last executing test programs:

7m30.132142486s ago: executing program 0 (id=1):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44}, 0x0)
r0 = syz_open_dev$vim2m(&(0x7f0000002c80), 0x3, 0x2)
r1 = socket$inet(0x2, 0x1, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, 0x0)
ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f00000003c0)=@mmap={0x0, 0x1, 0x4, 0x100000, 0x9, {}, {0x4, 0x0, 0x8, 0x2, 0x8, 0x7, "2622bf50"}, 0x1, 0x1, {}, 0xffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x290, 0x0, 0xb, 0xd0e0011, 0x120, 0xc6, 0x1f8, 0x1d8, 0x190, 0x1f8, 0x1d8, 0x3, 0x0, {[{{@ip={@rand_addr, @broadcast, 0x0, 0x0, 'nr0\x00', '\x00', {}, {}, 0x1}, 0x0, 0xd8, 0x120, 0x7000000, {}, [@common=@icmp={{0x28}, {0x0, "0010"}}, @common=@unspec=@connlimit={{0x40}}]}, @unspec=@CT0={0x48}}, {{@ip={@remote, @multicast1, 0x0, 0x0, 'bridge_slave_1\x00', 'virt_wifi0\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x20000, 'syz1\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2f0)
sendmsg(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000480)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0xfffe, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x20064a, @dev={0xfe, 0x80, '\x00', 0x15}, 0x8}}}, 0x80, 0x0}, 0x10040800)
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)

7m29.868608783s ago: executing program 5 (id=6):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000004c0)={<r3=>0xffffffffffffffff})
accept(r3, &(0x7f0000000500)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x0)
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000007c0)}], 0x1, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x18, 0x40054}}], 0x1, 0x4)
cachestat(0xffffffffffffffff, &(0x7f0000000000)={0x9, 0x4}, &(0x7f00000001c0), 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000380))
socket$inet6_sctp(0xa, 0x5, 0x84)
socket(0x2, 0x80805, 0x0)

7m29.0078631s ago: executing program 0 (id=7):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='ns\x00')
readlinkat(r0, 0x0, &(0x7f0000002780)=""/4112, 0x1010)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000003500)={'wlan1\x00'})
sendmsg$NL80211_CMD_STOP_AP(r1, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
request_key(&(0x7f0000001000)='dns_resolver\x00', &(0x7f0000001040)={'syz', 0x2}, &(0x7f0000001080)='\x00', 0x0)
request_key(&(0x7f00000010c0)='dns_resolver\x00', &(0x7f0000001100)={'syz', 0x2}, 0x0, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f000007e000/0x1000)=nil)
io_uring_setup(0xfc6, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000b00)="86cf8445f4ba1d9f20174688f169e58c", 0x10)

7m28.137326405s ago: executing program 0 (id=8):
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
openat(0xffffffffffffffff, 0x0, 0x480000, 0x1ff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0)
chroot(0x0)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)

7m28.107984585s ago: executing program 5 (id=9):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x8000, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2b2, &(0x7f0000000880)="$eJzs3NFLU28cx/Hvz6mbE91+EEFB9aVu6uag6w+oEQrRoDAn1UVwzLMaO21yzlgsIncT3fZ3SJfdBdU/4E100313EgTdeBGd8Jwd3XTa1M2t+X6BnO/xeT4+jzrlewSf9XtvnhZyrpEzyzIUUxkSqcmGSHKzqvuvfh3y61FpVJMr4z+/nrt7/8GtdCYzM6c6m56/mlLVyQsfnr14e/FTeXzh3eT7qKwlH67/SH1bO712Zv33/JO8q3lXi6WymrpYKpXNRdvSpbxbMFTv2JbpWpovupbTNJ6zS8vLVTWLSxPxZcdyXTWLVS1YVS2XtOxU1Xxs5otqGIZOxOVkG25jTnZ1bs5M7znsRTq6I3RetPl2rNUcx0nXWg9mV7u1LwAA0L/27/+DXn/v/j+zEFw73P+L0P93Sa3p7i/9PwaC46TNeP3ntxn9PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t4npcIr+FbVERiIhLe93qf6I5Dfv+v9Wi76LCGf9yLidivK9lKNrgG4+mc5MUWS6YkIb/810NdUM/ezMxMqW+k/iE38yuVbMQ/m8DPh5Kt8uf/nw7yKh83c5V6fkTijeunJCGnWq+f2s6HxyGsVLKjcvlSQ96QhHx+JCWxZcl/XW/nX06r3rid2bH+mD8PAAAAAIBBYOiWZPPzb3D2o+FPiMnu8SB/gL8P7Hi+Hpaz7RxRCQAAAAAAjsytPi+Ytm05hyiiInKE+KAWEemLbeworotIH2zjuIqYiATv0cPEv2/F20p5bcwZFpGef1kOUPT6NxMAAACATttu+g8Q+vKqizsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODkafc8sHD+rqFwYJ94w3KRY/8EAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD7yJwAA//+j7Rqj")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x25, &(0x7f0000000340)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f000001b700)=""/102392, 0x18ff8)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
sendmsg$OSF_MSG_ADD(r2, 0x0, 0x40090)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000005c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000040), 0x40003, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000000)={0x1e, 0x1, 0x0, "6904001022366c2f2c74f6024305f11fd3454ad23d00", 0x55595659})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x58}}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00'})

7m27.345725232s ago: executing program 0 (id=10):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = epoll_create(0x7f)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, 0x0)
r1 = dup(0xffffffffffffffff)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4, 0x0, 0x0, 0xd, "0062ba7d820700000000000000000000096304"})
write$RDMA_USER_CM_CMD_JOIN_MCAST(r1, 0x0, 0x0)
r2 = syz_open_pts(0xffffffffffffffff, 0x82080)
dup3(r2, 0xffffffffffffffff, 0x80000)
read(0xffffffffffffffff, &(0x7f00000005c0)=""/228, 0xe4)
mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x8103)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8000}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x10)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000002780)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000480)={0x2020}, 0x2020)

7m25.235361573s ago: executing program 0 (id=11):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800002, 0xe)
keyctl$join(0x1, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$inet_sctp(r3, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x804c044}, 0x881)
r4 = dup(r3)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, 0x0, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)="d8000000180081054e81f782db4cb904021d0800fe00fe05e8fe55a10a0015000600142603600e1208000f007f370401a8001600200003401c000300035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090014d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00350db798262f3d40fad95667e006dcdf63951f215c3f8b6ad2cba0e2375ee535e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0)

7m25.221478376s ago: executing program 5 (id=13):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000000, 0x31, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$nbd(0x0, 0xffffffffffffffff)
write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x10000, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
chdir(&(0x7f0000000240)='./file0\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r4, 0x0)

7m23.954599435s ago: executing program 0 (id=14):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0xfffffffe)
r2 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xe032, 0xffffffffffffffff, 0x80000000)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00', 0x32a})
write$sndseq(r4, &(0x7f0000000000)=[{0x1e, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1001a)
bind$unix(r0, &(0x7f00000002c0)=@file={0x1, './cgroup\x00'}, 0x6e)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
ioctl$VIDIOC_STREAMON(r2, 0x40045612, &(0x7f0000000140))
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, &(0x7f0000000440)={0x5, 0x20000006, 0x0, 0x0, 0x6})

7m21.813995617s ago: executing program 2 (id=15):
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000240)='.request_key_auth\x00', &(0x7f0000000200)=@chain)
r0 = epoll_create1(0x0)
r1 = fcntl$dupfd(r0, 0x2, 0xffffffffffffffff)
syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2)
r2 = socket$packet(0x11, 0x3, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
set_mempolicy(0x3, &(0x7f0000000100)=0x3, 0x9)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20040084)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="bc1b0000400007012bbd700000000000017c000004"], 0x1bbc}, 0x1, 0x0, 0x0, 0x4048011}, 0x20008054)
setsockopt$packet_tx_ring(r2, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc, 0x2000000}, 0x1c)
r5 = fanotify_init(0x2, 0x0)
fanotify_mark(r5, 0x1, 0x40000000, r1, 0x0)
fanotify_mark(r5, 0x1, 0x800103b, r1, 0x0)

7m21.285383063s ago: executing program 5 (id=17):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket(0x10, 0x3, 0x0)
socket(0x400000000010, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f0000000040)=[{&(0x7f0000000000)="290000002000190f00003fffffffda060200000000e80001dd0000040d001800ea11c21d0005000000", 0x29}], 0x1)

7m20.805293182s ago: executing program 2 (id=18):
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes256\x00'}, 0x58)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74)
openat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0xa41, 0x23)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006380)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f00000000c0)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000000}}, 0x50)
syz_fuse_handle_req(r1, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x68801, 0x164)
lseek(r3, 0x40000000f4, 0x4)
syz_fuse_handle_req(r1, &(0x7f00000041c0)="f621f4eb6146c93d9fe08e51cc04179d11775bd9f38d5d62c5e1e0a04e37ee307ec30ca4dda6879f79bb2ff531d2e7ca19ad666a04249b95984419108f8a2a7c5e0339059175b5cfdc80f407344f70a314b25d0ad85947956e72b6110b79b00dd4a5a53bdbfe7c1c302ad9d6efc9c4645b33fc4ffed5f91a26b1f6895a07802a014300384bc64f92d9fc246376725c9ecde9d48f22c69cce603044ed7f6be3541089149d1ae4551244ff2f50ff1fc87e727af99f05bf851059e4bcf1ea69fae928c459321ef970050cd5a11b81f4d1c8bb2fcb84e0fac103e08b9e4b2c208fcd817db0ecdddbdd2134dedcdcdc1ed8bedc41e46801a1982022412a23ae9878b2f2a481fa81b329901e92bc48e49d4f27b75fa41a02f14faeebe440176d8b33b62aa81347979acf5a34927aa9fbd90dc176820ebf6ec985f5006bcde714d1847c94dc9600ae464dde58f47e13ac897334c07c7c7dd87df82dcf3d46326fe84c011ff2da1628a8d33203be2fd9324203556c61bd6e9df4afa6c45b82733c6acd51b9bead3fc6f6e800fd35c15451990bfe6317c2b06b9810129702aaad93d8a26f646101bce35e8c823423e67448d4bd0b925ec14229761d89c1d07a86e796b40904558ac72bff13766963a13584f99d708faa0027ff19511be6d9c91ded47c5187983262fad17185fc1961c7a207f28e3603106e6acdd080b7d179c8df433332a304920e23e3a790a102ff44c6f4b1af41eac8019b03779f85c5fc52938fdaa76f9c0cf59a4af8be5dbc986bd1ef23d990f9689ae7b8d2760dc2b80a2d31f581cf586e7c41116593b4a4a6597c3dd9c4706528b9cf7d03a39409ebebcb28d17c500c4931a8e50d9d2205c9aa8ef0f20d0f7acaee7ad0c549913e45f7e112072821979069b1425932862f451b3462335e6fe1f29b263628b8145164650de7b156a029c1c53262167ed928c09dffd047cb622c16bd9152bf4fbf5ea34f1edf9e292b137999c41a5934db39ba66950abfa0f3d01a5889d2519392860edfb3c04249eb490e24ced4eac2b570a3c3f9049e593024e1249f549e6799005839be603d4386d75ce21ca01f04c0aad689cadbdb2a6a529e825a2c34bd3efcd21deb66a3543b878df9e12203d86cefe7a461d0ac666a5c545af5366b26c707a15b2deaebfbf17c083668958af5b3fb8075cc0abdd355edaeee866aa367c7c756d142f3b908eec874d0d4f216059ccfce7a25902b4cf24a4df960bdefec4b66174073423c54b780af445827d67882b8e8d5a581ee2e90428387565991a94932fdb6585caa0c9c29520d7f8b140e475c329f2da51afd5e67f1af4d01e4f372ad8be79c749059ca8fdd89481e85df7b925c46633f04e4ef36fa53791f14c57a9350fe2d41dfdb3ceeb406b7e8525176fe9b43e94480388b576414de4fe60432d02b8d01832b84af4030af5a782cc1a9c767acc70a30f67962eb8f897e78ab21c84344f3261c6b7fc2ff11424b53ab4379003a5d853dbc5edb99fdeb8647b235f971b688de32240e9cbf5f2c66bc673028df43532069120f01ea62f4491642d73dc46fc90f4d50e7e7ebd2c23e0b547ac71c1dd5f4930af3b6ca0fd45c919bcb9912520a00479ae8ff4fd834596c3d98d3d1f92fa71bcd5e201b96fd3a9dd43b4ac306079b03bd86febed4a8bbfd565def9c69e432212a61c4e3118a733ea81823480dc7ff116b09a7999a945aaf06f94c480ae89e819fd4857e485a0d58171db18a3d687a67267c7fa0aba5c251aae4cfae956060904fcd3f79da3ce0a066b2db53a92baaab20625d2c9676f4cebf2cf37e1b6d495e8db0c60dc20219b7ec105d16867c65236c19e30cbfa9d2a353e4ec2ee85fb2d7104b9a1b88f393eee6214248c3faafdf18f55cf068c2c648fd32e9bd7acb17377248efb15eb3cade556798629da39073fff96bf3f703035dd6edadb78f3b9439a7a3866a45ff06eb3a514cd4f7848958ce8271b0ab31d8350e8bb34d8432a666a1e73d4a450e9f8023453a2f0fd41ba31d396656842c882041dfcbc08f00b57e599b25dd453f5c23c52da4c0ef5dad3b1fe2e6a5c8139088cb67d6ad6d9df34c13b54790fa588436ea7d108ccb5d14f3392073c9c6702075eadff6973fbf46a8f778f006f705477b9addd27606e21a6d3c691f4cf95550fee7c2e57a715e46a80988540c79a86be8316ca8eb1a8ffda3191d8e4f45d087e9337e7c9389c5714a1293044685cebea82de735ea5c3a2f8e03feff90c36145e565d4cc9622188ad85a706961cea8a8ca7bcd6e76cefde6abd6c2799f1bc6d08c781cdf352997e496ed62d4eb7d658bbe8faf30f2aaa5580fa96a9297bc8152a23ea35177328cb235a79a2c6f9c21799a7af80d79c65274da753ea68c76abcb06b04c148d82203d2db22f13c94add32caf78f942b999e4e16563186f8af733aa09e8c39b296e3e0a82ec6acf67a14b53c44547a38b77dd58e2503052fd553b4c1cfce5f09bc7278e251593c0ac6f10e04b135930c9edac3042ff627c4afb3029dc98a7a4c6a390334df015c30c76c93f9071b0ae342707fb1a1b111fe90c45772e18da4b3c3a9019d77ae8bd6a94328aef6f508a9fbf43ca7c68243bfec5810598ced95db4abcca6f4b4378c9ddb411bca8313875c1ccb3ab4ab7acffe8c36767f77f4b79d4084c746cacc04b91258eccacd53365a18ecb40a0d06f94955018df936bde19425d8c684b43761b8b407038d380ec2571d25bdb2af48a8532626a76dd64b57834ed99e72354fff530317a106e58aea23112a42d271e230acc5e2b19a8953713672dd7e5c9ecabccf7b66e6501db613147103cbf3aa07748285259b3c80791fe7b5dd47775625d4a2e74d3e80709fd5eddc825862bb7afc0374f215fd47cf6220d54591c9f55c37d040bd6c7bb6e5b599a17741317b5a7144467e55f60ddc8788135cc8366e9521c47250b31eff20a7000e8ac4abdfb785246c9c9137efd8c4869429d3410c6994ab523c3bb376f639cbd652a06d86a90622f2ea3098f8dbba9c41864cd339eb426a854aba0d4a05a5609d1bb6581eafc061c191eb24b1978bd2b22d8dde3a526f56353f836c6d9462a4371eb90674ad440000000061da0170e3dfcbab65b8466593ddb3ce6443bdb74762b8970a9ace40bcc10bdf23d4d8dd84a25a9818ffc099070580caac8d987e1c8bf3d81406c74584e4a589d185352a3be0945d44967001379a1fcc4bbc5716850e03859b61beec3f5f97b94342b977f7f0af5d7b54f70ea9d7a1a18df78a89fc05b7abf4e264e72f04ebc7553f520e23d8acfa2e9c4bc213909a439b3eb067fe656c3f1867c0937600be6cb003efbc6f279dafd93fa063f5344de7a4911fa2b233c56bd2a489b48fdc7c18d45a1bbddd5c09a0908349b67deb327aa249a710e2a33ca068e458d54eaffc78d2679542e0f1b7f23041db1955944c815b743c374a157daaf603755034d73ad85246ca490e71de136d3d014b1fdae8dde174615e8daf197f57df8844f1ca54324558fa5bf8cb29ff61d79e875215add6ac770a33f6715764a51ff909ef09937a01696f2da4f551788c4c6880f98ce733c1df478c48619d470c8d3ec3275e428ca29613e3645fad75baea6111ef57009e9ece2ddc89213281ce5d84a4d38c893c2be069c0fbd9841349bf9e336295eb3be50c52668026a3a0a43511ce47392bd6c4155e971ddcade3953d3b637ac33f3edd4fd8dc99f180ff6a533ca3d8e7494b2f74f34077f7c48f612fdc5af44d48f7cfb910b55e549e3b1bebf58efdfc4128877fd02f243e6b730ffd061d479e631b78f30f96516bb563d2e8c6ff86f22583703339c3cb74e8bfb75f9821a37013ee4f4980961f61124b991744233d090b81d6bd2ffe9f13fcedb94221f3ca3c84e07c4bfe5af81482811d10970049e401d1884302dde523fe369ff78e4f3e2f8c00e796cc1464c2ae57ec3990014d0de9490dc3502b6b140d030053f2d2a1da2ca6cf604e5a3d1df6b810892b1ed3fb36247276abb27fe4ba4b818ef78ca9545735cac45f864befb1991a11042217081ebcc11a368e471583e83615374868660576921b2be4a621614944532a7ac2127c828196c7d0cc494efc536262e57a7988d742b9fdef452ea2b971c5160b5edf159e3621c8338d0b4fccd766ad091e973fdc6738e6ce95907d84dad0907c1e050b141e67b07ebeee1a8fa2724bbb34d3daca1590d5ebf691e0bb63401328fd1f89e8496a065df32901a2cfe3cdc10f7083aeca7dcd11a2dbb464d1121870a3c6b55748128edf4cb006b3c3f92aed9495655c46c47b4df263cdf53a1448c2277908df46b2e0db8542d51c95ed84afdc36eacbbe6f21ddda859464e28998e49cf50d72ffcabb4726661c588faf117e3380d1e39b7daaa123d649606a7a98e6953dce589f39f1037b9d673de58291feafff3be09c09a77fefe55d907575d95ea6abf3a80da6f68f4353961c33a6651ad1c3b11a50ae7250f2ffca1d59d807367203b5b4b8ac7af9c9ca42eb780ff979a0491bfaaa8988495a31abf302e935f5424a6e03f1c6d004ab437412c215340b3f5d44e863f74349703fee85e2de1624a37e1e093e08d04de2bb2041ea3f9b0876461758a1591f65b291641d8ec471cabd50980b2d9aadf1500e4fc461d7305f0f07e12d4b57a9df4a0113d99b89f9b0dfba19d68f7f8846c1db228455d236ec323a675728c648ff3c988e6f33d911c2b8e7b8c088ee6dc0f1d6724da7047d622021d68abefd24b45ba9e8396927af5b62345259279d5a8fc5220de857f9cad616223db6ee6b4e55c529f553777584df0b984949a3ec341393fde85ee367477a39d351c2095c0133ac3a0ba7a65ec4381508e72491fc61f235ad4b4cac5065b18bc93980781732c6e87a635dfc7c321181bf06dc15e117cf5edd1ae10939319d5c47c0011f1caa76250c8cb966ec8ff61ebcdfc57f2bc81092bf3b42e845c4909e2c5561c33bf8167c85749107014bf9e88be44e796a8cad70015e3c843ccd8f62fd2c004314694381cd922994f2544e651b1b0094fbd668ce6590b54be7452d84b9852e66656a7fd7a29686c568fa340cbb22b0c22f243b293d3a5d52009b20323c96823e55ff0f9ca63a4460bf752028d6791e9c4cdc7164625cab32931444f1c791981ea2eb4df3931747fda0bbf14f1e028368ce46d4979b458b41fb256016f66408b8c5ca0e992761cae77b4be3704645508cc4a3289ac8939b56b7ddf7b9e7eb83a13b9e84c97e0db5c74437faee5a21d8b9691aad644fb749df8e7be111bda0a2e5bcff0f00006e8f57e298d8494ff0cea816aceecabc29bf5fcc0761bacfd73074f17cbb0f5ddc941aef7c369453e00d0d3e34c2e1bf70eda0007aeb4303868ed702b3e6df1bf56125b9320fd9d0011ec695f81486f5e0553fc8fe94aca9047ff7d84546a7bdeb7394610be8aca2c3c33737b34d3af8e381c56071707a2314c40ae294d6cd8d5ac922c3cb5870cb47c31cec46501deb6a9c1c901f84270903c475462c2772773bf8352b44f4fe0a9d2118a6e9ac2915186c19338cee2cb7752b4ab1ce836c250a786452bdde48ceb7ecf62586bce50c7509cf65dd6c0547d0044eb178ffd18301fcc205133f2c0c411321fccb63a6d66665ae911b4d1d2b11104408bfe0d759a32ebf646e877a5b06438f1ad0f4049c1a51f79e5dd1ac9a12f92aa94a5828d663cf1e23041c69a1f4682cd5e4b1685aa989e57fa107ffced3592540041c3c441c6d69d212fcab49e09b70efd212c4f9fdfe9b57568f579ad1203b718b3e2112ae4742cebf1d508b6f83aac0e8d805e3ffd3b958f2a915010486ff304e2fd2af89ea82105a59fb5e728e2f968f04d72bcade06ef532d569dcb8bd8862fc81eb015ff8f71de84a0430998c04baefb8c032d87df7a59c8ae833904868326c14fc09bded5146799aa4f68385a6eedf7c1a7835d790072f01adf50f542f63522621f50d5c9448506427e656d502b22dd612e2e3490d7490407bda55fb50c49bef7be1d64066a836b6b1faf7ade8bdc577b1ce5e42ae4c5847dde63be085928691c666702cd4382ce18f1eb9ebeced1e520bc71ba87fb1bbe03542595a4cb5aad2f761071ce1c7a8f6221a78dc23fee696cf48efcfce5b324b94bebc658d1f687ce328954e13330a0df47697a37e75f55fb4ad10e13492f79ec27bce475277cf735e27719c3358f87fdf50f12c534f22fef439c29ebfcfc9d5d82ed4a90e27d6f20cd8df09738ff2dfe57bb929ff19ab5befe0654c88d058a2ea4c20170069256b87776c1e9eb63056b7147713b3ad060b93241613f4784e2bcbe14721aee44ba851b70a5214458e3bb62a36de28946530ecdbc6d66e8c9ad104642dbb47d5294559d266460d4cc480fa5debd069fb972d40f2a37979258b022e14af92bad0e487d86954a37e8c30d5334ca59e48f160d7592703767abaf8715e9f6395037cda36822b834c09a3b47ca45684691702e008396dbbf02e96998bb7331eb95821fc5c30f234d606a6c2d7fbf8f7ae029c6fb24e88480f33e05dc3af1419423813f882c5f19f0311866991be190e9b959d8e452df6c5d99643d8f56d14f3453c9512f740bb106fcfef9a8e63e1d5e3962f442681ecb2848eec756c8d078f6032b30bbc76d46482388aa56169d276cc258de9839b74b2f1adb9578076ff80f421dc37299a080402e4c4309aaf31ce650fa76957471ae8087ed7bf31151640424cc4bde446d69f019de03276278df97822406deba9c7acc48a965412c6008326fed004bff2b02ff8b19a46818a5cfef00e30e4aa9d8deeca42a0d5019b1792dc668397bedb1f2057b57466472142fd19757480b0a9e420570a41e52db2f26bea1fae1298655d5b86bed107772d99be2a8f34d3225efe90ce37e98d40892e2618beb51c3760d1dce2590ff63f56660449d19a0ec4dd669ee407635b41406085b62503a7a14f49fb0fd5f11744133bd230207adebb022b2f4d204762f30eac275f172ad5c798ea69e314aafdd62802b06997b59915301977ed3819c943e50147ab1d10e65aa63936e1782be7b95b958e6ab6c09c06f37fe022e79dc25871913e9744192af94a270063b198d6d8ec610630a7895d9e4cf9b0db21b4e09bab930570e440df142c007ec14bae59f118d1a3b74d12c47d0e1e8c014fd3493add32aeb60a50453a38d94408f120c96966cc046ea34ce22459bc13848570bc3b60769ccf7fbb71cd752ade8e32dabbd0b4e0335e9d99274823678b6036518bd85ba562177f22a36f533431ed73d6227ea160874d2c352fc73fd2206c45fe0363098cf82fcd2d93b2794a1ae568708a6e3148a9e37225324e4adaf12e2e9f5949307f6cc464f681857dda172844de49ff52b0eabf97266eb6155c998e0c66d311cebad8a1f89ad71f8ec1d780ebc3bf56c23a2f3e70e6a73a239b965bd4cd588ccc42d6497b26807ba171d3c208cb23f1ac98232b59c898177eb6a407e311db89d4a8d7ea9529c1d843ae639351fdea7e852f2e7a23e5fe987bac777e55b5d6f09b49d5d583843c6e85022170d5707de86c9ba7be6d73b79c5520d1b2e0b051de8fa70e4133613138faf8bdb164c7e6e3b969fecf1fdd972b8521ff691496ed81e13817323e92491a0843603d0a7cd316255aa5605863cd40fd320e749e48d7bd96344cedd0b3f4005000000000000004b606966da45dde3da6a9a125374d9e4d509d32b99184bda79b9651afff260676d2ee99ec094818e0741ea85f01d21ed32d88d99964b36dcf97f24ef28df2962987c2f4ba3c076fa4861da5eef44714ffc747e054422887f6742eab7c4cfc017bb8ae82f6c449d182a6c0cf04097bbe229dd3f74a562f902101e8a9c8a2e0f7f39c85027fa02e4ef1e1cb8b9bbd1b31cf7fccda3b8b1a3094d1a29dff9a3d6f229629b49c962f9b2fde6535090e97d8ef89ab32ebc7886cf1b35584835bc7894e4f85d7b5da80ff7e32bbc3ef7655638276cedad30ffef1b32bf3f33b177e88065384ef5455030f57389454a01043b7a058d410bfc09dadf62a314b0f9557a23e89aaa2f02ab2d84db6f9e4cf569cf7a59b42d60619261b53687527d3fff31e532d93fbd042b8dcd10f270688018b0e622c3506190ebca76c14a60c1c252450c033a4d5f5de948aada1c85e94e09165afa67ff2c1d7dfc9e8fea1030e5f8ea54648613b52798466c2c1754cca0b963541eb1572f7fd45df5f6ccde903d2437b10d378839e60b4e5b58dab66a62f7602b6be65370b1a774dcdb3c95c776f6c720409af0b4b1232446430680e72bcf2ba3b756c632fb3269b3ca1b2374dd432997587acc69cb46fafeba8675d77a527516de727606cefac59431c964f25ed50c3e8b195490ec90e876d6fa36258e0ee7f2350396a72d8816194695a152a208e3c244bf0827e237839f326fbf42bbff73621d597fbd6515bebd33674ab59874d80b10f9a01e5e3b041a08557ee4c7aed750f9b44d62a629bd2e5247f540104d4a123ccc1a55e8cdc0d94ae132a9a54fce1e6f48092a6a9c29f610debae3f4115b61ba64cdd971fa60d60829fc64a4bedcc05d38b1acce7372c026923254be0121d182084f18c300626537e151cfad5f1269899bd11f841de847da7dc9df4a8b5af8a89a32f63127a2bd3eb69a840be746c395bfa034d63aa38b882ebe44b6ebe6e72d9f863377984b931fd60b640b9825537597ef72ccc4480a1c4523ff0589d2aede2f997009b2e9e4b0e9831fc412f2043b58bc0c418f9a359100d930c865011055d04c6009263b13ff9ae6323c1f97db5df8eec4a069079fd58ab8f4ff3494585a7bd4dd65750dffffffff421aeeadff77fea6d11d4d5636da4889305cb02f3d8948a992b3d71e30b89792f7454bc850a07dd8175fc2ad227d5e912cff1f72b7b919770cd598200566ae2ab04dc38cb516e8c42e6cd3b0975e5ba73c64d6a30f999cf6b6d75c4182b296fab26d6ee74395d36ae0038e7724af97a21321f26b15a4d6fa2f09cdc7c264606617e860e65560a8c74f742dc532a74fe67f7df63cab4aa874c8cc1da7d0a3ddfa5efe1a40059885ce0507d48e4260fe674989424a338bfdd0d67d1a1fa1e5d2af86f766b53d95319f4a187d8fc52045b0fa168b33329f2b0c6e3065d6dd3c11e705fff409b8671c03479273d9062f230ec37566b7ef562a61b90a9a67c2264a613347744a72cad181a2d72b093e6b4ce30517272d3819cb8e926106c42d31116d183f43a265411fefd71ac9f165c659ea34ff280e0c10a8a4ba4ee262df923ca14d2b7381901038d7dc229355546db164c32525ce9daeb707226970eeb9ecdd406feb3b269cc3e6ff9cdf958b93caa8d70bffb7812310af2852aec468c205e2414762f011db5ead0065cb33c4d8a11e445b2944c2a0b92d82384ad503ce5ca4b48b3e5ab699e4fc55433b3fddce62d531b9601febc20ee89d92066a39c523b1cd15a89bacd3ce5d1d55f36562fa1faeb2fa12515e5ed8c728d071bb3ace7bbacabce15d4fc8f13f60e3a9d3f15e0cfa569df1e6db3757ee4f7ae0de07f9dd3b87195c9ab92c87459c2e7e53a58307494a67bc192328a263428b55c00fb928ee6ca717092c6891d6d8cf22fc3c562d0b42367d4054f7358d7ff9fe56ddf1ffad8b265496046b05fe6d44245581376a4a31a081bfcbdc0be5153c522f353d4513f37eb2d325469b5588256fc0a7c801760d9c1f1b79afe46d78b274fec5432b5c9f1d56c70721a1e8c687155ce7e620970e4066d5a7caf5d6b9d6fdec382a87cbcf911eb5f9d8887d5cee0cfa6c622a04e01862e1694f36dab22da07cc190645d879e284762809678c9a1217e8ee95cc5c4ef0814b150aac88c2622bb28c75a85c69a5bf8a6be069f179cfe37eee21e623a47b31d099a7166082c0050a4953b065954b831ec74bc26f4564f6e2167f74484105ca6cd452a581b1a499ef58a56b7cf41cd7256b95a41ae5b08e58530ffd9e882324b3bcb939d450835f8da78671510412a87f8bc1438d5126dd85c0c140d70008c0c865b9567b878df8c17a882cb7d7814cc3295ae8d88ec675b6da08a28180aa6e00b3e1129e8ea2b34eed8da6e8e4cdfc280baced445937c65648c9d15919f4565d417ca45a31569783b7922c2e53ab3e865b803ccb3db695340a5dceb8ff4b7ed52a88f90a0c65efab4593f6a73cc54887e2d36367792c22c108c383c688756aa6b7330becb77658a4094cc9d0d27df19ef0ffeab2d575ae793c9e59ee0f0de1d985fec89d7617202064a87d2ee78a169b7ed96c7aa436bdd1e066a6dc0ba74a4f4fa5c59b8fac189334418c5592dac087a9ba348ad0f80ac98143909b1e2932cd02e8183121f1643b301ebc996cadf82132d0bf480eedc2757e673beb2022806be4faa63b3b5f174d239489c27cd9b46390da0329536cc85101ff1cc333a9137f5d5f9f018dead7715968ef6cf3014d2489d15e9f90ae6678a1ce41ca40b8d34bab5484ecd44ea59566339293be5364ad1da16388ac86bebb0a5c4536267fa7ec5719e1809050a9e9186b9cf6a42c8dc33eefd18b5108606c3b5cf4d0693e7ce38639baee8ec91886f3be8d859bf4f5ecc0c5bf745e1d44c70612bdade74fc87e4e4e5b7812b4493121b95b52fffa5d8f521dd4877e45cde64304f68eb505a0bb9eec849f44ac02d6e8363f20ce901d7258a7225fada794f72900addb462415d5925642f6fd0caa873f29affa30cda39ead7ce982011570426d163251149e8e91c85941320803f80bc93edcd136b33147a7a769eba022412dcca7eccac8374698c6466bc4cded5c20f66d6c10e00ade8f14f16a74b21c333a7146f7779027b509edc3a5af22f03c1e0f231f55ecf9385f0ceee1d603b1c46666b71aa2ac8f1bda56741ceb06a548394337142cb77332d1473fe26057160783e1baed1da1022d41b4518e602e04475df9d245d99e65567880738e1426552f5140d5079789f2424769652fe0daf590fc592231115915c613fe7b19892eb7f8538ee0625aae6edf88185b17e0ed6df1037a49ac2343fd9d939ef243fdbb776d0baa6c0cb7a63936d4a55493d9d6064bae33e2e1704947b316c57d09287c9b75e7258917bef82297299d760a6f992135d4fada4529eb2b29fd7b34c3e578c5e5e872701ad87870f280ed7d42f997b8b5757f58fd8fa598cee052fac13cbcc8a6dd6487087a3a12d7d1772d329c66265773492de054159848f7da9d0bb48cf565aa753b0e4f786d651d59a31a1d251afee80ae079878c50e2bcb4699d6057def64a28500a57c5daf28020d641705b2e8760ecd117e02eee36a71302f11f0e947ce91c3bac869271a101dd15506252cbfa9594e368c5faeeaf5fe8cceddc6789b0ab58ae685780f1022d3dd00ba9d9d8a100bf2be706772c320e77e9d668e95dda2c507f1a0561b0d113cd59e0d2c6d3fe60ba27f1a8bcac15f7aa54d8e1e71acd41b0f190c8b001b6016520f51becc5cca79080ec07a955b1f00", 0x2000, &(0x7f00000001c0)={0x0, &(0x7f0000000180)={0x18, 0xfffffffffffffffe, 0x800100002000006, {0x6}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x200010, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
sendmmsg(r0, &(0x7f0000007180)=[{{&(0x7f0000000180)=@hci={0x1f, 0x0, 0x2}, 0x80, &(0x7f0000001940)=[{&(0x7f0000000240)="32d97fd25deb5e45259603f494f8b43451682a5b2ba7817817b129c8a67441620839d98d1720bf06c909b093855f20936555e773bd71950b3df938396818b540919b0af9763f39376908d473dbe466d69293d79f80d44412ad19cd29bfd624810c1d77e35521dac6bf7008403848f37b40e0186a7138048bd516aa396e", 0x7d}, {&(0x7f0000000300)="b9129791", 0x4}], 0x2}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000000)={0x0, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_ACQUIRE(r4, 0x6430)
syz_emit_ethernet(0xae, &(0x7f0000000240)={@random="05c38c886b60", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x78, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1803"}, {0x0, 0x1, "a200fffffff5000000000000"}, {0x0, 0x1, "fe906d26efe3"}]}}}}}}, 0x0)

