last executing test programs:

1m35.921549972s ago: executing program 1 (id=396):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000300)={[{@nobh}, {@auto_da_alloc}, {@data_err_ignore}], [{@hash}, {@fowner_eq}, {@permit_directio}, {@defcontext={'defcontext', 0x3d, 'root'}}, {@subj_user={'subj_user', 0x3d, 'overlay\x00'}}, {@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@hash}]}, 0x3, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
syz_mount_image$fuse(0x0, 0x0, 0x3000009, 0x0, 0x1, 0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
setsockopt$llc_int(r1, 0x10c, 0x5, &(0x7f0000000000)=0x47d, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = shmget$private(0x0, 0x8000, 0x10, &(0x7f0000ff5000/0x8000)=nil)
syz_emit_ethernet(0x3e, &(0x7f0000000580)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "02080a", 0x8, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[@routing={0x29}]}}}}}, 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1, 0x0, 0x2})
ioctl$vim2m_VIDIOC_STREAMOFF(r6, 0x40045612, &(0x7f0000000080)=0x2)
shmat(r5, &(0x7f0000ffc000/0x2000)=nil, 0x4000)
shmat(r5, &(0x7f0000ff9000/0x1000)=nil, 0x5000)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
shmget$private(0x0, 0x1000, 0x40, &(0x7f0000884000/0x1000)=nil)
read$FUSE(r0, &(0x7f0000006280)={0x2020}, 0x2020)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
setrlimit(0xa, &(0x7f0000000080)={0x7fa})
fchown(r0, 0x0, 0x0)

1m34.483085628s ago: executing program 1 (id=397):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = dup(r2)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="580000000206030000000000fffff000000000000900020073797a32000000000500040000000000050005000200000012000300686173683a6e65742c706f727400000005000100070000"], 0x58}}, 0x0)
time(&(0x7f0000000000))
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
mprotect(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
read$FUSE(0xffffffffffffffff, &(0x7f0000001a80)={0x2020}, 0x2020)
r6 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r6, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000940)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r4, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r7, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
creat(0x0, 0x0)
r8 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f0000000180)={0xaa, 0x300})
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1)

1m32.205191561s ago: executing program 1 (id=400):
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x40800)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8002, 0x20000000019}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[], 0xc)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mlock(&(0x7f0000007000/0x3000)=nil, 0x3000)
r4 = epoll_create(0x6)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r5, 0x0, 0x34, 0x0, &(0x7f00000001c0)=0x2)
epoll_pwait(r4, 0x0, 0x0, 0x1, 0x0, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000480)={@dev={0xfe, 0x80, '\x00', 0xfe}}, 0x14)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x1b, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}, 0x0, 0x2}, 0x20)
close(r6)

1m30.826630853s ago: executing program 1 (id=403):
r0 = syz_open_dev$loop(&(0x7f00000000c0), 0xa100, 0x40881)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000e00)=ANY=[], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x1e00, 0x60}, 0x94)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000002c0)=r2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000003c0)="d800000018007b18e00212ba0d8105040a0a1100fe0f040b067c55a1bc0009001e0006990300000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b01602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd601edef3d93452a92307f00000e97031e9f05e9f16e9cb5", 0xd2}, {&(0x7f00000004c0)="f80ec2e2badd", 0x6}], 0x2, 0x0, 0x0, 0x2663}, 0x0)
futex(0xfffffffffffffffc, 0x8, 0x10002, 0x0, 0x0, 0x20)
r3 = syz_usb_connect(0x0, 0x3f, &(0x7f00000012c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109024a0001100000000904000003fe03010009cd8d1f00020000000905050200067e001009058b1e", @ANYRESHEX], 0x0)
syz_usb_control_io$printer(r3, 0x0, &(0x7f0000001580)={0x1c, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
mlock2(&(0x7f0000627000/0x3000)=nil, 0x3000, 0x0)
syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f0000626000/0x5000)=nil, 0x5000)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r3)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000040))
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x77359400}}, 0x0)
setrlimit(0x1, &(0x7f0000000000))
prctl$PR_MPX_ENABLE_MANAGEMENT(0x2b)
r6 = fsopen(&(0x7f0000000300)='befs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
add_key(&(0x7f00000013c0)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000001c0)="643f5afef476128d578562ff52863848a2f64c918946e6ee7e0686bdc2939255347eb05b4308052d6240b981177886f94c17100575fbf6fa7f2cf4d1def3fb8f807580177b7d13fcb76eff300100", 0x4e, 0xffffffffffffffff)
r7 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x200)
ioctl$EVIOCSKEYCODE_V2(r7, 0x40284504, &(0x7f0000001100)={0x8, 0x2, 0x3, 0x6, "61b05fc6277a65c5e6a8b0a639755a022d84761a60489f2cabcb5c9735a79f8b"})
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000140)={'\x00', 0xfff8, 0x7f, 0x10000, 0xfff, 0x6})
ioctl$BLKTRACESTART(r0, 0x1274, 0x0)

1m24.499643413s ago: executing program 1 (id=408):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000080), 0x4)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000280)={0x2, 0x0, @local}, 0x10)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r2, 0x890b, &(0x7f0000000080)={@loopback={0xfec0ffff00000000}, @private1, @local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x280})
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
socket(0x10, 0x2, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000015c0)=@newtfilter={0x88c, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r8, {0x0, 0x1}, {}, {0xa, 0xa}}, [@TCA_RATE={0x6, 0x5, {0xff, 0x5}}, @filter_kind_options=@f_flow={{0x9}, {0x854, 0x2, [@TCA_FLOW_POLICE={0x850, 0xa, 0x0, 0x1, [@TCA_POLICE_RESULT={0x8, 0x5, 0x80}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1e0, 0x54, 0x0, 0x3, 0x47e, 0x9, 0x3, 0x8, 0x10, 0x7, 0x0, 0x0, 0x7, 0x40, 0xb083, 0x7, 0x3, 0xd0000000, 0x15, 0x1, 0x5, 0xe0000000, 0xe, 0x2e82, 0x2, 0x9, 0x1, 0x2, 0x6, 0x3, 0x2, 0x5, 0x7fff, 0x6, 0x8, 0x718, 0x2, 0x2, 0x6, 0xc3, 0x100, 0xfffffffe, 0x5, 0x6, 0xc, 0x2049b29, 0x6, 0x5, 0xbd, 0x7, 0x5197, 0xfff, 0x6, 0x7, 0x4, 0x88f, 0xffff, 0x8, 0x3ff, 0x7fff, 0x401, 0x4, 0x13, 0x7, 0x8, 0x10, 0xb0d1, 0x7ff, 0x4, 0x80, 0x8, 0x3, 0x1, 0x6454, 0x3, 0xffff, 0x3, 0x4, 0x80000000, 0x9, 0xe, 0x9, 0x10001, 0x40, 0x1, 0x4, 0x6, 0x7, 0x1149, 0x0, 0x3, 0x6, 0x3, 0x7, 0xea2f, 0x7, 0x2fbcbcdf, 0x2, 0x6, 0x9, 0x1, 0x3, 0xffffffff, 0x1, 0x4, 0xb18, 0x1, 0x800, 0x6, 0x9, 0xffffffff, 0xcaf, 0x3ff, 0x7, 0x11, 0x100, 0x2, 0x1, 0x7f, 0xbe, 0xc171, 0xfffffff7, 0x8, 0x0, 0x4a102091, 0xfffff9a7, 0x4, 0x8, 0x1, 0x9, 0x3, 0x91c, 0x329c, 0x3, 0x8, 0x7ff, 0x7, 0x9, 0xd6f, 0x7fffffff, 0x400, 0xef, 0x5, 0x41, 0x1, 0x5, 0x4, 0x9, 0x7, 0x5, 0x2, 0x903, 0xfffffffb, 0x1, 0x6, 0x9, 0x80000001, 0x10, 0x63c, 0xea, 0xe659, 0x10001, 0x101, 0x1, 0xffffffff, 0x1, 0x56, 0xf87, 0x5, 0x6, 0x1, 0x8, 0x5, 0x0, 0x3, 0x5904, 0xffffffda, 0x1, 0x80000000, 0x1, 0x4, 0x9, 0xb48, 0xfffffffa, 0x1ff, 0xc, 0x2, 0x6, 0x88, 0x2, 0x7, 0x5, 0x7, 0x7ff, 0x9, 0x8000, 0x600, 0x0, 0xac, 0xff, 0x6c1794d3, 0x0, 0xc, 0x10001, 0x0, 0x882a, 0x8, 0xe, 0x0, 0x7, 0x1, 0x9, 0x4, 0x431f763e, 0x1, 0x2, 0x80, 0x2, 0x4, 0x80000000, 0x5, 0x3, 0x7a2, 0x82c, 0x6a, 0x5, 0x1, 0xf, 0x52000000, 0x3, 0x7db, 0x2, 0x3, 0xffff, 0xfff, 0xfffffffd, 0x6, 0xffffff81, 0x5, 0x9, 0x2, 0x616b8048, 0x8, 0xfffffff2, 0x0, 0x4, 0xfffffffb, 0x9, 0x0, 0x7, 0x7c418a57, 0x73, 0xffff, 0x3, 0x0, 0x2a4]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xa, 0x7, 0x7, 0x7, 0x5, {0x15, 0x2, 0x200, 0x9, 0x7, 0x2}, {0x8, 0x1, 0x7fff, 0x5465, 0x4, 0x5a}, 0x3, 0x8001, 0x81}}, @TCA_POLICE_RATE={0x404, 0x2, [0x7, 0xe4, 0x1ff, 0x5, 0x8, 0x0, 0x6, 0x0, 0x7, 0x0, 0x8, 0xb3, 0x4, 0x7, 0x2, 0x8, 0x8, 0x3, 0x100, 0x4, 0xd5500, 0xca, 0x331, 0x8, 0x0, 0x7, 0xb091, 0x0, 0x7fff, 0x5, 0x0, 0xe00, 0x11, 0x1000, 0x2, 0xe, 0x4, 0x8, 0x7fff, 0x6, 0x1000, 0x7fffffff, 0x81, 0x9, 0x7, 0x3, 0x4, 0x8, 0x8, 0x1, 0x5bd, 0x3, 0x6, 0x1, 0x7, 0x2, 0x5, 0x3, 0x2, 0x2, 0x3, 0x4, 0x4, 0x33e774c4, 0x40000000, 0x0, 0x0, 0xcb5, 0x12, 0x3, 0x10000, 0x80000000, 0x0, 0x2, 0x9, 0x9, 0x3, 0xfffffffb, 0x4, 0x7, 0x5, 0x6, 0xffffffff, 0x1, 0x9, 0x81, 0x7b58, 0x9, 0x2, 0x1, 0x81, 0xfffffffe, 0xa, 0x0, 0xffffffff, 0x0, 0x9, 0x8b, 0x9, 0x4, 0x7bf, 0x5, 0x5, 0x3, 0x80, 0x9, 0x7fffffff, 0x2, 0x6, 0x4, 0x800, 0xa9a, 0x1, 0x1, 0x79ce, 0x3ff, 0x7ff, 0xffff, 0x1, 0x400, 0x1ff, 0x0, 0x0, 0x7, 0x9, 0x0, 0x8, 0xad, 0x7, 0x1ff, 0x9, 0x808, 0x5, 0x1, 0x8, 0x3, 0x1ff, 0x4, 0xb, 0x8, 0x7, 0x9, 0x6, 0x80, 0x2, 0xd0000000, 0x5, 0x6, 0x7, 0x6, 0x1, 0x4, 0x3, 0x9, 0x6, 0x5, 0x8, 0x80000001, 0x1ff16624, 0x6, 0x0, 0x1, 0x8, 0x3, 0x5, 0xdd3e, 0x3, 0x401, 0x9, 0x9, 0xff, 0x9, 0x609624be, 0x3, 0xa, 0xfffffffe, 0x7ff, 0x42d8, 0x200, 0x2, 0x200, 0x100, 0x5, 0x9, 0xd1f, 0x6, 0x5, 0x9, 0x8000, 0x8000, 0xffffffff, 0x7, 0x3, 0x1, 0x2, 0x200, 0x1, 0x55, 0x2de, 0xc2bb, 0x3, 0x5, 0x4, 0xe, 0x3ff, 0x4, 0x8, 0x105, 0xa0a6, 0xa, 0x8000, 0xffff, 0x8, 0x8, 0x9, 0x2, 0x8, 0x6, 0x858c, 0xb247, 0x6, 0x10000, 0x0, 0x4, 0x2, 0xf96, 0x2, 0x9, 0xd, 0x9, 0x1, 0xffffffff, 0x200, 0x3, 0x1, 0x3, 0x8, 0x4, 0xba44, 0x3, 0xe, 0x17, 0x73, 0x1, 0x7, 0xd, 0x9b, 0x8, 0x53e6, 0x80000001, 0x2, 0xffffffff, 0x6, 0x7, 0x1c, 0x5]}]}]}}]}, 0x88c}}, 0x20040000)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000000)={0x100000011, @multicast2, 0x0, 0x0, 'fo\x00', 0xb, 0x9, 0x70}, 0x2c)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x303}, "c4915c7f49541ce8", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", '\x00', "be0ea450d5a5fd03"}, 0x38)

1m10.137926912s ago: executing program 1 (id=427):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0xfffffffe}, 0x26})
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$sock_bt_hci(r3, 0x400448c9, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)}], 0x1, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(r5, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendto$inet(r5, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)
r6 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r6, 0x50009405, &(0x7f0000000040))
syz_usb_connect(0x2, 0x356, &(0x7f00000000c0)={{0x12, 0x1, 0x300, 0xc6, 0x5e, 0xb8, 0x78, 0x3149, 0x33ee, 0xc7ab, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x344, 0x2, 0x5a, 0x7, 0x20, 0x6, [{{0x9, 0x4, 0x4d, 0x3, 0x0, 0x8, 0x2, 0x50, 0x1, [@cdc_ncm={{0x5}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x100, 0x5, 0xff, 0xf8}, {0x6, 0x24, 0x1a, 0x774, 0x30}, [@network_terminal={0x7, 0x24, 0xa, 0x7, 0x0, 0x8, 0x2}, @mdlm_detail={0xcc, 0x24, 0x13, 0x96, "4bf2264e871e97cc6a3e495d7d4328bac19f4d92e11fb7c90595c003c736e13203a39e6baa43a539216b6d08deaa780ee204738a1c8e478d119566f549f1486a0f118601701ca6ca617ce960780d5ff93ed68119b8c00f69473347970d3357f4370dae2778a28a2f162fbdb93995183a9e005814d5268f04281601c0f2a206c516551dff0bd3bcb6b9e8170b7a91f44f0838ee8d81712cacb63842e2295d5ac2935f48d3bce0e3f65d2b121a522f7275f94e3d46d98376ddd4ae9a66aa4244c871ad5799e71e1b5c"}]}, @uac_as={[@format_type_ii_discrete={0xc, 0x24, 0x2, 0x2, 0x2, 0x7, 0x50, "a7972e"}, @format_type_i_discrete={0xa, 0x24, 0x2, 0x1, 0x6, 0x1, 0x16, 0x10, "8dab"}]}]}}, {{0x9, 0x4, 0x57, 0x6, 0x7, 0x9a, 0xec, 0x8a, 0x4, [@generic={0x2f, 0xd, "19d78cc8d65f068bdfc844399bb60a60f8ce4b78432e3225befda61ef60e34e2c06de92c9b93213e43a345fd7d"}], [{{0x9, 0x5, 0x7, 0xe, 0x8, 0x2, 0xb, 0x1, [@generic={0xc1, 0xd, "8d1a5575867d8510a422205b8fae4d6a567f67f3ce25f9955d25e4f28103288155ed5c13e567cace8455ad57dea890165077bccd5e586f4870d58cf4006552e340df817fc6f12cb83ce3f435fe8dc9b7c07905680fcd5d94769dbd95bef4bc04b2c920e25ae0a37f70f61d5e046b04063d118e4e104a8df762b3e3cca1d8cceb35a83df6eb2a5638255a52b2ba06db8175980d97b7dd93a1637202050636ea1fb48cf96b68648091733f8a0cf22923a8e9df1211c6c4850037a9a0982462d1"}]}}, {{0x9, 0x5, 0xd, 0xc, 0x200, 0x5, 0x10}}, {{0x9, 0x5, 0x9, 0x4, 0x40, 0x2, 0x4, 0x6}}, {{0x9, 0x5, 0xf, 0x1, 0x40, 0x7f, 0x41, 0x4, [@generic={0x2, 0x4}]}}, {{0x9, 0x5, 0x3, 0x0, 0x20, 0xff, 0x1, 0xfc, [@generic={0x69, 0x0, "d14a254936173c6910d1708bcd03abaa6e87850b06d499bbfd7316dd2dc58d8a255c6f04bf07425f456a281bd956427b9f37b9d986e354f270fee34bbc36fd0a5d6ec9f62ed72bd2f15a3ee56b47228a2297594e639038a3ee6644e96bd5b5b3c92a426ec25f85"}, @generic={0x2, 0x9}]}}, {{0x9, 0x5, 0xa, 0xc, 0x400, 0x3, 0x0, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x6, 0x1}, @generic={0x79, 0x7, "495fc6ddbf82bd97cc2f699ac115b5f19a118c7a2b3dddfe55dd6c644a2bcac8ba06ba7e9208304ba6a3df711019585311ba0d2414a28899871f6b202a61fc70a378a5059b55fbbf7eec5d21bb28e5ebe951360903ab4d4a0051f819a48bce91ca9d53ebea80806e8ed14288156319cf3a5d82952c707d"}]}}, {{0x9, 0x5, 0x6, 0x4, 0x400, 0x8, 0x5, 0xd, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x56, 0x3}]}}]}}]}}]}}, &(0x7f0000000700)={0xa, &(0x7f0000000600)={0xa, 0x6, 0x250, 0xfb, 0x4, 0x0, 0x20, 0x80}, 0x5, &(0x7f00000007c0)=ANY=[@ANYBLOB="010500400089034ab8f2e98ed2c335a796ddf2b282a9c371a3cd6ee21f14f8f054b560fae4ad0ead4e2299aa439749b0026dfbdd73b654d394b21ae22f703247d94c2a0c1b30c873729e62265cf82afa6d355686f0ee7c54b7f3fff064990ea1ed49408cf4f8a2c4f3c52a5dc7ca4e03"], 0x1, [{0x56, &(0x7f0000000740)=@string={0x56, 0x3, "0b3315b0c43405c3c152484e6a4795e701c6c56328478836077778953ab0f5849f759bdda57e620518d22b0ed16513cdd2265742cf470a175a456e18ab8262ae99f8b045d928c6bf248c67b3cf58f1575a2d74ad"}}]})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x32b}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_INTERVAL={0x8, 0x7, 0xe}, @IFLA_BOND_ARP_IP_TARGET={0x8, 0x8, 0x0, 0x1, [@multicast1]}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x40004)
sendmmsg$inet_sctp(r6, 0x0, 0x0, 0x8010)

