T12824] usb 6-1: USB disconnect, device number 17
[ 1442.214555][T17743] loop4: detected capacity change from 0 to 512
[ 1442.446826][T17745] loop5: detected capacity change from 0 to 1024
[ 1442.544926][T17745] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1442.663198][T17745] EXT4-fs warning (device loop5): empty_inline_dir:1749: bad inline directory (dir #12) - no `..'
[ 1442.868313][T17751] loop6: detected capacity change from 0 to 256
[ 1442.916337][T17751] FAT-fs (loop6): Directory bread(block 64) failed
[ 1442.928071][T17751] FAT-fs (loop6): Directory bread(block 65) failed
[ 1442.934718][T17751] FAT-fs (loop6): Directory bread(block 66) failed
[ 1443.002979][T17751] FAT-fs (loop6): Directory bread(block 67) failed
[ 1443.038141][T17751] FAT-fs (loop6): Directory bread(block 68) failed
[ 1443.065298][T17751] FAT-fs (loop6): Directory bread(block 69) failed
[ 1443.075568][T17751] FAT-fs (loop6): Directory bread(block 70) failed
[ 1443.106097][T17751] FAT-fs (loop6): Directory bread(block 71) failed
[ 1443.118918][T17751] FAT-fs (loop6): Directory bread(block 72) failed
[ 1443.125475][T17751] FAT-fs (loop6): Directory bread(block 73) failed
[ 1443.153508][T17745] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 1443.611658][T13408] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1443.649582][   T66] kworker/u8:4: attempt to access beyond end of device
[ 1443.649582][   T66] loop6: rw=1, sector=1224, nr_sectors = 4 limit=256
[ 1444.548933][T17772] loop4: detected capacity change from 0 to 1024
[ 1445.245147][T17776] loop5: detected capacity change from 0 to 512
[ 1445.301436][T17776] EXT4-fs: Ignoring removed orlov option
[ 1445.311619][T17784] loop6: detected capacity change from 0 to 1024
[ 1445.332813][T17776] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[ 1445.362204][T17784] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1445.375131][T17776] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[ 1445.397523][T17776] EXT4-fs error (device loop5): ext4_iget_extra_inode:5075: inode #15: comm syz.5.2630: corrupted in-inode xattr: e_value size too large
[ 1445.423308][T17776] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.2630: couldn't read orphan inode 15 (err -117)
[ 1445.441890][T17776] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1445.463678][T17784] EXT4-fs (loop6): revision level too high, forcing read-only mode
[ 1445.492064][T17776] overlayfs: upper fs needs to support d_type.
[ 1445.508498][T17784] EXT4-fs (loop6): orphan cleanup on readonly fs
[ 1445.536022][T17784] EXT4-fs error (device loop6): ext4_free_blocks:6706: comm syz.6.2634: Freeing blocks not in datazone - block = 0, count = 4096
[ 1445.566821][T17784] EXT4-fs (loop6): 1 orphan inode deleted
[ 1445.575490][T17784] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1445.642774][T10943] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1445.783131][T13408] EXT4-fs error (device loop5): ext4_lookup:1787: inode #14: comm syz-executor: invalid fast symlink length 39
[ 1445.840998][T13408] EXT4-fs error (device loop5): ext4_lookup:1787: inode #14: comm syz-executor: invalid fast symlink length 39
[ 1446.066269][T17809] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1446.215409][T17814] loop6: detected capacity change from 0 to 512
[ 1447.142404][T17814] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1447.215532][T15296] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1447.242532][T17814] ext4 filesystem being mounted at /328/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1448.428541][T10943] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1449.054762][T17837] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2651'.
[ 1449.078170][T17837] tipc: Started in network mode
[ 1449.094366][T17837] tipc: Node identity 1, cluster identity 7
[ 1449.128646][T17837] tipc: Node number set to 1
[ 1449.514077][   T66] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1449.573487][T17841] netlink: 164 bytes leftover after parsing attributes in process `syz.6.2654'.
[ 1449.654725][   T66] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1449.828275][   T66] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1449.960899][T17844] loop6: detected capacity change from 0 to 1024
[ 1450.019111][T17844] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1450.102541][T17844] EXT4-fs (loop6): revision level too high, forcing read-only mode
[ 1450.162541][T17844] EXT4-fs (loop6): orphan cleanup on readonly fs
[ 1450.230693][T17844] EXT4-fs error (device loop6): ext4_free_blocks:6706: comm syz.6.2660: Freeing blocks not in datazone - block = 0, count = 4096
[ 1450.346306][T17844] EXT4-fs (loop6): 1 orphan inode deleted
[ 1450.530290][T17844] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1450.708935][T10943] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1450.742928][   T66] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1450.982873][T17866] loop6: detected capacity change from 0 to 128
[ 1451.071640][ T5834] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1451.082266][ T5834] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1451.091559][ T5834] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1451.120505][ T5834] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1451.140922][ T5834] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1451.174884][T17866] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1451.305065][T17866] ext4 filesystem being mounted at /332/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1452.216330][   T66] bridge_slave_1: left allmulticast mode
[ 1452.240185][   T66] bridge_slave_1: left promiscuous mode
[ 1452.262923][   T66] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1452.276346][T10943] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1452.305173][   T66] bridge_slave_0: left allmulticast mode
[ 1452.331289][   T66] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1453.251795][ T5834] Bluetooth: hci5: command tx timeout
[ 1454.155954][T17910] loop4: detected capacity change from 0 to 256
[ 1454.260356][T17910] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1454.304050][   T66] dvmrp6 (unregistering): left allmulticast mode
[ 1454.604281][T17905] loop6: detected capacity change from 0 to 32768
[ 1454.676976][T17905] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[ 1454.871595][T17917] loop4: detected capacity change from 0 to 2048
[ 1454.920802][T17917] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1455.031501][T10943] ocfs2: Unmounting device (7,6) on (node local)
[ 1455.388137][ T5834] Bluetooth: hci5: command tx timeout
[ 1456.603249][   T66] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1456.646484][   T66] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1456.682374][   T66] bond0 (unregistering): Released all slaves
[ 1457.032103][T17941] loop4: detected capacity change from 0 to 2048
[ 1457.087886][T17941] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1457.506027][ T5845] Bluetooth: hci5: command tx timeout
[ 1458.359046][T17953] loop6: detected capacity change from 0 to 256
[ 1458.386420][T17953] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[ 1458.489388][T17953] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=512, location=512
[ 1458.509360][T17953] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[ 1458.536532][T17953] UDF-fs: Scanning with blocksize 512 failed
[ 1458.575496][T17953] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[ 1458.613875][T17953] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1458.664048][T17948] syzkaller1: entered promiscuous mode
[ 1458.669096][T10101] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 1458.669645][T17948] syzkaller1: entered allmulticast mode
[ 1458.895525][T10101] usb 5-1: Using ep0 maxpacket: 32
[ 1458.932376][T10101] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1458.953255][T17958] loop6: detected capacity change from 0 to 1024
[ 1458.965464][T10101] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1458.989998][T10101] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1459.009770][T17958] EXT4-fs: inline encryption not supported
[ 1459.015687][T17958] EXT4-fs: Ignoring removed nobh option
[ 1459.023365][T10101] usb 5-1: Product: syz
[ 1459.033238][T10101] usb 5-1: Manufacturer: syz
[ 1459.037885][T10101] usb 5-1: SerialNumber: syz
[ 1459.048182][T17958] EXT4-fs: Ignoring removed bh option
[ 1459.065173][T10101] usb 5-1: config 0 descriptor??
[ 1459.085349][T17954] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1459.099332][T17958] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1459.118292][   T66] hsr_slave_0: left promiscuous mode
[ 1459.132931][   T66] hsr_slave_1: left promiscuous mode
[ 1459.153539][   T66] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1459.165828][T17958] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4193: comm syz.6.2695: Allocating blocks 497-513 which overlap fs metadata
[ 1459.179086][   T66] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1459.199009][   T66] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1459.206431][   T66] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1459.261771][   T66] veth1_macvtap: left promiscuous mode
[ 1459.267365][   T66] veth0_macvtap: left promiscuous mode
[ 1459.288685][   T66] veth1_vlan: left promiscuous mode
[ 1459.294079][   T66] veth0_vlan: left promiscuous mode
[ 1459.341774][T12824] usb 5-1: USB disconnect, device number 19
[ 1459.361341][T10943] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1459.598272][ T5845] Bluetooth: hci5: command tx timeout
[ 1460.051647][T17972] loop6: detected capacity change from 0 to 1024
[ 1462.284228][T17989] loop4: detected capacity change from 0 to 1024
[ 1463.106924][T18000] loop6: detected capacity change from 0 to 128
[ 1463.114379][   T66] team0 (unregistering): Port device team_slave_1 removed
[ 1463.138987][T18000] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[ 1463.173469][T18000] hpfs: filesystem error: improperly stopped
[ 1463.204423][T18000] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[ 1463.215112][T18000] hpfs: You really don't want any checks? You are crazy...
[ 1463.223080][T18000] hpfs: hpfs_map_sector(): read error
[ 1463.246650][T18000] hpfs: code page support is disabled
[ 1463.278574][T18000] hpfs: hpfs_map_4sectors(): unaligned read
[ 1463.285243][T18000] hpfs: hpfs_map_4sectors(): unaligned read
[ 1463.294149][T18000] hpfs: filesystem error: unable to find root dir
[ 1463.319039][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888054004c00: rx timeout, send abort
[ 1463.330963][    C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff888054004c00: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1463.351616][   T66] team0 (unregistering): Port device team_slave_0 removed
[ 1463.405719][T18000] hpfs: hpfs_map_4sectors(): unaligned read
[ 1463.494007][T18000] hpfs: hpfs_map_sector(): read error
[ 1463.619268][T18004] hpfs: hpfs_map_4sectors(): unaligned read
[ 1464.048240][T12824] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[ 1464.608785][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888054004400: rx timeout, send abort
[ 1464.617579][    C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff888054004400: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1464.658475][T12824] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1464.675180][T12824] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1464.684942][T12824] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1464.693169][T12824] usb 5-1: Manufacturer: syz
[ 1464.701935][T12824] usb 5-1: config 0 descriptor??
[ 1464.716909][T12824] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1464.853314][T10153] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[ 1465.024590][T10153] usb 7-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1465.037350][T10153] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1465.077799][T10153] usb 7-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1465.098207][T10153] usb 7-1: Manufacturer: syz
[ 1465.137887][T10153] usb 7-1: config 0 descriptor??
[ 1465.181826][T10153] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[ 1465.377060][T10153] usb 7-1: USB disconnect, device number 18
[ 1465.986594][T17867] chnl_net:caif_netlink_parms(): no params data found
[ 1466.505154][T10153] usb 5-1: USB disconnect, device number 20
[ 1466.841684][T17867] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1466.873001][T17867] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1466.891137][T17867] bridge_slave_0: entered allmulticast mode
[ 1466.996421][T17867] bridge_slave_0: entered promiscuous mode
[ 1467.315130][T17867] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1467.366409][T17867] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1467.462980][T17867] bridge_slave_1: entered allmulticast mode
[ 1467.493085][T17867] bridge_slave_1: entered promiscuous mode
[ 1467.722310][T17867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1467.761893][T17867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1467.957882][T17867] team0: Port device team_slave_0 added
[ 1468.007139][T17867] team0: Port device team_slave_1 added
[ 1468.253695][T18042] loop4: detected capacity change from 0 to 128
[ 1468.334901][T18042] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1468.389029][T18042] ext4 filesystem being mounted at /178/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1468.515223][T17867] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1469.395697][T17867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1469.445073][T17867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1469.927197][T17867] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1469.998448][T17867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1470.301106][T17867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1470.418524][T13722] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1470.758464][T12824] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[ 1470.845985][T17867] hsr_slave_0: entered promiscuous mode
[ 1471.197860][T12824] usb 7-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1471.198727][T17867] hsr_slave_1: entered promiscuous mode
[ 1471.234041][T12824] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1471.249900][T12824] usb 7-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1471.268940][T17867] debugfs: 'hsr0' already exists in 'hsr'
[ 1471.271211][T12824] usb 7-1: Manufacturer: syz
[ 1471.292824][T12824] usb 7-1: config 0 descriptor??
[ 1471.298862][T17867] Cannot create hsr debugfs directory
[ 1471.317862][T12824] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[ 1471.520896][T12824] usb 7-1: USB disconnect, device number 19
[ 1471.818883][T18081] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2737'.
[ 1472.292031][T18095] input: syz1 as /devices/virtual/input/input18
[ 1472.893596][ T5908] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[ 1473.072915][T18107] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2748'.
[ 1473.094221][ T5908] usb 7-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1473.121244][ T5908] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1473.138234][ T5908] usb 7-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1473.171597][ T5908] usb 7-1: Manufacturer: syz
[ 1473.192205][ T5908] usb 7-1: config 0 descriptor??
[ 1473.234369][ T5908] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[ 1474.043892][T10101] usb 7-1: USB disconnect, device number 20
[ 1474.176416][T17867] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1474.194802][T17867] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1474.213505][T17867] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1474.246061][T17867] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1474.302512][T10101] IPVS: starting estimator thread 0...