7m17.296777618s ago: executing program 2 (id=20):
r0 = syz_open_dev$sndpcmp(&(0x7f0000000080), 0x0, 0x101000)
ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(r0, 0x40184150, 0x0)
syz_emit_vhci(0x0, 0x0)
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setparam(0x0, &(0x7f00000000c0)=0x7f)
sched_setaffinity(0x0, 0xfffffffffffffd7a, &(0x7f0000000580)=0x8000000002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f000001aa40)=""/102392, 0x18ff8)
ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000d84000)={0xa, 0x2, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x0, 0x20000000, @remote, 0x1}}, 0x0, 0x0, 0x0, 0x0, "ddfd3b7ed7c6a1c172a987ae5ce3cafd64c9a736831a5912d606798fb75c9981c4b3ac0e06891ff18bc5543ed57215a3c45f9154dfa319e52a15a2b9acf80c07fb1a854dad742eef6187f2304844c296"}, 0xd8)
sendto$inet6(r4, 0x0, 0x0, 0x20004002, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f00000005c0)='fd', 0x0, r1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
mount$binderfs(0x0, 0x0, 0x0, 0x0, 0x0)

7m15.646850769s ago: executing program 2 (id=24):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, 0x0, 0x0)
futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000), 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r4, 0x4b67, &(0x7f0000000040)={0x3ffffffffffffe96, &(0x7f0000000000)=[{0x2000, 0x5}]})

7m11.220057167s ago: executing program 2 (id=29):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
r0 = getpgrp(0x0)
prlimit64(r0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(0xffffffffffffffff, 0xc08c5336, &(0x7f0000000240)={0xffff24df, 0x2bc04a7e, 0x1, 'queue1\x00', 0x4})
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mount$nfs(0x0, &(0x7f0000000640)='.\x00', &(0x7f0000000680), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r4, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvfrom(r4, &(0x7f0000000480)=""/110, 0x168f6f3d, 0x734, 0x0, 0xfffffffffffffecb)

7m9.474001925s ago: executing program 2 (id=30):
syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000a80)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00a717cf64394a00dc299b573660f498c4d99aac48af10923f703f53e58070c2bf4575228d0e471df7101ac03b8d48a1b0fc276e395f25b63e9a27cd2ab98888989eec154d97b4dbcf"], 0x1, 0xa09, &(0x7f0000001540)="$eJzs3UuMHEfdAPDq2Z31M5/H+WyyOCaxCSThkd14vZiHBXEUX7DiiFukiIvlOMHCMQhHgkQ52D5xI1FkrjzEKZcIEBK5ICsnLpGIJS45BQ4csIwUiQME7EW7WzU7+/eMemZt73h2fj+ptqa6aqaqZ3t6erq7qhIwthpLf+fnp6uULr3z5tG/P/y3LYtLnmiXaC39nexINVNKVU5Phtf7cGI5vv7Raye7xVWaW/pb0umZa+3nbkspnU/70uXUSnsuXXnjvbmnj184dnH/+28dvnpn1h4AAMbLty4fnt/9lz/dv/Pjtx84kja1l5fj81ZOb8/H/UfygX85/m+k1emqI3SaCuUmc2iEchNdynXW0wzlJnvUPxVet9mj3Kaa+ic6lnVbbxhlZTtupaoxsyrdaMzMLP8mT0u/66eqmbOnz7xwbkgNBW67fz6YUtonCMI4hoUdw94DASyL1wtvcj6eWbg17Veb7K/+a082uj8fboP13v7VP1r1/+qCPQ63z0bdmsp6lc/R9pyO1xHi/UuDfv7L68XrEc0+29nrOsKoXF/o1c6JdW7HWvVqf9wuNqqv57i8D98I+Z2fn/g/HZX/MdDdv5z/F4SxDQvD3gEBd61439xCVvLjfX0xf1NN/uaa/C01+Vtr8rfV5MM4++3LP0mvVyu/8+Nv+kHPh5XzbPfk+P8GbE88Hzlo/fG+30Hdav3xfmK4m/3+xLOnvvL8c1eW7/+v2tv/jby978vpVv5sXc4FyvnCeF69fe9/a3U9jR7l7g3tuadL+aXHu1aXq3atvE7q2M/c1I7p1c/b0avc3tXlWqHclhw2h/bG45Ot4Xnl+KPsV8v7NRnWtxnWYyq0o+xXduY4tgPWomyPve7/L9vndGpWL5w+c+rxnC7b6R8nmpsWlx9Y53YDt67f/j/TaXX/n+3t5c1G535hx8ryqnO/0ArL53osP5jT5XvuOxNblpbPnPzemedv98rDmDv3yqvfPXHmzKkfeOCBBx60Hwx7zwTcabMvv/T92XOvvPrY6ZdOvHjqxVNnDx46dHBu7tBXD87PLh3Xz3Ye3QMbycqX/rBbAgAAAAAAAAAAAPTrh8eOXvnzu1/+YLn//0r/v9L/v9z5W/r//zj0/4/95Es/+NIPcGeX/KUyYYDVqVCumcP/h/buCvXsDs/7RI7b8/jl/v+lujiua2nPfWF5HL+3lAvDCdw0XspUGIMkzhf46RxfzPEvEwxRtaX74hzXjW9dtvUyPoVxKUZT+b+VraGMY1L6f/ca16ns/3euQxu5/dajO+Gw1xHo7h/G/xaEsQ0LC2bxAO4Ow57/s5z3LPHZP3xz82Ioxa49uXp/GccvhVtxt88/qf6NNf9ne/67vvd/Yca81trq/ffPrn7QUW3a02/9cf3LONC7Bqv/41x/WZtHUn/1L/wi1B8vCPXpP6H+rX3Wf9P6711b/f/N9Ze37dGH+q1/ucVVY3U74nnjcv0vnjcurof1L2N7Drz+a5yo8UauH8bZqMwzO6hRmf+3l3gfxpdyuuwIy30Ocb6TQdtf7q8o3wO7w+tXNd9v5v8dbV/Lcd3nocz/W7bHVpd0oyPd7PLebtR9DYyqD13/E4SxDQsLC3f2hFaNoVbO0N//Yf9OGHb9w37/68T5f+MxfJz/N+bH+X9jfpz/N+bH+fVifpz/N76fcf7fmH9feN04P/B0Tf4na/L31OTfX5O/tyb/UzX5+2vyH6jJf7Am/96a/Idq8j9Tk//ZmvyHa/Ifrcn/XE3+Rlf6o4zr+sM4i/3zfP5hfJTrP70+/7tq8oHR9dO3Dzz13G++3Vru/z/VPh9SruMdyelm/u38o5yO171TR3ox792c/mvIv9vPd8A4ieNnxO/3R2rygdFV7vPy+YYxVHUfsaffcat6HeczWj6f4y/k+Is5fizHMzmezfGBHM+tU/u4M5769e8Ov16t/N7fEfL7vZ889geK40Qd7LM98fzAoPezx3H8BnWr9a+xOxgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDQNJb+zs9PVyldeufNo88ePz27uOSJdonW0t/JjlSz/byUHs/xRI5/nh9c/+i1k53xjcV4KqUqzaUqVe3l6Zlr7Zq2pZTOp33pcmqlPZeuvPHe3NPHLxy7uP/9tw5fvYNvAQAAAGx4/wsAAP//2XsNow==")
r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x1b5)
openat(0xffffffffffffff9c, 0x0, 0x143042, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x44014)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x88f0b000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)=""/4091, 0xffb}, {&(0x7f0000002580)=""/4096}, {&(0x7f00000014c0)=""/155}, {&(0x7f00000024c0)=""/170}], 0x1}}], 0x40000000000013e, 0x2, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40186e8d, &(0x7f0000000040)={0x0, 0x42c0000000003f, 0x400, 0x200000003, 0x6, 0x3, 0x2401})

7m7.541990277s ago: executing program 32 (id=14):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0xfffffffe)
r2 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xe032, 0xffffffffffffffff, 0x80000000)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00', 0x32a})
write$sndseq(r4, &(0x7f0000000000)=[{0x1e, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1001a)
bind$unix(r0, &(0x7f00000002c0)=@file={0x1, './cgroup\x00'}, 0x6e)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
ioctl$VIDIOC_STREAMON(r2, 0x40045612, &(0x7f0000000140))
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, &(0x7f0000000440)={0x5, 0x20000006, 0x0, 0x0, 0x6})

7m5.539151926s ago: executing program 33 (id=17):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket(0x10, 0x3, 0x0)
socket(0x400000000010, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f0000000040)=[{&(0x7f0000000000)="290000002000190f00003fffffffda060200000000e80001dd0000040d001800ea11c21d0005000000", 0x29}], 0x1)

6m54.248694975s ago: executing program 34 (id=30):
syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000a80)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00a717cf64394a00dc299b573660f498c4d99aac48af10923f703f53e58070c2bf4575228d0e471df7101ac03b8d48a1b0fc276e395f25b63e9a27cd2ab98888989eec154d97b4dbcf"], 0x1, 0xa09, &(0x7f0000001540)="$eJzs3UuMHEfdAPDq2Z31M5/H+WyyOCaxCSThkd14vZiHBXEUX7DiiFukiIvlOMHCMQhHgkQ52D5xI1FkrjzEKZcIEBK5ICsnLpGIJS45BQ4csIwUiQME7EW7WzU7+/eMemZt73h2fj+ptqa6aqaqZ3t6erq7qhIwthpLf+fnp6uULr3z5tG/P/y3LYtLnmiXaC39nexINVNKVU5Phtf7cGI5vv7Raye7xVWaW/pb0umZa+3nbkspnU/70uXUSnsuXXnjvbmnj184dnH/+28dvnpn1h4AAMbLty4fnt/9lz/dv/Pjtx84kja1l5fj81ZOb8/H/UfygX85/m+k1emqI3SaCuUmc2iEchNdynXW0wzlJnvUPxVet9mj3Kaa+ic6lnVbbxhlZTtupaoxsyrdaMzMLP8mT0u/66eqmbOnz7xwbkgNBW67fz6YUtonCMI4hoUdw94DASyL1wtvcj6eWbg17Veb7K/+a082uj8fboP13v7VP1r1/+qCPQ63z0bdmsp6lc/R9pyO1xHi/UuDfv7L68XrEc0+29nrOsKoXF/o1c6JdW7HWvVqf9wuNqqv57i8D98I+Z2fn/g/HZX/MdDdv5z/F4SxDQvD3gEBd61439xCVvLjfX0xf1NN/uaa/C01+Vtr8rfV5MM4++3LP0mvVyu/8+Nv+kHPh5XzbPfk+P8GbE88Hzlo/fG+30Hdav3xfmK4m/3+xLOnvvL8c1eW7/+v2tv/jby978vpVv5sXc4FyvnCeF69fe9/a3U9jR7l7g3tuadL+aXHu1aXq3atvE7q2M/c1I7p1c/b0avc3tXlWqHclhw2h/bG45Ot4Xnl+KPsV8v7NRnWtxnWYyq0o+xXduY4tgPWomyPve7/L9vndGpWL5w+c+rxnC7b6R8nmpsWlx9Y53YDt67f/j/TaXX/n+3t5c1G535hx8ryqnO/0ArL53osP5jT5XvuOxNblpbPnPzemedv98rDmDv3yqvfPXHmzKkfeOCBBx60Hwx7zwTcabMvv/T92XOvvPrY6ZdOvHjqxVNnDx46dHBu7tBXD87PLh3Xz3Ye3QMbycqX/rBbAgAAAAAAAAAAAPTrh8eOXvnzu1/+YLn//0r/v9L/v9z5W/r//zj0/4/95Es/+NIPcGeX/KUyYYDVqVCumcP/h/buCvXsDs/7RI7b8/jl/v+lujiua2nPfWF5HL+3lAvDCdw0XspUGIMkzhf46RxfzPEvEwxRtaX74hzXjW9dtvUyPoVxKUZT+b+VraGMY1L6f/ca16ns/3euQxu5/dajO+Gw1xHo7h/G/xaEsQ0LC2bxAO4Ow57/s5z3LPHZP3xz82Ioxa49uXp/GccvhVtxt88/qf6NNf9ne/67vvd/Yca81trq/ffPrn7QUW3a02/9cf3LONC7Bqv/41x/WZtHUn/1L/wi1B8vCPXpP6H+rX3Wf9P6711b/f/N9Ze37dGH+q1/ucVVY3U74nnjcv0vnjcurof1L2N7Drz+a5yo8UauH8bZqMwzO6hRmf+3l3gfxpdyuuwIy30Ocb6TQdtf7q8o3wO7w+tXNd9v5v8dbV/Lcd3nocz/W7bHVpd0oyPd7PLebtR9DYyqD13/E4SxDQsLC3f2hFaNoVbO0N//Yf9OGHb9w37/68T5f+MxfJz/N+bH+X9jfpz/N+bH+fVifpz/N76fcf7fmH9feN04P/B0Tf4na/L31OTfX5O/tyb/UzX5+2vyH6jJf7Am/96a/Idq8j9Tk//ZmvyHa/Ifrcn/XE3+Rlf6o4zr+sM4i/3zfP5hfJTrP70+/7tq8oHR9dO3Dzz13G++3Vru/z/VPh9SruMdyelm/u38o5yO171TR3ox792c/mvIv9vPd8A4ieNnxO/3R2rygdFV7vPy+YYxVHUfsaffcat6HeczWj6f4y/k+Is5fizHMzmezfGBHM+tU/u4M5769e8Ov16t/N7fEfL7vZ889geK40Qd7LM98fzAoPezx3H8BnWr9a+xOxgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDQNJb+zs9PVyldeufNo88ePz27uOSJdonW0t/JjlSz/byUHs/xRI5/nh9c/+i1k53xjcV4KqUqzaUqVe3l6Zlr7Zq2pZTOp33pcmqlPZeuvPHe3NPHLxy7uP/9tw5fvYNvAQAAAGx4/wsAAP//2XsNow==")
r0 = open(&(0x7f0000000080)='.\x00', 0x0, 0x1b5)
openat(0xffffffffffffff9c, 0x0, 0x143042, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x44014)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x88f0b000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)=""/4091, 0xffb}, {&(0x7f0000002580)=""/4096}, {&(0x7f00000014c0)=""/155}, {&(0x7f00000024c0)=""/170}], 0x1}}], 0x40000000000013e, 0x2, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40186e8d, &(0x7f0000000040)={0x0, 0x42c0000000003f, 0x400, 0x200000003, 0x6, 0x3, 0x2401})

5m15.167602965s ago: executing program 7 (id=329):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x80, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_REPLY={0x1c, 0x10, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x133}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0xcd}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x5ff}]}]}, 0x80}}, 0x0)

5m14.921502171s ago: executing program 7 (id=332):
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x200000, &(0x7f0000000100)=ANY=[@ANYBLOB='quiet,dir_umask=00000000000000000000007,iocharset=koi8-ru,codepage=koi8-ru,quiet,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c66696c655f756d61736b3d30303030303030303030303030303030303030313236342c63726561746f723d8c10b0812c66696c655f756d61736b3d3030303030303030303030303030322c00"], 0x2, 0x36b, &(0x7f0000000d80)="$eJzs3c1O1EAAB/D/tPspBCtgMN5ETTyRBQ8aY6Ix3HwBD4aIUBJCxQQwUaIBPXgyxpuJiUdvno2+gl6ML6AnDsSTXggx1Mx0uu2Wme4uHwXC/5ewdNv5nnY6g+4WRHRs3Rr/+eHymvwRZQAugGuAA6AGlACcxlDt0fzS7FLgT+cl5KoY8kcgiim2hZma901RZTwVQ/PkuxJ60/tof4RhGP5qG+pPIWWhgyOia38bB6jqq1MdrxVesh1Z7SBAtZiiHCKpHhYb2DD3OBERHSf6/u/ou0Svnr87DnBRz8OP0v0/ll5BtNztNoCnJ4svz6Gh7v+Pk94MhWwf1SIiWe+pJZxsQydeJZrSUqmUMzvDpLkriM6slg4QhlVly4xMlcWpz8wG/siqSuAFbmipYIPqdTo6dWO20laiX8OGtWmOvLrn61F1KMs6lC3lH+g6xy/reGvObuJbpX2ZxFfxXUwID+8wjT69sxQK2TgqugfU9e64TWcDv2FPUdXSU7VstNQyufpOqUzOxj3w+WNSy7qtXWtwZVlMZCoiO3/XJQDeWFpB7e5vHRR074zaa6diDRhjjTXfbxpjDWZj1WfKgT8y9TCITvpwxZ7tXjDO78VrcUcM4zc+YbzZ/7KrXTnUW67M7MgvVMioFRrN+piUVEhLP7ZQJ9uDrq5Mwua/MKLfZ8dhMw+vcB9X0bf4ZHluMgj8hcI25GhhPBRfKgWXx7YRnYj6dJR75O9UGNTkhmzuPct0KwxD46GSucXiDaejLCpxUW1ljk6dK++bVVbDrP5Tyu4qiNWoDVOHbtoDJ8OmqrvWZaYq+kozlrxbdBP9b5S77HdjGJGUcKGyvydknNVkEJxpdpyLakdXSn0Hmd5+NjcZ7HhEoiNk8eU5PeZg6O769YMuDhVPzrtEtP5LrVcaatSRL17OaiRsl3gqxVHLCqhfvZ5IVhtC//0+Z83VY1/B9cQbgT+Wt+Y6fwm4kNopc3MQ5/g8m6yHeLJ+CP9VsmoqVj27Yzm1LcbxA/dS838iIiIiIiIiIiIiIiIiIiIiIiIiIjoSkv/07+3y4wRb+nNI5k9iJNaO4RdvEBERERERERERERERERERERERERERERHtTur5v4CrnhhT2fPn/8Zf7N3p83/dDp7/K9o+4pOI2vgfAAD//xhyY3Q=")
mkdir(&(0x7f0000000040)='./bus\x00', 0x40)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000001280)=""/4089, 0xff9)

5m14.385709942s ago: executing program 7 (id=338):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x5d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
setreuid(0xffffffffffffffff, 0xee00)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

5m13.205427001s ago: executing program 7 (id=342):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x1e0)
setxattr$trusted_overlay_origin(&(0x7f0000000100)='./file0\x00', &(0x7f0000000000), &(0x7f0000000b40), 0xfe68, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})

5m12.367579276s ago: executing program 7 (id=347):
socket$igmp(0x2, 0x3, 0x2)
socket$igmp(0x2, 0x3, 0x2)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/raw\x00')
pread64(r0, &(0x7f0000000400)=""/176, 0xb0, 0xe1)

5m10.418832247s ago: executing program 7 (id=368):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000480), 0x800)
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000240)={{0x3, 0xfffffefd, 0x5, 0xb7a4, 0x1, 0xffff}, 0x341, [0xc, 0x40, 0xcd6, 0x4, 0x6, 0x0, 0x3, 0x27, 0x9, 0x7a18fde9, 0x9, 0xf12, 0x4, 0x3, 0x378, 0x350bae1e, 0x4, 0x0, 0x1, 0xffff06bd, 0x0, 0xd4f, 0x7, 0xf2, 0x10, 0x5, 0x8, 0x6, 0x401, 0x80000000, 0x2401, 0x3ca5, 0x1, 0x0, 0xff, 0x8, 0x4, 0x3, 0x0, 0x0, 0x54, 0x80000000, 0x7fff, 0x7, 0x3, 0xa, 0x0, 0x10000, 0x401, 0x8, 0xffff, 0x91ba, 0x7, 0x9, 0x1, 0xb6, 0x20, 0xcb, 0x5, 0x7f, 0x5, 0x311, 0x66d1, 0xfffffffd, 0xa7d6, 0xb6eb, 0xc74, 0x77, 0x1, 0xff, 0x5cb5, 0x3, 0x3fd, 0xedf4, 0x4, 0x1000, 0x6, 0xfffffffe, 0x8001, 0xc1, 0x1, 0x5, 0x1, 0x32, 0x98, 0x7f, 0x0, 0x401, 0x2, 0x2, 0x4680, 0x7, 0xe665, 0x3c6e, 0x3, 0x40, 0x80, 0x4f, 0x8000, 0x2, 0xb, 0x6, 0x4fa4, 0x80000002, 0x1, 0x8, 0x0, 0xfffffffa, 0x0, 0x9, 0x100, 0xfe, 0x4, 0x40, 0x9, 0x1b, 0x1ff, 0x7ff, 0x2, 0x80000000, 0xffff, 0x9, 0x0, 0x6, 0x2, 0x1, 0x3, 0xa0, 0xf, 0x1ff, 0x9, 0x7, 0x6, 0x400, 0x8, 0xff2, 0x6, 0x0, 0x6, 0x0, 0x9, 0x1, 0x8000, 0x664, 0x4, 0x9, 0x9, 0x2, 0x4, 0xfffffffd, 0x10, 0x5, 0x9, 0x10000, 0x1, 0x9, 0xf7a, 0xc6, 0x1, 0x4, 0x6, 0xffffffff, 0x6, 0x10001, 0x3042c26b, 0x68, 0x7, 0x1, 0x5, 0x3, 0x9a3f, 0x400001, 0x0, 0x80000067, 0xffff0000, 0x7, 0x10000000, 0x10001, 0x7, 0x3, 0x10, 0x10a, 0x2, 0x40, 0x1c, 0x80, 0xb5f8, 0x8bc, 0x3, 0x101, 0x5, 0x63, 0x4, 0x1, 0x10, 0x1000, 0x288c, 0x1ffe, 0x73ee, 0x1, 0x5, 0x9, 0x7fffffff, 0x73, 0xa, 0x8, 0x6, 0x400, 0x40, 0x0, 0x0, 0x0, 0x546c, 0x981, 0x5aa, 0x7fff, 0x7, 0x4, 0x8, 0x6688, 0x45e4, 0x5, 0x7, 0x1, 0x5, 0x3, 0x0, 0x1, 0x2, 0x2, 0x4, 0xce, 0xf, 0x0, 0x1, 0x667, 0x3, 0x0, 0x9, 0x9, 0x37c, 0x10001, 0x9, 0x1, 0x1, 0x2, 0x6, 0x4, 0x6, 0x1, 0x9, 0x6, 0x80000000, 0x2, 0x0, 0x9, 0x5, 0x2, 0x7, 0x3, 0xffffff1b, 0x9, 0x2, 0xd, 0x34ea, 0x10000, 0x0, 0x80000001, 0x8, 0x8000, 0x3a, 0x10, 0x8, 0x9, 0x5, 0x1, 0x6, 0x10001, 0x0, 0x4, 0x10000, 0x9, 0xffff, 0xe, 0x89, 0x2, 0x7, 0x1, 0x73, 0x3, 0x9, 0x2, 0x1, 0x9, 0x2, 0x7, 0x0, 0x2, 0x4, 0x29, 0x9, 0x0, 0x80000004, 0x4, 0x0, 0x1, 0x4, 0x5, 0x4, 0x0, 0xf, 0xa, 0x100, 0x4, 0x59b, 0x7, 0x9, 0x6, 0x3, 0x2, 0x4, 0xbf, 0x0, 0x8, 0x40, 0xd3, 0x7, 0x1, 0x89aa, 0x8, 0x7, 0xf0ce, 0x4, 0x1, 0x2, 0x2, 0xc6, 0x1000, 0x5, 0x937, 0xa, 0x6, 0x3, 0xffffffff, 0x8, 0x9, 0x0, 0xffffffff, 0xbe, 0x1, 0x7, 0x2, 0xffffffff, 0x0, 0x3d9, 0x0, 0xc, 0x9, 0x7, 0xfffffeff, 0x100, 0x2, 0x7fff, 0x101, 0x7, 0x6, 0x706, 0x2, 0x49, 0xe, 0xfffffff7, 0xfffff772, 0x8, 0x80000000, 0x6, 0x1, 0xa9c, 0x9, 0x7, 0x1, 0x2, 0x5, 0x1000, 0x6, 0x1ff, 0x9, 0x3, 0x3, 0x10001, 0xf7ff0000, 0xf, 0x4, 0xffffa5ba, 0xffffa9b4, 0xb, 0x4, 0x8000005, 0x3, 0x4b5f, 0x6, 0xa, 0xffffffff, 0x1, 0x80000000, 0xb, 0x0, 0xc8f, 0x1, 0x7, 0x8, 0x0, 0x10000, 0x57dc, 0x818a, 0x10, 0x8, 0x10, 0xfffffffc, 0xfffff001, 0xa, 0x5, 0x5, 0x4, 0xfff, 0x9, 0x10, 0xfffffffb, 0x4, 0xc2, 0x7f, 0x5, 0x2, 0x80000000, 0xd, 0x3, 0x1, 0x0, 0x5, 0xb8, 0x101, 0x401, 0x2, 0x7, 0xc, 0x6623258, 0xf2, 0x741, 0xae6, 0x9, 0xffffa0ae, 0x9, 0x6, 0x2, 0x8, 0x9, 0x1, 0x5, 0x9a, 0x9, 0xb, 0x800, 0x4, 0x3ff, 0x5, 0x7, 0x7, 0x8, 0xfe, 0x7f, 0x9, 0x4, 0x2, 0x20000000, 0x2, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x7, 0x8000005, 0x0, 0xfff, 0x101, 0x4, 0x0, 0x96c6, 0xc, 0x5, 0xfff, 0x104, 0xffff, 0x1, 0x401, 0xf0, 0x0, 0xfffff53d, 0x9, 0x2, 0x6, 0x0, 0x6, 0x4b15, 0x10000, 0x1, 0x9, 0x1, 0xd, 0x9, 0x4, 0x9, 0x1, 0x6, 0x0, 0x3, 0x10001, 0x1, 0x7, 0x1, 0x5, 0x8, 0xffffc487, 0x200, 0x10001, 0x37c, 0x7, 0x6, 0x6, 0x8, 0xfffffe00, 0x1, 0x1, 0x0, 0x10, 0x0, 0x3, 0x4, 0x80000000, 0xb46d, 0x3, 0x1000, 0x1eb4bce6, 0x10, 0x8, 0x1, 0x5, 0x1, 0x5, 0x9, 0x1000, 0x7, 0x62f2f805, 0xc, 0x3, 0xffffffff, 0x0, 0x7e, 0x6, 0x8, 0x40, 0x5, 0x2, 0xa, 0x5, 0x6, 0x80000000, 0x4, 0xb, 0x7, 0x7, 0x1, 0x5, 0x9, 0x6709, 0x80000001, 0x0, 0x3, 0x8, 0x6, 0x0, 0xa958, 0xff, 0x5, 0x6, 0x2, 0x4, 0x10000, 0x80000001, 0x5, 0x1c00, 0x9, 0x0, 0xb7, 0x3, 0xff, 0x9, 0xffff, 0x80, 0xfea5, 0x7fff, 0x7, 0x7, 0x7, 0x7485, 0x9, 0x8, 0x0, 0x5, 0xf, 0x5, 0xe, 0x6, 0x1000, 0xb, 0x7, 0x382d, 0x459, 0xcad, 0x9, 0x0, 0x2, 0x9, 0x5, 0xffff8000, 0xe0, 0xfffffffb, 0x85, 0xffffffff, 0x2, 0x7, 0xa05a, 0x0, 0x0, 0x101, 0x35, 0x8, 0x1, 0x1, 0x30, 0xffffff7e, 0x1, 0x2, 0x9, 0x3, 0x7, 0x8, 0x8, 0x4000, 0x20000001, 0x4, 0x15294b70, 0x3, 0x3, 0x2, 0x43, 0x3, 0x9, 0x5, 0x80000004, 0x6, 0x0, 0x5, 0x81, 0x1, 0x2, 0x3fd, 0x1df, 0x6, 0x6, 0xfffffffa, 0x1a, 0x9, 0x2, 0x9, 0x1, 0x9, 0x8, 0x2c1, 0x9e95, 0x2, 0xfffffedd, 0x30c4, 0x2, 0x389f, 0x7b, 0x0, 0x8, 0x9, 0x6, 0x9, 0x9, 0x8, 0x3, 0x8, 0x1ff, 0x7fff, 0x3, 0x8000002, 0x8, 0x2b, 0x200006, 0x80000004, 0x1, 0x10000002, 0xfb4, 0xbfa, 0x48, 0x405, 0x6, 0x4, 0x8001, 0x9, 0x8, 0xffffffff, 0x6ae574d2, 0x5, 0xfffffe00, 0x1000, 0x5, 0x92, 0x3, 0x7fffffff, 0xd7, 0x8001, 0x905, 0x3, 0x6, 0xfffffb31, 0xb, 0x4, 0x7, 0x8, 0x1, 0x6, 0x1, 0xff, 0x100, 0x8, 0x5, 0x6, 0x80000000, 0x0, 0x100a, 0x7fffffff, 0x3fff, 0x2, 0x17, 0x2, 0x9af, 0x10001, 0x8, 0x4, 0x8, 0x6, 0x7742348d, 0x5, 0x5, 0x1f, 0x40, 0x0, 0x6, 0x8, 0x7, 0x7, 0x8, 0x17f, 0x6, 0x2, 0x5, 0x6, 0x1, 0xb, 0xe, 0x5, 0x1, 0xfe7, 0xfffffffc, 0xfffffffa, 0x7ff, 0x3e9, 0x0, 0x3, 0x2000, 0xd, 0x3, 0x4, 0x3, 0x81, 0x8, 0x14, 0x8, 0x9, 0x6, 0xffff, 0xf28c, 0x7, 0x6, 0x4, 0x7fffffff, 0xffff, 0x7fffffff, 0xc9, 0x2, 0x0, 0x924, 0x6, 0x100, 0x1, 0x5, 0xffff351b, 0x8, 0xfffffffb, 0x7, 0x9, 0x2, 0x5, 0x4, 0x1, 0x4, 0xff, 0xee, 0x2, 0x4, 0x8, 0x9f, 0x7, 0x3, 0x9, 0xc9, 0x10001, 0x1, 0x1, 0xfffffff7, 0xfffffffb, 0x5, 0x5, 0x6, 0x400, 0x51, 0x7, 0xefb, 0xb8, 0x8, 0x5, 0xfffffff7, 0x7, 0x7, 0x5, 0x6330, 0x0, 0x6, 0xea, 0x0, 0xfff, 0x809, 0x6, 0x40, 0x6, 0xffff, 0xfffffffa, 0x3, 0xa850, 0x1, 0x6, 0x7, 0x5, 0x7, 0x2ec, 0x9, 0x6, 0x401, 0x6, 0xfff, 0x0, 0xa7b, 0x62cc, 0xfffffff7, 0x7, 0x40, 0xa, 0x8, 0x3, 0xe, 0x1, 0x1, 0xc, 0x40, 0x3, 0x4, 0x5, 0x5, 0x7ff, 0x5, 0x8, 0xfffffffb, 0x3, 0x3, 0x2, 0x80000002, 0x54, 0x400, 0x1, 0x8, 0xa, 0xb, 0x7, 0x3, 0x72, 0x80, 0x1000, 0x7, 0x800, 0x6, 0xd19, 0x3, 0x93c, 0x6, 0x0, 0x0, 0xe, 0x5, 0x3, 0xfffffffa, 0xa01, 0xf3, 0x65, 0x8, 0xe, 0x3, 0x3ff, 0x5, 0x2, 0x6, 0xfffffff8, 0xffff, 0xfffffff9, 0x9, 0x5, 0x62, 0x8, 0x1, 0xfffffffb, 0x1af8b, 0x2, 0x9, 0x7, 0x0, 0x7, 0x8, 0x10000, 0x40, 0x8, 0x7, 0x2b, 0x6, 0x10, 0x5, 0x200, 0x7fff, 0x6, 0x200, 0x8, 0x10, 0x4, 0x6, 0x633, 0xf05, 0x0, 0x101, 0x200, 0x7, 0x7ff, 0x0, 0x1, 0x1, 0x10000, 0x9, 0x40, 0x9, 0x0, 0x7f, 0x7, 0x6, 0xe, 0x3, 0x80000001, 0x0, 0x8, 0x8, 0x7, 0xdd, 0x6, 0x89, 0x0, 0x100, 0x1, 0x9, 0xe75, 0x10400, 0x20001, 0x8, 0x200, 0xe9ab, 0xfffffff8, 0x8000, 0x7, 0x2, 0x2, 0x43, 0x3ff, 0x8, 0x7, 0x9, 0x1, 0x6, 0x7, 0xa, 0xf, 0xf39d, 0x71, 0xffc, 0x5, 0x8]})
unshare(0x22020600)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