53.079773778s ago: executing program 32 (id=427):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0xfffffffe}, 0x26})
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$sock_bt_hci(r3, 0x400448c9, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)}], 0x1, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(r5, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendto$inet(r5, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)
r6 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r6, 0x50009405, &(0x7f0000000040))
syz_usb_connect(0x2, 0x356, &(0x7f00000000c0)={{0x12, 0x1, 0x300, 0xc6, 0x5e, 0xb8, 0x78, 0x3149, 0x33ee, 0xc7ab, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x344, 0x2, 0x5a, 0x7, 0x20, 0x6, [{{0x9, 0x4, 0x4d, 0x3, 0x0, 0x8, 0x2, 0x50, 0x1, [@cdc_ncm={{0x5}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x100, 0x5, 0xff, 0xf8}, {0x6, 0x24, 0x1a, 0x774, 0x30}, [@network_terminal={0x7, 0x24, 0xa, 0x7, 0x0, 0x8, 0x2}, @mdlm_detail={0xcc, 0x24, 0x13, 0x96, "4bf2264e871e97cc6a3e495d7d4328bac19f4d92e11fb7c90595c003c736e13203a39e6baa43a539216b6d08deaa780ee204738a1c8e478d119566f549f1486a0f118601701ca6ca617ce960780d5ff93ed68119b8c00f69473347970d3357f4370dae2778a28a2f162fbdb93995183a9e005814d5268f04281601c0f2a206c516551dff0bd3bcb6b9e8170b7a91f44f0838ee8d81712cacb63842e2295d5ac2935f48d3bce0e3f65d2b121a522f7275f94e3d46d98376ddd4ae9a66aa4244c871ad5799e71e1b5c"}]}, @uac_as={[@format_type_ii_discrete={0xc, 0x24, 0x2, 0x2, 0x2, 0x7, 0x50, "a7972e"}, @format_type_i_discrete={0xa, 0x24, 0x2, 0x1, 0x6, 0x1, 0x16, 0x10, "8dab"}]}]}}, {{0x9, 0x4, 0x57, 0x6, 0x7, 0x9a, 0xec, 0x8a, 0x4, [@generic={0x2f, 0xd, "19d78cc8d65f068bdfc844399bb60a60f8ce4b78432e3225befda61ef60e34e2c06de92c9b93213e43a345fd7d"}], [{{0x9, 0x5, 0x7, 0xe, 0x8, 0x2, 0xb, 0x1, [@generic={0xc1, 0xd, "8d1a5575867d8510a422205b8fae4d6a567f67f3ce25f9955d25e4f28103288155ed5c13e567cace8455ad57dea890165077bccd5e586f4870d58cf4006552e340df817fc6f12cb83ce3f435fe8dc9b7c07905680fcd5d94769dbd95bef4bc04b2c920e25ae0a37f70f61d5e046b04063d118e4e104a8df762b3e3cca1d8cceb35a83df6eb2a5638255a52b2ba06db8175980d97b7dd93a1637202050636ea1fb48cf96b68648091733f8a0cf22923a8e9df1211c6c4850037a9a0982462d1"}]}}, {{0x9, 0x5, 0xd, 0xc, 0x200, 0x5, 0x10}}, {{0x9, 0x5, 0x9, 0x4, 0x40, 0x2, 0x4, 0x6}}, {{0x9, 0x5, 0xf, 0x1, 0x40, 0x7f, 0x41, 0x4, [@generic={0x2, 0x4}]}}, {{0x9, 0x5, 0x3, 0x0, 0x20, 0xff, 0x1, 0xfc, [@generic={0x69, 0x0, "d14a254936173c6910d1708bcd03abaa6e87850b06d499bbfd7316dd2dc58d8a255c6f04bf07425f456a281bd956427b9f37b9d986e354f270fee34bbc36fd0a5d6ec9f62ed72bd2f15a3ee56b47228a2297594e639038a3ee6644e96bd5b5b3c92a426ec25f85"}, @generic={0x2, 0x9}]}}, {{0x9, 0x5, 0xa, 0xc, 0x400, 0x3, 0x0, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x6, 0x1}, @generic={0x79, 0x7, "495fc6ddbf82bd97cc2f699ac115b5f19a118c7a2b3dddfe55dd6c644a2bcac8ba06ba7e9208304ba6a3df711019585311ba0d2414a28899871f6b202a61fc70a378a5059b55fbbf7eec5d21bb28e5ebe951360903ab4d4a0051f819a48bce91ca9d53ebea80806e8ed14288156319cf3a5d82952c707d"}]}}, {{0x9, 0x5, 0x6, 0x4, 0x400, 0x8, 0x5, 0xd, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x56, 0x3}]}}]}}]}}]}}, &(0x7f0000000700)={0xa, &(0x7f0000000600)={0xa, 0x6, 0x250, 0xfb, 0x4, 0x0, 0x20, 0x80}, 0x5, &(0x7f00000007c0)=ANY=[@ANYBLOB="010500400089034ab8f2e98ed2c335a796ddf2b282a9c371a3cd6ee21f14f8f054b560fae4ad0ead4e2299aa439749b0026dfbdd73b654d394b21ae22f703247d94c2a0c1b30c873729e62265cf82afa6d355686f0ee7c54b7f3fff064990ea1ed49408cf4f8a2c4f3c52a5dc7ca4e03"], 0x1, [{0x56, &(0x7f0000000740)=@string={0x56, 0x3, "0b3315b0c43405c3c152484e6a4795e701c6c56328478836077778953ab0f5849f759bdda57e620518d22b0ed16513cdd2265742cf470a175a456e18ab8262ae99f8b045d928c6bf248c67b3cf58f1575a2d74ad"}}]})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x32b}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_ARP_INTERVAL={0x8, 0x7, 0xe}, @IFLA_BOND_ARP_IP_TARGET={0x8, 0x8, 0x0, 0x1, [@multicast1]}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x40004)
sendmmsg$inet_sctp(r6, 0x0, 0x0, 0x8010)

23.122934255s ago: executing program 0 (id=467):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_io_uring_setup(0x2b06, 0x0, 0x0, &(0x7f0000ffe000))
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
sendfile(r0, r0, 0x0, 0x40008)
openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x8002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r2 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_MSG_GETTABLE(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001100)={0x20, 0x1, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x4008c}, 0x4004000)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000003c0)=0x2)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x2)
r6 = accept4(r2, 0x0, 0x0, 0x80800)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1}, 0x0)
syz_usb_connect$cdc_ecm(0x2, 0x56, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x44, 0x1, 0x1, 0x0, 0xc0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x3, 0x2, 0x2, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x4}, {0xd, 0x24, 0xf, 0x1, 0x9}}, {[{{0x9, 0x5, 0x81, 0x3, 0x20, 0x3, 0x7f, 0xff}}], {{0x9, 0x5, 0x82, 0x2, 0x0, 0x0, 0x1}}, {{0x9, 0x5, 0x3, 0x2, 0x0, 0x5}}}}}]}}]}}, 0x0)

17.776657456s ago: executing program 3 (id=471):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x2)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = add_key$keyring(0x0, &(0x7f0000000380)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$update(0x2, r1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sched_setscheduler(0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000007880)={0x1, 0x58, &(0x7f0000007800)}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0)
socket(0x400000000010, 0x3, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x1)
socket$packet(0x11, 0x3, 0x300)
socket$kcm(0x11, 0x200000000000002, 0x300)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000580)="39000000140081ae50003c00fbff008311001f9f660fcf065c05acb612f691f3bd3508abca1be6eeb89c44ebb37358582bb8b7d553b4e92155", 0x39}], 0x1}, 0x0)
recvmsg(r3, &(0x7f0000001c80)={0x0, 0x0, 0x0}, 0x2000)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(0xffffffffffffffff)
syslog(0x2, 0x0, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r4, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x4000)
r5 = syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0)
ioctl$MEDIA_IOC_ENUM_ENTITIES(r5, 0xc1007c01, 0x0)
syslog(0x4, &(0x7f00000000c0)=""/27, 0x1b)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})

17.433825584s ago: executing program 0 (id=472):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x1, 0x1}, 0x50)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, 0x0, &(0x7f0000000100))
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
r5 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x20000000000000)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000040)=0x6)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
close(0xffffffffffffffff)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), 0x0)
add_key(0x0, &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0x1, 0xfffffffffffffffe)
add_key(&(0x7f0000000000)='big_key\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000400)=ANY=[], 0x1df)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
bind$inet6(r6, &(0x7f0000d84000)={0xa, 0x2, 0x0, @empty, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r6, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r6, &(0x7f0000000340)='g', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @loopback}, 0x1c)
shutdown(r6, 0x1)

15.480751711s ago: executing program 0 (id=474):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000", @ANYBLOB, @ANYRES32=0x0, @ANYBLOB='\x00'/14], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000002e00)={0xc, 0x13, &(0x7f00000005c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x6, 0x8, &(0x7f00000002c0)="b80000050000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r2 = dup(r0)
write$UHID_INPUT(r2, &(0x7f0000001040)={0xc, {"f8ffffff4fc752f91b3e090987f70e06d038e7ff7fc6e5539b3264078b089b0e083871090890e0878f0e1ac6e7049b334c959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31360d3b5d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0aee29973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e821119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa177b3c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfdd95083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d780231c9c99a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dacc4c3f0008047096a44002bebc2421aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b346fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f068bb87af8b90fd8f08876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e20cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047499569373c0e23ef4df5c89644f48bb536f7945b59d7bcddff754420d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad039c2211f1033195563c7f93cd54b9094f226e783271e1e5a207c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d8c768f7971d31488b8658afc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae095ed3eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b281769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a897fe8e757a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f12f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3918c54e24b48ec027562d0687dc746b0827cbf6529006c6b95f2722e5655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2786f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f11aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7cb6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af22af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e51074b41bc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000022ff00", 0x1000}}, 0x1006)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/wireless\x00')
r4 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r4, &(0x7f0000000000)={0x2a, 0xffffffffffffffff, 0x7fff}, 0xc)
r5 = syz_io_uring_setup(0x49f, &(0x7f0000000540)={0x0, 0xff95, 0x400, 0x3, 0x289}, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r8 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r8, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r2, 0xa, 0x0, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r4, 0x0, 0x0})
io_uring_enter(r5, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
r9 = syz_init_net_socket$ax25(0x3, 0x3, 0xcd)
ioctl$SIOCAX25DELUID(r9, 0x89e2, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x12b383, 0x0)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='.\x00', &(0x7f0000000140)='zonefs\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f00000042c0)={0x2020}, 0x2020)
signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x2]}, 0x8, 0x0)

14.811998325s ago: executing program 3 (id=475):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000780)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000000000c02000000000000000000000d0000000000005f"], 0x0, 0x34}, 0x20)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1e, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00m\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0x8)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r1)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = socket$inet(0x2, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x8}, 0xffffffffffffff97)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x200002, 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000002700)=@raw={'raw\x00', 0x8, 0x3, 0x2a0, 0x208, 0x8, 0xfa04, 0x0, 0x6c02, 0x208, 0x194, 0x194, 0x208, 0x194, 0x3, 0x0, {[{{@ip={@empty=0x1e00, @broadcast, 0x0, 0x0, 'veth0_to_hsr\x00', 'veth0_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0xa0, 0xc8, 0x0, {0x0, 0x74020000}, [@common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x7a}}]}, @common=@inet=@TCPMSS={0x28}}, {{@ip={@multicast1, @rand_addr, 0x0, 0x0, 'batadv_slave_0\x00', 'pimreg\x00'}, 0x0, 0xf8, 0x140, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'amanda\x00'}}, @common=@unspec=@connlimit={{0x40}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x300)
socket$inet6(0xa, 0x1, 0x0)
r7 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000003c0)={0x0, 0x9, 0x8}, 0xc)
getdents(r7, &(0x7f0000001fc0)=""/184, 0xb8)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018c900002006000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000202070250000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r8, 0x0, 0xf, 0x0, &(0x7f0000000440)="0000000000000060145b4ebeada5df", 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000580)=ANY=[@ANYRESDEC=r2], &(0x7f0000000800)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x94)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x11, &(0x7f0000000100)={[{@data_ordered}, {@journal_checksum}, {@norecovery}, {@noquota}, {@nombcache}, {@data_err_abort}, {@journal_dev={'journal_dev', 0x3d, 0x5}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x611}}, {@nobh}]}, 0x8, 0x607, &(0x7f00000001c0)="$eJzs3c9vFFUcAPDvTH+36hZiVDxIE2MgUVpawBBjItwJwR83T5UWgiyU0BotklgSvJgYLx5MPHkQ/wsl8erBqwcvngwJMYaDGCJrZrtTtu1u2f7Y3bL7+SRD35th571p9tvv7Ns3MwF0rbHsnzRiX0RcSSIKVdt6o7JxbPn/3fv7+tlsSaJUevevJK5/lixV7yup/BypvPi/QiS/phF7e9a3O7947eJ0sTh7tVKfWLh0ZWJ+8dqhC5emz8+en7089frU8WNHjx2fPLyt40uryqdufvhx4YvT73//7YNk8offTydxIh5W+pYd19rXDmyr5ex3NhalZfer12e/1+Pb3Pdu8U8hf588kqxdwa51rvJ+7IuI56MQPVXv+kJ8/nZbOwc0VSmJPEcBXSfZUvwP7nxHgBbLzwPyz/a1Pgevlzb5rARohbsnlwcAlmO/LyLy+O9dHhuMwfLYwPC9ZNU4TxIR2xuZW5a18cvPp29mS9QZhwOaY+lGPt63Nv8n5dgcjcFybfheuir+06olW//OFtsfW1MX/9A6Szci4oVK/u+PTcX/WFX8f7DF9sU/AAAAAAAA7JzbJyPitVrz/9KV+T/9Neb/jETEiR1o//Hf/6V3KoVkB5oDqtw9GfFmzfm/K3N8R3sqtafL8wH6knMXirOHI+KZiDgYfQNZfXLNfqtnCB/6cu839dqvnv+XLVn7+VzAyp7u9K65EHdmemF6u8cNRNy9EfFief7v/sqa1fN/svyf1Mj/WXxfabCNva/cOlNv2+PjH2iW0ncRB2rm/0en28nG9+eYKJ8PTORnBeu99OlXP9ZrX/xD+2T5f3jj+B9Iqu/XM7+5/fdHxJHF3lK97Vs9/+9P3uvJ95/5ZHph4epkRH9yav36qc31GTpVHg95vGTxf/Dljcf/Vs7/q+JwKCKWGmzzuYcjf9TbJv9D+2TxP7Nx/h9dnf83X5i6NfpTvfbPNJT/j5Zz+sHKGuN/UG39/TgaDdC2dBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnnBpRDwVSTq+Uk7T8fGIkYh4NobT4tz8wqvn5j66PJNtKz//P82f9FtYrif58/9H8/pIcXaqun6hOHskIvZExNc9Q+X6+Nm54ky7Dx4AAAAAAAAAAAAAAAAAAAB2iZHyNf+lgbXX/2f+7Gl374Cm6638FO/QfXq3/MrSwI52BGi5rcc/8KRrPP77mtoPoPXqx//9B6WylnYHaCHn/9C9thj/vi6ADiD/Q7dqcExvsNn9ANpB/gcAAAAAgI6yZ//t35KIWHpjqLxk+ivbTPaHzpa2uwNA25jDC92rd67dPQDaxWd8IFkp/VvzYv/6s/+T5nQIAAAAAAAAAAAAAFjnwD7X/0O32vj6f3P7oZNtcP1/reB3uwDoIPUf/SH3Q6fzGR+6WqnQQLZ3/T8AAAAAAAAAAAAA7AKD1y5OF4uzV+cXn7zCW7ujGw0XhiJifmm63d3Y+cLD5uy5LyJ2xwG2upDfgqON3Wjz3yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDF/wEAAP//jiomig==")
r9 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x4c}}, 0x0)

14.743371221s ago: executing program 2 (id=476):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000040000000400000002"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r3, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff01800000"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f00000027c0)=ANY=[@ANYBLOB="38010000fe00002b094b5626245e5f82390ebe6263639c49f0a5c6"], 0x138)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$netlbl_unlabel(0x0, r7)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x48, r8, 0x1, 0x0, 0x0, {0x4, 0x74, 0x609}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x2}, @NLBL_UNLABEL_A_SECCTX={0x2b, 0x7, 'system_u:object_r:xconsole_device_t:s0\x00'}]}, 0x48}, 0x1, 0xffffffff00000003}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400))
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r5, 0x89f0, 0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r9}, 0x8)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_EVENTS(r10, 0x84, 0xb, &(0x7f0000000580), &(0x7f0000000180)=0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

12.537113879s ago: executing program 3 (id=477):
syz_emit_ethernet(0x56, &(0x7f0000000680)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd604dc58c00200600fe80000000000000000000000000001afe8000000000000000000000000000aafffe4001", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="8002fffd90780067162400ff000000705f5dffed"], 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_vs\x00')
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x200}, 0x0)
sendmmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x0, 0x2200000c)
quotactl_fd$Q_GETQUOTA(0xffffffffffffffff, 0xffffffff80000705, 0x0, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000780)="000000000000000000000000000000003e9b6b014840244ad20bdf0c481953085c7148735672aa8304be48894df17222785b40ed406bee0ee578ce30e30834fed6daec61f53517c3934ec32954dd384f73514b8c2c6307e917a0d12f6cdbe836d3de6884833e163d352ba1d483c9bd32e34ac377599a869aab6ee02d8e595b98b96e0050317efe079afda65afea53ee9bdbb4260fbbca3104ac0d3bc1ba62088489339f9cf04e26dac97c1faee23577612f5d1477a7f725cdb769e730bfb91722d2929ef496edf38fc62de2f8297763e98eed1eaad1abd5c380fd17d0ce5123732f2b6d285f3ddd27b02589176435a53690af6affb3fc614c47cbb9e6ea4c961cd0dcc65d6880c7bb21539e0134743d555ae6a6b96aa193714ea7676b7476eabe16abeb64dc481beeb3d8d0d32505f58c3bfcd9bb0589ecb202d1cee7833a859b7b0bffd93e249d234c9bc538ef9fa4cf2be92fe315c4e02021cb21c624cdf98d2eeeec7cb6bc777a0ffcc452edca3df64bc5ae48764b23735f65dc59ffe0f172d876bb862b0e64236f1e9aefc077a75cab138a81a7c4b647dbea844af00f9578070849ee70d1875a57f28aa0f5ab3c14cbd2edbaf93aad3cf941ba5baa3ba33f4cbc9342cdbdc253d69a3594c81fdc53b23351dd6179c1d5fd60c32f33412021079a40124bb6411a1b5cceb1fc972696ce14a36e90a6750372b9f4008b4c688897bbd1365384100a301", 0x20a)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1100000004e6ff0004000000027cc2a107edc5a1b8702e7bfe15bdccbdacb8c35f93f206f8bd9c0c"], 0x48)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000100)={0xffffffffffffffff, 0xfffffffffffffd2c, &(0x7f00000003c0)}, 0x10)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000007, 0x13, r2, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
syz_clone3(&(0x7f0000001240)={0x2d000000, 0x0, 0x0, 0x0, {0xe}, 0x0, 0x0, 0x0, &(0x7f0000001200)=[0x0], 0x1}, 0x58)

12.328008876s ago: executing program 2 (id=478):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x33, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='sched_switch\x00', r2}, 0x18)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x42, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b04, &(0x7f0000000480)={'wlan1\x00'})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300), &(0x7f0000000340)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r6], 0x1, 0x0, 0x0, <r7=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_SYNC_FILE(r4, 0xc01064c2, &(0x7f0000000400)={<r8=>0x0, 0x1, r7})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r5, 0xc01064c2, &(0x7f0000000440)={<r9=>0x0, 0x0, r7})
ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(r4, 0xc02064cc, &(0x7f0000000500)={r8, r9, 0x2})
close(0x3)
r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/15], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xf, 0x8, &(0x7f0000000040)=@framed={{0x18, 0x6, 0x0, 0x0, 0x2}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r10}, {}, {0x85, 0x0, 0x0, 0xbb}}]}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x3, 0x8, 0x2, 0xb}, 0x0, &(0x7f0000000280)={0x3ff, 0x0, 0x0, 0x400d, 0x0, 0x9, 0x466}, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

12.312051747s ago: executing program 0 (id=479):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000180)={0x84, @remote, 0x0, 0x0, 'lblc\x00'}, 0x2c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(0x0, 0x0)
syz_usb_connect$printer(0x2, 0x0, 0x0, 0x0)
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
getpid()
ioctl$sock_SIOCBRDELBR(r0, 0x89a2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=@newtaction={0x68, 0x30, 0x871a15abc695fa3d, 0x2000, 0x25dfdbff, {}, [{0x54, 0x1, [@m_ctinfo={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18, 0x3, {0x80000000, 0x8, 0x10000000, 0x20001, 0xa}}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0xa}]}, {0xfffffffffffffd8e}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x4}}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x8800}, 0x4040000)
getpid()
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/mdstat\x00', 0x0, 0x0)
io_setup(0x5, &(0x7f0000002340)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f00000014c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}])
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req3={0x20001000, 0x957e, 0x1000, 0x3a}, 0x1c)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400048c0}, 0x0)
setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f0000001280)={0x20000000000084, @remote, 0x0, 0x0, 'rr\x00'}, 0x2c)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0x0)
r6 = syz_open_dev$cec(0x0, 0x0, 0xa00)
ioctl$CEC_ADAP_S_LOG_ADDRS(r6, 0xc05c6104, &(0x7f0000004180)={"2370491d", 0x0, 0x5, 0x2, 0x8, 0x2008, "00005a6400fa001503fe00", "037ec42b", "00060002", "64bdac32", ["e86621d9cc668c391f77c506", "3549feff0000000100", "2fc7977286a7a0236a9cadf0", "cf6cce2296b3f853e224c4e0"]})
socket$can_j1939(0x1d, 0x2, 0x7)

