last executing test programs: 15.601183108s ago: executing program 3 (id=221): r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x8, 0x3, 0x1e8, 0x0, 0xffffffff, 0xffffffff, 0x100, 0xffffffff, 0x198, 0xffffff7a, 0xffffffff, 0x198, 0xffffffff, 0x7fffffe, 0x0, {[{{@uncond, 0x6, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x6, 0x3, 0x6, '\x00', {0x3}}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0xff000000, 'team_slave_0\x00', 'ip6gre0\x00', {0xff}, {}, 0x6, 0x3}, 0x0, 0x70, 0x98}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x0, 0x0, 0x4}, {0x4, 0x5, 0x6}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x248) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) bind$ax25(r4, &(0x7f0000000100)={{0x3, @null, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x48) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) read(r4, &(0x7f00000000c0)=""/20, 0x14) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x10) ioctl$sock_netdev_private(r5, 0x8914, &(0x7f0000000000)) setsockopt$ax25_SO_BINDTODEVICE(r4, 0x101, 0x19, &(0x7f0000000240)=@bpq0, 0x10) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r6, 0x29, 0xd0, &(0x7f0000000000)=0xffffffa4, 0x4) ioctl$sock_netrom_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x0, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bpq0, 0x1, 'syz1\x00', @default, 0x1, 0x0, [@null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default]}) setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d) ioctl$sock_netdev_private(r2, 0x8914, &(0x7f0000000000)) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000640)=0x17ff, 0x4) r7 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0xfd, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40) sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8084) 14.51956321s ago: executing program 2 (id=223): sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_socket_connect_nvme_tcp() r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'veth0_to_bond\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@ipv4_newroute={0x34, 0x1a, 0x1, 0x70bd28, 0x0, {0x2, 0x20, 0x20, 0x0, 0x0, 0x0, 0x0, 0x7}, [@RTA_IIF={0x8, 0x3, r4}, @RTA_DST={0x8, 0x1, @remote}, @RTA_SRC={0x8, 0x2, @private=0xa010100}]}, 0x34}}, 0xea5bc50b6199d77e) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x24000804}, 0x4c844) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000001440)={&(0x7f0000000540)=@ipv6_newaddrlabel={0x38, 0x48, 0x321, 0x70bd2c, 0x25dfdbfb, {0xa, 0x0, 0x0, 0x0, 0x0, 0x4}, [@IFAL_LABEL={0x8, 0x2, 0x6}, @IFAL_ADDRESS={0x14, 0x1, @mcast1}]}, 0x38}, 0x1, 0x0, 0x0, 0x4010}, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000040)=0x4) sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000200)=ANY=[@ANYBLOB="02030002130000002dbd7000ffdbdf25010014102300000005000600000000000a00ffffffffffffff80000000000000000000b5f4943a01fbffffff0000000002000100000000000400050c0000000005000500000000000a000000000000000000000000000000000000000000000107000000000000000400080098"], 0x98}, 0x1, 0x7}, 0x14) r7 = socket$netlink(0x10, 0x3, 0x0) setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000280)={@rand_addr=0x64010102, @loopback}, 0x8) sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x38, 0x10, 0x801, 0x4000000, 0xfffffffc, {0x0, 0x0, 0x4c, 0x0, 0x204e9, 0x500}, [@IFLA_GROUP={0x8}, @IFLA_OPERSTATE={0x5, 0x10, 0x5}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x4529}]}, 0x38}, 0x1, 0xffffa888}, 0x20000880) 12.907637448s ago: executing program 2 (id=224): openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/address_bits', 0x101581, 0x100) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) ptrace$peek(0x1, r0, &(0x7f0000000040)) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6) r3 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x4e20, 0x0, @mcast1}}}, 0x88) r4 = socket(0x10, 0x3, 0x0) r5 = io_uring_setup(0x11a4, &(0x7f0000000080)={0x0, 0xd3e8, 0x80, 0x3, 0x7}) seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_RING_FDS(r5, 0x15, &(0x7f0000004c00)=[{0x0, 0x0, 0x0, 0x0, 0x0}], 0x1) syz_mount_image$erofs(&(0x7f00000008c0), &(0x7f0000000180)='./bus\x00', 0x0, &(0x7f0000000040)=ANY=[], 0xf5, 0x210, &(0x7f00000001c0)="$eJzsmc9rE0EUx78z2WySoqIXD4IoWLBCu9ndqPTiof4DCq0/erOYKNW1ke0e2oJo8OLFP8N/wUNPOXjz5lUPKggezFE8ycjMvOyO5gcJMV58H+jsd968mXnzuvMCCRiG+W/5/On7x5dXVzeWARwpL6JC9q+lwkc6/h+qJN6/erNz7MmhM6QE+Qrb704aQ3ethKy/iFLKHVuk5wZkrm9A4gLpWxAISN+BxE0Ax6m/edQ+H0Bgk2ztGomkFdxtJ81720kr1E2km1g3DXd/D0CvI9AEUKX4hDO+u3/wcCtJWqkRsrCUVX+f9Hef6cW43HmA11uTuOLkT0dx+8Xzju73cxM6+YsgEZFuQGCd9CoqCIJAvwI2Jc75T3nF+qWR589F8wcw/fmvlWdPlhY+rDixMs55eaa9JGaa7gP4CyedVOh7OZGzqpl/8dM/hjr/LtT5C+FYalroC51bTvYO3w7O+jLPwM7O98igmj0w9G6hsOT3deg6p5s/xeDKPs0ZuntRP3XJPe/UJw9eXj/q2aPH9d39g5VtHeT91k4cNy6HF8PwUlw3tdm2Y+pf1dSnBWf98ghfX/jY28qyNNoDsjTK+7FtnYq7/rr9zcyRpv5JLJ2za+hXxRy7MnwPQX/2c1CrpdLI4BmGYRiGYRiGYRiGYRiGYabiDIT5FpR+qFJK4ZkdUS7xdWP7FQAA///3bE2h") write(r4, &(0x7f0000000180), 0x0) mkdir(&(0x7f0000000200)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@redirect_dir_off}]}) 12.791108849s ago: executing program 3 (id=225): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=@dellink={0x40, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x1092, 0x40000}, [@IFLA_TARGET_NETNSID={0x8, 0x2e, 0x4}, @IFLA_PORT_SELF={0x18, 0x19, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "5b1f8b30876fac3c90d9e206b034a83c"}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x801}, 0x4000000) pipe2$watch_queue(0x0, 0x80) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240), &(0x7f0000000300)=0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) accept4$nfc_llcp(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_usb_connect(0x5, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x60242, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x6b4, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$get_persistent(0x16, 0xffffffffffffffff, r5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x15, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x1e}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x1a}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x27, 0xffffffffffffffff, 0x6}, 0x33) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r1) 12.67448866s ago: executing program 0 (id=227): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x22000402, &(0x7f00000003c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x101}}, {@noblock_validity}, {@noinit_itable}, {@discard}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@noquota}, {@sb={'sb', 0x3d, 0x7}}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x85, 0x4ef, &(0x7f0000000b00)="$eJzs3MtvG8UfAPDv2nn1mbS/6gd9QAMFEVFImrRADxwAgdQLCAkO5RjSUJWmLWqDRKuKBoTKEfEXFI5ISJy4cAIJIeACiCvcUaUK5dLAARmNvZs4iZM4b1p/PpLtmfXszn53d7zjHa8DaFm96SmL2B4Rv0VEdy07u0Bv7WVq8urIX5NXR7KoVF75M6uWuz15daQoWsy3Lc/0lSJKH2Sxv0G9ly5fOTs8NjZ6Mc8PjJ97a+DS5SuPnzk3fHr09Oj5oePHjx0dfOrJoSeaiuPaEu+nuG7ve/fCgb0nXvv4xZFKvP7D52l9t+fv18dR09NUvQsrtkalamZ6R/X54VUu/b9mR106a9vEFWFZyhGRdld7tf13Rzlmdl53vPD+dObbTVpBYN2kc9OueVPL+WspP3sBd6dMG4cWVZzx0/ff4rGR/Y/NduvZ9DxajX8qf/z0Um3blNJ32Z7aN/auOfOV8tf/N1hmKluudaEq3UvUvz0iTk78fSM9ouF1iEVkTZcEAJj2der/PNao/1ea1bfZmY+h9ETE4YjYHRH/i4g90z2hiHsi4t5l1t87Jz+///PLlmUucllS/+/pfGyreNTeKeLKpnM7qvG3Z2+cGRs9km+TvmjvTPnBRer45vlfP1rovd66/l96pPqLvmC+Hjfb5nQ+Tw2PD68i5FluvRexr61R/Nn0SEDaAnsjYt8Klp+22ZlHPzuQ0ju3zX9/6fgXkOUDF6tU+TTikdr+n4g58ddVlWpaaHxyoCvGRo8MFEfFfD/+fP3l+nx7XXpW/F3NxTT3u8hqpP2/dc7xX1t+Hn8pr3DOeO3EMuq4/vuHC0Y1K/5y3JiazOJkvvDamGLpZltnRGyZ2Wzp+O/IXq2mO/Jp7wyPj18cjOjIJ8yaPjRTX5Evyqf4+w41bv+7I/75JJ9vf0Skg/i+iLg/Ig7m6/5ARDwYEYcWif/75x56c/EttILjf42k+E81/PybPv57svrx+hUkyme/+2qh+pv6/Os8Vk315VOa+fxrdgVXs+0AAADgTlGqjkFnpf4iXXdxak9sLY1duDR+uDfePn+qNlbdE+2l4kpXd9310MH82nCRH0rpjpn80YjYVf2l0ZZqvn/kwtiOzQwcqN6rU7T/znxaf3/t9Y/yZq4ZsCGWNY5W/6OzL75c+5UBNpT7NaF1af/QurR/aF3aP7SuRu3/WsTUJqwKsMGaO/9X3G4OdyH9f2hd2j+0rpn27xd/0ELm3xJf/N3KSu70n0nsPrGq2dc9UelelyVPLH+u8jpFGnV/2rFw4SwiVlZFlBYv0xGXr3StUTjpDLVYmeKmlaYXWFqyzDNLbZb2Vf0nRkoczBOdEdHsXNea2Kdrd/wkmct+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAHe3fAAAA///pidwx") 10.300205686s ago: executing program 1 (id=229): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) getsockopt$rose(r0, 0x104, 0x1, 0x0, 0x0) getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x3, 0x0, 0x0) openat$audio1(0xffffffffffffff9c, 0x0, 0x129202, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) openat$vimc0(0xffffff9c, 0x0, 0x2, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x49d, 0x0, &(0x7f0000000340), &(0x7f00000006c0), &(0x7f0000000000)) bpf$MAP_CREATE(0x0, 0x0, 0x48) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x801) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x1}) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5}) ioctl$UFFDIO_CONTINUE(r3, 0x8010aa01, &(0x7f0000000000)={{&(0x7f0000600000/0x3000)=nil, 0x3000}}) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000240)={0x0, 0x6d007ee5}, 0x8) sendmmsg$inet6(r2, &(0x7f0000000200), 0x0, 0x20048000) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008011}, 0x4004) 10.222775327s ago: executing program 0 (id=230): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) socket$igmp(0x2, 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x103}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7) rt_tgsigqueueinfo(r1, r1, 0x2a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) pipe2$9p(&(0x7f0000002740), 0x80080) fsopen(&(0x7f0000000040)='ceph\x00', 0x1) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$FUSE(r4, &(0x7f0000000200)={0x2020}, 0x2020) mount(0x0, 0x0, 0x0, 0x2204c96, 0x0) r5 = syz_init_net_socket$llc(0x1a, 0x0, 0x0) fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f00000001c0)='\x00', 0x0, r5) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') lseek(r6, 0xfffd, 0x0) socket(0x10, 0x2, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000001c80)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2, 0x3}}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @union]}}, 0x0, 0x4e}, 0x28) ioctl$SIOCSIFHWADDR(r0, 0x8923, &(0x7f0000000280)={'netdevsim0\x00', @remote}) 9.02179105s ago: executing program 3 (id=231): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) connect$pppoe(0xffffffffffffffff, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'xfrm0\x00'}}, 0x1e) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='comm\x00') writev(r4, &(0x7f00000006c0), 0x0) fsopen(&(0x7f0000000140)='sysfs\x00', 0x0) r5 = openat$rtc(0xffffffffffffff9c, 0x0, 0x189182, 0x0) ioctl$RTC_AIE_ON(r5, 0x7001) close(0xffffffffffffffff) 8.906843432s ago: executing program 0 (id=232): openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/address_bits', 0x101581, 0x100) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) ptrace$peek(0x1, r0, &(0x7f0000000040)) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6) r3 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x4e20, 0x0, @mcast1}}}, 0x88) r4 = socket(0x10, 0x3, 0x0) r5 = io_uring_setup(0x11a4, &(0x7f0000000080)={0x0, 0xd3e8, 0x80, 0x3, 0x7}) seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_RING_FDS(r5, 0x15, &(0x7f0000004c00)=[{0x0, 0x0, 0x0, 0x0, 0x0}], 0x1) syz_mount_image$erofs(&(0x7f00000008c0), &(0x7f0000000180)='./bus\x00', 0x0, &(0x7f0000000040)=ANY=[], 0xf5, 