5m9.724814877s ago: executing program 35 (id=368):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000480), 0x800)
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000240)={{0x3, 0xfffffefd, 0x5, 0xb7a4, 0x1, 0xffff}, 0x341, [0xc, 0x40, 0xcd6, 0x4, 0x6, 0x0, 0x3, 0x27, 0x9, 0x7a18fde9, 0x9, 0xf12, 0x4, 0x3, 0x378, 0x350bae1e, 0x4, 0x0, 0x1, 0xffff06bd, 0x0, 0xd4f, 0x7, 0xf2, 0x10, 0x5, 0x8, 0x6, 0x401, 0x80000000, 0x2401, 0x3ca5, 0x1, 0x0, 0xff, 0x8, 0x4, 0x3, 0x0, 0x0, 0x54, 0x80000000, 0x7fff, 0x7, 0x3, 0xa, 0x0, 0x10000, 0x401, 0x8, 0xffff, 0x91ba, 0x7, 0x9, 0x1, 0xb6, 0x20, 0xcb, 0x5, 0x7f, 0x5, 0x311, 0x66d1, 0xfffffffd, 0xa7d6, 0xb6eb, 0xc74, 0x77, 0x1, 0xff, 0x5cb5, 0x3, 0x3fd, 0xedf4, 0x4, 0x1000, 0x6, 0xfffffffe, 0x8001, 0xc1, 0x1, 0x5, 0x1, 0x32, 0x98, 0x7f, 0x0, 0x401, 0x2, 0x2, 0x4680, 0x7, 0xe665, 0x3c6e, 0x3, 0x40, 0x80, 0x4f, 0x8000, 0x2, 0xb, 0x6, 0x4fa4, 0x80000002, 0x1, 0x8, 0x0, 0xfffffffa, 0x0, 0x9, 0x100, 0xfe, 0x4, 0x40, 0x9, 0x1b, 0x1ff, 0x7ff, 0x2, 0x80000000, 0xffff, 0x9, 0x0, 0x6, 0x2, 0x1, 0x3, 0xa0, 0xf, 0x1ff, 0x9, 0x7, 0x6, 0x400, 0x8, 0xff2, 0x6, 0x0, 0x6, 0x0, 0x9, 0x1, 0x8000, 0x664, 0x4, 0x9, 0x9, 0x2, 0x4, 0xfffffffd, 0x10, 0x5, 0x9, 0x10000, 0x1, 0x9, 0xf7a, 0xc6, 0x1, 0x4, 0x6, 0xffffffff, 0x6, 0x10001, 0x3042c26b, 0x68, 0x7, 0x1, 0x5, 0x3, 0x9a3f, 0x400001, 0x0, 0x80000067, 0xffff0000, 0x7, 0x10000000, 0x10001, 0x7, 0x3, 0x10, 0x10a, 0x2, 0x40, 0x1c, 0x80, 0xb5f8, 0x8bc, 0x3, 0x101, 0x5, 0x63, 0x4, 0x1, 0x10, 0x1000, 0x288c, 0x1ffe, 0x73ee, 0x1, 0x5, 0x9, 0x7fffffff, 0x73, 0xa, 0x8, 0x6, 0x400, 0x40, 0x0, 0x0, 0x0, 0x546c, 0x981, 0x5aa, 0x7fff, 0x7, 0x4, 0x8, 0x6688, 0x45e4, 0x5, 0x7, 0x1, 0x5, 0x3, 0x0, 0x1, 0x2, 0x2, 0x4, 0xce, 0xf, 0x0, 0x1, 0x667, 0x3, 0x0, 0x9, 0x9, 0x37c, 0x10001, 0x9, 0x1, 0x1, 0x2, 0x6, 0x4, 0x6, 0x1, 0x9, 0x6, 0x80000000, 0x2, 0x0, 0x9, 0x5, 0x2, 0x7, 0x3, 0xffffff1b, 0x9, 0x2, 0xd, 0x34ea, 0x10000, 0x0, 0x80000001, 0x8, 0x8000, 0x3a, 0x10, 0x8, 0x9, 0x5, 0x1, 0x6, 0x10001, 0x0, 0x4, 0x10000, 0x9, 0xffff, 0xe, 0x89, 0x2, 0x7, 0x1, 0x73, 0x3, 0x9, 0x2, 0x1, 0x9, 0x2, 0x7, 0x0, 0x2, 0x4, 0x29, 0x9, 0x0, 0x80000004, 0x4, 0x0, 0x1, 0x4, 0x5, 0x4, 0x0, 0xf, 0xa, 0x100, 0x4, 0x59b, 0x7, 0x9, 0x6, 0x3, 0x2, 0x4, 0xbf, 0x0, 0x8, 0x40, 0xd3, 0x7, 0x1, 0x89aa, 0x8, 0x7, 0xf0ce, 0x4, 0x1, 0x2, 0x2, 0xc6, 0x1000, 0x5, 0x937, 0xa, 0x6, 0x3, 0xffffffff, 0x8, 0x9, 0x0, 0xffffffff, 0xbe, 0x1, 0x7, 0x2, 0xffffffff, 0x0, 0x3d9, 0x0, 0xc, 0x9, 0x7, 0xfffffeff, 0x100, 0x2, 0x7fff, 0x101, 0x7, 0x6, 0x706, 0x2, 0x49, 0xe, 0xfffffff7, 0xfffff772, 0x8, 0x80000000, 0x6, 0x1, 0xa9c, 0x9, 0x7, 0x1, 0x2, 0x5, 0x1000, 0x6, 0x1ff, 0x9, 0x3, 0x3, 0x10001, 0xf7ff0000, 0xf, 0x4, 0xffffa5ba, 0xffffa9b4, 0xb, 0x4, 0x8000005, 0x3, 0x4b5f, 0x6, 0xa, 0xffffffff, 0x1, 0x80000000, 0xb, 0x0, 0xc8f, 0x1, 0x7, 0x8, 0x0, 0x10000, 0x57dc, 0x818a, 0x10, 0x8, 0x10, 0xfffffffc, 0xfffff001, 0xa, 0x5, 0x5, 0x4, 0xfff, 0x9, 0x10, 0xfffffffb, 0x4, 0xc2, 0x7f, 0x5, 0x2, 0x80000000, 0xd, 0x3, 0x1, 0x0, 0x5, 0xb8, 0x101, 0x401, 0x2, 0x7, 0xc, 0x6623258, 0xf2, 0x741, 0xae6, 0x9, 0xffffa0ae, 0x9, 0x6, 0x2, 0x8, 0x9, 0x1, 0x5, 0x9a, 0x9, 0xb, 0x800, 0x4, 0x3ff, 0x5, 0x7, 0x7, 0x8, 0xfe, 0x7f, 0x9, 0x4, 0x2, 0x20000000, 0x2, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x7, 0x8000005, 0x0, 0xfff, 0x101, 0x4, 0x0, 0x96c6, 0xc, 0x5, 0xfff, 0x104, 0xffff, 0x1, 0x401, 0xf0, 0x0, 0xfffff53d, 0x9, 0x2, 0x6, 0x0, 0x6, 0x4b15, 0x10000, 0x1, 0x9, 0x1, 0xd, 0x9, 0x4, 0x9, 0x1, 0x6, 0x0, 0x3, 0x10001, 0x1, 0x7, 0x1, 0x5, 0x8, 0xffffc487, 0x200, 0x10001, 0x37c, 0x7, 0x6, 0x6, 0x8, 0xfffffe00, 0x1, 0x1, 0x0, 0x10, 0x0, 0x3, 0x4, 0x80000000, 0xb46d, 0x3, 0x1000, 0x1eb4bce6, 0x10, 0x8, 0x1, 0x5, 0x1, 0x5, 0x9, 0x1000, 0x7, 0x62f2f805, 0xc, 0x3, 0xffffffff, 0x0, 0x7e, 0x6, 0x8, 0x40, 0x5, 0x2, 0xa, 0x5, 0x6, 0x80000000, 0x4, 0xb, 0x7, 0x7, 0x1, 0x5, 0x9, 0x6709, 0x80000001, 0x0, 0x3, 0x8, 0x6, 0x0, 0xa958, 0xff, 0x5, 0x6, 0x2, 0x4, 0x10000, 0x80000001, 0x5, 0x1c00, 0x9, 0x0, 0xb7, 0x3, 0xff, 0x9, 0xffff, 0x80, 0xfea5, 0x7fff, 0x7, 0x7, 0x7, 0x7485, 0x9, 0x8, 0x0, 0x5, 0xf, 0x5, 0xe, 0x6, 0x1000, 0xb, 0x7, 0x382d, 0x459, 0xcad, 0x9, 0x0, 0x2, 0x9, 0x5, 0xffff8000, 0xe0, 0xfffffffb, 0x85, 0xffffffff, 0x2, 0x7, 0xa05a, 0x0, 0x0, 0x101, 0x35, 0x8, 0x1, 0x1, 0x30, 0xffffff7e, 0x1, 0x2, 0x9, 0x3, 0x7, 0x8, 0x8, 0x4000, 0x20000001, 0x4, 0x15294b70, 0x3, 0x3, 0x2, 0x43, 0x3, 0x9, 0x5, 0x80000004, 0x6, 0x0, 0x5, 0x81, 0x1, 0x2, 0x3fd, 0x1df, 0x6, 0x6, 0xfffffffa, 0x1a, 0x9, 0x2, 0x9, 0x1, 0x9, 0x8, 0x2c1, 0x9e95, 0x2, 0xfffffedd, 0x30c4, 0x2, 0x389f, 0x7b, 0x0, 0x8, 0x9, 0x6, 0x9, 0x9, 0x8, 0x3, 0x8, 0x1ff, 0x7fff, 0x3, 0x8000002, 0x8, 0x2b, 0x200006, 0x80000004, 0x1, 0x10000002, 0xfb4, 0xbfa, 0x48, 0x405, 0x6, 0x4, 0x8001, 0x9, 0x8, 0xffffffff, 0x6ae574d2, 0x5, 0xfffffe00, 0x1000, 0x5, 0x92, 0x3, 0x7fffffff, 0xd7, 0x8001, 0x905, 0x3, 0x6, 0xfffffb31, 0xb, 0x4, 0x7, 0x8, 0x1, 0x6, 0x1, 0xff, 0x100, 0x8, 0x5, 0x6, 0x80000000, 0x0, 0x100a, 0x7fffffff, 0x3fff, 0x2, 0x17, 0x2, 0x9af, 0x10001, 0x8, 0x4, 0x8, 0x6, 0x7742348d, 0x5, 0x5, 0x1f, 0x40, 0x0, 0x6, 0x8, 0x7, 0x7, 0x8, 0x17f, 0x6, 0x2, 0x5, 0x6, 0x1, 0xb, 0xe, 0x5, 0x1, 0xfe7, 0xfffffffc, 0xfffffffa, 0x7ff, 0x3e9, 0x0, 0x3, 0x2000, 0xd, 0x3, 0x4, 0x3, 0x81, 0x8, 0x14, 0x8, 0x9, 0x6, 0xffff, 0xf28c, 0x7, 0x6, 0x4, 0x7fffffff, 0xffff, 0x7fffffff, 0xc9, 0x2, 0x0, 0x924, 0x6, 0x100, 0x1, 0x5, 0xffff351b, 0x8, 0xfffffffb, 0x7, 0x9, 0x2, 0x5, 0x4, 0x1, 0x4, 0xff, 0xee, 0x2, 0x4, 0x8, 0x9f, 0x7, 0x3, 0x9, 0xc9, 0x10001, 0x1, 0x1, 0xfffffff7, 0xfffffffb, 0x5, 0x5, 0x6, 0x400, 0x51, 0x7, 0xefb, 0xb8, 0x8, 0x5, 0xfffffff7, 0x7, 0x7, 0x5, 0x6330, 0x0, 0x6, 0xea, 0x0, 0xfff, 0x809, 0x6, 0x40, 0x6, 0xffff, 0xfffffffa, 0x3, 0xa850, 0x1, 0x6, 0x7, 0x5, 0x7, 0x2ec, 0x9, 0x6, 0x401, 0x6, 0xfff, 0x0, 0xa7b, 0x62cc, 0xfffffff7, 0x7, 0x40, 0xa, 0x8, 0x3, 0xe, 0x1, 0x1, 0xc, 0x40, 0x3, 0x4, 0x5, 0x5, 0x7ff, 0x5, 0x8, 0xfffffffb, 0x3, 0x3, 0x2, 0x80000002, 0x54, 0x400, 0x1, 0x8, 0xa, 0xb, 0x7, 0x3, 0x72, 0x80, 0x1000, 0x7, 0x800, 0x6, 0xd19, 0x3, 0x93c, 0x6, 0x0, 0x0, 0xe, 0x5, 0x3, 0xfffffffa, 0xa01, 0xf3, 0x65, 0x8, 0xe, 0x3, 0x3ff, 0x5, 0x2, 0x6, 0xfffffff8, 0xffff, 0xfffffff9, 0x9, 0x5, 0x62, 0x8, 0x1, 0xfffffffb, 0x1af8b, 0x2, 0x9, 0x7, 0x0, 0x7, 0x8, 0x10000, 0x40, 0x8, 0x7, 0x2b, 0x6, 0x10, 0x5, 0x200, 0x7fff, 0x6, 0x200, 0x8, 0x10, 0x4, 0x6, 0x633, 0xf05, 0x0, 0x101, 0x200, 0x7, 0x7ff, 0x0, 0x1, 0x1, 0x10000, 0x9, 0x40, 0x9, 0x0, 0x7f, 0x7, 0x6, 0xe, 0x3, 0x80000001, 0x0, 0x8, 0x8, 0x7, 0xdd, 0x6, 0x89, 0x0, 0x100, 0x1, 0x9, 0xe75, 0x10400, 0x20001, 0x8, 0x200, 0xe9ab, 0xfffffff8, 0x8000, 0x7, 0x2, 0x2, 0x43, 0x3ff, 0x8, 0x7, 0x9, 0x1, 0x6, 0x7, 0xa, 0xf, 0xf39d, 0x71, 0xffc, 0x5, 0x8]})
unshare(0x22020600)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

3m11.515824967s ago: executing program 6 (id=830):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setaffinity(r0, 0x8, &(0x7f00000000c0)=0x3)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
mount$tmpfs(0x0, 0x0, &(0x7f0000000280), 0x2000001, &(0x7f0000000140)=ANY=[])
clock_gettime(0x7, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r3}, &(0x7f0000001c00)=0x8000000, &(0x7f0000001c40)}, 0x20)
connect$unix(r2, 0x0, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x80006f, 0x81501)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000002bc0)=@newsa={0xf0, 0x1a, 0x1, 0xfffffffe, 0xfd, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x717, 0x4e23, 0x5, 0x2, 0x0, 0x20, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@remote, {0xfe, 0x1000000000000192, 0x9ba3, 0xffff, 0x8251c, 0x5, 0xffffffbffffffffc, 0x4}, {0x10000000000009, 0x7, 0x1f, 0xfffffffffffffffe}, {0xfffffffe, 0x3fc}, 0x7e, 0x3505, 0x2, 0x1, 0x0, 0x20}}, 0xf0}}, 0x844)
io_setup(0x8f0, &(0x7f0000002400)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f00000003c0)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f0000000140)}])
eventfd(0xc4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
close_range(r4, 0xffffffffffffffff, 0x0)

3m3.896642101s ago: executing program 6 (id=840):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x20001, 0xcb)
io_setup(0x4fe, &(0x7f0000000100)=<r1=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102384, 0x18ff0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, 0x0, 0x8000)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
io_submit(r1, 0x1, &(0x7f0000000400)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x40, r0, &(0x7f0000000200)='8', 0x1, 0x10000000005971}])

2m58.387734661s ago: executing program 6 (id=849):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74)
openat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0xa41, 0x23)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006380)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f00000000c0)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000000}}, 0x50)
syz_fuse_handle_req(r1, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x68801, 0x164)
lseek(r3, 0x40000000f4, 0x4)
syz_fuse_handle_req(r1, &(0x7f00000041c0)="f621f4eb6146c93d9fe08e51cc04179d11775bd9f38d5d62c5e1e0a04e37ee307ec30ca4dda6879f79bb2ff531d2e7ca19ad666a04249b95984419108f8a2a7c5e0339059175b5cfdc80f407344f70a314b25d0ad85947956e72b6110b79b00dd4a5a53bdbfe7c1c302ad9d6efc9c4645b33fc4ffed5f91a26b1f6895a07802a014300384bc64f92d9fc246376725c9ecde9d48f22c69cce603044ed7f6be3541089149d1ae4551244ff2f50ff1fc87e727af99f05bf851059e4bcf1ea69fae928c459321ef970050cd5a11b81f4d1c8bb2fcb84e0fac103e08b9e4b2c208fcd817db0ecdddbdd2134dedcdcdc1ed8bedc41e46801a1982022412a23ae9878b2f2a481fa81b329901e92bc48e49d4f27b75fa41a02f14faeebe440176d8b33b62aa81347979acf5a34927aa9fbd90dc176820ebf6ec985f5006bcde714d1847c94dc9600ae464dde58f47e13ac897334c07c7c7dd87df82dcf3d46326fe84c011ff2da1628a8d33203be2fd9324203556c61bd6e9df4afa6c45b82733c6acd51b9bead3fc6f6e800fd35c15451990bfe6317c2b06b9810129702aaad93d8a26f646101bce35e8c823423e67448d4bd0b925ec14229761d89c1d07a86e796b40904558ac72bff13766963a13584f99d708faa0027ff19511be6d9c91ded47c5187983262fad17185fc1961c7a207f28e3603106e6acdd080b7d179c8df433332a304920e23e3a790a102ff44c6f4b1af41eac8019b03779f85c5fc52938fdaa76f9c0cf59a4af8be5dbc986bd1ef23d990f9689ae7b8d2760dc2b80a2d31f581cf586e7c41116593b4a4a6597c3dd9c4706528b9cf7d03a39409ebebcb28d17c500c4931a8e50d9d2205c9aa8ef0f20d0f7acaee7ad0c549913e45f7e112072821979069b1425932862f451b3462335e6fe1f29b263628b8145164650de7b156a029c1c53262167ed928c09dffd047cb622c16bd9152bf4fbf5ea34f1edf9e292b137999c41a5934db39ba66950abfa0f3d01a5889d2519392860edfb3c04249eb490e24ced4eac2b570a3c3f9049e593024e1249f549e6799005839be603d4386d75ce21ca01f04c0aad689cadbdb2a6a529e825a2c34bd3efcd21deb66a3543b878df9e12203d86cefe7a461d0ac666a5c545af5366b26c707a15b2deaebfbf17c083668958af5b3fb8075cc0abdd355edaeee866aa367c7c756d142f3b908eec874d0d4f216059ccfce7a25902b4cf24a4df960bdefec4b66174073423c54b780af445827d67882b8e8d5a581ee2e90428387565991a94932fdb6585caa0c9c29520d7f8b140e475c329f2da51afd5e67f1af4d01e4f372ad8be79c749059ca8fdd89481e85df7b925c46633f04e4ef36fa53791f14c57a9350fe2d41dfdb3ceeb406b7e8525176fe9b43e94480388b576414de4fe60432d02b8d01832b84af4030af5a782cc1a9c767acc70a30f67962eb8f897e78ab21c84344f3261c6b7fc2ff11424b53ab4379003a5d853dbc5edb99fdeb8647b235f971b688de32240e9cbf5f2c66bc673028df43532069120f01ea62f4491642d73dc46fc90f4d50e7e7ebd2c23e0b547ac71c1dd5f4930af3b6ca0fd45c919bcb9912520a00479ae8ff4fd834596c3d98d3d1f92fa71bcd5e201b96fd3a9dd43b4ac306079b03bd86febed4a8bbfd565def9c69e432212a61c4e3118a733ea81823480dc7ff116b09a7999a945aaf06f94c480ae89e819fd4857e485a0d58171db18a3d687a67267c7fa0aba5c251aae4cfae956060904fcd3f79da3ce0a066b2db53a92baaab20625d2c9676f4cebf2cf37e1b6d495e8db0c60dc20219b7ec105d16867c65236c19e30cbfa9d2a353e4ec2ee85fb2d7104b9a1b88f393eee6214248c3faafdf18f55cf068c2c648fd32e9bd7acb17377248efb15eb3cade556798629da39073fff96bf3f703035dd6edadb78f3b9439a7a3866a45ff06eb3a514cd4f7848958ce8271b0ab31d8350e8bb34d8432a666a1e73d4a450e9f8023453a2f0fd41ba31d396656842c882041dfcbc08f00b57e599b25dd453f5c23c52da4c0ef5dad3b1fe2e6a5c8139088cb67d6ad6d9df34c13b54790fa588436ea7d108ccb5d14f3392073c9c6702075eadff6973fbf46a8f778f006f705477b9addd27606e21a6d3c691f4cf95550fee7c2e57a715e46a80988540c79a86be8316ca8eb1a8ffda3191d8e4f45d087e9337e7c9389c5714a1293044685cebea82de735ea5c3a2f8e03feff90c36145e565d4cc9622188ad85a706961cea8a8ca7bcd6e76cefde6abd6c2799f1bc6d08c781cdf352997e496ed62d4eb7d658bbe8faf30f2aaa5580fa96a9297bc8152a23ea35177328cb235a79a2c6f9c21799a7af80d79c65274da753ea68c76abcb06b04c148d82203d2db22f13c94add32caf78f942b999e4e16563186f8af733aa09e8c39b296e3e0a82ec6acf67a14b53c44547a38b77dd58e2503052fd553b4c1cfce5f09bc7278e251593c0ac6f10e04b135930c9edac3042ff627c4afb3029dc98a7a4c6a390334df015c30c76c93f9071b0ae342707fb1a1b111fe90c45772e18da4b3c3a9019d77ae8bd6a94328aef6f508a9fbf43ca7c68243bfec5810598ced95db4abcca6f4b4378c9ddb411bca8313875c1ccb3ab4ab7acffe8c36767f77f4b79d4084c746cacc04b91258eccacd53365a18ecb40a0d06f94955018df936bde19425d8c684b43761b8b407038d380ec2571d25bdb2af48a8532626a76dd64b57834ed99e72354fff530317a106e58aea23112a42d271e230acc5e2b19a8953713672dd7e5c9ecabccf7b66e6501db613147103cbf3aa07748285259b3c80791fe7b5dd47775625d4a2e74d3e80709fd5eddc825862bb7afc0374f215fd47cf6220d54591c9f55c37d040bd6c7bb6e5b599a17741317b5a7144467e55f60ddc8788135cc8366e9521c47250b31eff20a7000e8ac4abdfb785246c9c9137efd8c4869429d3410c6994ab523c3bb376f639cbd652a06d86a90622f2ea3098f8dbba9c41864cd339eb426a854aba0d4a05a5609d1bb6581eafc061c191eb24b1978bd2b22d8dde3a526f56353f836c6d9462a4371eb90674ad440000000061da0170e3dfcbab65b8466593ddb3ce6443bdb74762b8970a9ace40bcc10bdf23d4d8dd84a25a9818ffc099070580caac8d987e1c8bf3d81406c74584e4a589d185352a3be0945d44967001379a1fcc4bbc5716850e03859b61beec3f5f97b94342b977f7f0af5d7b54f70ea9d7a1a18df78a89fc05b7abf4e264e72f04ebc7553f520e23d8acfa2e9c4bc213909a439b3eb067fe656c3f1867c0937600be6cb003efbc6f279dafd93fa063f5344de7a4911fa2b233c56bd2a489b48fdc7c18d45a1bbddd5c09a0908349b67deb327aa249a710e2a33ca068e458d54eaffc78d2679542e0f1b7f23041db1955944c815b743c374a157daaf603755034d73ad85246ca490e71de136d3d014b1fdae8dde174615e8daf197f57df8844f1ca54324558fa5bf8cb29ff61d79e875215add6ac770a33f6715764a51ff909ef09937a01696f2da4f551788c4c6880f98ce733c1df478c48619d470c8d3ec3275e428ca29613e3645fad75baea6111ef57009e9ece2ddc89213281ce5d84a4d38c893c2be069c0fbd9841349bf9e336295eb3be50c52668026a3a0a43511ce47392bd6c4155e971ddcade3953d3b637ac33f3edd4fd8dc99f180ff6a533ca3d8e7494b2f74f34077f7c48f612fdc5af44d48f7cfb910b55e549e3b1bebf58efdfc4128877fd02f243e6b730ffd061d479e631b78f30f96516bb563d2e8c6ff86f22583703339c3cb74e8bfb75f9821a37013ee4f4980961f61124b991744233d090b81d6bd2ffe9f13fcedb94221f3ca3c84e07c4bfe5af81482811d10970049e401d1884302dde523fe369ff78e4f3e2f8c00e796cc1464c2ae57ec3990014d0de9490dc3502b6b140d030053f2d2a1da2ca6cf604e5a3d1df6b810892b1ed3fb36247276abb27fe4ba4b818ef78ca9545735cac45f864befb1991a11042217081ebcc11a368e471583e83615374868660576921b2be4a621614944532a7ac2127c828196c7d0cc494efc536262e57a7988d742b9fdef452ea2b971c5160b5edf159e3621c8338d0b4fccd766ad091e973fdc6738e6ce95907d84dad0907c1e050b141e67b07ebeee1a8fa2724bbb34d3daca1590d5ebf691e0bb63401328fd1f89e8496a065df32901a2cfe3cdc10f7083aeca7dcd11a2dbb464d1121870a3c6b55748128edf4cb006b3c3f92aed9495655c46c47b4df263cdf53a1448c2277908df46b2e0db8542d51c95ed84afdc36eacbbe6f21ddda859464e28998e49cf50d72ffcabb4726661c588faf117e3380d1e39b7daaa123d649606a7a98e6953dce589f39f1037b9d673de58291feafff3be09c09a77fefe55d907575d95ea6abf3a80da6f68f4353961c33a6651ad1c3b11a50ae7250f2ffca1d59d807367203b5b4b8ac7af9c9ca42eb780ff979a0491bfaaa8988495a31abf302e935f5424a6e03f1c6d004ab437412c215340b3f5d44e863f74349703fee85e2de1624a37e1e093e08d04de2bb2041ea3f9b0876461758a1591f65b291641d8ec471cabd50980b2d9aadf1500e4fc461d7305f0f07e12d4b57a9df4a0113d99b89f9b0dfba19d68f7f8846c1db228455d236ec323a675728c648ff3c988e6f33d911c2b8e7b8c088ee6dc0f1d6724da7047d622021d68abefd24b45ba9e8396927af5b62345259279d5a8fc5220de857f9cad616223db6ee6b4e55c529f553777584df0b984949a3ec341393fde85ee367477a39d351c2095c0133ac3a0ba7a65ec4381508e72491fc61f235ad4b4cac5065b18bc93980781732c6e87a635dfc7c321181bf06dc15e117cf5edd1ae10939319d5c47c0011f1caa76250c8cb966ec8ff61ebcdfc57f2bc81092bf3b42e845c4909e2c5561c33bf8167c85749107014bf9e88be44e796a8cad70015e3c843ccd8f62fd2c004314694381cd922994f2544e651b1b0094fbd668ce6590b54be7452d84b9852e66656a7fd7a29686c568fa340cbb22b0c22f243b293d3a5d52009b20323c96823e55ff0f9ca63a4460bf752028d6791e9c4cdc7164625cab32931444f1c791981ea2eb4df3931747fda0bbf14f1e028368ce46d4979b458b41fb256016f66408b8c5ca0e992761cae77b4be3704645508cc4a3289ac8939b56b7ddf7b9e7eb83a13b9e84c97e0db5c74437faee5a21d8b9691aad644fb749df8e7be111bda0a2e5bcff0f00006e8f57e298d8494ff0cea816aceecabc29bf5fcc0761bacfd73074f17cbb0f5ddc941aef7c369453e00d0d3e34c2e1bf70eda0007aeb4303868ed702b3e6df1bf56125b9320fd9d0011ec695f81486f5e0553fc8fe94aca9047ff7d84546a7bdeb7394610be8aca2c3c33737b34d3af8e381c56071707a2314c40ae294d6cd8d5ac922c3cb5870cb47c31cec46501deb6a9c1c901f84270903c475462c2772773bf8352b44f4fe0a9d2118a6e9ac2915186c19338cee2cb7752b4ab1ce836c250a786452bdde48ceb7ecf62586bce50c7509cf65dd6c0547d0044eb178ffd18301fcc205133f2c0c411321fccb63a6d66665ae911b4d1d2b11104408bfe0d759a32ebf646e877a5b06438f1ad0f4049c1a51f79e5dd1ac9a12f92aa94a5828d663cf1e23041c69a1f4682cd5e4b1685aa989e57fa107ffced3592540041c3c441c6d69d212fcab49e09b70efd212c4f9fdfe9b57568f579ad1203b718b3e2112ae4742cebf1d508b6f83aac0e8d805e3ffd3b958f2a915010486ff304e2fd2af89ea82105a59fb5e728e2f968f04d72bcade06ef532d569dcb8bd8862fc81eb015ff8f71de84a0430998c04baefb8c032d87df7a59c8ae833904868326c14fc09bded5146799aa4f68385a6eedf7c1a7835d790072f01adf50f542f63522621f50d5c9448506427e656d502b22dd612e2e3490d7490407bda55fb50c49bef7be1d64066a836b6b1faf7ade8bdc577b1ce5e42ae4c5847dde63be085928691c666702cd4382ce18f1eb9ebeced1e520bc71ba87fb1bbe03542595a4cb5aad2f761071ce1c7a8f6221a78dc23fee696cf48efcfce5b324b94bebc658d1f687ce328954e13330a0df47697a37e75f55fb4ad10e13492f79ec27bce475277cf735e27719c3358f87fdf50f12c534f22fef439c29ebfcfc9d5d82ed4a90e27d6f20cd8df09738ff2dfe57bb929ff19ab5befe0654c88d058a2ea4c20170069256b87776c1e9eb63056b7147713b3ad060b93241613f4784e2bcbe14721aee44ba851b70a5214458e3bb62a36de28946530ecdbc6d66e8c9ad104642dbb47d5294559d266460d4cc480fa5debd069fb972d40f2a37979258b022e14af92bad0e487d86954a37e8c30d5334ca59e48f160d7592703767abaf8715e9f6395037cda36822b834c09a3b47ca45684691702e008396dbbf02e96998bb7331eb95821fc5c30f234d606a6c2d7fbf8f7ae029c6fb24e88480f33e05dc3af1419423813f882c5f19f0311866991be190e9b959d8e452df6c5d99643d8f56d14f3453c9512f740bb106fcfef9a8e63e1d5e3962f442681ecb2848eec756c8d078f6032b30bbc76d46482388aa56169d276cc258de9839b74b2f1adb9578076ff80f421dc37299a080402e4c4309aaf31ce650fa76957471ae8087ed7bf31151640424cc4bde446d69f019de03276278df97822406deba9c7acc48a965412c6008326fed004bff2b02ff8b19a46818a5cfef00e30e4aa9d8deeca42a0d5019b1792dc668397bedb1f2057b57466472142fd19757480b0a9e420570a41e52db2f26bea1fae1298655d5b86bed107772d99be2a8f34d3225efe90ce37e98d40892e2618beb51c3760d1dce2590ff63f56660449d19a0ec4dd669ee407635b41406085b62503a7a14f49fb0fd5f11744133bd230207adebb022b2f4d204762f30eac275f172ad5c798ea69e314aafdd62802b06997b59915301977ed3819c943e50147ab1d10e65aa63936e1782be7b95b958e6ab6c09c06f37fe022e79dc25871913e9744192af94a270063b198d6d8ec610630a7895d9e4cf9b0db21b4e09bab930570e440df142c007ec14bae59f118d1a3b74d12c47d0e1e8c014fd3493add32aeb60a50453a38d94408f120c96966cc046ea34ce22459bc13848570bc3b60769ccf7fbb71cd752ade8e32dabbd0b4e0335e9d99274823678b6036518bd85ba562177f22a36f533431ed73d6227ea160874d2c352fc73fd2206c45fe0363098cf82fcd2d93b2794a1ae568708a6e3148a9e37225324e4adaf12e2e9f5949307f6cc464f681857dda172844de49ff52b0eabf97266eb6155c998e0c66d311cebad8a1f89ad71f8ec1d780ebc3bf56c23a2f3e70e6a73a239b965bd4cd588ccc42d6497b26807ba171d3c208cb23f1ac98232b59c898177eb6a407e311db89d4a8d7ea9529c1d843ae639351fdea7e852f2e7a23e5fe987bac777e55b5d6f09b49d5d583843c6e85022170d5707de86c9ba7be6d73b79c5520d1b2e0b051de8fa70e4133613138faf8bdb164c7e6e3b969fecf1fdd972b8521ff691496ed81e13817323e92491a0843603d0a7cd316255aa5605863cd40fd320e749e48d7bd96344cedd0b3f4005000000000000004b606966da45dde3da6a9a125374d9e4d509d32b99184bda79b9651afff260676d2ee99ec094818e0741ea85f01d21ed32d88d99964b36dcf97f24ef28df2962987c2f4ba3c076fa4861da5eef44714ffc747e054422887f6742eab7c4cfc017bb8ae82f6c449d182a6c0cf04097bbe229dd3f74a562f902101e8a9c8a2e0f7f39c85027fa02e4ef1e1cb8b9bbd1b31cf7fccda3b8b1a3094d1a29dff9a3d6f229629b49c962f9b2fde6535090e97d8ef89ab32ebc7886cf1b35584835bc7894e4f85d7b5da80ff7e32bbc3ef7655638276cedad30ffef1b32bf3f33b177e88065384ef5455030f57389454a01043b7a058d410bfc09dadf62a314b0f9557a23e89aaa2f02ab2d84db6f9e4cf569cf7a59b42d60619261b53687527d3fff31e532d93fbd042b8dcd10f270688018b0e622c3506190ebca76c14a60c1c252450c033a4d5f5de948aada1c85e94e09165afa67ff2c1d7dfc9e8fea1030e5f8ea54648613b52798466c2c1754cca0b963541eb1572f7fd45df5f6ccde903d2437b10d378839e60b4e5b58dab66a62f7602b6be65370b1a774dcdb3c95c776f6c720409af0b4b1232446430680e72bcf2ba3b756c632fb3269b3ca1b2374dd432997587acc69cb46fafeba8675d77a527516de727606cefac59431c964f25ed50c3e8b195490ec90e876d6fa36258e0ee7f2350396a72d8816194695a152a208e3c244bf0827e237839f326fbf42bbff73621d597fbd6515bebd33674ab59874d80b10f9a01e5e3b041a08557ee4c7aed750f9b44d62a629bd2e5247f540104d4a123ccc1a55e8cdc0d94ae132a9a54fce1e6f48092a6a9c29f610debae3f4115b61ba64cdd971fa60d60829fc64a4bedcc05d38b1acce7372c026923254be0121d182084f18c300626537e151cfad5f1269899bd11f841de847da7dc9df4a8b5af8a89a32f63127a2bd3eb69a840be746c395bfa034d63aa38b882ebe44b6ebe6e72d9f863377984b931fd60b640b9825537597ef72ccc4480a1c4523ff0589d2aede2f997009b2e9e4b0e9831fc412f2043b58bc0c418f9a359100d930c865011055d04c6009263b13ff9ae6323c1f97db5df8eec4a069079fd58ab8f4ff3494585a7bd4dd65750dffffffff421aeeadff77fea6d11d4d5636da4889305cb02f3d8948a992b3d71e30b89792f7454bc850a07dd8175fc2ad227d5e912cff1f72b7b919770cd598200566ae2ab04dc38cb516e8c42e6cd3b0975e5ba73c64d6a30f999cf6b6d75c4182b296fab26d6ee74395d36ae0038e7724af97a21321f26b15a4d6fa2f09cdc7c264606617e860e65560a8c74f742dc532a74fe67f7df63cab4aa874c8cc1da7d0a3ddfa5efe1a40059885ce0507d48e4260fe674989424a338bfdd0d67d1a1fa1e5d2af86f766b53d95319f4a187d8fc52045b0fa168b33329f2b0c6e3065d6dd3c11e705fff409b8671c03479273d9062f230ec37566b7ef562a61b90a9a67c2264a613347744a72cad181a2d72b093e6b4ce30517272d3819cb8e926106c42d31116d183f43a265411fefd71ac9f165c659ea34ff280e0c10a8a4ba4ee262df923ca14d2b7381901038d7dc229355546db164c32525ce9daeb707226970eeb9ecdd406feb3b269cc3e6ff9cdf958b93caa8d70bffb7812310af2852aec468c205e2414762f011db5ead0065cb33c4d8a11e445b2944c2a0b92d82384ad503ce5ca4b48b3e5ab699e4fc55433b3fddce62d531b9601febc20ee89d92066a39c523b1cd15a89bacd3ce5d1d55f36562fa1faeb2fa12515e5ed8c728d071bb3ace7bbacabce15d4fc8f13f60e3a9d3f15e0cfa569df1e6db3757ee4f7ae0de07f9dd3b87195c9ab92c87459c2e7e53a58307494a67bc192328a263428b55c00fb928ee6ca717092c6891d6d8cf22fc3c562d0b42367d4054f7358d7ff9fe56ddf1ffad8b265496046b05fe6d44245581376a4a31a081bfcbdc0be5153c522f353d4513f37eb2d325469b5588256fc0a7c801760d9c1f1b79afe46d78b274fec5432b5c9f1d56c70721a1e8c687155ce7e620970e4066d5a7caf5d6b9d6fdec382a87cbcf911eb5f9d8887d5cee0cfa6c622a04e01862e1694f36dab22da07cc190645d879e284762809678c9a1217e8ee95cc5c4ef0814b150aac88c2622bb28c75a85c69a5bf8a6be069f179cfe37eee21e623a47b31d099a7166082c0050a4953b065954b831ec74bc26f4564f6e2167f74484105ca6cd452a581b1a499ef58a56b7cf41cd7256b95a41ae5b08e58530ffd9e882324b3bcb939d450835f8da78671510412a87f8bc1438d5126dd85c0c140d70008c0c865b9567b878df8c17a882cb7d7814cc3295ae8d88ec675b6da08a28180aa6e00b3e1129e8ea2b34eed8da6e8e4cdfc280baced445937c65648c9d15919f4565d417ca45a31569783b7922c2e53ab3e865b803ccb3db695340a5dceb8ff4b7ed52a88f90a0c65efab4593f6a73cc54887e2d36367792c22c108c383c688756aa6b7330becb77658a4094cc9d0d27df19ef0ffeab2d575ae793c9e59ee0f0de1d985fec89d7617202064a87d2ee78a169b7ed96c7aa436bdd1e066a6dc0ba74a4f4fa5c59b8fac189334418c5592dac087a9ba348ad0f80ac98143909b1e2932cd02e8183121f1643b301ebc996cadf82132d0bf480eedc2757e673beb2022806be4faa63b3b5f174d239489c27cd9b46390da0329536cc85101ff1cc333a9137f5d5f9f018dead7715968ef6cf3014d2489d15e9f90ae6678a1ce41ca40b8d34bab5484ecd44ea59566339293be5364ad1da16388ac86bebb0a5c4536267fa7ec5719e1809050a9e9186b9cf6a42c8dc33eefd18b5108606c3b5cf4d0693e7ce38639baee8ec91886f3be8d859bf4f5ecc0c5bf745e1d44c70612bdade74fc87e4e4e5b7812b4493121b95b52fffa5d8f521dd4877e45cde64304f68eb505a0bb9eec849f44ac02d6e8363f20ce901d7258a7225fada794f72900addb462415d5925642f6fd0caa873f29affa30cda39ead7ce982011570426d163251149e8e91c85941320803f80bc93edcd136b33147a7a769eba022412dcca7eccac8374698c6466bc4cded5c20f66d6c10e00ade8f14f16a74b21c333a7146f7779027b509edc3a5af22f03c1e0f231f55ecf9385f0ceee1d603b1c46666b71aa2ac8f1bda56741ceb06a548394337142cb77332d1473fe26057160783e1baed1da1022d41b4518e602e04475df9d245d99e65567880738e1426552f5140d5079789f2424769652fe0daf590fc592231115915c613fe7b19892eb7f8538ee0625aae6edf88185b17e0ed6df1037a49ac2343fd9d939ef243fdbb776d0baa6c0cb7a63936d4a55493d9d6064bae33e2e1704947b316c57d09287c9b75e7258917bef82297299d760a6f992135d4fada4529eb2b29fd7b34c3e578c5e5e872701ad87870f280ed7d42f997b8b5757f58fd8fa598cee052fac13cbcc8a6dd6487087a3a12d7d1772d329c66265773492de054159848f7da9d0bb48cf565aa753b0e4f786d651d59a31a1d251afee80ae079878c50e2bcb4699d6057def64a28500a57c5daf28020d641705b2e8760ecd117e02eee36a71302f11f0e947ce91c3bac869271a101dd15506252cbfa9594e368c5faeeaf5fe8cceddc6789b0ab58ae685780f1022d3dd00ba9d9d8a100bf2be706772c320e77e9d668e95dda2c507f1a0561b0d113cd59e0d2c6d3fe60ba27f1a8bcac15f7aa54d8e1e71acd41b0f190c8b001b6016520f51becc5cca79080ec07a955b1f00", 0x2000, &(0x7f00000001c0)={0x0, &(0x7f0000000180)={0x18, 0xfffffffffffffffe, 0x800100002000006, {0x6}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x200010, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
sendmmsg(r0, &(0x7f0000007180)=[{{&(0x7f0000000180)=@hci={0x1f, 0x0, 0x2}, 0x80, &(0x7f0000001940)=[{&(0x7f0000000240)="32d97fd25deb5e45259603f494f8b43451682a5b2ba7817817b129c8a67441620839d98d1720bf06c909b093855f20936555e773bd71950b3df938396818b540919b0af9763f39376908d473dbe466d69293d79f80d44412ad19cd29bfd624810c1d77e35521dac6bf7008403848f37b40e0186a7138048bd516aa396e", 0x7d}, {&(0x7f0000000300)="b9129791", 0x4}], 0x2}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)

