last executing test programs:

19m2.217094022s ago: executing program 32 (id=78):
r0 = socket$key(0xf, 0x3, 0x2)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x285c, 0x4)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg$inet(r1, &(0x7f00000014c0)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000003c80)="f5", 0x1}], 0x1}}], 0x1, 0x8011)
recvmmsg(r1, &(0x7f000000a400)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001c80)=""/4096, 0x1000}], 0x1}, 0x40}], 0x1, 0x10120, 0x0)
shutdown(r1, 0x0)

19m1.458915498s ago: executing program 33 (id=83):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x25, &(0x7f0000000000)={0x1})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x26, &(0x7f0000000380)={0x1, 0x0, 0x7})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x10, 0x3})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x4, 0x0, 0x7fff0006}]})
close_range(r3, 0xffffffffffffffff, 0x0)

18m51.37622097s ago: executing program 0 (id=129):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet6(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r2}, 0x10)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

18m51.017912252s ago: executing program 0 (id=130):
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000140)={0x0, &(0x7f0000000640)=[@uexit={0x0, 0x18, 0x4}, @code={0x1, 0x5a, {"b805000000b9451700000f01c167460fc7b4e4420000000f2101b8010000000f01d92666430fc732b805000000b93802212b0f01c128e1660f3882a5007800006567440f01c3450f08"}}, @code={0x1, 0x7b, {"b9f10800000f32c7442400e26adcbec744240200000000c7442406000000000f01142466440ff6880c00000066baf80cb81ebc8f85ef66bafc0cec430f01c90f01c94f0fc7990d000000c7442400d4000000c744240224450000420f210866ba2100ec66420f38815394"}}, @uexit={0x0, 0x18, 0x43c2}, @code={0x1, 0x87, {"0f01c2b956080000b8bb450000ba000000000f303e360f35c744240002000000c7442402c83c0000c7442406000000000f01142466b873000f00d065673e0fd7e4f30f01bc0a2ce50000b9a8020000b8c6000000ba000000000f30fe042848b81bbb510f000000000f23d00f21f8351000000c0f23f8"}}], 0x18c})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x7fff, 0x2004cb, 0x0, 0xa1d, 0x68ff, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18m50.780828644s ago: executing program 0 (id=132):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x20}}, 0x2}}, 0x2e)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)={0x34, r2, 0x1, 0x1070bd2c, 0x4, {0x5}, [@L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008000}, 0x30)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r4, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)

18m50.431036722s ago: executing program 0 (id=133):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000580)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x1b5008, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000540)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2145499, 0x0)
mount$bpf(0x0, &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x80000, 0x0)

18m50.230803548s ago: executing program 0 (id=134):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0xc})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00001b5000/0x2000)=nil, 0x2000}, 0x3})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002600)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r2}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x18)
dup3(r1, r0, 0x0)

18m49.782877367s ago: executing program 0 (id=135):
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x100)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = inotify_init1(0x800)
inotify_add_watch(r0, &(0x7f0000000400)='./file0/file1\x00', 0x2000028)
setxattr$security_capability(&(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280), 0x0, 0x0, 0x0)

18m49.085190433s ago: executing program 34 (id=135):
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x100)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = inotify_init1(0x800)
inotify_add_watch(r0, &(0x7f0000000400)='./file0/file1\x00', 0x2000028)
setxattr$security_capability(&(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280), 0x0, 0x0, 0x0)

16m52.465544252s ago: executing program 2 (id=843):
r0 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000340)={r0})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000400)='netfs_rreq_ref\x00', r1, 0x0, 0x9}, 0x18)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
close(r3)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x5, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(r3, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000580)="d8001c00180081064e81f782db44fd56170d12a0b9b545c791", 0x19}], 0x1}, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e3, &(0x7f0000000180)={r0, r4})

16m52.394306223s ago: executing program 2 (id=844):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x18, &(0x7f0000000100)=0xfefffff9, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@sack_perm, @mss, @sack_perm, @timestamp, @timestamp, @mss, @timestamp, @sack_perm], 0x20000000000000ec)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f0000000200)="137d0fac4c4cab41c3ece63a7ed556161cdb056d6a89dc012165c256745da0924b88b31c93c6ba29da38eb5bd409d735722c7e7d31fe3c5b6a679f6e05b3cb00c2b735bc4f68e4bced4a58a2527a184df9afa5d5fdb78058fba066fa9de36e33b1538b3294270629e529646ec0db133d56aaed7d346f41792dae58bc30a2385fdf716998f280a9a3c9084dc1801e6626ef14f8be0c3ef038f36d71ea6cc03d33f96b37df0649fc9841f891ca6f63bd55682048c174", 0xb5, 0x10, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000540)="8514de2533eb82a94292e284029b1275daba6d7a0ebe83fd50453bfd1af98ace3a41a019f48960f7c60bc34e5e924e522442f739a1ada463d2c55ccb21971532eb6c9fa54a9993e18f5beae9428a9f8ca640bde2d4a43db0", 0x58, 0x0, 0x0, 0x0)

16m52.325113872s ago: executing program 2 (id=845):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
iopl(0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file1\x00', 0x800, &(0x7f0000001040)=ANY=[@ANYBLOB='uid=', @ANYRESDEC=0x0, @ANYBLOB="2c756e64656c6574652c6e6f7672732c6164696e6963622c766f6c756d653d30303030303030303030303030303030303030322c7569643d666f726765742c6769643d666f726765742c6e6f7374726963742c6e6f7672732c0085f95733019d784ca386da1fd41ffabd4b47acca2b8d488be702157dd8711c31732d"], 0xff, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file1\x00', 0x800, &(0x7f0000001040)=ANY=[@ANYBLOB='uid=', @ANYRESDEC=0x0, @ANYBLOB="2c756e64656c6574652c6e6f7672732c6164696e6963622c766f6c756d653d30303030303030303030303030303030303030322c7569643d666f726765742c6769643d666f726765742c6e6f7374726963742c6e6f7672732c0085f95733019d784ca386da1fd41ffabd4b47acca2b8d488be702157dd8711c31732d"], 0xff, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
rename(&(0x7f0000000000)='./file1\x00', &(0x7f00000000c0)='./file0/file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4000, 0x1ff)
unlink(&(0x7f0000000000)='./file0/file0\x00')
rename(&(0x7f0000000000)='./file1\x00', &(0x7f00000000c0)='./file0/file0\x00')

16m51.896343903s ago: executing program 2 (id=846):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x1a1011, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f00000003c0)='./file0\x00', 0xa)

16m51.734246441s ago: executing program 2 (id=847):
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}, {0x0}, {0x0}], 0x1fc}, 0x0, 0x40000000, 0x1})
r0 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x59c4, 0x8, 0x1000, 0x5cc}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0xc, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81800, 0x1})
io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

16m49.721041793s ago: executing program 2 (id=862):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00')
read$FUSE(r1, &(0x7f0000002640)={0x2020}, 0x2020)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000140), 0xffff, 0x185080)

16m49.005347903s ago: executing program 35 (id=862):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00')
read$FUSE(r1, &(0x7f0000002640)={0x2020}, 0x2020)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000140), 0xffff, 0x185080)

15m52.398638461s ago: executing program 8 (id=1126):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
pwritev2(r1, &(0x7f0000000500)=[{&(0x7f0000000000)='d', 0x200200}, {0x0, 0x7fdfee00}, {&(0x7f0000000140)="d9", 0x98}], 0x2, 0x0, 0x0, 0x3)

15m50.151812879s ago: executing program 8 (id=1138):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000100)=@nat={'nat\x00', 0x1b, 0x5, 0x3b8, 0x0, 0x1a0, 0xffffffff, 0x0, 0x1a0, 0x340, 0x340, 0xffffffff, 0x340, 0x340, 0x5, 0x0, {[{{@uncond, 0x0, 0xc0, 0xf8, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x0, 0xf, [0x4e24, 0x4e23, 0x4e23, 0x4e24, 0x4e20, 0x4e20, 0x4e21, 0x4e24, 0x4e22, 0x4e22, 0x4e22, 0x4e20, 0x4e23, 0x4e24, 0x4e22], [0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1], 0x1}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x8, @broadcast, @multicast2, @icmp_id=0x64, @port=0x4e21}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x10, @empty, @loopback, @gre_key=0x5, @icmp_id=0x67}}}}, {{@ip={@broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xff, 0xff000000, 'macvlan1\x00', 'caif0\x00', {0xff}, {0xff}, 0x2, 0x0, 0x26}, 0x0, 0xa0, 0xd8, 0x0, {}, [@common=@addrtype={{0x30}, {0x860, 0x0, 0x0, 0x1}}]}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x1, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @icmp_id=0x66, @icmp_id=0x66}}}}, {{@ip={@multicast2, @local, 0xff, 0xff000000, 'veth1_virt_wifi\x00', 'veth1_virt_wifi\x00', {}, {0xff}, 0x6}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x12, @rand_addr=0x64010100, @empty, @icmp_id=0x67, @port=0x4e20}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x418)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0xc, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

15m49.636141762s ago: executing program 8 (id=1144):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
write$binfmt_register(r0, &(0x7f0000000380)={0x3a, 'syz2', 0x3a, 'M', 0x3a, 0xa, 0x3a, 'U]\xc5$\xe4\x92p\xa2ay\xf6\x1f\xc7\x18Z\xefU\xf7\x14<t\'@U\xdf\xf0\xbb\xb81C\x1e=\xc8\x9a\x0e\xcc\r\xec\xec\xe6W\x02\x8b\x05\xdf*<\xda\xbf\x93\xef8\x911]{\xed\xcc\x85\"pN\xb4\xcdG\xc2\x1d\x7f9\xf0\x0fZ\xecx\xbb13|\xdcI4`\xe5\xaf\xb0g\xfc\xb6\xeeQ\xb0{dX.\x9d=\xccV\xf4\xa4g\x89\x01\x1f\xd1\xcc\x9d,?\xf4\x9af\xa4!\x84\x10\x16@fi\x1dRL\x86g\xaf\xa5\x03j\xc2P\xbaR\xc2I\x88\xc4N\xac\xfb\a]\xb4\xa4\x95\xb8-\xfa\xa8\x1b\xe6\xdfg\a\xfb\'\xd27\xec\xde\xc7n(\tx\xfb\x91%\xee*\xe8\xe8\xcdzU~\xbb\xe7\x11\x18?I5\x1f\xbbD\x92s@\xf5\xb2\xe4x\t\x00\xf9\xda\xd4\x1e`\f\x9a-\x91\xe9\xc2\xcaIx\x98\xc7x\x99\x9aeP#\x89\xe4o\xc1-\x13\xd8\x8a\xcf\x18\xa4ba\x90C\xd4I\xed\x9d\xdc\x82f\xe2\xce\x1b\xba', 0x3a, '!&)%.}+!/\xe1', 0x3a, './file0'}, 0x125)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e22, @rand_addr=0x64010100}, 0x10)

15m49.399565942s ago: executing program 8 (id=1145):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000580)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x1b5008, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
unshare(0x22020600)
mount$bind(&(0x7f0000000540)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2145499, 0x0)
mount$bind(0x0, &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x80000, 0x0)

15m49.158635467s ago: executing program 8 (id=1148):
openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/power/pm_print_times', 0x20000, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/bus/input/devices\x00', 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r2, 0x0, 0xd}, 0x18)
syz_io_uring_setup(0x1868, &(0x7f00000007c0)={0x0, 0x3561, 0x80, 0x0, 0x271}, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f00000002c0)={0x3fb, 0x8000, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0x80000002, 0x2}, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000540)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

15m48.559900242s ago: executing program 8 (id=1152):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="120000000b000000080000000200000000000000", @ANYRES32, @ANYBLOB="0000000000000000f8ffffff000000000000000044"], 0x50)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300)
setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000180)=0x1f5, 0x4)
setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000000)=0x40, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

15m47.968048617s ago: executing program 36 (id=1152):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="120000000b000000080000000200000000000000", @ANYRES32, @ANYBLOB="0000000000000000f8ffffff000000000000000044"], 0x50)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300)
setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000180)=0x1f5, 0x4)
setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000000)=0x40, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

12m55.36987438s ago: executing program 4 (id=1897):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x0, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080)

12m55.036488374s ago: executing program 4 (id=1901):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xc, 0xe, &(0x7f0000000b00)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff6a0af0fff8ffff1971a400fe00000000b7060000080000001e6400000000000045040300010000001704000001000a00b7040000ff010000720af2fe000000008500000049000000b700000070b2000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d761ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a8321e056acf27c34bed69d32394c53361d7e43c5cbd8000000000000080231c61ccd106cb93ce1c0983cdcb48477b450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e44c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6bc7c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c460880000000000000000000000000000007a4604baa70bda5d5f18f54e9638350a6dd81a55ab5528efd1ef5a564908db7cce99e5c569c2947763b90e03b6d1a53b590e4ff4867f0d86b9af58244866b9df33634c8d85ce1b3bfa3e5bec6989c907c2f46b9a837676e07d87bb7dba3f34694ceb5b9faf10eece00bcfd503ed3f3048782665a848d79e443de4ba97db3a9bde69be7612cb1441c61eadd5bb4494ff2eb189c2ab3a241c12f764c0719650c1b"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000080), 0x60, 0x10, &(0x7f0000000340), 0xfffffffffffffdef, 0x0, 0xffffffffffffffff, 0xfffffffffffffe96}, 0x42)

12m53.674409665s ago: executing program 4 (id=1903):
openat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002980)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x2000, 0xa68d7c519f800ff1, 0xffbc, 0x6, 0x1d45, 0x0, 0x0, 0x0, 0x40}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x68cc, {0x0, 0x14}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r2, &(0x7f0000000280)=[{&(0x7f00000049c0)="a1ff7625c4a67c", 0x7}], 0x1)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
close(r0)

12m52.762225498s ago: executing program 4 (id=1905):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
syz_usb_connect$uac1(0x0, 0xac, 0x0, 0x0)

12m49.423790567s ago: executing program 4 (id=1922):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x243014, 0x0)
setpgid(0x0, r0)
openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)

12m48.44577964s ago: executing program 4 (id=1924):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r1 = mq_open(&(0x7f00000008c0)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
fcntl$setlease(r1, 0x400, 0x1)
mq_open(&(0x7f0000000780)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x136, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)

12m32.90962416s ago: executing program 37 (id=1924):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r1 = mq_open(&(0x7f00000008c0)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0)
fcntl$setlease(r1, 0x400, 0x1)
mq_open(&(0x7f0000000780)='eth0\x00\xdd\xad4=2k\xf1\x05\x9b\x91y\xe1;F\xa2\x8df\xe9\x04\x00\x00\x00\x00\x0078z=\x8f\xd5F\xa4AR\xc7\x9f.\xdc\xdb\"A\x16\xd8\x19\xf1lZ\xc8\x93\xda\xf2\xc9\xe8h[u8\xc6\xfa\x9ep\xbe\a\xe2\xf5\xa3Y\x9f\xe1\x04gM\x99K$\r\xf1G\xee\xe1\xbd\x1e\xdf\xe1\x9c\x19\xda\xd3\x94EL\xca\x88\x85Q\x02\xd9L\x90\xeb%/\xb1\xeb\x11uP7\x1f\xd9b\xebF\xf8\x88\xf0\xac.\x94\xfc\v\xb1W\xef~+n\xb1\x9b\x02n]xr\xb3\x80\xbc>\xe8XX\xe6\x12\xf3\xc9\xd5\xf8\xd1\x8d\xcb9\xbf\xb0(<\xeb\x92\x8a\x16\xb7\x11^\xb6\xb7n\xd5\xb5\x00[\xdf\x94\x00\r\x95\x17\xa1h\xf8\x00\x00\x00\"\xa0\x05\xcc^\x90c\xc9}\xb8\ny\xf4\xe1\xb4.\xa4\a\x05\xbb}\x91\xf4C\xf5O\xf1a\x12\b\x86\xa16\xbb}C\xc9\x1d\\\xedD\x14\xb1w\x1e\xa0\xc1E\xb5\xf8\xab\xfb\xd9\x93\xb8vJ\x85p\xb5n\x1b\xe4\xd5g\xae\xe4\xeb\xca\xae\x1bs\xd4\xf0\xc0\xdag\x19R4\xd4\xd4\x04\xfc\x04Zb\xf6\xba\xf8B\xf6YU\xcd\xf2\xdb\xb5\xa2\xda\xdf\x8dD\xef`\x13\x15$\xceq\xd7j\xd7\xe3V\xf2\xa2\x95\xcf\x18T\xf1\xb0\xf3\xf8O', 0x1, 0x136, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)