8.362739956s ago: executing program 2 (id=480):
prlimit64(0x0, 0x4, &(0x7f0000000140)={0x8, 0x40008f}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
creat(0x0, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000002c0), 0x60100, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
memfd_create(&(0x7f0000000080)='\b\x9dF\xd8\b\xb3~u\xa5\"\xdc\xfdq\xf6c\r;\xfcO\x8c=\x81\xb1\x8aSpA\xd4\x98\x85D\x89>N\x8ar\x17O\x0fKR\xe2{mn\xcc\xbf2\xc0\xa7\x14\xd0\xd4\xfe/\x9e\xee\xe7\xd7E\xe9\t\x83\xdeNX\xec\xe66\x1b\x97\xe7\xe6\x97\xf9\xb3\xf6\xb9\v\xb5$\xee\x84\x1cn,B\xd5?\xe5E:+Pm\x1d\xb4\xb8', 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x25817000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
semctl$SEM_STAT(0x0, 0x3, 0x12, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000040)='udf\x00', 0x208000, 0x0)
r6 = openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$khugepaged_scan(r6, &(0x7f0000000140), 0x8)
socket$inet6(0xa, 0x1, 0x0)

8.045557181s ago: executing program 3 (id=481):
r0 = syz_open_dev$usbmon(&(0x7f0000000240), 0x8, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
r1 = syz_io_uring_setup(0x3e91, &(0x7f0000000300)={0x0, 0x5aa7, 0x10100, 0x1}, 0x0, &(0x7f00000002c0)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000280)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f00000001c0), 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x5113, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f00006c2000/0x1000)=nil, 0x1000, 0x5, 0x13, r0, 0x1e67e000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000140)={0x6, 'batadv_slave_1\x00', {0x8}, 0x5})
fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000200)=0x4)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdirat(0xffffffffffffffff, &(0x7f0000000180)='./file0/file0\x00', 0x0)
socket$inet6(0xa, 0x1, 0x8010000000000084)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
lseek(r4, 0x6, 0x0)
getdents(r4, &(0x7f0000000000)=""/100, 0x64)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSBRKP(r5, 0x5425, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TIOCGPGRP(r5, 0x5437, 0x0)
syz_init_net_socket$ax25(0x3, 0x5, 0x0)
gettid()
ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0xc397e)

7.296492412s ago: executing program 2 (id=482):
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r4, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000340)={r5, 0x0, 0x0, 0x0, 0x1, [<r6=>0x0], [0x0, 0x7], [0x0, 0x80000002, 0x2], [0x0, 0x0, 0x1, 0x1]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000080)={r6, 0x0, <r7=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r7})
close_range(r0, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r8 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mkdir(&(0x7f0000005740)='./file0\x00', 0x3b)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
request_key(&(0x7f00000001c0)='asymmetric\x00', &(0x7f0000000200)={'syz', 0x2}, &(0x7f0000000240)='1', 0xfffffffffffffffa)
write$6lowpan_enable(r8, &(0x7f0000000080)='1', 0x1)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCVHANGUP(r9, 0x5437, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)

7.111036766s ago: executing program 0 (id=483):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x0, 0x0, 0x20493859, 0x0, 0x0, 0x0, 0x5, 0xfeedcafe, 0x3, 0x7}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = socket(0x3, 0xa, 0x6)
select(0x40, &(0x7f0000000400)={0x9, 0x3, 0x80000000, 0x0, 0x7, 0x201}, 0x0, 0x0, &(0x7f0000000100)={0x0, 0xea60})
mount$tmpfs(0x0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040), 0x1200040, &(0x7f00000000c0)=ANY=[@ANYBLOB='mpol=local'])
close(0x3)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x80000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, 0x0)
r4 = socket$netlink(0x10, 0x3, 0xa)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000400)={0x0}, 0x1, 0x0, 0x0, 0x44811}, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB], 0x58}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000280)={'batadv_slave_0\x00', <r5=>0x0})
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc)
r6 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x87)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x580000a, 0x13, r6, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x12, 0x4, &(0x7f0000000200)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', r5, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r8 = dup(r7)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS32(r8, 0xc0245720, 0x0)

6.052537532s ago: executing program 3 (id=484):
r0 = socket(0x400000000010, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000280), 0xffffffffffffffff)
r4 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_control(r4, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRESDEC=r0], 0x50)
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f00000000c0)={'pcmmio\x00', [0x4f27, 0x0, 0x4, 0x4, 0x5, 0x5, 0x4, 0x7, 0x54c6cff3, 0xfd, 0x2, 0x1, 0x1, 0x1, 0x6, 0x101, 0x0, 0x7f, 0x3, 0x40000003, 0x89, 0xcaa3, 0x0, 0x20001e5b, 0x3, 0xe66, 0x3, 0x8, 0x4086, 0x0, 0xfffffff8]})
r6 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x10000041, 0x8527, 0x9, 0x6, 0x2e, 0x0, 0x3, 0xa3}, 0x0)
bind$x25(r6, &(0x7f0000000e00), 0x12)
write(r6, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
syz_clone(0x70001400, &(0x7f0000000680)="b8d66760bc0870ad3834c2ead03d359a819561cb517b7714f47d11a2f175da420e7f9ceeffb0dbf9f9fd154a0762cf98125df49371810000000000000041d07407de319f451dc4978accc886238862c1b0ede1b85191e06d59bbc98db860a0d4908bf1e555e2e0a6fc53a6e3aaf587d8223557f455443f1ffc7d13376bb4dc1c9e89f0b2015146ea53676242e70be79bd3f13fb62b465812c1a151fa1162d106f4b5bc5247440765cd3017f24b140cd6d04a4c92841bc738cc66127532a48f7ad6d207d47f82d8a7616d4ffa91570220947ed32a00baba86f463943b5877013fad53027c58e48900801cf05b69186fab6efdb8bd2ef11ea5b3019fa92f5cccc4e2cdc7a805a6d8608d82f5cf0101bbcc6da72efc0bd4252815defc2adbc7c05173fc68b68793484490aa08348a8f2abcd7ecacc6ed3c6c72ab71fa8056", 0x13d, &(0x7f0000000480), &(0x7f00000004c0), &(0x7f0000000e40)="a96f1d7b4dd9769cd098ca712fe44e01c165aef383e88501f2637635c93ecb91d6c93279bd209a65d8f7b6b32e2fc3e84495e5a1bd64280fb4af194b4062828f403945130770d6e75bd68786a97391c6082086a701796ea5bf169a24105cdff577a5464e85e2004b11bc251176efe619ce8a5f0aaf348220b35daa8f3b5553924c4854d9d57d2a280db1d291a8a09b1246ae38a389649e1159ae3c030524fef2f72f8b626c2dd8ae28b2848b86ad887df1fdb7a205e39ed8c213da6f3d676558db61f2a89d4021e52eadf88bd31f97bce710b90d7e3603e56a15a37047720ae74b32443849f332867f17d6a02d5980cc1648ebfa6149134832696d202ea8eae4b4f7e4dc8f7939675bad4ec93e499a2d7f672d32d2a1dc3029faa1e8b6a2b3c7b2fe53d9b58392832e5673aeedc682993ca32187f78f1cc2b9184c10ce3e236b9a248a3976eeaa9d73b45ec67d59a74887bac269e4b7c5d46a8e7d89b38f4af654f292508fbccd4318e8ef5ecbd6ebf5fc4dd17808ba97e303e82485ce7f5f9452034c49daec6a1da149be76e1b7cc6887c95a76cfc6f3056a1c316f7fa850760c3fab4dee90c76eaa6c0c309677981a7d6cfbc79d7a6ea9223090b62acccb4c147bca8028296c019a7300bc278ff946c5341dbc3556a1c1b9be38e97029027863e4633721b6dc17b90abd36e80fddbec467d1cd29fbf584cc6a6b3d026f408bb3b11cdd3918ff3f8f8a7b2ec280a2fc4785fed9914ccb81ac62131bf9563be5418b3efd7d1e34604cf0326d4ec817e66b417829abbc58120507fdd51b3dc013f03fc4b506cab9017d749e4174627a7ce39b63378c786a1e82fcd49e2998f351b7a43610435a54966c3400ad6e02910c5c02e5153914bebfa78e1db89d9668c1be2fc68e99a21f6fdbba9c53b49167a42937a40aae02fc1eccbb95fed863460da1ccdd61e7a6ae4fdbf1a2dbe3116e589792e7adc75c36868544911c8d766c10bfc4bb80a99ec68065474107a511e59ad7748579b4ab491f5e44023c117b21458e1a0ef33a5f7eae738c50e1890c3b49269c87ed9cc0c736c5f60dc25be602d5ed4fca3dfb02a91e3751f5f2eb8aed32886b5321c1d7f0c1526afab89527d87e5d3a2d9b1ab231fa2ea4ede63b901222f6fb99bc3480039e75ef617ae059b06318b07ac11dde43d829dca72a2e9c09d75bdc3926fe1913ec6aea95cce95e472e74c777f3b1c6e0c6ccd0c513e7c4c672b8e4d608b11f8a7d900e1db64f21c9430bb0dc9a99cb98ec151b3c0a7f1f2fa465e0b6be1eb665d98828ca6a92d7fc02c8b4701bf9589f6fd22a8112587fabcec76435c119ad7a18de597b566a2e07c34a29e3776a94a04e6e74a25cf3786c695d913dc33b4181c9698acc108605a5389e23be60651ec8eb691dbbe3f3dee3a80fe890ddb92e64e9cba5fcd089d9824889d2ea757d632e71a3d127a439f4017f42e81767b86aabcc4ec70720beb6d701ad53ec7c4b2dd98a35522621478f6d9eb27bf762f1bb74ebb8668d5e0f3d0875065a32ba721198bda832264a89be1774caea7da4bc13630f429519aa9a6e28bd8878b9733efe59a377e519574d8c5a8eb472a1093f7c478c29dfebbf6a22a907fef7e25327e680d66ec37c6b7f6708358584d98857f1de9ef312f05847403320e32996bd88d8b7e24d26693ecd0c54df9e2cecfc946476226ba7c9abab4bd06372fe74791c6e43e74dde06e958fc3a64c5303f1c8b285447dc8b2d40f25b3a2a992420d6655bb15c8305dd81a1eea9ce6f432e6c63613c95a6fe1c93463aeb8574ed4a7883687d3fdb6e80dfe1f73219da717fb1d1b3eab3b534eeb41aa605c044fd69c1057eeb111390cead31a451ae7633cca027944d37cf378f389d69d4fcb8c16e32c1706ae8780948176a4a872f118e47ce7a39485db4b6f582308b9305c3952779a666329a613787053587a0b129dc997a4a2ebfab0d719eae7f260ab8c9e10dbbbc7176753116c5264f7c45a00397b317d42a85f6c6d03d5cc42fca20e5ff46f7679ac9087a9b3d1ff551178ffc1d5095d69cc522cce3f3539d143bc8a715209dc2742a43f230bbb06f72be894849072699a7ecd4f56b94550b223f4614a2cbd9e8241469631996ad6022009f0b4fe23f8dcb3539844e706f599ef17283e05e27c403d00fc028117512f208b3eaaaae6425fd815c9856c4eb0de9ba7d43bee8e945710259285890e12d8610635281c0a5028748549be0a155b2d6dcefd2359432bff080b6558a1b82168111e4e4499e2860265a358d74dad2f1ed931001fb03c432a9aaeb2fdb5a2f77310bd5eedafce0e351328162685745bc0d894e041558e4a824b9f4fe3493e63eecc4bd33c043ff77305d2fdcbf75d46458f24bfa355225286ce82d28ed1ac71adca3950a62a3030bcaaa0c9d9445d88d1d0fa007b5908e932f3f3c07e53a41dff8a3ef3a481e60190a015322ddf025d3197abd802a9d2e0c197e5b9871d714bc1357c4caee2a22cac6c2087c5472deed9442e4c9a10d6b1744ad8360ee8d3d7cad7e8f9f6fddf28b3b253cb789d3bdc1e3557ab15f24cbd369e4cf3a9f401de7484e80ae82da731199b9dee55599833d67b1a98772582600b4e3cc59796242445ca54c3200a1f794fc8527b4711d62bd020686d12fc12190de6535a30d54bbca23066d8181add5781c5c60201e9075d57cf250d2589b025ece634612311588e90dbc0082d1b68079f55b882c8d6d304f13e97d7ea1f20570e118d53924d6e01feb8804da4104cc5f71ca9ce41e704a53aee2662a32dc4a693d650b4324997b5f2ece387ca130dbbd52db4dada694b967e9b06cd04804dad1907f326ae80440a218b97d5534417259920f442bd6ce9b4387343cc410e692bd94cf3ca3b973673005233e011936e307dd677a6654412a51b87526a4bf0da067b67e176d7239422f7f6d9dc4b885bd72bf3dda3acff44b40278f6223795bc29826031df87b03f9a63e07bdf96ab1e5f135ee681ac9e9bbe135ce282c902866fa650c454fc6e73054c5b5f1318094e71f113afe8c68f962a584a14a2b696af2477a7585b8b0ffbefbe6e045d292fd9e89a722fe26b386c85fc5fc8e3516037570faabb112470f84b161f7cec61cc9532bca17a64a13f6c7cdb2fb8900dd0636750a5cf9783e4de77c5f83d0412712bf9b9bbec8739a6a5688e97dd34dd586d8ff7647d981418cd3a62ba6e42d14477b0b2ec05bf2e0bc68989464b3b3a75a6ade41bf3832459ee878e61c3f9f6713f15c67a06cd0e99101853fa52bf491a8c91346196e60a0952022f5a7b06fc31f27aa6909a1f55d980d5ba93dedc861e792d6f01ad64b11e3b15e97eb59514e9c26895a2e7f716b5af18de822d15e06d5c92a9fb84e56a80766695fc46d980a83b4a11fa1c3ce2283a813aa406750554c675004e0759dcc86e0abf3054fcc06dd7c8c01595ada51343d26ad8f68b72ab9fd526d737c7889f5cb2404122f8fd60e9772f621602330a9cd86b8e7c9fd883e5a319100bbb39ecfc0ebd4207d0aadb37e53d26a7c1709b423646faf5629dd29718efee2d0f98923546344e9ffa4045500cd5bfe7466ee71dbe68fa924861f1ab75d2404f980c8c0dc5321983ef4b774b9dca9dea456a290f1975a4d46717bb27d2fc273e4916964f130547821cd246d651cef93c714f55afc09d36278f8739ef1b72a9b7489f99d3a25142792210ad34024e53545ac19ad263992d3af6a37e059bb5996d139e5d28af6b12724ea95eadda6911a1ea398d3591ede85692da6abeb6a20370e360865b32781480420d612be268ede1a449218c6073a5629c828c976a2901e52d6de4bda7b2d6a88d26910aa3340d68e466144d600f32d3fc0b83d08fc7e3b71270a60fe923ba91949916f5d6c6c908c24ad0174458c1e4ce775a0faf9c957222d17c7af0944b481e9267bb318b1fd09838052821a60d31e16a879c6fa790c11bb7673223cdd5e70415072458274ca4e0c77908e8f4faa991cfaeee9c339a357e3a4890d511b2b8e6e843b4e19ed8ae77ffcc0eddbad27c6f753fd6cdb64c81508a1c80028b0b88f8c3fefaa2077858e54466136ce89c8da397c75b282e41e678b4b02250c55d173177e293dc15cc666bbcbe657ca9cdc1bb5925efe24c0007abf38b8f64ec58ef52c4dcd555473c12c6cce15c05d656e10660768e9af41642a2c2744765ef394a777644f52d0d10f90bd31cfd8c29efec88fa8333b4aeb8f2d364dc7ad36c561c649446cdf289e420a93aab274a9d3a3f96f95f8c0624ce12d59aa8eac684bdbeb52c5f12cfb532432746155ed5d99ac6caca224ce218c2d7592794b76872c8f63f5243fecbd1cda2f416543f9da24a75bf87faaa4d782307eeddb387b63afcdb546cf7942bc2eb5ba6097c8ee7c0171546b97f6c94cfbbe8470a2502332c4adcbca4d54cac7d9d82f04797cae90d1d53eafa6f74cce247106561522b45767c8bc92ae35515b6089750a1b3d9980599c43efc9fb5800344158d020bd16ab42bea94023f87bedb887156f1935c2c9b03d8768cb3e857ff0e84b250a093bd584f7901b39488dcfe5871144d94e7d0932a3ffde58be0bab66a349758fbcc58aeac2e95e7985d9cc640a32c50aa6e58cbc2e8e6cf42fd6ff5fac7912f95edaf5f1d7c3cf81541f4e416726c0717195e7be75a4141b3b94bc1aa5fb10bf3bd11bc7227fd6bd4d570ff81a74d7d6504c6ab46b501b332d3c6bf98d013aa264d635843df0ed68dd1611670f542bee4f7d0882fbb42ae6ca720b1350e3d22847d13231835b7be74b0f7b4a044104c3256b8406e3c47444144e44d4eb93a6779cb98cee41168e22ec7ac198727d7de7a3b1040200e4b68198f98afeb76c1994288eb5ace80ac82a1715458a1bc054900d98c4d309b5fd3d8fd3dfb6cd90b6381a5d738140cac757755efd057e3c918640d7c59d5f310c90ebca72ed4d125c46ff5bd3dba5bb7d07957f6872cd5e145ce786626706787cbd77aa99cddec96b7e00f4ab1bb15adb394a834ac18b194828babb3f64023dca386b0461b36b944d04e8cf897b65ed09636e0b66ccab622ce098fe6f1a90b12709f897439f2551c19e848611cc7ab494871256daad0321abec170da9d87dac86e6284063f39568ffb99bb8c9e36d4e7a1c13c5c52f46c5452816a46bdf9d2ffd9fb56d9ba8c096ba4f3aac971469d9e9b330d16b1e042cf9ea7177dd334a3a9639c7c3fcf1175f58b5620761d1b747b42fc3542740b91803e182a58f270153a2bef46410030e8c63a5b4405d719fd302510857adb7e6d10933e6aa2f48c0ef71bea443836e0bd551b3")
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048054}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan1\x00'})
sendmsg$NL80211_CMD_DEL_KEY(r0, 0x0, 0x1)