2m55.715756141s ago: executing program 6 (id=856):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000140), 0x21c804, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdn', @ANYRESHEX=r0, @ANYBLOB=',wfdn', @ANYRESHEX])

2m52.330502902s ago: executing program 6 (id=864):
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f00000002c0)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
r5 = dup(0xffffffffffffffff)
fanotify_mark(0xffffffffffffffff, 0x1, 0x8000003, r5, 0x0)
r6 = socket$nl_audit(0x10, 0x3, 0x9)
sendfile(r6, r5, 0x0, 0x4)
openat$ppp(0xffffffffffffff9c, 0x0, 0x40082, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x804000, &(0x7f0000000180)=ANY=[])
bpf$MAP_CREATE(0x0, 0x0, 0x0)

2m49.157131668s ago: executing program 6 (id=869):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)

2m38.468495263s ago: executing program 3 (id=888):
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x49)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00'})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x20004000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket(0x10, 0x3, 0x0)
write(r4, &(0x7f0000000040)="1400000052004f030e789e7e27286d000a4149f3", 0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="0600000004000000101000008900000000000000", @ANYRES32, @ANYBLOB="00000000000000000000d4890000000080000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

2m37.204384145s ago: executing program 3 (id=889):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1038, 0x1410, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x8, {[@local=@item_4={0x3, 0x2, 0x0, "662a6f18"}, @local=@item_012={0x1, 0x2, 0x2, "cc"}, @main=@item_012={0x0, 0x0, 0x9}]}}, 0x0}, 0x0)
r1 = openat$incfs(0xffffffffffffff9c, 0x0, 0x1a10c1, 0x9c37611dc13d0db7)
fchown(r1, 0xffffffffffffffff, 0xee01)
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f00000002c0)='./file2\x00', 0x3000812, &(0x7f00000004c0)=ANY=[@ANYBLOB="71756965742c636f6465706167653d63703836302c696f636861727365743d63703836312c00808fead042bd35dc78f7f06333a5e7165b8271e41aee85e59cbb6c2df3d4e5c16b06c73f2e3b348a7fba46e286378a15ee516bac8d4813c9c3d9cee1ddb95d1bbcf504e065b3749a1cbd841e685a558598cf0db10b55885946e678d0a71877037a090000000700848879ef1604cadc1faca3aa22a576750d559c4e124d4cb7293e7393b77286fa8c6dc449eda0a03d342382e84d6d3c29ab95cc923fbe25e134d1c421320a3bffaa17fcd6b5178e322cc47133b3811e3d3bc34998dc7ed029834ad591d9d56c41063d8de2d50a2398e73ff2913a9fe8e954a4e4ca99ceb5737e57193c5f47fd63b16c8b34f256dbac0e5ebd009078df2cb1ca1051ad091adbfee5126d8a59fa5438734bc3e8cc7b7edc10716a0a9b711952cdf96586e06fbace21dc04bdb4a1a2072ce5f72cf0", @ANYRESOCT, @ANYRES8=r1, @ANYRESHEX=r0, @ANYRES8, @ANYRESOCT=0x0], 0x11, 0x2f0, &(0x7f00000019c0)="$eJzs3c1qE18Yx/HfmaRN+m/+NX0RwWW1oBvRuhE3EcktCOJCtG2EYqioFdSNqbgS0b17b8GLcKN4A7pyIV5Auxo5Z16SSSYzaWkyDX4/oE5m5pnznMzbcwJyBOCfdbP549PVX/aPkUoqSW+vS56kqlSWdFpnqs92drd3262trAOVXIQOfBkFkWZgn82dlvt3L7naxrmIUN1+KqvWuw7j4fv+jZ996357BSWDwri7P4UnVcK7022vTjyzbHtHjOsccx7TxuxrX8+1UHQeAIBi2ff/XlD42/d8LazfPU9aC1/7J/L9f1T7RScwdn7m1p73vxtl+cae31NuU3e854ZwdrsXjRJHaXmm7/OsgkIyUWCavFGly8Wbe7Ddbl3afNTe8vRajVDPbitxCyF7heZku5oyNs0wQt9NakUZpOXN2D6sD8l/+YgtZhgYviVOiPlivpm7pq6P2orrv7JvbLYu4XrfmQryvzy8vXkXZfdS+NhoNBqeO1Bk0TVyNnmmcnpZTR+RKPpiF5X8gaCel6eLWuqLCnp3JTWgEkctp0atR5+GtLWSiLK9ia/m4VmOm3lvbptV/dFnNXvqf8/mt6bMO7N715i14EZz33jQn9n05srumPWBN0dHd2rJNfG3WBmW+kH2Mw0jiM7hO23omhaevnj5sNRut57YhfspC49r8ZqZN1LqPgUvqNNdU5HvDOwcPQMnmdjFYz2gfX7k7mzvsol0cKxXgrwTcmkNWWh+HdeF5FdOQgf/L/ABhUnqnvSiM0FBbN1lgvGfq+TDet8VCvavW5XhdXpUkKWVbK56D4/o2xo7HgFVE/FLbum/ZBmdMzaYD+uYlHFcR6ONuc5dkM6P3mI9zHM6+K9ydjBNfdc9fv8HAAAAAAAAAAAAAAAAAACYNof/HwJzh44quo8AAAAAAAAAAAAAAAAAAAAAAEy7eP5fRfP/arT5f/unYgnn/60qZ/7fjcEcBub//bAj05GY/xcYr78BAAD//xzCgK4=")
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
syz_mount_image$ext4(&(0x7f0000000340)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000380)={[{@data_err_abort}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x44d, &(0x7f0000000900)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKRNZrzjzHx3d+zZGTsBDKyx7EcSsTkifouIkUb2vwXGGr+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi2ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmWpnRS7WND6EolIrLTNZT3/5GoxIalfSPx8qd9bRywpur1er3d+3PhfB24hyXR7xYA/VG+0Wf3v+V2m4Yed4TLhyPeP9iI/1qxNfZUIy3KDLXc3/bSWEQcOf/3l9kWazQPAQDQ7LvDEfFcu/FfGg82lftfsYYyGhH/j4j7IuL+iNgaEQ9E5GUfioiHu6y/dYXkxvFPeumWAluhbPz3QrG2tTT++6eex18YrRS5LXn8Q8nR47W5PcUx2R1D67L85DJ1fP/Sr5932tc8/su2rP5yLNiQXqq2TNDNTi9OrzLsJZc/idhebYk/l0S5jJNExLaI2N7VX75+h3H8ma93dCp18/iX0YN1pvpXEU83zv/5aIm/lHRcn5w8eGBq/8T6qM3tmSivihv9/MuF1zvVv6r4eyA7/xtbr//cUvyjyfqIhTNnT+TrtQvd13Hh98863tPc6vU/nLyZp4eLxz6cXlw8PRkxnLx64+NT159b5svyWfy7d7WLP81f48oj8UhEZBfxzoh4NCIeK9r+eEQ8ERG7lon/xxeffLf7+JeZle+hLP7Zm53/aD7/3ScqJ374tvv4S9n535endhePrOT1b6UNXM2xAwAAgLtFmn8GPknHl9JpOj7e+Az/1tiY1uYXFp89Ov/BqdnGZ+VHYygtZ7pGmuZDJ4u54TI/1ZLfW8wbf1HZkOfHZ+Zrs/0OHgbcpg79P/NHpd+tA9ac72vB4NL/YXDp/zC49H8YXPo/DK52/f/jPrQDuP28/8Pg0v9hcOn/MLj0fxhIHb8bn67qK/8S93wi0u6fVY07pPF3U6K64n9mcYuJdW139fuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+DQAA//9X4u4v")
syz_open_dev$vim2m(0x0, 0x8, 0x2)
shmget$private(0x0, 0x400000, 0x184, &(0x7f0000c00000/0x400000)=nil)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x8010, &(0x7f0000000100)={0xa, 0x4e23, 0xfffffffe, @loopback, 0xfffffffe}, 0x1c)
shutdown(0xffffffffffffffff, 0x1)
r4 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_LISTEN(r4, &(0x7f0000000200)={0x7, 0x8, 0xfa00, {0xffffffffffffffff, 0xffffffff}}, 0x10)
sendmsg$NL80211_CMD_GET_WIPHY(r2, 0x0, 0x20000004)
r5 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0xa2)
open(&(0x7f0000000080)='./file1\x00', 0x1cf542, 0x60)
write$FUSE_INIT(r5, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="61636c2c63616368655f73747261746567793d7265616461726f756e642c6461782c63610968655fd38f67a7746567793d783d616c776179732c61636c2c00"], 0x3, 0x1b1, &(0x7f00000000c0)="$eJzsmM1LG0EYxp+Z3WxIT+21FFpooOmhm91NWwql0Jxy6KXQD/EiBrOG6MZIsgcTEOLRk3+Df4J4Fw9evQleVRC8ePS8MrOjOxrzISRB8P0d3jwz82Y+3t08AwFBEM+Ws9Ork/XN81cc6GaQRVr1XxhJDtfymzu/cm8OS+7e3MH3493S0f353gGIotHXF3PvFw2Eqh1Fd7+dVZ9/wZFFRup/4Pio+mfAYCs9D47/SvtgmFV6SdMNkW/bi7XAtxcaQUUIRwRXBE+Egr6+CeByg6Gi7Y9p4612Z7kcBH6zV1j9hx4nBtVP7q/I8QOI1COL9Od1UxtH1i/GBYerdAEMf5T+hrSqDe85/2szOb8x2vnHKVLi1RuUszW51U1M4YAkhgh0Y5FGMsSn9fpNRojfzxPYxoRE4h/RNsMHzT9NzT/yYX31Z6vd+VSrl6t+1V/xvMJX57PjfPHy0pvjOMD/MtKfXmjzp/rkWszCWjkMm24cb9teHB9yXEv6H0fufdxmqk9H3gcvmbj6kDNUmyAIgiAIgiAIgiAIgiAIYuy8BZP/gg7B+y2zrwMAAP//Ub9tHw==")

2m31.058767142s ago: executing program 36 (id=869):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)

2m30.600784397s ago: executing program 3 (id=895):
io_uring_setup(0x6403, 0x0)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, 0x0)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x5, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002180)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_dev$radio(0x0, 0x1, 0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0xce)
r3 = creat(&(0x7f0000000000)='./file0\x00', 0x40)
lsetxattr$security_capability(&(0x7f0000002580)='./file0\x00', &(0x7f00000025c0), 0x0, 0x0, 0x0)
write$binfmt_elf32(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="7f454c460104028dbe05000000000000020006000400000019000000380000005e020000080400000400200004"], 0xb8)
close(r3)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r4 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43)
mknodat$loop(r4, 0x0, 0x6000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
syz_emit_ethernet(0x4e, &(0x7f0000000440)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "3000bb", 0x18, 0x2b, 0x0, @private2, @local, {[@hopopts={0x3c}, @fragment={0xa8, 0x0, 0x2, 0x1, 0x0, 0x1, 0x64}], {0x0, 0x4e21, 0x8}}}}}}, 0x0)
linkat(r4, &(0x7f0000000100)='./file1\x00', r4, &(0x7f0000000240)='./file0\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x2)

2m25.722272305s ago: executing program 3 (id=899):
prlimit64(0x0, 0xe, &(0x7f0000000340)={0xd, 0x200200090}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000600)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = epoll_create1(0x80000)
r4 = fcntl$dupfd(0xffffffffffffffff, 0x406, r3)
r5 = getpid()
r6 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
kcmp$KCMP_EPOLL_TFD(r5, r6, 0x7, r4, &(0x7f0000000100)={r3, r4})

2m24.323322898s ago: executing program 3 (id=903):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x80040c, &(0x7f0000000440)=ANY=[@ANYBLOB="706172743d3078303030303030303030303030303030342c6e6c733d61736369692c73657373696f6e3d3078666666666666666666666666666637662c747970653d883b7f382c63726561746f723dd4a620e92c6e6f6465636f6d706f73652c747970653d5dbcce902c756d61736b3d30303030303030303030303030303030303030303030312c63726561746f723d40f194712c626172726965720063726561746f723d65fe04c22c6e6f6465636f6d706f73652c6465636f6d706f73652c63726561746f723d8a7222832c7569643d", @ANYBLOB="3ef628a9ecf9e1751ed9b65d6a5359bd9afb81136cbff69e1bdbcb39d60e9b32d9f142ac189ae0d659610ddf0bf8c95e8f1a51f27bbb9098900d07e5f0303418856a470de86ec769d69ea60f0ea33a2089c2a2d372ec5958bbc02c2b4d00f71d7062876aa812e57f7333fa60a4d976aba0ce610efbc27f6cd9f0eee7074c05c92ae57e5e1b9afed08d27df4b8b9fb9a30a14a0b4a82028df4924d31f4c15fe48e62ddf7437e325ec87679945ecbaeda079054d10574c0036c82e2fbc9d073f4f6644162662a8dc5700d5943d13b93f9868919746c86a6d48", @ANYRES16=0x0, @ANYRES16, @ANYRESHEX, @ANYBLOB="a520ad23321534a883fa116848e7295e8693132df1638d943e7dacc03c8d2d9fca2aeb72f72ed82af2ceb592a5eea7e56631ff9ac0d92bcc666859b316fd2ac8694577d071f3f31f92dfdbdd695e5edca5b90abb53107e708b90150fc9eee8418e9511b8a4ce6f69a31472378258a55e8aa64d4a9859bfb3d6d3e49cf0a4c8b0044d37812dd15af758d8177ad1d630193b27881a8a06b8221dbceefe3fbf199b81bc31338d35cf4cb9f7f28e7abc55afd41f3a8b4a1e3fc4cd2dece6d1659ab1fc8511c18f9bd3c80004efbd7cfda12866316c01cc4a69ca09f85189380f835231d8ae5332237152dc3ed45d7f88", @ANYRES64, @ANYRESDEC], 0x1, 0x703, &(0x7f0000001f80)="$eJzs3TtsG+cdAPD/USRFuoAjJ36kRYAQNpAWNWpLJpRWXeoWReEhKIJ0aFfClmPBlBxISiEbRaP0sXfI1CkdtAUdinTqYqCdGwQosmoM0CJLJm0q7nhHkRJFUrJeTn4/4+6+u+95/3uRIowL4GvrzvUoP51Il2+speubG832xEZzMs9uR0Q1IkoR5c4ikqXIcm/nU3wz3ZiXT/br54OFubc++3Lz885aOZ+y8qVh9Qao9q78Kpuv51M0ImIiX+5V2afFj3d339fe3X3bG1fS3cM0YNeKwMWfn6lVeGbbe6x38z76TzYfVv0g1y1wRiWd5+YeUxHnIqIW0Xnq53eH0smO7uitn/YAAAAA4KDqB6/ywlZsxVqcP47hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFdV/v7/JJ9KRboRSfH+/2q+LfL0GTT6RYifTnaWT49/MAAAAAAAAABw7F7diq1Yi/PF+naS/eZ/Nba7Rb4R78ZKzMdy3Ii1aMVqrMZyzETEVE9D1bXW6uryTFzN1i4OqXkrPhlQ89b+Y7x9pHsMAAAAAAAAAGdebUT+w8rebb+LOzu//wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFmQREx0Ftl0sUhPRakcEbWIqKbl1iM+KdLPiWTQxqcnPw4AAAB4JrX+1aQ2Rp0X3outWIvzxfp2kn3nv5x9X67Fu7EUq7EQq9GO+biXf4dOv/WXNjea7c2N5mLUmovpxn/8bzvTaefHXxxo6FmL0fnbw+CeX85K1ON+LGRbbsTdSKLTZSlv5eXNjWa6XEzHlY2tz/vpmJIf5YaMZqInfS+dXfk4S/+p/68I5QPt4iFM5lEZbCrLrXQjMp2PLa1xoYjA4EiMPDrloT3NRKn7l5+Lw3saHPP3h/d+blepgX+5ORW7I3ErSt0jdHlPJCr9lb/9949++aC99PDB/ZXrZ2eXBnpvZIndkWj2ROLK8HPiuYrEaNNZJC511+/Ez+IXcT2+mHwzlmMhfh2tWI35RpHfys/ndD41PFKf9l39b44aSXpNNrr3r0FjakTfmKIRP81SrbiaHdPzsRBJPIqI+Xg9+3crZrp3g50jfGmMq740xp22x7XvZItumKK+f9m/jtfkUUnjeqEnrr333Kksr3fLTpReHBil4lk3/vOoR/lbeSJt4fdDnw8nbXckZnoi8dLmRrM4i/rOl05I/5J9alhpLz1cftB6Z8z+XsuX6XX0xzP1lEiP8ItRy3fuQjZPsmtqOst7qfuE7Y9XNf/FpaO0J+9St17nSv15PIp7fVfq92M2ZmMuK305K13Z88RK8650W+q/h6d56SetcveHnd7PW4+i3fk89Fz97gPwNXTuu+eq9f/W/13/sP6H+oP6G7WfTP5g8pVqVP5V+WF5euK10ivJ3+LD+O3O938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODwVh4/edhqt+eXBydKg7OS4bVa7e3iRWJDyvQlkvxVOWMUTlYeP9ke2eDwxGQ+vENWP8pE8bbG3qzibYr9hRvHOIxkfffxqo0+FsVbnsboItkT8LTyocdc9LyzpXIGDuXuROOQ1Xv3K08UJ2xP4YOfvfVBx2siIgYVHnHjmHjmWw9wym6uLr5zc+Xxk+8tLLbenn97fqkyOzs3PTf7evPm/YX2/HRn3lPh2F9+C5yU3o8TXdWIeHV03SEvagUAAAAAAAAAAACO0Un8X4jT3kcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+XbnepSfRhIz0zem0/XNjWY7nYr0TslyRJQiIvlNRPLPiNvRmWKqp7lkv34+WJh767MvNz/faatclC9FrO9bbzzr+RSNiJjIl0fV3t3R7VV3kpMDspNuZNKAXSsCB6ft/wEAAP//q/3tgg==")

2m22.033157136s ago: executing program 3 (id=904):
r0 = socket$alg(0x26, 0x5, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
openat$fb0(0xffffffffffffff9c, 0x0, 0x145cc2, 0x0)
socket$kcm(0xa, 0x5, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
bind$alg(r0, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/power/disk', 0x141a82, 0x33)
write$vga_arbiter(r1, &(0x7f0000000000)=@unlock_all, 0xb)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x0, 0x0})
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(0xffffffffffffffff, 0x84, 0x19, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100001e61e410b1134200557b0102030109021b0001000000000904000001cf28fc"], 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{0x0}], 0x1)
poll(&(0x7f00000001c0)=[{r3, 0x100}, {r2, 0xc0}, {0xffffffffffffffff, 0x102}], 0x3, 0x9)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r6, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r5, 0x40047451, &(0x7f0000000180))
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)

2m5.162405078s ago: executing program 37 (id=904):
r0 = socket$alg(0x26, 0x5, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
openat$fb0(0xffffffffffffff9c, 0x0, 0x145cc2, 0x0)
socket$kcm(0xa, 0x5, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
bind$alg(r0, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/power/disk', 0x141a82, 0x33)
write$vga_arbiter(r1, &(0x7f0000000000)=@unlock_all, 0xb)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x0, 0x0})
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(0xffffffffffffffff, 0x84, 0x19, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100001e61e410b1134200557b0102030109021b0001000000000904000001cf28fc"], 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{0x0}], 0x1)
poll(&(0x7f00000001c0)=[{r3, 0x100}, {r2, 0xc0}, {0xffffffffffffffff, 0x102}], 0x3, 0x9)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r6, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r5, 0x40047451, &(0x7f0000000180))
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)

41.896945722s ago: executing program 8 (id=1040):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f0000000140)={&(0x7f0000000040)=[0x0, <r2=>0x0], &(0x7f00000000c0), 0x2})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r1, 0xc01064ab, &(0x7f00000000c0)={0x20, r2})
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
mount$fuse(0x0, &(0x7f0000000640)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0])
mount$9p_fd(0x0, &(0x7f0000000100)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000140), 0x21c804, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdn', @ANYRESHEX=r3, @ANYBLOB=',wfdn', @ANYRESHEX])

38.370267822s ago: executing program 8 (id=1045):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0xfffffffffffffe1c, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="6000000002060500000000000000000000000000140007800800064020000000080013400000000005000100060000000900020073797a32000000000500040000000000050005000a00000011000300686173683a69702c6d61726b"], 0x60}}, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)

37.214797344s ago: executing program 8 (id=1048):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r1, 0xc01064ab, &(0x7f00000000c0)={0x20, 0x0, r2})
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)
mount$fuse(0x0, &(0x7f0000000640)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0])
mount$9p_fd(0x0, &(0x7f0000000100)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000140), 0x21c804, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdn', @ANYRESHEX=r3, @ANYBLOB=',wfdn', @ANYRESHEX])

35.976635681s ago: executing program 8 (id=1050):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x80040c, &(0x7f0000000440)=ANY=[@ANYBLOB="706172743d3078303030303030303030303030303030342c6e6c733d61736369692c73657373696f6e3d3078666666666666666666666666666637662c747970653d883b7f382c63726561746f723dd4a620e92c6e6f6465636f6d706f73652c747970653d5dbcce902c756d61736b3d30303030303030303030303030303030303030303030312c63726561746f723d40f194712c626172726965720063726561746f723d65fe04c22c6e6f6465636f6d706f73652c6465636f6d706f73652c63726561746f723d8a7222832c7569643d", @ANYBLOB="3ef628a9ecf9e1751ed9b65d6a5359bd9afb81136cbff69e1bdbcb39d60e9b32d9f142ac189ae0d659610ddf0bf8c95e8f1a51f27bbb9098900d07e5f0303418856a470de86ec769d69ea60f0ea33a2089c2a2d372ec5958bbc02c2b4d00f71d7062876aa812e57f7333fa60a4d976aba0ce610efbc27f6cd9f0eee7074c05c92ae57e5e1b9afed08d27df4b8b9fb9a30a14a0b4a82028df4924d31f4c15fe48e62ddf7437e325ec87679945ecbaeda079054d10574c0036c82e2fbc9d073f4f6644162662a8dc5700d5943d13b93f9868919746c86a6d48", @ANYRES16=0x0, @ANYRES16, @ANYRESHEX, @ANYBLOB="a520ad23321534a883fa116848e7295e8693132df1638d943e7dacc03c8d2d9fca2aeb72f72ed82af2ceb592a5eea7e56631ff9ac0d92bcc666859b316fd2ac8694577d071f3f31f92dfdbdd695e5edca5b90abb53107e708b90150fc9eee8418e9511b8a4ce6f69a31472378258a55e8aa64d4a9859bfb3d6d3e49cf0a4c8b0044d37812dd15af758d8177ad1d630193b27881a8a06b8221dbceefe3fbf199b81bc31338d35cf4cb9f7f28e7abc55afd41f3a8b4a1e3fc4cd2dece6d1659ab1fc8511c18f9bd3c80004efbd7cfda12866316c01cc4a69ca09f85189380f835231d8ae5332237152dc3ed45d7f88", @ANYRES64, @ANYRESDEC], 0x1, 0x703, &(0x7f0000001f80)="$eJzs3TtsG+cdAPD/USRFuoAjJ36kRYAQNpAWNWpLJpRWXeoWReEhKIJ0aFfClmPBlBxISiEbRaP0sXfI1CkdtAUdinTqYqCdGwQosmoM0CJLJm0q7nhHkRJFUrJeTn4/4+6+u+95/3uRIowL4GvrzvUoP51Il2+speubG832xEZzMs9uR0Q1IkoR5c4ikqXIcm/nU3wz3ZiXT/br54OFubc++3Lz885aOZ+y8qVh9Qao9q78Kpuv51M0ImIiX+5V2afFj3d339fe3X3bG1fS3cM0YNeKwMWfn6lVeGbbe6x38z76TzYfVv0g1y1wRiWd5+YeUxHnIqIW0Xnq53eH0smO7uitn/YAAAAA4KDqB6/ywlZsxVqcP47hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFdV/v7/JJ9KRboRSfH+/2q+LfL0GTT6RYifTnaWT49/MAAAAAAAAABw7F7diq1Yi/PF+naS/eZ/Nba7Rb4R78ZKzMdy3Ii1aMVqrMZyzETEVE9D1bXW6uryTFzN1i4OqXkrPhlQ89b+Y7x9pHsMAAAAAAAAAGdebUT+w8rebb+LOzu//wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFmQREx0Ftl0sUhPRakcEbWIqKbl1iM+KdLPiWTQxqcnPw4AAAB4JrX+1aQ2Rp0X3outWIvzxfp2kn3nv5x9X67Fu7EUq7EQq9GO+biXf4dOv/WXNjea7c2N5mLUmovpxn/8bzvTaefHXxxo6FmL0fnbw+CeX85K1ON+LGRbbsTdSKLTZSlv5eXNjWa6XEzHlY2tz/vpmJIf5YaMZqInfS+dXfk4S/+p/68I5QPt4iFM5lEZbCrLrXQjMp2PLa1xoYjA4EiMPDrloT3NRKn7l5+Lw3saHPP3h/d+blepgX+5ORW7I3ErSt0jdHlPJCr9lb/9949++aC99PDB/ZXrZ2eXBnpvZIndkWj2ROLK8HPiuYrEaNNZJC511+/Ez+IXcT2+mHwzlmMhfh2tWI35RpHfys/ndD41PFKf9l39b44aSXpNNrr3r0FjakTfmKIRP81SrbiaHdPzsRBJPIqI+Xg9+3crZrp3g50jfGmMq740xp22x7XvZItumKK+f9m/jtfkUUnjeqEnrr333Kksr3fLTpReHBil4lk3/vOoR/lbeSJt4fdDnw8nbXckZnoi8dLmRrM4i/rOl05I/5J9alhpLz1cftB6Z8z+XsuX6XX0xzP1lEiP8ItRy3fuQjZPsmtqOst7qfuE7Y9XNf/FpaO0J+9St17nSv15PIp7fVfq92M2ZmMuK305K13Z88RK8650W+q/h6d56SetcveHnd7PW4+i3fk89Fz97gPwNXTuu+eq9f/W/13/sP6H+oP6G7WfTP5g8pVqVP5V+WF5euK10ivJ3+LD+O3O938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODwVh4/edhqt+eXBydKg7OS4bVa7e3iRWJDyvQlkvxVOWMUTlYeP9ke2eDwxGQ+vENWP8pE8bbG3qzibYr9hRvHOIxkfffxqo0+FsVbnsboItkT8LTyocdc9LyzpXIGDuXuROOQ1Xv3K08UJ2xP4YOfvfVBx2siIgYVHnHjmHjmWw9wym6uLr5zc+Xxk+8tLLbenn97fqkyOzs3PTf7evPm/YX2/HRn3lPh2F9+C5yU3o8TXdWIeHV03SEvagUAAAAAAAAAAACO0Un8X4jT3kcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+XbnepSfRhIz0zem0/XNjWY7nYr0TslyRJQiIvlNRPLPiNvRmWKqp7lkv34+WJh767MvNz/faatclC9FrO9bbzzr+RSNiJjIl0fV3t3R7VV3kpMDspNuZNKAXSsCB6ft/wEAAP//q/3tgg==")

31.921854002s ago: executing program 8 (id=1057):
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x80b81, 0x0)
r2 = syz_io_uring_setup(0x10f, &(0x7f00000000c0)={0x0, 0x211a, 0x80, 0x4, 0x306}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000040)=0xffefffdc, 0x0, 0x4)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='>'], 0x38}}, 0x80)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_ACCEPT={0xd, 0x8, 0x1, 0xffffffffffffffff, 0x0})
io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f00000002c0)=[0xffffffffffffffff], 0x57)
io_uring_enter(r2, 0x3516, 0xc2de, 0x8, 0x0, 0x0)

28.099865308s ago: executing program 8 (id=1060):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x76, &(0x7f0000000580)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "d3ffff", 0x40, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x502, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @remote, [@hopopts={0x3a}, @srh={0xc, 0x0, 0x4, 0x0, 0x9, 0x20, 0x2}]}}}}}}}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_SIOCDELRT(r3, 0x890c, &(0x7f0000005fc0)={@remote, @private0={0xfc, 0x0, '\x00', 0x1}, @empty, 0x7, 0x8000, 0x3d, 0x500, 0x5, 0x18c0012})
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000140)={'ip6gre0\x00', &(0x7f00000000c0)={'ip6tnl0\x00', 0x0, 0x2f, 0x4, 0x5, 0x7d, 0x40, @dev={0xfe, 0x80, '\x00', 0x16}, @private2, 0x40, 0x80, 0xffffffff, 0x8}})