11m17.701676757s ago: executing program 9 (id=2237):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000340)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r1 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0xffffaffc, 0x1000, 0x2, 0x33d})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000)
r2 = getpid()
sched_setscheduler(r2, 0x1, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)

11m17.156654585s ago: executing program 9 (id=2240):
r0 = socket$kcm(0x29, 0x2, 0x0)
write$cgroup_pressure(r0, &(0x7f0000000140)={'full'}, 0xfffffdef)
r1 = syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x45885, 0x80, 0x0, 0x8}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x45885, 0x80, 0x0, 0x8}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)

11m16.758066653s ago: executing program 9 (id=2243):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

11m15.781936392s ago: executing program 9 (id=2245):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r1 = eventfd2(0x0, 0x80000)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000100)={0x203, 0x0, 0x2, r1, 0xf})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="010000000000000008010040000000000600000000000000f035dee80d92182f07dcbba8152992a2f406649edb7b7455bb28a753a5359cc49d"])
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f00000000c0)={0x0, &(0x7f0000000240)=[@uexit={0x0, 0x18, 0x5}, @uexit={0x0, 0x18, 0x4}, @code={0x1, 0x58, {"0f01cbb801000000f0f69500180000c4827d79247b6465430f09d0f30f01c566baf80c43d02233400f891c0c3831b6b80e000b00000f088866b819c201c201d0c4e1815944b209"}}], 0x88})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

11m14.532318952s ago: executing program 9 (id=2248):
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff}, 0x4000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000008980)=""/102392, 0x18ff8)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
socket$isdn(0x22, 0x2, 0x25)
close_range(r0, 0xffffffffffffffff, 0x0)

11m13.44627805s ago: executing program 9 (id=2251):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_devices(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="1e0308004d6b71ef288563"], 0xffdd)
close_range(r0, 0xffffffffffffffff, 0x0)

10m58.375507967s ago: executing program 38 (id=2251):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_devices(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="1e0308004d6b71ef288563"], 0xffdd)
close_range(r0, 0xffffffffffffffff, 0x0)

14.983464545s ago: executing program 3 (id=4213):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001", @ANYBLOB="f5dec92e58de24df1baa5aaf6087de4a6699228e2d4f16802be54a0f6a56acccbaddda1f45a5845ee05de975fc7045c4caf6c8b98f8352f1952c602cb7aa21687ee2738a43b980bb1fd571511bccf456015e9caf4cae9d1acdb93bd4ed69dece6e01393994b7bd788e952260a726af2bb391a4c2610152397540da74b13b2239de3360300a24f7e07d475d428067fc3094ee66fff6aeadf0519f7a1ef537acfc9ca64fa005e9022a5f6db75fb1a87f3ef551"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_TYPE={0x5, 0x2, 0x83}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x13}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0)

12.740622468s ago: executing program 3 (id=4218):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1e, 0x0, 0xcd84, 0x7}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x7}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x800000000000001, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000000c0)=[@in={0x2, 0x4e20, @remote}]}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
read$msr(r1, &(0x7f0000019640)=""/102392, 0x18ff8)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1a, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x14, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffe}, 0x94)
sched_setscheduler(0x0, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x3, 0x4, 0x801, 0x1, r0, 0x15b4}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r2}, &(0x7f0000000840), &(0x7f0000000880)=r0}, 0x20)

12.545283138s ago: executing program 3 (id=4220):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0, 0x0, 0x6f2}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, 0x0, 0x0)
r2 = syz_io_uring_setup(0x237, &(0x7f0000000480)={0x0, 0x8901, 0x400, 0x0, 0x2cf}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000600)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0)

10.908546499s ago: executing program 5 (id=4223):
openat$pidfd(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)

10.90762055s ago: executing program 6 (id=4224):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$kcm(0x29, 0x5, 0x0)
write$cgroup_pressure(r4, &(0x7f0000000140)={'full'}, 0xfffffdef)

10.873478782s ago: executing program 3 (id=4225):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, &(0x7f0000000b40)={0x2c, &(0x7f0000000a00)=ANY=[], 0x0, 0x0, 0x0, 0x0})

10.753086093s ago: executing program 5 (id=4228):
r0 = socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioprio_get$pid(0x1, r1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
socket(0x1, 0x803, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x2, 0x3, 0x0, 0x3, 0x12, 0x0, 0x70bd2c, 0x25dfdbfb, [@sadb_key={0x3, 0x9, 0x58, 0x0, "1cdc0dca1d9f68846960e5"}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback, 0x2}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x7, 0xc}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7}}, @sadb_x_nat_t_type={0x1, 0x14, 0x7}]}, 0x90}, 0x1, 0x7}, 0x0)

8.930307575s ago: executing program 7 (id=4229):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
memfd_secret(0x0)
r0 = syz_io_uring_setup(0x19f2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[@ANYRES64=r3], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, r4, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

8.174769036s ago: executing program 6 (id=4231):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
symlink(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f0000000000)='./file0\x00')

8.121732822s ago: executing program 3 (id=4232):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_wakeup_irq', 0x0, 0x108)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x121a02, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x3, 0x190}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f00000000c0)=[{0x81}, {0x6, 0x0, 0xfd, 0x7a1f}]})
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2e, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r2, 0x5a00, 0xbc03, 0x6, 0x0, 0x0)

7.946240724s ago: executing program 7 (id=4233):
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
r0 = socket$packet(0x11, 0x3, 0x300)
pipe(&(0x7f0000000280))
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x48283, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x2, 0x4, 0x4, 0x8}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x1, 0x4, 0x2, 0x40, r1, 0x40000000}, 0x50)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
socket(0x2, 0x80805, 0x0)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
getpeername$packet(r2, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r3}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

7.945776658s ago: executing program 5 (id=4234):
io_setup(0x7, 0x0)
open(&(0x7f00009e1000)='./file1\x00', 0x60840, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
sendfile(r0, r2, 0x0, 0x1000)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000140)={0x106, 0x8001, 0xe, 0x3, 0x7, "63ff08000000000010000100000100000000fc", 0x64, 0x1})
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
io_pgetevents(0x0, 0x3ff, 0x0, 0xfffffffffffffffe, &(0x7f0000000140), 0x0)

6.811439868s ago: executing program 6 (id=4235):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0, 0x0, 0x6f2}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, 0x0, 0x0)
r2 = syz_io_uring_setup(0x237, &(0x7f0000000480)={0x0, 0x8901, 0x400, 0x0, 0x2cf}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000600)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0)

6.810831044s ago: executing program 5 (id=4236):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xe300, 0x0, 0x0, 0x293}, &(0x7f0000000380)=<r5=>0x0, &(0x7f0000000300)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x10, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000040)='./file0\x00', 0x44, 0x842, 0x23456})
io_uring_enter(r4, 0xdb4, 0x0, 0x0, 0x0, 0x0)

6.613438756s ago: executing program 7 (id=4237):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4008840)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xd1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x7}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x800000000000001, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019640)=""/102392, 0x18ff8)
mount$tmpfs(0x0, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='mpol=local,huge=within_siz'])
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x2a00a9, &(0x7f0000000340)={[{@inode32}]})
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
read$FUSE(r1, &(0x7f0000002280)={0x2020}, 0x2020)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c)

5.655118652s ago: executing program 5 (id=4238):
openat$pidfd(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)

5.40518347s ago: executing program 7 (id=4239):
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000340)={0xd, 0x200200090}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3, 0x0, 0x8}, 0x18)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x82, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f0000000080)=0x3)

5.143711496s ago: executing program 6 (id=4240):
socket$unix(0x1, 0x5, 0x0)
socket$key(0xf, 0x3, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000004100)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='net/xfrm_stat\x00')
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_audit(0x10, 0x3, 0x9)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a41, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r1, @ANYRES16=r0], 0x0)

5.1368765s ago: executing program 5 (id=4242):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket(0x2b, 0x1, 0x0)
r2 = syz_io_uring_setup(0x110, &(0x7f0000001280)={0x0, 0xfad6, 0x400}, 0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newlink={0x3c, 0x10, 0x3, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r6}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_TTL_INHERIT={0x5, 0xc, 0x1}]}}}]}, 0x3c}, 0x1, 0x2}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e088641100050000210057ac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48)
syz_io_uring_submit(0x0, r3, 0x0)
io_uring_enter(r2, 0xdb4, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

3.556957706s ago: executing program 7 (id=4245):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
r2 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x334e, 0x10, 0x3, 0x801}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000300)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000040)='./file0/file0\x00', 0x60, 0x185100})
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xa8, 0xff})
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
socket$kcm(0x10, 0x2, 0x4)
io_uring_enter(r2, 0x7277, 0x0, 0x28, 0x0, 0x0)

3.546433281s ago: executing program 6 (id=4246):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f10", 0x8, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="480000001000050400"/18, @ANYBLOB="ebffffffffffffff"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

3.500961419s ago: executing program 1 (id=4247):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0xba01, 0x0, 0x4000080}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x41100, 0x2f}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

3.438110032s ago: executing program 1 (id=4248):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
clock_gettime(0x0, &(0x7f0000000300))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000000)={@private2, 0x0, 0x0, 0xff, 0x1, 0x0, 0x1002}, 0x20)
sendmmsg$inet6(r3, &(0x7f0000002cc0)=[{{&(0x7f00000000c0)={0xa, 0x4e24, 0x5, @empty, 0x401}, 0x1c, &(0x7f0000000600)=[{&(0x7f0000000180)="029da082706d6782cc382f835fbb1b8d6474fc0ba46103fceaa4695b839197e1a26c7f9638889843ce077c665d35", 0x2e}, {&(0x7f0000000340)="6842013b61599509b3645f1e632f4ec74dedd0d66f34289b9d8a7e059345f94850396d13e077cb9b53d974e921a86e571bd5d73f02e72e8baae1e1d7a155364be5e3f633c367fb20306b86a07230a5cacf8df64f42f077", 0x57}, {&(0x7f00000003c0)}, {&(0x7f00000001c0)="e5a4b06336c9f578cd6cdbaf92e77ad807e7282726ebf88ef8cb", 0x1a}, {&(0x7f00000005c0)="c82ba4fb6d229e", 0x7}, {0x0}], 0x6, &(0x7f0000002840)=[@rthdrdstopts={{0x40, 0x29, 0x37, {0x87, 0x4, '\x00', [@calipso={0x7, 0x20, {0x1, 0x6, 0x8, 0x80, [0xfffffffffffffffb, 0xfffffffffffffff9, 0x800]}}, @enc_lim={0x4, 0x1, 0x80}]}}}, @hoplimit={{0x14}}, @tclass={{0x14, 0x29, 0x43, 0x5}}, @hopopts_2292={{0x100, 0x29, 0x36, {0x3a, 0x1c, '\x00', [@hao={0xc9, 0x10, @private2={0xfc, 0x2, '\x00', 0xfd}}, @generic={0xff, 0xb0, "29147a3fe6f33d15cefec8ede7cf90d6bba3ffbcdda78807721c28a3f817154887af27603bcd688e521a8f332f4f6628b9307e3c22ed3774d214e7898a2cf6b1c7b5e286eb201729494cf1d756fd11aa4acd40b6a977c5f4d7a35b1f3712888411e7ea191e73c2bdf836cb552f6dd8c0cbd4fa8a5dfc617e757e1b36b10c57ca1e4e3298b46e1bc2c7189f580e43518831665ed472901dbd68b582339087c6fe4b25247c52c806f3c091e3159f6b5dd0"}, @pad1, @calipso={0x7, 0x18, {0x2, 0x4, 0x16, 0x400, [0x2d6d, 0xfffffffffffffffd]}}]}}}], 0x170}}], 0x1, 0x4000000)

2.421901533s ago: executing program 1 (id=4249):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sched_switch\x00', r0, 0x0, 0xfffffffffffffff8}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
add_key$fscrypt_v1(0x0, 0x0, &(0x7f0000000500)={0x0, "6a8a53f23af8fe18db314e60b2ddf1c85fb1ee69665e9c75e894eee4cac50e669c81042d5eab7a08c35390bd51b8b86fc34affb176bba090aff137d2370b6bc4", 0x1c}, 0x48, 0xfffffffffffffffd)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x10, 0x5, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
clock_gettime(0x3, &(0x7f0000000300))

1.328697118s ago: executing program 1 (id=4250):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x6, &(0x7f0000000480)=ANY=[@ANYBLOB="180200002f72ffff0000000000004000850000002c0000001800000004000000000000000700000095"], &(0x7f0000000200)='syzkaller\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r4, 0x27, 0xe, 0x0, &(0x7f0000000640)="ed7e17526b2d6f70ac1ae867fd2a", 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x4c)

1.311364722s ago: executing program 7 (id=4251):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0, 0x0, 0x6f2}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, 0x0, 0x0)
r2 = syz_io_uring_setup(0x237, &(0x7f0000000480)={0x0, 0x8901, 0x400, 0x0, 0x2cf}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000600)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0)

1.305829139s ago: executing program 6 (id=4252):
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x1, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010002000000407d1e502d00000000000109022400"], 0x0)
socket$netlink(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x4)
openat$pidfd(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)

1.195246535s ago: executing program 3 (id=4253):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}, {0x0}, {0x0}], 0x1fc}, 0x0, 0x40000000, 0x1})
r0 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x59c4, 0x8, 0x1000, 0x5cc}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0xc, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81800, 0x1})
io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

209.470984ms ago: executing program 1 (id=4254):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
r0 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000200)={0x100, r1}, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0/file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000280)={0x100, r2}, 0x0)
close(r2)
close(r1)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x100}, 0x0)
landlock_restrict_self(r0, 0x0)
close(r0)
mknodat(0xffffffffffffff9c, &(0x7f0000000380)='./file1/file0\x00', 0x81c0, 0x0)