[ 1474.309177][ T5908] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[ 1474.408770][T18127] IPVS: using max 23 ests per chain, 55200 per kthread
[ 1474.495764][ T5908] usb 5-1: Using ep0 maxpacket: 8
[ 1474.616672][ T5908] usb 5-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[ 1474.637089][ T5908] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1474.665373][ T5908] usb 5-1: Product: syz
[ 1474.723304][ T5908] usb 5-1: Manufacturer: syz
[ 1474.828935][ T5908] usb 5-1: SerialNumber: syz
[ 1474.979128][ T5908] usb 5-1: config 0 descriptor??
[ 1474.997238][T17867] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1475.018452][ T5908] gspca_main: sonixj-2.14.0 probing 0c45:613e
[ 1475.063031][T17867] 8021q: adding VLAN 0 to HW filter on device team0
[ 1475.120262][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1475.127877][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1475.314780][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1475.322034][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1476.464714][ T5908] gspca_sonixj: reg_w1 err -71
[ 1476.550664][ T5908] sonixj 5-1:0.0: probe with driver sonixj failed with error -71
[ 1476.734558][ T5908] usb 5-1: USB disconnect, device number 21
[ 1476.803721][T18155] loop6: detected capacity change from 0 to 2048
[ 1476.939955][T18155] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1480.026403][T17867] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1480.759405][    C0] vcan0: j1939_tp_rxtimer: 0xffff888052d27800: rx timeout, send abort
[ 1481.091366][T18180] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2772'.
[ 1481.121323][T18180] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2772'.
[ 1481.197704][T17867] veth0_vlan: entered promiscuous mode
[ 1481.267714][    C0] vcan0: j1939_tp_rxtimer: 0xffff888052d27800: abort rx timeout. Force session deactivation
[ 1481.286182][T17867] veth1_vlan: entered promiscuous mode
[ 1481.471430][T17867] veth0_macvtap: entered promiscuous mode
[ 1481.539855][T17867] veth1_macvtap: entered promiscuous mode
[ 1481.635689][T17867] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1481.740754][T17867] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1481.804112][T11797] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1481.845974][T11797] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1481.880428][T11797] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1481.905935][T11797] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1481.926572][T18199] loop6: detected capacity change from 0 to 512
[ 1481.980747][T18199] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000600 r/w without journal. Quota mode: writeback.
[ 1482.043083][T18199] ext4 filesystem being mounted at /356/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1482.081894][T18199] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.2781: corrupted inode contents
[ 1482.099903][T18199] EXT4-fs error (device loop6): ext4_dirty_inode:6517: inode #2: comm syz.6.2781: mark_inode_dirty error
[ 1482.113971][T18199] EXT4-fs error (device loop6): ext4_do_update_inode:5632: inode #2: comm syz.6.2781: corrupted inode contents
[ 1482.158176][T18199] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.2781: mark_inode_dirty error
[ 1482.178498][ T6046] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1482.197779][ T6046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1482.267445][   T30] audit: type=1800 audit(1763620195.868:230): pid=18199 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2781" name="file0" dev="loop6" ino=20 res=0 errno=0
[ 1482.535428][T10943] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000600.
[ 1485.636724][T11797] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1485.682057][T11797] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1488.051619][T18252] loop4: detected capacity change from 0 to 1024
[ 1489.265919][T18265] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2800'.
[ 1489.542238][T18272] netlink: 'syz.2.2805': attribute type 2 has an invalid length.
[ 1489.550602][T18272] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2805'.
[ 1489.564679][T18272] netlink: 'syz.2.2805': attribute type 2 has an invalid length.
[ 1489.573537][T18272] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2805'.
[ 1490.467409][T18279] loop3: detected capacity change from 0 to 2048
[ 1491.791434][T18279] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1493.096968][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[ 1493.108029][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1493.593179][T18306] loop6: detected capacity change from 0 to 4096
[ 1493.735030][T18306] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[ 1493.922985][T18317] overlayfs: failed to clone upperpath
[ 1494.329507][T18306] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1494.774800][T10943] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1496.579334][T18351] loop6: detected capacity change from 0 to 512
[ 1496.899540][T18351] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1496.906201][T18351] EXT4-fs: Ignoring removed bh option
[ 1496.974874][T18351] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[ 1497.206830][T18351] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2831: bg 0: block 255: padding at end of block bitmap is not set
[ 1497.273584][T18363] netlink: 'syz.0.2832': attribute type 4 has an invalid length.
[ 1497.325197][T18364] netlink: 'syz.0.2832': attribute type 4 has an invalid length.
[ 1497.388185][T18351] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6667: Corrupt filesystem
[ 1497.462651][T18351] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.2831: invalid indirect mapped block 1 (level 1)
[ 1497.541751][T18351] EXT4-fs (loop6): 1 truncate cleaned up
[ 1497.566205][T18351] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1497.780991][T10943] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1497.903129][ T5908] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[ 1498.158311][ T5908] usb 4-1: Using ep0 maxpacket: 8
[ 1498.330792][ T5908] usb 4-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[ 1498.350759][ T5908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1498.388421][ T5908] usb 4-1: Product: syz
[ 1498.392642][ T5908] usb 4-1: Manufacturer: syz
[ 1498.397508][ T5908] usb 4-1: SerialNumber: syz
[ 1498.450501][ T5908] usb 4-1: config 0 descriptor??
[ 1498.482948][ T5908] gspca_main: sq930x-2.14.0 probing 2770:930c
[ 1498.853467][T18393] loop6: detected capacity change from 0 to 2048
[ 1498.892110][T18388] loop4: detected capacity change from 0 to 4096
[ 1498.918165][T18388] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[ 1498.931325][T14906]  loop6: p1 < > p4
[ 1498.961610][T14906] loop6: p4 size 8388608 extends beyond EOD, truncated
[ 1499.005256][T18388] ntfs3(loop4): ino=19, mi_enum_attr
[ 1499.042944][T18393]  loop6: p1 < > p4
[ 1499.046901][T18388] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[ 1499.071933][T18393] loop6: p4 size 8388608 extends beyond EOD, truncated
[ 1499.097319][T18388] ntfs3(loop4): Failed to initialize $Extend/$Reparse.
[ 1499.582341][T13601] udevd[13601]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[ 1499.598604][T17648] udevd[17648]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[ 1499.663162][T13601] udevd[13601]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[ 1499.725166][ T5908] gspca_sq930x: reg_w 0105 0c00 failed -71
[ 1499.779085][T17648] udevd[17648]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[ 1500.048093][ T5908] gspca_sq930x: Sensor ov9630 not yet treated
[ 1500.133576][ T5908] sq930x 4-1:0.0: probe with driver sq930x failed with error -22
[ 1500.287481][T14906] udevd[14906]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[ 1500.328645][ T5908] usb 4-1: USB disconnect, device number 2
[ 1500.338960][T13601] udevd[13601]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[ 1500.598980][T18425] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2854'.
[ 1502.080233][T18439] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2858'.
[ 1502.138702][T18433] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1502.173611][T18433] bond0: (slave bond1): Enslaving as an active interface with an up link
[ 1502.203273][T18444] netlink: 'syz.6.2859': attribute type 4 has an invalid length.
[ 1502.230193][T18446] overlayfs: failed to clone upperpath
[ 1502.681117][T18452] loop3: detected capacity change from 0 to 2048
[ 1502.790573][T18452] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1505.386209][ T5915] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[ 1505.740923][ T5915] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1505.778835][ T5915] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1505.808022][ T5915] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1505.836753][ T5915] usb 4-1: Manufacturer: syz
[ 1505.849085][ T5915] usb 4-1: config 0 descriptor??
[ 1505.869006][T18439] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1505.887095][ T5915] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1505.907463][T18439] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1506.157785][T10153] usb 4-1: USB disconnect, device number 3
[ 1506.169015][T18439] bond0 (unregistering): (slave bond1): Releasing backup interface
[ 1507.176533][T18439] bond0 (unregistering): Released all slaves
[ 1507.358740][T18484] overlayfs: failed to resolve './file0': -2
[ 1510.325542][T18515] loop4: detected capacity change from 0 to 64
[ 1510.736378][T18515] hfs: unable to load iocharset "is‘8859-2"
[ 1510.883413][T18529] overlayfs: failed to resolve './file0': -2
[ 1511.452531][T18515] loop4: detected capacity change from 0 to 128
[ 1511.765244][T18536] loop6: detected capacity change from 0 to 64
[ 1511.889588][T18536] hfs: request for non-existent node 131072 in B*Tree
[ 1511.943241][T18536] hfs: request for non-existent node 131072 in B*Tree
[ 1511.983607][T18536] hfs: request for non-existent node 131072 in B*Tree
[ 1512.026958][T18536] hfs: request for non-existent node 131072 in B*Tree
[ 1512.106929][T18536] hfs: request for non-existent node 131072 in B*Tree
[ 1512.149470][T18536] hfs: request for non-existent node 131072 in B*Tree
[ 1512.198573][T18545] hfs: request for non-existent node 131072 in B*Tree
[ 1512.245879][T18545] hfs: request for non-existent node 131072 in B*Tree
[ 1512.308220][T18549] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2900'.
[ 1512.546976][T18556] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2904'.
[ 1513.709257][T18568] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1514.357325][T18592] netlink: 'syz.6.2918': attribute type 29 has an invalid length.
[ 1514.387385][T18592] netlink: 'syz.6.2918': attribute type 29 has an invalid length.
[ 1514.407159][T18592] netlink: 500 bytes leftover after parsing attributes in process `syz.6.2918'.
[ 1514.427179][T18592] unsupported nla_type 58
[ 1515.515439][T18612] loop3: detected capacity change from 0 to 1024
[ 1515.619709][T18616] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2927'.
[ 1515.639991][T18610] loop6: detected capacity change from 0 to 1024
[ 1515.779430][T11797] hfsplus: b-tree write err: -5, ino 4
[ 1516.192357][ T5915] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[ 1516.372853][ T5915] usb 5-1: Using ep0 maxpacket: 8
[ 1516.395782][ T5915] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1516.415615][ T5915] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1516.436367][ T5915] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1516.448176][T10153] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[ 1516.460082][ T5915] usb 5-1: config 0 descriptor??
[ 1516.620972][T10153] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[ 1516.633737][T10153] usb 4-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3
[ 1516.651134][T10153] usb 4-1: Product: syz
[ 1516.665676][T10153] usb 4-1: Manufacturer: syz
[ 1516.670481][T10153] usb 4-1: SerialNumber: syz
[ 1516.688784][T10153] usb 4-1: config 0 descriptor??