22.491189904s ago: executing program 1 (id=1067):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x80040c, &(0x7f0000000440)=ANY=[@ANYBLOB="706172743d3078303030303030303030303030303030342c6e6c733d61736369692c73657373696f6e3d3078666666666666666666666666666637662c747970653d883b7f382c63726561746f723dd4a620e92c6e6f6465636f6d706f73652c747970653d5dbcce902c756d61736b3d30303030303030303030303030303030303030303030312c63726561746f723d40f194712c626172726965720063726561746f723d65fe04c22c6e6f6465636f6d706f73652c6465636f6d706f73652c63726561746f723d8a7222832c7569643d", @ANYBLOB="3ef628a9ecf9e1751ed9b65d6a5359bd9afb81136cbff69e1bdbcb39d60e9b32d9f142ac189ae0d659610ddf0bf8c95e8f1a51f27bbb9098900d07e5f0303418856a470de86ec769d69ea60f0ea33a2089c2a2d372ec5958bbc02c2b4d00f71d7062876aa812e57f7333fa60a4d976aba0ce610efbc27f6cd9f0eee7074c05c92ae57e5e1b9afed08d27df4b8b9fb9a30a14a0b4a82028df4924d31f4c15fe48e62ddf7437e325ec87679945ecbaeda079054d10574c0036c82e2fbc9d073f4f6644162662a8dc5700d5943d13b93f9868919746c86a6d48", @ANYRES16=0x0, @ANYRES16, @ANYRESHEX, @ANYBLOB="a520ad23321534a883fa116848e7295e8693132df1638d943e7dacc03c8d2d9fca2aeb72f72ed82af2ceb592a5eea7e56631ff9ac0d92bcc666859b316fd2ac8694577d071f3f31f92dfdbdd695e5edca5b90abb53107e708b90150fc9eee8418e9511b8a4ce6f69a31472378258a55e8aa64d4a9859bfb3d6d3e49cf0a4c8b0044d37812dd15af758d8177ad1d630193b27881a8a06b8221dbceefe3fbf199b81bc31338d35cf4cb9f7f28e7abc55afd41f3a8b4a1e3fc4cd2dece6d1659ab1fc8511c18f9bd3c80004efbd7cfda12866316c01cc4a69ca09f85189380f835231d8ae5332237152dc3ed45d7f88", @ANYRES64, @ANYRESDEC], 0x1, 0x703, &(0x7f0000001f80)="$eJzs3TtsG+cdAPD/USRFuoAjJ36kRYAQNpAWNWpLJpRWXeoWReEhKIJ0aFfClmPBlBxISiEbRaP0sXfI1CkdtAUdinTqYqCdGwQosmoM0CJLJm0q7nhHkRJFUrJeTn4/4+6+u+95/3uRIowL4GvrzvUoP51Il2+speubG832xEZzMs9uR0Q1IkoR5c4ikqXIcm/nU3wz3ZiXT/br54OFubc++3Lz885aOZ+y8qVh9Qao9q78Kpuv51M0ImIiX+5V2afFj3d339fe3X3bG1fS3cM0YNeKwMWfn6lVeGbbe6x38z76TzYfVv0g1y1wRiWd5+YeUxHnIqIW0Xnq53eH0smO7uitn/YAAAAA4KDqB6/ywlZsxVqcP47hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFdV/v7/JJ9KRboRSfH+/2q+LfL0GTT6RYifTnaWT49/MAAAAAAAAABw7F7diq1Yi/PF+naS/eZ/Nba7Rb4R78ZKzMdy3Ii1aMVqrMZyzETEVE9D1bXW6uryTFzN1i4OqXkrPhlQ89b+Y7x9pHsMAAAAAAAAAGdebUT+w8rebb+LOzu//wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFmQREx0Ftl0sUhPRakcEbWIqKbl1iM+KdLPiWTQxqcnPw4AAAB4JrX+1aQ2Rp0X3outWIvzxfp2kn3nv5x9X67Fu7EUq7EQq9GO+biXf4dOv/WXNjea7c2N5mLUmovpxn/8bzvTaefHXxxo6FmL0fnbw+CeX85K1ON+LGRbbsTdSKLTZSlv5eXNjWa6XEzHlY2tz/vpmJIf5YaMZqInfS+dXfk4S/+p/68I5QPt4iFM5lEZbCrLrXQjMp2PLa1xoYjA4EiMPDrloT3NRKn7l5+Lw3saHPP3h/d+blepgX+5ORW7I3ErSt0jdHlPJCr9lb/9949++aC99PDB/ZXrZ2eXBnpvZIndkWj2ROLK8HPiuYrEaNNZJC511+/Ez+IXcT2+mHwzlmMhfh2tWI35RpHfys/ndD41PFKf9l39b44aSXpNNrr3r0FjakTfmKIRP81SrbiaHdPzsRBJPIqI+Xg9+3crZrp3g50jfGmMq740xp22x7XvZItumKK+f9m/jtfkUUnjeqEnrr333Kksr3fLTpReHBil4lk3/vOoR/lbeSJt4fdDnw8nbXckZnoi8dLmRrM4i/rOl05I/5J9alhpLz1cftB6Z8z+XsuX6XX0xzP1lEiP8ItRy3fuQjZPsmtqOst7qfuE7Y9XNf/FpaO0J+9St17nSv15PIp7fVfq92M2ZmMuK305K13Z88RK8650W+q/h6d56SetcveHnd7PW4+i3fk89Fz97gPwNXTuu+eq9f/W/13/sP6H+oP6G7WfTP5g8pVqVP5V+WF5euK10ivJ3+LD+O3O938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODwVh4/edhqt+eXBydKg7OS4bVa7e3iRWJDyvQlkvxVOWMUTlYeP9ke2eDwxGQ+vENWP8pE8bbG3qzibYr9hRvHOIxkfffxqo0+FsVbnsboItkT8LTyocdc9LyzpXIGDuXuROOQ1Xv3K08UJ2xP4YOfvfVBx2siIgYVHnHjmHjmWw9wym6uLr5zc+Xxk+8tLLbenn97fqkyOzs3PTf7evPm/YX2/HRn3lPh2F9+C5yU3o8TXdWIeHV03SEvagUAAAAAAAAAAACO0Un8X4jT3kcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+XbnepSfRhIz0zem0/XNjWY7nYr0TslyRJQiIvlNRPLPiNvRmWKqp7lkv34+WJh767MvNz/faatclC9FrO9bbzzr+RSNiJjIl0fV3t3R7VV3kpMDspNuZNKAXSsCB6ft/wEAAP//q/3tgg==")

20.107336993s ago: executing program 1 (id=1069):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, 0x0, 0x4000010)
fallocate(0xffffffffffffffff, 0x0, 0x9, 0x3)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000000300)=""/102400, 0x19000)
getpid()
r2 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3, 0x2b2}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000640)=<r4=>0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffa, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000040), 0x1b})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)

17.61929531s ago: executing program 4 (id=1073):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r0 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)

14.533883162s ago: executing program 4 (id=1077):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8c}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f0000000140)={&(0x7f0000000040)=[0x0, <r3=>0x0], &(0x7f00000000c0), 0x2, r2})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r1, 0xc01064ab, &(0x7f00000000c0)={0x20, r3, r2})
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
mount$fuse(0x0, &(0x7f0000000640)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0])
mount$9p_fd(0x0, &(0x7f0000000100)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000140), 0x21c804, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdn', @ANYRESHEX=r4, @ANYBLOB=',wfdn', @ANYRESHEX])

12.076563922s ago: executing program 38 (id=1060):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x76, &(0x7f0000000580)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "d3ffff", 0x40, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x502, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @remote, [@hopopts={0x3a}, @srh={0xc, 0x0, 0x4, 0x0, 0x9, 0x20, 0x2}]}}}}}}}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_SIOCDELRT(r3, 0x890c, &(0x7f0000005fc0)={@remote, @private0={0xfc, 0x0, '\x00', 0x1}, @empty, 0x7, 0x8000, 0x3d, 0x500, 0x5, 0x18c0012})
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000140)={'ip6gre0\x00', &(0x7f00000000c0)={'ip6tnl0\x00', 0x0, 0x2f, 0x4, 0x5, 0x7d, 0x40, @dev={0xfe, 0x80, '\x00', 0x16}, @private2, 0x40, 0x80, 0xffffffff, 0x8}})

10.8409572s ago: executing program 9 (id=1082):
mkdirat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r3, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x7e)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x8)
sendto$inet6(r3, &(0x7f0000000140)="aa", 0x1, 0x48000, &(0x7f0000000200)={0xa, 0x4e23, 0x3ff, @loopback, 0x10001}, 0x1c)
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)

9.6450531s ago: executing program 4 (id=1083):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$sndpcmc(&(0x7f00000001c0), 0x0, 0x40001)
ioctl$SNDRV_PCM_IOCTL_UNLINK(r0, 0xc0844123, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
pipe2$9p(&(0x7f0000000180)={<r5=>0xffffffffffffffff}, 0x0)
tee(r5, r4, 0x9, 0x8)
close_range(r3, 0xffffffffffffffff, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)

9.643606144s ago: executing program 9 (id=1084):
socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
close(r3)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
writev(r4, &(0x7f00000036c0), 0x0)
socket(0x15, 0x5, 0x0)

8.571184817s ago: executing program 9 (id=1085):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$sndpcmc(&(0x7f00000001c0), 0x0, 0x40001)
ioctl$SNDRV_PCM_IOCTL_UNLINK(r0, 0xc0844123, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
pipe2$9p(&(0x7f0000000180)={<r5=>0xffffffffffffffff}, 0x0)
tee(r5, r4, 0x9, 0x8)
close_range(r3, 0xffffffffffffffff, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)

7.252759934s ago: executing program 1 (id=1086):
mkdirat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r3, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x7e)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r4=>0x0]}, &(0x7f0000000040)=0x8)
sendto$inet6(r3, &(0x7f0000000140)="aa", 0x1, 0x48000, &(0x7f0000000200)={0xa, 0x4e23, 0x3ff, @loopback, 0x10001}, 0x1c)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x66, &(0x7f0000000080)={r4, 0x7f}, &(0x7f0000000100)=0x8)

6.150510911s ago: executing program 1 (id=1087):
r0 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0)

6.033963816s ago: executing program 9 (id=1088):
r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x40940, 0x0)
readv(r0, &(0x7f0000000600)=[{&(0x7f00000002c0)=""/135, 0x87}], 0x1)

5.844057568s ago: executing program 1 (id=1089):
syz_usb_connect(0x5, 0x36, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x40)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1a0)
mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fallocate(r2, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r2, 0x0)

5.31760096s ago: executing program 9 (id=1090):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, 0x0, 0x0)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x80040c, &(0x7f0000000440)=ANY=[@ANYBLOB="706172743d3078303030303030303030303030303030342c6e6c733d61736369692c73657373696f6e3d3078666666666666666666666666666637662c747970653d883b7f382c63726561746f723dd4a620e92c6e6f6465636f6d706f73652c747970653d5dbcce902c756d61736b3d30303030303030303030303030303030303030303030312c63726561746f723d40f194712c626172726965720063726561746f723d65fe04c22c6e6f6465636f6d706f73652c6465636f6d706f73652c63726561746f723d8a7222832c7569643d", @ANYBLOB="3ef628a9ecf9e1751ed9b65d6a5359bd9afb81136cbff69e1bdbcb39d60e9b32d9f142ac189ae0d659610ddf0bf8c95e8f1a51f27bbb9098900d07e5f0303418856a470de86ec769d69ea60f0ea33a2089c2a2d372ec5958bbc02c2b4d00f71d7062876aa812e57f7333fa60a4d976aba0ce610efbc27f6cd9f0eee7074c05c92ae57e5e1b9afed08d27df4b8b9fb9a30a14a0b4a82028df4924d31f4c15fe48e62ddf7437e325ec87679945ecbaeda079054d10574c0036c82e2fbc9d073f4f6644162662a8dc5700d5943d13b93f9868919746c86a6d48", @ANYRES16=0x0, @ANYRES16, @ANYRESHEX, @ANYBLOB="a520ad23321534a883fa116848e7295e8693132df1638d943e7dacc03c8d2d9fca2aeb72f72ed82af2ceb592a5eea7e56631ff9ac0d92bcc666859b316fd2ac8694577d071f3f31f92dfdbdd695e5edca5b90abb53107e708b90150fc9eee8418e9511b8a4ce6f69a31472378258a55e8aa64d4a9859bfb3d6d3e49cf0a4c8b0044d37812dd15af758d8177ad1d630193b27881a8a06b8221dbceefe3fbf199b81bc31338d35cf4cb9f7f28e7abc55afd41f3a8b4a1e3fc4cd2dece6d1659ab1fc8511c18f9bd3c80004efbd7cfda12866316c01cc4a69ca09f85189380f835231d8ae5332237152dc3ed45d7f88", @ANYRES64, @ANYRESDEC], 0x1, 0x703, &(0x7f0000001f80)="$eJzs3TtsG+cdAPD/USRFuoAjJ36kRYAQNpAWNWpLJpRWXeoWReEhKIJ0aFfClmPBlBxISiEbRaP0sXfI1CkdtAUdinTqYqCdGwQosmoM0CJLJm0q7nhHkRJFUrJeTn4/4+6+u+95/3uRIowL4GvrzvUoP51Il2+speubG832xEZzMs9uR0Q1IkoR5c4ikqXIcm/nU3wz3ZiXT/br54OFubc++3Lz885aOZ+y8qVh9Qao9q78Kpuv51M0ImIiX+5V2afFj3d339fe3X3bG1fS3cM0YNeKwMWfn6lVeGbbe6x38z76TzYfVv0g1y1wRiWd5+YeUxHnIqIW0Xnq53eH0smO7uitn/YAAAAA4KDqB6/ywlZsxVqcP47hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFdV/v7/JJ9KRboRSfH+/2q+LfL0GTT6RYifTnaWT49/MAAAAAAAAABw7F7diq1Yi/PF+naS/eZ/Nba7Rb4R78ZKzMdy3Ii1aMVqrMZyzETEVE9D1bXW6uryTFzN1i4OqXkrPhlQ89b+Y7x9pHsMAAAAAAAAAGdebUT+w8rebb+LOzu//wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFmQREx0Ftl0sUhPRakcEbWIqKbl1iM+KdLPiWTQxqcnPw4AAAB4JrX+1aQ2Rp0X3outWIvzxfp2kn3nv5x9X67Fu7EUq7EQq9GO+biXf4dOv/WXNjea7c2N5mLUmovpxn/8bzvTaefHXxxo6FmL0fnbw+CeX85K1ON+LGRbbsTdSKLTZSlv5eXNjWa6XEzHlY2tz/vpmJIf5YaMZqInfS+dXfk4S/+p/68I5QPt4iFM5lEZbCrLrXQjMp2PLa1xoYjA4EiMPDrloT3NRKn7l5+Lw3saHPP3h/d+blepgX+5ORW7I3ErSt0jdHlPJCr9lb/9949++aC99PDB/ZXrZ2eXBnpvZIndkWj2ROLK8HPiuYrEaNNZJC511+/Ez+IXcT2+mHwzlmMhfh2tWI35RpHfys/ndD41PFKf9l39b44aSXpNNrr3r0FjakTfmKIRP81SrbiaHdPzsRBJPIqI+Xg9+3crZrp3g50jfGmMq740xp22x7XvZItumKK+f9m/jtfkUUnjeqEnrr333Kksr3fLTpReHBil4lk3/vOoR/lbeSJt4fdDnw8nbXckZnoi8dLmRrM4i/rOl05I/5J9alhpLz1cftB6Z8z+XsuX6XX0xzP1lEiP8ItRy3fuQjZPsmtqOst7qfuE7Y9XNf/FpaO0J+9St17nSv15PIp7fVfq92M2ZmMuK305K13Z88RK8650W+q/h6d56SetcveHnd7PW4+i3fk89Fz97gPwNXTuu+eq9f/W/13/sP6H+oP6G7WfTP5g8pVqVP5V+WF5euK10ivJ3+LD+O3O938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODwVh4/edhqt+eXBydKg7OS4bVa7e3iRWJDyvQlkvxVOWMUTlYeP9ke2eDwxGQ+vENWP8pE8bbG3qzibYr9hRvHOIxkfffxqo0+FsVbnsboItkT8LTyocdc9LyzpXIGDuXuROOQ1Xv3K08UJ2xP4YOfvfVBx2siIgYVHnHjmHjmWw9wym6uLr5zc+Xxk+8tLLbenn97fqkyOzs3PTf7evPm/YX2/HRn3lPh2F9+C5yU3o8TXdWIeHV03SEvagUAAAAAAAAAAACO0Un8X4jT3kcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+XbnepSfRhIz0zem0/XNjWY7nYr0TslyRJQiIvlNRPLPiNvRmWKqp7lkv34+WJh767MvNz/faatclC9FrO9bbzzr+RSNiJjIl0fV3t3R7VV3kpMDspNuZNKAXSsCB6ft/wEAAP//q/3tgg==")

3.293749652s ago: executing program 9 (id=1091):
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x40940, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000003c0)=0x2)
sendmsg$NL80211_CMD_ASSOCIATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x4c11)

2.982573705s ago: executing program 4 (id=1092):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, 0x0, 0x4000010)
fallocate(0xffffffffffffffff, 0x0, 0x9, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000000300)=""/102400, 0x19000)
getpid()
r2 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3, 0x2b2}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000640)=<r4=>0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffa, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000040), 0x1b})
io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0)

1.85841906s ago: executing program 4 (id=1093):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8)
sendmmsg(r3, 0x0, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x80040c, &(0x7f0000000440)=ANY=[@ANYBLOB="706172743d3078303030303030303030303030303030342c6e6c733d61736369692c73657373696f6e3d3078666666666666666666666666666637662c747970653d883b7f382c63726561746f723dd4a620e92c6e6f6465636f6d706f73652c747970653d5dbcce902c756d61736b3d30303030303030303030303030303030303030303030312c63726561746f723d40f194712c626172726965720063726561746f723d65fe04c22c6e6f6465636f6d706f73652c6465636f6d706f73652c63726561746f723d8a7222832c7569643d", @ANYBLOB="3ef628a9ecf9e1751ed9b65d6a5359bd9afb81136cbff69e1bdbcb39d60e9b32d9f142ac189ae0d659610ddf0bf8c95e8f1a51f27bbb9098900d07e5f0303418856a470de86ec769d69ea60f0ea33a2089c2a2d372ec5958bbc02c2b4d00f71d7062876aa812e57f7333fa60a4d976aba0ce610efbc27f6cd9f0eee7074c05c92ae57e5e1b9afed08d27df4b8b9fb9a30a14a0b4a82028df4924d31f4c15fe48e62ddf7437e325ec87679945ecbaeda079054d10574c0036c82e2fbc9d073f4f6644162662a8dc5700d5943d13b93f9868919746c86a6d48", @ANYRES16=0x0, @ANYRES16, @ANYRESHEX, @ANYBLOB="a520ad23321534a883fa116848e7295e8693132df1638d943e7dacc03c8d2d9fca2aeb72f72ed82af2ceb592a5eea7e56631ff9ac0d92bcc666859b316fd2ac8694577d071f3f31f92dfdbdd695e5edca5b90abb53107e708b90150fc9eee8418e9511b8a4ce6f69a31472378258a55e8aa64d4a9859bfb3d6d3e49cf0a4c8b0044d37812dd15af758d8177ad1d630193b27881a8a06b8221dbceefe3fbf199b81bc31338d35cf4cb9f7f28e7abc55afd41f3a8b4a1e3fc4cd2dece6d1659ab1fc8511c18f9bd3c80004efbd7cfda12866316c01cc4a69ca09f85189380f835231d8ae5332237152dc3ed45d7f88", @ANYRES64, @ANYRESDEC], 0x1, 0x703, &(0x7f0000001f80)="$eJzs3TtsG+cdAPD/USRFuoAjJ36kRYAQNpAWNWpLJpRWXeoWReEhKIJ0aFfClmPBlBxISiEbRaP0sXfI1CkdtAUdinTqYqCdGwQosmoM0CJLJm0q7nhHkRJFUrJeTn4/4+6+u+95/3uRIowL4GvrzvUoP51Il2+speubG832xEZzMs9uR0Q1IkoR5c4ikqXIcm/nU3wz3ZiXT/br54OFubc++3Lz885aOZ+y8qVh9Qao9q78Kpuv51M0ImIiX+5V2afFj3d339fe3X3bG1fS3cM0YNeKwMWfn6lVeGbbe6x38z76TzYfVv0g1y1wRiWd5+YeUxHnIqIW0Xnq53eH0smO7uitn/YAAAAA4KDqB6/ywlZsxVqcP47hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFdV/v7/JJ9KRboRSfH+/2q+LfL0GTT6RYifTnaWT49/MAAAAAAAAABw7F7diq1Yi/PF+naS/eZ/Nba7Rb4R78ZKzMdy3Ii1aMVqrMZyzETEVE9D1bXW6uryTFzN1i4OqXkrPhlQ89b+Y7x9pHsMAAAAAAAAAGdebUT+w8rebb+LOzu//wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFmQREx0Ftl0sUhPRakcEbWIqKbl1iM+KdLPiWTQxqcnPw4AAAB4JrX+1aQ2Rp0X3outWIvzxfp2kn3nv5x9X67Fu7EUq7EQq9GO+biXf4dOv/WXNjea7c2N5mLUmovpxn/8bzvTaefHXxxo6FmL0fnbw+CeX85K1ON+LGRbbsTdSKLTZSlv5eXNjWa6XEzHlY2tz/vpmJIf5YaMZqInfS+dXfk4S/+p/68I5QPt4iFM5lEZbCrLrXQjMp2PLa1xoYjA4EiMPDrloT3NRKn7l5+Lw3saHPP3h/d+blepgX+5ORW7I3ErSt0jdHlPJCr9lb/9949++aC99PDB/ZXrZ2eXBnpvZIndkWj2ROLK8HPiuYrEaNNZJC511+/Ez+IXcT2+mHwzlmMhfh2tWI35RpHfys/ndD41PFKf9l39b44aSXpNNrr3r0FjakTfmKIRP81SrbiaHdPzsRBJPIqI+Xg9+3crZrp3g50jfGmMq740xp22x7XvZItumKK+f9m/jtfkUUnjeqEnrr333Kksr3fLTpReHBil4lk3/vOoR/lbeSJt4fdDnw8nbXckZnoi8dLmRrM4i/rOl05I/5J9alhpLz1cftB6Z8z+XsuX6XX0xzP1lEiP8ItRy3fuQjZPsmtqOst7qfuE7Y9XNf/FpaO0J+9St17nSv15PIp7fVfq92M2ZmMuK305K13Z88RK8650W+q/h6d56SetcveHnd7PW4+i3fk89Fz97gPwNXTuu+eq9f/W/13/sP6H+oP6G7WfTP5g8pVqVP5V+WF5euK10ivJ3+LD+O3O938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODwVh4/edhqt+eXBydKg7OS4bVa7e3iRWJDyvQlkvxVOWMUTlYeP9ke2eDwxGQ+vENWP8pE8bbG3qzibYr9hRvHOIxkfffxqo0+FsVbnsboItkT8LTyocdc9LyzpXIGDuXuROOQ1Xv3K08UJ2xP4YOfvfVBx2siIgYVHnHjmHjmWw9wym6uLr5zc+Xxk+8tLLbenn97fqkyOzs3PTf7evPm/YX2/HRn3lPh2F9+C5yU3o8TXdWIeHV03SEvagUAAAAAAAAAAACO0Un8X4jT3kcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+XbnepSfRhIz0zem0/XNjWY7nYr0TslyRJQiIvlNRPLPiNvRmWKqp7lkv34+WJh767MvNz/faatclC9FrO9bbzzr+RSNiJjIl0fV3t3R7VV3kpMDspNuZNKAXSsCB6ft/wEAAP//q/3tgg==")

1.492142377s ago: executing program 1 (id=1094):
syz_usb_connect(0x5, 0x36, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x40)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1a0)
mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fallocate(r3, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r3, 0x0)

0s ago: executing program 4 (id=1095):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f0000000140)={&(0x7f0000000040)=[0x0, <r3=>0x0], &(0x7f00000000c0), 0x2, r2})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r1, 0xc01064ab, &(0x7f00000000c0)={0x20, r3, r2})
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
mount$fuse(0x0, &(0x7f0000000640)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0])
mount$9p_fd(0x0, &(0x7f0000000100)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000140), 0x21c804, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdn', @ANYRESHEX=r4, @ANYBLOB=',wfdn', @ANYRESHEX])

kernel console output (not intermixed with test programs):