0x210, &(0x7f00000001c0)="$eJzsmc9rE0EUx78z2WySoqIXD4IoWLBCu9ndqPTiof4DCq0/erOYKNW1ke0e2oJo8OLFP8N/wUNPOXjz5lUPKggezFE8ycjMvOyO5gcJMV58H+jsd968mXnzuvMCCRiG+W/5/On7x5dXVzeWARwpL6JC9q+lwkc6/h+qJN6/erNz7MmhM6QE+Qrb704aQ3ethKy/iFLKHVuk5wZkrm9A4gLpWxAISN+BxE0Ax6m/edQ+H0Bgk2ztGomkFdxtJ81720kr1E2km1g3DXd/D0CvI9AEUKX4hDO+u3/wcCtJWqkRsrCUVX+f9Hef6cW43HmA11uTuOLkT0dx+8Xzju73cxM6+YsgEZFuQGCd9CoqCIJAvwI2Jc75T3nF+qWR589F8wcw/fmvlWdPlhY+rDixMs55eaa9JGaa7gP4CyedVOh7OZGzqpl/8dM/hjr/LtT5C+FYalroC51bTvYO3w7O+jLPwM7O98igmj0w9G6hsOT3deg6p5s/xeDKPs0ZuntRP3XJPe/UJw9eXj/q2aPH9d39g5VtHeT91k4cNy6HF8PwUlw3tdm2Y+pf1dSnBWf98ghfX/jY28qyNNoDsjTK+7FtnYq7/rr9zcyRpv5JLJ2za+hXxRy7MnwPQX/2c1CrpdLI4BmGYRiGYRiGYRiGYRiGYabiDIT5FpR+qFJK4ZkdUS7xdWP7FQAA///3bE2h") write(r4, &(0x7f0000000180), 0x0) mkdir(&(0x7f0000000200)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@redirect_dir_off}]}) 8.872888612s ago: executing program 1 (id=233): openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/address_bits', 0x101581, 0x100) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) ptrace$peek(0x1, r0, &(0x7f0000000040)) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6) r1 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x4e20, 0x0, @mcast1}}}, 0x88) r2 = socket(0x10, 0x3, 0x0) r3 = io_uring_setup(0x11a4, &(0x7f0000000080)={0x0, 0xd3e8, 0x80, 0x3, 0x7}) seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_RING_FDS(r3, 0x15, &(0x7f0000004c00)=[{0x0, 0x0, 0x0, 0x0, 0x0}], 0x1) syz_mount_image$erofs(&(0x7f00000008c0), &(0x7f0000000180)='./bus\x00', 0x0, &(0x7f0000000040)=ANY=[], 0xf5, 0x210, &(0x7f00000001c0)="$eJzsmc9rE0EUx78z2WySoqIXD4IoWLBCu9ndqPTiof4DCq0/erOYKNW1ke0e2oJo8OLFP8N/wUNPOXjz5lUPKggezFE8ycjMvOyO5gcJMV58H+jsd968mXnzuvMCCRiG+W/5/On7x5dXVzeWARwpL6JC9q+lwkc6/h+qJN6/erNz7MmhM6QE+Qrb704aQ3ethKy/iFLKHVuk5wZkrm9A4gLpWxAISN+BxE0Ax6m/edQ+H0Bgk2ztGomkFdxtJ81720kr1E2km1g3DXd/D0CvI9AEUKX4hDO+u3/wcCtJWqkRsrCUVX+f9Hef6cW43HmA11uTuOLkT0dx+8Xzju73cxM6+YsgEZFuQGCd9CoqCIJAvwI2Jc75T3nF+qWR589F8wcw/fmvlWdPlhY+rDixMs55eaa9JGaa7gP4CyedVOh7OZGzqpl/8dM/hjr/LtT5C+FYalroC51bTvYO3w7O+jLPwM7O98igmj0w9G6hsOT3deg6p5s/xeDKPs0ZuntRP3XJPe/UJw9eXj/q2aPH9d39g5VtHeT91k4cNy6HF8PwUlw3tdm2Y+pf1dSnBWf98ghfX/jY28qyNNoDsjTK+7FtnYq7/rr9zcyRpv5JLJ2za+hXxRy7MnwPQX/2c1CrpdLI4BmGYRiGYRiGYRiGYRiGYabiDIT5FpR+qFJK4ZkdUS7xdWP7FQAA///3bE2h") write(r2, &(0x7f0000000180), 0x0) mkdir(&(0x7f0000000200)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@redirect_dir_off}]}) 7.894956643s ago: executing program 3 (id=234): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=@dellink={0x40, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x1092, 0x40000}, [@IFLA_TARGET_NETNSID={0x8, 0x2e, 0x4}, @IFLA_PORT_SELF={0x18, 0x19, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "5b1f8b30876fac3c90d9e206b034a83c"}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x801}, 0x4000000) pipe2$watch_queue(0x0, 0x80) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240), &(0x7f0000000300)=0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) accept4$nfc_llcp(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_usb_connect(0x5, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x60242, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x6b4, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$get_persistent(0x16, 0xffffffffffffffff, r5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x15, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x1e}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x1a}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x27, 0xffffffffffffffff, 0x6}, 0x33) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r1) 7.487788798s ago: executing program 0 (id=235): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=@dellink={0x40, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x1092, 0x40000}, [@IFLA_TARGET_NETNSID={0x8, 0x2e, 0x4}, @IFLA_PORT_SELF={0x18, 0x19, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "5b1f8b30876fac3c90d9e206b034a83c"}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x801}, 0x4000000) pipe2$watch_queue(0x0, 0x80) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240), &(0x7f0000000300)=0x8) socket$nl_generic(0x10, 0x3, 0x10) accept4$nfc_llcp(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_usb_connect(0x5, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x60242, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x6b4, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$get_persistent(0x16, 0xffffffffffffffff, r4) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x15, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x1e}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x1a}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x27, 0xffffffffffffffff, 0x6}, 0x33) keyctl$clear(0x7, r4) 6.642760667s ago: executing program 1 (id=236): socket$kcm(0x29, 0x7, 0x0) ioperm(0x2, 0x7ff, 0x8) ioperm(0x9, 0x6, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) r0 = socket$inet6(0xa, 0x80001, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000080)=0x6) socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f0000000240)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x4e21, 0x0, @empty, 0x8}}}, 0x108) 6.475838099s ago: executing program 2 (id=237): syz_mount_image$vfat(&(0x7f0000001800), &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000008, &(0x7f0000000980)=ANY=[], 0x4, 0x28a, &(0x7f00000012c0)="$eJzs201rE10YxvGrbZ6+Pm3yPNVqK+KNbnQztPEThNKCGFBqI76AMLUTDZkmJRMqEbHdufVzFJfuBPELdOMncOGuG3d2IY50EtukHfEFzKD5/zZzh5Mrcw73GTiLzO6t52vlYuAU3br6+0wpaVB7Ukb9GlBTX+vaH9WDarelS5P5d2dv3L5zNZfPLyyZLeaWL2fNbOLc60dPXpx/Ux+7+XLi1ZB2Mvd2P2Tf70ztTO9+Xn5YCqwUWKVaN9dWqtW6u+J7tloKyo7Zdd9zA89KlcCrdYwX/er6esPcyur46HrNCwJzKw0rew2rV61ea5j7wC1VzHEcGx8VvqewvbTk5pKeBX6vWi3nzkuaOTZS2E5kQgAAIFEx5/8tzv+9gvN/L9g//99tPb+dOP8DAAAAAAAAAAAAAAAAAAAAAPAn2AvDdBiG6a/Xf6ToDZ+w9XlE0qikMUn/ShqXNCEpLSkj6T9J/0ualHRC0klJU5JOSTotabrtt2Juv5XAktFmLwyVko71f6A7/UfCEn7+kTD639vaXtwdltaebRQ2Cs1rczxXVEm+PM0qrU9RL1ua9eKV/MKsRTI6s7bZym9uFAY683NK72+YuPxcM2+d+aFo3x3ks0rvb7C4fDY2P6yLF9ryjtJ6e19V+VqN9uRh/umc2fy1/JH8TPS9v51jB2L75zjfGm/mf2B/hLOx/UlpJpXs2iEFjcdl1/e9WheLkSRuSvGLhbpwr49hGCa/UoqOvqMHHDY96ZkAAAAAAAAAAAAAAAAAAH5GN/5OmPQaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA46ksAAAD//6GAXmU=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000300)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e20, 0x4, @ipv4={'\x00', '\xff\xff', @local}, 0x8}, 0x1c) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c) r4 = open(&(0x7f00000000c0)='./file1\x00', 0x24842, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) socket$packet(0x11, 0x2, 0x300) r6 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000001380)={'wlan0\x00', 0x0}) sendto$packet(r6, &(0x7f0000000180)="0b032200e0ff25a60200475400f6a13bb1000000080080f34803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r7}, 0x14) ioctl$SIOCSIFHWADDR(r5, 0x8b06, 0x0) r8 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r8, 0x560a, &(0x7f00000000c0)={0x0, 0x4, 0xfffc, 0x20, 0xfff3}) pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfffffdd6}], 0x1, 0x9c00, 0x0, 0x3) 3.998762566s ago: executing program 0 (id=238): userfaultfd(0x801) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x8, 0x3, 0x288, 0x0, 0x1acc02, 0x148, 0x158, 0x10, 0x1f0, 0x2a8, 0x2a8, 0x1f0, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x40000, 0xf0, 0x158, 0x0, {0x0, 0x5803}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x9, 0x1, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@addrtype1={{0x28}, {0x445, 0x18, 0x8}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x5, 0xfff6, 0x8, 0x9, 'syz1\x00', 'syz0\x00', {0x470}}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@inet=@SET1={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2e8) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x410000, 0x0) ioctl$TCSETS2(r3, 0x402c542b, &(0x7f00000000c0)={0x8, 0x5, 0x8, 0xba, 0x8, "837c73ba17582ccac16653f2ba2e59abed4afd", 0x3, 0xe92}) r4 = socket$inet(0x2, 0x2, 0x1) setrlimit(0xd, &(0x7f0000000040)={0xfc7, 0x40}) connect$inet(r4, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f000002c000/0x18000)=nil, 0x0, 0x0, 0x64, 0x0, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe) creat(&(0x7f0000000000)='./file0\x00', 0x14e) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r5, &(0x7f0000006340)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r5, &(0x7f0000000280)={0x50, 0x0, r6, {0x7, 0x1f, 0x1, 0x8888b1, 0x0, 0x1, 0x2, 0xa, 0x0, 0x0, 0x2, 0x8}}, 0x50) syz_fuse_handle_req(r5, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xac901, 0x28) write$tcp_congestion(r7, &(0x7f00000000c0)='lp\x00', 0xfffffdef) dup2(r7, r5) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$USBDEVFS_CLAIM_PORT(0xffffffffffffffff, 0x80045518, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) 3.997745466s ago: executing program 3 (id=239): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=@dellink={0x40, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x1092, 0x40000}, [@IFLA_TARGET_NETNSID={0x8, 0x2e, 0x4}, @IFLA_PORT_SELF={0x18, 0x19, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "5b1f8b30876fac3c90d9e206b034a83c"}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x801}, 0x4000000) pipe2$watch_queue(0x0, 0x80) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240), &(0x7f0000000300)=0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) accept4$nfc_llcp(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_usb_connect(0x5, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x60242, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x6b4, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$get_persistent(0x16, 0xffffffffffffffff, r5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x15, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x1e}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x1a}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x27, 0xffffffffffffffff, 0x6}, 0x33) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r1) 3.62953263s ago: executing program 1 (id=240): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$VIDIOC_SUBDEV_S_CROP(0xffffffffffffffff, 0xc038563c, &(0x7f00000003c0)={0x0, 0x0, {0xfffffff9, 0xfffffffd, 0xfffff1b4}}) sendmsg$nl_generic(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x58, 0x10, 0x21, 0x70bd26, 0x0, {0x3}, [@nested={0x44, 0x1, 0x0, 0x1, [@nested={0x40, 0x116, 0x0, 0x1, [@nested={0x39, 0xd4, 0x0, 0x1, [@generic="7a5aa32349f224671c7f8f66b0153b5e06a41dcbe1e4fea111f1aff2329580ffa6fbe8735a5d8c45efad547234abc02321539bb224"]}]}]}]}, 0x58}}, 0x80) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x13, 0x0, 0x0, 0x2}, 0x10}}, 0x0) socket$inet6(0xa, 0x0, 0x8) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00'}) fsetxattr$security_capability(r1, &(0x7f00000020c0), &(0x7f0000002140)=@v1={0x1000000, [{0x100, 0x9}]}, 0xc, 0x3) r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000440), 0xa080) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r2, 0xc0505405, &(0x7f00000006c0)={{0x1, 0x3, 0x201, 0x3}, 0x9, 0x100000200, 0x32}) socket$nl_route(0x10, 0x3, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb080045000018fffe0000a02f90787f000001e000000120018c0b00089078"], 0x0) r3 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x1a1300) poll(&(0x7f0000000040)=[{r3, 0x8744}], 0x1, 0x0) read$FUSE(r3, &(0x7f0000000040)={0x2020}, 0x2020) poll(&(0x7f0000002100)=[{r3, 0x688}], 0x1, 0x6) syz_open_dev$video4linux(&(0x7f0000002080), 0x6, 0x101040) ioctl$FS_IOC_GETFSLABEL(r3, 0x81009431, &(0x7f0000001580)) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x1, 0x0, 0x7ffc0005}]}) timer_create(0x2, 0x0, &(0x7f0000000480)=0x0) timer_delete(r4) ioctl$HIDIOCSFLAG(0xffffffffffffffff, 0x4004480f, &(0x7f0000001540)=0x1) dup3(r0, r3, 0x80000) 3.62681624s ago: executing program 2 (id=241): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() r1 = syz_open_dev$video4linux(0x0, 0x0, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r1, 0x4020565a, &(0x7f00000000c0)={0x3, 0x10980901, 0x1}) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r4, 0x0) r5 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x25, &(0x7f0000000400)={r6, @in={{0x2, 0x4e23, @empty}}, 0x4000}, 0x90) r7 = socket$rxrpc(0x21, 0x2, 0xa) r8 = syz_open_dev$usbfs(0x0, 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r8, 0xc0105500, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000140)={@random="e90c610faca2", @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2, 0x1, 0x2, 0xc, 0x100, @val=0x80}}}}}}}, 0x0) socket$kcm(0x29, 0x2, 0x0) syz_emit_ethernet(0xbe, &(0x7f0000001140)=ANY=[@ANYBLOB="0180c2000002bbbbbbbbbbbb0800450000b00000000200119078000000000000000000000000009c907801000000040000009e188a80c32aa9b86ed63856992732d9f7fc6cda762c07530a038941764a92bb074336477e9205df5f47f7da965c25c746ba7f8ca07841d3da17308a6df3f54855ecedd6d8664fa12500972a48e81039a562ff321beb3f036b9fd27aeff89c8e"], 0x0) bind$rxrpc(r7, &(0x7f0000000cc0)=@in6={0x21, 0x2800, 0x2, 0x1c, {0xa, 0x1b59, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x4}}, 0x24) 1.8187782s ago: executing program 1 (id=242): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) connect$pppoe(0xffffffffffffffff, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'xfrm0\x00'}}, 0x1e) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='comm\x00') writev(r4, &(0x7f00000006c0)=[{0x0}], 0x1) fsopen(&(0x7f0000000140)='sysfs\x00', 0x0) r5 = openat$rtc(0xffffffffffffff9c, 0x0, 0x189182, 0x0) ioctl$RTC_AIE_ON(r5, 0x7001) close(0xffffffffffffffff) 1.759090821s ago: executing program 2 (id=243): openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/address_bits', 0x101581, 0x100) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) ptrace$peek(0x1, r0, &(0x7f0000000040)) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6) r3 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x4e20, 0x0, @mcast1}}}, 0x88) r4 = socket(0x10, 0x3, 0x0) r5 = io_uring_setup(0x11a4, &(0x7f0000000080)={0x0, 0xd3e8, 0x80, 0x3, 0x7}) seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_RING_FDS(r5, 0x15, &(0x7f0000004c00)=[{0x0, 0x0, 0x0, 0x0, 0x0}], 0x1) syz_mount_image$erofs(&(0x7f00000008c0), &(0x7f0000000180)='./bus\x00', 0x0, &(0x7f0000000040)=ANY=[], 0xf5, 0x210, &(0x7f00000001c0)="$eJzsmc9rE0EUx78z2WySoqIXD4IoWLBCu9ndqPTiof4DCq0/erOYKNW1ke0e2oJo8OLFP8N/wUNPOXjz5lUPKggezFE8ycjMvOyO5gcJMV58H+jsd968mXnzuvMCCRiG+W/5/On7x5dXVzeWARwpL6JC9q+lwkc6/h+qJN6/erNz7MmhM6QE+Qrb704aQ3ethKy/iFLKHVuk5wZkrm9A4gLpWxAISN+BxE0Ax6m/edQ+H0Bgk2ztGomkFdxtJ81720kr1E2km1g3DXd/D0CvI9AEUKX4hDO+u3/wcCtJWqkRsrCUVX+f9Hef6cW43HmA11uTuOLkT0dx+8Xzju73cxM6+YsgEZFuQGCd9CoqCIJAvwI2Jc75T3nF+qWR589F8wcw/fmvlWdPlhY+rDixMs55eaa9JGaa7gP4CyedVOh7OZGzqpl/8dM/hjr/LtT5C+FYalroC51bTvYO3w7O+jLPwM7O98igmj0w9G6hsOT3deg6p5s/xeDKPs0ZuntRP3XJPe/UJw9eXj/q2aPH9d39g5VtHeT91k4cNy6HF8PwUlw3tdm2Y+pf1dSnBWf98ghfX/jY28qyNNoDsjTK+7FtnYq7/rr9zcyRpv5JLJ2za+hXxRy7MnwPQX/2c1CrpdLI4BmGYRiGYRiGYRiGYRiGYabiDIT5FpR+qFJK4ZkdUS7xdWP7FQAA///3bE2h") write(r4, &(0x7f0000000180), 0x0) mkdir(&(0x7f0000000200)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@redirect_dir_off}]}) 488.134415ms ago: executing program 1 (id=244): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, 0x0) uname(&(0x7f0000000080)=""/209) syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x0, &(0x7f0000000000), 0x0, 0x248, &(0x7f0000000940)="$eJzs3T9oFFkcB/DfzO5eLsly5O6ag4O7g+M47gIh1x3YxEYhICGICCpERGyURIgJdomVjYXWKqlsgtgZrdMEG0Ww8k+K2AgaLAwWWqzsTiLRbDBxN7uS+Xxg2JnZee/3hp3v221mNoDc6omIgYgoRERvRJQiIll/wB/Z0rO6OdO5MBJRqRx8ndSOy7Yza+26I2I6Iv6PiPk0idPFiMm5o0tvH+//+9JE6a8bc0c6W3qSq5aXFg+sXB+6eHvwv8kHj14OJTEQ5U/Oq/mSOvuKScRPO1HsG5EU2z0CtmL4/K0n1dz/HBF/1vJfijSyD+/y+Hfzpfj32mZtr7x6+Gsrxwo0X6VSqn4HTleA3EkjohxJ2hcR2Xqa9vVlv+GfFrrSM2Pj53pPjU2Mnmz3TAU0Szlicd/djjvdn+X/RSHLP7B7VfN/aHj2WXV9pdDu0QCtVM1/7/Gpf0L+IXfkH/JL/iG/5B/yS/4hv+Qf8kv+Ydf4frsN5B/yS/4hv+Qf8mt9/gGAfKl0tPsOZKBd2j3/AAAAAAAAAAAAAAAAAAAAG810LoysLa2qee9qxPLeiCjWq1+o/R/x2qNNu94k1cM+SrJmDTn2e4MdNOjmDt59vZVHuv3wfOfqb8X935rZW3nbLaZGI6YvRER/sbjx+ktWr7+v9+MX3i+daLBAg/Ycbm/997Otq1Wqs2+wkmQr/fXmnzR+qb3Wn3/Km/S5HWffNdgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALfMhAAD//+M2bGo=") openat$tun(0xffffffffffffff9c, 0x0, 0x80000, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ptrace$setregs(0xd, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94) ptrace$getregset(0x4204, 0x0, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x410, 0x2d8, 0x98, 0x2d8, 0x98, 0x138, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@multicast1, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb8, 0x100, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x0, 0x28, 0x0, 0x0, 0x0, 0x1}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private2, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x1fb, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x470) r3 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r3, 0x800c6613, &(0x7f00000006c0)=@v1={0x0, @aes256, 0x8, @auto="377a6a7bfb4d8c0c"}) r4 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r4, &(0x7f0000000000), 0x10) setsockopt$CAN_RAW_FILTER(r4, 0x65, 0x1, &(0x7f00000000c0), 0xf00) setsockopt$CAN_RAW_FILTER(r4, 0x65, 0x1, 0x0, 0x0) unshare(0x60000600) 487.665325ms ago: executing program 3 (id=245): openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/address_bits', 0x101581, 0x100) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) ptrace$peek(0x1, r0, &(0x7f0000000040)) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6) r1 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x4e20, 0x0, @mcast1}}}, 0x88) r2 = socket(0x10, 0x3, 0x0) r3 = io_uring_setup(0x11a4, &(0x7f0000000080)={0x0, 0xd3e8, 0x80, 0x3, 0x7}) seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_RING_FDS(r3, 0x15, &(0x7f0000004c00)=[{0x0, 0x0, 0x0, 0x0, 0x0}], 0x1) syz_mount_image$erofs(&(0x7f00000008c0), &(0x7f0000000180)='./bus\x00', 0x0, &(0x7f0000000040)=ANY=[], 0xf5, 0x210, &(0x7f00000001c0)="$eJzsmc9rE0EUx78z2WySoqIXD4IoWLBCu9ndqPTiof4DCq0/erOYKNW1ke0e2oJo8OLFP8N/wUNPOXjz5lUPKggezFE8ycjMvOyO5gcJMV58H+jsd968mXnzuvMCCRiG+W/5/On7x5dXVzeWARwpL6JC9q+lwkc6/h+qJN6/erNz7MmhM6QE+Qrb704aQ3ethKy/iFLKHVuk5wZkrm9A4gLpWxAISN+BxE0Ax6m/edQ+H0Bgk2ztGomkFdxtJ81720kr1E2km1g3DXd/D0CvI9AEUKX4hDO+u3/wcCtJWqkRsrCUVX+f9Hef6cW43HmA11uTuOLkT0dx+8Xzju73cxM6+YsgEZFuQGCd9CoqCIJAvwI2Jc75T3nF+qWR589F8wcw/fmvlWdPlhY+rDixMs55eaa9JGaa7gP4CyedVOh7OZGzqpl/8dM/hjr/LtT5C+FYalroC51bTvYO3w7O+jLPwM7O98igmj0w9G6hsOT3deg6p5s/xeDKPs0ZuntRP3XJPe/UJw9eXj/q2aPH9d39g5VtHeT91k4cNy6HF8PwUlw3tdm2Y+pf1dSnBWf98ghfX/jY28qyNNoDsjTK+7FtnYq7/rr9zcyRpv5JLJ2za+hXxRy7MnwPQX/2c1CrpdLI4BmGYRiGYRiGYRiGYRiGYabiDIT5FpR+qFJK4ZkdUS7xdWP7FQAA///3bE2h") write(r2, &(0x7f0000000180), 0x0) mkdir(&(0x7f0000000200)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@redirect_dir_off}]}) 401.037526ms ago: executing program 0 (id=246): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=@dellink={0x40, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x1092, 0x40000}, [@IFLA_TARGET_NETNSID={0x8, 0x2e, 0x4}, @IFLA_PORT_SELF={0x18, 0x19, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "5b1f8b30876fac3c90d9e206b034a83c"}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x801}, 0x4000000) pipe2$watch_queue(0x0, 0x80) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000240), &(0x7f0000000300)=0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) accept4$nfc_llcp(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_usb_connect(0x5, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x60242, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x6b4, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$get_persistent(0x16, 0xffffffffffffffff, r5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x15, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x1e}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x1a}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x27, 0xffffffffffffffff, 0x6}, 0x33) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r1) 0s ago: executing program 2 (id=247): openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) r0 = socket(0x10, 0x803, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14, 0x10, 0x1, 0x700, 0x0, {0x7}}, [@NFT_MSG_NEWRULE={0xa0, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x74, 0x4, 0x0, 0x1, [{0x70, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x60, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8}, @NFTA_MATCH_NAME={0xc, 0x1, 'physdev\x00'}, @NFTA_MATCH_INFO={0x46, 0x3, "7e6b92c43235dc7e977221f83c3f179e65022fc067b787cd67b6d9983b1bddafbdf6a37da5ed332cd2ee94b31d2ec330ce34cc676c0783a4bcc1e966554b0470581f"}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x20, 0x0, 0x0, {0xa}}}, 0xc8}, 0x1, 0x0, 0x0, 0x4008011}, 0x4000800) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, 0x0, 0x4000080) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x81}, 0x0) unshare(0x20000400) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r3 = socket$igmp(0x2, 0x3, 0x2) getsockopt$IP_VS_SO_GET_VERSION(r3, 0x0, 0x480, &(0x7f0000000640), &(0x7f0000000680)=0x40) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.90' (ED25519) to the list of known hosts. [ 80.180334][ T5762] cgroup: Unknown subsys name 'net' [ 80.319752][ T5762] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 81.963546][ T5762] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 83.569407][ T5774] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 83.581659][ T5774] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 83.590993][ T5774] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 83.601920][ T5776] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 83.610019][ T5776] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 83.618424][ T5776] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 83.628769][ T5780] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 83.658236][ T5780] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 83.666661][ T5780] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 83.675018][ T5780] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 83.682955][ T5780] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 83.691714][ T5781] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 83.699679][ T5781] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 83.713005][ T5780] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 83.719952][ T5776] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 83.722913][ T5780] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 83.734760][ T5780] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 83.743043][ T5781] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 83.751889][ T5780] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 83.759309][ T5781] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 83.766746][ T5780] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 83.809563][ T5776] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 83.818743][ T5776] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 83.832396][ T5776] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 84.279201][ T5777] chnl_net:caif_netlink_parms(): no params data found [ 84.363621][ T5775] chnl_net:caif_netlink_parms(): no params data found [ 84.409886][ T5782] chnl_net:caif_netlink_parms(): no params data found [ 84.512279][ T5772] chnl_net:caif_netlink_parms(): no params data found [ 84.524667][ T5777] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.532726][ T5777] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.539990][ T5777] bridge_slave_0: entered allmulticast mode [ 84.547615][ T5777] bridge_slave_0: entered promiscuous mode [ 84.557723][ T5777] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.565093][ T5777] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.577718][ T5777] bridge_slave_1: entered allmulticast mode [ 84.585977][ T5777] bridge_slave_1: entered promiscuous mode [ 84.676466][ T5775] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.683891][ T5775] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.691458][ T5775] bridge_slave_0: entered allmulticast mode [ 84.698457][ T5775] bridge_slave_0: entered promiscuous mode [ 84.738258][ T5775] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.745736][ T5775] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.753150][ T5775] bridge_slave_1: entered allmulticast mode [ 84.760535][ T5775] bridge_slave_1: entered promiscuous mode [ 84.770268][ T5777] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.788920][ T5782] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.796166][ T5782] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.803795][ T5782] bridge_slave_0: entered allmulticast mode [ 84.811217][ T5782] bridge_slave_0: entered promiscuous mode [ 84.831061][ T5777] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.848304][ T5782] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.855621][ T5782] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.862899][ T5782] bridge_slave_1: entered allmulticast mode [ 84.870231][ T5782] bridge_slave_1: entered promiscuous mode [ 84.912373][ T5775] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.950137][ T5775] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.973166][ T5782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 84.985586][ T5782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 84.997842][ T5777] team0: Port device team_slave_0 added [ 85.008472][ T5777] team0: Port device team_slave_1 added [ 85.086603][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.094236][ T5772] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.102007][ T5772] bridge_slave_0: entered allmulticast mode [ 85.109607][ T5772] bridge_slave_0: entered promiscuous mode [ 85.120895][ T5775] team0: Port device team_slave_0 added [ 85.133576][ T5782] team0: Port device team_slave_0 added [ 85.141443][ T5775] team0: Port device team_slave_1 added [ 85.157331][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.165301][ T5772] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.172600][ T5772] bridge_slave_1: entered allmulticast mode [ 85.179893][ T5772] bridge_slave_1: entered promiscuous mode [ 85.188484][ T5782] team0: Port device team_slave_1 added [ 85.210043][ T5777] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.217420][ T5777] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.243887][ T5777] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.293478][ T5775] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.300506][ T5775] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.326526][ T5775] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.340152][ T5777] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.347301][ T5777] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.374162][ T5777] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.418897][ T5772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.429123][ T5775] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.437358][ T5775] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.463680][ T5775] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.490758][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.497819][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.524821][ T5782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.539126][ T5772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.598683][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.606936][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.633775][ T5782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.678046][ T5775] hsr_slave_0: entered promiscuous mode [ 85.685062][ T5775] hsr_slave_1: entered promiscuous mode [ 85.691810][ T5776] Bluetooth: hci0: command tx timeout [ 85.705529][ T5772] team0: Port device team_slave_0 added [ 85.714238][ T5772] team0: Port device team_slave_1 added [ 85.769726][ T5777] hsr_slave_0: entered promiscuous mode [ 85.776373][ T5777] hsr_slave_1: entered promiscuous mode [ 85.783120][ T5777] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 85.791086][ T5777] Cannot create hsr debugfs directory [ 85.822856][ T5782] hsr_slave_0: entered promiscuous mode [ 85.829387][ T5782] hsr_slave_1: entered promiscuous mode [ 85.835812][ T5782] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 85.843463][ T5782] Cannot create hsr debugfs directory [ 85.851637][ T5776] Bluetooth: hci3: command tx timeout [ 85.852536][ T5774] Bluetooth: hci2: command tx timeout [ 85.871511][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.878507][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.904476][ T5772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.922275][ T5774] Bluetooth: hci1: command tx timeout [ 85.944785][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.951860][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.977981][ T5772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.173285][ T5772] hsr_slave_0: entered promiscuous mode [ 86.180488][ T5772] hsr_slave_1: entered promiscuous mode [ 86.187720][ T5772] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.195934][ T5772] Cannot create hsr debugfs directory [ 86.437143][ T5775] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 86.457614][ T5775] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 86.489390][ T5775] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 86.499993][ T5775] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 86.556148][ T5782] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 86.576338][ T5782] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 86.601519][ T5782] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 86.612935][ T5782] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 86.712662][ T5772] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 86.727117][ T5772] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 86.759920][ T5772] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 86.774399][ T5772] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 86.821743][ T5777] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 86.834084][ T5777] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 86.858335][ T5777] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 86.868566][ T5777] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 86.905479][ T5775] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.010681][ T5782] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.050061][ T5775] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.133845][ T2953] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.141348][ T2953] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.166246][ T2953] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.173474][ T2953] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.185581][ T5782] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.218608][ T2948] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.225797][ T2948] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.260297][ T2991] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.267535][ T2991] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.327442][ T5772] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.416155][ T5777] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.439020][ T5772] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.496596][ T5782] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 87.527882][ T2948] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.535236][ T2948] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.556947][ T2948] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.564192][ T2948] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.638238][ T5777] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.720014][ T2991] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.727304][ T2991] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.768951][ T2991] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.771329][ T5774] Bluetooth: hci0: command tx timeout [ 87.776440][ T2991] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.921323][ T5774] Bluetooth: hci2: command tx timeout [ 87.926643][ T5776] Bluetooth: hci3: command tx timeout [ 88.016721][ T5776] Bluetooth: hci1: command tx timeout [ 88.107580][ T5775] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.189879][ T5782] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.268442][ T5775] veth0_vlan: entered promiscuous mode [ 88.320426][ T5772] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.333519][ T5775] veth1_vlan: entered promiscuous mode [ 88.434291][ T5775] veth0_macvtap: entered promiscuous mode [ 88.445486][ T5777] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.478681][ T5782] veth0_vlan: entered promiscuous mode [ 88.490350][ T5775] veth1_macvtap: entered promiscuous mode [ 88.519813][ T5782] veth1_vlan: entered promiscuous mode [ 88.541010][ T5772] veth0_vlan: entered promiscuous mode [ 88.557665][ T5775] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.588325][ T5772] veth1_vlan: entered promiscuous mode [ 88.597641][ T5775] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.624722][ T5782] veth0_macvtap: entered promiscuous mode [ 88.638367][ T5782] veth1_macvtap: entered promiscuous mode [ 88.658678][ T5775] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.668456][ T5775] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.677893][ T5775] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.687680][ T5775] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.733919][ T5777] veth0_vlan: entered promiscuous mode [ 88.760939][ T5777] veth1_vlan: entered promiscuous mode [ 88.788046][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 88.799002][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.812009][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.874112][ T5772] veth0_macvtap: entered promiscuous mode [ 88.889694][ T5782] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 88.907121][ T5782] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 88.919159][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.933201][ T5772] veth1_macvtap: entered promiscuous mode [ 88.957497][ T5782] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.967822][ T5782] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.979034][ T5782] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.988073][ T5782] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.029617][ T2948] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.033288][ T5777] veth0_macvtap: entered promiscuous mode [ 89.049801][ T2948] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.064860][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.076070][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.086335][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.097463][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.109120][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.134268][ T5777] veth1_macvtap: entered promiscuous mode [ 89.146204][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.158697][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.169517][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.180376][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.193581][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.250853][ T5772] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.261275][ T2953] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.269141][ T2953] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.277809][ T5772] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.287785][ T5772] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.296601][ T5772] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.327881][ T5777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.339191][ T5777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.350247][ T5777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.360866][ T5777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.372718][ T5777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 89.383866][ T5777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.397846][ T5777] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.409215][ T5777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.420621][ T5777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.437222][ T5777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.450327][ T5777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.461455][ T5777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 89.472152][ T5777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 89.484339][ T5777] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.528919][ T5777] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.544564][ T5777] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.555687][ T5777] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.567054][ T5777] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.629136][ T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.665395][ T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.739895][ T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.758036][ T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.861336][ T5776] Bluetooth: hci0: command tx timeout [ 89.949201][ T2953] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.970263][ T2953] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.001799][ T5774] Bluetooth: hci3: command tx timeout [ 90.008249][ T5776] Bluetooth: hci2: command tx timeout [ 90.083849][ T5776] Bluetooth: hci1: command tx timeout [ 90.608180][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.643470][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.675750][ T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.692423][ T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.792095][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.799998][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.338051][ T5776] Bluetooth: hci0: command tx timeout [ 92.338158][ T5780] Bluetooth: hci3: command tx timeout [ 92.347292][ T5776] Bluetooth: hci1: command tx timeout [ 92.349523][ T5774] Bluetooth: hci2: command tx timeout [ 92.804792][ T9] cfg80211: failed to load regulatory.db [ 94.100927][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 95.554444][ T5864] syz_tun: entered allmulticast mode [ 95.601309][ T5864] dvmrp8: entered allmulticast mode [ 95.700267][ T5863] syz_tun: left allmulticast mode [ 95.848288][ T5868] syz.1.7[5868]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 95.860595][ T5868] loop1: detected capacity change from 0 to 8 [ 95.916730][ T5868] ======================================================= [ 95.916730][ T5868] WARNING: The mand mount option has been deprecated and [ 95.916730][ T5868] and is ignored by this kernel. Remove the mand [ 95.916730][ T5868] option from the mount to silence this warning. [ 95.916730][ T5868] ======================================================= [ 96.650745][ T5877] netlink: 68 bytes leftover after parsing attributes in process `syz.2.8'. [ 99.880631][ T5887] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9'. [ 99.882122][ T5885] mmap: syz.2.11 (5885) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 101.781283][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 103.845467][ T5905] NILFS (nullb0): couldn't find nilfs on the device [ 105.120081][ T5916] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 105.129427][ T5916] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 105.745682][ T5925] loop3: detected capacity change from 0 to 4096 [ 106.691108][ T5922] sched: RT throttling activated [ 106.917637][ T5928] loop1: detected capacity change from 0 to 4096 [ 107.332237][ T5928] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 107.344247][ T5928] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 107.365564][ T5786] I/O error, dev loop3, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 107.391151][ T5928] ntfs: (device loop1): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 107.402680][ T5928] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 107.416874][ T5928] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 107.431086][ T5928] ntfs: volume version 3.1. [ 107.444937][ T5928] ntfs: (device loop1): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 107.457060][ T5928] ntfs: (device loop1): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 107.471639][ T5928] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 107.482900][ T5928] ntfs: (device loop1): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 107.494267][ T5928] ntfs: (device loop1): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 107.782670][ T5933] netlink: 68 bytes leftover after parsing attributes in process `syz.3.23'. [ 109.676097][ T5946] Zero length message leads to an empty skb [ 110.321729][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state [ 110.332650][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state [ 115.740742][ T5965] loop2: detected capacity change from 0 to 512 [ 116.019685][ T5965] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 116.042990][ T5965] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 119.226163][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.641727][ T5998] xt_CT: You must specify a L4 protocol and not use inversions on it [ 122.671110][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 124.821334][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 125.231138][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 126.208113][ T6013] netlink: 'syz.1.41': attribute type 1 has an invalid length. [ 133.045916][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.052741][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.589649][ T6041] 9pnet_virtio: no channels available for device syz [ 133.737719][ T28] kauditd_printk_skb: 6 callbacks suppressed [ 133.737748][ T28] audit: type=1326 audit(1778543345.543:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6038 comm="syz.2.47" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c419cdd9 code=0x7ffc0000 [ 133.772551][ T28] audit: type=1326 audit(1778543345.543:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6038 comm="syz.2.47" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c419cdd9 code=0x7ffc0000 [ 135.677999][ T28] audit: type=1326 audit(1778543345.543:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6038 comm="syz.2.47" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7f55c419cdd9 code=0x7ffc0000 [ 135.891055][ T6041] orangefs_mount: mount request failed with -4 [ 136.493061][ T28] audit: type=1326 audit(1778543345.543:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6038 comm="syz.2.47" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c419cdd9 code=0x7ffc0000 [ 136.520284][ T28] audit: type=1326 audit(1778543345.553:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6038 comm="syz.2.47" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c419cdd9 code=0x7ffc0000 [ 136.544001][ C1] vkms_vblank_simulate: vblank timer overrun [ 136.555889][ T6045] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 136.579617][ T28] audit: type=1326 audit(1778543345.553:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6038 comm="syz.2.47" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=209 compat=0 ip=0x7f55c419cdd9 code=0x7ffc0000 [ 136.615451][ T28] audit: type=1326 audit(1778543345.553:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6038 comm="syz.2.47" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c419cdd9 code=0x7ffc0000 [ 136.706828][ T6045] netlink: 'syz.2.48': attribute type 10 has an invalid length. [ 136.735515][ T28] audit: type=1326 audit(1778543345.553:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6038 comm="syz.2.47" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55c419cdd9 code=0x7ffc0000 [ 136.759241][ C1] vkms_vblank_simulate: vblank timer overrun [ 136.851431][ T6051] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 136.995106][ T6045] team0: Port device dummy0 added [ 137.132486][ T6046] netlink: 'syz.2.48': attribute type 10 has an invalid length. [ 137.929808][ T6046] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 138.133373][ T6053] trusted_key: encrypted_key: insufficient parameters specified [ 138.186588][ T6046] team0: Failed to send options change via netlink (err -105) [ 138.202222][ T6046] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 138.212379][ T6046] team0: Port device dummy0 removed [ 138.243270][ T6045] syz.2.48 (6045) used greatest stack depth: 20200 bytes left [ 138.265540][ T6046] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 138.275999][ T6052] trusted_key: encrypted_key: insufficient parameters specified [ 138.609581][ T6058] netlink: 24 bytes leftover after parsing attributes in process `syz.1.51'. [ 138.628684][ T6058] loop1: detected capacity change from 0 to 512 [ 138.649947][ T6058] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 139.139993][ T6064] netlink: 8 bytes leftover after parsing attributes in process `syz.2.52'. [ 139.307351][ T5838] IPVS: starting estimator thread 0... [ 139.603811][ T6065] IPVS: using max 16 ests per chain, 38400 per kthread [ 141.729497][ T6077] loop1: detected capacity change from 0 to 8 [ 141.922410][ T6075] loop0: detected capacity change from 0 to 32768 [ 142.273642][ T6075] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 142.443260][ T6075] XFS (loop0): Ending clean mount [ 142.557890][ T6075] XFS (loop0): Quotacheck needed: Please wait. [ 142.841947][ T6075] XFS (loop0): Quotacheck: Done. [ 143.772185][ T28] audit: type=1800 audit(1778543355.123:10): pid=6092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.46" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=4427 res=0 errno=0 [ 144.055759][ T5772] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 146.393059][ T6101] vivid-000: disconnect [ 146.447283][ T6097] vivid-000: reconnect [ 146.675309][ T6115] loop1: detected capacity change from 0 to 16 [ 147.399375][ T6115] erofs: (device loop1): mounted with root inode @ nid 36. [ 147.506119][ T5776] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 0] out[9000] [ 147.524240][ T6114] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192] [ 147.535943][ T28] audit: type=1800 audit(1778543359.463:11): pid=6114 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.61" name="file2" dev="loop1" ino=89 res=0 