[ 1516.703529][ T5915] usb 5-1: string descriptor 0 read error: -71
[ 1516.716353][T10153] ch341 4-1:0.0: ch341-uart converter detected
[ 1516.736104][ T5915] usb 5-1: USB disconnect, device number 22
[ 1518.690155][T10153] ch341-uart ttyUSB0: failed to read break control: -110
[ 1518.697376][T10153] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -110
[ 1520.525927][ T5908] usb 4-1: USB disconnect, device number 4
[ 1520.533921][ T5908] ch341 4-1:0.0: device disconnected
[ 1521.537090][T18653] loop3: detected capacity change from 0 to 512
[ 1521.622456][T18653] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -13
[ 1521.650238][T18653] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #13: comm syz.3.2942: iget: bad i_size value: 12154757448730
[ 1521.715337][T18653] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2942: couldn't read orphan inode 13 (err -117)
[ 1521.773801][T18653] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1522.617706][T17867] fscrypt (loop3, inode 2): Error -61 getting encryption context
[ 1523.110794][T18681] overlayfs: missing 'lowerdir'
[ 1525.481443][T18668] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1526.089849][T11802] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1526.252027][T11802] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1527.444257][T11802] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1527.862228][T18731] overlayfs: missing 'lowerdir'
[ 1528.484154][T11802] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1528.648674][T18739] Bluetooth: MGMT ver 1.23
[ 1528.782323][T18716] loop4: detected capacity change from 0 to 32768
[ 1528.835434][T18716] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2961 (18716)
[ 1528.919377][T18716] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1528.959193][T18716] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[ 1529.011217][ T5834] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1529.023285][ T5834] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1529.035176][ T5834] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1529.044670][ T5834] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1529.058380][ T5834] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1529.243748][T11802] bridge_slave_1: left allmulticast mode
[ 1529.484488][T11802] bridge_slave_1: left promiscuous mode
[ 1529.495334][T18716] BTRFS error (device loop4): open_ctree failed: -4
[ 1529.497292][T11802] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1529.570065][T11802] bridge_slave_0: left allmulticast mode
[ 1529.576116][T11802] bridge_slave_0: left promiscuous mode
[ 1529.946845][T11802] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1530.782508][T18792] loop6: detected capacity change from 0 to 256
[ 1530.912745][T18792] FAT-fs (loop6): Directory bread(block 64) failed
[ 1530.938411][T18792] FAT-fs (loop6): Directory bread(block 65) failed
[ 1530.972242][ T5908] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[ 1531.019463][T18792] FAT-fs (loop6): Directory bread(block 66) failed
[ 1531.139474][T18796] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1531.148301][T18796] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1531.637702][ T5845] Bluetooth: hci5: command tx timeout
[ 1531.848692][T18792] FAT-fs (loop6): Directory bread(block 67) failed
[ 1531.855689][T18792] FAT-fs (loop6): Directory bread(block 68) failed
[ 1531.864546][T18792] FAT-fs (loop6): Directory bread(block 69) failed
[ 1531.871707][T18792] FAT-fs (loop6): Directory bread(block 70) failed
[ 1531.883608][T18792] FAT-fs (loop6): Directory bread(block 71) failed
[ 1531.903173][T18792] FAT-fs (loop6): Directory bread(block 72) failed
[ 1531.915867][T18792] FAT-fs (loop6): Directory bread(block 73) failed
[ 1532.077405][ T5908] usb 5-1: Using ep0 maxpacket: 8
[ 1532.106801][ T5908] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[ 1532.131889][ T5908] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1532.172953][ T5908] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1532.185113][ T5908] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1532.197827][ T5908] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1532.213602][ T5908] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1532.265091][ T5908] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1532.571828][ T5908] usb 5-1: usb_control_msg returned -32
[ 1532.581007][ T5908] usbtmc 5-1:16.0: can't read capabilities
[ 1533.021538][T11802] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1533.034131][T11802] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1533.045559][T11802] bond0 (unregistering): Released all slaves
[ 1533.082025][T18813] loop6: detected capacity change from 0 to 40427
[ 1533.115787][T18813] F2FS-fs (loop6): build fault injection rate: 25
[ 1533.143903][T18813] F2FS-fs (loop6): build fault injection type: 0x7698c
[ 1533.157118][T18813] F2FS-fs (loop6): invalid crc value
[ 1533.176992][T18813] F2FS-fs (loop6): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x1cb/0x970
[ 1533.250828][T18813] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[ 1533.348195][T18817] usbtmc 5-1:16.0: usb_control_msg returned -32
[ 1533.513692][T18813] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1533.562513][T10153] usb 5-1: USB disconnect, device number 23
[ 1533.590381][T18813] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1533.628213][T18813] F2FS-fs (loop6): inject too big dir depth in f2fs_add_regular_entry of f2fs_add_dentry+0xda/0x1d0
[ 1533.652214][ T5845] Bluetooth: hci5: command tx timeout
[ 1533.735486][T18813] syz.6.2989: attempt to access beyond end of device
[ 1533.735486][T18813] loop6: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[ 1533.764035][   T30] audit: type=1800 audit(1763620247.358:231): pid=18819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.2990" name="file1" dev="tmpfs" ino=2604 res=0 errno=0
[ 1533.764232][T18813] F2FS-fs (loop6): inject read IO error in f2fs_read_end_io of f2fs_mpage_readpages+0x19a8/0x1b80
[ 1533.819639][T18813] syz.6.2989: attempt to access beyond end of device
[ 1533.819639][T18813] loop6: rw=0, sector=45064, nr_sectors = 8 limit=40427
[ 1533.925875][T10943] syz-executor: attempt to access beyond end of device
[ 1533.925875][T10943] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1533.961404][T10943] CPU: 0 UID: 0 PID: 10943 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[ 1533.961441][T10943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1533.961456][T10943] Call Trace:
[ 1533.961467][T10943]  <TASK>
[ 1533.961478][T10943]  dump_stack_lvl+0x189/0x250
[ 1533.961525][T10943]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1533.961562][T10943]  ? __pfx_queue_work_on+0x10/0x10
[ 1533.961590][T10943]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1533.961628][T10943]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1533.961680][T10943]  f2fs_handle_critical_error+0x37c/0x540
[ 1533.961731][T10943]  f2fs_write_end_io+0x886/0xb60
[ 1533.961785][T10943]  __submit_merged_bio+0x27a/0x6a0
[ 1533.961833][T10943]  __submit_merged_write_cond+0x255/0x530
[ 1533.961882][T10943]  f2fs_write_data_pages+0x261d/0x3000
[ 1533.961959][T10943]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1533.962050][T10943]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1533.962084][T10943]  ? folio_unqueue_deferred_split+0x93/0x230
[ 1533.962119][T10943]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1533.962145][T10943]  ? folios_put_refs+0x584/0x670
[ 1533.962192][T10943]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1533.962228][T10943]  ? __lock_acquire+0xab9/0xd20
[ 1533.962264][T10943]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1533.962289][T10943]  ? do_raw_spin_lock+0x121/0x290
[ 1533.962327][T10943]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1533.962357][T10943]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1533.962382][T10943]  ? do_raw_spin_unlock+0x122/0x240
[ 1533.962414][T10943]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1533.962438][T10943]  do_writepages+0x32e/0x550
[ 1533.962475][T10943]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1533.962506][T10943]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1533.962530][T10943]  ? do_raw_spin_unlock+0x122/0x240
[ 1533.962567][T10943]  filemap_fdatawrite+0x199/0x240
[ 1533.962598][T10943]  ? __pfx_filemap_fdatawrite+0x10/0x10
[ 1533.962682][T10943]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1533.962714][T10943]  ? do_raw_spin_unlock+0x122/0x240
[ 1533.962750][T10943]  f2fs_sync_dirty_inodes+0x31f/0x830
[ 1533.962795][T10943]  f2fs_write_checkpoint+0x93e/0x2440
[ 1533.962819][T10943]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1533.962843][T10943]  ? __lock_acquire+0xab9/0xd20
[ 1533.962904][T10943]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 1533.963003][T10943]  kill_f2fs_super+0x2cc/0x6d0
[ 1533.963027][T10943]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1533.963060][T10943]  ? __pfx_kill_f2fs_super+0x10/0x10
[ 1533.963126][T10943]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1533.963150][T10943]  ? shrinker_free+0x2ce/0x3e0
[ 1533.963179][T10943]  deactivate_locked_super+0xbc/0x130
[ 1533.963218][T10943]  cleanup_mnt+0x425/0x4c0
[ 1533.963256][T10943]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1533.963280][T10943]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1533.963318][T10943]  task_work_run+0x1d4/0x260
[ 1533.963356][T10943]  ? __pfx_task_work_run+0x10/0x10
[ 1533.963386][T10943]  ? __x64_sys_umount+0x122/0x160
[ 1533.963424][T10943]  ? exit_to_user_mode_loop+0x40/0x130
[ 1533.963452][T10943]  exit_to_user_mode_loop+0xe9/0x130
[ 1533.963475][T10943]  do_syscall_64+0x2bd/0xfa0
[ 1533.963508][T10943]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1533.963539][T10943]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1533.963560][T10943]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1533.963584][T10943]  ? exc_page_fault+0xab/0x100
[ 1533.963619][T10943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1533.963641][T10943] RIP: 0033:0x7f1b47790a77
[ 1533.963662][T10943] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 1533.963680][T10943] RSP: 002b:00007ffcfd4fe9e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1533.963703][T10943] RAX: 0000000000000000 RBX: 00007f1b47813d7d RCX: 00007f1b47790a77
[ 1533.963719][T10943] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcfd4feaa0
[ 1533.963733][T10943] RBP: 00007ffcfd4feaa0 R08: 0000000000000000 R09: 0000000000000000
[ 1533.963747][T10943] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcfd4ffb30
[ 1533.963763][T10943] R13: 00007f1b47813d7d R14: 000000000017677a R15: 00007ffcfd4ffb70
[ 1533.963804][T10943]  </TASK>
[ 1533.964267][T10943] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[ 1534.456992][T11802] hsr_slave_0: left promiscuous mode
[ 1534.464036][T11802] hsr_slave_1: left promiscuous mode
[ 1534.480663][T11802] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1534.498121][T11802] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1534.509661][T11802] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1534.538422][T11802] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1534.582005][T11802] veth1_macvtap: left promiscuous mode
[ 1534.587908][T11802] veth0_macvtap: left promiscuous mode
[ 1534.596977][T11802] veth1_vlan: left promiscuous mode
[ 1534.602997][T11802] veth0_vlan: left promiscuous mode
[ 1534.757721][ T5951] nci: nci_extract_activation_params_iso_dep: unsupported activation_rf_tech_and_mode 0x80
[ 1535.708259][T18865] loop4: detected capacity change from 0 to 32768
[ 1535.717569][T18865] xfs: Deprecated parameter 'noikeep'
[ 1535.723941][T18865] XFS: noikeep mount option is deprecated.
[ 1535.728117][ T5845] Bluetooth: hci5: command tx timeout
[ 1535.757354][T18865] xfs: Deprecated parameter 'attr2'
[ 1535.766827][T18865] XFS: attr2 mount option is deprecated.
[ 1535.895920][T18865] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1536.016069][T18865] XFS (loop4): Ending clean mount
[ 1536.041586][T18865] XFS (loop4): Quotacheck needed: Please wait.
[ 1536.151878][T11802] team0 (unregistering): Port device team_slave_1 removed
[ 1536.154629][T18865] XFS (loop4): Quotacheck: Done.
[ 1536.254145][T11802] team0 (unregistering): Port device team_slave_0 removed
[ 1536.265700][T13722] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1537.508816][T18891] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 2, id = 0
[ 1537.825885][ T5845] Bluetooth: hci5: command tx timeout
[ 1537.874893][T18751] chnl_net:caif_netlink_parms(): no params data found
[ 1538.659712][T18902] netlink: 'syz.9.3013': attribute type 22 has an invalid length.
[ 1538.696558][T18902] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3013'.
[ 1539.060301][T18902] netlink: 'syz.9.3013': attribute type 22 has an invalid length.
[ 1539.092394][T11800] netdevsim netdevsim9 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1539.097006][T18902] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3013'.
[ 1539.135867][T11800] netdevsim netdevsim9 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1539.247414][T11800] netdevsim netdevsim9 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1539.258920][T11800] netdevsim netdevsim9 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1539.382211][T18922] netlink: 'syz.0.3019': attribute type 39 has an invalid length.
[ 1539.512562][T18922] veth0_macvtap: left promiscuous mode
[ 1540.348578][T18751] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1540.372148][T18751] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1540.399412][T18751] bridge_slave_0: entered allmulticast mode
[ 1540.614470][T18751] bridge_slave_0: entered promiscuous mode
[ 1540.634088][T18751] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1540.642449][T18751] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1540.650288][T18751] bridge_slave_1: entered allmulticast mode
[ 1540.660969][T18751] bridge_slave_1: entered promiscuous mode
[ 1540.842945][T18751] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1540.867162][T18751] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1541.004348][T18751] team0: Port device team_slave_0 added
[ 1541.036933][T18751] team0: Port device team_slave_1 added
[ 1541.089356][T18956] loop6: detected capacity change from 0 to 1024
[ 1541.103058][T18956] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1541.112557][T18956] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1541.538735][T18956] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1541.831916][T18751] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1541.848626][T18751] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1541.914667][T18751] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1541.947330][T18956] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1541.973552][T18751] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1541.995963][T18751] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1542.045094][T18751] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1542.130069][T10943] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1542.326260][T18977] loop6: detected capacity change from 0 to 2048
[ 1542.367755][T18978] batadv_slave_1: entered promiscuous mode
[ 1542.384801][T18976] batadv_slave_1: left promiscuous mode
[ 1542.402551][T18751] hsr_slave_0: entered promiscuous mode
[ 1542.416571][T18977] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1542.420446][T18751] hsr_slave_1: entered promiscuous mode
[ 1542.447570][T18751] debugfs: 'hsr0' already exists in 'hsr'
[ 1542.472001][T18751] Cannot create hsr debugfs directory
[ 1543.833990][T18983] loop4: detected capacity change from 0 to 40427
[ 1543.888164][T18983] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1543.896000][T18983] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1543.932378][T18983] F2FS-fs (loop4): invalid crc value
[ 1544.312089][T19007] loop6: detected capacity change from 0 to 128
[ 1544.323094][T18983] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1544.353169][T19007] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2
[ 1544.363300][T18983] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1544.381848][T18983] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1545.086572][T18983] syz.4.3038: attempt to access beyond end of device
[ 1545.086572][T18983] loop4: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[ 1545.115341][   T30] audit: type=1800 audit(1763620258.658:232): pid=18983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3038" name="file1" dev="loop4" ino=10 res=0 errno=0
[ 1548.370559][T18751] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1548.454664][T18751] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1548.504378][T18751] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1548.523040][T18751] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1548.850658][T18751] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1548.955284][T18751] 8021q: adding VLAN 0 to HW filter on device team0
[ 1549.016700][T11802] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1549.024109][T11802] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1549.097990][T11802] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1549.105414][T11802] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1550.146627][T18751] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1551.720950][T18751] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1553.572510][ T5845] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[ 1554.315613][T19165] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3095'.
[ 1554.341648][T19162] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3094'.
[ 1554.397669][T19165] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3095'.