3.315681903s ago: executing program 2 (id=485):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000780)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000000000c02000000000000000000000d0000000000005f"], 0x0, 0x34}, 0x20)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1e, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00m\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0x8)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r1)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = socket$inet(0x2, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x8}, 0xffffffffffffff97)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x200002, 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000002700)=@raw={'raw\x00', 0x8, 0x3, 0x2a0, 0x208, 0x8, 0xfa04, 0x0, 0x6c02, 0x208, 0x194, 0x194, 0x208, 0x194, 0x3, 0x0, {[{{@ip={@empty=0x1e00, @broadcast, 0x0, 0x0, 'veth0_to_hsr\x00', 'veth0_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0xa0, 0xc8, 0x0, {0x0, 0x74020000}, [@common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x7a}}]}, @common=@inet=@TCPMSS={0x28}}, {{@ip={@multicast1, @rand_addr, 0x0, 0x0, 'batadv_slave_0\x00', 'pimreg\x00'}, 0x0, 0xf8, 0x140, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'amanda\x00'}}, @common=@unspec=@connlimit={{0x40}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x300)
socket$inet6(0xa, 0x1, 0x0)
r7 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000003c0)={0x0, 0x9, 0x8}, 0xc)
getdents(r7, &(0x7f0000001fc0)=""/184, 0xb8)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018c900002006000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000202070250000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r8, 0x0, 0xf, 0x0, &(0x7f0000000440)="0000000000000060145b4ebeada5df", 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000580)=ANY=[@ANYRESDEC=r2], &(0x7f0000000800)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x94)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x11, &(0x7f0000000100)={[{@data_ordered}, {@journal_checksum}, {@norecovery}, {@noquota}, {@nombcache}, {@data_err_abort}, {@journal_dev={'journal_dev', 0x3d, 0x5}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x611}}, {@nobh}]}, 0x8, 0x607, &(0x7f00000001c0)="$eJzs3c9vFFUcAPDvTH+36hZiVDxIE2MgUVpawBBjItwJwR83T5UWgiyU0BotklgSvJgYLx5MPHkQ/wsl8erBqwcvngwJMYaDGCJrZrtTtu1u2f7Y3bL7+SRD35th571p9tvv7Ns3MwF0rbHsnzRiX0RcSSIKVdt6o7JxbPn/3fv7+tlsSaJUevevJK5/lixV7yup/BypvPi/QiS/phF7e9a3O7947eJ0sTh7tVKfWLh0ZWJ+8dqhC5emz8+en7089frU8WNHjx2fPLyt40uryqdufvhx4YvT73//7YNk8offTydxIh5W+pYd19rXDmyr5ex3NhalZfer12e/1+Pb3Pdu8U8hf588kqxdwa51rvJ+7IuI56MQPVXv+kJ8/nZbOwc0VSmJPEcBXSfZUvwP7nxHgBbLzwPyz/a1Pgevlzb5rARohbsnlwcAlmO/LyLy+O9dHhuMwfLYwPC9ZNU4TxIR2xuZW5a18cvPp29mS9QZhwOaY+lGPt63Nv8n5dgcjcFybfheuir+06olW//OFtsfW1MX/9A6Szci4oVK/u+PTcX/WFX8f7DF9sU/AAAAAAAA7JzbJyPitVrz/9KV+T/9Neb/jETEiR1o//Hf/6V3KoVkB5oDqtw9GfFmzfm/K3N8R3sqtafL8wH6knMXirOHI+KZiDgYfQNZfXLNfqtnCB/6cu839dqvnv+XLVn7+VzAyp7u9K65EHdmemF6u8cNRNy9EfFief7v/sqa1fN/svyf1Mj/WXxfabCNva/cOlNv2+PjH2iW0ncRB2rm/0en28nG9+eYKJ8PTORnBeu99OlXP9ZrX/xD+2T5f3jj+B9Iqu/XM7+5/fdHxJHF3lK97Vs9/+9P3uvJ95/5ZHph4epkRH9yav36qc31GTpVHg95vGTxf/Dljcf/Vs7/q+JwKCKWGmzzuYcjf9TbJv9D+2TxP7Nx/h9dnf83X5i6NfpTvfbPNJT/j5Zz+sHKGuN/UG39/TgaDdC2dBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnnBpRDwVSTq+Uk7T8fGIkYh4NobT4tz8wqvn5j66PJNtKz//P82f9FtYrif58/9H8/pIcXaqun6hOHskIvZExNc9Q+X6+Nm54ky7Dx4AAAAAAAAAAAAAAAAAAAB2iZHyNf+lgbXX/2f+7Gl374Cm6638FO/QfXq3/MrSwI52BGi5rcc/8KRrPP77mtoPoPXqx//9B6WylnYHaCHn/9C9thj/vi6ADiD/Q7dqcExvsNn9ANpB/gcAAAAAgI6yZ//t35KIWHpjqLxk+ivbTPaHzpa2uwNA25jDC92rd67dPQDaxWd8IFkp/VvzYv/6s/+T5nQIAAAAAAAAAAAAAFjnwD7X/0O32vj6f3P7oZNtcP1/reB3uwDoIPUf/SH3Q6fzGR+6WqnQQLZ3/T8AAAAAAAAAAAAA7AKD1y5OF4uzV+cXn7zCW7ujGw0XhiJifmm63d3Y+cLD5uy5LyJ2xwG2upDfgqON3Wjz3yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDF/wEAAP//jiomig==")
r9 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x4c}}, 0x0)

3.198737943s ago: executing program 3 (id=486):
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@remote, @in=@broadcast, 0xfffc, 0x0, 0x0, 0x0, 0xa, 0x0, 0x100}, {0x0, 0x0, 0x0, 0x0, 0x800000000}}, {{@in6=@mcast2, 0x0, 0x2b}, 0x0, @in=@empty}}, 0xe8)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[], 0x10}}, 0x0)
sendmsg$key(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x10}}, 0x0)
close(r3)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b80000001d0001"], 0xb8}}, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000000c0)=0xff)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x7f)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r5, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r5, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
ioctl$KDGKBENT(r2, 0x4b46, &(0x7f0000000080)={0x7, 0x8})
setsockopt$sock_int(r5, 0x1, 0x12, &(0x7f0000000140)=0x2, 0x4)
close(0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)

3.008887017s ago: executing program 0 (id=487):
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
ioctl$SIOCAX25ADDFWD(r0, 0x89ea, &(0x7f0000000040)={@default, @default})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb3d68000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$CEC_RECEIVE(0xffffffffffffffff, 0xc0386106, &(0x7f0000000180)={0x1, 0x1, 0x0, 0x6, 0x0, 0x0, "5debca561a5fbf61048955f6f876b2ff"})
r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000800)={r4, r4, r4}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}})
write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0)
io_uring_register$IORING_REGISTER_RING_FDS(0xffffffffffffffff, 0x13, 0x0, 0x0)
openat$rtc(0xffffff9c, &(0x7f0000000380), 0x2, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r6=>0x0})
r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r6}, 0x90)
r8 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000003140), 0x48)
syz_usb_connect(0x0, 0x24, &(0x7f0000000400)=ANY=[@ANYBLOB="12010000b912f1205f0500a81d720102030f09021200010004"], 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000800)={{r8}, &(0x7f0000000780), &(0x7f00000007c0)=r7}, 0x20)

1.60342ms ago: executing program 4 (id=438):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x9}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000003e000701feffffff00000000017c0000040042800c00018006000600894f00"], 0x44}, 0x1, 0x0, 0x0, 0x40040c0}, 0xc000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r3, 0x8914, &(0x7f0000000000))
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r4, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
socket(0x2, 0x80805, 0x0)
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r5, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @default}, 0x1c)
connect$rose(r5, &(0x7f0000000100)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, [@null, @null, @null, @default, @bcast, @default]}, 0x40)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000380)={0x0, 0x0, 0x10}, 0xc)

0s ago: executing program 2 (id=495):
socket(0x2, 0x3, 0x100000001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000180)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x4481, 0x0)
ioctl$sock_bt_hci(0xffffffffffffffff, 0x800448d3, &(0x7f00000004c0))
openat$sysfs(0xffffffffffffff9c, 0x0, 0x7d1e02, 0x90)
sendfile(r3, r1, 0x0, 0x101)
socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x7f, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x2c)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000a00)=@raw={'raw\x00', 0x3c1, 0x3, 0x468, 0x170, 0x1170, 0x1170, 0x0, 0x1170, 0x398, 0x1398, 0x1398, 0x398, 0x1398, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast2}, @remote, [], [], 'veth0_vlan\x00', 'veth0_to_hsr\x00', {}, {}, 0x84, 0x0, 0x0, 0x10}, 0x0, 0x128, 0x170, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x0, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x3, 0x0, 0x4e20], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc]}}, @common=@unspec=@connmark={{0x30}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@multicast2, 'netpci0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0xffffff00, 0xffffffff, 0xff000000, 0xff], [0xffffffff, 0xff, 0x0, 0xff], 'syzkaller1\x00', 'hsr0\x00', {0xff}, {}, 0x3a, 0x4, 0x5, 0x46}, 0x0, 0x1e0, 0x228, 0x0, {}, [@common=@rt={{0x138}, {0x1, [], 0x0, 0x0, 0x0, [@empty, @dev={0xfe, 0x80, '\x00', 0x43}, @remote, @remote, @private2, @rand_addr=' \x01\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private1, @mcast1, @empty, @remote, @mcast2, @empty, @rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @remote], 0x1}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', {0x100000000}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4c8)

kernel console output (not intermixed with test programs):