em resumption
[  204.502684][ T6704] Restarting kernel threads ...
[  204.510560][ T6704] Done restarting kernel threads.
[  205.648000][   T36] team0 (unregistering): Port device team_slave_1 removed
[  205.693801][   T36] team0 (unregistering): Port device team_slave_0 removed
[  205.787052][ T5963] usb 2-1: new low-speed USB device number 3 using dummy_hcd
[  205.966870][ T5963] usb 2-1: config 9 has an invalid interface number: 1 but max is 0
[  205.974936][ T5963] usb 2-1: config 9 has no interface number 0
[  205.992481][ T5963] usb 2-1: config 9 interface 1 has no altsetting 0
[  206.014816][ T5963] usb 2-1: string descriptor 0 read error: -22
[  206.026759][ T5963] usb 2-1: New USB device found, idVendor=2040, idProduct=b140, bcdDevice=75.36
[  206.035955][ T5963] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.082380][ T5963] cx231xx 2-1:9.1: New device   @ 1.5 Mbps (2040:b140) with 1 interfaces
[  206.101021][ T5963] cx231xx 2-1:9.1: Not found matching IAD interface
[  206.296510][   T29] usb 2-1: USB disconnect, device number 3
[  206.568874][   T36] team0 (unregistering): Port device team_slave_1 removed
[  206.603535][   T36] team0 (unregistering): Port device team_slave_0 removed
[  207.126107][ T6477] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.144400][ T6477] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.152324][ T6477] bridge_slave_0: entered allmulticast mode
[  207.179226][ T6477] bridge_slave_0: entered promiscuous mode
[  207.376937][ T6707] 8021q: adding VLAN 0 to HW filter on device bond0
[  207.392265][ T6707] bond0: (slave gre0): The slave device specified does not support setting the MAC address
[  207.415800][ T6707] bond0: (slave gre0): Error -95 calling set_mac_address
[  207.431948][ T6477] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.456454][ T6477] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.463873][ T6477] bridge_slave_1: entered allmulticast mode
[  207.507146][ T6477] bridge_slave_1: entered promiscuous mode
[  207.562560][ T6459] team0: Port device team_slave_0 added
[  207.564991][   T30] audit: type=1326 audit(1770785423.384:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.3.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e7619bf79 code=0x7ffc0000
[  207.572018][ T6459] team0: Port device team_slave_1 added
[  207.635917][   T30] audit: type=1326 audit(1770785423.424:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.3.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e7619bf79 code=0x7ffc0000
[  207.717245][   T30] audit: type=1326 audit(1770785423.434:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.3.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e7619bf79 code=0x7ffc0000
[  207.761173][ T6477] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  207.776373][   T30] audit: type=1326 audit(1770785423.434:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.3.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e7619bf79 code=0x7ffc0000
[  207.815907][ T6459] batman_adv: batadv0: Adding interface: batadv_slave_0
[  207.860691][ T6459] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  207.886565][   T30] audit: type=1326 audit(1770785423.434:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.3.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f0e7619bf79 code=0x7ffc0000
[  207.914173][ T6459] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  207.959089][   T30] audit: type=1326 audit(1770785423.434:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.3.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e7619bf79 code=0x7ffc0000
[  207.986055][ T6477] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  208.027814][ T6459] batman_adv: batadv0: Adding interface: batadv_slave_1
[  208.034800][ T6459] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  208.041831][   T30] audit: type=1326 audit(1770785423.434:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.3.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e7619bf79 code=0x7ffc0000
[  208.096794][   T30] audit: type=1326 audit(1770785423.434:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.3.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f0e7619bf79 code=0x7ffc0000
[  208.119555][   T30] audit: type=1326 audit(1770785423.434:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6726 comm="syz.3.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f0e7619bf79 code=0x7ffc0000
[  208.142820][ T6738] loop3: detected capacity change from 0 to 2048
[  208.164280][ T6459] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  208.433351][ T6750] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  208.469248][   T30] audit: type=1326 audit(1770785424.294:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6751 comm="syz.4.191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb63b9bf79 code=0x7ffc0000
[  208.519196][ T6477] team0: Port device team_slave_0 added
[  208.599690][ T6477] team0: Port device team_slave_1 added
[  208.683688][ T6580] chnl_net:caif_netlink_parms(): no params data found
[  208.693634][ T6750] NILFS (loop3): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  208.733961][ T6750] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=4)
[  208.775611][ T6459] hsr_slave_0: entered promiscuous mode
[  208.785091][ T6750] Remounting filesystem read-only
[  208.794214][ T6761] netlink: 232 bytes leftover after parsing attributes in process `syz.1.195'.
[  208.806284][ T6459] hsr_slave_1: entered promiscuous mode
[  208.816994][ T5826] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer
[  208.827662][ T6459] debugfs: 'hsr0' already exists in 'hsr'
[  208.833416][ T6459] Cannot create hsr debugfs directory
[  208.837602][ T6761] netlink: 12 bytes leftover after parsing attributes in process `syz.1.195'.
[  208.858446][ T6761] netlink: 8 bytes leftover after parsing attributes in process `syz.1.195'.
[  208.937514][ T6477] batman_adv: batadv0: Adding interface: batadv_slave_0
[  208.957756][ T6477] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  209.088795][ T6477] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  209.136353][ T6477] batman_adv: batadv0: Adding interface: batadv_slave_1
[  209.143406][ T6477] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  209.225812][ T6477] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  209.781420][ T5920] IPVS: starting estimator thread 0...
[  210.796588][ T6784] IPVS: using max 25 ests per chain, 60000 per kthread
[  210.904748][ T6792] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  210.976474][ T5838] Bluetooth: hci3: command 0x0406 tx timeout
[  210.982801][ T5838] Bluetooth: hci2: command 0x0406 tx timeout
[  210.989038][ T5838] Bluetooth: hci5: command 0x0406 tx timeout
[  211.460478][ T6798] openvswitch: netlink: ufid size 20 bytes exceeds the range (1, 16)
[  211.501697][ T6798] openvswitch: netlink: Message has 16 unknown bytes.
[  211.531486][ T6477] hsr_slave_0: entered promiscuous mode
[  211.547789][ T6477] hsr_slave_1: entered promiscuous mode
[  211.554267][ T6477] debugfs: 'hsr0' already exists in 'hsr'
[  211.586390][ T6477] Cannot create hsr debugfs directory
[  211.773881][ T6580] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.789801][ T6580] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.809970][ T6580] bridge_slave_0: entered allmulticast mode
[  211.826987][ T6580] bridge_slave_0: entered promiscuous mode
[  212.053967][ T6580] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.068389][ T6580] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.083747][ T6580] bridge_slave_1: entered allmulticast mode
[  212.102914][ T6580] bridge_slave_1: entered promiscuous mode
[  212.479900][ T6580] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  212.510361][ T6580] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  212.969830][ T5829] Bluetooth: hci6: command 0x0405 tx timeout
[  213.173133][ T6580] team0: Port device team_slave_0 added
[  213.190124][ T6831] netlink: 4 bytes leftover after parsing attributes in process `syz.1.215'.
[  213.202990][ T6580] team0: Port device team_slave_1 added
[  213.315279][   T30] kauditd_printk_skb: 12 callbacks suppressed
[  213.315305][   T30] audit: type=1326 audit(1770785429.134:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6835 comm="syz.3.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e7619bf79 code=0x7ffc0000
[  213.399085][   T30] audit: type=1326 audit(1770785429.174:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6835 comm="syz.3.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e7619bf79 code=0x7ffc0000
[  213.456247][   T30] audit: type=1326 audit(1770785429.174:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6835 comm="syz.3.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0x7f0e7619bf79 code=0x7ffc0000
[  213.575263][   T30] audit: type=1326 audit(1770785429.174:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6835 comm="syz.3.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e7619bf79 code=0x7ffc0000
[  213.575326][   T30] audit: type=1326 audit(1770785429.174:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6835 comm="syz.3.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e7619bf79 code=0x7ffc0000
[  213.757789][ T6850] loop1: detected capacity change from 0 to 128
[  213.834649][ T6580] batman_adv: batadv0: Adding interface: batadv_slave_0
[  213.843915][ T6580] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  213.846562][ T6850] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  213.871042][ T6580] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  213.996653][ T6850] ext4 filesystem being mounted at /71/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  214.083017][ T6580] batman_adv: batadv0: Adding interface: batadv_slave_1
[  214.091561][ T6580] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  214.149575][ T6580] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  214.314055][ T6862] loop3: detected capacity change from 0 to 2048
[  214.348477][ T6862] EXT4-fs: Ignoring removed bh option
[  214.431671][ T6862] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  214.719505][ T6868] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  215.142137][ T6459] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  215.234778][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.271481][ T6459] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  215.300474][ T6459] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  215.494282][ T6580] hsr_slave_0: entered promiscuous mode
[  215.519740][ T6580] hsr_slave_1: entered promiscuous mode
[  215.543100][ T6580] debugfs: 'hsr0' already exists in 'hsr'
[  215.560000][ T6580] Cannot create hsr debugfs directory
[  215.606420][ T6459] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  215.750995][ T6894] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  217.251118][   T36] bridge_slave_1: left allmulticast mode
[  217.287509][   T36] bridge_slave_1: left promiscuous mode
[  217.293675][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.357502][   T36] bridge_slave_0: left allmulticast mode
[  217.363895][   T36] bridge_slave_0: left promiscuous mode
[  217.387567][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.429697][   T36] bridge_slave_1: left allmulticast mode
[  217.435428][   T36] bridge_slave_1: left promiscuous mode
[  217.462978][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.503161][   T36] bridge_slave_0: left allmulticast mode
[  217.526569][   T36] bridge_slave_0: left promiscuous mode
[  217.533111][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.618501][   T36] bridge_slave_1: left allmulticast mode
[  217.627192][   T36] bridge_slave_1: left promiscuous mode
[  217.633029][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.697295][   T36] bridge_slave_0: left allmulticast mode
[  217.704494][ T6936] loop3: detected capacity change from 0 to 4096
[  217.710651][   T36] bridge_slave_0: left promiscuous mode
[  217.732359][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.845566][ T6950] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  217.939556][ T6952] capability: warning: `syz.1.255' uses 32-bit capabilities (legacy support in use)
[  218.194157][ T6961] comedi comedi3: no devices specified
[  218.218239][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  218.305625][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  218.390159][   T36] bond0 (unregistering): Released all slaves
[  218.690272][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  218.703341][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  218.715448][   T36] bond0 (unregistering): Released all slaves
[  218.929389][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  218.959059][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  218.984379][   T36] bond0 (unregistering): Released all slaves
[  219.061164][ T6982] netlink: 36 bytes leftover after parsing attributes in process `syz.4.267'.
[  219.514776][ T6459] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.556860][ T6477] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  219.634534][ T6477] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  219.870949][ T6477] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  219.939968][ T6477] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  220.286650][ T6459] 8021q: adding VLAN 0 to HW filter on device team0
[  220.583739][ T7023] xt_TCPMSS: Only works on TCP SYN packets
[  220.654284][ T7023] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  221.173416][   T36] hsr_slave_0: left promiscuous mode
[  221.198680][   T36] hsr_slave_1: left promiscuous mode
[  221.223923][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  221.271341][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  221.319011][   T36] hsr_slave_0: left promiscuous mode
[  221.332219][   T36] hsr_slave_1: left promiscuous mode
[  221.350727][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  221.407242][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  221.507916][   T36] hsr_slave_0: left promiscuous mode
[  221.522189][   T36] hsr_slave_1: left promiscuous mode
[  221.540403][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  221.572377][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  221.913559][   T36] team0 (unregistering): Port device team_slave_1 removed
[  221.959755][   T36] team0 (unregistering): Port device team_slave_0 removed
[  222.687368][   T36] team0 (unregistering): Port device team_slave_1 removed
[  222.738334][   T36] team0 (unregistering): Port device team_slave_0 removed
[  223.144296][ T7045] loop3: detected capacity change from 0 to 32768
[  223.354985][   T36] team0 (unregistering): Port device team_slave_1 removed
[  223.363531][ T7045] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  223.399253][   T36] team0 (unregistering): Port device team_slave_0 removed
[  223.759653][ T5826] ocfs2: Unmounting device (7,3) on (node local)
[  223.902073][ T5986] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.909311][ T5986] bridge0: port 1(bridge_slave_0) entered forwarding state
[  223.932068][ T5986] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.939356][ T5986] bridge0: port 2(bridge_slave_1) entered forwarding state
[  224.324903][ T7062] netlink: 4 bytes leftover after parsing attributes in process `syz.4.289'.
[  224.520141][ T6580] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  224.715952][ T6580] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  224.788422][ T6580] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  224.886361][ T6580] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  225.179663][ T6477] 8021q: adding VLAN 0 to HW filter on device bond0
[  225.338397][ T6459] 8021q: adding VLAN 0 to HW filter on device batadv0
[  225.460182][ T6477] 8021q: adding VLAN 0 to HW filter on device team0
[  225.580870][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  225.588227][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  225.691991][ T3542] bridge0: port 2(bridge_slave_1) entered blocking state
[  225.699550][ T3542] bridge0: port 2(bridge_slave_1) entered forwarding state
[  225.872287][ T6580] 8021q: adding VLAN 0 to HW filter on device bond0
[  226.076817][ T6580] 8021q: adding VLAN 0 to HW filter on device team0
[  226.121997][ T6016] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.129205][ T6016] bridge0: port 1(bridge_slave_0) entered forwarding state
[  226.271144][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  226.278683][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  226.714796][ T6459] veth0_vlan: entered promiscuous mode
[  226.766969][ T6459] veth1_vlan: entered promiscuous mode
[  226.794841][   T30] audit: type=1326 audit(1770785442.595:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb63b9bf79 code=0x7ffc0000
[  226.874108][ T6477] 8021q: adding VLAN 0 to HW filter on device batadv0
[  226.895716][   T30] audit: type=1326 audit(1770785442.595:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb63b9bf79 code=0x7ffc0000
[  226.989331][ T6459] veth0_macvtap: entered promiscuous mode
[  227.007473][   T30] audit: type=1326 audit(1770785442.615:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7ffb63b9bf79 code=0x7ffc0000
[  227.048376][ T6459] veth1_macvtap: entered promiscuous mode
[  227.075525][   T30] audit: type=1326 audit(1770785442.615:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb63b9bf79 code=0x7ffc0000
[  227.132347][ T6459] batman_adv: batadv0: Interface activated: batadv_slave_0
[  227.195451][   T30] audit: type=1326 audit(1770785442.615:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb63b9bf79 code=0x7ffc0000
[  227.253849][ T6459] batman_adv: batadv0: Interface activated: batadv_slave_1
[  227.335557][   T30] audit: type=1326 audit(1770785442.645:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7ffb63b9bf79 code=0x7ffc0000
[  227.365900][ T6014] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  227.444496][ T6014] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  227.461903][   T30] audit: type=1326 audit(1770785442.645:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7140 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb63b9bf79 code=0x7ffc0000
[  227.484915][ T6014] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  227.616616][ T6014] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  227.860106][ T6580] 8021q: adding VLAN 0 to HW filter on device batadv0
[  228.125429][ T5920] usb 4-1: new low-speed USB device number 4 using dummy_hcd
[  228.152769][ T6016] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.198130][ T6016] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  228.328332][ T5920] usb 4-1: config 0 interface 0 altsetting 186 endpoint 0x81 has invalid wMaxPacketSize 0
[  228.356345][ T5920] usb 4-1: config 0 interface 0 has no altsetting 0
[  228.365551][  T163] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.387144][  T163] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  228.390616][ T6477] veth0_vlan: entered promiscuous mode
[  228.404802][ T5920] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  228.431653][ T5920] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.456878][ T5920] usb 4-1: config 0 descriptor??
[  228.536468][ T6477] veth1_vlan: entered promiscuous mode
[  228.662302][ T6477] veth0_macvtap: entered promiscuous mode
[  228.719541][ T6477] veth1_macvtap: entered promiscuous mode
[  228.794214][ T6477] batman_adv: batadv0: Interface activated: batadv_slave_0
[  228.843514][ T6477] batman_adv: batadv0: Interface activated: batadv_slave_1
[  228.899116][ T5986] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  228.911309][ T7191] loop6: detected capacity change from 0 to 128
[  228.947468][   T36] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  228.951113][ T5920] koneplus 0003:1E7D:2E22.0002: collection stack underflow
[  228.966718][ T5920] koneplus 0003:1E7D:2E22.0002: item 0 4 0 12 parsing failed
[  228.979607][ T5920] koneplus 0003:1E7D:2E22.0002: parse failed
[  228.985958][ T5920] koneplus 0003:1E7D:2E22.0002: probe with driver koneplus failed with error -22
[  228.998191][ T7191] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  229.020836][   T36] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  229.026330][ T7191] hpfs: filesystem error: improperly stopped
[  229.054112][ T7194] fuse: Bad value for 'fd'
[  229.060392][   T36] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  229.085399][ T7191] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  229.130284][ T7191] hpfs: You really don't want any checks? You are crazy...
[  229.154029][ T6057] usb 4-1: USB disconnect, device number 4
[  229.155671][ T7191] hpfs: hpfs_map_sector(): read error
[  229.172355][ T7191] hpfs: code page support is disabled
[  229.233136][ T7191] hpfs: hpfs_map_4sectors(): unaligned read
[  229.257901][ T7191] hpfs: hpfs_map_4sectors(): unaligned read
[  229.281369][ T7191] hpfs: filesystem error: unable to find root dir
[  229.429681][ T6580] veth0_vlan: entered promiscuous mode
[  229.443313][ T5986] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  229.484272][ T5986] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  229.507670][ T6580] veth1_vlan: entered promiscuous mode
[  229.576142][ T5986] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  229.584099][ T5986] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  229.644913][ T6580] veth0_macvtap: entered promiscuous mode
[  229.697032][ T6580] veth1_macvtap: entered promiscuous mode
[  229.814354][ T6580] batman_adv: batadv0: Interface activated: batadv_slave_0
[  229.918566][ T6580] batman_adv: batadv0: Interface activated: batadv_slave_1
[  229.991417][ T6016] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  230.017249][ T6016] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.076366][ T6016] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.118739][ T6016] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  231.020353][ T5986] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.085629][ T5986] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.187540][ T7238] lo: entered promiscuous mode
[  231.196782][ T7238] lo: entered allmulticast mode
[  231.209847][  T163] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.238441][  T163] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.471112][ T7245] loop7: detected capacity change from 0 to 64
[  231.847376][ T7256] netlink: 28 bytes leftover after parsing attributes in process `syz.1.336'.
[  232.054990][ T7262] xt_connbytes: Forcing CT accounting to be enabled
[  232.062133][ T7262] Cannot find set identified by id 0 to match
[  232.624963][ T7219] loop6: detected capacity change from 0 to 32768
[  232.948933][ T7271] overlayfs: upper fs needs to support d_type.
[  232.985288][ T7273] netlink: 168 bytes leftover after parsing attributes in process `syz.3.339'.
[  233.022223][ T7271] overlayfs: upper fs does not support tmpfile.
[  233.107499][ T7280] loop7: detected capacity change from 0 to 512
[  233.111042][ T7271] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  233.161336][ T7271] ERROR: (device loop6): dbAlloc: the hint is outside the map
[  233.161336][ T7271] 
[  233.222905][ T7271] overlayfs: failed to set uuid (/file0, err=-5); falling back to uuid=null.
[  233.275261][ T7280] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.306003][ T7271] ERROR: (device loop6): dbAlloc: the hint is outside the map
[  233.306003][ T7271] 
[  233.312668][ T7280] ext4 filesystem being mounted at /4/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  233.404315][ T7271] overlayfs: failed to verify upper root origin
[  233.482584][ T6014] read_mapping_page failed!
[  233.492534][ T6014] ERROR: (device loop6): txCommit: 
[  233.492534][ T6014] 
[  233.515719][ T6014] jfs_write_inode: jfs_commit_inode failed!
[  233.547679][ T7280] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[  233.993756][ T6477] EXT4-fs error (device loop7): ext4_empty_dir:3075: inode #12: comm syz-executor: invalid size
[  234.013059][ T5829] Bluetooth: hci6: unexpected event for opcode 0x0c13
[  234.084686][ T6477] EXT4-fs error (device loop7): ext4_empty_dir:3075: inode #12: comm syz-executor: invalid size
[  234.143407][ T6477] EXT4-fs error (device loop7): ext4_empty_dir:3075: inode #12: comm syz-executor: invalid size
[  234.186168][ T6477] EXT4-fs error (device loop7): ext4_empty_dir:3075: inode #12: comm syz-executor: invalid size
[  234.220398][ T6477] EXT4-fs error (device loop7): ext4_empty_dir:3075: inode #12: comm syz-executor: invalid size
[  234.278964][ T6477] EXT4-fs error (device loop7): ext4_empty_dir:3075: inode #12: comm syz-executor: invalid size
[  234.316283][ T6477] EXT4-fs error (device loop7): ext4_empty_dir:3075: inode #12: comm syz-executor: invalid size
[  234.367581][ T6477] EXT4-fs error (device loop7): ext4_empty_dir:3075: inode #12: comm syz-executor: invalid size
[  234.420416][ T6477] EXT4-fs error (device loop7): ext4_empty_dir:3075: inode #12: comm syz-executor: invalid size
[  234.460235][ T6477] EXT4-fs error (device loop7): ext4_empty_dir:3075: inode #12: comm syz-executor: invalid size
[  235.391872][ T7345] loop3: detected capacity change from 0 to 512
[  235.492856][ T7345] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.565228][ T7345] ext4 filesystem being mounted at /98/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  235.612887][ T6477] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.842337][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.949094][ T7365] loop6: detected capacity change from 0 to 512
[  236.083082][ T5986] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.114595][ T7365] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.150000][ T7365] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.179284][ T7371] loop3: detected capacity change from 0 to 1024
[  236.205814][ T7365] EXT4-fs (loop6): shut down requested (0)
[  236.217288][ T7371] EXT4-fs: inline encryption not supported
[  236.238458][ T7371] EXT4-fs: Ignoring removed nobh option
[  236.244110][ T7371] EXT4-fs: Ignoring removed bh option
[  236.318015][ T7371] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.353096][ T5986] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.472470][ T7365] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.556089][ T5842] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  236.578975][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  236.589633][ T5842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  236.619542][ T5842] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  236.636533][ T5842] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  236.646204][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.882092][ T5986] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.929733][ T5829] Bluetooth: hci5: unexpected event for opcode 0x2011
[  237.149613][ T5986] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.633718][ T5986] bridge_slave_1: left allmulticast mode
[  237.657723][ T5986] bridge_slave_1: left promiscuous mode
[  237.663591][ T5986] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.724262][ T5986] bridge_slave_0: left allmulticast mode
[  237.755000][ T5986] bridge_slave_0: left promiscuous mode
[  237.786879][ T5986] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.950917][ T7389] loop8: detected capacity change from 0 to 32768
[  237.980828][ T7389] xfs: Deprecated parameter 'attr2'
[  237.997585][ T7389] XFS: attr2 mount option is deprecated.
[  238.194477][ T7416] raw_sendmsg: syz.1.386 forgot to set AF_INET. Fix it!
[  238.229155][ T7389] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  238.511866][ T7389] XFS (loop8): Ending clean mount
[  238.725016][ T5829] Bluetooth: hci0: command tx timeout
[  238.808714][ T6580] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  239.142776][ T7421] loop6: detected capacity change from 0 to 32768
[  239.228156][ T7421] (syz.6.385,7421,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  239.337705][ T7421] (syz.6.385,7421,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  239.480424][ T7421] JBD2: Ignoring recovery information on journal
[  239.688644][ T7421] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  239.714010][ T5986] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  239.792521][ T5986] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  239.847430][ T5986] bond0 (unregistering): Released all slaves
[  239.863218][   T30] audit: type=1800 audit(1770785456.676:38): pid=7421 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.385" name="file1" dev="loop6" ino=16978 res=0 errno=0
[  239.923986][ T7375] chnl_net:caif_netlink_parms(): no params data found
[  239.953713][   T30] audit: type=1800 audit(1770785456.676:39): pid=7441 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.385" name="file1" dev="loop6" ino=16978 res=0 errno=0
[  239.975405][ T5920] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  240.136245][ T5920] usb 4-1: Using ep0 maxpacket: 8
[  240.152651][ T5920] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  240.209544][ T5920] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  240.233252][ T6459] ocfs2: Unmounting device (7,6) on (node local)
[  240.242029][ T7375] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.273590][ T5920] usb 4-1: New USB device found, idVendor=05ac, idProduct=0274, bcdDevice= 0.00
[  240.295691][ T7375] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.334419][ T5920] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.343331][ T7375] bridge_slave_0: entered allmulticast mode
[  240.383841][ T7375] bridge_slave_0: entered promiscuous mode
[  240.392483][ T5920] usb 4-1: config 0 descriptor??
[  240.673248][ T5829] Bluetooth: hci2: unexpected event for opcode 0x1003
[  240.804190][ T7375] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.804879][ T5829] Bluetooth: hci0: command tx timeout
[  241.043960][ T5829] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  241.054472][ T5829] Bluetooth: hci5: Injecting HCI hardware error event
[  241.065834][ T5829] Bluetooth: hci5: hardware error 0x00
[  241.391843][ T7375] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.425829][ T7375] bridge_slave_1: entered allmulticast mode
[  241.475692][ T5920] apple 0003:05AC:0274.0003: hidraw0: USB HID v0.00 Device [HID 05ac:0274] on usb-dummy_hcd.3-1/input0
[  241.591323][ T7375] bridge_slave_1: entered promiscuous mode
[  241.696637][ T5954] usb 4-1: USB disconnect, device number 5
[  241.890124][ T7482] loop6: detected capacity change from 0 to 128
[  241.912322][ T7482] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  241.957596][ T7482] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  242.107785][ T7489] loop8: detected capacity change from 0 to 512
[  242.117554][ T3542] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  242.143214][ T7489] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  242.174755][ T7489] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  242.220756][ T7375] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  242.291851][ T7489] EXT4-fs (loop8): 1 truncate cleaned up
[  242.382078][ T7375] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  242.614618][    T9] IPVS: starting estimator thread 0...
[  242.726559][ T7502] loop3: detected capacity change from 0 to 32768
[  242.794945][ T7501] IPVS: using max 23 ests per chain, 55200 per kthread
[  242.884789][ T5842] Bluetooth: hci0: command tx timeout
[  242.978932][ T7502] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  243.274771][ T7489] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.325714][ T7502] XFS (loop3): Ending clean mount
[  243.343616][ T7502] XFS (loop3): Quotacheck needed: Please wait.
[  243.453644][ T7489] EXT4-fs error (device loop8): ext4_generic_delete_entry:2666: inode #2: block 13: comm syz.8.405: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  243.512578][ T7502] XFS (loop3): Quotacheck: Done.
[  243.518844][ T7489] EXT4-fs (loop8): Remounting filesystem read-only
[  243.537420][ T5829] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  243.544853][ T7489] EXT4-fs warning (device loop8): ext4_rename_delete:3729: inode #2: comm syz.8.405: Deleting old file: nlink 5, error=-117
[  243.724699][ T5986] hsr_slave_0: left promiscuous mode
[  243.766826][ T5986] hsr_slave_1: left promiscuous mode
[  243.794800][ T5986] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  243.802399][ T5986] batman_adv: batadv0: Removing interface: batadv_slave_0
[  243.840843][ T7521] loop6: detected capacity change from 0 to 512
[  243.848230][ T5986] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  243.850919][ T6580] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.855931][ T5986] batman_adv: batadv0: Removing interface: batadv_slave_1
[  243.867057][ T7521] EXT4-fs: Ignoring removed nobh option
[  244.216203][ T7521] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  244.263199][ T5986] veth1_macvtap: left promiscuous mode
[  244.304671][ T7521] EXT4-fs error (device loop6): ext4_orphan_get:1391: inode #15: comm syz.6.412: iget: bad i_size value: 38620345925642
[  244.328606][ T5986] veth0_macvtap: left promiscuous mode
[  244.356215][ T5986] veth1_vlan: left promiscuous mode
[  244.371736][ T7521] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  244.372271][ T7521] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.412: couldn't read orphan inode 15 (err -117)
[  244.396668][ T5986] veth0_vlan: left promiscuous mode
[  244.476633][ T7521] loop6: lost filesystem error report for type 5 error -117
[  244.509930][ T5826] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  244.513802][ T7521] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  244.730348][ T5829] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  244.740433][ T5829] Bluetooth: hci2: Injecting HCI hardware error event
[  244.750829][ T5829] Bluetooth: hci2: hardware error 0x00
[  244.951994][ T7521] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.412: bg 0: block 5: invalid block bitmap
[  244.974517][ T5842] Bluetooth: hci0: command tx timeout
[  245.191957][ T6459] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.581558][ T7542] loop6: detected capacity change from 0 to 128
[  245.632573][ T7525] loop8: detected capacity change from 0 to 32768
[  245.652151][ T7525] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.413 (7525)
[  245.653351][ T7542] EXT4-fs: Ignoring removed nobh option
[  245.745703][ T7525] BTRFS info (device loop8): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  245.781820][ T7542] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  245.808762][ T7525] BTRFS info (device loop8): using blake2b checksum algorithm
[  245.856423][ T7542] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  246.151345][ T7525] BTRFS info (device loop8): enabling ssd optimizations
[  246.167284][ T6459] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  246.204551][ T7525] BTRFS info (device loop8): turning on async discard
[  246.211544][ T7525] BTRFS info (device loop8): enabling free space tree
[  246.390500][ T5954] IPVS: starting estimator thread 0...
[  246.574433][ T6580] BTRFS info (device loop8): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  246.704679][ T7570] IPVS: using max 26 ests per chain, 62400 per kthread
[  246.949393][ T7576] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  247.010143][ T5829] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  247.371962][ T7544] loop3: detected capacity change from 0 to 32768
[  247.410677][ T7544] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.421 (7544)
[  247.564865][ T7544] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  247.594541][ T7544] BTRFS info (device loop3): using sha256 checksum algorithm
[  247.856871][ T7544] BTRFS info (device loop3): rebuilding free space tree
[  247.892617][ T7544] BTRFS info (device loop3): disabling free space tree
[  247.914350][ T7544] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  247.924045][ T7544] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  247.980502][ T7544] BTRFS info (device loop3): setting nodatasum
[  247.991622][ T7544] BTRFS info (device loop3): setting nodatacow
[  248.003659][ T7544] BTRFS info (device loop3): turning off barriers
[  248.027891][ T7544] BTRFS info (device loop3): force clearing of disk cache
[  248.240123][ T7606] netlink: 67 bytes leftover after parsing attributes in process `syz.6.431'.
[  248.384580][ T5826] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  248.449129][ T5986] team0 (unregistering): Port device team_slave_1 removed
[  248.595725][ T5986] team0 (unregistering): Port device team_slave_0 removed
[  248.993480][ T7615] loop8: detected capacity change from 0 to 512
[  249.038298][ T7615] EXT4-fs: Ignoring removed orlov option
[  249.045746][ T7615] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  249.110389][ T7615] EXT4-fs (loop8): orphan cleanup on readonly fs
[  249.158763][ T7615] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.435: bg 0: block 248: padding at end of block bitmap is not set
[  249.230185][ T7615] loop8: lost filesystem error report for type 5 error -117
[  249.240503][ T7615] Quota error (device loop8): write_blk: dquota write failed
[  249.319946][ T7615] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  249.340407][ T7615] EXT4-fs error (device loop8): ext4_acquire_dquot:6991: comm syz.8.435: Failed to acquire dquot type 1
[  249.374500][ T7615] loop8: lost filesystem error report for type 5 error -117
[  249.404389][ T7615] EXT4-fs (loop8): 1 truncate cleaned up
[  249.478276][ T7615] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  249.499454][ T7615] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.748166][  T931] kernel write not supported for file bpf-prog (pid: 931 comm: kworker/1:2)
[  250.367601][ T7375] team0: Port device team_slave_0 added
[  250.410096][ T7375] team0: Port device team_slave_1 added
[  250.669610][ T7375] batman_adv: batadv0: Adding interface: batadv_slave_0
[  250.681014][ T7375] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  250.718534][ T7375] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  250.818641][ T7375] batman_adv: batadv0: Adding interface: batadv_slave_1
[  250.854236][ T7375] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  251.464438][ T7646] loop8: detected capacity change from 0 to 65536
[  251.547797][ T7646] XFS (loop8): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  251.590323][ T7375] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  251.650618][ T7646] XFS (loop8): Ending clean mount
[  251.786080][ T6580] XFS (loop8): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  251.828627][ T7375] hsr_slave_0: entered promiscuous mode
[  251.905354][ T7375] hsr_slave_1: entered promiscuous mode
[  252.350233][ T7674] loop8: detected capacity change from 0 to 2048
[  252.536202][ T7674] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.654293][ T7674] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  253.079971][ T6580] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.567041][ T7375] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  253.651429][ T7702] loop6: detected capacity change from 0 to 64
[  253.785210][ T7704] pim6reg1: entered promiscuous mode
[  253.800086][ T7375] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  254.612604][ T7375] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  254.833620][ T7716] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  254.969565][ T7375] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  255.423172][ T7733] loop8: detected capacity change from 0 to 136
[  255.940445][ T7375] 8021q: adding VLAN 0 to HW filter on device bond0
[  256.255071][ T5954] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  256.317719][ T7375] 8021q: adding VLAN 0 to HW filter on device team0
[  256.379217][ T3542] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.386525][ T3542] bridge0: port 1(bridge_slave_0) entered forwarding state
[  256.455583][ T5986] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.462783][ T5986] bridge0: port 2(bridge_slave_1) entered forwarding state
[  256.502606][ T5954] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  256.543025][ T5954] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  256.622001][ T5954] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  256.674675][ T5954] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  256.688861][ T7375] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  256.710266][ T5954] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.772493][ T5954] usb 9-1: config 0 descriptor??
[  257.720959][ T5954] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[  258.176312][   T24] usb 9-1: USB disconnect, device number 2
[  258.219944][ T7766] fido_id[7766]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:047F:FFFF.0004/report_descriptor': No such file or directory
[  258.879121][ T7375] 8021q: adding VLAN 0 to HW filter on device batadv0
[  259.335651][ T7798] trusted_key: syz.6.479 sent an empty control message without MSG_MORE.
[  260.093871][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  260.101686][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  260.108741][ T7813] netlink: 8 bytes leftover after parsing attributes in process `syz.4.483'.