[ 1554.459514][T18751] veth0_vlan: entered promiscuous mode
[ 1554.544536][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[ 1554.552106][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1555.251986][T18751] veth1_vlan: entered promiscuous mode
[ 1558.363320][T18751] veth0_macvtap: entered promiscuous mode
[ 1558.401460][T18751] veth1_macvtap: entered promiscuous mode
[ 1559.384672][T18751] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1559.469529][T18751] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1559.540981][   T36] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1559.573297][   T36] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1559.676123][   T36] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1559.711445][   T36] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1559.915812][   T66] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1559.953761][   T66] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1560.930038][T11800] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1560.996120][T11800] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1562.307465][T19234] loop6: detected capacity change from 0 to 32768
[ 1566.517592][T19284] loop4: detected capacity change from 0 to 1024
[ 1568.946624][T19324] loop6: detected capacity change from 0 to 4096
[ 1573.312982][T19373] loop6: detected capacity change from 0 to 7
[ 1573.334196][T19373] Dev loop6: unable to read RDB block 7
[ 1573.416599][T19373]  loop6: AHDI p4
[ 1573.447812][T19373] loop6: partition table partially beyond EOD, truncated
[ 1573.713360][T19381] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3171'.
[ 1574.357261][T19402] netem: incorrect gi model size
[ 1574.363569][T19402] netem: change failed
[ 1574.419651][T19404] netlink: 'syz.6.3180': attribute type 1 has an invalid length.
[ 1574.490686][T19404] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1574.541593][T19408] bond1: (slave dummy0): making interface the new active one
[ 1574.551995][T19408] bond1: (slave dummy0): Enslaving as an active interface with an up link
[ 1576.361557][T19458] loop6: detected capacity change from 0 to 128
[ 1576.454410][T19458] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1576.528767][T19458] ext4 filesystem being mounted at /428/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1577.191082][T19460] loop4: detected capacity change from 0 to 4096
[ 1577.366729][T19473] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[ 1577.535275][T10943] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1577.635143][T19478] syz_tun: entered allmulticast mode
[ 1577.922069][T19476] syz_tun: left allmulticast mode
[ 1578.047388][T19491] tmpfs: Too small a size for current use
[ 1580.083065][T19515] loop7: detected capacity change from 0 to 1024
[ 1580.111378][T19515] ext4: Unknown parameter 'noacl'
[ 1581.129843][T19526] netlink: 'syz.7.3210': attribute type 1 has an invalid length.
[ 1581.352000][T19533] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3211'.
[ 1581.419764][T19533] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1581.455427][T19532] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1581.508502][T19535] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3211'.
[ 1581.545919][T19533] bond0: (slave gretap1): Enslaving as an active interface with an up link
[ 1583.173207][T19535] bond0 (unregistering): (slave gretap1): Releasing backup interface
[ 1583.192230][T19535] bond0 (unregistering): Released all slaves
[ 1583.253728][T19550] netlink: 'syz.6.3217': attribute type 12 has an invalid length.
[ 1583.576144][T19562] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3221'.
[ 1583.663609][T19562] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3221'.
[ 1583.684856][   T30] audit: type=1326 audit(1763620297.288:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19539 comm="syz.9.3214" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f335998f749 code=0x0
[ 1583.713723][ T9807] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1583.728200][ T9807] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1583.765570][ T9807] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1583.830449][ T9807] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1583.986902][ T6046] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[ 1584.200918][T19577] loop6: detected capacity change from 0 to 128
[ 1584.216232][T19577] EXT4-fs: Ignoring removed orlov option
[ 1584.245062][T19577] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1584.300797][T19577] ext4 filesystem being mounted at /436/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1584.685185][T10943] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1584.963477][T19589] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3231'.
[ 1586.223418][T19596] netlink: 165 bytes leftover after parsing attributes in process `syz.6.3234'.
[ 1586.268841][T19596] netlink: 277 bytes leftover after parsing attributes in process `syz.6.3234'.
[ 1588.218157][    C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[ 1588.477408][T19647] loop6: detected capacity change from 0 to 512
[ 1588.501573][T19647] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1588.568134][T19647] EXT4-fs (loop6): 1 truncate cleaned up
[ 1588.584563][T19647] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1588.762434][T19650] netlink: 'syz.4.3251': attribute type 10 has an invalid length.
[ 1588.804432][T19650] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1588.811954][T19650] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1588.868541][T19657] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3251'.
[ 1588.927609][T19657] bridge_slave_1: left allmulticast mode
[ 1588.956892][T19657] bridge_slave_1: left promiscuous mode
[ 1588.967356][T10943] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1589.682354][T19657] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1589.762326][T19657] bridge_slave_0: left allmulticast mode
[ 1589.770473][T19657] bridge_slave_0: left promiscuous mode
[ 1589.940932][T19657] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1591.430551][T12824] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[ 1591.461843][   T30] audit: type=1800 audit(1763620305.068:234): pid=19689 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3261" name="file1" dev="tmpfs" ino=4339 res=0 errno=0
[ 1591.523868][T12824] hid-generic 0000:0000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1591.603901][T19696] loop6: detected capacity change from 0 to 47
[ 1594.527680][T19739] af_packet: tpacket_rcv: packet too big, clamped from 65512 to 4294967272. macoff=96
[ 1594.700132][T19750] netlink: 'syz.9.3283': attribute type 10 has an invalid length.
[ 1594.806826][T19750] team0: Port device dummy0 added
[ 1595.038011][T19754] loop4: detected capacity change from 0 to 1024
[ 1595.715664][T19756] loop4: detected capacity change from 0 to 2048
[ 1595.723954][T19756] EXT4-fs: inline encryption not supported
[ 1595.810947][T19756] EXT4-fs (loop4): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1596.049301][T19768] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3285: bg 0: block 120: padding at end of block bitmap is not set
[ 1596.116962][T19771] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3288'.
[ 1596.123979][T19768] EXT4-fs (loop4): Remounting filesystem read-only
[ 1596.309351][T13722] EXT4-fs (loop4): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[ 1596.768311][    C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[ 1599.881636][T19814] netlink: 'syz.2.3304': attribute type 4 has an invalid length.
[ 1600.056857][T19820] loop6: detected capacity change from 0 to 1024
[ 1601.853578][T19834] overlayfs: failed to clone upperpath
[ 1603.119459][T19851] netlink: 'syz.0.3315': attribute type 1 has an invalid length.
[ 1603.298022][T19851] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1603.878751][T19862] loop6: detected capacity change from 0 to 1024
[ 1605.035911][T19873] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3323'.
[ 1605.326237][   T30] audit: type=1326 audit(1763620318.928:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19879 comm="syz.2.3326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1605.396335][   T30] audit: type=1326 audit(1763620318.958:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19879 comm="syz.2.3326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1605.454903][   T30] audit: type=1326 audit(1763620318.958:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19879 comm="syz.2.3326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1605.491561][   T30] audit: type=1326 audit(1763620318.958:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19879 comm="syz.2.3326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1606.241560][   T30] audit: type=1326 audit(1763620318.958:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19879 comm="syz.2.3326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1606.268311][   T30] audit: type=1326 audit(1763620318.958:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19879 comm="syz.2.3326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1606.291315][   T30] audit: type=1326 audit(1763620318.968:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19879 comm="syz.2.3326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1606.317737][   T30] audit: type=1326 audit(1763620318.968:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19879 comm="syz.2.3326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1606.358190][   T30] audit: type=1326 audit(1763620318.968:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19879 comm="syz.2.3326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1606.427007][   T30] audit: type=1326 audit(1763620318.968:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19879 comm="syz.2.3326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1606.522759][T19899] syz_tun: entered allmulticast mode
[ 1606.532707][ T5915] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[ 1606.568838][T19898] syz_tun: left allmulticast mode
[ 1606.736781][ T5915] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1606.757707][ T5915] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1606.792274][ T5915] usb 5-1: Product: syz
[ 1606.796501][ T5915] usb 5-1: Manufacturer: syz
[ 1606.821876][ T5915] usb 5-1: SerialNumber: syz
[ 1606.843166][T19904] pim6reg1: entered allmulticast mode
[ 1606.867713][T19910] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3335'.
[ 1606.917684][T19906] pim6reg1: left allmulticast mode
[ 1606.967049][T19911] overlayfs: missing 'workdir'
[ 1607.531333][ T5915] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO
[ 1607.574495][ T5915] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71
[ 1607.621771][ T5915] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1607.640725][T19910] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1607.669160][T19912] bond1: option mode: unable to set because the bond device is up
[ 1607.688857][ T5915] lan78xx 5-1:1.0: probe with driver lan78xx failed with error -71
[ 1607.728957][ T5915] usb 5-1: USB disconnect, device number 24
[ 1608.908141][ T8382] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[ 1609.830611][ T8382] usb 7-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1609.873042][ T8382] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1609.958351][ T8382] usb 7-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1609.984115][ T8382] usb 7-1: Manufacturer: syz
[ 1610.012801][ T8382] usb 7-1: config 0 descriptor??
[ 1610.039503][ T8382] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[ 1610.473043][ T5908] usb 7-1: USB disconnect, device number 21
[ 1610.516722][T19967] loop4: detected capacity change from 0 to 1024
[ 1610.943761][T19975] loop7: detected capacity change from 0 to 128
[ 1610.995375][T19975] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1611.198434][T19975] ext4 filesystem being mounted at /38/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1611.409785][T18751] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1614.688161][    C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[ 1615.187863][T20051] loop6: detected capacity change from 0 to 512
[ 1615.222652][T20051] EXT4-fs error (device loop6): ext4_orphan_get:1418: comm syz.6.3382: bad orphan inode 11862016
[ 1615.266314][T20051] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[ 1615.343086][T20051] ext4 filesystem being mounted at /464/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1615.478313][T10943] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[ 1615.715527][T20065] loop6: detected capacity change from 0 to 4096
[ 1615.975068][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[ 1615.984878][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1616.022942][T20072] netlink: 'syz.9.3389': attribute type 10 has an invalid length.
[ 1616.033512][T20072] team0: Device ipvlan1 failed to register rx_handler
[ 1617.418483][T20093] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1617.441848][T20093] block device autoloading is deprecated and will be removed.
[ 1617.457312][T20096] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3397'.
[ 1618.734924][T20108] loop6: detected capacity change from 0 to 32768
[ 1618.782638][T20108] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1618.847604][T20108] XFS (loop6): Ending clean mount
[ 1618.989474][T10943] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1622.279215][T20169] loop6: detected capacity change from 0 to 262144
[ 1622.296881][T20169] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.3420 (20169)
[ 1622.321464][T20169] BTRFS info (device loop6): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[ 1622.331918][T20169] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm
[ 1622.510413][ T5915] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0
[ 1622.582713][ T5915] hid-generic 0000:0000:0000.0013: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1622.599396][T20169] BTRFS info (device loop6): enabling ssd optimizations
[ 1622.606475][T20169] BTRFS info (device loop6): enabling free space tree
[ 1622.730714][T20169] BTRFS info (device loop6): balance: start -d -m -s
[ 1622.749664][T20169] BTRFS info (device loop6): relocating block group 30408704 flags metadata|dup
[ 1622.812284][T20169] BTRFS info (device loop6): found 3 extents, stage: move data extents
[ 1622.843198][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1622.938746][T20169] BTRFS info (device loop6): relocating block group 22020096 flags system|dup
[ 1622.976839][T20169] BTRFS info (device loop6): balance: canceled
[ 1623.088875][T10943] BTRFS info (device loop6): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[ 1623.365413][T20219] loop7: detected capacity change from 0 to 512
[ 1623.480882][T20219] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1623.580892][T20219] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1623.754466][   T30] kauditd_printk_skb: 7 callbacks suppressed
[ 1623.754490][   T30] audit: type=1800 audit(1763620337.358:252): pid=20219 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3435" name="file2" dev="loop7" ino=16 res=0 errno=0
[ 1624.064804][T18751] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1624.439718][T20231] team0: Port device team_slave_0 removed
[ 1624.536172][T20241] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3438'.
[ 1624.549622][T20231] team0: Port device team_slave_1 removed
[ 1624.579746][T20231] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1624.654828][T20231] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1624.714711][T20231] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1624.769927][T20231] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1624.818901][T20231] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1626.425112][T20262] overlayfs: failed to clone upperpath
[ 1630.127838][T20284] loop7: detected capacity change from 0 to 1024
[ 1632.738241][T20309] loop6: detected capacity change from 0 to 2048
[ 1632.988179][T20309] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1634.755884][T20329] loop7: detected capacity change from 0 to 1024
[ 1635.869051][T20338] syzkaller1: entered promiscuous mode
[ 1635.894431][T20338] syzkaller1: entered allmulticast mode
[ 1636.254565][T20349] netlink: 'syz.9.3480': attribute type 5 has an invalid length.