87.652652][ T5785] hsr_slave_0: entered promiscuous mode
[   87.662061][ T5785] hsr_slave_1: entered promiscuous mode
[   87.687638][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.695704][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.722321][ T5790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.733254][ T5788] Bluetooth: hci2: command tx timeout
[   87.759658][ T5796] team0: Port device team_slave_0 added
[   87.790120][ T5789] hsr_slave_0: entered promiscuous mode
[   87.796940][ T5789] hsr_slave_1: entered promiscuous mode
[   87.803534][ T5789] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   87.811881][ T5788] Bluetooth: hci3: command tx timeout
[   87.818319][ T5789] Cannot create hsr debugfs directory
[   87.858270][ T5796] team0: Port device team_slave_1 added
[   87.990290][ T5790] hsr_slave_0: entered promiscuous mode
[   88.001950][ T5790] hsr_slave_1: entered promiscuous mode
[   88.008773][ T5790] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   88.021415][ T5790] Cannot create hsr debugfs directory
[   88.027967][ T5796] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.035534][ T5796] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.062375][ T5796] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.100646][ T5796] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.107791][ T5796] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.134433][ T5796] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.313616][ T5796] hsr_slave_0: entered promiscuous mode
[   88.321128][ T5796] hsr_slave_1: entered promiscuous mode
[   88.327843][ T5796] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   88.336154][ T5796] Cannot create hsr debugfs directory
[   88.581601][ T5785] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   88.610025][ T5785] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   88.623108][ T5785] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   88.633878][ T5785] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   88.739588][ T5790] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   88.762553][ T5790] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   88.780724][ T5790] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   88.791547][ T5790] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   88.879619][ T5789] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   88.893545][ T5789] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   88.917962][ T5789] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   88.930290][ T5789] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   89.044637][ T5796] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   89.062390][ T5785] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.077150][ T5796] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   89.090485][ T5796] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   89.101985][ T5796] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   89.172567][ T5785] 8021q: adding VLAN 0 to HW filter on device team0
[   89.232114][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.239912][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.282567][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.298252][   T61] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.305595][   T61] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.366660][ T5790] 8021q: adding VLAN 0 to HW filter on device team0
[   89.398567][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.423859][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.431167][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.444464][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.451710][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.554753][ T5789] 8021q: adding VLAN 0 to HW filter on device team0
[   89.580532][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.588079][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.603727][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.611194][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.645819][ T5788] Bluetooth: hci0: command tx timeout
[   89.722531][ T5796] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.725514][ T5788] Bluetooth: hci1: command tx timeout
[   89.805707][ T5788] Bluetooth: hci2: command tx timeout
[   89.864741][ T5796] 8021q: adding VLAN 0 to HW filter on device team0
[   89.885297][ T5788] Bluetooth: hci3: command tx timeout
[   89.927808][ T1083] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.935136][ T1083] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.998512][ T1083] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.005820][ T1083] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.204052][ T5790] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.274388][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.344857][ T5790] veth0_vlan: entered promiscuous mode
[   90.387184][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.410060][ T5790] veth1_vlan: entered promiscuous mode
[   90.493045][ T5796] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.512660][ T5790] veth0_macvtap: entered promiscuous mode
[   90.530659][ T5790] veth1_macvtap: entered promiscuous mode
[   90.581119][ T5785] veth0_vlan: entered promiscuous mode
[   90.592800][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.612218][ T5789] veth0_vlan: entered promiscuous mode
[   90.638442][ T5789] veth1_vlan: entered promiscuous mode
[   90.650258][ T5785] veth1_vlan: entered promiscuous mode
[   90.679144][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.724477][ T5790] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.738969][ T5790] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.748476][ T5790] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.758901][ T5790] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.801210][ T5785] veth0_macvtap: entered promiscuous mode
[   90.862568][ T5789] veth0_macvtap: entered promiscuous mode
[   90.886444][ T5785] veth1_macvtap: entered promiscuous mode
[   90.893402][ T5796] veth0_vlan: entered promiscuous mode
[   90.937390][ T5796] veth1_vlan: entered promiscuous mode
[   90.944697][ T5789] veth1_macvtap: entered promiscuous mode
[   90.994283][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.019468][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.031372][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.042899][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.054675][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.069342][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.080801][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.091449][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.104643][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.120379][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.167726][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.180862][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.193969][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.205690][ T2953] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.213849][ T2953] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.229659][ T5796] veth0_macvtap: entered promiscuous mode
[   91.243654][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.254835][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.266100][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.277802][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.289410][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.311372][ T5785] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.320907][ T5785] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.331663][ T5785] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.341024][ T5785] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.360552][ T5789] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.370139][ T5789] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.379334][ T5789] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.388464][ T5789] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.402607][ T5796] veth1_macvtap: entered promiscuous mode
[   91.493074][ T5796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.515140][ T5796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.529882][ T5796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.540993][ T5796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.552944][ T5796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.563775][ T5796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.578324][ T5796] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.613029][ T5796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.628631][ T5796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.640023][ T5796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.657504][ T5796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.671531][ T5796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.683380][ T5796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.701960][ T5796] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.723755][ T5796] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.733925][ T5788] Bluetooth: hci0: command tx timeout
[   91.740672][ T5796] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.749504][ T5796] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.758572][ T5796] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.805499][ T5788] Bluetooth: hci1: command tx timeout
[   91.866139][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.874086][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.888035][ T5788] Bluetooth: hci2: command tx timeout
[   91.938189][ T2953] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.959294][ T2953] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.965202][ T5788] Bluetooth: hci3: command tx timeout
[   92.016466][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.041980][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.247628][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.299999][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.386715][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.418121][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.098442][    T8] cfg80211: failed to load regulatory.db
[   93.207938][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.245965][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.752177][ T5892] atomic_op ffff88807c3ab998 conn xmit_atomic 0000000000000000
[   93.899583][ T5788] Bluetooth: hci0: command tx timeout
[   93.920511][   T51] Bluetooth: hci1: command tx timeout
[   94.068886][ T5788] Bluetooth: hci2: command tx timeout
[   94.074880][ T5788] Bluetooth: hci3: command tx timeout
[   94.498351][ T5898] syz.1.6[5898]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   97.175815][ T5916] =======================================================
[   97.175815][ T5916] WARNING: The mand mount option has been deprecated and
[   97.175815][ T5916]          and is ignored by this kernel. Remove the mand
[   97.175815][ T5916]          option from the mount to silence this warning.
[   97.175815][ T5916] =======================================================
[   97.815767][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   97.895394][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   98.895572][ T5926] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  100.926477][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  101.616591][ T5945] process 'syz.3.15' launched '/dev/fd/7' with NULL argv: empty string added
[  101.743252][ T5944] overlayfs: missing 'lowerdir'
[  104.125472][ T5870] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  104.136137][    T0] NOHZ tick-stop error: local softirq work is pending, handler #102!!!
[  104.256058][    T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!!
[  104.264769][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  104.779420][ T5961] Zero length message leads to an empty skb
[  104.917053][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  104.942687][ T5870] usb 1-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  105.034083][ T5870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.111903][ T5870] usb 1-1: Product: syz
[  105.156883][ T5870] usb 1-1: Manufacturer: syz
[  105.224743][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  105.247583][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  105.381200][ T5870] usb 1-1: SerialNumber: syz
[  105.475779][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  106.482816][ T5870] usb 1-1: config 0 descriptor??
[  106.556236][ T5870] usb 1-1: can't set config #0, error -71
[  106.607003][ T5870] usb 1-1: USB disconnect, device number 2
[  106.764159][ T5965] warning: `syz.2.21' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  106.870800][ T5965] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5
[  112.636900][ T6000] netlink: 4 bytes leftover after parsing attributes in process `syz.1.28'.
[  112.646728][ T6000] netlink: 4 bytes leftover after parsing attributes in process `syz.1.28'.
[  112.655765][ T6000] netlink: 4 bytes leftover after parsing attributes in process `syz.1.28'.
[  112.664931][ T6000] netlink: 4 bytes leftover after parsing attributes in process `syz.1.28'.
[  112.674077][ T6000] netlink: 4 bytes leftover after parsing attributes in process `syz.1.28'.
[  112.683201][ T6000] netlink: 4 bytes leftover after parsing attributes in process `syz.1.28'.
[  112.692285][ T6000] netlink: 4 bytes leftover after parsing attributes in process `syz.1.28'.
[  112.701898][ T6000] netlink: 4 bytes leftover after parsing attributes in process `syz.1.28'.
[  112.710852][ T6000] netlink: 4 bytes leftover after parsing attributes in process `syz.1.28'.
[  112.719908][ T6000] netlink: 4 bytes leftover after parsing attributes in process `syz.1.28'.
[  112.880125][ T6004] xt_CT: You must specify a L4 protocol and not use inversions on it
[  113.085020][    C0] sched: RT throttling activated
[  113.570913][ T6010] comedi comedi0: Minor 3 could not be opened
[  115.360804][ T6022] loop1: detected capacity change from 0 to 512
[  115.620921][ T6022] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  115.635410][ T6022] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  117.176938][ T6022] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  117.178094][ T6022] EXT4-fs: failed to create workqueue
[  117.193797][ T6022] EXT4-fs (loop1): mount failed
[  117.523135][ T6034] loop3: detected capacity change from 0 to 64
[  117.645596][ T6034] hfs: unable to load codepage "cp94)"
[  117.651494][ T6034] hfs: unable to parse mount options
[  117.706089][ T6037] loop0: detected capacity change from 0 to 64
[  118.491179][ T6043] __nla_validate_parse: 44 callbacks suppressed
[  118.491260][ T6043] netlink: 1 bytes leftover after parsing attributes in process `syz.3.36'.
[  118.984355][ T6047] batman_adv: batadv0: Adding interface: dummy0
[  118.995257][ T6047] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  119.154868][ T6047] batman_adv: batadv0: Interface activated: dummy0
[  119.186164][ T6047] batadv0: mtu less than device minimum
[  119.188493][ T6047] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  119.190875][ T6047] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  119.193155][ T6047] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  119.195473][ T6047] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  119.197710][ T6047] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  119.199979][ T6047] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  119.202342][ T6047] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  119.204576][ T6047] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  119.206883][ T6047] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  119.866031][ T6056] netlink: 20 bytes leftover after parsing attributes in process `syz.0.37'.
[  119.866058][ T6056] netlink: 4 bytes leftover after parsing attributes in process `syz.0.37'.
[  120.204321][ T6065] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  120.660283][ T6069] Bluetooth: MGMT ver 1.22
[  121.067849][ T6074] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  125.366808][ T6098] syz.0.47 uses obsolete (PF_INET,SOCK_PACKET)
[  125.475587][ T6094] netlink: 'syz.3.48': attribute type 10 has an invalid length.
[  125.504049][ T6094] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  129.285106][ T5798] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  130.839316][ T5798] usb 3-1: Using ep0 maxpacket: 8
[  133.414333][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  133.421684][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  133.611474][ T5798] usb 3-1: unable to get BOS descriptor or descriptor too short
[  133.620673][ T5798] usb 3-1: unable to read config index 0 descriptor/start: -71
[  133.628576][ T5798] usb 3-1: can't read configurations, error -71
[  133.753379][ T6165] bridge1: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  134.061740][ T6165] syz.0.62 (6165) used greatest stack depth: 19848 bytes left
[  134.070203][   T27] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  134.528579][ T6173] kernel profiling enabled (shift: 7)
[  134.755417][   T27] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  134.926907][   T27] usb 4-1: config 0 has no interfaces?
[  135.321367][   T27] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  135.332066][   T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.364577][   T27] usb 4-1: config 0 descriptor??
[  135.651638][ T6175] syzkaller1: entered allmulticast mode
[  135.855594][ T6180] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  136.270864][ T6185] netlink: 4 bytes leftover after parsing attributes in process `syz.3.63'.
[  136.280936][ T6185] net_ratelimit: 11 callbacks suppressed
[  136.280976][ T6185] netlink: zone id is out of range
[  136.292152][ T6185] netlink: set zone limit has 4 unknown bytes
[  139.009723][   T27] usb 4-1: USB disconnect, device number 2
[  140.558185][ T6196] loop1: detected capacity change from 0 to 32768
[  143.097949][ T6220] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  144.228391][ T6231] loop2: detected capacity change from 0 to 256
[  144.738733][ T6231] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  144.755568][ T6231] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  145.520989][ T6231] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  145.606070][   T28] audit: type=1800 audit(1755204146.807:2): pid=6229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.74" name="file1" dev="loop2" ino=1048592 res=0 errno=0
[  146.944320][ T6251] netlink: 416 bytes leftover after parsing attributes in process `syz.1.78'.
[  148.017804][ T6259] netlink: 12 bytes leftover after parsing attributes in process `syz.2.80'.
[  149.152451][ T6270] loop3: detected capacity change from 0 to 256
[  149.394679][ T6264] tipc: Started in network mode
[  149.399938][ T6264] tipc: Node identity 4, cluster identity 4711
[  149.408871][ T6264] tipc: Node number set to 4
[  150.349345][ T6275] loop2: detected capacity change from 0 to 4096
[  151.306681][ T6275] ntfs: volume version 3.1.
[  153.807101][ T6299] loop2: detected capacity change from 0 to 256
[  153.895758][ T6299] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  154.025596][ T6299] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  154.203487][ T6299] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  155.239852][ T6313] loop1: detected capacity change from 0 to 512
[  155.306061][ T6313] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  155.429651][ T6313] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c01c, mo2=0002]
[  156.180223][ T6313] System zones: 1-12
[  156.636221][ T6313] EXT4-fs (loop1): Can't support bigalloc feature without extents feature
[  156.636221][ T6313] 
[  156.755033][ T6313] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features
[  156.796521][ T6313] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  159.703934][   T28] audit: type=1326 audit(1755204158.357:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6327 comm="syz.0.95" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f751218ebe9 code=0x0
[  160.310589][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.087438][ T6360] xt_NFQUEUE: number of total queues is 0
[  166.192658][ T6391] loop2: detected capacity change from 0 to 128
[  166.203349][ T6391] EXT4-fs: Ignoring removed nobh option
[  167.111336][ T6391] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  167.128099][ T6391] ext4 filesystem being mounted at /22/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  167.331471][ T6396] loop1: detected capacity change from 0 to 512
[  167.348506][ T6396] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  167.364042][ T6396] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  167.413999][ T6396] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  167.426167][ T5796] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  167.431272][ T6396] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  167.449730][ T6396] System zones: 0-2, 18-18, 34-35
[  167.461047][ T6396] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.035062][ T6401] capability: warning: `syz.3.109' uses deprecated v2 capabilities in a way that may be insecure
[  169.038640][ T6402] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.108: bg 0: block 353: padding at end of block bitmap is not set
[  169.092271][ T6394] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 353: padding at end of block bitmap is not set
[  169.544450][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.073837][ T6430] loop1: detected capacity change from 0 to 512
[  172.124560][ T6430] ext4: Unknown parameter 'smackfshat'
[  178.006493][ T6463] netlink: 'syz.0.121': attribute type 1 has an invalid length.
[  178.006591][ T6463] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.121'.
[  179.968269][ T6475] 9pnet_virtio: no channels available for device syz
[  180.349010][ T6477] netlink: 'syz.0.124': attribute type 21 has an invalid length.
[  180.357800][ T6477] netlink: 8 bytes leftover after parsing attributes in process `syz.0.124'.
[  183.113290][ T6492] netlink: 28 bytes leftover after parsing attributes in process `syz.2.129'.
[  183.123034][ T6492] netlink: 28 bytes leftover after parsing attributes in process `syz.2.129'.
[  183.146946][ T6492] batadv0: entered promiscuous mode
[  183.573132][ T6492] batadv_slave_1: entered promiscuous mode
[  183.713137][ T6492] batadv_slave_1: left promiscuous mode
[  184.188934][ T6492] batadv0: left promiscuous mode
[  184.285647][ T6498] loop3: detected capacity change from 0 to 512
[  184.327032][ T6498] EXT4-fs: Ignoring removed oldalloc option
[  184.702112][ T6498] EXT4-fs (loop3): failed to open journal device unknown-block(0,0) -6
[  184.745328][ T6507] netlink: 16 bytes leftover after parsing attributes in process `syz.1.131'.
[  185.434271][ T6510] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  186.754328][ T6498] loop3: detected capacity change from 0 to 512
[  186.784861][ T6498] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  186.814385][ T6498] EXT4-fs (loop3): failed to open journal device unknown-block(128,0) -6
[  188.160153][ T6522] loop3: detected capacity change from 0 to 4096
[  188.280387][ T5791] I/O error, dev loop3, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  189.181855][ T6535] dns_resolver: Unsupported server list version (0)
[  190.627570][ T6537] lo speed is unknown, defaulting to 1000
[  190.633886][ T6537] lo speed is unknown, defaulting to 1000
[  190.642363][ T6537] lo speed is unknown, defaulting to 1000
[  190.654815][ T6537] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  190.669721][ T6537] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  190.900619][ T6537] lo speed is unknown, defaulting to 1000
[  190.908896][ T6537] lo speed is unknown, defaulting to 1000
[  190.916142][ T6537] lo speed is unknown, defaulting to 1000
[  190.922983][ T6537] lo speed is unknown, defaulting to 1000
[  192.553169][ T6556] input: syz1 as /devices/virtual/input/input7
[  192.662416][ T6556] netlink: 'syz.0.140': attribute type 4 has an invalid length.
[  192.670425][ T6556] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.140'.
[  192.834726][ T6564] netlink: 4 bytes leftover after parsing attributes in process `syz.3.144'.
[  192.845211][ T6564] netlink: 4 bytes leftover after parsing attributes in process `syz.3.144'.
[  192.856382][ T6564] netlink: 4 bytes leftover after parsing attributes in process `syz.3.144'.
[  192.867005][ T6564] netlink: 4 bytes leftover after parsing attributes in process `syz.3.144'.
[  192.878547][ T6564] netlink: 4 bytes leftover after parsing attributes in process `syz.3.144'.
[  192.889125][ T6564] netlink: 4 bytes leftover after parsing attributes in process `syz.3.144'.
[  192.900701][ T6564] netlink: 4 bytes leftover after parsing attributes in process `syz.3.144'.
[  192.916860][ T6564] netlink: 4 bytes leftover after parsing attributes in process `syz.3.144'.
[  192.929770][ T6564] netlink: 4 bytes leftover after parsing attributes in process `syz.3.144'.
[  193.824976][ T6569] loop3: detected capacity change from 0 to 1024
[  193.885190][ T6569] EXT4-fs (loop3): can't mount with data_err=abort, fs mounted w/o journal
[  193.951818][ T5786] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  194.339834][ T6569] loop3: detected capacity change from 0 to 32768
[  194.347493][ T6569] XFS: ikeep mount option is deprecated.
[  194.598840][ T6569] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  194.857319][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  194.873459][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  194.935350][ T6569] XFS (loop3): Ending clean mount
[  194.955266][ T6569] XFS (loop3): Quotacheck needed: Please wait.
[  195.190690][ T6569] XFS (loop3): Quotacheck: Done.
[  195.298518][ T6591] loop1: detected capacity change from 0 to 128
[  195.515058][   T28] audit: type=1326 audit(1755204196.717:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed7d8ebe9 code=0x7ffc0000
[  195.615741][ T6590] loop0: detected capacity change from 0 to 40427
[  195.651657][ T6590] F2FS-fs (loop0): invalid crc value
[  195.661900][ T6591] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  195.748240][ T6591] ext4 filesystem being mounted at /34/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  196.246517][ T6590] F2FS-fs (loop0): Found nat_bits in checkpoint
[  196.303055][ T6590] F2FS-fs (loop0): Start checkpoint disabled!
[  196.385512][   T28] audit: type=1326 audit(1755204196.717:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed7d8ebe9 code=0x7ffc0000
[  196.454653][ T6590] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  196.524043][   T28] audit: type=1326 audit(1755204196.757:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7fbed7d8ebe9 code=0x7ffc0000
[  196.586074][   T28] audit: type=1326 audit(1755204196.757:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed7d8ebe9 code=0x7ffc0000
[  196.608717][   T28] audit: type=1326 audit(1755204196.757:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed7d8ebe9 code=0x7ffc0000
[  196.631063][   T28] audit: type=1326 audit(1755204196.757:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fbed7d8ebe9 code=0x7ffc0000
[  196.654452][   T28] audit: type=1326 audit(1755204196.757:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed7d8ebe9 code=0x7ffc0000
[  196.679466][   T28] audit: type=1326 audit(1755204196.847:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed7d8ebe9 code=0x7ffc0000
[  196.928183][   T28] audit: type=1326 audit(1755204196.907:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbed7d85ba7 code=0x7ffc0000
[  196.972544][   T28] audit: type=1326 audit(1755204196.917:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.3.145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbed7d2add9 code=0x7ffc0000
[  197.536359][ T6585] ALSA: mixer_oss: invalid OSS volume ''
[  197.576617][ T5785] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  199.316881][ T6604] F2FS-fs (loop0): Unrecognized mount option "space_cache=v2" or missing value
[  200.102386][ T5790] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  202.335248][ T6618] __nla_validate_parse: 44 callbacks suppressed
[  202.335268][ T6618] netlink: 16 bytes leftover after parsing attributes in process `syz.2.155'.
[  202.351452][ T6618] netlink: del zone limit has 8 unknown bytes
[  203.053731][   T61] kworker/u4:5: attempt to access beyond end of device
[  203.053731][   T61] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  203.090914][   T61] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  203.103373][   T61] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  204.293951][ T6632] random: crng reseeded on system resumption
[  206.136773][ T6646] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  208.552053][ T6650] loop1: detected capacity change from 0 to 40427
[  208.569348][ T6650] F2FS-fs (loop1): Wrong SSA boundary, start(3584) end(4096) blocks(0)
[  208.577819][ T6650] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  208.609189][ T6650] F2FS-fs (loop1): invalid crc value
[  208.660692][ T6650] F2FS-fs (loop1): Found nat_bits in checkpoint
[  208.721473][ T6650] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  208.728926][ T6650] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  212.351736][ T6676] loop0: detected capacity change from 0 to 512
[  212.372365][ T5793] Bluetooth: hci2: command 0x0406 tx timeout
[  212.378925][ T5793] Bluetooth: hci0: command 0x0406 tx timeout
[  212.385386][ T5793] Bluetooth: hci1: command 0x0406 tx timeout