[  260.273132][ T7820] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  260.462319][ T7375] veth0_vlan: entered promiscuous mode
[  260.520508][ T7375] veth1_vlan: entered promiscuous mode
[  260.653356][ T7375] veth0_macvtap: entered promiscuous mode
[  260.815197][ T7375] veth1_macvtap: entered promiscuous mode
[  260.950244][ T7375] batman_adv: batadv0: Interface activated: batadv_slave_0
[  261.009159][ T7375] batman_adv: batadv0: Interface activated: batadv_slave_1
[  261.154317][ T3542] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  261.217433][ T3542] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  261.270921][ T3542] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  261.352402][ T3542] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  261.575705][ T7785] loop3: detected capacity change from 0 to 32768
[  261.692773][ T7833] loop6: detected capacity change from 0 to 1024
[  261.834179][ T7814] loop8: detected capacity change from 0 to 40427
[  261.934255][ T7814] F2FS-fs (loop8): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  262.026766][ T7814] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  262.122513][ T7814] F2FS-fs (loop8): Image doesn't support compression
[  262.221297][ T7814] F2FS-fs (loop8): build fault injection rate: 690
[  262.233723][ T7785] workqueue: Failed to create a rescuer kthread for wq "xfs-conv/loop3": -EINTR
[  262.286102][ T7814] F2FS-fs (loop8): build fault injection type: 0x35f7
[  262.388523][ T7814] F2FS-fs (loop8): invalid crc value
[  262.524761][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  262.543127][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  262.846758][ T7849] loop6: detected capacity change from 0 to 2048
[  262.880192][ T7849] EXT4-fs: Ignoring removed mblk_io_submit option
[  262.923122][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  262.954399][ T7849] EXT4-fs: Ignoring removed mblk_io_submit option
[  262.965619][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  262.970775][ T7814] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  263.046772][ T7814] F2FS-fs (loop8): Start checkpoint disabled!
[  263.094711][ T7849] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.115535][ T7814] F2FS-fs (loop8): f2fs_disable_checkpoint() finish, err:0
[  263.493872][ T6459] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.943556][ T5963] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  265.108356][ T5892] kernel write not supported for file bpf-prog (pid: 5892 comm: kworker/1:4)
[  265.249449][ T5963] usb 10-1: config 220 has an invalid interface number: 76 but max is 2
[  265.276662][ T5963] usb 10-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  265.326739][ T5963] usb 10-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  265.358459][ T5963] usb 10-1: config 220 has no interface number 2
[  265.385983][ T5963] usb 10-1: config 220 interface 1 altsetting 5 bulk endpoint 0x1 has invalid maxpacket 32
[  265.425321][ T5963] usb 10-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12
[  265.463279][ T5963] usb 10-1: config 220 interface 0 has no altsetting 0
[  265.490648][ T5963] usb 10-1: config 220 interface 76 has no altsetting 0
[  265.521098][ T5963] usb 10-1: config 220 interface 1 has no altsetting 0
[  265.596885][ T5963] usb 10-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  265.623280][ T5963] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.631416][ T5963] usb 10-1: Product: syz
[  265.673334][ T5963] usb 10-1: Manufacturer: syz
[  265.678145][ T5963] usb 10-1: SerialNumber: syz
[  265.697080][ T7888] loop6: detected capacity change from 0 to 256
[  265.947861][ T5963] uvcvideo 10-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  266.006525][ T5963] uvcvideo 10-1:220.0: No valid video chain found.
[  266.031540][ T7888] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  266.031892][ T5963] usb 10-1: selecting invalid altsetting 0
[  266.089076][ T7892] loop8: detected capacity change from 0 to 8
[  266.109538][ T5963] usb 10-1: selecting invalid altsetting 0
[  266.118921][ T7892] squashfs: Unknown parameter '…›x©±”þŽÞ0x0000000000000003ƒ¬'
[  266.164258][ T5963] usbtest 10-1:220.1: probe with driver usbtest failed with error -22
[  266.241278][ T7888] exFAT-fs (loop6): start_clu is invalid cluster(0xffffffff)
[  266.246699][ T5963] usb 10-1: USB disconnect, device number 2
[  266.388138][ T7894] netlink: 8 bytes leftover after parsing attributes in process `syz.8.502'.
[  266.398341][ T7894] netlink: 60 bytes leftover after parsing attributes in process `syz.8.502'.
[  267.374909][ T7908] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  267.537475][ T7912] Cannot find add_set index 65532 as target
[  267.814508][ T7920] loop6: detected capacity change from 0 to 1024
[  267.885483][ T7920] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  267.937796][ T7920] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  268.116721][ T7920] EXT4-fs error (device loop6): ext4_map_blocks:825: inode #15: comm syz.6.512: lblock 0 mapped to illegal pblock 0 (length 6)
[  268.221261][ T7920] EXT4-fs error (device loop6): ext4_ext_remove_space:2955: inode #15: comm syz.6.512: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  268.321827][ T7929] EXT4-fs error (device loop6): ext4_map_blocks:825: inode #15: block 3: comm syz.6.512: lblock 3 mapped to illegal pblock 3 (length 3)
[  268.423455][ T7929] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  268.454864][ T7928] loop9: detected capacity change from 0 to 4096
[  268.500050][ T7931] loop8: detected capacity change from 0 to 8192
[  268.506552][ T7929] EXT4-fs (loop6): This should not happen!! Data will be lost
[  268.506552][ T7929] 
[  268.531907][ T7928] ntfs3(loop9): Different NTFS sector size (2048) and media sector size (512).
[  268.871339][ T5986] EXT4-fs error (device loop6): ext4_map_blocks:825: inode #15: block 8: comm kworker/u8:9: lblock 8 mapped to illegal pblock 8 (length 8)
[  268.969207][ T5986] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  268.997112][ T7928] ntfs3(loop9): ino=1b, mi_enum_attr
[  269.048574][ T7928] ntfs3(loop9): ino=1b, mi_enum_attr
[  269.075888][ T5986] EXT4-fs (loop6): This should not happen!! Data will be lost
[  269.075888][ T5986] 
[  269.130583][ T6459] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  269.608536][ T7960] Cannot find add_set index 65532 as target
[  269.818352][ T7967] loop6: detected capacity change from 0 to 512
[  269.948668][ T7967] EXT4-fs (loop6): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  270.111150][ T7967] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  270.361007][ T6459] EXT4-fs (loop6): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  270.518441][ T7942] loop3: detected capacity change from 0 to 32768
[  270.563440][ T7985] netlink: 'syz.8.533': attribute type 1 has an invalid length.
[  270.627264][ T7942] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.519 (7942)
[  270.709535][ T7942] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  270.769356][ T7942] BTRFS info (device loop3): using crc32c checksum algorithm
[  270.873289][ T5920] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  270.876014][ T7985] 8021q: adding VLAN 0 to HW filter on device bond1
[  270.997531][ T7942] BTRFS info (device loop3): setting nodatasum
[  271.009470][ T7942] BTRFS info (device loop3): setting nodatacow
[  271.028047][ T7942] BTRFS info (device loop3): turning on async discard
[  271.041099][ T7993] loop9: detected capacity change from 0 to 4096
[  271.042994][ T7942] BTRFS info (device loop3): enabling free space tree
[  271.063625][ T7942] BTRFS info (device loop3): enabling auto defrag
[  271.090433][ T5920] usb 7-1: Using ep0 maxpacket: 8
[  271.095842][ T7942] BTRFS info (device loop3): max_inline set to 0
[  271.133161][ T5920] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  271.144247][ T5920] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  271.154332][ T7994] bond1: (slave geneve2): making interface the new active one
[  271.190747][ T5920] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  271.227277][ T7994] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  271.272194][ T5920] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  271.324690][ T5920] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  271.356499][   T30] audit: type=1800 audit(1770785488.178:40): pid=8016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.519" name="file1" dev="loop3" ino=263 res=0 errno=0
[  271.392973][ T5920] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  271.441502][ T5920] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  271.491988][ T5920] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.519960][ T5920] usbtmc 7-1:16.0: probe with driver usbtmc failed with error -22
[  271.705290][ T8023] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  271.711800][ T5826] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  271.782354][ T8026] overlayfs: failed to clone upperpath
[  273.877290][   T24] usb 7-1: USB disconnect, device number 2
[  273.936709][ T8043] loop9: detected capacity change from 0 to 128
[  274.007222][ T8043] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  274.148350][ T8043] hpfs: filesystem error: improperly stopped
[  274.280496][ T8043] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  274.301634][ T8043] hpfs: You really don't want any checks? You are crazy...
[  274.353256][ T8043] hpfs: hpfs_map_sector(): read error
[  274.372815][ T8043] hpfs: code page support is disabled
[  274.380191][ T8043] hpfs: hpfs_map_4sectors(): unaligned read
[  274.482369][ T8043] hpfs: hpfs_map_4sectors(): unaligned read
[  274.538824][ T8043] hpfs: filesystem error: unable to find root dir
[  274.753618][ T8057] fuse: Bad value for 'fd'
[  275.155567][ T8070] loop3: detected capacity change from 0 to 512
[  275.267482][ T8070] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  275.350133][ T8070] EXT4-fs warning (device loop3): ext4_group_add:1736: No reserved GDT blocks, can't resize
[  275.352715][   T30] audit: type=1800 audit(1770785492.168:41): pid=8070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.552" name="file2" dev="loop3" ino=16 res=0 errno=0
[  275.433299][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.921666][ T8088] loop6: detected capacity change from 0 to 512
[  276.002710][ T8088] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  276.114021][ T8088] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  276.171408][ T8088] EXT4-fs (loop6): 1 truncate cleaned up
[  276.280001][ T8088] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  276.392843][ T8095] fuse: Bad value for 'fd'
[  276.496973][ T8064] loop9: detected capacity change from 0 to 40427
[  276.593943][ T8064] F2FS-fs (loop9): invalid crc value
[  276.624667][ T6459] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.944833][ T8064] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  277.006513][ T8064] F2FS-fs (loop9): Start checkpoint disabled!
[  277.022797][ T8115] loop6: detected capacity change from 0 to 256
[  277.082628][ T8064] F2FS-fs (loop9): f2fs_disable_checkpoint() finish, err:0
[  277.105461][ T8115] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d)
[  277.146490][ T8064] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[  277.535396][ T5986] kworker/u8:9: attempt to access beyond end of device
[  277.535396][ T5986] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  277.587939][ T5986] CPU: 0 UID: 0 PID: 5986 Comm: kworker/u8:9 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  277.587979][ T5986] Tainted: [L]=SOFTLOCKUP
[  277.587988][ T5986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  277.588004][ T5986] Workqueue: writeback wb_workfn (flush-7:9)
[  277.588045][ T5986] Call Trace:
[  277.588054][ T5986]  <TASK>
[  277.588063][ T5986]  dump_stack_lvl+0xe8/0x150
[  277.588096][ T5986]  f2fs_handle_critical_error+0x37c/0x540
[  277.588133][ T5986]  f2fs_write_end_io+0xc1d/0xfd0
[  277.588184][ T5986]  __submit_merged_bio+0x256/0x650
[  277.588220][ T5986]  __submit_merged_write_cond+0x269/0x530
[  277.588260][ T5986]  f2fs_write_data_pages+0x2806/0x3360
[  277.588333][ T5986]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  277.588389][ T5986]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  277.588466][ T5986]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  277.588519][ T5986]  ? srso_alias_return_thunk+0x5/0xfbef5
[  277.588548][ T5986]  ? __lock_acquire+0x6b5/0x2cf0
[  277.588591][ T5986]  ? f2fs_write_inode+0x3fb/0x5f0
[  277.588623][ T5986]  ? __pfx_f2fs_balance_fs+0x10/0x10
[  277.588655][ T5986]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  277.588692][ T5986]  do_writepages+0x32e/0x550
[  277.588732][ T5986]  ? srso_alias_return_thunk+0x5/0xfbef5
[  277.588761][ T5986]  ? reacquire_held_locks+0x104/0x190
[  277.588790][ T5986]  ? writeback_sb_inodes+0x42a/0x1940
[  277.588832][ T5986]  __writeback_single_inode+0x133/0x1060
[  277.588871][ T5986]  ? do_raw_spin_unlock+0xf5/0x210
[  277.588911][ T5986]  writeback_sb_inodes+0x92e/0x1940
[  277.588962][ T5986]  ? unwind_next_frame+0xa5/0x23c0
[  277.589016][ T5986]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  277.589049][ T5986]  ? do_raw_spin_lock+0x12b/0x2f0
[  277.589129][ T5986]  ? srso_alias_return_thunk+0x5/0xfbef5
[  277.589157][ T5986]  ? rcu_is_watching+0x15/0xb0
[  277.589184][ T5986]  ? srso_alias_return_thunk+0x5/0xfbef5
[  277.589222][ T5986]  wb_writeback+0x445/0xad0
[  277.589262][ T5986]  ? queue_io+0x1e1/0x450
[  277.589305][ T5986]  ? __pfx_wb_writeback+0x10/0x10
[  277.589338][ T5986]  ? do_raw_spin_lock+0x12b/0x2f0
[  277.589390][ T5986]  wb_workfn+0x3f8/0xef0
[  277.589417][ T5986]  ? srso_alias_return_thunk+0x5/0xfbef5
[  277.589445][ T5986]  ? look_up_lock_class+0x57/0x110
[  277.589500][ T5986]  ? __pfx_wb_workfn+0x10/0x10
[  277.589527][ T5986]  ? srso_alias_return_thunk+0x5/0xfbef5
[  277.589558][ T5986]  ? srso_alias_return_thunk+0x5/0xfbef5
[  277.589590][ T5986]  ? srso_alias_return_thunk+0x5/0xfbef5
[  277.589619][ T5986]  ? do_raw_spin_unlock+0xf5/0x210
[  277.589660][ T5986]  ? srso_alias_return_thunk+0x5/0xfbef5
[  277.589692][ T5986]  ? srso_alias_return_thunk+0x5/0xfbef5
[  277.589723][ T5986]  ? srso_alias_return_thunk+0x5/0xfbef5
[  277.589758][ T5986]  ? process_scheduled_works+0xa0f/0x17a0
[  277.589785][ T5986]  ? process_scheduled_works+0xa0f/0x17a0
[  277.589814][ T5986]  process_scheduled_works+0xaec/0x17a0
[  277.589873][ T5986]  ? __pfx_process_scheduled_works+0x10/0x10
[  277.589897][ T5986]  ? do_raw_spin_lock+0x12b/0x2f0
[  277.589945][ T5986]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  277.589987][ T5986]  ? srso_alias_return_thunk+0x5/0xfbef5
[  277.590022][ T5986]  worker_thread+0xda6/0x1360
[  277.590080][ T5986]  kthread+0x388/0x470
[  277.590115][ T5986]  ? __pfx_worker_thread+0x10/0x10
[  277.590141][ T5986]  ? __pfx_kthread+0x10/0x10
[  277.590176][ T5986]  ret_from_fork+0x51e/0xb90
[  277.590208][ T5986]  ? __pfx_ret_from_fork+0x10/0x10
[  277.590234][ T5986]  ? srso_alias_return_thunk+0x5/0xfbef5
[  277.590262][ T5986]  ? __switch_to+0xc82/0x1410
[  277.590307][ T5986]  ? __pfx_kthread+0x10/0x10
[  277.590343][ T5986]  ret_from_fork_asm+0x1a/0x30
[  277.590398][ T5986]  </TASK>
[  277.962566][ T5986] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[  278.030535][ T8126] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0
[  279.504908][ T8164] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  279.534516][ T8164] block device autoloading is deprecated and will be removed.
[  279.744327][ T8179] mac80211_hwsim hwsim24 
: renamed from wlan1 (while UP)
[  279.996175][ T8193] warning: `syz.3.587' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  280.309750][ T8206] loop3: detected capacity change from 0 to 64
[  280.380869][ T8203] loop8: detected capacity change from 0 to 512
[  280.451204][ T8203] EXT4-fs: Ignoring removed nomblk_io_submit option
[  280.524338][ T8203] EXT4-fs: inline encryption not supported
[  280.575016][ T8203] EXT4-fs (loop8): blocks per group (95) and clusters per group (32768) inconsistent
[  281.297570][ T8203] netlink: 20 bytes leftover after parsing attributes in process `syz.8.591'.
[  281.689125][ T8232] loop8: detected capacity change from 0 to 512
[  281.744464][ T8232] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  281.828408][ T8232] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.941762][ T8232] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  282.105593][ T5829] Bluetooth: hci0: link tx timeout
[  282.111707][ T5829] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  282.289428][ T6580] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.758885][ T8264] fuse: Bad value for 'fd'
[  282.850347][ T8268] netlink: 20 bytes leftover after parsing attributes in process `syz.9.611'.
[  282.911005][ T8229] loop3: detected capacity change from 0 to 40427
[  282.938287][ T8229] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  282.970534][ T8229] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  283.388676][ T8229] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  283.435156][ T8229] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  283.443388][ T8229] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  283.609858][ T8288] F2FS-fs (loop3): Stopped filesystem due to reason: 0
[  284.163628][ T5829] Bluetooth: hci0: command 0x0406 tx timeout
[  287.184528][ T8373] netlink: 8 bytes leftover after parsing attributes in process `syz.3.640'.
[  287.260335][ T8374] binder: BINDER_SET_CONTEXT_MGR already set
[  287.362431][ T8374] binder: 8370:8374 ioctl 4018620d 200000000040 returned -16
[  287.421122][ T8378] binder: 8370:8378 ioctl c0306201 2000000003c0 returned -14
[  289.150982][ T8362] loop9: detected capacity change from 0 to 32768
[  289.168287][ T8406] fuse: Bad value for 'fd'
[  289.218017][ T8362] workqueue: Failed to create a rescuer kthread for wq "xfs-inodegc/loop9": -EINTR
[  289.727808][ T8429] netlink: 'syz.1.657': attribute type 1 has an invalid length.
[  289.858613][ T8426] loop9: detected capacity change from 0 to 4096
[  289.950461][ T8429] netlink: 28 bytes leftover after parsing attributes in process `syz.1.657'.
[  289.970797][ T8382] loop6: detected capacity change from 0 to 40427
[  289.987576][ T8423] netlink: 64 bytes leftover after parsing attributes in process `syz.9.655'.
[  290.010710][ T8382] F2FS-fs: heap/no_heap options were deprecated
[  290.028931][ T8382] F2FS-fs: heap/no_heap options were deprecated
[  290.057894][ T8382] F2FS-fs (loop6): Image doesn't support compression
[  290.078340][ T8435] 8021q: adding VLAN 0 to HW filter on device bond2
[  290.089619][ T8435] bond1: (slave bond2): making interface the new active one
[  290.120892][ T8382] F2FS-fs (loop6): invalid crc value
[  290.150045][ T8435] bond1: (slave bond2): Enslaving as an active interface with an up link
[  290.253431][ T8448] loop9: detected capacity change from 0 to 128
[  290.283656][ T8448] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  290.299119][ T8448] ext4 filesystem being mounted at /23/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  290.343584][ T8437] bond1: (slave gretap1): Enslaving as a backup interface with an up link
[  290.355171][ T8429] 8021q: adding VLAN 0 to HW filter on device bond1
[  290.630628][ T8382] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  290.667014][ T8382] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  290.704907][ T7375] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  290.720120][ T8461] overlayfs: failed to clone lowerpath
[  290.763680][ T8461] overlayfs: failed to clone lowerpath
[  291.469313][ T8485] loop9: detected capacity change from 0 to 2048
[  291.566930][ T8485] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.803256][ T8485] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  291.842065][ T8485] EXT4-fs (loop9): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 304 with error 28
[  291.910231][ T8485] EXT4-fs (loop9): This should not happen!! Data will be lost
[  291.910231][ T8485] 
[  292.058191][ T8485] EXT4-fs (loop9): Total free blocks count 0
[  292.272203][ T8485] EXT4-fs (loop9): Free/Dirty block details
[  292.375363][ T8485] EXT4-fs (loop9): free_blocks=2415919504
[  292.410200][ T8485] EXT4-fs (loop9): dirty_blocks=304
[  292.491823][ T8485] EXT4-fs (loop9): Block reservation details
[  292.553590][ T8485] EXT4-fs (loop9): i_reserved_data_blocks=19
[  292.598906][ T8514] loop3: detected capacity change from 0 to 4096
[  292.660605][ T8514] EXT4-fs (loop3): invalid inodes per group: 204800
[  292.660605][ T8514] 
[  292.897792][ T7375] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.491499][ T8533] loop9: detected capacity change from 0 to 4096
[  293.498222][ T5906] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  293.534738][ T8533] ntfs3(loop9): Different NTFS sector size (1024) and media sector size (512).
[  293.661812][ T5906] usb 7-1: Using ep0 maxpacket: 32
[  293.875748][ T5906] usb 7-1: config 1 has an invalid descriptor of length 128, skipping remainder of the config
[  293.931154][ T5906] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  294.444651][ T8538] ntfs3(loop9): ino=0, attr_set_size
[  294.554916][ T5906] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  294.574306][ T5906] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  294.583547][ T5906] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.591906][ T5906] usb 7-1: Product: syz
[  294.596629][ T5906] usb 7-1: Manufacturer: syz
[  294.602013][ T5906] usb 7-1: SerialNumber: syz
[  294.830556][ T5906] cdc_ncm 7-1:1.0: skipping garbage
[  294.860847][ T5906] cdc_ncm 7-1:1.0: CDC Union missing and no IAD found
[  294.884106][ T8512] loop8: detected capacity change from 0 to 32768
[  294.901665][ T5906] cdc_ncm 7-1:1.0: bind() failure
[  294.991301][ T5906] usb 7-1: USB disconnect, device number 3
[  295.031242][ T8512] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  295.298473][ T8512] XFS (loop8): Ending clean mount
[  295.459827][ T6580] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  296.098072][ T5842] Bluetooth: hci3: unexpected event for opcode 0x041c
[  296.519436][ T8591] Illegal XDP return value 4294967294 on prog  (id 48) dev syz_tun, expect packet loss!
[  296.664915][ T8546] loop9: detected capacity change from 0 to 65536
[  296.757965][ T8546] XFS (loop9): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  297.330318][ T8546] XFS (loop9): Ending clean mount
[  297.451023][ T8546] XFS (loop9): Quotacheck needed: Please wait.
[  297.579037][ T8546] XFS (loop9): Quotacheck: Done.
[  297.792093][ T7375] XFS (loop9): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  298.029010][ T8625] loop6: detected capacity change from 0 to 512
[  298.133176][ T8625] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  298.201620][ T8625] ext4 filesystem being mounted at /60/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  300.078939][ T8656] fuse: Bad value for 'fd'
[  300.162789][ T5842] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  300.182553][ T5842] Bluetooth: hci3: Injecting HCI hardware error event
[  300.190855][ T5842] Bluetooth: hci3: hardware error 0x00
[  300.574834][ T8673] trusted_key: encrypted_key: insufficient parameters specified
[  301.173141][ T8660] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  302.036074][ T6459] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.498044][ T8694] loop6: detected capacity change from 0 to 8
[  302.559026][ T8694] unable to read id index table
[  302.564210][ T5842] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  302.953691][ T8710] netlink: 16 bytes leftover after parsing attributes in process `syz.6.717'.
[  303.098680][ T8712] loop8: detected capacity change from 0 to 512
[  303.110092][ T8712] EXT4-fs: Ignoring removed oldalloc option
[  303.123359][ T5842] Bluetooth: hci1: command 0x0406 tx timeout
[  303.301709][ T8712] EXT4-fs (loop8): Test dummy encryption mode enabled
[  303.411144][ T8712] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  303.551005][ T8712] EXT4-fs error (device loop8): ext4_orphan_get:1391: inode #15: comm syz.8.723: inode has both inline data and extents flags
[  303.575546][ T8712] loop8: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  303.641348][ T8712] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.723: couldn't read orphan inode 15 (err -117)
[  303.774015][ T8712] loop8: lost filesystem error report for type 5 error -117
[  303.778195][ T8712] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  304.209336][ T6580] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.305424][ T5829] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci6/hci6:201'
[  307.317676][ T5829] CPU: 1 UID: 0 PID: 5829 Comm: kworker/u9:4 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  307.317716][ T5829] Tainted: [L]=SOFTLOCKUP
[  307.317727][ T5829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  307.317750][ T5829] Workqueue: hci6 hci_rx_work
[  307.317782][ T5829] Call Trace:
[  307.317796][ T5829]  <TASK>
[  307.317808][ T5829]  dump_stack_lvl+0xe8/0x150
[  307.317847][ T5829]  sysfs_create_dir_ns+0x271/0x2a0
[  307.317878][ T5829]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.317906][ T5829]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  307.317934][ T5829]  ? do_raw_spin_unlock+0xf5/0x210
[  307.317970][ T5829]  kobject_add_internal+0x62b/0xd00
[  307.318019][ T5829]  kobject_add+0x163/0x240
[  307.318054][ T5829]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.318087][ T5829]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.318126][ T5829]  ? __pfx_kobject_add+0x10/0x10
[  307.318158][ T5829]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.318186][ T5829]  ? _raw_spin_unlock+0x3f/0x50
[  307.318220][ T5829]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.318258][ T5829]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.318292][ T5829]  ? get_device_parent+0x366/0x3a0
[  307.318327][ T5829]  device_add+0x408/0xb70
[  307.318357][ T5829]  hci_conn_add_sysfs+0xd5/0x210
[  307.318395][ T5829]  le_conn_complete_evt+0xf1d/0x1430
[  307.318423][ T5829]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.318457][ T5829]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  307.318483][ T5829]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  307.318513][ T5829]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.318542][ T5829]  ? __pfx___mutex_lock+0x10/0x10
[  307.318577][ T5829]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.318605][ T5829]  ? skb_pull_data+0xfb/0x200
[  307.318636][ T5829]  hci_le_conn_complete_evt+0x187/0x470
[  307.318669][ T5829]  hci_event_packet+0x7af/0x12c0
[  307.318695][ T5829]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  307.318723][ T5829]  ? __pfx_hci_event_packet+0x10/0x10
[  307.318744][ T5829]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.318775][ T5829]  ? kcov_remote_start+0x49a/0x7a0
[  307.318805][ T5829]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.318829][ T5829]  ? hci_send_to_monitor+0xe2/0x590
[  307.318864][ T5829]  hci_rx_work+0x3ee/0x1030
[  307.318896][ T5829]  ? process_scheduled_works+0xa0f/0x17a0
[  307.318924][ T5829]  process_scheduled_works+0xaec/0x17a0
[  307.318975][ T5829]  ? __pfx_process_scheduled_works+0x10/0x10
[  307.318996][ T5829]  ? do_raw_spin_lock+0x12b/0x2f0
[  307.319031][ T5829]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  307.319068][ T5829]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.319100][ T5829]  worker_thread+0xda6/0x1360
[  307.319157][ T5829]  kthread+0x388/0x470
[  307.319187][ T5829]  ? __pfx_worker_thread+0x10/0x10
[  307.319209][ T5829]  ? __pfx_kthread+0x10/0x10
[  307.319240][ T5829]  ret_from_fork+0x51e/0xb90
[  307.319269][ T5829]  ? __pfx_ret_from_fork+0x10/0x10
[  307.319292][ T5829]  ? srso_alias_return_thunk+0x5/0xfbef5
[  307.319319][ T5829]  ? __switch_to+0xc82/0x1410
[  307.319366][ T5829]  ? __pfx_kthread+0x10/0x10
[  307.319398][ T5829]  ret_from_fork_asm+0x1a/0x30
[  307.319449][ T5829]  </TASK>
[  307.319507][ T5829] kobject: kobject_add_internal failed for hci6:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  307.649823][ T5829] Bluetooth: hci6: failed to register connection device
[  308.061256][ T5920] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  308.366095][ T5920] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  308.381224][ T5920] usb 10-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  308.416084][ T5920] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.171291][ T5920] usb 10-1: config 0 descriptor??
[  309.654870][ T5920] pwc: Askey VC010 type 2 USB webcam detected.
[  311.335986][ T5920] pwc: recv_control_msg error -71 req 02 val 2b00
[  311.387590][ T5920] pwc: recv_control_msg error -71 req 02 val 2700
[  311.438654][ T5920] pwc: recv_control_msg error -71 req 02 val 2c00
[  311.495294][ T5920] pwc: recv_control_msg error -71 req 04 val 1000
[  311.530751][ T5920] pwc: recv_control_msg error -71 req 04 val 1300
[  311.545899][ T5920] pwc: recv_control_msg error -71 req 04 val 1400
[  311.577748][ T5920] pwc: recv_control_msg error -71 req 02 val 2000
[  311.620130][ T5920] pwc: recv_control_msg error -71 req 02 val 2100
[  311.645518][ T5920] pwc: recv_control_msg error -71 req 04 val 1500
[  311.692589][ T5920] pwc: recv_control_msg error -71 req 02 val 2500
[  311.726849][ T5920] pwc: recv_control_msg error -71 req 02 val 2400
[  311.752775][ T5920] pwc: recv_control_msg error -71 req 02 val 2600
[  311.781505][ T5920] pwc: recv_control_msg error -71 req 02 val 2900
[  311.806434][ T5920] pwc: recv_control_msg error -71 req 02 val 2800
[  311.834681][ T5920] pwc: recv_control_msg error -71 req 04 val 1100
[  311.856299][ T5920] pwc: recv_control_msg error -71 req 04 val 1200
[  311.908565][ T5920] pwc: Registered as video103.
[  311.982819][ T5920] input: PWC snapshot button as /devices/platform/dummy_hcd.9/usb10/10-1/input/input7
[  312.097499][ T5920] usb 10-1: USB disconnect, device number 3
[  312.155317][ T8805] loop3: detected capacity change from 0 to 512
[  318.484491][ T5836] Bluetooth: hci6: command 0x0405 tx timeout
[  319.407622][ T8865] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  320.728014][ T5842] Bluetooth: Unexpected continuation frame (len 16)
[  321.659574][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  321.776390][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  324.058560][ T8898] loop8: detected capacity change from 0 to 256
[  324.122450][ T6057] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  324.296326][ T8898] exFAT-fs (loop8): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  324.450372][ T6057] usb 7-1: Using ep0 maxpacket: 16
[  324.467775][ T6057] usb 7-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  324.479060][ T6057] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  325.178366][ T6057] usb 7-1: Product: syz
[  325.260031][ T6057] usb 7-1: Manufacturer: syz
[  325.265999][ T8898] exFAT-fs (loop8): valid_size(150994954) is greater than size(10)
[  325.302561][ T6057] usb 7-1: SerialNumber: syz
[  325.385973][ T6057] r8152-cfgselector 7-1: Unknown version 0x0000
[  325.398259][ T6057] r8152-cfgselector 7-1: config 0 descriptor??
[  326.062842][ T8925] netlink: 4 bytes leftover after parsing attributes in process `syz.6.768'.
[  327.477131][ T5954] r8152-cfgselector 7-1: USB disconnect, device number 4
[  327.842758][ T8940] netlink: 8 bytes leftover after parsing attributes in process `syz.6.778'.
[  327.961393][ T8940] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  328.089402][ T8943] loop8: detected capacity change from 0 to 16
[  328.199943][ T8943] erofs (device loop8): dirblkbits 15 isn't supported
[  328.736053][ T8953] loop3: detected capacity change from 0 to 2048
[  328.847340][ T8953] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  329.049400][ T8965] overlayfs: upper fs does not support file handles, falling back to index=off.
[  330.061422][ T8975] syz.4.787: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  330.099176][ T8975] CPU: 1 UID: 0 PID: 8975 Comm: syz.4.787 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  330.099225][ T8975] Tainted: [L]=SOFTLOCKUP
[  330.099234][ T8975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  330.099250][ T8975] Call Trace:
[  330.099259][ T8975]  <TASK>
[  330.099270][ T8975]  dump_stack_lvl+0xe8/0x150
[  330.099310][ T8975]  warn_alloc+0x249/0x340
[  330.099346][ T8975]  ? srso_alias_return_thunk+0x5/0xfbef5
[  330.099377][ T8975]  ? stack_trace_save+0xa9/0x100
[  330.099417][ T8975]  ? __pfx_warn_alloc+0x10/0x10
[  330.099448][ T8975]  ? srso_alias_return_thunk+0x5/0xfbef5
[  330.099487][ T8975]  ? srso_alias_return_thunk+0x5/0xfbef5
[  330.099516][ T8975]  ? kasan_save_track+0x4f/0x80
[  330.099546][ T8975]  ? kasan_save_track+0x3e/0x80
[  330.099579][ T8975]  ? __kasan_kmalloc+0x93/0xb0
[  330.099610][ T8975]  ? __kmalloc_cache_noprof+0x3d1/0x6e0
[  330.099641][ T8975]  ? xskq_create+0x56/0x170
[  330.099672][ T8975]  ? xsk_setsockopt+0x54c/0x990
[  330.099697][ T8975]  ? do_sock_setsockopt+0x17c/0x1b0
[  330.099738][ T8975]  ? __x64_sys_setsockopt+0x13d/0x1b0
[  330.099778][ T8975]  ? do_syscall_64+0x14d/0xf80
[  330.099817][ T8975]  __vmalloc_node_range_noprof+0x132/0x1730
[  330.099890][ T8975]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  330.099931][ T8975]  ? srso_alias_return_thunk+0x5/0xfbef5
[  330.099961][ T8975]  ? __kasan_kmalloc+0x93/0xb0
[  330.099997][ T8975]  ? srso_alias_return_thunk+0x5/0xfbef5
[  330.100032][ T8975]  vmalloc_user_noprof+0xad/0xe0
[  330.100065][ T8975]  ? xskq_create+0xbf/0x170
[  330.100100][ T8975]  xskq_create+0xbf/0x170
[  330.100135][ T8975]  xsk_init_queue+0xad/0x110
[  330.100169][ T8975]  xsk_setsockopt+0x54c/0x990
[  330.100208][ T8975]  ? __pfx_xsk_setsockopt+0x10/0x10
[  330.100237][ T8975]  ? __pfx_aa_sk_perm+0x10/0x10
[  330.100271][ T8975]  ? srso_alias_return_thunk+0x5/0xfbef5
[  330.100306][ T8975]  ? aa_sock_opt_perm+0xff/0x1a0
[  330.100345][ T8975]  ? srso_alias_return_thunk+0x5/0xfbef5
[  330.100375][ T8975]  ? srso_alias_return_thunk+0x5/0xfbef5
[  330.100404][ T8975]  ? __pfx_xsk_setsockopt+0x10/0x10
[  330.100436][ T8975]  do_sock_setsockopt+0x17c/0x1b0
[  330.100483][ T8975]  __x64_sys_setsockopt+0x13d/0x1b0
[  330.100531][ T8975]  do_syscall_64+0x14d/0xf80
[  330.100567][ T8975]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.100592][ T8975]  ? trace_irq_disable+0x37/0x100
[  330.100628][ T8975]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.100653][ T8975] RIP: 0033:0x7ffb63b9bf79
[  330.100677][ T8975] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  330.100698][ T8975] RSP: 002b:00007ffb64a0b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  330.100725][ T8975] RAX: ffffffffffffffda RBX: 00007ffb63e15fa0 RCX: 00007ffb63b9bf79
[  330.100744][ T8975] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006
[  330.100759][ T8975] RBP: 00007ffb63c327e0 R08: 0000000000000004 R09: 0000000000000000
[  330.100776][ T8975] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  330.100793][ T8975] R13: 00007ffb63e16038 R14: 00007ffb63e15fa0 R15: 00007ffc443b32c8
[  330.100832][ T8975]  </TASK>
[  330.699679][ T8975] Mem-Info:
[  330.702842][ T8975] active_anon:15474 inactive_anon:2 isolated_anon:0
[  330.702842][ T8975]  active_file:19324 inactive_file:42992 isolated_file:0
[  330.702842][ T8975]  unevictable:768 dirty:683 writeback:0
[  330.702842][ T8975]  slab_reclaimable:11770 slab_unreclaimable:106430
[  330.702842][ T8975]  mapped:41710 shmem:8339 pagetables:1913
[  330.702842][ T8975]  sec_pagetables:0 bounce:0
[  330.702842][ T8975]  kernel_misc_reclaimable:0
[  330.702842][ T8975]  free:1270005 free_pcp:14479 free_cma:0
[  330.795101][ T8975] Node 0 active_anon:62096kB inactive_anon:8kB active_file:77296kB inactive_file:171772kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:167140kB dirty:2732kB writeback:0kB shmem:32120kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:14196kB pagetables:7432kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  330.829467][ T8975] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:220kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  330.860395][ T8975] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  331.014871][ T8975] lowmem_reserve[]: 0 2494 2495 2495 2495
[  331.047056][ T8975] Node 0 DMA32 free:1178072kB boost:0kB min:34216kB low:42768kB high:51320kB reserved_highatomic:0KB free_highatomic:0KB active_anon:60596kB inactive_anon:8kB active_file:77296kB inactive_file:171772kB unevictable:1536kB writepending:2732kB zspages:0kB present:3129332kB managed:2553856kB mlocked:0kB bounce:0kB free_pcp:35540kB local_pcp:17856kB free_cma:0kB
[  331.085293][   T13] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  331.133123][   T13] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 802 with error 28
[  331.141342][ T8975] lowmem_reserve[]:
[  331.159803][   T13] EXT4-fs (loop3): This should not happen!! Data will be lost
[  331.159803][   T13] 
[  331.179713][ T8975]  0 0 1 1 1
[  331.182990][ T8975] Node 0 Normal free:0kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  331.240608][ T8975] lowmem_reserve[]: 0 0 0 0 0
[  331.293769][   T13] EXT4-fs (loop3): Total free blocks count 0
[  331.340727][ T8975] Node 1 Normal free:3886076kB boost:0kB min:55668kB low:69584kB high:83500kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:22984kB local_pcp:6176kB free_cma:0kB
[  331.643319][   T13] EXT4-fs (loop3): Free/Dirty block details
[  331.649693][   T13] EXT4-fs (loop3): free_blocks=4096
[  331.655016][   T13] EXT4-fs (loop3): dirty_blocks=816
[  331.660612][   T13] EXT4-fs (loop3): Block reservation details
[  331.666650][   T13] EXT4-fs (loop3): i_reserved_data_blocks=51
[  331.693746][ T8975] lowmem_reserve[]: 0 0 0 0 0
[  331.939011][ T8989] mmap: syz.9.790 (8989) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  332.110099][ T8975] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  332.231552][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.241829][ T8975] Node 0 DMA32: 980*4kB (UME) 2266*8kB (UME) 466*16kB (UME) 512*32kB (UM) 488*64kB (UME) 488*128kB (UME) 350*256kB (UME) 175*512kB (UM) 132*1024kB (UM) 48*2048kB (UM) 154*4096kB (UME) = 1183040kB
[  332.314750][ T8975] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  332.838127][ T8975] Node 1 Normal: 152*4kB (UME) 42*8kB (UME) 42*16kB (UME) 131*32kB (UME) 38*64kB (UME) 6*128kB (UME) 5*256kB (UME) 4*512kB (UM) 3*1024kB (UME) 2*2048kB (UE) 944*4096kB (UM) = 3886128kB
[  332.975479][ T8975] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  333.069515][ T8975] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  333.129558][ T8975] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  333.204616][ T8975] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  333.249712][ T8975] 66837 total pagecache pages
[  333.279774][ T8975] 0 pages in swap cache
[  333.318148][ T8975] Free swap  = 124996kB
[  333.323348][ T8975] Total swap = 124996kB
[  333.346894][ T8975] 2097051 pages RAM
[  333.362338][ T8975] 0 pages HighMem/MovableOnly
[  333.421269][ T8975] 426689 pages reserved
[  333.438801][ T8975] 0 pages cma reserved
[  336.641271][ T9036] loop6: detected capacity change from 0 to 32768
[  336.648599][ T9036] btrfs: Deprecated parameter 'usebackuproot'
[  336.655659][ T9036] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  336.695619][ T9036] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.800 (9036)
[  336.752156][ T9036] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  336.765419][ T9036] BTRFS info (device loop6): using crc32c checksum algorithm
[  336.773482][ T9036] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  337.025028][   T13] BTRFS warning (device loop6): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  337.146063][ T9036] BTRFS error (device loop6): failed to load root extent
[  337.153192][ T9036] BTRFS warning (device loop6): try to load backup roots slot 1
[  337.161735][   T13] BTRFS warning (device loop6): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  337.476129][ T9036] BTRFS warning (device loop6): couldn't read tree root
[  337.483551][ T9036] BTRFS warning (device loop6): try to load backup roots slot 2
[  337.498723][   T12] BTRFS error (device loop6): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  337.558579][ T9036] BTRFS warning (device loop6): couldn't read tree root
[  337.569248][ T9036] BTRFS warning (device loop6): try to load backup roots slot 3
[  337.761512][ T9036] BTRFS info (device loop6): rebuilding free space tree
[  337.824594][ T9036] BTRFS info (device loop6): disabling free space tree
[  337.831972][ T9036] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  337.841839][ T9036] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  337.863507][ T9036] BTRFS info (device loop6): enabling ssd optimizations
[  337.871879][ T9036] BTRFS info (device loop6): turning off barriers
[  337.878294][ T9036] BTRFS info (device loop6): turning on sync discard
[  337.885967][ T9036] BTRFS info (device loop6): enabling disk space caching