[ 1636.741205][T20363] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1636.751347][T20363] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1638.068218][ T5908] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[ 1638.110517][T20369] loop4: detected capacity change from 0 to 2048
[ 1638.200157][T20369] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1638.202299][T20380] ªªªªªªéÉk¹¾Ú›“ì: renamed from lo
[ 1638.238020][ T5908] usb 7-1: Using ep0 maxpacket: 16
[ 1638.245578][ T5908] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1638.263361][ T5908] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1638.326522][ T5908] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1638.358703][ T5908] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1638.425624][ T5908] usb 7-1: Product: syz
[ 1638.441190][ T5908] usb 7-1: Manufacturer: syz
[ 1638.461171][ T5908] usb 7-1: SerialNumber: syz
[ 1638.698578][ T5908] usb 7-1: 0:2 : does not exist
[ 1638.714714][ T5908] usb 7-1: 5:0: failed to get current value for ch 0 (-22)
[ 1639.018544][ T5908] usb 7-1: USB disconnect, device number 22
[ 1639.159237][T20401] loop4: detected capacity change from 0 to 1024
[ 1640.875032][T13627] udevd[13627]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1640.947046][   T30] audit: type=1326 audit(1763620354.548:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20409 comm="syz.6.3501" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1b4778f749 code=0x0
[ 1642.992210][T20434] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3509'.
[ 1646.227397][T20461] loop4: detected capacity change from 0 to 1024
[ 1647.461887][T20472] loop9: detected capacity change from 0 to 7
[ 1647.594265][T13601]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[ 1647.739665][T13601] loop9: partition table partially beyond EOD, truncated
[ 1647.773351][T13601] loop9: p1 size 2437361653 extends beyond EOD, truncated
[ 1647.835976][T20472]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[ 1647.890731][T20472] loop9: partition table partially beyond EOD, truncated
[ 1647.914317][T20472] loop9: p1 size 2437361653 extends beyond EOD, truncated
[ 1648.608114][    C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[ 1648.650531][T13627] udevd[13627]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory
[ 1649.187329][T13627] udevd[13627]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory
[ 1649.378057][T20494] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[ 1649.384632][T20494] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1649.417299][T20494] vhci_hcd vhci_hcd.0: Device attached
[ 1649.433202][T10153] kernel write not supported for file bpf-prog (pid: 10153 comm: kworker/1:7)
[ 1649.438805][T20501] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(6)
[ 1649.449389][T20501] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1649.507490][T20505] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(9)
[ 1649.514055][T20505] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1649.523880][T20506] loop4: detected capacity change from 0 to 512
[ 1649.550324][T20501] vhci_hcd vhci_hcd.0: Device attached
[ 1649.560215][T20506] msdos: Unknown parameter 'defcontext'
[ 1649.570641][T20505] vhci_hcd vhci_hcd.0: Device attached
[ 1649.585516][T20494] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(5)
[ 1649.592122][T20494] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1649.643331][T12824] vhci_hcd: vhci_device speed not set
[ 1649.689517][T20494] vhci_hcd vhci_hcd.0: Device attached
[ 1649.708611][T20501] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(11)
[ 1649.715316][T20501] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1649.730356][T12824] usb 37-1: new full-speed USB device number 3 using vhci_hcd
[ 1649.753429][T20494] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1649.790037][T20501] vhci_hcd vhci_hcd.0: Device attached
[ 1649.816424][T20494] vhci_hcd vhci_hcd.0: pdev(2) rhport(6) sockfd(16)
[ 1649.823085][T20494] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1649.866773][T20505] vhci_hcd vhci_hcd.0: pdev(2) rhport(7) sockfd(14)
[ 1649.873525][T20505] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1649.908132][T20494] vhci_hcd vhci_hcd.0: Device attached
[ 1649.939770][T20505] vhci_hcd vhci_hcd.0: Device attached
[ 1649.957099][T20519] vhci_hcd: connection closed
[ 1649.957418][T20516] vhci_hcd: connection closed
[ 1649.958372][T20509] vhci_hcd: connection closed
[ 1649.962412][T20503] vhci_hcd: connection closed
[ 1649.967343][T20497] vhci_hcd: connection reset by peer
[ 1649.978139][T20507] vhci_hcd: connection closed
[ 1649.982765][T20511] vhci_hcd: connection closed
[ 1649.988204][ T6052] vhci_hcd: stop threads
[ 1649.997424][ T6052] vhci_hcd: release socket
[ 1650.007611][ T6052] vhci_hcd: disconnect device
[ 1650.024321][T20525] loop4: detected capacity change from 0 to 128
[ 1650.038419][ T6052] vhci_hcd: stop threads
[ 1650.046148][ T6052] vhci_hcd: release socket
[ 1650.060970][ T6052] vhci_hcd: disconnect device
[ 1650.080881][ T6052] vhci_hcd: stop threads
[ 1650.092537][T20525] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1650.124710][ T6052] vhci_hcd: release socket
[ 1650.362425][ T6052] vhci_hcd: disconnect device
[ 1650.389357][T20525] ext4 filesystem being mounted at /304/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1650.489489][T20533] loop7: detected capacity change from 0 to 1024
[ 1650.551561][ T6052] vhci_hcd: stop threads
[ 1650.583385][ T6052] vhci_hcd: release socket
[ 1650.623457][ T6052] vhci_hcd: disconnect device
[ 1650.740267][ T6052] vhci_hcd: stop threads
[ 1650.772508][ T6052] vhci_hcd: release socket
[ 1650.777474][ T6052] vhci_hcd: disconnect device
[ 1650.782765][ T6052] vhci_hcd: stop threads
[ 1650.787029][ T6052] vhci_hcd: release socket
[ 1650.792323][ T6052] vhci_hcd: disconnect device
[ 1650.803987][ T6052] vhci_hcd: stop threads
[ 1650.808761][ T6052] vhci_hcd: release socket
[ 1650.820036][ T6052] vhci_hcd: disconnect device
[ 1653.891795][T20544] Bluetooth: hci5: command 0x0406 tx timeout
[ 1654.020986][T13722] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1654.646535][T20559] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1654.897314][ T5934] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[ 1654.928350][T12824] vhci_hcd: vhci_device speed not set
[ 1654.934131][ T5934] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[ 1654.958011][ T5934] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[ 1654.985651][ T5934] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[ 1655.214814][T10153] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[ 1655.243212][ T5934] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[ 1655.261910][ T5934] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[ 1655.600916][ T5934] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[ 1655.610162][ T5934] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[ 1655.617754][ T5934] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[ 1655.625740][ T5934] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0
[ 1655.645341][ T5934] hid-generic 0000:0000:0000.0014: hidraw0: <UNKNOWN> HID v0.00 Device [] on 
[ 1655.680878][T10153] usb 5-1: Using ep0 maxpacket: 32
[ 1655.769281][T10153] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1655.972406][T10153] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1656.058012][T10153] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1656.083976][T10153] usb 5-1: Product: syz
[ 1656.089184][T10153] usb 5-1: Manufacturer: syz
[ 1656.275952][T10153] usb 5-1: SerialNumber: syz
[ 1656.319148][T10153] usb 5-1: config 0 descriptor??
[ 1657.026853][T20562] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1659.253818][T20600] loop6: detected capacity change from 0 to 2048
[ 1659.324623][T12824] usb 5-1: USB disconnect, device number 25
[ 1662.589424][T20600] NILFS (loop6): error -4 creating segctord thread
[ 1663.569162][T20629] syz_tun: entered allmulticast mode
[ 1663.582329][T20627] syz_tun: left allmulticast mode
[ 1663.961913][T20637] overlayfs: failed to resolve './file0': -2
[ 1666.133922][T20647] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1666.146017][T20647] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1666.499208][T20626] loop4: detected capacity change from 0 to 32768
[ 1667.419317][T20626] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/loop4": -EINTR
[ 1667.662981][T20664] overlayfs: failed to get inode (-116)
[ 1667.701296][T20664] overlayfs: failed to get inode (-116)
[ 1667.735697][T20664] overlayfs: failed to get inode (-116)
[ 1667.759421][T20664] overlayfs: failed to get inode (-116)
[ 1669.398080][T12824] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[ 1670.215052][T12824] usb 7-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1670.249009][T12824] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1670.300785][T12824] usb 7-1: config 0 descriptor??
[ 1670.765142][T20712] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3595'.
[ 1672.318440][T12824] usb 7-1: Cannot set autoneg
[ 1672.327438][T12824] MOSCHIP usb-ethernet driver 7-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[ 1672.520314][T12824] usb 7-1: USB disconnect, device number 23
[ 1676.829858][T20743] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3608'.
[ 1676.912705][T20747] loop6: detected capacity change from 0 to 128
[ 1677.443251][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[ 1677.450001][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1677.474815][T20753] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3610'.
[ 1677.542425][T20753] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3610'.
[ 1678.180870][T20758] loop4: detected capacity change from 0 to 2048
[ 1678.240036][T20758] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1678.961744][T20776] loop4: detected capacity change from 0 to 512
[ 1679.126220][T20764] loop6: detected capacity change from 0 to 32768
[ 1679.145133][T20776] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1679.489461][T20776] ext4 filesystem being mounted at /315/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1679.818685][T20764] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1679.843403][   T30] audit: type=1800 audit(1763620393.438:254): pid=20776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3615" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1679.997310][T20764] XFS (loop6): Ending clean mount
[ 1680.025010][T20764] XFS (loop6): Quotacheck needed: Please wait.
[ 1680.730622][T20764] XFS (loop6): Quotacheck: Done.
[ 1681.213429][T20807] bridge1: entered allmulticast mode
[ 1681.337103][T10943] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1681.581600][   T30] audit: type=1326 audit(1763620395.168:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.2.3628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1681.822842][   T30] audit: type=1326 audit(1763620395.168:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.2.3628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1681.877426][   T30] audit: type=1326 audit(1763620395.168:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.2.3628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1682.255096][   T30] audit: type=1326 audit(1763620395.168:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.2.3628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1682.330060][T20822] loop7: detected capacity change from 0 to 1024
[ 1682.610104][   T30] audit: type=1326 audit(1763620395.178:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.2.3628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1682.638490][   T30] audit: type=1326 audit(1763620395.178:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.2.3628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1682.672879][T13722] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1682.686867][   T30] audit: type=1326 audit(1763620395.178:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.2.3628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1682.831714][   T30] audit: type=1326 audit(1763620395.178:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.2.3628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1682.998341][   T30] audit: type=1326 audit(1763620395.178:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20817 comm="syz.2.3628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54d398f749 code=0x7ffc0000
[ 1683.654555][T20853] loop7: detected capacity change from 0 to 2048
[ 1683.667409][T20853] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1683.868407][T20855] loop6: detected capacity change from 0 to 2048
[ 1687.168742][T20855] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1687.236398][T20860] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3642'.
[ 1688.835388][ T8382] hid_parser_main: 20 callbacks suppressed
[ 1688.835409][ T8382] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 1689.043817][ T8382] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 1689.102781][ T8382] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 1689.119149][ T8382] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 1689.127054][ T8382] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 1689.135007][ T8382] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 1689.143161][ T8382] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 1689.153444][ T8382] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 1689.161911][ T8382] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 1689.170456][ T8382] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[ 1689.216672][ T8382] hid-generic 0000:0000:0000.0015: hidraw0: <UNKNOWN> HID v0.00 Device [] on 
[ 1690.744085][T20891] fido_id[20891]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1691.133578][T20906] loop7: detected capacity change from 0 to 2048
[ 1691.196722][T20906] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1694.124459][T20937] loop7: detected capacity change from 0 to 32768
[ 1694.144956][T20937] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.3664 (20937)
[ 1694.177983][T20937] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1694.188300][T20937] BTRFS info (device loop7): using crc32c (crc32c-lib) checksum algorithm
[ 1694.322481][T20937] BTRFS info (device loop7): rebuilding free space tree
[ 1694.339164][T20937] BTRFS info (device loop7): checking UUID tree
[ 1694.346165][T20937] BTRFS info (device loop7): enabling ssd optimizations
[ 1694.353216][T20937] BTRFS info (device loop7): turning off barriers
[ 1694.359767][T20937] BTRFS info (device loop7): disabling tree log
[ 1694.366104][T20937] BTRFS info (device loop7): turning on flush-on-commit
[ 1694.373350][T20937] BTRFS info (device loop7): enabling free space tree
[ 1694.380248][T20937] BTRFS info (device loop7): force clearing of disk cache
[ 1694.387400][T20937] BTRFS info (device loop7): use lzo compression, level 1
[ 1694.394590][T20937] BTRFS info (device loop7): max_inline set to 0
[ 1696.331888][T18751] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1696.601332][T20973] loop4: detected capacity change from 0 to 1024
[ 1698.361021][T20980] loop7: detected capacity change from 0 to 32768
[ 1698.421506][T20980] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1698.532682][T20980] XFS (loop7): Ending clean mount
[ 1698.614213][T20980] XFS (loop7): Quotacheck needed: Please wait.
[ 1698.638062][   T30] kauditd_printk_skb: 13 callbacks suppressed
[ 1698.638088][   T30] audit: type=1326 audit(1763620412.218:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20987 comm="syz.6.3676" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1b4778f749 code=0x0
[ 1698.916907][T20980] XFS (loop7): Quotacheck: Done.