0s ago: executing program 1 (id=4255):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000240)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
ioprio_get$uid(0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0)
ioctl$TCSETS(r2, 0x40045431, 0x0)
r3 = syz_open_pts(r2, 0x8182)
ioctl$TIOCCBRK(r3, 0x5428)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
r4 = syz_open_dev$sndpcmc(&(0x7f0000000300), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_PREPARE(r4, 0x4140, 0x0)

kernel console output (not intermixed with test programs):

w without journal. Quota mode: none.
[  606.188855][T13755] ext2 filesystem being mounted at /388/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  606.202094][T13759] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2330'.
[  606.248164][ T6250] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  606.461795][T13766] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2330'.
[  607.782458][T13762] 8021q: adding VLAN 0 to HW filter on device bond3
[  607.930954][T13762] bond2: (slave bond3): Enslaving as an active interface with an up link
[  608.082106][T13620] team0: Port device team_slave_0 added
[  608.234005][T13766] bond2 (unregistering): (slave bond3): Releasing backup interface
[  608.475859][T13766] bond2 (unregistering): Released all slaves
[  609.403472][T13774] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2333'.
[  609.438479][T13775] loop5: detected capacity change from 0 to 2048
[  609.450095][T11080] hsr_slave_0: left promiscuous mode
[  609.488664][T11080] hsr_slave_1: left promiscuous mode
[  609.522047][T11080] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  609.544924][T11080] batman_adv: batadv0: Removing interface: batadv_slave_0
[  609.564508][T11080] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  609.582394][T13775] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  609.599933][T11080] batman_adv: batadv0: Removing interface: batadv_slave_1
[  609.662368][T13784] loop7: detected capacity change from 0 to 1764
[  609.689641][T11080] veth1_macvtap: left promiscuous mode
[  609.720441][T11080] veth0_macvtap: left promiscuous mode
[  609.728232][T11080] veth1_vlan: left promiscuous mode
[  609.759282][T11080] veth0_vlan: left promiscuous mode
[  610.569597][ T6226] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  612.206684][T11080] team0 (unregistering): Port device team_slave_1 removed
[  612.292578][T11080] team0 (unregistering): Port device team_slave_0 removed
[  612.318172][   T43] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  612.493155][   T43] usb 7-1: Using ep0 maxpacket: 32
[  612.504363][   T43] usb 7-1: unable to get BOS descriptor or descriptor too short
[  612.516698][   T43] usb 7-1: config 255 has an invalid interface number: 223 but max is 0
[  612.527511][   T43] usb 7-1: config 255 has no interface number 0
[  612.536773][   T43] usb 7-1: config 255 interface 223 has no altsetting 0
[  612.549744][   T43] usb 7-1: New USB device found, idVendor=04da, idProduct=0901, bcdDevice= 1.e9
[  612.562925][   T43] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  612.572988][   T43] usb 7-1: Product: syz
[  612.578248][   T43] usb 7-1: Manufacturer: syz
[  612.586102][   T43] usb 7-1: SerialNumber: syz
[  612.812636][   T43] usb-storage 7-1:255.223: USB Mass Storage device detected
[  613.029081][   T43] usb 7-1: USB disconnect, device number 15
[  613.168994][T13620] team0: Port device team_slave_1 added
[  613.341872][T13620] batman_adv: batadv0: Adding interface: batadv_slave_0
[  613.369761][T13620] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  613.439365][T13620] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  613.455232][T13620] batman_adv: batadv0: Adding interface: batadv_slave_1
[  613.464328][T13620] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  613.557292][T13620] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  614.285034][T13620] hsr_slave_0: entered promiscuous mode
[  614.294820][T13620] hsr_slave_1: entered promiscuous mode
[  614.317380][T13620] debugfs: 'hsr0' already exists in 'hsr'
[  614.360135][T13620] Cannot create hsr debugfs directory
[  617.601814][T13866] lo speed is unknown, defaulting to 1000
[  617.631286][T13876] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2361'.
[  618.621133][T13620] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  618.644293][T13620] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  618.992434][T13620] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  619.077084][T13620] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  620.386354][T13620] 8021q: adding VLAN 0 to HW filter on device bond0
[  620.661090][T13620] 8021q: adding VLAN 0 to HW filter on device team0
[  620.689073][ T1103] bridge0: port 1(bridge_slave_0) entered blocking state
[  620.697658][ T1103] bridge0: port 1(bridge_slave_0) entered forwarding state
[  620.805466][T11094] bridge0: port 2(bridge_slave_1) entered blocking state
[  620.814732][T11094] bridge0: port 2(bridge_slave_1) entered forwarding state
[  620.923304][T13907] kvm: pic: non byte write
[  621.928582][T13620] 8021q: adding VLAN 0 to HW filter on device batadv0
[  622.324267][T13620] veth0_vlan: entered promiscuous mode
[  622.354007][T13620] veth1_vlan: entered promiscuous mode
[  622.999130][T13620] veth0_macvtap: entered promiscuous mode
[  623.405968][T13620] veth1_macvtap: entered promiscuous mode
[  623.493148][T13620] batman_adv: batadv0: Interface activated: batadv_slave_0
[  623.543742][T13620] batman_adv: batadv0: Interface activated: batadv_slave_1
[  623.639517][   T50] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  623.722094][   T50] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  623.750580][   T50] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  623.762089][   T50] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  624.109293][ T1103] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  624.126822][ T1103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  624.271049][T11080] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  624.342460][T11080] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  624.537537][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  624.552509][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  626.480698][ T5924] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  626.619955][ T5866] Bluetooth: hci5: command 0x0406 tx timeout
[  626.794786][ T5924] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  626.842385][ T5924] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  627.060068][ T5924] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  627.092454][ T5924] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  628.271117][ T5924] usb 4-1: config 0 descriptor??
[  629.164991][ T5924] usbhid 4-1:0.0: can't add hid device: -71
[  629.262040][ T5924] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  629.301826][ T5924] usb 4-1: USB disconnect, device number 3
[  629.418647][T13990] bridge0: entered allmulticast mode
[  629.427768][T13990] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2390'.
[  629.501441][T13990] bridge_slave_1: left allmulticast mode
[  629.516524][T13990] bridge_slave_1: left promiscuous mode
[  629.540106][T13990] bridge0: port 2(bridge_slave_1) entered disabled state
[  629.553505][T13990] bridge_slave_0: left allmulticast mode
[  629.560967][T13990] bridge_slave_0: left promiscuous mode
[  629.568409][T13990] bridge0: port 1(bridge_slave_0) entered disabled state
[  629.791254][T13995] binder: BINDER_SET_CONTEXT_MGR already set
[  629.818360][T13995] binder: 13994:13995 ioctl 4018620d 200000000200 returned -16
[  630.081387][T13990] bridge0 (unregistering): left allmulticast mode
[  630.182852][ T1103] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  630.439923][ T5945] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  630.498517][T13998] uprobe: syz.6.2393:13998 failed to unregister, leaking uprobe
[  630.532028][ T1103] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  630.622360][ T5945] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  630.645124][ T1103] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  630.667129][ T5945] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  630.730654][ T1103] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  630.741104][ T5945] usb 4-1: config 0 descriptor??
[  630.752294][ T5945] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  631.162342][T14001] loop1: detected capacity change from 0 to 128
[  631.184829][T14001] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  631.199396][T14001] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  631.862431][   T30] audit: type=1804 audit(1758653199.380:31): pid=14019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2399" name="file0" dev="ramfs" ino=53411 res=1 errno=0
[  631.919044][ T1103] bond2 (unregistering): (slave geneve2): Releasing backup interface
[  632.585735][ T5945] usb 4-1: USB disconnect, device number 4
[  632.856241][ T1103] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  632.875987][ T1103] bond0 (unregistering): Released all slaves
[  632.898757][ T1103] bond1 (unregistering): Released all slaves
[  632.923935][ T1103] bond2 (unregistering): (slave bond3): Releasing backup interface
[  632.938071][ T1103] bond2 (unregistering): Released all slaves
[  632.945624][  T980] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  633.129955][  T980] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  633.157662][  T980] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  633.171944][  T980] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  633.198471][  T980] usb 2-1: config 0 descriptor??
[  633.240117][  T980] pwc: Askey VC010 type 2 USB webcam detected.
[  633.924108][T14041] overlayfs: failed to clone upperpath
[  634.041241][  T980] pwc: recv_control_msg error -32 req 02 val 2b00
[  634.052292][  T980] pwc: recv_control_msg error -32 req 02 val 2700
[  634.062249][  T980] pwc: recv_control_msg error -32 req 02 val 2c00
[  634.131118][ T1103] bond3 (unregistering): Released all slaves
[  634.154864][  T980] pwc: recv_control_msg error -32 req 04 val 1000
[  634.171681][  T980] pwc: recv_control_msg error -32 req 04 val 1300
[  635.101016][  T980] pwc: recv_control_msg error -32 req 04 val 1400
[  635.129416][  T980] pwc: recv_control_msg error -32 req 02 val 2000
[  635.146387][ T1103] tipc: Left network mode
[  635.171047][  T980] pwc: recv_control_msg error -32 req 02 val 2100
[  635.255356][T14049] loop3: detected capacity change from 0 to 24
[  635.264395][T14049] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  635.279042][T14049] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  636.993856][T14055] loop7: detected capacity change from 0 to 262144
[  637.003604][  T980] pwc: recv_control_msg error -71 req 02 val 2500
[  637.094884][  T980] pwc: recv_control_msg error -71 req 02 val 2400
[  637.391718][T14055] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.2413 (14055)
[  637.452082][  T980] pwc: recv_control_msg error -71 req 02 val 2600
[  637.460485][  T980] pwc: recv_control_msg error -71 req 02 val 2900
[  637.474339][T14055] BTRFS info (device loop7): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  637.487106][T14055] BTRFS info (device loop7): using xxhash64 (xxhash64-generic) checksum algorithm
[  637.506107][  T980] pwc: recv_control_msg error -71 req 02 val 2800
[  637.705731][  T980] pwc: recv_control_msg error -71 req 04 val 1100
[  637.740617][  T980] pwc: recv_control_msg error -71 req 04 val 1200
[  637.752768][  T980] pwc: Registered as video103.
[  637.762207][  T980] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input18
[  637.949867][  T980] usb 2-1: USB disconnect, device number 4
[  638.396703][T14055] BTRFS error (device loop7): open_ctree failed: -4
[  639.127505][ T1103] hsr_slave_0: left promiscuous mode
[  639.241750][ T1103] hsr_slave_1: left promiscuous mode
[  642.398537][T14114] loop3: detected capacity change from 0 to 128
[  642.423870][T14114] befs: (loop3): No write support. Marking filesystem read-only
[  643.516221][T14114] befs: (loop3): invalid magic header
[  648.658881][T14170] overlayfs: failed to clone upperpath
[  648.755984][T14168] loop1: detected capacity change from 0 to 4096
[  649.125066][T14176] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  652.607761][T14181] (unnamed net_device) (uninitialized): peer notification delay (9) is not a multiple of miimon (5), value rounded to 5 ms
[  652.791245][T14181] 8021q: adding VLAN 0 to HW filter on device bond5
[  652.840043][T14123] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2430'.
[  652.978615][T14125] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2430'.
[  655.521630][T14228] bond0: (slave bond_slave_0): Releasing backup interface
[  655.789707][T14228] bond0: (slave bond_slave_1): Releasing backup interface
[  655.888739][T14228] team0: Port device team_slave_0 removed
[  655.907282][T14228] team0: Port device team_slave_1 removed
[  655.916794][T14228] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  655.931091][T14228] batman_adv: batadv0: Removing interface: batadv_slave_0
[  655.943350][T14228] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  655.953881][T14228] batman_adv: batadv0: Removing interface: batadv_slave_1
[  655.973964][T14228] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  656.076231][T14234] team0: Mode changed to "activebackup"
[  656.117183][T14236] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  657.451467][T14244] loop6: detected capacity change from 0 to 40427
[  657.483881][T14244] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  657.508004][T14244] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  657.573909][T14244] F2FS-fs (loop6): invalid crc value
[  657.936831][T14260] netlink: 4764 bytes leftover after parsing attributes in process `syz.5.2470'.
[  657.949014][T14260] netlink: 4764 bytes leftover after parsing attributes in process `syz.5.2470'.
[  657.962270][T14244] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  658.037063][T14244] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  658.081986][T14244] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  659.510553][T14274] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  660.852395][T14299] syz_tun: entered allmulticast mode
[  660.904615][T14299] dvmrp1: entered allmulticast mode
[  660.956860][T14293] syz_tun: left allmulticast mode
[  661.147852][T14303] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  661.157316][T14303] IPv6: NLM_F_CREATE should be set when creating new route
[  661.198920][T14303] lo: entered allmulticast mode
[  661.228365][T14303] tunl0: entered allmulticast mode
[  661.264408][T14303] gre0: entered allmulticast mode
[  661.320470][T14303] gretap0: entered allmulticast mode
[  661.337923][T14303] erspan0: entered allmulticast mode
[  661.357309][T14303] ip_vti0: entered allmulticast mode
[  661.383898][T14303] ip6_vti0: entered allmulticast mode
[  661.402684][T14303] sit0: entered allmulticast mode
[  661.492251][T14303] ip6tnl0: entered allmulticast mode
[  661.734326][T14303] ip6gre0: entered allmulticast mode
[  661.752281][T14303] ip6gretap0: entered allmulticast mode
[  661.772882][T14303] vcan0: entered allmulticast mode
[  661.788939][T14303] bond0: entered allmulticast mode
[  661.884929][T14303] bond_slave_0: entered allmulticast mode
[  661.896764][T14303] bond_slave_1: entered allmulticast mode
[  661.933942][T14303] team0: entered allmulticast mode
[  661.948414][T14303] team_slave_0: entered allmulticast mode
[  661.956092][T14303] team_slave_1: entered allmulticast mode
[  661.969273][T14303] dummy0: entered allmulticast mode
[  662.117660][T14303] nlmon0: entered allmulticast mode
[  662.401868][T14303] caif0: entered allmulticast mode
[  662.425572][T14303] vxcan0: entered allmulticast mode
[  662.449234][T14303] veth0: entered allmulticast mode
[  662.475424][T14303] veth1: entered allmulticast mode
[  662.531376][T14303] wg0: entered allmulticast mode
[  662.593517][T14303] wg1: entered allmulticast mode
[  662.629144][T14303] wg2: entered allmulticast mode
[  662.648771][T14303] veth0_to_bridge: entered allmulticast mode
[  662.716519][T14303] bridge_slave_0: entered allmulticast mode
[  662.747956][T14303] veth1_to_bridge: entered allmulticast mode
[  662.795439][T14303] bridge_slave_1: entered allmulticast mode
[  662.806911][T14303] veth0_to_bond: entered allmulticast mode
[  662.835076][T14303] veth1_to_bond: entered allmulticast mode
[  662.849673][T14303] veth0_to_team: entered allmulticast mode
[  662.867232][T14303] veth1_to_team: entered allmulticast mode
[  662.879731][T14303] veth0_to_batadv: entered allmulticast mode
[  662.891081][T14303] batadv_slave_0: entered allmulticast mode
[  662.902220][T14303] xfrm0: entered allmulticast mode
[  662.912048][T14303] veth0_to_hsr: entered allmulticast mode
[  662.925283][T14303] hsr_slave_0: entered allmulticast mode
[  662.936772][T14303] veth1_to_hsr: entered allmulticast mode
[  662.948153][T14303] hsr_slave_1: entered allmulticast mode
[  662.959218][T14303] hsr0: entered allmulticast mode
[  663.011654][T14303] veth1_virt_wifi: entered allmulticast mode
[  663.051043][T14303] veth0_virt_wifi: entered allmulticast mode
[  663.069523][T14303] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  663.081072][T14303] veth1_vlan: entered allmulticast mode
[  663.191220][T14303] vlan1: entered allmulticast mode
[  663.198356][T14303] macvlan0: entered allmulticast mode
[  663.214337][T14303] macvlan1: entered allmulticast mode
[  663.223154][T14303] ipvlan0: entered allmulticast mode
[  663.231710][T14303] ipvlan1: entered allmulticast mode
[  663.239271][T14303] veth1_macvtap: entered allmulticast mode
[  663.264307][T14303] veth0_macvtap: entered allmulticast mode
[  663.282020][T14303] macvtap0: entered allmulticast mode
[  663.298038][T14303] geneve0: entered allmulticast mode
[  663.308373][T14303] geneve1: entered allmulticast mode
[  663.325049][T14303] netdevsim netdevsim7 netdevsim0: entered allmulticast mode
[  663.351107][T14303] netdevsim netdevsim7 netdevsim1: entered allmulticast mode
[  663.365332][T14303] netdevsim netdevsim7 netdevsim2: entered allmulticast mode
[  663.378538][T14303] netdevsim netdevsim7 netdevsim3: entered allmulticast mode
[  663.405369][T14303] mac80211_hwsim hwsim16 wlan0: entered allmulticast mode
[  663.420608][T14303] mac80211_hwsim hwsim17 wlan1: entered allmulticast mode
[  663.439740][T14303] veth2: entered allmulticast mode
[  663.449611][T14303] veth3: entered allmulticast mode
[  663.461846][T14303] veth4: entered allmulticast mode
[  663.471156][T14303] veth5: entered allmulticast mode
[  663.485480][T14303] gre1: entered allmulticast mode
[  663.494313][T14303] gre2: entered allmulticast mode
[  663.507098][T14303] gretap1: entered allmulticast mode
[  663.518785][T14303] gre3: entered allmulticast mode
[  663.748106][T14303] vlan0: left promiscuous mode
[  663.754939][T14303] macvtap1: left promiscuous mode
[  663.771440][T14303] bond1: entered allmulticast mode
[  663.788274][T14303] @: entered allmulticast mode
[  663.797192][T14303] sit1: entered allmulticast mode
[  663.866483][T14303] bond3: entered allmulticast mode