[  212.635031][ T6676] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  213.380799][ T6676] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  213.485242][ T6676] EXT4-fs (loop0): 1 truncate cleaned up
[  213.492485][ T6676] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  214.047750][ T6686] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  215.115213][   T27] usb 1-1: new low-speed USB device number 3 using dummy_hcd
[  216.446190][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.762059][ T6699] netlink: 'syz.3.171': attribute type 4 has an invalid length.
[  217.235889][ T6704] syz_tun: entered allmulticast mode
[  217.495258][ T6695] syz_tun: left allmulticast mode
[  219.945228][ T6722] tipc: Started in network mode
[  219.950369][ T6722] tipc: Node identity 7, cluster identity 4711
[  219.956846][ T6722] tipc: Node number set to 7
[  220.548996][ T6724] No such timeout policy "syz0"
[  221.220890][ T6728] loop2: detected capacity change from 0 to 128
[  222.610899][ T6734] tty tty3: ldisc open failed (-12), clearing slot 2
[  224.633473][ T6741] loop0: detected capacity change from 0 to 32768
[  224.759274][ T6741]  loop0: p9 p11 p16
[  226.951139][ T6760] mmap: syz.1.184 (6760) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  227.416389][   T49] kworker/u4:4: attempt to access beyond end of device
[  227.416389][   T49] loop2: rw=1, sector=145, nr_sectors = 896 limit=128
[  228.719647][ T6762] loop0: detected capacity change from 0 to 32768
[  230.573207][ T6762] read_mapping_page failed!
[  230.657420][ T6762] jfs_mount: diMount(ipaimap) failed w/rc = -5
[  230.666253][ T6762] Mount JFS Failure: -5
[  230.671026][ T6762] jfs_mount failed w/return code = -5
[  230.750873][ T5786] udevd[5786]: inotify_add_watch(7, /dev/loop0p9, 10) failed: No such file or directory
[  230.770901][ T5791] udevd[5791]: inotify_add_watch(7, /dev/loop0p11, 10) failed: No such file or directory
[  230.809672][ T5801] udevd[5801]: inotify_add_watch(7, /dev/loop0p16, 10) failed: No such file or directory
[  230.949930][ T6770] loop2: detected capacity change from 0 to 256
[  235.224376][ T6770] FAT-fs (loop2): Directory bread(block 64) failed
[  235.232177][ T6770] FAT-fs (loop2): Directory bread(block 65) failed
[  235.239189][ T6770] FAT-fs (loop2): Directory bread(block 66) failed
[  235.246840][ T6770] FAT-fs (loop2): Directory bread(block 67) failed
[  235.253723][ T6770] FAT-fs (loop2): Directory bread(block 68) failed
[  235.260995][ T6770] FAT-fs (loop2): Directory bread(block 69) failed
[  235.268446][ T6770] FAT-fs (loop2): Directory bread(block 70) failed
[  235.277252][ T6770] FAT-fs (loop2): Directory bread(block 71) failed
[  235.284307][ T6770] FAT-fs (loop2): Directory bread(block 72) failed
[  235.292258][ T6770] FAT-fs (loop2): Directory bread(block 73) failed
[  236.560476][ T6789] trusted_key: syz.2.190 sent an empty control message without MSG_MORE.
[  237.016075][ T6791] random: crng reseeded on system resumption
[  237.043223][ T5791] udevd[5791]: inotify_add_watch(7, /dev/loop0p16, 10) failed: No such file or directory
[  237.062532][ T5801] udevd[5801]: inotify_add_watch(7, /dev/loop0p9, 10) failed: No such file or directory
[  237.133916][ T5786] udevd[5786]: inotify_add_watch(7, /dev/loop0p11, 10) failed: No such file or directory
[  239.877382][ T6811] SET target dimension over the limit!
[  240.696450][ T5798] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  241.121579][ T6817] hub 9-0:1.0: USB hub found
[  241.131502][ T6817] hub 9-0:1.0: 1 port detected
[  241.556663][ T6816] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  241.732221][ T5798] usb 1-1: Using ep0 maxpacket: 8
[  241.801804][ T5798] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  242.147717][ T6823] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  242.521183][ T5798] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  242.535028][ T5798] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  242.545325][ T5798] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.567463][ T5798] usb 1-1: config 0 descriptor??
[  242.662010][ T6826] loop1: detected capacity change from 0 to 512
[  242.694229][ T6826] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  242.715353][ T6826] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  242.738866][ T6826] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  242.754861][ T6827] loop2: detected capacity change from 0 to 512
[  242.816659][ T6826] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  242.856977][ T6827] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.198: casefold flag without casefold feature
[  242.910306][ T6826] System zones: 0-2, 18-18, 34-35
[  242.917757][ T6827] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.198: couldn't read orphan inode 15 (err -117)
[  242.948684][ T6826] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.014057][ T6827] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  243.831228][ T6833] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.199: bg 0: block 353: padding at end of block bitmap is not set
[  244.533479][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.566639][ T5796] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.707541][ T6840] hub 9-0:1.0: USB hub found
[  244.714432][ T6840] hub 9-0:1.0: 1 port detected
[  245.217689][ T6838] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  246.518114][ T6852] loop3: detected capacity change from 0 to 1764
[  246.803480][ T6847] loop1: detected capacity change from 0 to 4096
[  247.175143][ T5798] usb 1-1: can't set config #0, error -71
[  247.204087][ T6847] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  247.204817][ T5798] usb 1-1: USB disconnect, device number 4
[  248.232257][ T6867] siw: device registration error -23
[  250.945337][  T788] libceph: connect (1)[c::]:6789 error -101
[  251.252222][ T6884] ceph: No mds server is up or the cluster is laggy
[  251.261038][  T788] libceph: mon0 (1)[c::]:6789 connect error
[  251.319050][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.394396][ T6883] loop3: detected capacity change from 0 to 1024
[  251.877698][ T6895] __vm_enough_memory: pid: 6895, comm: syz.2.210, not enough memory for the allocation
[  253.483103][ T6906] (syz.2.211,6906,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  253.493044][ T6906] (syz.2.211,6906,1):ocfs2_fill_super:1178 ERROR: status = -22
[  254.096164][ T6894] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  254.125164][ T5870] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  254.329528][ T5870] usb 4-1: config 2 has an invalid interface number: 219 but max is 0
[  254.360143][ T5870] usb 4-1: config 2 has no interface number 0
[  254.376675][ T5870] usb 4-1: New USB device found, idVendor=093a, idProduct=2601, bcdDevice=b3.76
[  254.403480][ T5870] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.454142][ T6916] netlink: 'syz.2.212': attribute type 10 has an invalid length.
[  254.459410][ T5870] gspca_main: pac7311-2.14.0 probing 093a:2601
[  254.548686][ T6916] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  255.057004][ T5870] gspca_pac7311: reg_w() failed index 0xff, value 0x01, error -110
[  255.077045][ T5870] pac7311: probe of 4-1:2.219 failed with error -110
[  255.695595][ T5870] usb 4-1: USB disconnect, device number 3
[  255.742815][ T2921] hfsplus: b-tree write err: -5, ino 4
[  256.098644][ T6927] loop2: detected capacity change from 0 to 4096
[  256.135260][   T51] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  256.326575][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  256.333745][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  258.367434][ T6927] ntfs3: loop2: This driver is compiled without CONFIG_NTFS3_64BIT_CLUSTER (like windows driver).
[  258.367434][ T6927] Volume contains 64 bits run: vcn 0, lcn ffffffffff000000, len 7ff.
[  258.367434][ T6927] Activate CONFIG_NTFS3_64BIT_CLUSTER to process this case
[  258.762985][ T6927] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  258.801521][ T6927] ntfs3: loop2: Failed to load $BadClus (-95).
[  259.423564][ T6951] loop0: detected capacity change from 0 to 1024
[  259.524520][ T6951] EXT4-fs (loop0): Number of reserved GDT blocks insanely large: 1792
[  259.705649][ T6951] loop0: detected capacity change from 0 to 1024
[  259.733545][ T6951] EXT4-fs: Ignoring removed oldalloc option
[  259.775430][ T6951] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  259.910046][ T6957] loop1: detected capacity change from 0 to 4096
[  259.941743][ T6951] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.221629][ T6965] loop3: detected capacity change from 0 to 164
[  260.786852][ T6965] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[  260.833700][ T6960] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[  261.440207][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.537932][ T6992] loop1: detected capacity change from 0 to 8
[  266.407690][ T6992] SQUASHFS error: lzo decompression failed, data probably corrupt
[  266.416355][ T6992] SQUASHFS error: Failed to read block 0x144: -5
[  266.422710][ T6992] SQUASHFS error: Unable to read metadata cache entry [142]
[  266.430159][ T6992] SQUASHFS error: Unable to read inode 0x11f
[  267.034531][ T5786] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  268.152002][ T7064] netlink: 164 bytes leftover after parsing attributes in process `syz.1.228'.
[  269.536966][ T7082] loop0: detected capacity change from 0 to 16
[  269.599910][ T7082] erofs: (device loop0): mounted with root inode @ nid 36.
[  270.904685][ T7074] IPVS: set_ctl: invalid protocol: 47 172.20.20.50:20000
[  275.902691][ T7147] loop2: detected capacity change from 0 to 164
[  276.346269][ T7137] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  276.860794][ T7137] usb 2-1: config 0 has no interfaces?
[  276.885146][ T7137] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  276.898376][ T7137] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.910121][ T7137] usb 2-1: Product: syz
[  276.918679][ T7137] usb 2-1: Manufacturer: syz
[  276.928525][ T7137] usb 2-1: SerialNumber: syz
[  276.942505][ T7137] usb 2-1: config 0 descriptor??
[  277.719054][ T7147] capability: warning: `syz.2.241' uses 32-bit capabilities (legacy support in use)
[  277.760491][ T7122] bridge0: port 2(bridge_slave_1) entered disabled state
[  277.770360][ T7122] bridge0: port 1(bridge_slave_0) entered disabled state
[  277.800947][ T7155] rock: directory entry would overflow storage
[  277.823375][ T5896] usb 2-1: USB disconnect, device number 2
[  277.826456][ T7155] rock: sig=0x4f50, size=4, remaining=3
[  278.547177][ T7155] iso9660: Corrupted directory entry in block 4 of inode 1792
[  285.048039][ T7183] loop1: detected capacity change from 0 to 4096
[  285.157848][ T7186] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  285.674770][ T7122] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  285.705740][ T7122] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  285.985197][ T1189] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  286.214519][ T1189] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  286.315603][ T1189] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  286.368662][ T1189] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  286.420090][ T1189] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.556600][ T1189] usb 2-1: config 0 descriptor??
[  286.896185][ T7122] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  286.905508][ T7122] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  286.914697][ T7122] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  286.924650][ T7122] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  287.008796][ T1189] cm6533_jd 0003:0D8C:0022.0001: unknown main item tag 0x0
[  287.031286][ T1189] cm6533_jd 0003:0D8C:0022.0001: unknown main item tag 0x0
[  287.048510][ T1189] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0D8C:0022.0001/input/input8
[  287.111387][ T1189] cm6533_jd 0003:0D8C:0022.0001: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0
[  287.183705][  T788] lo speed is unknown, defaulting to 1000
[  287.602280][ T7213] netlink: 28 bytes leftover after parsing attributes in process `syz.0.251'.
[  287.712305][ T7213] netlink: 28 bytes leftover after parsing attributes in process `syz.0.251'.
[  287.922785][ T7219] comedi comedi0: Minor 3 could not be opened
[  288.547780][ T7183] syz.1.249 (7183) used greatest stack depth: 19208 bytes left
[  288.636061][    T9] usb 2-1: reset high-speed USB device number 3 using dummy_hcd
[  289.562293][ T7213] batadv0: entered promiscuous mode
[  289.640983][ T7213] batadv_slave_1: entered promiscuous mode
[  289.703949][ T7213] batadv_slave_1: left promiscuous mode
[  289.748818][ T7213] batadv0: left promiscuous mode
[  290.797896][ T1189] usb 2-1: USB disconnect, device number 3
[  290.851579][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  290.884295][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  290.938150][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  290.970037][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  290.997011][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  291.027918][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  291.050818][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  291.076203][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  291.152857][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  291.233317][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  291.282728][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  291.321856][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  291.415290][ T7141] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  291.429431][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  291.542776][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  291.665905][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  291.706039][ T7141] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  291.811990][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  291.881681][ T7141] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  291.961562][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  292.064690][ T7141] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  292.103080][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  293.082926][ T7141] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  293.123416][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  293.183087][ T7141] usb 4-1: SerialNumber: syz
[  293.193954][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  293.206925][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  293.207534][ T7244] syz.0.256: attempt to access beyond end of device
[  293.207534][ T7244] loop0: rw=0, sector=0, nr_sectors = 1 limit=0
[  293.216093][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  293.236727][ T7244] (syz.0.256,7244,0):ocfs2_get_sector:1772 ERROR: status = -5
[  293.245500][ T7244] (syz.0.256,7244,0):ocfs2_sb_probe:749 ERROR: status = -5
[  293.253646][ T7244] (syz.0.256,7244,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  293.262641][ T7244] (syz.0.256,7244,0):ocfs2_fill_super:1178 ERROR: status = -5
[  293.885378][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  293.893393][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  293.903489][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  293.911985][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  293.919949][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  293.928079][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  294.124822][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  294.133256][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  294.141444][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  294.178004][ T7246] comedi comedi0: Minor 3 could not be opened
[  294.189197][ T7141] usb 4-1: can't set config #1, error -71
[  294.218005][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  294.317459][ T7141] usb 4-1: USB disconnect, device number 4
[  294.329608][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  294.345560][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  294.353794][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  294.376242][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  294.384165][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  294.401560][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  294.418728][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  294.598712][ T7252] batman_adv: batadv0: Adding interface: dummy0
[  294.631228][ T7252] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.650171][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  294.666100][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  294.674108][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  294.682425][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: unknown main item tag 0x0
[  294.707343][ T7252] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  294.734401][ T7139] hid-generic 0000:007F:FFFFFFFE.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  295.850046][ T7260] fido_id[7260]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  296.741773][ T7139] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  296.954026][ T7139] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  297.013390][ T7139] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  297.029079][ T7139] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  297.047924][ T7139] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.040632][ T7139] usb 3-1: GET_CAPABILITIES returned 0
[  298.046972][ T7139] usbtmc 3-1:16.0: can't read capabilities
[  298.094307][ T7294] loop1: detected capacity change from 0 to 128
[  298.183246][   T28] kauditd_printk_skb: 41 callbacks suppressed
[  298.183263][   T28] audit: type=1800 audit(1755204299.387:55): pid=7294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.267" name="file1" dev="loop1" ino=1048610 res=0 errno=0
[  299.608355][ T7291] overlay: ./file0 is not a directory
[  299.622894][ T7303] loop0: detected capacity change from 0 to 256
[  299.640084][ T1189] usb 3-1: USB disconnect, device number 4
[  301.038158][ T7320] loop3: detected capacity change from 0 to 512
[  302.227012][ T7320] EXT4-fs (loop3): Test dummy encryption mode enabled
[  302.240871][ T7320] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  302.369325][ T7320] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.272: bad orphan inode 131083
[  302.507664][ T7320] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  302.851578][ T7339] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  305.045450][ T7320] fscrypt (loop3): Missing crypto API support for AES-256-CTS-CBC (API name: "cts(cbc(aes))")
[  305.147313][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.442590][ T7355] siw: device registration error -23
[  307.397207][ T7361] loop1: detected capacity change from 0 to 512
[  307.429975][ T7360] loop2: detected capacity change from 0 to 4096
[  308.355273][ T7361] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  308.370962][ T7361] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  308.557175][ T7370] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  311.575001][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.919964][ T7383] loop2: detected capacity change from 0 to 256
[  313.102790][ T7375] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  313.111860][ T7375] overlayfs: missing 'lowerdir'
[  313.223568][ T7401] loop1: detected capacity change from 0 to 512
[  313.309895][ T7401] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.348036][ T7401] ext4 filesystem being mounted at /71/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  313.504731][ T7403] loop2: detected capacity change from 0 to 4096
[  313.647101][ T7403] ntfs3: loop2: This driver is compiled without CONFIG_NTFS3_64BIT_CLUSTER (like windows driver).
[  313.647101][ T7403] Volume contains 64 bits run: vcn 0, lcn ffffffffff000000, len 7ff.
[  313.647101][ T7403] Activate CONFIG_NTFS3_64BIT_CLUSTER to process this case
[  313.674398][ T7403] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  313.994025][ T7403] ntfs3: loop2: Failed to load $BadClus (-95).
[  314.575966][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.807365][ T7414] loop2: detected capacity change from 0 to 256
[  315.313098][ T7411] loop3: detected capacity change from 0 to 1764
[  316.118008][ T7138] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  316.452763][ T7138] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  316.611539][ T7138] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  317.024759][ T7138] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  317.898391][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  318.101332][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  318.285058][ T7138] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  318.295774][ T7138] usb 2-1: SerialNumber: syz
[  319.845044][ T7138] usb 2-1: can't set config #1, error -71
[  319.871079][ T7138] usb 2-1: USB disconnect, device number 4
[  320.307055][   T51] Bluetooth: hci2: unexpected event for opcode 0x204e
[  321.706681][ T7449] loop3: detected capacity change from 0 to 1024
[  322.531770][ T7449] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  322.996806][ T7464] syz.0.297: attempt to access beyond end of device
[  322.996806][ T7464] nbd0: rw=4096, sector=128, nr_sectors = 8 limit=0
[  323.010921][ T7464] gfs2: error 10 reading superblock
[  326.685880][   T42] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  326.695737][ T1189] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  326.705839][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  326.766367][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  327.055780][ T7484] loop1: detected capacity change from 0 to 8
[  327.229857][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.807617][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  327.984447][ T7038] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  327.994053][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  328.011765][ T7141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  328.037223][ T1189] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  328.362671][ T7495] tmpfs: Unknown parameter 'smackfsroot'
[  328.674773][ T7499] netlink: 'syz.1.303': attribute type 1 has an invalid length.
[  328.683844][ T7499] netlink: 224 bytes leftover after parsing attributes in process `syz.1.303'.
[  328.697945][ T7499] 9pnet_fd: Insufficient options for proto=fd
[  328.924807][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  329.274414][ T7501] loop9: detected capacity change from 0 to 7
[  329.614716][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.624279][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  329.634987][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.644315][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  329.677519][ T7505] loop2: detected capacity change from 0 to 1024
[  329.940671][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  329.950236][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  330.175535][ T7196] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  330.672031][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  330.681710][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  330.691092][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  330.700499][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  330.710865][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  330.720165][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  330.745161][ T7501] ldm_validate_partition_table(): Disk read failed.
[  330.745241][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  330.761279][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  330.903525][ T7513] affs: No valid root block on device nullb0
[  330.961494][ T7513] netlink: 16 bytes leftover after parsing attributes in process `syz.1.307'.
[  330.988028][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  330.997280][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  331.014541][    C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  331.023797][    C1] Buffer I/O error on dev loop9, logical block 0, async page read
[  331.098620][ T7196] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  331.108752][ T7196] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  331.334472][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  331.343975][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  331.354734][ T7501] Dev loop9: unable to read RDB block 0
[  331.488446][ T7501]  loop9: unable to read partition table
[  331.584174][ T7501] loop9: partition table beyond EOD, truncated
[  331.682967][ T7501] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  331.747234][ T7196] usb 1-1: string descriptor 0 read error: -71
[  331.753477][ T7196] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  332.364560][ T7141] net_ratelimit: 3 callbacks suppressed
[  332.364577][ T7141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  332.459130][ T7045] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  332.474318][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  332.550829][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  332.652316][ T7517] loop1: detected capacity change from 0 to 8
[  332.659351][ T7196] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  332.697376][ T7196] usb 1-1: can't set config #1, error -71
[  332.712351][ T7196] usb 1-1: USB disconnect, device number 5
[  333.582215][ T7523] 8021q: adding VLAN 0 to HW filter on device bond0
[  334.365725][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  334.561607][ T7523] bond0: (slave rose0): Enslaving as an active interface with an up link
[  334.706261][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  335.978148][ T7555] loop3: detected capacity change from 0 to 164
[  336.081282][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  336.176098][ T7555] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[  336.193628][ T7552] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[  337.513244][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  337.522227][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  338.771158][ T7043] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  338.798787][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  338.823742][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  338.914453][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  339.358513][ T7591] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[  339.368409][ T7591] netdevsim netdevsim3: Falling back to sysfs fallback for: ./file0
[  340.015101][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  340.396089][ T7593] loop3: detected capacity change from 0 to 2048
[  340.443404][ T7593] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  340.649160][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  340.669664][ T7593] NILFS (loop3): mounting unchecked fs
[  340.760806][ T7604] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  343.115693][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  343.791807][ T1189] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  343.800831][ T1189] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  344.035791][ T7593] NILFS (loop3): recovery complete
[  344.116140][ T7593] NILFS (loop3): error -4 creating segctord thread
[  344.289989][ T7617] xt_CT: You must specify a L4 protocol and not use inversions on it
[  344.791238][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  345.090725][ T7628] loop1: detected capacity change from 0 to 128
[  345.122090][ T7628] EXT4-fs warning (device loop1): ext4_init_metadata_csum:4634: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  345.149831][ T7629] loop0: detected capacity change from 0 to 512
[  345.154655][ T7628] EXT4-fs (loop1): Encoding requested by superblock is unknown
[  345.380174][ T7629] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  345.435366][ T7629] ext4 filesystem being mounted at /77/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  345.816063][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  345.829454][   T28] audit: type=1326 audit(1755204346.827:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.1.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfac18ebe9 code=0x7ffc0000
[  346.317539][   T28] audit: type=1326 audit(1755204346.827:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.1.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7fcfac18ebe9 code=0x7ffc0000
[  346.339923][    C1] vkms_vblank_simulate: vblank timer overrun
[  346.365193][   T28] audit: type=1326 audit(1755204346.837:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.1.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfac18ebe9 code=0x7ffc0000
[  346.387432][    C1] vkms_vblank_simulate: vblank timer overrun
[  346.607769][   T28] audit: type=1326 audit(1755204346.837:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.1.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fcfac18ebe9 code=0x7ffc0000
[  346.631112][   T28] audit: type=1326 audit(1755204346.837:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.1.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfac18ebe9 code=0x7ffc0000
[  346.653352][    C1] vkms_vblank_simulate: vblank timer overrun
[  346.662810][   T28] audit: type=1326 audit(1755204346.837:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.1.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcfac18ebe9 code=0x7ffc0000
[  346.664359][ T7643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  346.694020][   T28] audit: type=1326 audit(1755204346.837:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.1.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfac18ebe9 code=0x7ffc0000