[ 1698.979732][   T30] audit: type=1800 audit(1763620412.568:278): pid=20980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3669" name="file1" dev="loop7" ino=6150 res=0 errno=0
[ 1699.961496][T18751] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1700.575207][T21040] loop6: detected capacity change from 0 to 1024
[ 1702.161750][T21071] loop6: detected capacity change from 0 to 4096
[ 1702.190755][T21071] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1702.275190][T21071] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 4096)
[ 1702.895736][T21078] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1703.048040][T21079] netlink: zone id is out of range
[ 1703.059277][T21079] netlink: get zone limit has 4 unknown bytes
[ 1703.227415][   T30] audit: type=1800 audit(1763620416.818:279): pid=21071 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3700" name="file2" dev="loop6" ino=16 res=0 errno=0
[ 1703.948842][T21087] loop7: detected capacity change from 0 to 512
[ 1704.728248][T21087] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1704.748575][T21087] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[ 1704.851110][T21092] Failed to get privilege flags for destination (handle=0x2:0x0)
[ 1704.877556][T21087] EXT4-fs error (device loop7): ext4_orphan_get:1418: comm syz.7.3705: bad orphan inode 131083
[ 1704.985596][T21087] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1705.120096][T21101] loop6: detected capacity change from 0 to 2048
[ 1705.140492][T21101] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1705.248566][T21098] ieee802154 phy0 wpan0: encryption failed: -22
[ 1705.447019][T18751] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1707.275242][T21127] loop7: detected capacity change from 0 to 2048
[ 1707.388106][T21127] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1708.644396][T21138] loop6: detected capacity change from 0 to 1024
[ 1711.476422][T21190] loop6: detected capacity change from 0 to 1024
[ 1712.315159][T21192] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3737'.
[ 1714.037393][T21212] orangefs_devreq_write_iter: failed to copy head.
[ 1716.165564][T21241] loop4: detected capacity change from 0 to 1024
[ 1717.118949][T21251] loop6: detected capacity change from 0 to 1024
[ 1717.149099][T21251] ext4: Unknown parameter 'obj_user'
[ 1717.194791][T20544] Bluetooth: hci1: unexpected event for opcode 0x2060
[ 1717.276342][T21253] loop4: detected capacity change from 0 to 512
[ 1717.310002][T21253] EXT4-fs: Ignoring removed oldalloc option
[ 1717.349393][T21253] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1717.392435][T21253] EXT4-fs (loop4): 1 truncate cleaned up
[ 1717.425119][T21253] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1717.675603][T21253] loop4: detected capacity change from 512 to 64
[ 1717.730574][T21246] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1717.810654][T13722] EXT4-fs warning (device loop4): htree_dirblock_to_tree:1051: inode #2: lblock 2: comm syz-executor: error -12 reading directory block
[ 1717.925570][T13722] EXT4-fs warning (device loop4): htree_dirblock_to_tree:1051: inode #2: lblock 2: comm syz-executor: error -12 reading directory block
[ 1718.150800][T13722] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1718.368159][    C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[ 1719.258658][T20544] Bluetooth: hci1: command 0x0406 tx timeout
[ 1720.363607][T21296] input: syz1 as /devices/virtual/input/input19
[ 1720.766243][T21303] loop4: detected capacity change from 0 to 512
[ 1720.797538][T21303] EXT4-fs: Ignoring removed bh option
[ 1720.890798][T21303] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1720.994624][T21303] ext4 filesystem being mounted at /342/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1721.149108][   T30] audit: type=1800 audit(1763620434.758:280): pid=21303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3771" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1721.287256][T13722] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1721.620362][T21301] loop7: detected capacity change from 0 to 32768
[ 1721.919082][T21316] loop4: detected capacity change from 0 to 1024
[ 1722.861692][T21316] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[ 1722.886635][T21316] ext4 filesystem being mounted at /343/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1723.286586][   T36] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: comm kworker/u8:2: lblock 0 mapped to illegal pblock 0 (length 6)
[ 1723.422627][   T36] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117
[ 1723.502074][   T36] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1723.502074][   T36] 
[ 1723.569808][   T66] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 112: padding at end of block bitmap is not set
[ 1723.663572][   T66] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[ 1723.689168][T21332] loop6: detected capacity change from 0 to 256
[ 1723.697466][T21332] exfat: Deprecated parameter 'namecase'
[ 1723.743206][T21332] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[ 1723.779009][   T66] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1723.779009][   T66] 
[ 1723.831343][   T66] EXT4-fs (loop4): Total free blocks count 0
[ 1723.837447][   T66] EXT4-fs (loop4): Free/Dirty block details
[ 1723.865880][   T66] EXT4-fs (loop4): free_blocks=0
[ 1723.889149][   T66] EXT4-fs (loop4): dirty_blocks=16
[ 1723.916578][   T66] EXT4-fs (loop4): Block reservation details
[ 1724.370443][ T5934] hid_parser_main: 20 callbacks suppressed
[ 1724.370463][ T5934] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0
[ 1724.424715][T21344] loop4: detected capacity change from 0 to 1024
[ 1724.498856][T21339] overlayfs: missing 'lowerdir'
[ 1724.539268][ T5934] hid-generic 0000:0000:0000.0016: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1724.927714][ T6046] hfsplus: b-tree write err: -5, ino 4
[ 1725.112187][T21348] fido_id[21348]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1726.431552][T21081] usb 5-1: new full-speed USB device number 26 using dummy_hcd
[ 1726.597073][T21081] usb 5-1: config 0 has no interfaces?
[ 1726.753726][T21376] netlink: 'syz.7.3792': attribute type 4 has an invalid length.
[ 1726.801074][T21081] usb 5-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b
[ 1726.823711][T21375] netlink: 'syz.7.3792': attribute type 4 has an invalid length.
[ 1726.841031][T21081] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1726.944818][T21081] usb 5-1: Product: syz
[ 1726.984937][T21081] usb 5-1: Manufacturer: syz
[ 1727.041482][T21081] usb 5-1: SerialNumber: syz
[ 1727.104887][T21081] usb 5-1: config 0 descriptor??
[ 1727.411539][ T8382] usb 5-1: USB disconnect, device number 26
[ 1727.892795][T21389] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1728.208883][T21391] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1728.281723][T21394] bond1: (slave ip6gretap1): making interface the new active one
[ 1728.345308][T21394] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[ 1730.342794][T21415] loop4: detected capacity change from 0 to 128
[ 1730.423852][T21415] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1730.467587][T21415] ext4 filesystem being mounted at /348/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1730.598059][T21415] EXT4-fs (loop4): shut down requested (2)
[ 1730.629677][T21415] fscrypt (loop4, inode 12): Error -5 getting encryption context
[ 1730.638564][T21428] binder: 21425:21428 ioctl c0306201 200000000080 returned -14
[ 1730.803498][T13722] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1731.960616][T21440] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3816'.
[ 1732.103970][T21444] loop4: detected capacity change from 0 to 1024
[ 1732.357185][T21438] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1732.379923][T21440] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3816'.
[ 1732.390371][T21438] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1732.757644][T21464] netlink: 'syz.0.3822': attribute type 3 has an invalid length.
[ 1733.145484][T21473] loop6: detected capacity change from 0 to 2048
[ 1733.154578][T21473] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1733.165047][T21473] NILFS (loop6): mounting unchecked fs
[ 1733.178210][T21473] NILFS (loop6): recovery complete
[ 1733.185251][T21474] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1733.217758][   T30] audit: type=1800 audit(1763620446.818:281): pid=21473 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3825" name="file1" dev="loop6" ino=12 res=0 errno=0
[ 1733.328399][   T30] audit: type=1800 audit(1763620446.848:282): pid=21473 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3825" name="file1" dev="loop6" ino=12 res=0 errno=0
[ 1736.379061][   T30] audit: type=1800 audit(1763620449.978:283): pid=21475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.3825" name="file1" dev="loop6" ino=12 res=0 errno=0
[ 1737.649143][T21514] binder: 21513:21514 ioctl c0306201 200000000080 returned -14
[ 1738.858588][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[ 1738.944484][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1740.258770][T21548] loop7: detected capacity change from 0 to 128
[ 1740.281753][T21548] EXT4-fs: Ignoring removed nobh option
[ 1740.330541][T21548] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1740.334881][T21546] loop6: detected capacity change from 0 to 1024
[ 1740.343828][T21548] ext4 filesystem being mounted at /129/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1740.424190][T21546] hfsplus: Unknown parameter 'net_prio.prioidx'
[ 1740.453112][T21552] binder: 21550:21552 ioctl c0306201 200000000680 returned -14
[ 1740.634903][T18751] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1742.329795][T21571] loop7: detected capacity change from 0 to 256
[ 1742.593263][T21571] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[ 1743.698893][T21579] exFAT-fs (loop7): start_clu is invalid cluster(0xffffffff)
[ 1744.029358][T21586] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3861'.
[ 1747.766208][T21626] pimreg: entered allmulticast mode
[ 1747.794699][T21626] pimreg: left allmulticast mode
[ 1749.848417][T21657] bridge0: port 3(gretap0) entered blocking state
[ 1749.855713][T21657] bridge0: port 3(gretap0) entered disabled state
[ 1749.904004][T21657] gretap0: entered allmulticast mode
[ 1749.954600][T21657] gretap0: entered promiscuous mode
[ 1749.967796][T21657] bridge0: port 3(gretap0) entered blocking state
[ 1749.975061][T21657] bridge0: port 3(gretap0) entered forwarding state
[ 1751.817949][T21680] loop6: detected capacity change from 0 to 1024
[ 1756.386332][T21720] loop7: detected capacity change from 0 to 128
[ 1757.490925][   T36] kworker/u8:2: attempt to access beyond end of device
[ 1757.490925][   T36] loop7: rw=1, sector=145, nr_sectors = 8 limit=128
[ 1757.638045][   T36] kworker/u8:2: attempt to access beyond end of device
[ 1757.638045][   T36] loop7: rw=1, sector=161, nr_sectors = 8 limit=128
[ 1757.687784][   T36] kworker/u8:2: attempt to access beyond end of device
[ 1757.687784][   T36] loop7: rw=1, sector=177, nr_sectors = 8 limit=128
[ 1757.808094][   T36] kworker/u8:2: attempt to access beyond end of device
[ 1757.808094][   T36] loop7: rw=1, sector=193, nr_sectors = 8 limit=128
[ 1757.866321][   T36] kworker/u8:2: attempt to access beyond end of device
[ 1757.866321][   T36] loop7: rw=1, sector=209, nr_sectors = 8 limit=128
[ 1757.895147][   T36] kworker/u8:2: attempt to access beyond end of device
[ 1757.895147][   T36] loop7: rw=1, sector=225, nr_sectors = 8 limit=128
[ 1757.909720][   T36] kworker/u8:2: attempt to access beyond end of device
[ 1757.909720][   T36] loop7: rw=1, sector=241, nr_sectors = 8 limit=128
[ 1757.926766][   T36] kworker/u8:2: attempt to access beyond end of device
[ 1757.926766][   T36] loop7: rw=1, sector=257, nr_sectors = 8 limit=128
[ 1757.961404][   T36] kworker/u8:2: attempt to access beyond end of device
[ 1757.961404][   T36] loop7: rw=1, sector=273, nr_sectors = 8 limit=128
[ 1758.046688][   T36] kworker/u8:2: attempt to access beyond end of device
[ 1758.046688][   T36] loop7: rw=1, sector=289, nr_sectors = 8 limit=128
[ 1759.975333][T21755] netlink: 'syz.6.3917': attribute type 1 has an invalid length.
[ 1760.110150][T21755] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1760.184878][T21759] gretap1: entered promiscuous mode
[ 1760.234193][T21759] bond2: (slave gretap1): making interface the new active one
[ 1760.266798][T21759] bond2: (slave gretap1): Enslaving as an active interface with an up link
[ 1760.782529][T21769] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3920'.
[ 1761.119620][T21779] syzkaller0: entered promiscuous mode
[ 1761.125705][T21779] syzkaller0: entered allmulticast mode
[ 1761.138855][T21779] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1761.147873][T21778] tipc: Resetting bearer <eth:syzkaller0>
[ 1761.179461][T21778] tipc: Disabling bearer <eth:syzkaller0>
[ 1766.639447][T21826] binder: 21825:21826 unknown command 0
[ 1766.645224][T21826] binder: 21825:21826 ioctl c0306201 200000000080 returned -22
[ 1775.043951][T21872] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3957'.
[ 1775.165319][T21873] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3957'.
[ 1776.975279][T21902] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3967'.
[ 1778.493609][T21920] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3969'.
[ 1779.882465][T21932] netlink: 388 bytes leftover after parsing attributes in process `syz.7.3977'.
[ 1780.467297][T21931] netlink: 92 bytes leftover after parsing attributes in process `syz.2.3978'.
[ 1780.548371][T21941] netlink: 'syz.9.3980': attribute type 14 has an invalid length.