[  663.889445][ T1140] netdevsim netdevsim7 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  664.066142][ T1140] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  664.130018][ T1140] netdevsim netdevsim7 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  664.299285][ T1140] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  664.330007][ T1140] netdevsim netdevsim7 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  664.351235][ T1140] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  664.417338][ T1140] netdevsim netdevsim7 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  664.450555][T14344] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2501'.
[  664.476587][ T1140] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  664.569492][T14351] ptrace attach of "./syz-executor exec"[6458] was attempted by "./syz-executor exec"[14351]
[  665.124685][T14358] loop3: detected capacity change from 0 to 1024
[  665.161427][T14358] EXT4-fs: Ignoring removed orlov option
[  665.168538][T14358] EXT4-fs: Ignoring removed nomblk_io_submit option
[  665.237199][T14358] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  665.521499][T13620] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  665.550620][T14370] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2508'.
[  665.571190][T14370] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2508'.
[  667.165182][T14388] netlink: 'syz.7.2513': attribute type 1 has an invalid length.
[  667.362107][T14388] 8021q: adding VLAN 0 to HW filter on device bond2
[  667.477858][T14391] bond2: (slave veth7): Enslaving as an active interface with a down link
[  667.601481][T14393] vlan2: entered allmulticast mode
[  667.617891][T14393] bond2: (slave vlan2): Opening slave failed
[  669.006582][T14415] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2519'.
[  669.339686][T14418] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2520'.
[  670.612708][T14444] netlink: 'syz.1.2527': attribute type 39 has an invalid length.
[  673.467906][T14465] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2533'.
[  673.478897][T14465] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2533'.
[  674.749211][T14482] overlayfs: failed to clone upperpath
[  675.638400][T14489] overlayfs: failed to clone upperpath
[  684.605541][T14582] usb usb8: usbfs: process 14582 (syz.1.2568) did not claim interface 0 before use
[  684.971497][T14590] overlayfs: failed to clone upperpath
[  685.976489][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  685.984884][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  687.757569][T14618] overlayfs: failed to clone upperpath
[  687.949441][T14620] kvm: requested 23466 ns i8254 timer period limited to 200000 ns
[  687.971923][T14633] ubi31: attaching mtd0
[  688.040217][T14620] kvm: requested 72914 ns i8254 timer period limited to 200000 ns
[  688.068411][T14633] ubi31: scanning is finished
[  688.074429][T14633] ubi31: empty MTD device detected
[  688.118514][T14620] kvm: requested 17600 ns i8254 timer period limited to 200000 ns
[  688.484366][T14620] kvm: requested 186057 ns i8254 timer period limited to 200000 ns
[  688.514594][T14620] kvm: requested 94704 ns i8254 timer period limited to 200000 ns
[  688.526691][T14620] kvm: requested 132419 ns i8254 timer period limited to 200000 ns
[  689.116516][T14633] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  689.146510][T14633] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  689.332097][T14633] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  689.346156][T14633] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  689.357566][T14633] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  689.373613][T14633] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  689.383923][T14633] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2485380743
[  689.404730][T14633] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  689.430798][T14642] ubi31: background thread "ubi_bgt31d" started, PID 14642
[  690.090005][ T5924] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  690.270230][ T5924] usb 7-1: Using ep0 maxpacket: 8
[  690.293767][ T5924] usb 7-1: config 0 has no interfaces?
[  690.303083][ T5924] usb 7-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  690.329867][ T5924] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  690.379017][ T5924] usb 7-1: Product: syz
[  690.404768][ T5924] usb 7-1: Manufacturer: syz
[  690.412288][ T5924] usb 7-1: SerialNumber: syz
[  690.423705][ T5924] usb 7-1: config 0 descriptor??
[  690.746930][ T5926] usb 7-1: USB disconnect, device number 16
[  691.002121][T14670] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  692.704915][   T30] audit: type=1326 audit(1758653260.210:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14687 comm="syz.7.2613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  692.811685][T14692] bridge0: entered allmulticast mode
[  693.105746][   T30] audit: type=1326 audit(1758653260.220:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14687 comm="syz.7.2613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  693.349888][   T30] audit: type=1326 audit(1758653260.250:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14687 comm="syz.7.2613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  694.279957][   T30] audit: type=1326 audit(1758653260.250:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14687 comm="syz.7.2613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  694.311151][   T30] audit: type=1326 audit(1758653260.260:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14687 comm="syz.7.2613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  694.399978][   T30] audit: type=1326 audit(1758653260.260:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14687 comm="syz.7.2613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  694.669207][   T30] audit: type=1326 audit(1758653260.260:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14687 comm="syz.7.2613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  694.720809][   T30] audit: type=1326 audit(1758653260.270:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14687 comm="syz.7.2613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  694.773607][   T30] audit: type=1326 audit(1758653260.270:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14687 comm="syz.7.2613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  694.955563][   T30] audit: type=1326 audit(1758653260.270:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14687 comm="syz.7.2613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  697.014920][T14733] bridge0: entered allmulticast mode
[  697.444157][T14742] overlayfs: failed to clone upperpath
[  698.299953][T14742] overlayfs: failed to clone upperpath
[  698.621307][T14757] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  698.654229][T14757] CIFS: Unable to determine destination address
[  701.299156][T14784] syzkaller0: entered promiscuous mode
[  701.333369][T14784] syzkaller0: entered allmulticast mode
[  703.054090][T14814] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  703.966541][T14820] loop6: detected capacity change from 0 to 2048
[  704.014454][T14820]  loop6: p1 < > p4
[  704.019222][T14820] loop6: partition table partially beyond EOD, truncated
[  704.031716][T14820] loop6: p4 start 268435456 is beyond EOD, truncated
[  705.635068][  T980] libceph: connect (1)[c::]:6789 error -101
[  705.659617][  T980] libceph: mon0 (1)[c::]:6789 connect error
[  705.707207][T14833] ceph: No mds server is up or the cluster is laggy
[  705.735083][  T980] libceph: connect (1)[c::]:6789 error -101
[  705.750304][  T980] libceph: mon0 (1)[c::]:6789 connect error
[  705.896108][T14842] loop6: detected capacity change from 0 to 512
[  705.950734][T14842] binder: 14841:14842 ioctl c0306201 200000000080 returned -14
[  707.185774][T14804] bond0: (slave bond_slave_0): Releasing backup interface
[  707.196317][T14804] bond0: (slave bond_slave_1): Releasing backup interface
[  707.208279][T14804] team0: Port device team_slave_0 removed
[  707.216850][T14804] team0: Port device team_slave_1 removed
[  707.224893][T14804] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  707.247369][T14808] team0: Mode changed to "activebackup"
[  709.755773][T14895] fuse: Bad value for 'fd'
[  710.244806][T14907] overlayfs: failed to clone upperpath
[  715.200721][T14964] overlayfs: failed to clone upperpath
[  715.321846][T14965] overlayfs: failed to clone upperpath
[  715.724335][   T30] kauditd_printk_skb: 39 callbacks suppressed
[  715.724355][   T30] audit: type=1326 audit(1758653283.240:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14975 comm="syz.6.2699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f237fb85d67 code=0x7ffc0000
[  715.875765][   T30] audit: type=1326 audit(1758653283.240:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14975 comm="syz.6.2699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f237fb2af79 code=0x7ffc0000
[  715.957673][   T30] audit: type=1326 audit(1758653283.240:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14975 comm="syz.6.2699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f237fb85d67 code=0x7ffc0000
[  716.099970][   T30] audit: type=1326 audit(1758653283.240:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14975 comm="syz.6.2699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f237fb2af79 code=0x7ffc0000
[  716.128104][   T30] audit: type=1326 audit(1758653283.240:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14975 comm="syz.6.2699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f237fb8eec9 code=0x7ffc0000
[  716.158890][   T30] audit: type=1326 audit(1758653283.290:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14975 comm="syz.6.2699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f237fb8eec9 code=0x7ffc0000
[  716.187486][   T30] audit: type=1326 audit(1758653283.290:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14975 comm="syz.6.2699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f237fb8eec9 code=0x7ffc0000
[  716.246972][   T30] audit: type=1326 audit(1758653283.350:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14975 comm="syz.6.2699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f237fb85d67 code=0x7ffc0000
[  716.367735][T14992] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2703'.
[  716.379505][   T30] audit: type=1326 audit(1758653283.350:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14975 comm="syz.6.2699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f237fb2af79 code=0x7ffc0000
[  716.550718][   T30] audit: type=1326 audit(1758653283.350:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14975 comm="syz.6.2699" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f237fb85d67 code=0x7ffc0000
[  716.791068][T14992] 8021q: adding VLAN 0 to HW filter on device bond1
[  718.769988][ T5866] Bluetooth: hci0: command 0x0406 tx timeout
[  719.700321][T15025] ref_ctr increment failed for inode: 0xb89 offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff88807e981580
[  721.303198][T15043] netlink: 'syz.7.2717': attribute type 1 has an invalid length.
[  721.397475][T14995] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  721.561921][T14995] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  721.609915][T14995] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  721.705719][T14995] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  723.090716][T15054] wg2: entered promiscuous mode
[  723.096628][T15054] wg2: entered allmulticast mode
[  725.545526][T15074] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2728'.
[  725.590551][T15071] netlink: 'syz.7.2726': attribute type 13 has an invalid length.
[  725.631870][T15071] netlink: 'syz.7.2726': attribute type 17 has an invalid length.
[  725.680439][T15071] lo: left allmulticast mode
[  725.778377][T15071] tunl0: left allmulticast mode
[  726.363386][T15071] gre0: left allmulticast mode
[  726.397389][T15071] gretap0: left allmulticast mode
[  727.497648][T15071] erspan0: left allmulticast mode
[  727.531849][T15071] ip_vti0: left allmulticast mode
[  728.415223][T15071] ip6_vti0: left allmulticast mode
[  728.521538][T15071] sit0: left allmulticast mode
[  728.569392][T15071] ip6tnl0: left allmulticast mode
[  728.578311][T15071] ip6gre0: left allmulticast mode
[  728.827756][T15071] ip6gretap0: left allmulticast mode
[  730.197183][T15071] vcan0: left allmulticast mode
[  730.216776][T15071] bond0: left allmulticast mode
[  730.864856][T15071] 8021q: adding VLAN 0 to HW filter on device bond0
[  730.924831][T15071] team0: left allmulticast mode
[  730.953961][T15071] 8021q: adding VLAN 0 to HW filter on device team0
[  731.774603][T15071] dummy0: left allmulticast mode
[  731.798878][T15071] nlmon0: left allmulticast mode
[  731.847454][T15071] caif0: left allmulticast mode
[  731.864692][T15071] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  736.199888][  T980] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  736.353717][T15166] loop1: detected capacity change from 0 to 2048
[  736.372446][  T980] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  736.380872][T15166] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  736.562049][  T980] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  736.575714][  T980] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  736.588206][  T980] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  736.607628][  T980] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  736.703031][  T980] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  736.771250][T15166] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2755'.
[  737.014933][  T980] usb 4-1: config 0 descriptor??
[  737.324550][T15178] binder_alloc: 15177: binder_alloc_buf, no vma
[  737.372291][T15174] 8021q: adding VLAN 0 to HW filter on device bond0
[  737.384130][T15174] 8021q: adding VLAN 0 to HW filter on device team0
[  737.395189][T15174] batman_adv: batadv0: Interface activated: dummy0
[  737.411441][T15174] batadv0: mtu less than device minimum
[  737.439519][T15174] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  737.454300][T15174] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  737.468669][T15174] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  737.482805][T15174] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  737.496894][T15174] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  737.511019][T15174] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  737.525256][T15174] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  737.539414][T15174] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  737.553603][T15174] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  737.753107][  T980] plantronics 0003:047F:FFFF.0012: ignoring exceeding usage max
[  738.316308][  T980] plantronics 0003:047F:FFFF.0012: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  738.368977][T15152] lo speed is unknown, defaulting to 1000
[  741.676739][   T24] usb 4-1: USB disconnect, device number 5
[  744.119251][T15241] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2780'.
[  744.180040][T15241] team1 (uninitialized): Failed to send options change via netlink (err -105)
[  744.256119][T15241] team1: entered promiscuous mode
[  744.262665][T15241] team1: entered allmulticast mode
[  747.486865][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  747.494840][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  750.922302][T15329] netlink: 'syz.3.2807': attribute type 4 has an invalid length.
[  750.983832][T15329] netlink: 'syz.3.2807': attribute type 4 has an invalid length.
[  752.213696][   T24] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  752.821925][   T24] usb 7-1: Using ep0 maxpacket: 16
[  752.906593][   T30] kauditd_printk_skb: 30 callbacks suppressed
[  752.906645][   T30] audit: type=1800 audit(1758653320.380:121): pid=15345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.2812" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  753.008486][   T24] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  753.046045][   T24] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  753.072653][T15345] vlan2: entered promiscuous mode
[  753.092832][   T24] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  753.105505][T15345] vlan2: entered allmulticast mode
[  753.117391][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  753.158184][   T24] usb 7-1: Product: syz
[  753.188928][   T24] usb 7-1: Manufacturer: syz
[  753.211711][   T24] usb 7-1: SerialNumber: syz
[  753.687871][   T24] usb 7-1: 0:2 : does not exist
[  753.925353][   T24] usb 7-1: 5:0: failed to get current value for ch 0 (-22)
[  753.982398][   T24] usb 7-1: USB disconnect, device number 17
[  754.304391][T15367] loop1: detected capacity change from 0 to 16384
[  754.323361][T15367] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section journal_v2: journal bucket 4294967423 past end of device (nbuckets 512)
[  754.323361][T15367] journal_v2 (size 24):
[  754.323361][T15367] Buckets:  129-4294967424
[  754.323361][T15367] 
[  754.355950][T15367] bcachefs: bch2_fs_get_tree() error: invalid_sb_journal
[  754.785659][T15371] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  755.080695][   T24] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  755.963339][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  755.976800][   T24] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  755.988814][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  756.019459][   T24] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  756.074805][   T24] usb 7-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  756.080221][T15379] binder: 15378:15379 unknown command 0
[  756.113424][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  756.120089][T15379] binder: 15378:15379 ioctl c0306201 200000000080 returned -22
[  756.156497][   T24] usb 7-1: config 0 descriptor??
[  757.548874][T15379] syz.1.2821 (15379): drop_caches: 2
[  758.092678][   T24] hdpvr 7-1:0.0: unexpected answer of status request, len -71
[  759.005766][   T24] hdpvr 7-1:0.0: device init failed
[  759.117023][   T24] hdpvr 7-1:0.0: probe with driver hdpvr failed with error -12
[  759.526833][   T24] usb 7-1: USB disconnect, device number 18
[  759.703309][T15408] fuse: Bad value for 'fd'
[  762.473195][T15427] lo speed is unknown, defaulting to 1000
[  763.402867][T15447] loop1: detected capacity change from 0 to 1024
[  763.419163][T15447] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  763.466053][T15447] EXT4-fs (loop1): group descriptors corrupted!
[  763.766627][T15444] ceph: No mds server is up or the cluster is laggy
[  763.775757][   T24] libceph: connect (1)[c::]:6789 error -101
[  763.982864][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  768.000264][T15469] loop6: detected capacity change from 0 to 32768
[  768.046075][T15469] btrfs: Deprecated parameter 'usebackuproot'
[  768.222743][T15469] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  768.239151][T15469] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2847 (15469)
[  769.181318][T15469] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  769.240468][T15469] BTRFS info (device loop6): using crc32c (crc32c-lib) checksum algorithm
[  769.407481][T15469] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  769.411667][T15469] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  769.419420][T15492] loop3: detected capacity change from 0 to 1764