[  346.722864][   T28] audit: type=1326 audit(1755204346.837:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.1.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7fcfac18ebe9 code=0x7ffc0000
[  346.855776][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  347.189657][ T7643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  347.205249][   T28] audit: type=1326 audit(1755204346.847:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.1.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfac18ebe9 code=0x7ffc0000
[  347.402477][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  347.447437][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.490451][   T28] audit: type=1326 audit(1755204346.847:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7625 comm="syz.1.328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7fcfac18ebe9 code=0x7ffc0000
[  347.495305][ T7643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  348.869456][ T7657] IPv6: Can't replace route, no match found
[  349.027337][ T7193] net_ratelimit: 3 callbacks suppressed
[  349.027355][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  350.065056][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  351.053206][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  351.198500][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  351.325083][ T7670] xt_CT: You must specify a L4 protocol and not use inversions on it
[  352.158675][ T7674] netlink: 132 bytes leftover after parsing attributes in process `syz.0.337'.
[  352.863704][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  354.030133][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  354.147325][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  354.205269][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  354.399096][   T28] kauditd_printk_skb: 20 callbacks suppressed
[  354.399114][   T28] audit: type=1800 audit(1755204355.597:86): pid=7681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.339" name="bus" dev="overlay" ino=469 res=0 errno=0
[  355.070632][ T7691] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[  355.952918][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  357.101865][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  359.101939][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  360.394928][ T7707] syz.2.343 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  360.727759][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  362.191314][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  362.206243][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  362.447576][ T7725] loop1: detected capacity change from 0 to 16
[  362.471884][ T7725] erofs: (device loop1): mounted with root inode @ nid 36.
[  363.286411][ T7732] netlink: 8 bytes leftover after parsing attributes in process `syz.1.348'.
[  363.309155][ T7732] erofs: (device loop1): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 36
[  363.320604][ T7732] syz.1.348: attempt to access beyond end of device
[  363.320604][ T7732] loop1: rw=524288, sector=34359738360, nr_sectors = 1976 limit=16
[  363.425984][ T7729] loop2: detected capacity change from 0 to 512
[  363.505635][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  363.758039][ T7729] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.349: casefold flag without casefold feature
[  363.815386][ T7729] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.349: couldn't read orphan inode 15 (err -117)
[  363.879236][ T7729] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  364.104307][ T7745] loop1: detected capacity change from 0 to 1024
[  365.155952][ T7751] afs: Bad value for 'source'
[  366.914140][ T7750] netlink: 32 bytes leftover after parsing attributes in process `syz.2.349'.
[  366.947612][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  367.042762][ T1189] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  367.296784][ T5796] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.482954][ T7763] loop1: detected capacity change from 0 to 512
[  367.692103][ T7763] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.360: casefold flag without casefold feature
[  367.750431][ T7763] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.360: couldn't read orphan inode 15 (err -117)
[  367.790691][ T7768] loop2: detected capacity change from 0 to 128
[  367.801559][ T7763] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  367.830810][ T7768] EXT4-fs warning (device loop2): ext4_init_metadata_csum:4634: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  367.921862][ T7768] EXT4-fs (loop2): Encoding requested by superblock is unknown
[  367.972665][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  368.474000][ T7779] netlink: 132 bytes leftover after parsing attributes in process `syz.3.354'.
[  368.756827][ T7781] netlink: 32 bytes leftover after parsing attributes in process `syz.1.360'.
[  369.286851][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  369.573372][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.831399][   T28] audit: type=1326 audit(1755204370.987:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7767 comm="syz.2.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  370.089111][   T28] audit: type=1326 audit(1755204370.987:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7767 comm="syz.2.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  370.423926][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  370.458837][   T28] audit: type=1326 audit(1755204370.987:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7767 comm="syz.2.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  370.481655][   T28] audit: type=1326 audit(1755204370.987:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7767 comm="syz.2.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  370.504413][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  370.513709][   T28] audit: type=1326 audit(1755204370.997:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7767 comm="syz.2.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  371.818624][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  371.898692][   T28] audit: type=1326 audit(1755204370.997:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7767 comm="syz.2.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  372.035960][   T28] audit: type=1326 audit(1755204370.997:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7767 comm="syz.2.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  372.220971][   T28] audit: type=1326 audit(1755204371.007:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7767 comm="syz.2.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  372.246743][   T28] audit: type=1326 audit(1755204371.007:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7767 comm="syz.2.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  372.270710][   T28] audit: type=1326 audit(1755204371.007:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7767 comm="syz.2.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  372.381103][ T7798] netlink: 'syz.2.356': attribute type 1 has an invalid length.
[  372.389631][ T7798] netlink: 224 bytes leftover after parsing attributes in process `syz.2.356'.
[  372.410970][ T7798] 9pnet_fd: Insufficient options for proto=fd
[  373.003076][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  373.537098][ T7805] loop2: detected capacity change from 0 to 256
[  373.593187][ T7805] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  373.703816][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  374.060212][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  374.154776][ T7811] netlink: 24 bytes leftover after parsing attributes in process `syz.2.359'.
[  375.016872][ T7810] loop0: detected capacity change from 0 to 2048
[  375.086640][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  376.035622][ T7819] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  376.125704][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  376.932094][ T1189] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  379.178830][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  379.345098][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  379.406372][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  381.036355][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  381.112013][ T1189] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  381.275060][  T788] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  382.112604][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  382.197223][ T7846] Bluetooth: MGMT ver 1.22
[  383.171976][ T7849] loop2: detected capacity change from 0 to 131072
[  383.229532][ T7849] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0)
[  383.238282][ T7849] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  383.255125][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  383.283944][ T7849] F2FS-fs (loop2): invalid crc value
[  383.315895][ T7849] F2FS-fs (loop2): Found nat_bits in checkpoint
[  383.375694][ T7849] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  383.382939][ T7849] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  383.775295][ T7864] raw_sendmsg: syz.2.368 forgot to set AF_INET. Fix it!
[  384.323908][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  384.338078][ T1189] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  384.560093][ T7855] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  385.465338][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  386.560331][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  387.215020][   T51] Bluetooth: hci3: command 0x0405 tx timeout
[  387.655462][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  387.720078][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  389.075847][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  390.145162][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  390.569315][ T7193] IPVS: starting estimator thread 0...
[  390.606673][ T7909] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  390.765289][ T7916] IPVS: using max 25 ests per chain, 60000 per kthread
[  390.773456][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  391.175473][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  391.240067][ T7927] loop2: detected capacity change from 0 to 4096
[  391.685987][ T7934] netlink: 8 bytes leftover after parsing attributes in process `syz.1.379'.
[  392.216553][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  393.575204][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  394.039644][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  394.505993][ T7947] loop1: detected capacity change from 0 to 1024
[  394.718125][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  394.822648][ T7947] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  396.105221][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  396.186886][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  396.372297][ T7957] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  396.481721][ T7963] loop2: detected capacity change from 0 to 1024
[  396.521326][ T7963] EXT4-fs: Ignoring removed orlov option
[  396.578659][ T7964] loop1: detected capacity change from 0 to 2048
[  396.589682][ T7963] EXT4-fs (loop2): Test dummy encryption mode enabled
[  396.653950][ T7963] EXT4-fs (loop2): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  396.678247][ T7964] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  396.713908][ T7964] NILFS (loop1): mounting unchecked fs
[  396.736607][ T7963] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  396.794511][ T7210] udevd[7210]: incorrect nilfs2 checksum on /dev/loop1
[  396.857924][ T7964] NILFS (loop1): recovery complete
[  396.910891][ T7967] tc_dump_action: action bad kind
[  396.921548][ T7967] netlink: 'syz.3.385': attribute type 10 has an invalid length.
[  396.929935][ T7967] netlink: 40 bytes leftover after parsing attributes in process `syz.3.385'.
[  396.939550][ T7967] dummy0: entered promiscuous mode
[  396.945378][ T7967] batman_adv: batadv0: Interface deactivated: dummy0
[  396.952156][ T7967] batman_adv: batadv0: Removing interface: dummy0
[  396.960431][ T7967] bridge0: port 3(dummy0) entered blocking state
[  396.967441][ T7967] bridge0: port 3(dummy0) entered disabled state
[  396.974314][ T7967] dummy0: entered allmulticast mode
[  396.982253][ T7967] bridge0: port 3(dummy0) entered blocking state
[  396.988993][ T7967] bridge0: port 3(dummy0) entered forwarding state
[  397.008266][ T7972] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  397.085218][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  397.165618][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  397.311679][   T28] kauditd_printk_skb: 20 callbacks suppressed
[  397.311695][   T28] audit: type=1800 audit(1755204398.517:117): pid=7979 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.384" name="file1" dev="loop1" ino=15 res=0 errno=0
[  397.338987][    C1] vkms_vblank_simulate: vblank timer overrun
[  397.383159][ T7963] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  397.467411][   T28] audit: type=1800 audit(1755204398.667:118): pid=7979 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.384" name="file1" dev="loop1" ino=15 res=0 errno=0
[  397.490325][    C1] vkms_vblank_simulate: vblank timer overrun
[  397.812416][ T7988] binder: 7981:7988 ioctl 4018620d 0 returned -22
[  397.836504][ T7988] binder: 7981:7988 ioctl c0306201 0 returned -14
[  398.340426][   T28] audit: type=1800 audit(1755204399.057:119): pid=7986 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.384" name="file1" dev="loop1" ino=15 res=0 errno=0
[  398.525962][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  399.570788][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  399.740417][ T5796] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  400.126023][ T1189] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  400.365261][ T7138] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  400.534514][ T8003] loop1: detected capacity change from 0 to 512
[  400.605755][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  400.687325][ T7138] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  402.072148][ T7138] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  402.090812][ T8003] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.389: casefold flag without casefold feature
[  402.108064][ T7138] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  402.120756][ T8003] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.389: couldn't read orphan inode 15 (err -117)
[  402.193256][ T8009] xt_CT: You must specify a L4 protocol and not use inversions on it
[  403.835945][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  404.334466][ T8003] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  404.427753][ T7138] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  404.439226][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  404.448723][ T7138] usb 3-1: SerialNumber: syz
[  404.563648][ T7138] usb 3-1: can't set config #1, error -71
[  404.579175][ T7138] usb 3-1: USB disconnect, device number 6
[  404.579434][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.283789][ T7138] IPVS: starting estimator thread 0...
[  405.317877][ T8013] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[  405.377759][ T8020] IPVS: using max 16 ests per chain, 38400 per kthread
[  405.569575][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  406.049502][ T8024] loop1: detected capacity change from 0 to 32768
[  406.387211][ T8030] afs: Bad value for 'source'
[  406.992083][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  407.005386][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  407.020838][ T8024] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  407.476350][ T5785] ocfs2: Unmounting device (7,1) on (node local)
[  408.055484][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  408.898835][ T8045] netlink: 12 bytes leftover after parsing attributes in process `syz.1.397'.
[  409.967562][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  410.045270][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  410.233290][ T8051] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  410.259886][ T8051] CIFS mount error: No usable UNC path provided in device string!
[  410.259886][ T8051] 
[  410.270511][ T8051] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  411.115286][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  411.685481][ T8062] xt_CT: You must specify a L4 protocol and not use inversions on it
[  412.136370][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  412.240229][ T8068] loop3: detected capacity change from 0 to 2048
[  412.305596][ T8068] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  413.085245][ T1189] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  413.279497][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  413.395885][ T8075] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  413.403230][ T8075] IPv6: NLM_F_CREATE should be set when creating new route
[  413.410707][ T8075] IPv6: NLM_F_CREATE should be set when creating new route
[  413.418105][ T8075] IPv6: NLM_F_CREATE should be set when creating new route
[  413.795140][ T1189] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  414.681927][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  414.945017][ T1189] usb 2-1: Using ep0 maxpacket: 8
[  415.718792][ T1189] usb 2-1: config index 0 descriptor too short (expected 74, got 45)
[  415.718903][ T1189] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  415.718933][ T1189] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  415.718967][ T1189] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  415.718994][ T1189] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  415.719018][ T1189] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  415.719062][ T1189] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  415.719086][ T1189] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  415.776142][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  415.920460][ T8085] tty tty27: ldisc open failed (-12), clearing slot 26
[  416.009006][ T8088] binder: 8083:8088 ioctl 4018620d 0 returned -22
[  416.135763][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  416.422910][ T1189] usb 2-1: GET_CAPABILITIES returned 0
[  416.433943][ T1189] usbtmc 2-1:16.0: can't read capabilities
[  416.457267][ T8088] binder: 8083:8088 ioctl c0306201 0 returned -14
[  416.875309][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  417.718172][ T8095] vxfs: WRONG superblock magic 00000000 at 1
[  417.719134][ T8095] vxfs: WRONG superblock magic 00000000 at 8
[  417.719147][ T8095] vxfs: can't find superblock.
[  418.393147][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  418.711995][ T7196] usb 2-1: USB disconnect, device number 5
[  418.745266][ T7193] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  419.295483][ T8102] netlink: 20 bytes leftover after parsing attributes in process `syz.3.416'.
[  419.305213][ T8102] netlink: 8 bytes leftover after parsing attributes in process `syz.3.416'.
[  419.853159][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  419.880464][   T61] RDS/tcp: send to fe80::c on cp [0]returned -104, disconnecting and reconnecting
[  420.093191][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  420.935987][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  421.845890][ T8124] xt_nat: multiple ranges no longer supported
[  421.914639][ T8120] xt_CT: You must specify a L4 protocol and not use inversions on it
[  421.987066][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  423.375441][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  423.384981][ T1189] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  424.446257][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  425.485556][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  426.867664][ T7043] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  426.877026][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  426.890698][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  426.901416][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  426.911861][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  426.925227][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  427.965554][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  428.045019][ T5794] Bluetooth: hci3: command 0x0405 tx timeout
[  428.261563][ T8141] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  428.269869][ T8141] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  428.289540][ T8141] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  429.109722][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  429.206224][ T8141] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  429.235085][ T8141] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  429.402605][ T8161] macsec0: entered allmulticast mode
[  429.412442][ T8161] veth1_macvtap: entered allmulticast mode
[  429.418658][ T8161] macsec0: left allmulticast mode
[  429.423891][ T8161] veth1_macvtap: left allmulticast mode
[  430.146133][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  430.236474][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  430.240123][ T8141] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  430.285015][ T5794] Bluetooth: hci1: command 0x0406 tx timeout
[  430.305175][ T8141] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  430.447858][ T8141] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  430.833355][ T8166] xt_CT: You must specify a L4 protocol and not use inversions on it
[  431.392470][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  432.133451][   T61] net_ratelimit: 1 callbacks suppressed
[  432.133469][   T61] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  432.448175][ T7038] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  432.465593][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  432.485035][   T51] Bluetooth: hci3: command 0x0405 tx timeout
[  432.494406][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  432.515309][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  432.524396][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  432.545620][ T8175] loop3: detected capacity change from 0 to 512
[  432.555076][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  432.567769][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  432.580735][ T8175] EXT4-fs: Ignoring removed nobh option
[  432.785059][ T8175] ext4: Unknown parameter 'hash'
[  433.404939][ T5794] Bluetooth: hci2: command 0x0406 tx timeout
[  433.562217][ T8182] loop2: detected capacity change from 0 to 128
[  433.708674][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  433.748038][ T8182] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  434.128242][ T8182] ext4 filesystem being mounted at /112/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  434.544796][ T5794] Bluetooth: hci3: command 0x0405 tx timeout
[  435.110125][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  435.177691][ T5796] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  435.525998][ T8200] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  436.153884][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  436.361040][ T8192] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000)
[  436.605492][ T5794] Bluetooth: hci3: command 0x0405 tx timeout
[  437.681838][ T7193] net_ratelimit: 1 callbacks suppressed
[  437.681857][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  438.537483][ T7055] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  438.546233][ T7050] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  438.645265][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  438.656312][ T5896] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  438.667515][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  438.715449][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  438.794271][   T42] Bluetooth: hci4: Frame reassembly failed (-84)
[  439.405687][    T8] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  440.618639][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  440.625177][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  440.765302][ T5794] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[  441.317545][ T7043] sl0: compressed packet ignored
[  441.415036][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  441.481477][    T8] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  441.510705][    T8] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  441.557055][    T8] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  441.574764][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  442.532080][ T5896] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  442.540479][    T8] usb 4-1: SerialNumber: syz
[  442.559131][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  443.657011][    T8] usb 4-1: can't set config #1, error -71
[  443.657401][ T7193] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  443.760133][    T8] usb 4-1: USB disconnect, device number 5
[  445.261629][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  445.280089][   T42] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  445.289725][ T7050] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  445.301019][ T7141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  445.310140][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  445.324518][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  445.746461][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  446.178799][   T28] audit: type=1326 audit(1755204446.837:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.0.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751218ebe9 code=0x7ffc0000
[  447.066658][ T7141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  448.020974][ T8239] loop2: detected capacity change from 0 to 32768
[  448.278113][ T7141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  449.855059][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  449.863605][   T28] audit: type=1326 audit(1755204446.837:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.0.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751218ebe9 code=0x7ffc0000
[  449.886582][   T28] audit: type=1326 audit(1755204446.837:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.0.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f751218ebe9 code=0x7ffc0000
[  449.909941][   T28] audit: type=1326 audit(1755204446.837:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.0.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751218ebe9 code=0x7ffc0000
[  449.924972][ T7141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  449.932958][   T28] audit: type=1326 audit(1755204446.837:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.0.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751218ebe9 code=0x7ffc0000
[  450.000392][   T28] audit: type=1326 audit(1755204446.837:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.0.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f751218ebe9 code=0x7ffc0000
[  450.023604][   T28] audit: type=1326 audit(1755204446.837:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.0.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751218ebe9 code=0x7ffc0000
[  450.235249][   T28] audit: type=1326 audit(1755204446.837:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.0.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751218ebe9 code=0x7ffc0000
[  450.351272][   T28] audit: type=1326 audit(1755204446.837:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.0.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f751218ebe9 code=0x7ffc0000
[  451.021021][   T28] audit: type=1326 audit(1755204446.847:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.0.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751218ebe9 code=0x7ffc0000
[  451.187507][ T7038] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  451.204110][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  451.322265][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  451.331089][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  451.340199][   T28] audit: type=1326 audit(1755204446.847:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.0.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f751218ebe9 code=0x7ffc0000
[  451.363897][   T28] audit: type=1326 audit(1755204446.847:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.0.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f751218ebe9 code=0x7ffc0000
[  451.464514][   T28] audit: type=1326 audit(1755204447.707:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8233 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  452.009292][   T28] audit: type=1326 audit(1755204447.707:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8233 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  452.184933][   T28] audit: type=1326 audit(1755204447.707:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8233 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  452.235049][   T28] audit: type=1326 audit(1755204447.707:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8233 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  452.365383][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  452.494982][   T28] audit: type=1326 audit(1755204447.717:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8233 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  452.517828][    C0] vkms_vblank_simulate: vblank timer overrun
[  453.216716][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  453.226170][ T8256] loop2: detected capacity change from 0 to 1024