[ 1781.938787][T21956] binder: 21955:21956 ioctl c0306201 200000000540 returned -14
[ 1782.410429][T21969] loop7: detected capacity change from 0 to 2048
[ 1782.575340][T21968] binder: BINDER_SET_CONTEXT_MGR already set
[ 1782.590595][T21969] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1782.710608][T21968] binder: 21967:21968 ioctl 4018620d 200000004a80 returned -16
[ 1783.321590][T21979] syz_tun: entered allmulticast mode
[ 1783.432969][T21984] dvmrp1: entered allmulticast mode
[ 1783.527784][T21978] syz_tun: left allmulticast mode
[ 1783.739613][T21983] loop6: detected capacity change from 0 to 32768
[ 1783.749163][T21983] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.3995 (21983)
[ 1783.770363][T21983] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1783.780626][T21983] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[ 1784.269751][T21983] BTRFS info (device loop6): enabling ssd optimizations
[ 1784.277917][T21983] BTRFS info (device loop6): turning on async discard
[ 1784.287983][T21983] BTRFS info (device loop6): enabling free space tree
[ 1784.612937][T22017] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1784.613879][T10943] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1784.653821][T22017] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1784.719245][T22017] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1784.753514][T22017] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1790.702236][T22073] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4016'.
[ 1790.748084][T22075] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4018'.
[ 1790.759435][T22073] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4016'.
[ 1790.759691][T22075] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4018'.
[ 1790.906989][T22079] binder: 22078:22079 ioctl c0306201 200000004a40 returned -14
[ 1793.093272][T22094] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4025'.
[ 1793.125539][T22094] netlink: 'syz.9.4025': attribute type 12 has an invalid length.
[ 1793.200450][T22094] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4025'.
[ 1794.108544][ T8382] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[ 1794.268272][ T8382] usb 7-1: Using ep0 maxpacket: 16
[ 1794.289774][ T8382] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1794.322581][ T8382] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1794.402691][ T8382] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1794.434776][ T8382] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1794.475426][ T8382] usb 7-1: Product: syz
[ 1794.505936][ T8382] usb 7-1: Manufacturer: syz
[ 1794.518035][ T8382] usb 7-1: SerialNumber: syz
[ 1794.538849][ T8382] usb 7-1: config 0 descriptor??
[ 1794.562184][ T8382] em28xx 7-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1794.579020][ T8382] em28xx 7-1:0.0: Audio interface 0 found (Vendor Class)
[ 1795.989724][ T8382] em28xx 7-1:0.0: unknown em28xx chip ID (0)
[ 1796.037946][ T8382] em28xx 7-1:0.0: Config register raw data: 0xfffffffb
[ 1797.012731][ T8382] em28xx 7-1:0.0: Unknown AC97 audio processor detected!
[ 1797.351793][T22166] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1797.431919][ T8382] em28xx 7-1:0.0: couldn't setup AC97 register 2
[ 1797.443121][ T8382] em28xx 7-1:0.0: couldn't setup AC97 register 4
[ 1797.450896][ T8382] em28xx 7-1:0.0: couldn't setup AC97 register 6
[ 1797.462037][ T8382] em28xx 7-1:0.0: couldn't setup AC97 register 54
[ 1797.470548][ T8382] em28xx 7-1:0.0: couldn't setup AC97 register 56
[ 1797.510986][ T8382] usb 7-1: USB disconnect, device number 24
[ 1799.897418][T22193] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4052'.
[ 1800.293522][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[ 1800.307676][T21438] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1800.309051][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1800.351495][T21438] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[ 1800.409258][T21438] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1800.437424][T21438] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[ 1800.531281][T22212] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1800.545687][T22212] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1800.588551][T22212] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1800.609842][T22212] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1800.642945][T22212] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1800.656718][ T5834] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1800.664611][ T5834] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1800.672500][ T5834] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1800.681233][ T5834] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1800.690117][ T5834] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1800.921879][T22212] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1800.939280][T22212] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1800.950091][T22212] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1801.008928][T22212] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1801.016993][T22212] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1801.213278][T22222] netlink: 'syz.7.4061': attribute type 4 has an invalid length.
[ 1801.221501][T22222] netlink: 3657 bytes leftover after parsing attributes in process `syz.7.4061'.
[ 1802.184799][T11789] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1802.281626][T22231] netlink: 'syz.7.4066': attribute type 27 has an invalid length.
[ 1802.297382][T22231] netlink: 'syz.7.4066': attribute type 4 has an invalid length.
[ 1802.311966][T22231] netlink: 144 bytes leftover after parsing attributes in process `syz.7.4066'.
[ 1802.373586][T11789] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1802.482619][T22233] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4067'.
[ 1802.557523][T20544] Bluetooth: hci7: Opcode 0x1003 failed: -110
[ 1802.602926][T11789] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1802.787773][T20544] Bluetooth: hci6: command tx timeout
[ 1803.145925][T20544] Bluetooth: hci2: command tx timeout
[ 1803.324670][T11789] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1803.476522][T22243] netlink: 24 bytes leftover after parsing attributes in process `syz.9.4070'.
[ 1804.694578][ T6022] nci: nci_add_new_protocol: the target found does not have the desired protocol
[ 1804.859261][T20544] Bluetooth: hci6: command tx timeout
[ 1804.886925][T21673] chnl_net:caif_netlink_parms(): no params data found
[ 1805.168007][T20544] Bluetooth: hci2: command tx timeout
[ 1805.223878][T22215] chnl_net:caif_netlink_parms(): no params data found
[ 1806.303681][T22280] comedi comedi3: 8255: I/O port conflict (0x40404f26,4)
[ 1806.311070][T22280] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1806.317739][T22280] comedi comedi3: 8255: I/O port conflict (0x2,4)
[ 1806.324865][T22280] comedi comedi3: 8255: I/O port conflict (0xc,4)
[ 1806.331538][T22280] comedi comedi3: 8255: I/O port conflict (0x9,4)
[ 1806.338124][T22280] comedi comedi3: 8255: I/O port conflict (0x5c95238c,4)
[ 1806.345523][T22280] comedi comedi3: 8255: I/O port conflict (0xa,4)
[ 1806.352066][T22280] comedi comedi3: 8255: I/O port conflict (0x3bf,4)
[ 1806.358762][T22280] comedi comedi3: 8255: I/O port conflict (0x6,4)
[ 1806.365244][T22280] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1806.372011][T22280] comedi comedi3: 8255: I/O port conflict (0x20000001,4)
[ 1806.379684][T22280] comedi comedi3: 8255: I/O port conflict (0x400e1c8,4)
[ 1806.386761][T22280] comedi comedi3: 8255: I/O port conflict (0x6,4)
[ 1806.393437][T22280] comedi comedi3: 8255: I/O port conflict (0x7,4)
[ 1806.400402][T22280] comedi comedi3: 8255: I/O port conflict (0x6,4)
[ 1806.406972][T22280] comedi comedi3: 8255: I/O port conflict (0x6,4)
[ 1806.413717][T22280] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1806.420837][T22280] comedi comedi3: 8255: I/O port conflict (0xb,4)
[ 1806.427971][T22280] comedi comedi3: 8255: I/O port conflict (0x10,4)
[ 1806.435497][T22280] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1806.442041][T22280] comedi comedi3: 8255: I/O port conflict (0xef,4)
[ 1806.939402][T20544] Bluetooth: hci6: command tx timeout
[ 1807.248141][T20544] Bluetooth: hci2: command tx timeout
[ 1808.308179][T22305] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4084'.
[ 1808.645779][T22212] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1808.666216][T22212] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1808.680568][T22212] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1808.714999][T22212] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1808.753574][T22212] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1808.918559][T11789] bond1 (unregistering): Released all slaves
[ 1809.008016][T20544] Bluetooth: hci6: command tx timeout
[ 1809.164419][T11789] tipc: Left network mode
[ 1809.334972][T20544] Bluetooth: hci2: command tx timeout
[ 1809.540453][T22215] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1809.605855][T22215] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1809.614009][T22215] bridge_slave_0: entered allmulticast mode
[ 1809.622825][T22215] bridge_slave_0: entered promiscuous mode
[ 1809.725047][T22215] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1809.732892][T22215] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1809.744189][T22215] bridge_slave_1: entered allmulticast mode
[ 1809.753378][T22215] bridge_slave_1: entered promiscuous mode
[ 1810.662283][T11789] hsr_slave_0: left promiscuous mode
[ 1810.741183][T11789] hsr_slave_1: left promiscuous mode
[ 1810.828788][T11789] veth1_macvtap: left promiscuous mode
[ 1810.843685][T11789] veth0_macvtap: left promiscuous mode
[ 1810.849325][T20544] Bluetooth: hci3: command tx timeout
[ 1810.853852][T11789] veth1_vlan: left promiscuous mode
[ 1810.870272][T11789] veth0_vlan: left promiscuous mode
[ 1812.933306][T20544] Bluetooth: hci3: command tx timeout
[ 1813.914802][T22215] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1813.949145][T22215] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1814.362082][T22215] team0: Port device team_slave_0 added
[ 1815.089417][T20544] Bluetooth: hci3: command tx timeout
[ 1815.633384][T22215] team0: Port device team_slave_1 added
[ 1816.987347][T22215] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1816.987373][T22215] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1816.987407][T22215] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1816.990071][T22215] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1816.990090][T22215] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1816.990124][T22215] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1817.049478][T22393] 9pnet_fd: Insufficient options for proto=fd
[ 1817.168093][T22212] Bluetooth: hci3: command tx timeout
[ 1817.793701][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1817.915897][T22307] chnl_net:caif_netlink_parms(): no params data found
[ 1817.953265][T22215] hsr_slave_0: entered promiscuous mode
[ 1817.954252][T22215] hsr_slave_1: entered promiscuous mode
[ 1817.954935][T22215] debugfs: 'hsr0' already exists in 'hsr'
[ 1817.954955][T22215] Cannot create hsr debugfs directory
[ 1818.178641][T22390] tty tty35: ldisc open failed (-12), clearing slot 34
[ 1818.394987][T22401] netlink: 96 bytes leftover after parsing attributes in process `syz.6.4111'.
[ 1818.523259][T22407] loop7: detected capacity change from 0 to 256
[ 1818.673321][T22407] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[ 1820.377746][T22424] loop6: detected capacity change from 0 to 2048
[ 1820.448259][T22424] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1821.076749][T22307] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1821.313222][T22307] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1821.342290][T22307] bridge_slave_0: entered allmulticast mode
[ 1821.350924][T22307] bridge_slave_0: entered promiscuous mode
[ 1822.125572][T22428] 
[ 1823.193492][T11789] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1823.209561][T22450] netlink: 68 bytes leftover after parsing attributes in process `syz.9.4124'.
[ 1823.228565][T22450] netlink: 88 bytes leftover after parsing attributes in process `syz.9.4124'.
[ 1823.628506][T22307] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1823.648311][T22453] loop7: detected capacity change from 0 to 128
[ 1823.654954][T22307] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1823.669660][T22307] bridge_slave_1: entered allmulticast mode
[ 1823.677777][T22307] bridge_slave_1: entered promiscuous mode
[ 1824.094969][T11789] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1826.464124][T11789] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1826.591468][T22307] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1826.648279][T22307] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1826.718245][T11789] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1827.302414][T22307] team0: Port device team_slave_0 added
[ 1827.322000][T22307] team0: Port device team_slave_1 added
[ 1827.551892][T22307] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1827.568591][T22307] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1827.626332][T22307] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1827.760861][T22307] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1827.785427][T22307] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1827.840101][T22307] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1829.146849][T22307] hsr_slave_0: entered promiscuous mode
[ 1829.179694][T22307] hsr_slave_1: entered promiscuous mode
[ 1829.207363][T22307] debugfs: 'hsr0' already exists in 'hsr'
[ 1829.229533][T22307] Cannot create hsr debugfs directory
[ 1829.801280][T11789] gretap0: left allmulticast mode
[ 1829.820551][T11789] gretap0: left promiscuous mode
[ 1829.828646][T11789] bridge0: port 3(gretap0) entered disabled state
[ 1829.956256][T11789] bridge_slave_1: left allmulticast mode
[ 1830.277891][T11789] bridge_slave_1: left promiscuous mode
[ 1830.324802][T11789] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1830.351819][T11789] bridge_slave_0: left allmulticast mode
[ 1830.367996][T11789] bridge_slave_0: left promiscuous mode
[ 1830.376571][T11789] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1832.268259][T22542] loop7: detected capacity change from 0 to 2048
[ 1832.335517][T22542] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1832.571063][T11789] bond0 (unregistering): Released all slaves
[ 1832.912729][T22558] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4156'.