[  769.440468][T15469] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  769.441959][T15469] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  769.462220][T15469] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  769.480885][T15469] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  769.502325][T15492] overlayfs: failed lookup in lower (newroot/67, name='file0', err=-40): overlapping layers
[  769.528118][T15469] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  769.528485][T15469] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  769.553730][T15492] overlayfs: failed lookup in lower (newroot/67, name='file0', err=-40): overlapping layers
[  769.577053][T15469] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  769.577470][T15469] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  769.640939][T15469] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  769.653342][ T5926] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  769.703110][T15469] BTRFS error (device loop6): open_ctree failed: -12
[  769.999475][ T5926] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  770.056815][ T5926] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  770.068867][ T5926] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  770.084305][ T5926] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  770.810015][ T5926] usb 2-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  770.821554][ T5926] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  770.834597][ T5926] usb 2-1: config 0 descriptor??
[  772.682530][ T5926] hdpvr 2-1:0.0: unexpected answer of status request, len -71
[  772.700684][ T5926] hdpvr 2-1:0.0: device init failed
[  772.707074][ T5926] hdpvr 2-1:0.0: probe with driver hdpvr failed with error -12
[  772.766523][ T5926] usb 2-1: USB disconnect, device number 5
[  773.989940][  T980] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  774.152111][  T980] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  774.184859][  T980] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  774.209824][  T980] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  774.257840][  T980] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  774.285851][  T980] usb 7-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  774.326095][  T980] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  774.354129][  T980] usb 7-1: config 0 descriptor??
[  774.403676][T15561] netlink: 'syz.7.2872': attribute type 10 has an invalid length.
[  774.422067][T15561] netlink: 40 bytes leftover after parsing attributes in process `syz.7.2872'.
[  774.436699][T15561] geneve0: left allmulticast mode
[  774.448930][T15561] team0: Port device geneve0 added
[  774.458439][T11088] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  774.471051][T11088] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  774.486149][T11088] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  774.520458][T11088] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  774.637471][  T980] hdpvr 7-1:0.0: unexpected answer of status request, len -32
[  774.659901][  T980] hdpvr 7-1:0.0: device init failed
[  774.674510][  T980] hdpvr 7-1:0.0: probe with driver hdpvr failed with error -12
[  774.707529][  T980] usb 7-1: USB disconnect, device number 19
[  774.769419][T14989] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  774.797821][T14989] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  774.823020][T14989] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  774.914150][T14989] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  775.942564][ T5926] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  777.119843][ T5926] usb 4-1: Using ep0 maxpacket: 32
[  777.350137][ T5926] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[  777.360545][ T5926] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  777.371950][ T5926] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81
[  777.383357][ T5926] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  777.400121][ T5926] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  777.412115][ T5926] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  777.443413][ T5926] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  777.692766][T15599] syz.5.2885: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[  777.711178][T15599] CPU: 1 UID: 0 PID: 15599 Comm: syz.5.2885 Not tainted syzkaller #0 PREEMPT(full) 
[  777.711210][T15599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  777.711224][T15599] Call Trace:
[  777.711232][T15599]  <TASK>
[  777.711241][T15599]  dump_stack_lvl+0x189/0x250
[  777.711263][T15599]  ? __pfx_dump_stack_lvl+0x10/0x10
[  777.711277][T15599]  ? __pfx__printk+0x10/0x10
[  777.711294][T15599]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  777.711308][T15599]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  777.711321][T15599]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  777.711336][T15599]  warn_alloc+0x214/0x310
[  777.711349][T15599]  ? stack_depot_save_flags+0x40/0x860
[  777.711368][T15599]  ? __pfx_warn_alloc+0x10/0x10
[  777.711382][T15599]  ? kasan_save_track+0x3e/0x80
[  777.711392][T15599]  ? __kasan_kmalloc+0x93/0xb0
[  777.711405][T15599]  ? xsk_setsockopt+0x4dc/0x8d0
[  777.711417][T15599]  ? do_sock_setsockopt+0x17c/0x1b0
[  777.711481][T15599]  ? __x64_sys_setsockopt+0x13f/0x1b0
[  777.711495][T15599]  ? do_syscall_64+0xfa/0xfa0
[  777.711510][T15599]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  777.711528][T15599]  __vmalloc_node_range_noprof+0x125/0x12d0
[  777.711559][T15599]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  777.711574][T15599]  ? __kasan_kmalloc+0x93/0xb0
[  777.711591][T15599]  vmalloc_user_noprof+0xad/0xf0
[  777.711604][T15599]  ? xskq_create+0xbf/0x170
[  777.711618][T15599]  xskq_create+0xbf/0x170
[  777.711633][T15599]  xsk_init_queue+0xb0/0x110
[  777.711649][T15599]  xsk_setsockopt+0x4dc/0x8d0
[  777.711669][T15599]  ? __pfx_xsk_setsockopt+0x10/0x10
[  777.711687][T15599]  ? __pfx_aa_sk_perm+0x10/0x10
[  777.711706][T15599]  ? aa_sock_opt_perm+0xff/0x1b0
[  777.711724][T15599]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  777.711738][T15599]  ? __pfx_xsk_setsockopt+0x10/0x10
[  777.711752][T15599]  do_sock_setsockopt+0x17c/0x1b0
[  777.711771][T15599]  __x64_sys_setsockopt+0x13f/0x1b0
[  777.711790][T15599]  do_syscall_64+0xfa/0xfa0
[  777.711805][T15599]  ? lockdep_hardirqs_on+0x9c/0x150
[  777.711820][T15599]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  777.711832][T15599]  ? clear_bhb_loop+0x60/0xb0
[  777.711846][T15599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  777.711858][T15599] RIP: 0033:0x7fb427f8eec9
[  777.711870][T15599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  777.711880][T15599] RSP: 002b:00007fb428d9b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  777.711895][T15599] RAX: ffffffffffffffda RBX: 00007fb4281e5fa0 RCX: 00007fb427f8eec9
[  777.711904][T15599] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000004
[  777.711912][T15599] RBP: 00007fb428011f91 R08: 0000000000000004 R09: 0000000000000000
[  777.711919][T15599] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  777.711927][T15599] R13: 00007fb4281e6038 R14: 00007fb4281e5fa0 R15: 00007fff9fe23708
[  777.711947][T15599]  </TASK>
[  777.711952][T15599] Mem-Info:
[  778.067209][T15599] active_anon:22248 inactive_anon:0 isolated_anon:0
[  778.067209][T15599]  active_file:15599 inactive_file:44396 isolated_file:0
[  778.067209][T15599]  unevictable:768 dirty:368 writeback:0
[  778.067209][T15599]  slab_reclaimable:9830 slab_unreclaimable:156482
[  778.067209][T15599]  mapped:29858 shmem:19510 pagetables:1114
[  778.067209][T15599]  sec_pagetables:0 bounce:0
[  778.067209][T15599]  kernel_misc_reclaimable:0
[  778.067209][T15599]  free:1226771 free_pcp:16338 free_cma:0
[  778.121752][T15599] Node 0 active_anon:88992kB inactive_anon:0kB active_file:62372kB inactive_file:177384kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119408kB dirty:1472kB writeback:0kB shmem:76504kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12732kB pagetables:4228kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  778.160361][T15599] Node 1 active_anon:0kB inactive_anon:0kB active_file:24kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:228kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  778.197105][T15599] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  778.233229][T15599] lowmem_reserve[]: 0 2491 2492 2492 2492
[  778.240292][T15599] Node 0 DMA32 free:1017188kB boost:0kB min:34184kB low:42728kB high:51272kB reserved_highatomic:0KB free_highatomic:0KB active_anon:88992kB inactive_anon:0kB active_file:62372kB inactive_file:177384kB unevictable:1536kB writepending:1472kB zspages:0kB present:3129332kB managed:2551244kB mlocked:0kB bounce:0kB free_pcp:35016kB local_pcp:16220kB free_cma:0kB
[  778.281672][T15599] lowmem_reserve[]: 0 0 0 0 0
[  778.287322][T15599] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:620kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  778.322428][T15599] lowmem_reserve[]: 0 0 0 0 0
[  778.328114][T15599] Node 1 Normal free:3874536kB boost:0kB min:55708kB low:69632kB high:83556kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:24kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:30336kB local_pcp:9400kB free_cma:0kB
[  778.367075][T15599] lowmem_reserve[]: 0 0 0 0 0
[  778.372986][T15599] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  778.388446][T15599] Node 0 DMA32: 1297*4kB (UME) 1168*8kB (UME) 718*16kB (UME) 1072*32kB (UME) 339*64kB (UME) 346*128kB (UME) 158*256kB (UME) 63*512kB (UME) 17*1024kB (UM) 9*2048kB (UM) 191*4096kB (UM) = 1017188kB
[  778.411774][T15599] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  778.425700][T15599] Node 1 Normal: 237*4kB (UME) 59*8kB (UE) 49*16kB (UE) 160*32kB (UME) 42*64kB (UME) 20*128kB (UME) 10*256kB (UM) 10*512kB (UME) 6*1024kB (UM) 5*2048kB (UE) 937*4096kB (UM) = 3874588kB
[  778.448025][T15599] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  778.460000][T15599] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  778.471269][T15599] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  778.483212][T15599] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  778.494374][T15599] 79491 total pagecache pages
[  778.500102][T15599] 0 pages in swap cache
[  778.505059][T15599] Free swap  = 124996kB
[  778.510080][T15599] Total swap = 124996kB
[  778.515060][T15599] 2097051 pages RAM
[  778.519705][T15599] 0 pages HighMem/MovableOnly
[  778.525358][T15599] 427470 pages reserved
[  778.530475][T15599] 0 pages cma reserved
[  778.554652][ T5926] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  778.567292][ T5926] usb 4-1: config 0 descriptor??
[  779.008257][ T5926] usb 4-1: can't set config #0, error -71
[  779.070565][ T5926] usb 4-1: USB disconnect, device number 6
[  781.355953][T15634] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2896'.
[  781.522004][T15634] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2896'.
[  782.010006][T13255] usb 7-1: new full-speed USB device number 20 using dummy_hcd
[  782.172786][T13255] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  782.238521][T13255] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  782.282494][T13255] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  782.295222][T13255] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  782.314800][T13255] usb 7-1: SerialNumber: syz
[  782.367778][T13255] usb 7-1: 0:2 : does not exist
[  782.830872][T13255] usb 7-1: USB disconnect, device number 20
[  786.304795][T15677] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2910'.
[  787.890268][   T24] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  788.049917][   T24] usb 2-1: Using ep0 maxpacket: 16
[  788.077505][   T24] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  788.130953][   T24] usb 2-1: config 0 interface 0 has no altsetting 0
[  788.167921][   T24] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  788.186320][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  788.228880][   T24] usb 2-1: config 0 descriptor??
[  788.229544][T15708] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2922'.
[  788.352216][T15708] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2922'.
[  788.666146][   T24] hid_parser_main: 5 callbacks suppressed
[  788.666173][   T24] nzxt-smart2 0003:1E71:2009.0013: unknown main item tag 0x0
[  788.719151][T15721] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2928'.
[  788.868071][   T24] nzxt-smart2 0003:1E71:2009.0013: unknown main item tag 0x0
[  788.877547][   T24] nzxt-smart2 0003:1E71:2009.0013: unknown main item tag 0x0
[  788.886776][   T24] nzxt-smart2 0003:1E71:2009.0013: unknown main item tag 0x0
[  788.895849][   T24] nzxt-smart2 0003:1E71:2009.0013: unknown main item tag 0x0
[  788.911045][   T24] nzxt-smart2 0003:1E71:2009.0013: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0
[  788.925890][    C1] usb 2-1: input irq status -75 received
[  789.709412][  T980] usb 2-1: USB disconnect, device number 6
[  795.253344][   T30] audit: type=1804 audit(1758653362.750:122): pid=15777 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.2944" name="/newroot/521/bus/bus" dev="overlay" ino=2850 res=1 errno=0
[  795.289386][T15777] Invalid ELF header magic: != ELF
[  795.365207][T15780] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2945'.
[  795.614586][T15789] netlink: 'syz.7.2948': attribute type 4 has an invalid length.
[  808.294736][   T30] audit: type=1326 audit(1758653375.800:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.7.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  808.306708][T15901] netlink: 180 bytes leftover after parsing attributes in process `syz.7.2979'.
[  808.588917][   T30] audit: type=1326 audit(1758653375.810:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.7.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  808.704872][   T30] audit: type=1326 audit(1758653375.810:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.7.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  809.535832][   T30] audit: type=1326 audit(1758653375.810:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.7.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  809.563549][   T30] audit: type=1326 audit(1758653375.810:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.7.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  809.590480][   T30] audit: type=1326 audit(1758653375.810:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.7.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  809.618003][   T30] audit: type=1326 audit(1758653375.820:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.7.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  809.645574][   T30] audit: type=1326 audit(1758653375.820:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.7.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  809.647129][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  809.733469][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  809.760406][   T30] audit: type=1326 audit(1758653375.820:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.7.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  809.788061][   T30] audit: type=1326 audit(1758653375.820:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.7.2979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  810.169648][T15901] netlink: 180 bytes leftover after parsing attributes in process `syz.7.2979'.
[  810.503056][T15910] netlink: 180 bytes leftover after parsing attributes in process `syz.7.2979'.
[  815.476804][T15949] input: syz1 as /devices/virtual/input/input19
[  823.868028][T16020] loop6: detected capacity change from 0 to 2048
[  823.967359][T16020] UDF-fs: error (device loop6): udf_process_sequence: Primary Volume Descriptor not found!
[  825.011195][T16020] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  825.069514][T16038] netlink: 'syz.1.3020': attribute type 2 has an invalid length.
[  825.178045][T16038] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3020'.
[  825.460129][T16045] pim6reg1: entered promiscuous mode
[  825.587312][T16045] pim6reg1: entered allmulticast mode
[  833.877084][T16122] netlink: 'syz.1.3044': attribute type 11 has an invalid length.
[  837.093802][T16150] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3055'.
[  843.892998][T16203] bridge0: port 2(bridge_slave_1) entered disabled state
[  843.902091][T16203] bridge0: port 1(bridge_slave_0) entered disabled state
[  844.475805][T16203] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  845.291115][T16203] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  846.086620][T16206] netlink: 'syz.1.3069': attribute type 15 has an invalid length.
[  846.096753][   T13] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  846.223687][   T13] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  846.261651][   T13] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  846.293895][   T13] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  846.500363][T16235] wg2: left promiscuous mode
[  846.509310][T16235] wg2: left allmulticast mode
[  846.751217][T16240] capability: warning: `syz.7.3081' uses 32-bit capabilities (legacy support in use)
[  847.264156][T16257] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3086'.
[  849.413205][T16270] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3088'.
[  851.878887][T16284] loop3: detected capacity change from 0 to 128
[  852.593763][T16284] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  852.617256][T16284] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  853.488131][T13620] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  856.875299][ T1152] bridge0: port 2(bridge_slave_1) entered disabled state
[  858.236696][T16353] vlan2: entered promiscuous mode
[  858.244330][T16353] vlan2: entered allmulticast mode
[  858.257065][T16353] hsr_slave_1: entered allmulticast mode
[  859.227043][T16353] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3113'.
[  862.079233][T16387] netlink: 'syz.3.3123': attribute type 1 has an invalid length.
[  862.285775][T16392] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  862.322670][T16392] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  862.438148][T16387] gretap2: entered promiscuous mode
[  862.632951][T16387] bond1: (slave gretap2): making interface the new active one
[  862.643720][T16387] bond1: (slave gretap2): Enslaving as an active interface with an up link
[  863.185474][T16404] netlink: 'syz.5.3128': attribute type 4 has an invalid length.
[  863.194903][T16404] netlink: 3657 bytes leftover after parsing attributes in process `syz.5.3128'.
[  863.254434][T16406] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3129'.
[  863.285314][T16406] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3129'.
[  864.436842][T16433] overlayfs: failed to clone upperpath
[  864.902097][T16436] bridge2: entered allmulticast mode
[  867.244979][T16446] tipc: Started in network mode
[  867.279965][T16446] tipc: Node identity 5669eb733214, cluster identity 4711
[  867.288862][T16446] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  867.300437][T16446] syzkaller0: entered promiscuous mode
[  867.307065][T16446] syzkaller0: entered allmulticast mode
[  868.229633][T16446] tipc: Resetting bearer <eth:syzkaller0>