errno=0 [ 147.559089][ T6114] x_tables: duplicate underflow at hook 1 [ 148.323209][ T6122] input: syz1 as /devices/virtual/input/input6 [ 151.658965][ T6142] loop2: detected capacity change from 0 to 2048 [ 154.394515][ T6146] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 154.959980][ T6150] netlink: 4 bytes leftover after parsing attributes in process `syz.1.70'. [ 156.885398][ T6148] netlink: 'syz.3.69': attribute type 4 has an invalid length. [ 156.893222][ T6148] netlink: 17 bytes leftover after parsing attributes in process `syz.3.69'. [ 157.095756][ T6157] netlink: 28 bytes leftover after parsing attributes in process `syz.3.69'. [ 157.365571][ T6156] loop2: detected capacity change from 0 to 2048 [ 157.436505][ T6159] loop0: detected capacity change from 0 to 256 [ 158.235997][ T6156] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 158.254629][ T6156] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 158.329302][ T6166] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 158.470606][ T6156] UDF-fs: Scanning with blocksize 512 failed [ 158.533200][ T6156] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 159.794926][ T6179] loop0: detected capacity change from 0 to 128 [ 160.240041][ T6179] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 160.489636][ T6179] ext4 filesystem being mounted at /18/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 160.991894][ T6187] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 162.170407][ T6192] usb usb7: usbfs: process 6192 (syz.3.78) did not claim interface 0 before use [ 163.053738][ T6200] loop1: detected capacity change from 0 to 512 [ 163.808206][ T6200] EXT4-fs (loop1): 1 truncate cleaned up [ 163.814855][ T6200] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 164.113698][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.283129][ T5772] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 165.781327][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 166.190916][ T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!! [ 166.711135][ T6213] loop0: detected capacity change from 0 to 2048 [ 167.335499][ T6213] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 168.746230][ T6219] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 168.763143][ T6219] capability: warning: `syz.0.83' uses deprecated v2 capabilities in a way that may be insecure [ 169.677199][ T6225] bridge_slave_0: left allmulticast mode [ 169.683454][ T6225] bridge_slave_0: left promiscuous mode [ 169.689283][ T6225] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.538293][ T6225] bridge_slave_1: left allmulticast mode [ 170.544106][ T6225] bridge_slave_1: left promiscuous mode [ 170.550558][ T6225] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.572810][ T6225] bond0: (slave bond_slave_0): Releasing backup interface [ 170.604122][ T6225] bond0: (slave bond_slave_1): Releasing backup interface [ 170.650362][ T6225] team0: Port device team_slave_0 removed [ 170.701524][ T6225] team0: Port device team_slave_1 removed [ 170.708345][ T6225] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 170.716271][ T6225] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 170.746066][ T6225] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 170.753744][ T6225] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 170.882082][ T5776] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 171.753405][ T6234] loop1: detected capacity change from 0 to 8 [ 174.731067][ T6235] smc: net device vcan0 applied user defined pnetid SYZ1 [ 174.949056][ T6254] tipc: Started in network mode [ 174.954389][ T6254] tipc: Node identity ac14140f, cluster identity 4711 [ 174.965355][ T6254] tipc: New replicast peer: 255.255.255.255 [ 174.974360][ T6254] tipc: Enabled bearer , priority 10 [ 175.008986][ T6254] netlink: 8 bytes leftover after parsing attributes in process `syz.0.89'. [ 177.350719][ T5817] tipc: Node number set to 2886997007 [ 178.965423][ T6272] loop1: detected capacity change from 0 to 128 [ 180.272860][ T6275] loop2: detected capacity change from 0 to 1024 [ 182.003715][ T6285] netlink: 344 bytes leftover after parsing attributes in process `syz.1.98'. [ 182.265804][ T2960] hfsplus: b-tree write err: -5, ino 25 [ 182.307256][ T2960] hfsplus: b-tree write err: -5, ino 4 [ 183.621803][ T2960] hfsplus: b-tree write err: -5, ino 2 [ 186.694467][ T6305] warning: `syz.2.100' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 188.136579][ T6316] loop0: detected capacity change from 0 to 64 [ 188.411970][ T6318] netlink: 36 bytes leftover after parsing attributes in process `syz.3.105'. [ 190.422422][ T6321] syz.2.103: attempt to access beyond end of device [ 190.422422][ T6321] nbd2: rw=4096, sector=128, nr_sectors = 8 limit=0 [ 190.435989][ T6321] gfs2: error 10 reading superblock [ 191.435456][ T6326] loop3: detected capacity change from 0 to 512 [ 191.997991][ T28] audit: type=1326 audit(1778543403.923:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.0.104" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbce99cdd9 code=0x7ffc0000 [ 192.035253][ T6326] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 192.106745][ T28] audit: type=1326 audit(1778543403.923:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.0.104" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbce99cdd9 code=0x7ffc0000 [ 192.182996][ T28] audit: type=1326 audit(1778543403.923:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.0.104" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbce99cdd9 code=0x7ffc0000 [ 192.237310][ T28] audit: type=1326 audit(1778543403.923:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.0.104" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbce99cdd9 code=0x7ffc0000 [ 192.401178][ T28] audit: type=1326 audit(1778543403.953:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.0.104" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7ffbce99cdd9 code=0x7ffc0000 [ 192.484697][ T28] audit: type=1326 audit(1778543403.953:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.0.104" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbce99cdd9 code=0x7ffc0000 [ 192.644373][ T28] audit: type=1326 audit(1778543403.953:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.0.104" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbce99cdd9 code=0x7ffc0000 [ 192.742523][ T28] audit: type=1326 audit(1778543403.953:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.0.104" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbce99cdd9 code=0x7ffc0000 [ 192.767409][ T28] audit: type=1326 audit(1778543403.953:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.0.104" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffbce99cdd9 code=0x7ffc0000 [ 192.792790][ T28] audit: type=1326 audit(1778543403.963:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6313 comm="syz.0.104" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ffbce99cdd9 code=0x7ffc0000 [ 193.219732][ T6335] netlink: 180 bytes leftover after parsing attributes in process `syz.3.108'. [ 193.377526][ T6334] Device name cannot be null; rc = [-22] [ 193.665292][ T5817] IPVS: starting estimator thread 0... [ 193.847943][ T6343] IPVS: using max 19 ests per chain, 45600 per kthread [ 194.075730][ T6349] loop0: detected capacity change from 0 to 2048 [ 194.265122][ T6350] loop3: detected capacity change from 0 to 128 [ 194.369372][ T6349] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 194.774771][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.851036][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.911005][ T6355] bridge_slave_0: left allmulticast mode [ 194.916760][ T6355] bridge_slave_0: left promiscuous mode [ 194.922627][ T6355] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.118765][ T6355] bridge_slave_1: left allmulticast mode [ 195.124711][ T6355] bridge_slave_1: left promiscuous mode [ 195.131259][ T6355] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.679906][ T6355] bond0: (slave bond_slave_0): Releasing backup interface [ 195.720184][ T6350] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 195.749025][ T6355] bond0: (slave bond_slave_1): Releasing backup interface [ 195.811092][ T6350] ext4 filesystem being mounted at /28/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 196.097353][ T6355] team0: Port device team_slave_0 removed [ 196.288622][ T6364] process 'syz.3.112' launched './file1' with NULL argv: empty string added [ 196.669121][ T6355] team0: Port device team_slave_1 removed [ 196.675692][ T6355] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 196.683260][ T6355] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 196.783201][ T6355] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 196.790653][ T6355] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 196.814253][ T5777] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 197.258193][ T6366] syz.2.113: attempt to access beyond end of device [ 197.258193][ T6366] nbd2: rw=4096, sector=128, nr_sectors = 8 limit=0 [ 197.271925][ T6366] gfs2: error 10 reading superblock [ 197.540603][ T6373] loop1: detected capacity change from 0 to 2048 [ 199.061221][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 199.470894][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 201.043573][ T6378] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 202.556256][ T6389] loop1: detected capacity change from 0 to 1024 [ 202.574439][ T6389] hfsplus: unable to parse mount options [ 208.472889][ T6408] netlink: 'syz.0.123': attribute type 10 has an invalid length. [ 208.591553][ T6408] syz_tun: entered promiscuous mode [ 208.721322][ T5084] Bluetooth: hci1: command 0x0406 tx timeout [ 208.727589][ T5781] Bluetooth: hci3: command 0x0406 tx timeout [ 208.734211][ T5780] Bluetooth: hci2: command 0x0406 tx timeout [ 208.740594][ T5776] Bluetooth: hci0: command 0x0406 tx timeout [ 209.215055][ T6408] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 209.303623][ T6412] loop2: detected capacity change from 0 to 128 [ 209.372132][ T6412] FAT-fs (loop2): Unrecognized mount option "fmask=0000000000000000ã¥3Oošjnonumtail=0" or missing value [ 209.457418][ T6328] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 210.246383][ T6417] ntfs3: nullb0: Primary boot signature is not NTFS. [ 210.254020][ T6417] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 210.477522][ T969] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 210.780892][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 211.135369][ T969] usb 1-1: Using ep0 maxpacket: 16 [ 212.053690][ T969] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 212.100979][ T5817] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 212.109264][ T969] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 212.141099][ T969] usb 1-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00 [ 212.150593][ T969] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 212.207508][ T969] usb 1-1: config 0 descriptor?? [ 212.264775][ T969] usb 1-1: can't set config #0, error -71 [ 212.322392][ T5817] usb 2-1: no configurations [ 212.327080][ T5817] usb 2-1: can't read configurations, error -22 [ 212.368571][ T969] usb 1-1: USB disconnect, device number 2 [ 212.401016][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 212.439154][ T6432] loop0: detected capacity change from 0 to 512 [ 212.521034][ T5817] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 212.661394][ T6308] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 214.833945][ T6444] loop3: detected capacity change from 0 