[ 1834.679021][T11789] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1834.695367][T11789] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1834.713353][T11789] bond0 (unregistering): Released all slaves
[ 1835.038961][T11789] bond1 (unregistering): Released all slaves
[ 1839.623197][T11789] tipc: Left network mode
[ 1841.095698][T22215] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1842.030738][T22604] comedi comedi3: 8255: I/O port conflict (0x7,4)
[ 1842.037726][T22604] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1842.450029][T22215] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1842.640510][T22215] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1843.771765][T22215] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1845.051667][T22640] vivid-003: =================  START STATUS  =================
[ 1845.060695][T22640] vivid-003: Radio HW Seek Mode: Bounded
[ 1845.067522][T22640] vivid-003: Radio Programmable HW Seek: false
[ 1845.074363][T22640] vivid-003: RDS Rx I/O Mode: Block I/O
[ 1845.080579][T22640] vivid-003: Generate RBDS Instead of RDS: false
[ 1845.087389][T22640] vivid-003: RDS Reception: true
[ 1845.093651][T22640] vivid-003: RDS Program Type: 0 inactive
[ 1845.100211][T22640] vivid-003: RDS PS Name:  inactive
[ 1845.106917][T22640] vivid-003: RDS Radio Text:  inactive
[ 1845.114048][T22640] vivid-003: RDS Traffic Announcement: false inactive
[ 1845.122423][T22640] vivid-003: RDS Traffic Program: false inactive
[ 1845.131412][T22640] vivid-003: RDS Music: false inactive
[ 1845.142816][T22640] vivid-003: ==================  END STATUS  ==================
[ 1845.458080][T11789] hsr_slave_0: left promiscuous mode
[ 1845.528177][T11789] hsr_slave_1: left promiscuous mode
[ 1845.534999][T11789] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1845.543022][T11789] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1845.569165][T11789] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1845.594457][T11789] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1845.678468][T11789] veth1_macvtap: left promiscuous mode
[ 1845.704624][T11789] veth1_vlan: left promiscuous mode
[ 1845.734713][T11789] veth0_vlan: left promiscuous mode
[ 1846.264320][T22642] loop6: detected capacity change from 0 to 2048
[ 1847.215074][T22642] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1861.736202][    C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[ 1862.734939][    C0] sched: DL replenish lagged too much
[ 1959.515705][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1959.522788][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5951/1:b..l
[ 1959.532228][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=124269, q=547 ncpus=2)
[ 1959.540181][    C0] task:kworker/u8:7    state:R  running task     stack:21640 pid:5951  tgid:5951  ppid:2      task_flags:0x4208060 flags:0x00080000
[ 1959.556433][    C0] Workqueue: iou_exit io_ring_exit_work
[ 1959.562043][    C0] Call Trace:
[ 1959.565334][    C0]  <TASK>
[ 1959.568278][    C0]  __schedule+0x1798/0x4cc0
[ 1959.572953][    C0]  ? __pfx___schedule+0x10/0x10
[ 1959.577919][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1959.584470][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 1959.589689][    C0]  preempt_schedule_notrace+0xd1/0x110
[ 1959.595191][    C0]  ? __pfx_preempt_schedule_notrace+0x10/0x10
[ 1959.601433][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1959.607119][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 1959.612343][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 1959.617678][    C0]  preempt_schedule_notrace_thunk+0x16/0x30
[ 1959.623640][    C0]  rcu_is_watching+0x7f/0xb0
[ 1959.628259][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 1959.633385][    C0]  lock_release+0x4b/0x3e0
[ 1959.637803][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1959.643443][    C0]  ? deref_stack_reg+0x19f/0x230
[ 1959.648403][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 1959.653543][    C0]  unwind_next_frame+0x19a9/0x2390
[ 1959.658674][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 1959.663825][    C0]  ? call_rcu+0x157/0x9c0
[ 1959.668188][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1959.674619][    C0]  arch_stack_walk+0x11c/0x150
[ 1959.679495][    C0]  ? kmem_cache_free+0x4b5/0x690
[ 1959.684511][    C0]  stack_trace_save+0x9c/0xe0
[ 1959.689226][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 1959.694613][    C0]  ? ret_from_fork_asm+0x1a/0x30
[ 1959.699569][    C0]  kasan_save_stack+0x3e/0x60
[ 1959.704266][    C0]  ? kasan_save_stack+0x3e/0x60
[ 1959.709132][    C0]  ? kasan_record_aux_stack+0xbd/0xd0
[ 1959.714518][    C0]  ? call_rcu+0x157/0x9c0
[ 1959.719178][    C0]  kasan_record_aux_stack+0xbd/0xd0
[ 1959.724768][    C0]  ? __pfx_slab_free_after_rcu_debug+0x10/0x10
[ 1959.730936][    C0]  call_rcu+0x157/0x9c0
[ 1959.735116][    C0]  ? __pfx_call_rcu+0x10/0x10
[ 1959.739811][    C0]  ? __io_req_caches_free+0x1c1/0x270
[ 1959.745204][    C0]  kmem_cache_free+0x4b5/0x690
[ 1959.750267][    C0]  __io_req_caches_free+0x1c1/0x270
[ 1959.755494][    C0]  io_req_caches_free+0x21/0x60
[ 1959.760365][    C0]  io_ring_exit_work+0x415/0x930
[ 1959.765343][    C0]  ? __pfx_io_ring_exit_work+0x10/0x10
[ 1959.771183][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1959.776837][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1959.782146][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[ 1959.787882][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[ 1959.793617][    C0]  process_scheduled_works+0xae1/0x17b0
[ 1959.799233][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1959.805225][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1959.811053][    C0]  worker_thread+0x8a0/0xda0
[ 1959.815696][    C0]  kthread+0x711/0x8a0
[ 1959.819788][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1959.824912][    C0]  ? __pfx_kthread+0x10/0x10
[ 1959.829510][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1959.835242][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1959.840461][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1959.846192][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1959.851408][    C0]  ? __pfx_kthread+0x10/0x10
[ 1959.856106][    C0]  ret_from_fork+0x4bc/0x870
[ 1959.860796][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1959.865921][    C0]  ? __switch_to_asm+0x39/0x70
[ 1959.870779][    C0]  ? __switch_to_asm+0x33/0x70
[ 1959.875764][    C0]  ? __pfx_kthread+0x10/0x10
[ 1959.880383][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1959.885177][    C0]  </TASK>
[ 1959.888195][    C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 10501 jiffies! g124269 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[ 1959.900618][    C0] rcu: 	Possible timer handling issue on cpu=1 timer-softirq=150781
[ 1959.908608][    C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g124269 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
[ 1959.920175][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1959.930423][    C0] rcu: RCU grace-period kthread stack dump:
[ 1959.936589][    C0] task:rcu_preempt     state:I stack:27120 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
[ 1959.948581][    C0] Call Trace:
[ 1959.951867][    C0]  <TASK>
[ 1959.954829][    C0]  __schedule+0x1798/0x4cc0
[ 1959.959492][    C0]  ? __pfx___schedule+0x10/0x10
[ 1959.964477][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1959.970215][    C0]  ? schedule+0x91/0x360
[ 1959.974477][    C0]  schedule+0x165/0x360
[ 1959.978667][    C0]  schedule_timeout+0x12b/0x270
[ 1959.983619][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 1959.989009][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 1959.994587][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1960.000422][    C0]  ? prepare_to_swait_event+0x341/0x380
[ 1960.006093][    C0]  rcu_gp_fqs_loop+0x301/0x1540
[ 1960.010964][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[ 1960.016023][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1960.021336][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1960.026886][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[ 1960.032104][    C0]  ? finish_swait+0xcd/0x1f0
[ 1960.036705][    C0]  rcu_gp_kthread+0x99/0x390
[ 1960.041308][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1960.046528][    C0]  ? __kthread_parkme+0x7b/0x200
[ 1960.051590][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1960.057266][    C0]  ? __kthread_parkme+0x1a1/0x200
[ 1960.062416][    C0]  kthread+0x711/0x8a0
[ 1960.066591][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1960.071885][    C0]  ? __pfx_kthread+0x10/0x10
[ 1960.076579][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1960.082251][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1960.087480][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1960.093232][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1960.098476][    C0]  ? __pfx_kthread+0x10/0x10
[ 1960.103111][    C0]  ret_from_fork+0x4bc/0x870
[ 1960.107891][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1960.113036][    C0]  ? __switch_to_asm+0x39/0x70
[ 1960.117821][    C0]  ? __switch_to_asm+0x33/0x70
[ 1960.122668][    C0]  ? __pfx_kthread+0x10/0x10
[ 1960.127271][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1960.132088][    C0]  </TASK>
[ 1960.135227][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1960.141682][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 1960.147113][    C1] NMI backtrace for cpu 1
[ 1960.147133][    C1] CPU: 1 UID: 0 PID: 22691 Comm: syz.7.4191 Not tainted syzkaller #0 PREEMPT(full) 
[ 1960.147158][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1960.147174][    C1] RIP: 0010:do_raw_spin_unlock+0x124/0x240
[ 1960.147215][    C1] Code: 80 3c 20 00 74 0c 48 c7 c7 d8 8d da 8d e8 94 ca 87 00 48 83 3d e4 92 3c 0c 00 0f 84 14 01 00 00 48 89 df e8 ee 2a ab 09 90 5b <41> 5c 41 5d 41 5e 41 5f 5d e9 f9 45 72 ff cc e8 c8 34 e8 02 85 c0
[ 1960.147234][    C1] RSP: 0018:ffffc90000a08c30 EFLAGS: 00000046
[ 1960.147255][    C1] RAX: 0000000000000001 RBX: ffff8880287bb2e8 RCX: 0000000000000001
[ 1960.147271][    C1] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880287bb2e8
[ 1960.147286][    C1] RBP: 1ffff110050f765e R08: ffff8880287bb2eb R09: 1ffff110050f765d
[ 1960.147303][    C1] R10: dffffc0000000000 R11: ffffed10050f765e R12: dffffc0000000000
[ 1960.147320][    C1] R13: 1ffff110050f765f R14: ffff8880287bb2f8 R15: ffff8880287bb2f0
[ 1960.147340][    C1] FS:  00007efeb3b6f6c0(0000) GS:ffff88812623b000(0000) knlGS:0000000000000000
[ 1960.147359][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1960.147375][    C1] CR2: 0000001b2e81eff8 CR3: 000000004e576000 CR4: 0000000000350ef0
[ 1960.147393][    C1] Call Trace:
[ 1960.147405][    C1]  <IRQ>
[ 1960.147418][    C1]  _raw_spin_unlock+0x1e/0x50
[ 1960.147450][    C1]  advance_sched+0x99f/0xc90
[ 1960.147487][    C1]  ? __pfx_advance_sched+0x10/0x10
[ 1960.147511][    C1]  __hrtimer_run_queues+0x52c/0xc60
[ 1960.147537][    C1]  ? ktime_get_update_offsets_now+0x67/0x3d0
[ 1960.147571][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1960.147610][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1960.147633][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1960.147673][    C1]  hrtimer_interrupt+0x45b/0xaa0
[ 1960.147717][    C1]  __sysvec_apic_timer_interrupt+0x10b/0x410
[ 1960.147748][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[ 1960.147782][    C1]  </IRQ>
[ 1960.147789][    C1]  <TASK>
[ 1960.147799][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1960.147823][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xa8/0x110
[ 1960.147854][    C1] Code: 74 05 e8 5b ab 7e f6 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4f f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 83 d9 46 f6 65 8b 05 dc 38 25 07 85 c0 74 40 48 c7 04 24 0e 36
[ 1960.147872][    C1] RSP: 0018:ffffc90003fdfa20 EFLAGS: 00000206
[ 1960.147892][    C1] RAX: 1a79f5fa6600e800 RBX: 0000000000000216 RCX: 1a79f5fa6600e800
[ 1960.147909][    C1] RDX: 0000000000000007 RSI: ffffffff8d70e43a RDI: 0000000000000001
[ 1960.147924][    C1] RBP: ffffc90003fdfab0 R08: ffffffff8f7cee77 R09: 1ffffffff1ef9dce
[ 1960.147941][    C1] R10: dffffc0000000000 R11: fffffbfff1ef9dcf R12: dffffc0000000000
[ 1960.147958][    C1] R13: ffff8880b8827ac0 R14: ffff8880b8827ac0 R15: 1ffff920007fbf44
[ 1960.147988][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1960.148019][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1960.148053][    C1]  clock_was_set+0x63b/0x7c0
[ 1960.148082][    C1]  ? __pfx___do_adjtimex+0x10/0x10
[ 1960.148115][    C1]  ? __pfx_clock_was_set+0x10/0x10
[ 1960.148145][    C1]  do_adjtimex+0x228/0x310
[ 1960.148180][    C1]  ? __pfx_do_adjtimex+0x10/0x10
[ 1960.148211][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1960.148254][    C1]  __x64_sys_clock_adjtime+0x211/0x2c0
[ 1960.148284][    C1]  ? __pfx___x64_sys_clock_adjtime+0x10/0x10
[ 1960.148321][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1960.148345][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1960.148376][    C1]  ? do_syscall_64+0xbe/0xfa0
[ 1960.148412][    C1]  do_syscall_64+0xfa/0xfa0
[ 1960.148444][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1960.148476][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1960.148497][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1960.148522][    C1]  ? exc_page_fault+0xab/0x100
[ 1960.148555][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1960.148576][    C1] RIP: 0033:0x7efeb2d8f749
[ 1960.148597][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1960.148615][    C1] RSP: 002b:00007efeb3b6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000131
[ 1960.148641][    C1] RAX: ffffffffffffffda RBX: 00007efeb2fe5fa0 RCX: 00007efeb2d8f749
[ 1960.148658][    C1] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000000
[ 1960.148672][    C1] RBP: 00007efeb2e13f91 R08: 0000000000000000 R09: 0000000000000000
[ 1960.148686][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1960.148700][    C1] R13: 00007efeb2fe6038 R14: 00007efeb2fe5fa0 R15: 00007ffdce120738
[ 1960.148729][    C1]  </TASK>