[  868.270836][T16446] syzkaller0: tun_net_xmit 90
[  868.295015][T16444] tipc: Resetting bearer <eth:syzkaller0>
[  868.431366][T16455] Bluetooth: MGMT ver 1.23
[  868.459969][ T5926] tipc: Node number set to 1685973875
[  868.625092][T16444] tipc: Disabling bearer <eth:syzkaller0>
[  870.643001][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  870.658429][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  872.572359][  T980] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  873.051848][  T980] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  873.064380][  T980] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  873.090826][  T980] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  873.127840][  T980] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  873.151178][  T980] usb 7-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  873.170025][  T980] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  873.391709][  T980] usb 7-1: config 0 descriptor??
[  873.942604][  T980] hdpvr 7-1:0.0: firmware version 0x51 dated 
[  873.983338][  T980] hdpvr 7-1:0.0: untested firmware, the driver might not work.
[  874.059581][T16503] fuse: Bad value for 'fd'
[  876.920438][  T980] hdpvr 7-1:0.0: Could not setup controls
[  876.928486][  T980] hdpvr 7-1:0.0: registering videodev failed
[  878.068958][  T980] hdpvr 7-1:0.0: probe with driver hdpvr failed with error -71
[  878.321063][  T980] usb 7-1: USB disconnect, device number 21
[  887.100720][ T5866] Bluetooth: hci0: command 0x0406 tx timeout
[  887.691257][T16596] futex_wake_op: syz.6.3185 tries to shift op by -1; fix this program
[  891.174391][T16626] loop6: detected capacity change from 0 to 1024
[  891.195998][T16626] EXT4-fs: Ignoring removed i_version option
[  891.213110][T16626] EXT4-fs: inline encryption not supported
[  891.247484][T16626] EXT4-fs (loop6): Test dummy encryption mode enabled
[  891.793574][T16626] EXT4-fs (loop6): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  891.858556][T16626] EXT4-fs error (device loop6): ext4_ext_check_inode:523: inode #4: comm syz.6.3193: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  891.922542][T16626] EXT4-fs error (device loop6): ext4_quota_enable:7137: comm syz.6.3193: Bad quota inode: 4, type: 1
[  891.945474][T16626] EXT4-fs warning (device loop6): ext4_enable_quotas:7178: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  891.959230][T16641] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3196'.
[  891.966426][T16626] EXT4-fs (loop6): mount failed
[  904.922796][T16737] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[  906.003321][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  906.003342][   T30] audit: type=1804 audit(1758653473.520:139): pid=16746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.3224" name="/newroot/148/file1" dev="fuse" ino=1 res=1 errno=0
[  906.143181][   T30] audit: type=1800 audit(1758653473.520:140): pid=16746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3224" name="/" dev="fuse" ino=1 res=0 errno=0
[  906.268143][   T30] audit: type=1800 audit(1758653473.520:141): pid=16745 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3224" name="/" dev="fuse" ino=1 res=0 errno=0
[  906.357816][   T30] audit: type=1326 audit(1758653473.840:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16754 comm="syz.5.3231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb427f8eec9 code=0x7ffc0000
[  906.416930][T16757] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3231'.
[  907.548254][   T30] audit: type=1326 audit(1758653473.840:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16754 comm="syz.5.3231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb427f8eec9 code=0x7ffc0000
[  907.575507][   T24] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  907.585475][   T30] audit: type=1326 audit(1758653473.850:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16754 comm="syz.5.3231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb427f8eec9 code=0x7ffc0000
[  907.613756][   T30] audit: type=1326 audit(1758653473.850:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16754 comm="syz.5.3231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb427f8eec9 code=0x7ffc0000
[  907.647119][   T30] audit: type=1326 audit(1758653473.850:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16754 comm="syz.5.3231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb427f8eec9 code=0x7ffc0000
[  907.700694][   T30] audit: type=1326 audit(1758653473.850:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16754 comm="syz.5.3231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb427f8eec9 code=0x7ffc0000
[  907.737719][   T30] audit: type=1326 audit(1758653473.850:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16754 comm="syz.5.3231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb427f8eec9 code=0x7ffc0000
[  907.815208][T16778] loop1: detected capacity change from 0 to 2048
[  908.749293][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  908.761561][   T24] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  908.775503][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  908.896764][T16778]  loop1: p4 < >
[  908.899739][   T24] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  908.925581][   T24] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  908.937322][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  909.182923][   T24] usb 4-1: config 0 descriptor??
[  909.233342][T16790] loop6: detected capacity change from 0 to 1024
[  909.242298][T16790] EXT4-fs: Ignoring removed i_version option
[  909.251709][T16790] EXT4-fs: inline encryption not supported
[  909.290570][T16790] EXT4-fs (loop6): Test dummy encryption mode enabled
[  909.911444][T16790] EXT4-fs (loop6): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  909.976389][T16790] EXT4-fs error (device loop6): ext4_ext_check_inode:523: inode #4: comm syz.6.3239: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  909.995150][   T24] hdpvr 4-1:0.0: unexpected answer of status request, len -71
[  910.013181][   T24] hdpvr 4-1:0.0: device init failed
[  910.029449][   T24] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -12
[  910.050600][   T24] usb 4-1: USB disconnect, device number 7
[  910.072363][T16790] EXT4-fs error (device loop6): ext4_quota_enable:7137: comm syz.6.3239: Bad quota inode: 4, type: 1
[  910.099216][T16790] EXT4-fs warning (device loop6): ext4_enable_quotas:7178: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  910.133700][T16790] EXT4-fs (loop6): mount failed
[  910.407308][T16804] random: crng reseeded on system resumption
[  910.637399][   T24] libceph: connect (1)[c::]:6789 error -101
[  910.650692][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  910.719609][T16820] loop6: detected capacity change from 0 to 128
[  910.771490][T16814] ceph: No mds server is up or the cluster is laggy
[  913.754557][  T980] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  913.994523][  T980] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  914.539618][  T980] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  914.610313][  T980] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  914.623947][  T980] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  914.639514][  T980] usb 7-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  914.655199][  T980] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  914.672125][  T980] usb 7-1: config 0 descriptor??
[  915.024375][  T980] hdpvr 7-1:0.0: firmware version 0x51 dated 
[  915.042199][  T980] hdpvr 7-1:0.0: untested firmware, the driver might not work.
[  917.401865][  T980] hdpvr 7-1:0.0: Could not setup controls
[  917.417901][  T980] hdpvr 7-1:0.0: registering videodev failed
[  917.450155][  T980] hdpvr 7-1:0.0: probe with driver hdpvr failed with error -71
[  917.475100][  T980] usb 7-1: USB disconnect, device number 22
[  917.548294][T16889] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3264'.
[  918.558636][T16901] overlayfs: failed to clone upperpath
[  918.760108][  T980] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  918.962431][  T980] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  918.973798][  T980] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  919.074331][  T980] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  919.085614][  T980] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  919.100432][  T980] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  919.116814][  T980] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  919.971692][  T980] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  919.982366][  T980] usb 7-1: Product: syz
[  919.987525][  T980] usb 7-1: Manufacturer: syz
[  920.092938][  T980] cdc_wdm 7-1:1.0: skipping garbage
[  920.141419][  T980] cdc_wdm 7-1:1.0: skipping garbage
[  920.169473][  T980] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  920.187399][  T980] cdc_wdm 7-1:1.0: Unknown control protocol
[  920.338553][  T980] usb 7-1: USB disconnect, device number 23
[  920.412642][T16931] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3281'.
[  921.669768][   T24] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  921.856678][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  921.868402][   T24] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  921.881556][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  921.894608][   T24] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  921.906861][   T24] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  921.918365][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  922.777031][   T24] usb 4-1: config 0 descriptor??
[  923.557573][T16955] bridge3: entered allmulticast mode
[  924.540222][   T30] kauditd_printk_skb: 31 callbacks suppressed
[  924.540516][   T30] audit: type=1326 audit(1758653491.980:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16963 comm="syz.5.3290" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb427f8eec9 code=0x0
[  924.606022][T16975] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3291'.
[  924.624529][T16975] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3291'.
[  924.780372][   T24] hdpvr 4-1:0.0: unexpected answer of status request, len -71
[  924.798112][   T24] hdpvr 4-1:0.0: device init failed
[  924.806694][   T24] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -12
[  924.826893][   T24] usb 4-1: USB disconnect, device number 8
[  925.353057][   T24] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  926.317814][   T24] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  926.381290][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  926.454160][   T24] usb 4-1: config 0 descriptor??
[  926.494053][   T24] gspca_main: cpia1-2.14.0 probing 0813:0001
[  926.958047][T16979] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3295'.
[  927.040969][T16979] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3295'.
[  927.041609][T14995] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  927.162570][T14995] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  927.212555][T14995] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  927.812481][   T24] gspca_cpia1: usb_control_msg 03, error -110
[  927.874028][   T24] gspca_cpia1: usb_control_msg 01, error -32
[  927.932748][T14995] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  928.021578][   T24] gspca_cpia1: usb_control_msg 01, error -32
[  928.170105][   T24] gspca_cpia1: usb_control_msg 01, error -71
[  928.177340][   T24] cpia1 4-1:0.0: only firmware version 1 is supported (got: 0)
[  928.210081][   T24] usb 4-1: USB disconnect, device number 9
[  932.129291][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  932.139754][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  936.117862][T17076] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3321'.
[  939.676878][T17107] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  945.814937][  T980] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  946.033648][  T980] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  946.722731][  T980] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  946.748901][  T980] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  946.826927][  T980] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  946.865604][  T980] usb 2-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  946.877419][  T980] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  946.893215][T17193] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3358'.
[  946.895153][  T980] usb 2-1: config 0 descriptor??
[  946.944848][T17193] IPVS: Error connecting to the multicast addr
[  947.219221][  T980] hdpvr 2-1:0.0: firmware version 0x51 dated 
[  947.248808][  T980] hdpvr 2-1:0.0: untested firmware, the driver might not work.
[  949.787726][  T980] hdpvr 2-1:0.0: Could not setup controls
[  949.926146][T17224] netlink: 'syz.1.3366': attribute type 11 has an invalid length.
[  949.935957][T17224] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3366'.
[  950.374538][  T980] hdpvr 2-1:0.0: registering videodev failed
[  950.392375][  T980] hdpvr 2-1:0.0: probe with driver hdpvr failed with error -71
[  950.409445][T17219] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  950.441705][  T980] usb 2-1: USB disconnect, device number 7
[  951.636060][T17250] loop3: detected capacity change from 0 to 512
[  951.647596][T17250] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  951.680254][T17250] EXT4-fs (loop3): 1 truncate cleaned up
[  951.692589][T17250] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  951.741315][T17250] syz.3.3375 (pid 17250) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  951.773593][T17250] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3375'.
[  951.851088][T13620] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  952.169945][  T980] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  952.365134][  T980] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  952.399726][  T980] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  952.424909][  T980] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  952.459782][  T980] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  952.604062][  T980] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  952.615806][  T980] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  952.630891][  T980] usb 4-1: config 0 descriptor??
[  953.400014][  T980] hdpvr 4-1:0.0: firmware version 0x51 dated 
[  953.408098][  T980] hdpvr 4-1:0.0: untested firmware, the driver might not work.
[  953.541402][  T980] hdpvr 4-1:0.0: device init failed
[  953.575226][  T980] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -12
[  953.605400][  T980] usb 4-1: USB disconnect, device number 10
[  957.494117][   T30] audit: type=1326 audit(1758653524.980:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17322 comm="syz.7.3398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  957.661973][   T30] audit: type=1326 audit(1758653524.990:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17322 comm="syz.7.3398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  957.861801][   T30] audit: type=1326 audit(1758653524.990:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17322 comm="syz.7.3398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  958.667759][   T30] audit: type=1326 audit(1758653524.990:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17322 comm="syz.7.3398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  958.864912][   T30] audit: type=1326 audit(1758653525.080:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17322 comm="syz.7.3398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  958.893648][ T5926] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  959.755284][   T30] audit: type=1326 audit(1758653525.080:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17322 comm="syz.7.3398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  959.782441][   T30] audit: type=1326 audit(1758653525.080:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17322 comm="syz.7.3398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  960.070161][ T5926] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  960.159438][T17345] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3404'.
[  960.868182][ T5926] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  960.967520][ T5926] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  961.004266][T17347] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3405'.
[  961.083173][ T5926] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  961.159387][ T5926] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  961.226655][ T5926] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  961.275252][ T5926] usb 4-1: config 0 descriptor??
[  961.374383][T17355] netlink: 'syz.1.3408': attribute type 1 has an invalid length.
[  961.573725][ T5926] hdpvr 4-1:0.0: firmware version 0x51 dated 
[  961.594198][ T5926] hdpvr 4-1:0.0: untested firmware, the driver might not work.
[  961.667238][T17357] bond2: (slave gretap1): making interface the new active one
[  961.841299][ T5926] hdpvr 4-1:0.0: device init failed
[  961.848952][T17357] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  961.859907][ T5926] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -12
[  961.873880][ T5926] usb 4-1: USB disconnect, device number 11
[  962.715929][T17360] vlan2: entered allmulticast mode
[  962.722234][T17360] bond2: entered allmulticast mode
[  962.728446][T17360] gretap1: entered allmulticast mode
[  962.736809][T17360] bond2: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  962.892564][T17370] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3413'.
[  962.916258][T17370] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3413'.
[  962.943791][T17371] netlink: 'syz.5.3412': attribute type 3 has an invalid length.
[  962.999290][T17371] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3412'.
[  964.173659][T17379] netlink: 512 bytes leftover after parsing attributes in process `syz.1.3415'.
[  964.920837][   T30] audit: type=1326 audit(1758653532.440:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17392 comm="syz.1.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[  965.799283][   T30] audit: type=1326 audit(1758653532.440:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17392 comm="syz.1.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[  965.899862][   T30] audit: type=1326 audit(1758653532.440:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17392 comm="syz.1.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[  967.000104][   T30] audit: type=1326 audit(1758653532.440:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17392 comm="syz.1.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[  967.161379][   T30] audit: type=1326 audit(1758653532.440:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17392 comm="syz.1.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[  967.245233][   T30] audit: type=1326 audit(1758653532.440:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17392 comm="syz.1.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[  967.338665][   T30] audit: type=1326 audit(1758653532.440:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17392 comm="syz.1.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[  967.369847][ T5926] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  967.389207][   T30] audit: type=1326 audit(1758653532.440:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17392 comm="syz.1.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[  967.491665][   T30] audit: type=1326 audit(1758653532.440:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17392 comm="syz.1.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[  967.535750][   T30] audit: type=1326 audit(1758653532.440:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17392 comm="syz.1.3421" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[  967.565094][ T5926] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  967.578423][ T5926] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  967.590669][ T5926] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  967.630338][ T5926] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  967.651095][ T5926] usb 2-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  967.672985][ T5926] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  967.737077][ T5926] usb 2-1: config 0 descriptor??