to 128 [ 215.032466][ T6444] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 215.056517][ T6444] ext4 filesystem being mounted at /36/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 218.221074][ T5777] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 218.382395][ T6461] netlink: 'syz.1.135': attribute type 2 has an invalid length. [ 219.419387][ T6465] xt_TPROXY: Can be used only with -p tcp or -p udp [ 219.948836][ T6471] loop3: detected capacity change from 0 to 128 [ 220.121818][ T6471] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 220.199667][ T6471] ext4 filesystem being mounted at /38/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 221.597940][ T6476] xt_policy: neither incoming nor outgoing policy selected [ 222.908925][ T6479] syzkaller0: entered promiscuous mode [ 222.914483][ T6479] syzkaller0: entered allmulticast mode [ 223.892352][ T6489] netlink: 12 bytes leftover after parsing attributes in process `syz.2.128'. [ 224.881740][ T6492] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 225.012825][ T6492] overlayfs: failed to look up (tracing) for ino (-66) [ 226.334708][ T6501] bridge0: port 3(syz_tun) entered blocking state [ 226.341564][ T6501] bridge0: port 3(syz_tun) entered disabled state [ 226.349177][ T6501] syz_tun: entered allmulticast mode [ 226.356415][ T6501] syz_tun: entered promiscuous mode [ 226.362694][ T6501] bridge0: port 3(syz_tun) entered blocking state [ 226.369719][ T6501] bridge0: port 3(syz_tun) entered forwarding state [ 230.702370][ T5777] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 231.209927][ T6515] netlink: 43 bytes leftover after parsing attributes in process `syz.3.141'. [ 233.841556][ T6519] Error parsing options; rc = [-22] [ 235.214772][ T6527] loop0: detected capacity change from 0 to 128 [ 235.283519][ T6527] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 235.375176][ T6527] ext4 filesystem being mounted at /37/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 236.045126][ T6532] xt_policy: neither incoming nor outgoing policy selected [ 237.202866][ T5099] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 237.431585][ T5099] usb 2-1: Using ep0 maxpacket: 8 [ 237.687718][ T5099] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 237.779778][ T5099] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x6F, skipping [ 237.799183][ T5099] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 237.867394][ T5099] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 238.070217][ T5099] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 238.121870][ T5099] usb 2-1: Product: syz [ 238.126102][ T5099] usb 2-1: Manufacturer: syz [ 238.130742][ T5099] usb 2-1: SerialNumber: syz [ 238.159146][ T5099] usb 2-1: config 0 descriptor?? [ 238.199591][ T6535] loop2: detected capacity change from 0 to 1024 [ 238.226626][ T5099] radio-si470x 2-1:0.0: could not find interrupt in endpoint [ 238.235026][ T6535] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 238.245516][ T6535] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 238.258273][ T6535] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 238.266651][ T6535] EXT4-fs (loop2): orphan cleanup on readonly fs [ 238.275755][ T6535] EXT4-fs error (device loop2): ext4_free_blocks:6694: comm syz.2.148: Freeing blocks not in datazone - block = 0, count = 4096 [ 238.303925][ T6535] EXT4-fs (loop2): Remounting filesystem read-only [ 238.310615][ T6535] EXT4-fs (loop2): 1 orphan inode deleted [ 238.317974][ T6535] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 238.362762][ T5099] radio-si470x: probe of 2-1:0.0 failed with error -5 [ 238.554220][ T5099] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 239.581427][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 242.513239][ T5818] usb 2-1: USB disconnect, device number 4 [ 244.167584][ T5772] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 249.101701][ T6578] bridge0: port 1(syz_tun) entered blocking state [ 249.108499][ T6578] bridge0: port 1(syz_tun) entered disabled state [ 249.116762][ T6578] syz_tun: entered allmulticast mode [ 249.123998][ T6578] syz_tun: entered promiscuous mode [ 249.131985][ T6578] bridge0: port 1(syz_tun) entered blocking state [ 249.138568][ T6578] bridge0: port 1(syz_tun) entered forwarding state [ 251.543569][ T6606] netlink: 36 bytes leftover after parsing attributes in process `syz.1.167'. [ 252.274975][ T28] kauditd_printk_skb: 22 callbacks suppressed [ 252.275028][ T28] audit: type=1326 audit(1778543462.064:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6599 comm="syz.3.168" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc3c599cdd9 code=0x0 [ 252.394329][ T6610] overlayfs: missing 'lowerdir' [ 253.671219][ T6619] netlink: 24 bytes leftover after parsing attributes in process `syz.0.170'. [ 255.836814][ T28] audit: type=1326 audit(1778543465.386:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6638 comm="syz.3.179" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc3c599cdd9 code=0x0 [ 255.870309][ T6643] overlayfs: missing 'lowerdir' [ 256.036698][ T6650] netlink: 43 bytes leftover after parsing attributes in process `syz.2.180'. [ 256.547384][ T6653] syz.1.181 uses obsolete (PF_INET,SOCK_PACKET) [ 258.657613][ T6666] 9pnet_virtio: no channels available for device syz [ 259.753752][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 259.760205][ T1279] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.436334][ T6669] orangefs_mount: mount request failed with -4 [ 269.757876][ T6703] netlink: 43 bytes leftover after parsing attributes in process `syz.1.190'. [ 270.379477][ T6705] loop2: detected capacity change from 0 to 16 [ 270.577002][ T28] audit: type=1326 audit(1778543478.712:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6697 comm="syz.2.192" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f55c419cdd9 code=0x0 [ 270.659122][ T6705] overlayfs: missing 'lowerdir' [ 271.465583][ T6712] loop1: detected capacity change from 0 to 512 [ 271.583232][ T6712] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 274.673351][ T5099] IPVS: starting estimator thread 0... [ 274.785947][ T6738] IPVS: using max 20 ests per chain, 48000 per kthread [ 276.431869][ T28] audit: type=1326 audit(1778543484.673:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6745 comm="syz.2.204" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f55c419cdd9 code=0x0 [ 276.511489][ T6754] loop2: detected capacity change from 0 to 16 [ 276.546777][ T51] Bluetooth: hci0: unexpected event for opcode 0x1009 [ 276.586767][ T6754] overlayfs: missing 'lowerdir' [ 278.271835][ T6775] bridge0: port 1(syz_tun) entered disabled state [ 279.247676][ T6777] loop1: detected capacity change from 0 to 512 [ 279.321912][ T6777] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 281.625913][ T6788] 9pnet_fd: Insufficient options for proto=fd [ 281.866525][ T6788] pimreg: entered allmulticast mode [ 283.110970][ T6794] vivid-000: kernel_thread() failed [ 283.329564][ T51] Bluetooth: hci2: unexpected event for opcode 0x1009 [ 286.712659][ T6815] loop1: detected capacity change from 0 to 512 [ 286.976265][ T6825] netlink: 'syz.3.221': attribute type 10 has an invalid length. [ 287.357679][ T6815] EXT4-fs (loop1): VFS: Can't find ext4 filesystem [ 287.400973][ T6825] team0: Port device dummy0 added [ 287.418508][ T6827] netlink: 'syz.3.221': attribute type 10 has an invalid length. [ 287.473784][ T6827] team0: Port device dummy0 removed [ 287.514528][ T6827] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 287.546241][ T6826] bridge0: port 3(syz_tun) entered disabled state [ 287.564349][ T6826] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.573810][ T6826] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.633292][ T6831] netlink: 'syz.0.215': attribute type 10 has an invalid length. [ 287.651884][ T6831] netlink: 40 bytes leftover after parsing attributes in process `syz.0.215'. [ 287.701349][ T6831] batman_adv: batadv0: Adding interface: vlan1 [ 287.707766][ T6831] batman_adv: batadv0: The MTU of interface vlan1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 287.734177][ T6831] batman_adv: batadv0: Interface activated: vlan1 [ 288.983581][ T28] audit: type=1326 audit(1778543496.408:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.224" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f55c419cdd9 code=0x0 [ 289.128493][ T6849] loop2: detected capacity change from 0 to 16 [ 289.439073][ T6849] overlayfs: missing 'lowerdir' [ 290.763596][ T6860] netdevsim netdevsim0 ªªªªª»: renamed from netdevsim0 (while UP) [ 292.604969][ T6871] loop1: detected capacity change from 0 to 16 [ 292.614063][ T28] audit: type=1326 audit(1778543499.702:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6864 comm="syz.1.233" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc4fcf9cdd9 code=0x0 [ 292.682887][ T6872] overlayfs: missing 'lowerdir' [ 292.768500][ T28] audit: type=1326 audit(1778543499.814:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6863 comm="syz.0.232" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffbce99cdd9 code=0x0 [ 292.973343][ T6692] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 293.071270][ T6871] overlayfs: missing 'lowerdir' [ 294.155127][ T6883] loop2: detected capacity change from 0 to 128 [ 296.292687][ T28] audit: type=1800 audit(1778543502.762:51): pid=6889 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.237" name="file1" dev="loop2" ino=1048606 res=0 errno=0 [ 296.565622][ T6889] syz.2.237: attempt to access beyond end of device [ 296.565622][ T6889] loop2: rw=2049, sector=132, nr_sectors = 24 limit=128 [ 296.657141][ T6892] fuse: Bad value for 'fd' [ 297.685871][ T6899] netlink: 'syz.1.240': attribute type 1 has an invalid length. [ 297.785407][ T28] audit: type=1326 audit(1778543504.652:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.1.240" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4fcf9cdd9 code=0x7ffc0000 [ 297.887283][ T28] audit: type=1326 audit(1778543504.680:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.1.240" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fc4fcf9cdd9 code=0x7ffc0000 [ 297.941558][ T28] audit: type=1326 audit(1778543504.680:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.1.240" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4fcf9cdd9 code=0x7ffc0000 [ 297.966408][ T28] audit: type=1326 audit(1778543504.680:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.1.240" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4fcf9cdd9 code=0x7ffc0000 [ 298.020187][ T28] audit: type=1326 audit(1778543504.680:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.1.240" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7fc4fcf9cdd9 code=0x7ffc0000 [ 298.146227][ T28] audit: type=1326 audit(1778543504.680:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.1.240" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4fcf9cdd9 code=0x7ffc0000 [ 298.510780][ T28] audit: type=1326 audit(1778543504.680:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.1.240" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4fcf9cdd9 code=0x7ffc0000 [ 298.700060][ T28] audit: type=1326 audit(1778543504.680:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.1.240" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc4fcf9cdd9 code=0x7ffc0000 [ 298.815039][ T28] audit: type=1326 audit(1778543504.680:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.1.240" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4fcf9cdd9 code=0x7ffc0000 [ 300.018974][ T6915] loop2: detected capacity change from 0 to 16 [ 300.095321][ T6914] overlayfs: missing 'lowerdir' [ 300.325976][ T6920] loop1: detected capacity change from 0 to 128 [ 300.440063][ T6922] overlayfs: missing 'lowerdir' [ 300.448319][ T6920] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 300.505929][ T6920] ext4 filesystem being mounted at /62/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 301.650794][ C1] ------------[ cut here ]------------ [ 301.656576][ C1] WARNING: CPU: 1 PID: 6921 at net/mac80211/tx.c:5033 __ieee80211_beacon_get+0x1233/0x1600 [ 301.666736][ C1] Modules linked in: [ 301.670706][ C1] CPU: 1 PID: 6921 Comm: syz.0.246 Not tainted syzkaller #0 [ 301.678062][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 301.688199][ C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600 [ 301.694617][ C1] Code: 24 4c 89 e7 e8 fe 74 c0 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 f9 b2 82 f7 0f 0b e9 f6 f7 ff ff e8 ed b2 82 f7 <0f> 0b e9 48 fb ff ff e8 e1 b2 82 f7 48 c7 c7 20 89 64 8e 4c 89 e6 [ 301.714300][ C1] RSP: 0000:ffffc900001f0a18 EFLAGS: 00010246 [ 301.720405][ C1] RAX: ffffffff8a046f13 RBX: ffffffff8a045d16 RCX: ffff888021493c00 [ 301.728448][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 301.736487][ C1] RBP: 0000000000000000 R08: ffff888021493c00 R09: 0000000000000003 [ 301.744489][ C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805bcb63c0 [ 301.752663][ C1] R13: dffffc0000000000 R14: ffff88805bcb68b0 R15: ffff888026ab5424 [ 301.760713][ C1] FS: 00005555784de500(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 301.769709][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 301.776328][ C1] CR2: 0000001b2db11ff8 CR3: 00000000186fd000 CR4: 00000000003506e0 [ 301.784377][ C1] Call Trace: [ 301.787702][ C1] [ 301.790618][ C1] ? __ieee80211_beacon_get+0x36/0x1600 [ 301.796217][ C1] ieee80211_beacon_get_tim+0xbf/0x580 [ 301.801768][ C1] ? ieee80211_beacon_get_template_ema_list+0x90/0x90 [ 301.808594][ C1] mac80211_hwsim_beacon_tx+0x3c7/0x780 [ 301.814214][ C1] __iterate_interfaces+0x243/0x500 [ 301.819456][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0 [ 301.825770][ C1] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 301.833044][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0 [ 301.839330][ C1] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 301.846436][ C1] mac80211_hwsim_beacon+0xbb/0x1b0 [ 301.851679][ C1] __hrtimer_run_queues+0x520/0xc40 [ 301.856963][ C1] ? ktime_get_update_offsets_now+0x99/0x3f0 [ 301.862994][ C1] ? hw_scan_work+0xf60/0xf60 [ 301.867747][ C1] ? hrtimer_interrupt+0x9c0/0x9c0 [ 301.872897][ C1] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 301.879040][ C1] hrtimer_run_softirq+0x187/0x2b0 [ 301.884194][ C1] handle_softirqs+0x280/0x820 [ 301.889034][ C1] ? __irq_exit_rcu+0xd3/0x190 [ 301.893841][ C1] ? do_softirq+0x1a0/0x1a0 [ 301.898422][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 301.903684][ C1] __irq_exit_rcu+0xd3/0x190 [ 301.908346][ C1] ? irq_exit_rcu+0x20/0x20 [ 301.912897][ C1] irq_exit_rcu+0x9/0x20 [ 301.917250][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 301.922947][ C1] [ 301.925928][ C1] [ 301.928946][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 301.934980][ C1] RIP: 0010:finish_task_switch+0x26a/0x8f0 [ 301.940849][ C1] Code: 0f 84 33 01 00 00 48 85 db 0f 85 52 01 00 00 e9 de 04 00 00 4c 8b 75 d0 4c 89 e7 e8 00 a9 32 09 e8 9b 29 30 00 fb 4c 8b 65 c0 <49> 8d bc 24 f8 15 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0 [ 301.960526][ C1] RSP: 0000:ffffc9000387fc58 EFLAGS: 00000282 [ 301.966660][ C1] RAX: 3397ecdebe24fd00 RBX: 0000000000000000 RCX: 3397ecdebe24fd00 [ 301.974714][ C1] RDX: dffffc0000000000 RSI: ffffffff8acac9e0 RDI: ffffffff8b1c8fa0 [ 301.982759][ C1] RBP: ffffc9000387fcb0 R08: ffffffff8e8b19af R09: 1ffffffff1d16335 [ 301.990879][ C1] R10: dffffc0000000000 R11: fffffbfff1d16336 R12: ffff888021493c00 [ 301.998934][ C1] R13: dffffc0000000000 R14: ffff8880295b9e00 R15: ffff8880b8f3cac8 [ 302.007033][ C1] ? finish_task_switch+0x265/0x8f0 [ 302.012295][ C1] __schedule+0x155b/0x45a0 [ 302.016938][ C1] ? asan.module_dtor+0x20/0x20 [ 302.021868][ C1] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 302.027602][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 302.032859][ C1] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 302.038605][ C1] schedule+0xbd/0x170 [ 302.042726][ C1] exit_to_user_mode_loop+0x47/0x110 [ 302.048090][ C1] exit_to_user_mode_prepare+0xee/0x180 [ 302.053685][ C1] irqentry_exit_to_user_mode+0x9/0x30 [ 302.059233][ C1] asm_sysvec_call_function_single+0x1a/0x20 [ 302.065269][ C1] RIP: 0033:0x7ffbce8507b7 [ 302.069763][ C1] Code: 1f 40 00 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 fb 44 8d 56 04 4c 8d 0d 52 18 3b 00 89 f0 4c 8d 05 49 f8 3a 00 <89> c2 81 e2 ff 1f 00 00 49 8b 0c d1 48 39 f1 74 28 48 85 c9 74 29 [ 302.089462][ C1] RSP: 002b:00007ffe1709afe8 EFLAGS: 00000246 [ 302.095580][ C1] RAX: 000000008a75b548 RBX: ffffffff8a75b548 RCX: ffffffff8a75b759 [ 302.103620][ C1] RDX: ffffffff8a75bb9c RSI: ffffffff8a75b548 RDI: 0000000000000015 [ 302.111664][ C1] RBP: 0000000000000000 R08: 00007ffbcec00000 R09: 00007ffbcec02000 [ 302.119674][ C1] R10: 000000008a75b54c R11: 0000000000000015 R12: 00007ffbcec16218 [ 302.127724][ C1] R13: 00000000000043c5 R14: ffffffff8a75bb9c R15: 00007ffbcf745720 [ 302.135781][ C1] ? plist_check_list+0x21c/0x240 [ 302.140852][ C1] ? plist_del+0x2f8/0x3f0 [ 302.145345][ C1] ? plist_requeue+0x119/0x340 [ 302.150164][ C1] ? plist_check_list+0x21c/0x240 [ 302.155255][ C1] ? plist_del+0x2f8/0x3f0 [ 302.159710][ C1] [ 302.162775][ C1] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 302.170086][ C1] CPU: 1 PID: 6921 Comm: syz.0.246 Not tainted syzkaller #0 [ 302.177405][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 302.187490][ C1] Call Trace: [ 302.190800][ C1] [ 302.193671][ C1] dump_stack_lvl+0x18c/0x250 [ 302.198419][ C1] ? show_regs_print_info+0x20/0x20 [ 302.203669][ C1] ? load_image+0x420/0x420 [ 302.208244][ C1] panic+0x2dc/0x730 [ 302.212231][ C1] ? bpf_jit_dump+0xd0/0xd0 [ 302.216792][ C1] __warn+0x2e0/0x470 [ 302.220813][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 302.226579][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 302.232355][ C1] report_bug+0x2be/0x4f0 [ 302.236724][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 302.242500][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 302.248265][ C1] ? __ieee80211_beacon_get+0x1235/0x1600 [ 302.254032][ C1] handle_bug+0xcf/0x120 [ 302.258325][ C1] exc_invalid_op+0x1a/0x50 [ 302.262895][ C1] asm_exc_invalid_op+0x1a/0x20 [ 302.267784][ C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600 [ 302.274160][ C1] Code: 24 4c 89 e7 e8 fe 74 c0 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 f9 b2 82 f7 0f 0b e9 f6 f7 ff ff e8 ed b2 82 f7 <0f> 0b e9 48 fb ff ff e8 e1 b2 82 f7 48 c7 c7 20 89 64 8e 4c 89 e6 [ 302.293796][ C1] RSP: 0000:ffffc900001f0a18 EFLAGS: 00010246 [ 302.299900][ C1] RAX: ffffffff8a046f13 RBX: ffffffff8a045d16 RCX: ffff888021493c00 [ 302.307922][ C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 302.315943][ C1] RBP: 0000000000000000 R08: ffff888021493c00 R09: 0000000000000003 [ 302.323950][ C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805bcb63c0 [ 302.331946][ C1] R13: dffffc0000000000 R14: ffff88805bcb68b0 R15: ffff888026ab5424 [ 302.339961][ C1] ? __ieee80211_beacon_get+0x36/0x1600 [ 302.345553][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 302.351323][ C1] ? __ieee80211_beacon_get+0x1233/0x1600 [ 302.357094][ C1] ? __ieee80211_beacon_get+0x36/0x1600 [ 302.362689][ C1] ieee80211_beacon_get_tim+0xbf/0x580 [ 302.368196][ C1] ? ieee80211_beacon_get_template_ema_list+0x90/0x90 [ 302.375008][ C1] mac80211_hwsim_beacon_tx+0x3c7/0x780 [ 302.380594][ C1] __iterate_interfaces+0x243/0x500 [ 302.385836][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0 [ 302.392108][ C1] ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180 [ 302.399346][ C1] ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0 [ 302.405625][ C1] ieee80211_iterate_active_interfaces_atomic+0xdb/0x180 [ 302.412697][ C1] mac80211_hwsim_beacon+0xbb/0x1b0 [ 302.417977][ C1] __hrtimer_run_queues+0x520/0xc40 [ 302.423229][ C1] ? ktime_get_update_offsets_now+0x99/0x3f0 [ 302.429259][ C1] ? hw_scan_work+0xf60/0xf60 [ 302.433980][ C1] ? hrtimer_interrupt+0x9c0/0x9c0 [ 302.439127][ C1] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 302.445231][ C1] hrtimer_run_softirq+0x187/0x2b0 [ 302.450376][ C1] handle_softirqs+0x280/0x820 [ 302.455200][ C1] ? __irq_exit_rcu+0xd3/0x190 [ 302.459999][ C1] ? do_softirq+0x1a0/0x1a0 [ 302.464549][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 302.469878][ C1] __irq_exit_rcu+0xd3/0x190 [ 302.474504][ C1] ? irq_exit_rcu+0x20/0x20 [ 302.479060][ C1] irq_exit_rcu+0x9/0x20 [ 302.483329][ C1] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 302.489003][ C1] [ 302.491966][ C1] [ 302.494960][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 302.500987][ C1] RIP: 0010:finish_task_switch+0x26a/0x8f0 [ 302.506832][ C1] Code: 0f 84 33 01 00 00 48 85 db 0f 85 52 01 00 00 e9 de 04 00 00 4c 8b 75 d0 4c 89 e7 e8 00 a9 32 09 e8 9b 29 30 00 fb 4c 8b 65 c0 <49> 8d bc 24 f8 15 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0 [ 302.526475][ C1] RSP: 0000:ffffc9000387fc58 EFLAGS: 00000282 [ 302.532577][ C1] RAX: 3397ecdebe24fd00 RBX: 0000000000000000 RCX: 3397ecdebe24fd00 [ 302.540585][ C1] RDX: dffffc0000000000 RSI: ffffffff8acac9e0 RDI: ffffffff8b1c8fa0 [ 302.548592][ C1] RBP: ffffc9000387fcb0 R08: ffffffff8e8b19af R09: 1ffffffff1d16335 [ 302.556597][ C1] R10: dffffc0000000000 R11: fffffbfff1d16336 R12: ffff888021493c00 [ 302.564634][ C1] R13: dffffc0000000000 R14: ffff8880295b9e00 R15: ffff8880b8f3cac8 [ 302.572658][ C1] ? finish_task_switch+0x265/0x8f0 [ 302.577911][ C1] __schedule+0x155b/0x45a0 [ 302.582508][ C1] ? asan.module_dtor+0x20/0x20 [ 302.587407][ C1] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 302.593085][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 302.598321][ C1] ? asm_sysvec_reschedule_ipi+0x1a/0x20 [ 302.604001][ C1] schedule+0xbd/0x170 [ 302.608122][ C1] exit_to_user_mode_loop+0x47/0x110 [ 302.613456][ C1] exit_to_user_mode_prepare+0xee/0x180 [ 302.619041][ C1] irqentry_exit_to_user_mode+0x9/0x30 [ 302.624539][ C1] asm_sysvec_call_function_single+0x1a/0x20 [ 302.630592][ C1] RIP: 0033:0x7ffbce8507b7 [ 302.635075][ C1] Code: 1f 40 00 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 41 89 fb 44 8d 56 04 4c 8d 0d 52 18 3b 00 89 f0 4c 8d 05 49 f8 3a 00 <89> c2 81 e2 ff 1f 00 00 49 8b 0c d1 48 39 f1 74 28 48 85 c9 74 29 [ 302.654712][ C1] RSP: 002b:00007ffe1709afe8 EFLAGS: 00000246 [ 302.660807][ C1] RAX: 000000008a75b548 RBX: ffffffff8a75b548 RCX: ffffffff8a75b759 [ 302.668818][ C1] RDX: ffffffff8a75bb9c RSI: ffffffff8a75b548 RDI: 0000000000000015 [ 302.676832][ C1] RBP: 0000000000000000 R08: 00007ffbcec00000 R09: 00007ffbcec02000 [ 302.685010][ C1] R10: 000000008a75b54c R11: 0000000000000015 R12: 00007ffbcec16218 [ 302.693005][ C1] R13: 00000000000043c5 R14: ffffffff8a75bb9c R15: 00007ffbcf745720 [ 302.701030][ C1] ? plist_check_list+0x21c/0x240 [ 302.706139][ C1] ? plist_del+0x2f8/0x3f0 [ 302.710610][ C1] ? plist_requeue+0x119/0x340 [ 302.715420][ C1] ? plist_check_list+0x21c/0x240 [ 302.720508][ C1] ? plist_del+0x2f8/0x3f0 [ 302.724972][ C1] [ 302.728602][ C1] Kernel Offset: disabled [ 302.732983][ C1] Rebooting in 86400 seconds..