[  453.234045][ T8256] EXT4-fs: Ignoring removed nobh option
[  453.265042][   T28] audit: type=1326 audit(1755204447.727:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8233 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  453.288843][    C0] vkms_vblank_simulate: vblank timer overrun
[  453.291668][ T8256] EXT4-fs: Ignoring removed bh option
[  453.406619][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  453.426042][ T5794] Bluetooth: hci1: Received unexpected HCI Event 0x00
[  453.441978][   T28] audit: type=1326 audit(1755204447.727:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8233 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  453.526455][ T8256] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  453.818866][   T28] audit: type=1326 audit(1755204447.727:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8233 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f053518ebe9 code=0x7ffc0000
[  453.926607][ T8264] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  454.290305][ T7038] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  454.706089][   T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  454.725362][   T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  454.735392][   T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  454.744177][   T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  454.759862][   T51] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  454.768167][   T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  454.818943][ T8268] overlayfs: conflicting lowerdir path
[  455.485537][ T7196] net_ratelimit: 3 callbacks suppressed
[  455.485554][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  455.709483][ T5796] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  455.779289][ T8265] lo speed is unknown, defaulting to 1000
[  456.253831][ T8280] netlink: 8 bytes leftover after parsing attributes in process `syz.0.446'.
[  456.262889][ T8280] netlink: 8 bytes leftover after parsing attributes in process `syz.0.446'.
[  456.271959][ T8280] netlink: 4 bytes leftover after parsing attributes in process `syz.0.446'.
[  456.294766][ T8280] 9pnet_fd: Insufficient options for proto=fd
[  456.648652][ T7141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  457.245395][ T7043] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  457.485151][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  457.935653][   T51] Bluetooth: hci4: command tx timeout
[  458.036578][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  459.062257][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  459.153497][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  459.244640][ T8265] chnl_net:caif_netlink_parms(): no params data found
[  460.086176][   T51] Bluetooth: hci4: command tx timeout
[  460.654908][    C0] sl0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 20010 ms
[  460.665261][    C0] sl0: transmit timed out, driver error?
[  460.985315][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  461.004366][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  461.056461][ T8265] bridge0: port 1(bridge_slave_0) entered blocking state
[  461.084239][ T8265] bridge0: port 1(bridge_slave_0) entered disabled state
[  461.105251][ T8265] bridge_slave_0: entered allmulticast mode
[  461.125583][ T8265] bridge_slave_0: entered promiscuous mode
[  462.092711][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  462.133365][ T8265] bridge0: port 2(bridge_slave_1) entered blocking state
[  462.140927][   T51] Bluetooth: hci4: command tx timeout
[  462.327339][ T8265] bridge0: port 2(bridge_slave_1) entered disabled state
[  462.334759][ T8265] bridge_slave_1: entered allmulticast mode
[  462.342553][ T8265] bridge_slave_1: entered promiscuous mode
[  463.261972][ T8309] loop2: detected capacity change from 0 to 40427
[  463.279741][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  463.285057][ T8309] F2FS-fs (loop2): invalid crc value
[  463.303024][ T8309] F2FS-fs (loop2): Found nat_bits in checkpoint
[  463.360253][ T8309] F2FS-fs (loop2): Start checkpoint disabled!
[  463.386701][ T8309] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  463.498425][ T8265] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  463.757713][ T8316] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  463.909862][ T8265] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  464.045566][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  464.207327][   T51] Bluetooth: hci4: command tx timeout
[  464.568176][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  465.645798][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  465.860675][ T8265] team0: Port device team_slave_0 added
[  465.899601][ T8265] team0: Port device team_slave_1 added
[  465.929220][ T8326] loop3: detected capacity change from 0 to 1024
[  465.981009][ T8326] EXT4-fs: Ignoring removed nobh option
[  466.016079][ T8326] EXT4-fs: Ignoring removed bh option
[  466.113493][ T8265] batman_adv: batadv0: Adding interface: batadv_slave_0
[  466.129729][ T7034] kworker/u4:15: attempt to access beyond end of device
[  466.129729][ T7034] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  466.146780][ T8265] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  466.179759][ T7034] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  466.183168][ T8265] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  466.200451][ T8265] batman_adv: batadv0: Adding interface: batadv_slave_1
[  466.207557][ T8326] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  466.208796][ T8265] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  466.246939][ T8265] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  466.328200][ T8265] hsr_slave_0: entered promiscuous mode
[  466.335338][ T8265] hsr_slave_1: entered promiscuous mode
[  466.342242][ T8265] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  466.350916][ T8265] Cannot create hsr debugfs directory
[  466.671066][ T8331] overlayfs: conflicting lowerdir path
[  467.182878][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  467.296549][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  467.451304][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  467.796450][ T8337] kAFS: unable to lookup cell 'sy[N6/rÆ>ßãmNíÜb’z1'
[  468.648115][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  469.725360][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  470.365353][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  470.693601][ T8350] loop3: detected capacity change from 0 to 32768
[  470.745249][ T8350] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.457 (8350)
[  470.782900][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  470.959630][ T8265] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  470.986297][ T8350] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  471.003219][ T8350] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  471.015642][ T8350] BTRFS info (device loop3): setting nodatacow, compression disabled
[  471.028037][ T8350] BTRFS info (device loop3): max_inline at 0
[  471.035989][ T8350] BTRFS info (device loop3): enabling disk space caching
[  471.045648][ T8350] BTRFS info (device loop3): turning off barriers
[  471.053572][ T8350] BTRFS info (device loop3): doing ref verification
[  471.061298][ T8350] BTRFS info (device loop3): force clearing of disk cache
[  471.069395][ T8350] BTRFS info (device loop3): enabling ssd optimizations
[  471.077535][ T8350] BTRFS info (device loop3): max_inline at 4096
[  471.085031][ T8350] BTRFS info (device loop3): disk space caching is enabled
[  471.283381][ T8350] BTRFS info (device loop3): auto enabling async discard
[  471.313805][ T8350] BTRFS info (device loop3): rebuilding free space tree
[  471.347688][ T8265] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  471.422872][ T8350] BTRFS info (device loop3): disabling free space tree
[  471.430635][ T8350] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  471.444591][ T8350] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  471.575170][ T8371] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000)
[  472.192489][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  472.325223][ T8265] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  472.479048][ T8265] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  473.245513][ T7141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  473.405825][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  474.045585][ T5790] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  474.285474][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  474.295455][ T8272] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 12 /dev/loop3 scanned by udevd (8272)
[  475.434447][ T8265] 8021q: adding VLAN 0 to HW filter on device bond0
[  475.545890][ T7141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  475.690951][ T8265] 8021q: adding VLAN 0 to HW filter on device team0
[  475.732811][ T7034] bridge0: port 1(bridge_slave_0) entered blocking state
[  475.740361][ T7034] bridge0: port 1(bridge_slave_0) entered forwarding state
[  476.004192][ T7055] bridge0: port 2(bridge_slave_1) entered blocking state
[  476.011609][ T7055] bridge0: port 2(bridge_slave_1) entered forwarding state
[  476.197719][ T8400] loop3: detected capacity change from 0 to 16
[  477.383729][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  477.406707][  T788] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  478.448127][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  479.685580][ T7141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.334412][ T8421] hub 1-0:1.0: USB hub found
[  480.340077][ T8421] hub 1-0:1.0: 1 port detected
[  480.925652][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  481.231699][ T7141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  481.635252][ T7141] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[  482.076435][ T7141] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  482.286443][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  482.375149][ T7141] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  482.690217][ T7141] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  482.899909][ T7141] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  484.286860][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  484.304953][ T7141] usb 1-1: SerialNumber: syz
[  484.577446][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  485.341956][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  485.819241][ T7141] usb 1-1: can't set config #1, error -71
[  486.365438][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  486.516773][ T7141] usb 1-1: USB disconnect, device number 7
[  487.629156][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  487.649418][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  488.099254][ T8265] 8021q: adding VLAN 0 to HW filter on device batadv0
[  488.545534][ T8466] zonefs (nullb0) ERROR: Not a zoned block device
[  488.685507][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  489.721878][ T8473] xt_CT: You must specify a L4 protocol and not use inversions on it
[  489.830393][ T8473] loop3: detected capacity change from 0 to 1024
[  489.855305][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  490.888209][ T1189] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  490.928054][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  491.082407][ T8483] overlay: ./file0 is not a directory
[  491.704649][ T8490] netlink: 28 bytes leftover after parsing attributes in process `syz.0.479'.
[  491.715899][ T8490] netlink: 28 bytes leftover after parsing attributes in process `syz.0.479'.
[  494.721449][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  494.731202][ T1189] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  495.942852][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  497.031721][ T7138] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  497.523838][ T8265] veth0_vlan: entered promiscuous mode
[  499.427120][ T7141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  499.579455][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  499.820902][ T8265] veth1_vlan: entered promiscuous mode
[  499.871415][ T8265] veth0_macvtap: entered promiscuous mode
[  499.882238][ T8265] veth1_macvtap: entered promiscuous mode
[  500.057844][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  500.119508][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.185144][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  500.225008][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.241647][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  500.253086][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.265955][ T8265] batman_adv: batadv0: Interface activated: batadv_slave_0
[  500.292507][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.313057][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.335550][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.377417][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.461582][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  500.475220][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.486357][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.514484][ T8265] batman_adv: batadv0: Interface activated: batadv_slave_1
[  500.606519][ T8540] xt_CT: You must specify a L4 protocol and not use inversions on it
[  500.632748][ T8540] loop2: detected capacity change from 0 to 1024
[  501.554936][ T5794] Bluetooth: hci4: command tx timeout
[  502.247797][ T7139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  502.325355][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  502.326419][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  502.365635][ T7050] sl0: compressed packet ignored
[  502.379369][ T8265] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  502.379447][ T8265] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  502.379468][ T8265] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  502.379505][ T8265] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  502.415024][ T8498] blk_print_req_error: 10 callbacks suppressed
[  502.415052][ T8498] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  502.605706][ T1189] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  502.791522][ T8547] netlink: 168 bytes leftover after parsing attributes in process `syz.3.486'.
[  502.865175][    T9] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  502.991624][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  502.991649][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  503.045143][    T9] usb 1-1: Using ep0 maxpacket: 32
[  503.046043][    T9] usb 1-1: too many configurations: 15, using maximum allowed: 8
[  503.052842][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.052862][    T9] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  503.053853][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.053870][    T9] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  503.055091][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.055114][    T9] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  503.060814][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.060832][    T9] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  503.062470][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.062495][    T9] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  503.063688][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.063704][    T9] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  503.064686][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.064709][    T9] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  503.075350][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.075378][    T9] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  503.098906][    T9] usb 1-1: New USB device found, idVendor=055f, idProduct=a800, bcdDevice=72.1d
[  503.098944][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  503.098969][    T9] usb 1-1: Product: syz
[  503.098986][    T9] usb 1-1: Manufacturer: syz
[  503.099004][    T9] usb 1-1: SerialNumber: syz
[  503.103424][    T9] usb 1-1: config 0 descriptor??
[  503.121736][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  503.121758][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  503.325352][ T7141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  503.367271][    T9] usb 1-1: USB disconnect, device number 8
[  503.947065][ T8562] xt_CT: You must specify a L4 protocol and not use inversions on it
[  504.514679][ T7141] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  504.625131][ T8563] bpq0: entered promiscuous mode
[  504.931166][ T8564] ==================================================================
[  504.931185][ T8564] BUG: KASAN: slab-use-after-free in rose_transmit_link+0x5ba/0x740
[  504.931231][ T8564] Read of size 1 at addr ffff88805d5f3432 by task syz.4.438/8564
[  504.931248][ T8564] 
[  504.931264][ T8564] CPU: 0 PID: 8564 Comm: syz.4.438 Not tainted 6.6.101-syzkaller #0
[  504.931284][ T8564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  504.931300][ T8564] Call Trace:
[  504.931308][ T8564]  <TASK>
[  504.931321][ T8564]  dump_stack_lvl+0x16c/0x230
[  504.931348][ T8564]  ? __lock_acquire+0x7c80/0x7c80
[  504.931371][ T8564]  ? show_regs_print_info+0x20/0x20
[  504.931391][ T8564]  ? load_image+0x3b0/0x3b0
[  504.931422][ T8564]  ? _raw_spin_lock_irqsave+0xb4/0xf0
[  504.931454][ T8564]  ? __virt_addr_valid+0x18c/0x540
[  504.931478][ T8564]  ? __virt_addr_valid+0x469/0x540
[  504.931503][ T8564]  print_report+0xac/0x220
[  504.931523][ T8564]  ? rose_transmit_link+0x5ba/0x740
[  504.931544][ T8564]  kasan_report+0x117/0x150
[  504.931566][ T8564]  ? kmem_cache_alloc_node+0x17f/0x330
[  504.931594][ T8564]  ? rose_transmit_link+0x5ba/0x740
[  504.931620][ T8564]  rose_transmit_link+0x5ba/0x740
[  504.931641][ T8564]  ? skb_put+0x11b/0x210
[  504.931672][ T8564]  rose_write_internal+0x11d1/0x1ab0
[  504.931703][ T8564]  ? rose_validate_nr+0x120/0x120
[  504.931727][ T8564]  ? __timer_delete+0x6b/0x290
[  504.931756][ T8564]  ? skb_queue_purge_reason+0x6c/0x1c0
[  504.931792][ T8564]  rose_release+0x24e/0x510
[  504.931815][ T8564]  sock_close+0xbd/0x230
[  504.931845][ T8564]  ? sock_mmap+0xa0/0xa0
[  504.931875][ T8564]  __fput+0x234/0x970
[  504.931913][ T8564]  task_work_run+0x1ce/0x250
[  504.931942][ T8564]  ? task_work_cancel+0x240/0x240
[  504.931975][ T8564]  get_signal+0x1235/0x1400
[  504.932005][ T8564]  ? task_work_add+0x3a3/0x440
[  504.932032][ T8564]  ? __ia32_sys_pidfd_getfd+0x90/0x90
[  504.932060][ T8564]  ? wake_bit_function+0x200/0x200
[  504.932093][ T8564]  ? __might_fault+0xaa/0x120
[  504.932116][ T8564]  arch_do_signal_or_restart+0x96/0x780
[  504.932148][ T8564]  ? __sys_connect+0x240/0x420
[  504.932179][ T8564]  ? get_sigframe_size+0x20/0x20
[  504.932216][ T8564]  ? exit_to_user_mode_loop+0x3b/0x110
[  504.932248][ T8564]  exit_to_user_mode_loop+0x70/0x110
[  504.932277][ T8564]  exit_to_user_mode_prepare+0xb1/0x140
[  504.932306][ T8564]  syscall_exit_to_user_mode+0x1a/0x50
[  504.932337][ T8564]  do_syscall_64+0x61/0xb0
[  504.932359][ T8564]  ? clear_bhb_loop+0x40/0x90
[  504.932378][ T8564]  ? clear_bhb_loop+0x40/0x90
[  504.932397][ T8564]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  504.932429][ T8564] RIP: 0033:0x7f4b1398ebe9
[  504.932457][ T8564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  504.932476][ T8564] RSP: 002b:00007f4b147fb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  504.932498][ T8564] RAX: fffffffffffffe00 RBX: 00007f4b13bb6180 RCX: 00007f4b1398ebe9
[  504.932514][ T8564] RDX: 0000000000000040 RSI: 0000200000000100 RDI: 0000000000000010
[  504.932527][ T8564] RBP: 00007f4b13a11e19 R08: 0000000000000000 R09: 0000000000000000
[  504.932542][ T8564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  504.932555][ T8564] R13: 00007f4b13bb6218 R14: 00007f4b13bb6180 R15: 00007ffd13fc8d18
[  504.932578][ T8564]  </TASK>
[  504.932585][ T8564] 
[  504.932589][ T8564] Allocated by task 7957:
[  504.932605][ T8564]  kasan_set_track+0x4e/0x70
[  504.932626][ T8564]  __kasan_kmalloc+0x8f/0xa0
[  504.932646][ T8564]  rose_add_node+0x23a/0xdd0
[  504.932665][ T8564]  rose_rt_ioctl+0xa42/0xfb0
[  504.932684][ T8564]  rose_ioctl+0x3cf/0x8b0
[  504.932700][ T8564]  sock_do_ioctl+0xd7/0x2f0
[  504.932726][ T8564]  sock_ioctl+0x623/0x7a0
[  504.932752][ T8564]  __se_sys_ioctl+0xfd/0x170
[  504.932774][ T8564]  do_syscall_64+0x55/0xb0
[  504.932793][ T8564]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  504.932821][ T8564] 
[  504.932825][ T8564] Freed by task 8563:
[  504.932833][ T8564]  kasan_set_track+0x4e/0x70
[  504.932851][ T8564]  kasan_save_free_info+0x2e/0x50
[  504.932874][ T8564]  ____kasan_slab_free+0x126/0x1e0
[  504.932893][ T8564]  slab_free_freelist_hook+0x130/0x1b0
[  504.932911][ T8564]  __kmem_cache_free+0xba/0x1f0
[  504.932936][ T8564]  rose_rt_device_down+0x43d/0x490
[  504.932956][ T8564]  rose_device_event+0x604/0x690
[  504.932974][ T8564]  notifier_call_chain+0x197/0x390
[  504.932996][ T8564]  __dev_notify_flags+0x18e/0x2e0
[  504.933019][ T8564]  dev_change_flags+0xe8/0x1a0
[  504.933041][ T8564]  dev_ifsioc+0x6a7/0xe20
[  504.933058][ T8564]  dev_ioctl+0x7e2/0x1170
[  504.933099][ T8564]  sock_do_ioctl+0x226/0x2f0
[  504.933127][ T8564]  sock_ioctl+0x623/0x7a0
[  504.933153][ T8564]  __se_sys_ioctl+0xfd/0x170
[  504.933174][ T8564]  do_syscall_64+0x55/0xb0
[  504.933193][ T8564]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  504.933222][ T8564] 
[  504.933227][ T8564] Last potentially related work creation:
[  504.933234][ T8564]  kasan_save_stack+0x3e/0x60
[  504.933252][ T8564]  __kasan_record_aux_stack+0xaf/0xc0
[  504.933275][ T8564]  kvfree_call_rcu+0xee/0x780
[  504.933299][ T8564]  __ipv6_dev_mc_dec+0x2cc/0x330
[  504.933318][ T8564]  __ipv6_ifa_notify+0x434/0xaa0
[  504.933341][ T8564]  addrconf_ifdown+0xe6a/0x1880
[  504.933362][ T8564]  addrconf_notify+0x6c6/0x1010
[  504.933385][ T8564]  notifier_call_chain+0x197/0x390
[  504.933406][ T8564]  __dev_notify_flags+0x18e/0x2e0
[  504.933429][ T8564]  dev_change_flags+0xe8/0x1a0
[  504.933450][ T8564]  do_setlink+0xc74/0x3fb0
[  504.933476][ T8564]  rtnl_newlink+0x10af/0x2020
[  504.933499][ T8564]  rtnetlink_rcv_msg+0x7c7/0xf10
[  504.933527][ T8564]  netlink_rcv_skb+0x216/0x480
[  504.933548][ T8564]  netlink_unicast+0x751/0x8d0
[  504.933567][ T8564]  netlink_sendmsg+0x8c1/0xbe0
[  504.933587][ T8564]  ____sys_sendmsg+0x5bf/0x950
[  504.933611][ T8564]  ___sys_sendmsg+0x220/0x290
[  504.933636][ T8564]  __se_sys_sendmsg+0x1a5/0x270
[  504.933660][ T8564]  do_syscall_64+0x55/0xb0
[  504.933679][ T8564]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  504.933708][ T8564] 
[  504.933712][ T8564] The buggy address belongs to the object at ffff88805d5f3400
[  504.933712][ T8564]  which belongs to the cache kmalloc-512 of size 512
[  504.933729][ T8564] The buggy address is located 50 bytes inside of
[  504.933729][ T8564]  freed 512-byte region [ffff88805d5f3400, ffff88805d5f3600)
[  504.933750][ T8564] 
[  504.933754][ T8564] The buggy address belongs to the physical page:
[  504.933771][ T8564] page:ffffea0001757c00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5d5f0
[  504.933793][ T8564] head:ffffea0001757c00 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  504.933811][ T8564] anon flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  504.933836][ T8564] page_type: 0xffffffff()
[  504.933854][ T8564] raw: 00fff00000000840 ffff888017841c80 0000000000000000 dead000000000001
[  504.933872][ T8564] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[  504.933882][ T8564] page dumped because: kasan: bad access detected
[  504.933897][ T8564] page_owner tracks the page as allocated
[  504.933904][ T8564] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5785, tgid 5785 (syz-executor), ts 91309265469, free_ts 91300315437
[  504.933939][ T8564]  post_alloc_hook+0x1cd/0x210
[  504.933968][ T8564]  get_page_from_freelist+0x195c/0x19f0
[  504.933999][ T8564]  __alloc_pages+0x1e3/0x460
[  504.934027][ T8564]  alloc_slab_page+0x5d/0x170
[  504.934055][ T8564]  new_slab+0x87/0x2e0
[  504.934089][ T8564]  ___slab_alloc+0xc6d/0x12f0
[  504.934115][ T8564]  __kmem_cache_alloc_node+0x1a2/0x260
[  504.934141][ T8564]  __kmalloc+0xa4/0x240
[  504.934165][ T8564]  fib6_info_alloc+0x32/0xe0
[  504.934186][ T8564]  ip6_route_info_create+0x44f/0x1200
[  504.934215][ T8564]  addrconf_f6i_alloc+0x1c6/0x400
[  504.934244][ T8564]  ipv6_add_addr+0x576/0x1090
[  504.934262][ T8564]  inet6_addr_add+0x57e/0xb60
[  504.934282][ T8564]  inet6_rtm_newaddr+0x68d/0x940
[  504.934302][ T8564]  rtnetlink_rcv_msg+0x7c7/0xf10
[  504.934329][ T8564]  netlink_rcv_skb+0x216/0x480
[  504.934351][ T8564] page last free stack trace:
[  504.934357][ T8564]  free_unref_page_prepare+0x7ce/0x8e0
[  504.934385][ T8564]  free_unref_page+0x32/0x2e0
[  504.934411][ T8564]  __stack_depot_save+0x572/0x630
[  504.934429][ T8564]  kasan_set_track+0x5f/0x70
[  504.934447][ T8564]  __kasan_slab_alloc+0x6c/0x80
[  504.934466][ T8564]  slab_post_alloc_hook+0x6e/0x4d0
[  504.934507][ T8564]  kmem_cache_alloc_lru+0x115/0x2e0
[  504.934534][ T8564]  __d_alloc+0x31/0x730
[  504.934559][ T8564]  d_alloc_parallel+0xdd/0x1480
[  504.934586][ T8564]  __lookup_slow+0x117/0x3b0
[  504.934613][ T8564]  lookup_one_len+0x192/0x2c0
[  504.934639][ T8564]  start_creating+0x188/0x310
[  504.934664][ T8564]  __debugfs_create_file+0x6f/0x500
[  504.934689][ T8564]  ieee80211_sta_debugfs_add+0x177/0x730
[  504.934708][ T8564]  sta_info_insert_rcu+0xe8e/0x1770
[  504.934734][ T8564]  ieee80211_ibss_finish_sta+0x290/0x360
[  504.934758][ T8564] 
[  504.934762][ T8564] Memory state around the buggy address:
[  504.934776][ T8564]  ffff88805d5f3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  504.934789][ T8564]  ffff88805d5f3380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  504.934801][ T8564] >ffff88805d5f3400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  504.934811][ T8564]                                      ^
[  504.934821][ T8564]  ffff88805d5f3480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  504.934833][ T8564]  ffff88805d5f3500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  504.934843][ T8564] ==================================================================
[  505.019361][ T8564] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  505.019378][ T8564] CPU: 1 PID: 8564 Comm: syz.4.438 Not tainted 6.6.101-syzkaller #0
[  505.019425][ T8564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  505.019437][ T8564] Call Trace:
[  505.019445][ T8564]  <TASK>
[  505.019455][ T8564]  dump_stack_lvl+0x16c/0x230
[  505.019485][ T8564]  ? show_regs_print_info+0x20/0x20
[  505.019509][ T8564]  ? load_image+0x3b0/0x3b0
[  505.019545][ T8564]  panic+0x2c0/0x710
[  505.019572][ T8564]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  505.019617][ T8564]  ? bpf_jit_dump+0xd0/0xd0
[  505.019648][ T8564]  ? _raw_spin_unlock_irqrestore+0xfa/0x110
[  505.019680][ T8564]  ? _raw_spin_unlock+0x40/0x40
[  505.019716][ T8564]  ? rose_transmit_link+0x5ba/0x740
[  505.019738][ T8564]  check_panic_on_warn+0x84/0xa0
[  505.019763][ T8564]  ? rose_transmit_link+0x5ba/0x740
[  505.019783][ T8564]  end_report+0x6f/0x140
[  505.019805][ T8564]  kasan_report+0x128/0x150
[  505.019827][ T8564]  ? kmem_cache_alloc_node+0x17f/0x330
[  505.019855][ T8564]  ? rose_transmit_link+0x5ba/0x740
[  505.019881][ T8564]  rose_transmit_link+0x5ba/0x740
[  505.019903][ T8564]  ? skb_put+0x11b/0x210
[  505.019932][ T8564]  rose_write_internal+0x11d1/0x1ab0
[  505.019963][ T8564]  ? rose_validate_nr+0x120/0x120
[  505.019987][ T8564]  ? __timer_delete+0x6b/0x290
[  505.020017][ T8564]  ? skb_queue_purge_reason+0x6c/0x1c0
[  505.020053][ T8564]  rose_release+0x24e/0x510
[  505.020075][ T8564]  sock_close+0xbd/0x230
[  505.020105][ T8564]  ? sock_mmap+0xa0/0xa0
[  505.020133][ T8564]  __fput+0x234/0x970
[  505.020168][ T8564]  task_work_run+0x1ce/0x250
[  505.020197][ T8564]  ? task_work_cancel+0x240/0x240
[  505.020238][ T8564]  get_signal+0x1235/0x1400
[  505.020269][ T8564]  ? task_work_add+0x3a3/0x440
[  505.020306][ T8564]  ? __ia32_sys_pidfd_getfd+0x90/0x90
[  505.020333][ T8564]  ? wake_bit_function+0x200/0x200
[  505.020355][ T8564]  ? __might_fault+0xaa/0x120
[  505.020378][ T8564]  arch_do_signal_or_restart+0x96/0x780
[  505.020410][ T8564]  ? __sys_connect+0x240/0x420
[  505.020434][ T8564]  ? get_sigframe_size+0x20/0x20
[  505.020471][ T8564]  ? exit_to_user_mode_loop+0x3b/0x110
[  505.020500][ T8564]  exit_to_user_mode_loop+0x70/0x110
[  505.020529][ T8564]  exit_to_user_mode_prepare+0xb1/0x140
[  505.020557][ T8564]  syscall_exit_to_user_mode+0x1a/0x50
[  505.020593][ T8564]  do_syscall_64+0x61/0xb0
[  505.020614][ T8564]  ? clear_bhb_loop+0x40/0x90
[  505.020631][ T8564]  ? clear_bhb_loop+0x40/0x90
[  505.020650][ T8564]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  505.020680][ T8564] RIP: 0033:0x7f4b1398ebe9
[  505.020706][ T8564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  505.020725][ T8564] RSP: 002b:00007f4b147fb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  505.020748][ T8564] RAX: fffffffffffffe00 RBX: 00007f4b13bb6180 RCX: 00007f4b1398ebe9
[  505.020763][ T8564] RDX: 0000000000000040 RSI: 0000200000000100 RDI: 0000000000000010
[  505.020777][ T8564] RBP: 00007f4b13a11e19 R08: 0000000000000000 R09: 0000000000000000
[  505.020791][ T8564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  505.020803][ T8564] R13: 00007f4b13bb6218 R14: 00007f4b13bb6180 R15: 00007ffd13fc8d18
[  505.020826][ T8564]  </TASK>
[  505.021384][ T8564] Kernel Offset: disabled