[  967.958624][ T5926] hdpvr 2-1:0.0: firmware version 0x51 dated 
[  967.997630][ T5926] hdpvr 2-1:0.0: untested firmware, the driver might not work.
[  968.120896][ T5926] hdpvr 2-1:0.0: device init failed
[  968.137818][ T5926] hdpvr 2-1:0.0: probe with driver hdpvr failed with error -12
[  968.256921][ T5926] usb 2-1: USB disconnect, device number 8
[  968.797011][T17435] netlink: 'syz.3.3434': attribute type 1 has an invalid length.
[  969.722457][T17439] bond2 (unregistering): Released all slaves
[  971.546666][   T30] kauditd_printk_skb: 19 callbacks suppressed
[  971.597938][   T30] audit: type=1326 audit(1758653539.060:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17460 comm="syz.3.3443" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d9c38eec9 code=0x0
[  978.567481][T17546] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  978.567481][T17546] The task syz.1.3465 (17546) triggered the difference, watch for misbehavior.
[  982.300905][T17586] syz_tun: entered allmulticast mode
[  982.350387][T17586] lo speed is unknown, defaulting to 1000
[  983.440005][T17589] netlink: 'syz.5.3479': attribute type 23 has an invalid length.
[  984.425466][T17602] netlink: 52 bytes leftover after parsing attributes in process `syz.7.3483'.
[  984.927276][T17607] binder_alloc: 17606: binder_alloc_buf, no vma
[  987.484267][T17648] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3498'.
[  987.495931][T17648] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3498'.
[  987.507359][T17648] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3498'.
[  987.518534][T17648] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3498'.
[  987.529833][T17648] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3498'.
[  987.540881][T17648] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3498'.
[  987.551977][T17648] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3498'.
[  987.563213][T17648] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3498'.
[  987.577473][T17648] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3498'.
[  987.633555][T17648] team1: left promiscuous mode
[  987.649758][T17648] vlan2: left promiscuous mode
[  989.465420][T17652] overlayfs: failed to clone upperpath
[  990.799890][T13255] usb 4-1: new full-speed USB device number 12 using dummy_hcd
[  991.780953][T13255] usb 4-1: not running at top speed; connect to a high speed hub
[  991.860147][T13255] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  991.909818][T13255] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  991.959748][T13255] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  992.036651][T13255] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  992.129800][T13255] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  992.208628][T13255] usb 4-1: Product: syz
[  992.250012][T13255] usb 4-1: Manufacturer: syz
[  992.255595][T13255] usb 4-1: SerialNumber: syz
[  993.174888][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  993.182627][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  993.304017][T13255] usb 4-1: 0:2 : does not exist
[  993.391842][T13255] usb 4-1: USB disconnect, device number 12
[  993.540455][T17701] lo speed is unknown, defaulting to 1000
[  996.625288][   T30] audit: type=1326 audit(1758653564.140:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17736 comm="syz.7.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  996.652836][   T30] audit: type=1326 audit(1758653564.160:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17736 comm="syz.7.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  996.688261][   T30] audit: type=1326 audit(1758653564.200:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17736 comm="syz.7.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  996.833995][   T30] audit: type=1326 audit(1758653564.200:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17736 comm="syz.7.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  996.930960][   T30] audit: type=1326 audit(1758653564.200:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17736 comm="syz.7.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  997.028604][T17743] __nla_validate_parse: 165 callbacks suppressed
[  997.028672][T17743] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3529'.
[  997.061326][   T30] audit: type=1326 audit(1758653564.240:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17736 comm="syz.7.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  997.194502][   T30] audit: type=1326 audit(1758653564.240:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17736 comm="syz.7.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  997.277357][T17746] bond6: entered promiscuous mode
[  997.283989][T17746] bond6: entered allmulticast mode
[  997.320831][T17746] 8021q: adding VLAN 0 to HW filter on device bond6
[  997.410367][   T30] audit: type=1326 audit(1758653564.240:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17736 comm="syz.7.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  997.512295][   T30] audit: type=1326 audit(1758653564.260:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17736 comm="syz.7.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[  997.665052][   T30] audit: type=1326 audit(1758653564.260:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17736 comm="syz.7.3526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd95578eec9 code=0x7ffc0000
[ 1000.996435][T17791] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3537'.
[ 1001.008776][T17791] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3537'.
[ 1001.711146][T17746] bond6 (unregistering): Released all slaves
[ 1005.111657][T17822] overlayfs: failed to clone upperpath
[ 1007.694147][T17843] netlink: 'syz.6.3551': attribute type 1 has an invalid length.
[ 1008.066015][T17849] gretap1: entered promiscuous mode
[ 1008.101239][T17849] bond6: (slave gretap1): making interface the new active one
[ 1008.111691][T17849] bond6: (slave gretap1): Enslaving as an active interface with an up link
[ 1008.212510][T17853] netlink: 'syz.3.3553': attribute type 10 has an invalid length.
[ 1008.270071][T17853] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1008.349746][ T5924] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[ 1009.259758][ T5924] usb 2-1: Using ep0 maxpacket: 32
[ 1009.278810][ T5924] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[ 1009.303063][ T5924] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1009.317824][ T5924] usb 2-1: config 0 has no interface number 0
[ 1009.325705][ T5924] usb 2-1: config 0 interface 8 altsetting 248 endpoint 0xD has invalid wMaxPacketSize 0
[ 1009.347127][ T5924] usb 2-1: config 0 interface 8 altsetting 248 has 3 endpoint descriptors, different from the interface descriptor's value: 10
[ 1009.367528][ T5924] usb 2-1: config 0 interface 8 has no altsetting 0
[ 1009.392301][ T5924] usb 2-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=2d.bb
[ 1009.418579][ T5924] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1009.442263][ T5924] usb 2-1: Product: syz
[ 1009.456698][ T5924] usb 2-1: Manufacturer: syz
[ 1009.474484][ T5924] usb 2-1: SerialNumber: syz
[ 1009.485441][ T5924] usb 2-1: config 0 descriptor??
[ 1010.689856][ T5924] ath6kl: Failed to submit usb control message: -71
[ 1010.697850][ T5924] ath6kl: unable to send the bmi data to the device: -71
[ 1010.751154][ T5924] ath6kl: Unable to send get target info: -71
[ 1010.848894][ T5924] ath6kl: Failed to init ath6kl core: -71
[ 1010.888577][ T5924] ath6kl_usb 2-1:0.8: probe with driver ath6kl_usb failed with error -71
[ 1010.926255][T17894] loop1: detected capacity change from 0 to 164
[ 1010.944086][ T5924] usb 2-1: USB disconnect, device number 9
[ 1010.954965][T17894] iso9660: Unknown parameter '0x000000000000000000000000000000000000ÿÿÿÿÿÿÿÿÿÿÿÿÿÿ0x0000000000000000'
[ 1011.131592][T17890] lo speed is unknown, defaulting to 1000
[ 1011.199170][T17895] lo speed is unknown, defaulting to 1000
[ 1013.511284][T17916] loop1: detected capacity change from 0 to 8
[ 1013.636573][T17916] SQUASHFS error: zlib decompression failed, data probably corrupt
[ 1013.672848][T17916] SQUASHFS error: Failed to read block 0x9b: -5
[ 1013.712216][T17916] SQUASHFS error: Unable to read metadata cache entry [99]
[ 1013.749109][T17916] SQUASHFS error: Unable to read inode 0x127
[ 1013.890771][T17925] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3570'.
[ 1013.901857][T17925] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3570'.
[ 1017.728660][T17958] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3581'.
[ 1019.347758][T17971] netlink: 152 bytes leftover after parsing attributes in process `syz.3.3587'.
[ 1021.419715][ T5924] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[ 1021.580178][ T5924] usb 4-1: device descriptor read/64, error -71
[ 1022.589788][ T5924] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 1022.658406][T18009] overlayfs: failed to clone upperpath
[ 1022.790063][ T5924] usb 4-1: device descriptor read/64, error -71
[ 1022.902649][ T5924] usb usb4-port1: attempt power cycle
[ 1023.286372][ T5924] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[ 1023.321693][ T5924] usb 4-1: device descriptor read/8, error -71
[ 1024.234720][ T5924] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[ 1024.347102][ T5924] usb 4-1: device descriptor read/8, error -71
[ 1024.681746][ T5924] usb usb4-port1: unable to enumerate USB device
[ 1025.684036][T18040] loop1: detected capacity change from 0 to 2048
[ 1025.710645][T18040] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1026.939421][T18050] lo speed is unknown, defaulting to 1000
[ 1028.405098][T13255] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[ 1028.549967][T13255] usb 4-1: device descriptor read/64, error -71
[ 1028.587822][T18069] lo speed is unknown, defaulting to 1000
[ 1028.819850][T13255] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[ 1029.019945][T13255] usb 4-1: device descriptor read/64, error -71
[ 1029.193457][T13255] usb usb4-port1: attempt power cycle
[ 1029.518608][   T30] kauditd_printk_skb: 19 callbacks suppressed
[ 1029.518629][   T30] audit: type=1326 audit(1758653597.030:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18049 comm="syz.1.3610" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x0
[ 1029.570173][T18074] netlink: 'syz.6.3617': attribute type 21 has an invalid length.
[ 1029.633001][T18074] netlink: 132 bytes leftover after parsing attributes in process `syz.6.3617'.
[ 1029.720539][T13255] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[ 1029.764682][T13255] usb 4-1: device descriptor read/8, error -71
[ 1030.020256][T13255] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[ 1030.060625][T13255] usb 4-1: device descriptor read/8, error -71
[ 1030.358647][T13255] usb usb4-port1: unable to enumerate USB device
[ 1033.472821][T18120] netlink: 'syz.5.3630': attribute type 32 has an invalid length.
[ 1033.551615][   T30] audit: type=1326 audit(1758653601.070:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18121 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1034.569844][   T30] audit: type=1326 audit(1758653601.070:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18121 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1034.638289][   T30] audit: type=1326 audit(1758653601.110:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18121 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1034.682614][   T30] audit: type=1326 audit(1758653601.110:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18121 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1034.756880][   T30] audit: type=1326 audit(1758653601.110:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18121 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1034.800721][   T30] audit: type=1326 audit(1758653601.110:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18121 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1035.280228][   T30] audit: type=1326 audit(1758653601.120:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18121 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1035.431094][   T30] audit: type=1326 audit(1758653601.120:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18121 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1035.756737][   T30] audit: type=1326 audit(1758653601.130:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18121 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1035.977289][   T30] audit: type=1326 audit(1758653601.130:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18121 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1036.098006][   T30] audit: type=1326 audit(1758653601.130:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18121 comm="syz.1.3632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1037.257217][T18141] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1037.482267][T18146] loop1: detected capacity change from 0 to 512
[ 1037.516789][T18146] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1037.613920][T18146] ext4 filesystem being mounted at /316/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1038.672619][T12628] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1040.020238][T18180] netlink: 512 bytes leftover after parsing attributes in process `syz.3.3644'.
[ 1041.727875][T18195] netlink: 'syz.5.3650': attribute type 1 has an invalid length.
[ 1045.305186][T18237] netlink: 'syz.5.3663': attribute type 1 has an invalid length.
[ 1045.539135][T18243] bond2: (slave gretap1): making interface the new active one
[ 1045.549573][T18243] bond2: (slave gretap1): Enslaving as an active interface with an up link
[ 1045.586336][T18245] vlan2: entered allmulticast mode
[ 1045.595011][T18245] bond2: entered allmulticast mode
[ 1045.601893][T18245] gretap1: entered allmulticast mode
[ 1045.612364][T18245] bond2: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[ 1045.784907][T18251] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3667'.
[ 1046.518939][T18251] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1046.548768][T18266] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3669'.
[ 1046.596392][T18251] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1046.655804][T18253] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1046.674897][T18255] syzkaller0: entered promiscuous mode
[ 1046.682690][T18255] syzkaller0: entered allmulticast mode
[ 1046.696465][T18262] tipc: Resetting bearer <eth:syzkaller0>
[ 1046.732908][T18240] tipc: Resetting bearer <eth:syzkaller0>
[ 1046.771828][T18240] tipc: Disabling bearer <eth:syzkaller0>
[ 1046.863887][T18271] bond3: entered promiscuous mode
[ 1046.871076][T18271] bond3: entered allmulticast mode
[ 1046.878549][T18271] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1047.732386][T18271] bond3 (unregistering): Released all slaves
[ 1047.853265][   T30] kauditd_printk_skb: 4 callbacks suppressed
[ 1047.853285][   T30] audit: type=1800 audit(1758653615.370:263): pid=18281 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.3673" name="bus" dev="ramfs" ino=70554 res=0 errno=0
[ 1052.330824][T18339] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3690'.
[ 1054.966682][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.997147][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1055.571395][T18364] ref_ctr_offset mismatch. inode: 0xfb0 offset: 0x0 ref_ctr_offset(old): 0x1a ref_ctr_offset(new): 0x0
[ 1055.612821][T18362] kvm: requested 23466 ns i8254 timer period limited to 200000 ns
[ 1055.654691][T18362] kvm: requested 16761 ns i8254 timer period limited to 200000 ns
[ 1055.825789][T18362] kvm: requested 166781 ns i8254 timer period limited to 200000 ns
[ 1055.840720][T18362] kvm: requested 161752 ns i8254 timer period limited to 200000 ns
[ 1055.863096][T18362] kvm: requested 139123 ns i8254 timer period limited to 200000 ns
[ 1055.890519][T18362] kvm: requested 156723 ns i8254 timer period limited to 200000 ns
[ 1056.124340][T18362] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[ 1056.182239][T18362] kvm: requested 87161 ns i8254 timer period limited to 200000 ns
[ 1062.566106][T18434] lo speed is unknown, defaulting to 1000
[ 1063.670471][T18442] netlink: 'syz.6.3723': attribute type 39 has an invalid length.
[ 1065.351346][T18458] sctp: [Deprecated]: syz.1.3729 (pid 18458) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1065.351346][T18458] Use struct sctp_sack_info instead
[ 1066.251308][T18481] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3738'.
[ 1066.486913][T18486] syz.3.3739 (18486): drop_caches: 2
[ 1066.520330][T18486] syz.3.3739 (18486): drop_caches: 2
[ 1069.049834][T18514] netlink: 3 bytes leftover after parsing attributes in process `syz.1.3747'.
[ 1069.061130][T18514] 0ªX¹¦À: renamed from caif0
[ 1069.712508][T18514] 0ªX¹¦À: entered allmulticast mode
[ 1069.718912][T18514] net_ratelimit: 11 callbacks suppressed
[ 1069.718922][T18514] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[ 1069.982063][T18516] netlink: 'syz.1.3748': attribute type 10 has an invalid length.
[ 1070.072235][T18517] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1070.234587][T18516] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1070.453364][T18522] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3749'.
[ 1071.857037][T18540] bridge1: entered allmulticast mode
[ 1072.837385][T18546] kvm: pic: non byte write
[ 1073.823886][T18553] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3757'.
[ 1074.066557][T18557] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3758'.
[ 1076.474382][T18578] lo speed is unknown, defaulting to 1000
[ 1082.477780][T18637] overlayfs: failed to clone upperpath
[ 1082.836621][T18645] overlayfs: failed to clone lowerpath
[ 1083.004057][T18640] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3785'.
[ 1083.517819][T18649] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3787'.
[ 1086.980621][T18695] vlan2: entered promiscuous mode
[ 1086.989919][T18695] team0: entered promiscuous mode
[ 1091.072445][   T30] audit: type=1800 audit(1758653658.590:264): pid=18741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3815" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0
[ 1092.164695][T18755] tipc: Failed to remove unknown binding: 66,1,1/1685973875:4028522140/4028522142
[ 1092.317839][T18755] tipc: Failed to remove unknown binding: 66,1,1/1685973875:4028522140/4028522142
[ 1092.329816][T18755] tipc: Failed to remove unknown binding: 66,1,1/1685973875:4028522140/4028522142
[ 1096.265383][T18801] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3830'.
[ 1098.278633][T18812] netlink: 96 bytes leftover after parsing attributes in process `syz.5.3844'.
[ 1106.220155][   T13] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1106.279814][   T13] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1106.333464][   T13] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1106.406070][   T13] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1107.700002][T18902] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3859'.
[ 1109.216379][T18919] loop1: detected capacity change from 0 to 32768
[ 1109.225641][T18919] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3866 (18919)
[ 1109.246610][T18919] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1109.246712][T18919] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[ 1109.364827][T18919] BTRFS info (device loop1): enabling ssd optimizations
[ 1109.364860][T18919] BTRFS info (device loop1): enabling free space tree
[ 1109.403312][   T30] audit: type=1800 audit(1758653676.920:265): pid=18919 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3866" name="file1" dev="loop1" ino=260 res=0 errno=0
[ 1110.342095][T18946] overlayfs: failed to clone upperpath
[ 1110.524809][   T30] audit: type=1800 audit(1758653678.030:266): pid=18939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3866" name="file1" dev="loop1" ino=260 res=0 errno=0
[ 1110.948791][T12628] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1112.559036][T18969] netlink: 'syz.1.3873': attribute type 1 has an invalid length.
[ 1113.433851][T10904] Bluetooth: hci2: unexpected event for opcode 0x0c7a
[ 1113.500074][  T980] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[ 1113.674930][  T980] usb 2-1: Using ep0 maxpacket: 8
[ 1113.720486][  T980] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1113.757909][  T980] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1113.928561][  T980] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1113.954635][  T980] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1113.970599][  T980] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1114.689728][  T980] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1115.054979][  T980] usb 2-1: GET_CAPABILITIES returned 0
[ 1115.925644][  T980] usbtmc 2-1:16.0: can't read capabilities
[ 1115.951255][T18993] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1116.060166][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.067781][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.090994][T18993] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1117.672437][ T5926] usb 2-1: USB disconnect, device number 10
[ 1128.928596][T19112] netlink: 1 bytes leftover after parsing attributes in process `syz.5.3918'.
[ 1130.801392][   T30] audit: type=1326 audit(1758653698.320:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19120 comm="syz.6.3920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f237fb8eec9 code=0x7ffc0000
[ 1131.055310][   T30] audit: type=1326 audit(1758653698.380:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19120 comm="syz.6.3920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f237fb8eec9 code=0x7ffc0000
[ 1131.082276][   T30] audit: type=1326 audit(1758653698.380:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19120 comm="syz.6.3920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f237fb8eec9 code=0x7ffc0000
[ 1132.108481][   T30] audit: type=1326 audit(1758653698.380:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19120 comm="syz.6.3920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f237fb8eec9 code=0x7ffc0000
[ 1132.289974][   T30] audit: type=1326 audit(1758653698.380:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19120 comm="syz.6.3920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f237fb8eec9 code=0x7ffc0000
[ 1132.464636][   T30] audit: type=1326 audit(1758653698.380:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19120 comm="syz.6.3920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f237fb8eec9 code=0x7ffc0000
[ 1132.497475][   T30] audit: type=1326 audit(1758653698.380:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19120 comm="syz.6.3920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f237fb8ef03 code=0x7ffc0000
[ 1132.524471][   T30] audit: type=1326 audit(1758653698.420:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19120 comm="syz.6.3920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f237fb8d97f code=0x7ffc0000
[ 1132.637349][   T30] audit: type=1326 audit(1758653699.760:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19120 comm="syz.6.3920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f237fb8ef57 code=0x7ffc0000
[ 1132.743389][   T30] audit: type=1326 audit(1758653699.760:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19120 comm="syz.6.3920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f237fb8d710 code=0x7ffc0000
[ 1133.909908][T19157] F2FS-fs: Value of option "test_dummy_encryption" is unrecognized
[ 1134.278069][T19158] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3932'.
[ 1134.288932][T19158] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3932'.
[ 1134.299927][T19158] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3932'.
[ 1134.311067][T19158] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3932'.
[ 1134.321939][T19158] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3932'.
[ 1134.332920][T19158] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3932'.
[ 1134.343775][T19158] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3932'.
[ 1134.354626][T19158] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3932'.
[ 1134.365506][T19158] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3932'.
[ 1134.379688][T19158] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3932'.
[ 1134.391723][T19158] gretap2: left promiscuous mode
[ 1137.110268][T10904] Bluetooth: hci5: unexpected event for opcode 0x2064
[ 1139.286136][T19201] netlink: 'syz.6.3944': attribute type 10 has an invalid length.
[ 1139.426981][T19201] 8021q: adding VLAN 0 to HW filter on device team0
[ 1140.030931][T19205] workqueue: Failed to create a rescuer kthread for wq "bond7": -EINTR
[ 1144.729169][T10904] Bluetooth: hci5: unexpected event for opcode 0x0c7a
[ 1144.731426][T19265] vlan2: entered allmulticast mode
[ 1144.781578][T19265] veth0_to_bond: entered allmulticast mode
[ 1144.983215][T19277] (syz.7.3963,19277,0):dlmfs_mkdir:421 ERROR: invalid domain name for directory.
[ 1150.359716][T19336] __nla_validate_parse: 154 callbacks suppressed
[ 1150.359741][T19336] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3981'.
[ 1150.378259][T19336] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3981'.
[ 1152.161628][T19364] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3989'.
[ 1152.209786][  T980] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[ 1153.352093][  T980] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1153.375695][  T980] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[ 1153.517028][  T980] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[ 1153.530565][  T980] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 232, setting to 64
[ 1153.557397][  T980] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1153.918491][  T980] usb 2-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[ 1153.953191][  T980] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1154.085884][  T980] usb 2-1: Product: syz
[ 1154.096007][  T980] usb 2-1: Manufacturer: syz
[ 1154.117636][  T980] usb 2-1: SerialNumber: syz
[ 1154.365179][  T980] usb 2-1: config 0 descriptor??
[ 1155.330808][T19362] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1155.345214][  T980] input: KB Gear Tablet as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input20
[ 1155.897608][T19388] tipc: Failed to remove unknown binding: 66,1,1/0:4163038518/4163038520
[ 1155.919732][  T980] usb 2-1: USB disconnect, device number 11
[ 1155.963711][T19388] tipc: Failed to remove unknown binding: 66,1,1/0:4163038518/4163038520
[ 1158.029761][  T980] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[ 1159.451241][  T980] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1159.466180][  T980] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1159.481270][  T980] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1159.493448][  T980] usb 2-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[ 1159.938414][  T980] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1160.041165][  T980] usb 2-1: config 0 descriptor??
[ 1160.056231][  T980] hdpvr 2-1:0.0: Could not find bulk-in endpoint
[ 1160.074301][  T980] hdpvr 2-1:0.0: probe with driver hdpvr failed with error -12
[ 1161.340027][ T5926] usb 2-1: USB disconnect, device number 12
[ 1161.516477][T19427] lo speed is unknown, defaulting to 1000
[ 1165.114009][T19464] netdevsim netdevsim3: Direct firmware load for ./file0/file1 failed with error -2
[ 1165.125801][T19464] netdevsim netdevsim3: Falling back to sysfs fallback for: ./file0/file1
[ 1165.290958][T19466] lo speed is unknown, defaulting to 1000
[ 1169.450070][   T30] kauditd_printk_skb: 3 callbacks suppressed
[ 1169.450093][   T30] audit: type=1326 audit(1758653736.320:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19499 comm="syz.6.4026" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f237fb8eec9 code=0x0
[ 1175.863662][T19556] netlink: 'syz.6.4039': attribute type 3 has an invalid length.
[ 1176.010000][T19556] netlink: 'syz.6.4039': attribute type 3 has an invalid length.
[ 1177.444049][T19590] trusted_key: encrypted_key: keylen parameter is missing
[ 1177.507886][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.515809][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1186.493978][T19677] netlink: 36 bytes leftover after parsing attributes in process `syz.7.4073'.
[ 1187.391139][T19704] tipc: Started in network mode
[ 1187.405203][T19704] tipc: Node identity 6, cluster identity 4711
[ 1187.414331][T19704] tipc: Node number set to 6
[ 1188.393149][T19711] netlink: 'syz.3.4085': attribute type 4 has an invalid length.
[ 1188.645173][T19721] netlink: 996 bytes leftover after parsing attributes in process `syz.1.4089'.
[ 1189.010550][T10904] Bluetooth: hci5: unexpected event for opcode 0x0000
[ 1190.479960][T19746] lo speed is unknown, defaulting to 1000
[ 1191.967750][T19765] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4100'.
[ 1193.010112][T10904] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[ 1193.022873][T10904] Bluetooth: hci5: Injecting HCI hardware error event
[ 1193.035094][T10904] Bluetooth: hci5: hardware error 0x00
[ 1193.157271][T19784] netlink: 'syz.6.4104': attribute type 30 has an invalid length.
[ 1194.734744][T19789] Bluetooth: hci5: unexpected event for opcode 0x0000
[ 1195.928797][T10904] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[ 1205.371559][T10904] Bluetooth: hci0: unexpected event for opcode 0x007a
[ 1205.930632][T19892] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4133'.
[ 1207.246382][T19905] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1207.257191][T19905] overlayfs: missing 'lowerdir'
[ 1210.380771][T19925] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4141'.
[ 1211.169413][T19927] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4141'.
[ 1220.308005][T20004] overlayfs: failed to clone upperpath
[ 1227.289071][   T30] audit: type=1326 audit(1758653794.797:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20054 comm="syz.1.4182" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8f7b18eec9 code=0x0
[ 1227.556121][T20061] virt_wifi0 speed is unknown, defaulting to 1000
[ 1227.564039][T20061] virt_wifi0 speed is unknown, defaulting to 1000
[ 1227.572526][T20061] virt_wifi0 speed is unknown, defaulting to 1000
[ 1227.588072][T20061] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 1227.613571][T20061] virt_wifi0 speed is unknown, defaulting to 1000
[ 1227.622610][T20061] virt_wifi0 speed is unknown, defaulting to 1000
[ 1227.631559][T20061] virt_wifi0 speed is unknown, defaulting to 1000
[ 1227.640705][T20061] virt_wifi0 speed is unknown, defaulting to 1000
[ 1227.649797][T20061] virt_wifi0 speed is unknown, defaulting to 1000
[ 1230.050674][  T980] libceph: connect (1)[c::]:6789 error -101
[ 1230.514659][  T980] libceph: mon0 (1)[c::]:6789 connect error
[ 1231.485005][  T980] libceph: connect (1)[c::]:6789 error -101
[ 1231.495512][  T980] libceph: mon0 (1)[c::]:6789 connect error
[ 1231.503341][T20079] ceph: No mds server is up or the cluster is laggy
[ 1232.141888][  T980] libceph: connect (1)[c::]:6789 error -101
[ 1232.232290][  T980] libceph: mon0 (1)[c::]:6789 connect error
[ 1234.385110][T20130] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1234.431606][T20130] syzkaller0: entered promiscuous mode
[ 1234.448123][T20130] syzkaller0: entered allmulticast mode
[ 1235.524130][T20130] tipc: Resetting bearer <eth:syzkaller0>
[ 1235.573175][T20129] tipc: Resetting bearer <eth:syzkaller0>
[ 1236.770164][T20129] tipc: Disabling bearer <eth:syzkaller0>
[ 1238.940026][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.947613][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1245.330436][   T30] audit: type=1326 audit(1758653812.837:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20220 comm="syz.3.4232" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d9c38eec9 code=0x0
[ 1248.729674][   T30] audit: type=1326 audit(1758653816.227:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20272 comm="syz.1.4248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1249.679750][   T30] audit: type=1326 audit(1758653816.227:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20272 comm="syz.1.4248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1249.827719][   T30] audit: type=1326 audit(1758653816.227:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20272 comm="syz.1.4248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1250.839671][   T30] audit: type=1326 audit(1758653816.227:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20272 comm="syz.1.4248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1251.056734][   T30] audit: type=1326 audit(1758653816.237:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20272 comm="syz.1.4248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1251.790010][   T30] audit: type=1326 audit(1758653816.237:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20272 comm="syz.1.4248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1252.018519][   T30] audit: type=1326 audit(1758653816.237:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20272 comm="syz.1.4248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1252.190046][T12628] BUG: sleeping function called from invalid context at fs/inode.c:1928
[ 1252.200753][T12628] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 12628, name: syz-executor
[ 1252.212060][T12628] preempt_count: 1, expected: 0
[ 1252.217858][T12628] RCU nest depth: 0, expected: 0
[ 1252.223885][T12628] 2 locks held by syz-executor/12628:
[ 1252.230966][T12628]  #0: ffff8880501000e0 (&type->s_umount_key#51){++++}-{4:4}, at: deactivate_super+0xa9/0xe0
[ 1252.243861][T12628]  #1: ffff888050100998 (&s->s_inode_list_lock){+.+.}-{3:3}, at: hook_sb_delete+0xae/0xbd0
[ 1252.256724][T12628] Preemption disabled at:
[ 1252.256739][T12628] [<0000000000000000>] 0x0
[ 1252.267903][T12628] CPU: 1 UID: 0 PID: 12628 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[ 1252.267921][T12628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1252.267928][T12628] Call Trace:
[ 1252.267934][T12628]  <TASK>
[ 1252.267939][T12628]  dump_stack_lvl+0x189/0x250
[ 1252.267958][T12628]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1252.267973][T12628]  ? __pfx__printk+0x10/0x10
[ 1252.267990][T12628]  ? print_lock_name+0xde/0x100
[ 1252.268007][T12628]  __might_resched+0x495/0x610
[ 1252.268028][T12628]  ? __pfx___might_resched+0x10/0x10
[ 1252.268043][T12628]  ? __lock_acquire+0xab9/0xd20
[ 1252.268067][T12628]  iput+0x2b/0xc50
[ 1252.268082][T12628]  ? hook_sb_delete+0x1a8/0xbd0
[ 1252.268100][T12628]  hook_sb_delete+0x6b5/0xbd0
[ 1252.268114][T12628]  ? hook_sb_delete+0x1a8/0xbd0
[ 1252.268131][T12628]  ? __pfx_hook_sb_delete+0x10/0x10
[ 1252.268145][T12628]  ? __pfx_fsnotify_sb_delete+0x10/0x10
[ 1252.268158][T12628]  ? evict_inodes+0x684/0x6d0
[ 1252.268172][T12628]  ? __pfx_evict_inodes+0x10/0x10
[ 1252.268189][T12628]  security_sb_delete+0x80/0x150
[ 1252.268206][T12628]  generic_shutdown_super+0xaa/0x2c0
[ 1252.268224][T12628]  kill_litter_super+0x76/0xb0
[ 1252.268236][T12628]  deactivate_locked_super+0xbc/0x130
[ 1252.268254][T12628]  cleanup_mnt+0x425/0x4c0
[ 1252.268269][T12628]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1252.268286][T12628]  task_work_run+0x1d4/0x260
[ 1252.268302][T12628]  ? __pfx_task_work_run+0x10/0x10
[ 1252.268314][T12628]  ? __x64_sys_umount+0x122/0x160
[ 1252.268328][T12628]  ? exit_to_user_mode_loop+0x40/0x130
[ 1252.268345][T12628]  exit_to_user_mode_loop+0xe9/0x130
[ 1252.268360][T12628]  do_syscall_64+0x2bd/0xfa0
[ 1252.268375][T12628]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1252.268389][T12628]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1252.268401][T12628]  ? clear_bhb_loop+0x60/0xb0
[ 1252.268415][T12628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1252.268427][T12628] RIP: 0033:0x7f8f7b1901f7
[ 1252.268439][T12628] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 1252.268449][T12628] RSP: 002b:00007ffeea603b98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1252.268462][T12628] RAX: 0000000000000000 RBX: 00007f8f7b211d7d RCX: 00007f8f7b1901f7
[ 1252.268470][T12628] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffeea603c50
[ 1252.268477][T12628] RBP: 00007ffeea603c50 R08: 0000000000000000 R09: 0000000000000000
[ 1252.268484][T12628] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffeea604ce0
[ 1252.268492][T12628] R13: 00007f8f7b211d7d R14: 0000000000131adc R15: 00007ffeea604d20
[ 1252.268511][T12628]  </TASK>
[ 1252.269778][   T30] audit: type=1326 audit(1758653816.237:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20272 comm="syz.1.4248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1253.686070][   T30] audit: type=1326 audit(1758653816.237:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20272 comm="syz.1.4248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1253.723516][   T30] audit: type=1326 audit(1758653816.237:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20272 comm="syz.1.4248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1253.774817][   T30] audit: type=1326 audit(1758653816.237:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20272 comm="syz.1.4248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1253.815275][   T30] audit: type=1326 audit(1758653816.237:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20272 comm="syz.1.4248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000
[ 1253.862723][   T30] audit: type=1326 audit(1758653816.247:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20272 comm="syz.1.4248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f7b18eec9 code=0x7ffc0000