[  337.893068][ T9036] BTRFS info (device loop6): force clearing of disk cache
[  337.900435][ T9036] BTRFS info (device loop6): enabling auto defrag
[  337.907144][ T9036] BTRFS info (device loop6): trying to use backup root at mount time
[  337.915355][ T9036] BTRFS info (device loop6): max_inline set to 0
[  338.749339][ T6459] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  339.037377][ T9073] netlink: 146812 bytes leftover after parsing attributes in process `syz.4.807'.
[  339.852596][ T9079] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  339.860252][ T9079] IPv6: NLM_F_CREATE should be set when creating new route
[  340.924834][ T9104] netlink: 'syz.8.810': attribute type 1 has an invalid length.
[  340.936813][ T9107] loop3: detected capacity change from 0 to 16
[  341.033265][ T9086] bridge0: port 2(bridge_slave_1) entered disabled state
[  341.041593][ T9086] bridge0: port 1(bridge_slave_0) entered disabled state
[  341.059692][ T9108] netlink: 28 bytes leftover after parsing attributes in process `syz.8.810'.
[  341.068700][ T9107] erofs (device loop3): mounted with root inode @ nid 36.
[  342.780696][ T9114] loop6: detected capacity change from 0 to 8
[  343.789811][ T9114] SQUASHFS error: Unable to read inode 0x11f
[  345.542718][ T9086] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  345.664297][ T9086] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  348.175793][ T9104] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  348.331554][ T9138] loop3: detected capacity change from 0 to 8192
[  348.345433][   T30] audit: type=1400 audit(1770785565.162:42): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=":(%#{//(@\)//&@},['%%&\#*" pid=9137 comm="syz.3.820"
[  348.462792][   T49] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  348.481054][   T49] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  348.536535][ T6076]  loop3: p4 < >
[  348.549470][   T49] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  348.598147][   T49] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  350.142133][ T9138]  loop3: p4 < >
[  351.382678][ T9156] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT
[  352.950543][ T9163] Cannot find add_set index 65532 as target
[  353.426327][ T6076] udevd[6076]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  353.544405][ T6076] udevd[6076]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  358.615797][   T30] audit: type=1326 audit(1770785575.433:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.6.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc33b9bf79 code=0x7fc00000
[  359.066789][   T30] audit: type=1326 audit(1770785575.433:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.6.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fcc33b9bf79 code=0x7fc00000
[  359.188302][   T30] audit: type=1326 audit(1770785575.433:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.6.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc33b9bf79 code=0x7fc00000
[  359.298056][   T30] audit: type=1326 audit(1770785575.433:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.6.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc33b9bf79 code=0x7fc00000
[  359.372941][ T9223] loop3: detected capacity change from 0 to 512
[  359.388484][   T30] audit: type=1326 audit(1770785575.433:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.6.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc33b9bf79 code=0x7fc00000
[  359.413306][   T30] audit: type=1326 audit(1770785575.433:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.6.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc33b9bf79 code=0x7fc00000
[  359.625798][ T9224] loop8: detected capacity change from 0 to 32768
[  359.633474][   T30] audit: type=1326 audit(1770785575.433:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.6.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc33b9bf79 code=0x7fc00000
[  359.655696][   T30] audit: type=1326 audit(1770785575.433:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.6.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc33b9bf79 code=0x7fc00000
[  359.862353][ T9224] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.836 (9224)
[  359.889103][ T9224] BTRFS info (device loop8): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  359.900110][ T9224] BTRFS info (device loop8): using sha256 checksum algorithm
[  360.798363][   T30] audit: type=1326 audit(1770785575.433:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.6.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc33b9bf79 code=0x7fc00000
[  360.837968][   T30] audit: type=1326 audit(1770785575.433:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.6.830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc33b9bf79 code=0x7fc00000
[  361.700544][ T9223] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  361.758119][ T9223] ext4 filesystem being mounted at /170/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  362.104916][ T9224] BTRFS info (device loop8): enabling ssd optimizations
[  362.112012][ T9224] BTRFS info (device loop8): turning on async discard
[  362.119002][ T9224] BTRFS info (device loop8): enabling free space tree
[  362.759715][ T6580] BTRFS info (device loop8): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  366.259516][ T5826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.298189][ T9267] loop8: detected capacity change from 0 to 512
[  373.471409][ T9337] 9pnet_fd: Insufficient options for proto=fd
[  373.481500][ T9326] 9pnet_fd: Insufficient options for proto=fd
[  373.525687][ T9334] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  373.870719][ T9341] fuse: Unknown parameter '0x0000000000000004'
[  373.894264][ T9340] usb usb8: usbfs: process 9340 (syz.9.861) did not claim interface 0 before use
[  378.437523][ T9374] loop9: detected capacity change from 0 to 256
[  378.525591][ T9374] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  378.902584][ T9376] FAT-fs (loop9): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  378.915531][ T9376] FAT-fs (loop9): Filesystem has been set read-only
[  378.928909][   T30] kauditd_printk_skb: 56 callbacks suppressed
[  378.928927][   T30] audit: type=1800 audit(1770785595.724:109): pid=9376 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.872" name="file1" dev="loop9" ino=1048648 res=0 errno=0
[  381.935181][ T9388] loop9: detected capacity change from 0 to 32768
[  382.263965][ T9388] XFS (loop9): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  382.967277][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  382.973608][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  384.701133][ T9388] XFS (loop9): Ending clean mount
[  384.790676][ T7375] XFS (loop9): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  384.831465][ T9410] fuse: Unknown parameter '0x0000000000000004'
[  387.843155][ T9425] loop9: detected capacity change from 0 to 256
[  388.108151][ T9425] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  389.567859][ T9098] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  390.028289][ T9098] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  390.139938][ T9098] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  390.160577][ T9098] usb 4-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  390.262843][ T9098] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  390.908435][ T9098] usb 4-1: config 0 descriptor??
[  391.536503][ T9439] fuse: Unknown parameter '0x0000000000000007'
[  391.700514][ T9098] steelseries 0003:1038:1410.0005: missing HID_OUTPUT_REPORT 0
[  392.493224][ T9432] loop3: detected capacity change from 0 to 64
[  395.426535][ T9098] usb 4-1: USB disconnect, device number 6
[  396.877297][ T9460] 9pnet_fd: Insufficient options for proto=fd
[  400.506041][ T5836] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  400.516820][ T5836] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  400.529847][ T5836] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  400.616022][ T5836] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  400.639632][ T5836] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  400.769704][ T9477] use of bytesused == 0 is deprecated and will be removed in the future,
[  400.778843][ T9477] use the actual size instead.
[  403.019540][ T9493] loop3: detected capacity change from 0 to 1024
[  403.039908][ T9493] hfsplus: Bad value for 'session'
[  404.050388][ T5954] IPVS: starting estimator thread 0...
[  404.055487][ T5842] Bluetooth: hci4: command tx timeout
[  404.261784][ T9494] IPVS: using max 33 ests per chain, 79200 per kthread
[  406.135753][ T5842] Bluetooth: hci4: command tx timeout
[  406.622797][ T9473] chnl_net:caif_netlink_parms(): no params data found
[  406.630414][ T9499] fuse: Unknown parameter '0x0000000000000007'
[  406.638527][ T9499] 9pnet_fd: Insufficient options for proto=fd
[  407.425259][ T9511] loop8: detected capacity change from 0 to 1024
[  407.451025][ T9511] hfsplus: Bad value for 'session'
[  408.609877][ T5842] Bluetooth: hci4: command tx timeout
[  408.783143][ T9473] bridge0: port 1(bridge_slave_0) entered blocking state
[  408.863103][ T9473] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.915404][ T9473] bridge_slave_0: entered allmulticast mode
[  408.923333][ T9473] bridge_slave_0: entered promiscuous mode
[  409.016153][ T9473] bridge0: port 2(bridge_slave_1) entered blocking state
[  409.044322][ T9473] bridge0: port 2(bridge_slave_1) entered disabled state
[  409.067694][ T9473] bridge_slave_1: entered allmulticast mode
[  409.115892][ T9473] bridge_slave_1: entered promiscuous mode
[  409.291948][ T9473] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  409.377351][ T9473] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  409.586714][ T9473] team0: Port device team_slave_0 added
[  409.647908][ T9473] team0: Port device team_slave_1 added
[  410.384163][ T9518] loop9: detected capacity change from 0 to 1024
[  410.405164][ T9518] hfsplus: Bad value for 'session'
[  411.396787][ T5842] Bluetooth: hci4: command tx timeout
[  412.220572][ T9527] fuse: Unknown parameter '0x0000000000000004'
[  412.240013][   T49] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  412.288230][ T9473] batman_adv: batadv0: Adding interface: batadv_slave_0
[  412.306070][ T9473] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  412.365690][ T6057] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  412.368035][ T9473] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  412.560039][ T9473] batman_adv: batadv0: Adding interface: batadv_slave_1
[  412.567057][ T9473] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  412.593122][ T9473] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  412.763559][ T6057] usb 4-1: Using ep0 maxpacket: 16
[  413.386131][ T6057] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  413.423857][ T6057] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  413.478766][ T6057] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[  413.490216][ T9534] fuse: Unknown parameter '0x0000000000000004'
[  413.525165][ T6057] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  413.550007][ T6057] usb 4-1: Product: syz
[  413.554151][ T6057] usb 4-1: Manufacturer: syz
[  413.594708][ T6057] usb 4-1: SerialNumber: syz
[  413.658071][ T6057] usb 4-1: config 0 descriptor??
[  413.691361][   T49] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  413.731606][ T6057] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  413.863246][ T9473] hsr_slave_0: entered promiscuous mode
[  416.840959][   T72] usb 4-1: Failed to submit usb control message: -110
[  416.905063][   T72] usb 4-1: unable to send the bmi data to the device: -110
[  416.912298][   T72] usb 4-1: unable to get target info from device
[  416.919823][ T9473] hsr_slave_1: entered promiscuous mode
[  416.983462][   T72] usb 4-1: could not get target info (-110)
[  417.021599][   T72] usb 4-1: could not probe fw (-110)
[  417.022006][ T9473] debugfs: 'hsr0' already exists in 'hsr'
[  417.065147][ T9473] Cannot create hsr debugfs directory
[  418.127570][   T49] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.788077][   T49] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  420.038973][ T9566] loop9: detected capacity change from 0 to 1032
[  420.046053][ T9566] hfsplus: Bad value for 'session'
[  420.774821][ T6057] usb 4-1: USB disconnect, device number 7
[  421.056485][ T9571] fuse: Unknown parameter '0x0000000000000007'
[  421.126456][ T9571] 9pnet_fd: Insufficient options for proto=fd
[  422.155467][ T9574] fuse: Unknown parameter '0xffffffffffffffff'
[  422.176866][ T9574] 9pnet_fd: Insufficient options for proto=fd
[  422.375410][ T5836] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  422.385972][ T5836] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  422.400275][ T5836] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  422.412867][ T5836] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  422.425034][ T5836] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  422.806077][ T9579] fuse: Unknown parameter '0x0000000000000007'
[  422.816370][ T9579] 9pnet_fd: Insufficient options for proto=fd
[  423.776388][   T49] bridge_slave_1: left allmulticast mode
[  423.782050][   T49] bridge_slave_1: left promiscuous mode
[  424.463533][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  424.555035][ T5842] Bluetooth: hci1: command tx timeout
[  424.565186][   T49] bridge_slave_0: left allmulticast mode
[  424.570815][   T49] bridge_slave_0: left promiscuous mode
[  424.614453][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  425.945296][ T9589] fuse: Unknown parameter '0x0000000000000004'
[  426.289561][ T9593] loop9: detected capacity change from 0 to 4096
[  426.312744][ T9593] ntfs3(loop9): Different NTFS sector size (4096) and media sector size (512).
[  427.632997][ T5842] Bluetooth: hci1: command tx timeout
[  428.533433][ T9603] fuse: Unknown parameter '0xffffffffffffffff'
[  428.687623][ T9605] fuse: Unknown parameter '0xffffffffffffffff'
[  428.765154][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  428.792641][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  429.039033][   T49] bond0 (unregistering): Released all slaves
[  429.844052][ T5842] Bluetooth: hci1: command tx timeout
[  431.034810][ T9620] serio: Serial port ttyS3
[  431.953899][ T5842] Bluetooth: hci1: command tx timeout
[  433.889325][ T9637] fuse: Unknown parameter '0xffffffffffffffff'
[  433.951993][ T9637] 9pnet_fd: Insufficient options for proto=fd
[  434.482197][ T9643] fuse: Unknown parameter '0x0000000000000004'
[  434.995388][ T9658] serio: Serial port ttyS3
[  435.755099][ T9660] Cannot find set identified by id 0 to match
[  436.168698][ T9654] fuse: Unknown parameter '0x0000000000000004'
[  436.486660][ T9670] loop9: detected capacity change from 0 to 1024
[  436.515283][ T9670] hfsplus: Bad value for 'session'
[  436.830075][   T49] hsr_slave_0: left promiscuous mode
[  436.846618][ T9675] fuse: Unknown parameter '0x0000000000000004'
[  436.892278][   T49] hsr_slave_1: left promiscuous mode
[  436.993313][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  437.011589][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  437.020384][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  437.030406][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  437.258124][ T9680] fuse: Unknown parameter '0x0000000000000006'
[  437.304314][ T9680] 9pnet_fd: Insufficient options for proto=fd
[  438.567234][   T49] veth1_macvtap: left promiscuous mode
[  438.573186][   T49] veth0_macvtap: left promiscuous mode
[  438.913788][   T49] veth1_vlan: left promiscuous mode
[  438.929889][   T49] veth0_vlan: left promiscuous mode
[  440.837608][ T9698] 9pnet_fd: Insufficient options for proto=fd
[  441.259195][ T9702] fuse: Unknown parameter '0x0000000000000007'
[  441.322465][ T9702] 9pnet_fd: Insufficient options for proto=fd
[  441.995511][ T9706] fuse: Unknown parameter '0x0000000000000007'
[  442.017164][ T9706] 9pnet_fd: Insufficient options for proto=fd
[  444.408833][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  444.419637][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  446.862460][ T9731] loop9: detected capacity change from 0 to 1024
[  446.869571][ T9731] hfsplus: Bad value for 'session'
[  447.102912][ T9734] netlink: 104 bytes leftover after parsing attributes in process `syz.1.967'.
[  452.908107][   T49] team0 (unregistering): Port device team_slave_1 removed
[  453.336917][   T49] team0 (unregistering): Port device team_slave_0 removed
[  453.520569][ T9766] 9pnet_fd: Insufficient options for proto=fd
[  456.452415][ T5836] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  456.462784][ T5836] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  456.472995][ T5836] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  456.481676][ T5836] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  456.653456][ T5836] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  459.525309][ T5842] Bluetooth: hci5: command tx timeout
[  459.541498][ T9798] serio: Serial port ttyS3
[  460.238143][ T9792] fuse: Unknown parameter '0x0000000000000004'
[  460.654420][ T9806] serio: Serial port ttyS3
[  461.651908][ T5842] Bluetooth: hci5: command tx timeout
[  461.700367][ T9808] fuse: Unknown parameter '0x0000000000000007'
[  461.728420][ T9808] 9pnet_fd: Insufficient options for proto=fd
[  463.752185][ T5842] Bluetooth: hci5: command tx timeout
[  465.639653][ T9818] netlink: 8 bytes leftover after parsing attributes in process `syz.4.990'.
[  465.862009][ T5842] Bluetooth: hci5: command tx timeout
[  468.066107][ T9848] fuse: Unknown parameter '0x0000000000000004'
[  468.813453][ T9853] loop9: detected capacity change from 0 to 1024
[  468.833473][ T9853] hfsplus: Bad value for 'session'
[  469.905244][ T9575] chnl_net:caif_netlink_parms(): no params data found
[  473.691003][   T49] IPVS: stop unused estimator thread 0...
[  473.741752][ T9575] bridge0: port 1(bridge_slave_0) entered blocking state
[  473.757801][ T9575] bridge0: port 1(bridge_slave_0) entered disabled state
[  473.813464][ T9575] bridge_slave_0: entered allmulticast mode
[  473.821390][ T9575] bridge_slave_0: entered promiscuous mode
[  473.981905][ T9575] bridge0: port 2(bridge_slave_1) entered blocking state
[  473.989458][ T9575] bridge0: port 2(bridge_slave_1) entered disabled state
[  474.031935][ T9575] bridge_slave_1: entered allmulticast mode
[  474.054894][ T9575] bridge_slave_1: entered promiscuous mode
[  474.072761][ T9778] chnl_net:caif_netlink_parms(): no params data found
[  475.144357][ T9575] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  475.295360][ T9575] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  475.961866][ T9575] team0: Port device team_slave_0 added
[  477.367130][ T9894] fuse: Unknown parameter '0x0000000000000006'
[  477.375446][ T9894] 9pnet_fd: Insufficient options for proto=fd
[  477.420992][ T9575] team0: Port device team_slave_1 added
[  478.685884][ T9919] loop8: detected capacity change from 0 to 1024
[  478.695040][ T9919] hfsplus: Bad value for 'session'
[  479.448585][ T9778] bridge0: port 1(bridge_slave_0) entered blocking state
[  479.480156][ T9778] bridge0: port 1(bridge_slave_0) entered disabled state
[  479.496444][ T9924] fuse: Unknown parameter '0x0000000000000007'
[  479.503536][ T9924] 9pnet_fd: Insufficient options for proto=fd
[  479.531698][ T9778] bridge_slave_0: entered allmulticast mode
[  479.581281][ T9778] bridge_slave_0: entered promiscuous mode
[  479.687564][ T9575] batman_adv: batadv0: Adding interface: batadv_slave_0
[  479.701268][ T9575] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  479.771221][ T9575] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  479.959022][ T9575] batman_adv: batadv0: Adding interface: batadv_slave_1
[  479.993290][ T9575] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  480.083702][ T9575] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  480.112672][ T9778] bridge0: port 2(bridge_slave_1) entered blocking state
[  480.133074][ T9778] bridge0: port 2(bridge_slave_1) entered disabled state
[  480.157373][ T9778] bridge_slave_1: entered allmulticast mode
[  480.201297][ T9778] bridge_slave_1: entered promiscuous mode
[  480.614275][ T9778] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  480.643996][ T9778] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  480.729688][ T9575] hsr_slave_0: entered promiscuous mode
[  481.920889][ T9575] hsr_slave_1: entered promiscuous mode
[  481.930481][ T9575] debugfs: 'hsr0' already exists in 'hsr'
[  481.936588][ T9575] Cannot create hsr debugfs directory
[  482.187096][ T9778] team0: Port device team_slave_0 added
[  482.284186][ T9778] team0: Port device team_slave_1 added
[  482.555790][ T9949] fuse: Unknown parameter '0x0000000000000004'
[  483.481028][ T5836] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  483.657274][ T5836] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  483.690993][ T5836] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  483.699588][ T5836] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  483.736359][ T5836] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  483.779623][   T49] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  484.001708][ T9778] batman_adv: batadv0: Adding interface: batadv_slave_0
[  484.031036][ T9778] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  484.431429][ T9778] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  484.582763][   T49] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  484.959021][ T9778] batman_adv: batadv0: Adding interface: batadv_slave_1
[  485.007672][ T9778] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  485.136422][ T9778] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  485.435496][   T49] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  485.830913][ T5842] Bluetooth: hci4: command tx timeout
[  486.084928][   T49] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.358279][ T9778] hsr_slave_0: entered promiscuous mode
[  487.423907][ T9778] hsr_slave_1: entered promiscuous mode
[  487.439527][ T9778] debugfs: 'hsr0' already exists in 'hsr'
[  487.446212][ T9778] Cannot create hsr debugfs directory
[  487.920806][ T5842] Bluetooth: hci4: command tx timeout
[  489.990880][ T5842] Bluetooth: hci4: command tx timeout
[  491.000323][T10012] loop9: detected capacity change from 0 to 1024
[  492.072045][ T5842] Bluetooth: hci4: command tx timeout
[  492.088758][T10012] hfsplus: Bad value for 'session'
[  492.687682][   T49] bridge_slave_1: left allmulticast mode
[  492.723547][   T49] bridge_slave_1: left promiscuous mode
[  492.729305][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  492.861509][   T49] bridge_slave_0: left allmulticast mode
[  494.027383][   T49] bridge_slave_0: left promiscuous mode
[  494.049321][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  494.209383][   T49] bridge_slave_1: left allmulticast mode
[  494.233445][   T49] bridge_slave_1: left promiscuous mode
[  494.264514][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  494.285381][   T49] bridge_slave_0: left allmulticast mode
[  494.315580][   T49] bridge_slave_0: left promiscuous mode
[  495.460542][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  498.369725][T10055] fuse: Unknown parameter '0x0000000000000004'
[  498.944680][T10060] fuse: Unknown parameter '0x0000000000000007'
[  499.994226][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  500.132333][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  500.271374][   T49] bond0 (unregistering): Released all slaves
[  500.812421][T10075] fuse: Unknown parameter '0x0000000000000006'
[  500.857947][T10075] 9pnet_fd: Insufficient options for proto=fd
[  502.578634][T10085] serio: Serial port ttyS3
[  503.335510][T10091] fuse: Unknown parameter '0x0000000000000007'
[  503.367087][T10091] 9pnet_fd: Insufficient options for proto=fd
[  504.821562][T10099] fuse: Unknown parameter '0x0000000000000007'
[  504.830240][T10099] 9pnet_fd: Insufficient options for proto=fd
[  504.932796][T10100] fuse: Unknown parameter '0x0000000000000007'
[  504.956320][T10100] 9pnet_fd: Insufficient options for proto=fd
[  505.210302][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  505.283649][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  505.377352][   T49] bond0 (unregistering): Released all slaves
[  505.837769][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  505.844886][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  506.280018][ T9957] chnl_net:caif_netlink_parms(): no params data found
[  508.171249][T10116] fuse: Unknown parameter '0x0000000000000004'
[  509.176916][T10131] fuse: Unknown parameter '0x0000000000000007'
[  509.203824][T10131] 9pnet_fd: Insufficient options for proto=fd
[  509.634040][T10134] fuse: Unknown parameter '0x0000000000000004'
[  509.718135][ T9957] bridge0: port 1(bridge_slave_0) entered blocking state
[  509.927240][ T9957] bridge0: port 1(bridge_slave_0) entered disabled state
[  509.964023][ T9957] bridge_slave_0: entered allmulticast mode
[  509.997796][ T9957] bridge_slave_0: entered promiscuous mode
[  510.199792][   T49] hsr_slave_0: left promiscuous mode
[  510.305699][   T49] hsr_slave_1: left promiscuous mode
[  510.313817][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  510.349652][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  510.419715][   T49] hsr_slave_0: left promiscuous mode
[  510.442749][   T49] hsr_slave_1: left promiscuous mode
[  510.457645][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  510.485345][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  510.534688][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  510.553366][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  510.634287][   T49] veth1_macvtap: left promiscuous mode
[  510.658033][   T49] veth0_macvtap: left promiscuous mode
[  510.695424][   T49] veth1_vlan: left promiscuous mode
[  510.718519][   T49] veth0_vlan: left promiscuous mode
[  511.526916][T10154] fuse: Unknown parameter '0x0000000000000004'
[  512.266214][T10164] loop8: detected capacity change from 0 to 1024
[  512.312299][T10164] hfsplus: Bad value for 'session'
[  513.523698][T10166] loop9: detected capacity change from 0 to 1024
[  513.546581][T10166] hfsplus: Bad value for 'session'
[  514.942133][   T49] team0 (unregistering): Port device team_slave_1 removed
[  516.157900][   T49] team0 (unregistering): Port device team_slave_0 removed
[  517.367245][ T5836] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  517.377631][ T5836] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  517.385671][ T5836] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  517.393911][ T5836] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  517.409694][ T5836] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  519.629063][ T5842] Bluetooth: hci1: command tx timeout
[  521.669098][ T5842] Bluetooth: hci1: command tx timeout
[  523.878772][ T5842] Bluetooth: hci1: command tx timeout
[  525.964135][ T5842] Bluetooth: hci1: command tx timeout
[  526.114788][T10215] fuse: Unknown parameter '0x0000000000000004'
[  531.509131][T10248] fuse: Unknown parameter '0x0000000000000007'
[  531.516260][T10248] 9pnet_fd: Insufficient options for proto=fd
[  534.197205][   T49] team0 (unregistering): Port device team_slave_1 removed
[  535.299333][T10263] fuse: Unknown parameter '0x0000000000000004'
[  536.786237][ T5836] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  536.797252][ T5836] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  536.805152][ T5836] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  536.950945][ T5836] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  536.967410][ T5836] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  537.572958][   T49] team0 (unregistering): Port device team_slave_0 removed
[  539.539583][ T5836] Bluetooth: hci7: command tx timeout
[  540.739992][T10299] overlayfs: failed to clone upperpath
[  541.768377][T10307] loop9: detected capacity change from 0 to 1024
[  541.781966][T10307] hfsplus: Bad value for 'session'
[  542.808510][ T5836] Bluetooth: hci7: command tx timeout
[  543.280816][ T5842] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  543.293554][ T5842] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  543.302318][ T5842] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  543.310731][ T5842] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  543.318494][ T5842] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  546.031017][ T5836] Bluetooth: hci7: command tx timeout
[  546.036063][ T5842] Bluetooth: hci8: command tx timeout
[  546.761264][T10320] overlayfs: failed to clone upperpath
[  546.905409][ T9957] bridge0: port 2(bridge_slave_1) entered blocking state
[  546.927471][ T9957] bridge0: port 2(bridge_slave_1) entered disabled state
[  546.962108][ T9957] bridge_slave_1: entered allmulticast mode
[  546.990940][ T9957] bridge_slave_1: entered promiscuous mode
[  547.408903][T10196] ==================================================================
[  547.416998][T10196] BUG: KASAN: slab-use-after-free in __list_del_entry_valid_or_report+0x92/0x190
[  547.426100][T10196] Read of size 8 at addr ffff88802997e578 by task syz.8.1060/10196
[  547.433974][T10196] 
[  547.436288][T10196] CPU: 1 UID: 0 PID: 10196 Comm: syz.8.1060 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  547.436316][T10196] Tainted: [L]=SOFTLOCKUP
[  547.436324][T10196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  547.436338][T10196] Call Trace:
[  547.436346][T10196]  <TASK>
[  547.436355][T10196]  dump_stack_lvl+0xe8/0x150
[  547.436387][T10196]  print_report+0xba/0x230
[  547.436412][T10196]  ? __list_del_entry_valid_or_report+0x92/0x190
[  547.436443][T10196]  kasan_report+0x117/0x150
[  547.436472][T10196]  ? do_raw_spin_lock+0x12b/0x2f0
[  547.436504][T10196]  ? __list_del_entry_valid_or_report+0x92/0x190
[  547.436537][T10196]  __list_del_entry_valid_or_report+0x92/0x190
[  547.436568][T10196]  bt_accept_unlink+0x39/0x260
[  547.436596][T10196]  l2cap_sock_teardown_cb+0x17e/0x490
[  547.436633][T10196]  l2cap_chan_del+0xb5/0x610
[  547.436657][T10196]  l2cap_conn_del+0x326/0x5b0
[  547.436688][T10196]  ? srso_alias_return_thunk+0x5/0xfbef5
[  547.436714][T10196]  ? __pfx_l2cap_disconn_cfm+0x10/0x10
[  547.436744][T10196]  hci_conn_hash_flush+0x10d/0x260
[  547.436778][T10196]  hci_dev_close_sync+0x821/0x10e0
[  547.436810][T10196]  ? __pfx_hci_dev_close_sync+0x10/0x10
[  547.436837][T10196]  ? up_write+0x1ab/0x410
[  547.436864][T10196]  ? rcu_is_watching+0x15/0xb0
[  547.436888][T10196]  ? srso_alias_return_thunk+0x5/0xfbef5
[  547.436917][T10196]  hci_unregister_dev+0x21a/0x5a0
[  547.436942][T10196]  vhci_release+0x152/0x1a0
[  547.436971][T10196]  ? __pfx_vhci_release+0x10/0x10
[  547.436993][T10196]  __fput+0x44f/0xa70
[  547.437019][T10196]  task_work_run+0x1d9/0x270
[  547.437052][T10196]  ? __pfx_task_work_run+0x10/0x10
[  547.437084][T10196]  ? srso_alias_return_thunk+0x5/0xfbef5
[  547.437112][T10196]  ? kmem_cache_free+0x195/0x610
[  547.437140][T10196]  ? do_exit+0x696/0x2310
[  547.437173][T10196]  do_exit+0x69b/0x2310
[  547.437207][T10196]  ? srso_alias_return_thunk+0x5/0xfbef5
[  547.437233][T10196]  ? __pfx_do_exit+0x10/0x10
[  547.437266][T10196]  ? do_raw_spin_lock+0x12b/0x2f0
[  547.437299][T10196]  ? srso_alias_return_thunk+0x5/0xfbef5
[  547.437333][T10196]  do_group_exit+0x21b/0x2d0
[  547.437365][T10196]  ? _raw_spin_unlock_irq+0x23/0x50
[  547.437394][T10196]  get_signal+0x1284/0x1330
[  547.437427][T10196]  arch_do_signal_or_restart+0xbc/0x830
[  547.437449][T10196]  ? __pfx_task_work_add+0x10/0x10
[  547.437479][T10196]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  547.437499][T10196]  ? sock_ioctl+0x775/0x7f0
[  547.437527][T10196]  ? __fput_deferred+0x216/0x380
[  547.437547][T10196]  ? __pfx___fput_deferred+0x10/0x10
[  547.437570][T10196]  exit_to_user_mode_loop+0x86/0x480
[  547.437604][T10196]  ? srso_alias_return_thunk+0x5/0xfbef5
[  547.437629][T10196]  ? rcu_is_watching+0x15/0xb0
[  547.437653][T10196]  do_syscall_64+0x32d/0xf80
[  547.437682][T10196]  ? rcu_is_watching+0x15/0xb0
[  547.437705][T10196]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.437729][T10196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.437750][T10196] RIP: 0033:0x7f64ead9bf79
[  547.437768][T10196] Code: Unable to access opcode bytes at 0x7f64ead9bf4f.
[  547.437779][T10196] RSP: 002b:00007f64ebcf8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  547.437801][T10196] RAX: ffffffffffffff97 RBX: 00007f64eb016180 RCX: 00007f64ead9bf79
[  547.437817][T10196] RDX: 0000200000000140 RSI: 00000000000089f1 RDI: 0000000000000006
[  547.437831][T10196] RBP: 00007f64eae327e0 R08: 0000000000000000 R09: 0000000000000000
[  547.437844][T10196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  547.437858][T10196] R13: 00007f64eb016218 R14: 00007f64eb016180 R15: 00007ffd06ecbbe8
[  547.437884][T10196]  </TASK>
[  547.437891][T10196] 
[  547.781843][T10196] Allocated by task 10211:
[  547.786239][T10196]  kasan_save_track+0x3e/0x80
[  547.790912][T10196]  __kasan_kmalloc+0x93/0xb0
[  547.795491][T10196]  __kmalloc_node_track_caller_noprof+0x558/0x7f0
[  547.801894][T10196]  kmalloc_reserve+0x136/0x290
[  547.806653][T10196]  __alloc_skb+0x204/0x390
[  547.811062][T10196]  _sctp_make_chunk+0x59/0x290
[  547.815819][T10196]  sctp_make_datafrag_empty+0x12a/0x240
[  547.821356][T10196]  sctp_datamsg_from_user+0x729/0xef0
[  547.826718][T10196]  sctp_sendmsg_to_asoc+0x1416/0x1900
[  547.832092][T10196]  sctp_sendmsg+0x1b3d/0x2c10
[  547.836762][T10196]  __sys_sendto+0x627/0x7a0
[  547.841257][T10196]  __x64_sys_sendto+0xde/0x100
[  547.846014][T10196]  do_syscall_64+0x14d/0xf80
[  547.850595][T10196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.856472][T10196] 
[  547.858773][T10196] Freed by task 10205:
[  547.862816][T10196]  kasan_save_track+0x3e/0x80
[  547.867481][T10196]  kasan_save_free_info+0x46/0x50
[  547.872494][T10196]  __kasan_slab_free+0x5c/0x80
[  547.877247][T10196]  kfree+0x1be/0x650
[  547.881138][T10196]  skb_release_data+0x6b5/0x8e0
[  547.885973][T10196]  __kfree_skb+0x5d/0x210
[  547.890298][T10196]  sctp_chunk_put+0x17d/0x200
[  547.894973][T10196]  sctp_datamsg_put+0x409/0x540
[  547.899810][T10196]  sctp_chunk_free+0x4a/0x60
[  547.904392][T10196]  __sctp_outq_teardown+0x7ab/0x9a0
[  547.909574][T10196]  sctp_association_free+0x240/0x7f0
[  547.914860][T10196]  sctp_do_sm+0x3f6b/0x5cf0
[  547.919353][T10196]  sctp_primitive_SHUTDOWN+0x98/0xc0
[  547.924637][T10196]  sctp_close+0x407/0x940
[  547.928959][T10196]  inet_release+0x143/0x190
[  547.933448][T10196]  sock_close+0xc3/0x240
[  547.937677][T10196]  __fput+0x44f/0xa70
[  547.941640][T10196]  task_work_run+0x1d9/0x270
[  547.946227][T10196]  exit_to_user_mode_loop+0xed/0x480
[  547.951597][T10196]  do_syscall_64+0x32d/0xf80
[  547.956180][T10196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.962057][T10196] 
[  547.964359][T10196] The buggy address belongs to the object at ffff88802997e000
[  547.964359][T10196]  which belongs to the cache kmalloc-2k of size 2048
[  547.978397][T10196] The buggy address is located 1400 bytes inside of
[  547.978397][T10196]  freed 2048-byte region [ffff88802997e000, ffff88802997e800)
[  547.992353][T10196] 
[  547.994664][T10196] The buggy address belongs to the physical page:
[  548.001053][T10196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x29978
[  548.009796][T10196] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  548.018280][T10196] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  548.026244][T10196] page_type: f5(slab)
[  548.030210][T10196] raw: 00fff00000000040 ffff88813fe27000 0000000000000000 dead000000000001
[  548.038777][T10196] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[  548.047345][T10196] head: 00fff00000000040 ffff88813fe27000 0000000000000000 dead000000000001
[  548.056016][T10196] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[  548.064669][T10196] head: 00fff00000000003 ffffea0000a65e01 00000000ffffffff 00000000ffffffff
[  548.073328][T10196] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  548.081979][T10196] page dumped because: kasan: bad access detected
[  548.088368][T10196] page_owner tracks the page as allocated
[  548.094061][T10196] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5817, tgid 5817 (syz-executor), ts 96327208257, free_ts 95768975738
[  548.115406][T10196]  post_alloc_hook+0x228/0x280
[  548.120165][T10196]  get_page_from_freelist+0x24dc/0x2580
[  548.125704][T10196]  __alloc_frozen_pages_noprof+0x18d/0x380
[  548.131504][T10196]  alloc_pages_mpol+0x232/0x4a0
[  548.136352][T10196]  allocate_slab+0x86/0x3a0
[  548.140841][T10196]  ___slab_alloc+0xd90/0x1790
[  548.145515][T10196]  __slab_alloc+0x65/0x100
[  548.149925][T10196]  __kmalloc_cache_noprof+0x40d/0x6e0
[  548.155290][T10196]  device_create+0x13d/0x300
[  548.159868][T10196]  mac80211_hwsim_new_radio+0x3f5/0x5330
[  548.165494][T10196]  hwsim_new_radio_nl+0xf85/0x1c30
[  548.170599][T10196]  genl_family_rcv_msg_doit+0x22a/0x330
[  548.176128][T10196]  genl_rcv_msg+0x61c/0x7a0
[  548.180611][T10196]  netlink_rcv_skb+0x232/0x4b0
[  548.185366][T10196]  genl_rcv+0x28/0x40
[  548.189330][T10196]  netlink_unicast+0x80f/0x9b0
[  548.194081][T10196] page last free pid 5885 tgid 5885 stack trace:
[  548.200380][T10196]  __free_frozen_pages+0xbf8/0xd70
[  548.205481][T10196]  __put_partials+0x146/0x170
[  548.210153][T10196]  __slab_free+0x294/0x320
[  548.214553][T10196]  qlist_free_all+0x97/0x100
[  548.219131][T10196]  kasan_quarantine_reduce+0x148/0x160
[  548.224580][T10196]  __kasan_slab_alloc+0x22/0x80
[  548.229421][T10196]  kmem_cache_alloc_noprof+0x370/0x6e0
[  548.234868][T10196]  alloc_empty_file+0x55/0x1d0
[  548.239628][T10196]  path_openat+0x10f/0x3860
[  548.244122][T10196]  do_file_open+0x23e/0x4a0
[  548.248614][T10196]  do_sys_openat2+0x113/0x200
[  548.253281][T10196]  __x64_sys_openat+0x138/0x170
[  548.258115][T10196]  do_syscall_64+0x14d/0xf80
[  548.262703][T10196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.268579][T10196] 
[  548.270883][T10196] Memory state around the buggy address:
[  548.276491][T10196]  ffff88802997e400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  548.284540][T10196]  ffff88802997e480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  548.292581][T10196] >ffff88802997e500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  548.300618][T10196]                                                                 ^
[  548.308577][T10196]  ffff88802997e580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  548.316620][T10196]  ffff88802997e600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  548.324658][T10196] ==================================================================
[  548.333893][T10196] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  548.341091][T10196] CPU: 1 UID: 0 PID: 10196 Comm: syz.8.1060 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  548.352025][T10196] Tainted: [L]=SOFTLOCKUP
[  548.356330][T10196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  548.366366][T10196] Call Trace:
[  548.369634][T10196]  <TASK>
[  548.372548][T10196]  vpanic+0x1e0/0x670
[  548.376527][T10196]  panic+0xc5/0xd0
[  548.380243][T10196]  ? __pfx_panic+0x10/0x10
[  548.384651][T10196]  ? preempt_schedule_thunk+0x16/0x30
[  548.390011][T10196]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.395639][T10196]  ? __list_del_entry_valid_or_report+0x92/0x190
[  548.401964][T10196]  check_panic_on_warn+0x89/0xb0
[  548.406915][T10196]  ? __list_del_entry_valid_or_report+0x92/0x190
[  548.413241][T10196]  end_report+0x6f/0x140
[  548.417479][T10196]  kasan_report+0x128/0x150
[  548.421982][T10196]  ? do_raw_spin_lock+0x12b/0x2f0
[  548.427004][T10196]  ? __list_del_entry_valid_or_report+0x92/0x190
[  548.433337][T10196]  __list_del_entry_valid_or_report+0x92/0x190
[  548.439488][T10196]  bt_accept_unlink+0x39/0x260
[  548.444245][T10196]  l2cap_sock_teardown_cb+0x17e/0x490
[  548.449621][T10196]  l2cap_chan_del+0xb5/0x610
[  548.454198][T10196]  l2cap_conn_del+0x326/0x5b0
[  548.458872][T10196]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.464496][T10196]  ? __pfx_l2cap_disconn_cfm+0x10/0x10
[  548.469954][T10196]  hci_conn_hash_flush+0x10d/0x260
[  548.475072][T10196]  hci_dev_close_sync+0x821/0x10e0
[  548.480179][T10196]  ? __pfx_hci_dev_close_sync+0x10/0x10
[  548.485716][T10196]  ? up_write+0x1ab/0x410
[  548.490074][T10196]  ? rcu_is_watching+0x15/0xb0
[  548.494828][T10196]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.500457][T10196]  hci_unregister_dev+0x21a/0x5a0
[  548.505475][T10196]  vhci_release+0x152/0x1a0
[  548.509974][T10196]  ? __pfx_vhci_release+0x10/0x10
[  548.514987][T10196]  __fput+0x44f/0xa70
[  548.518964][T10196]  task_work_run+0x1d9/0x270
[  548.523561][T10196]  ? __pfx_task_work_run+0x10/0x10
[  548.528669][T10196]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.534295][T10196]  ? kmem_cache_free+0x195/0x610
[  548.539231][T10196]  ? do_exit+0x696/0x2310
[  548.543562][T10196]  do_exit+0x69b/0x2310
[  548.547723][T10196]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.553349][T10196]  ? __pfx_do_exit+0x10/0x10
[  548.557980][T10196]  ? do_raw_spin_lock+0x12b/0x2f0
[  548.563000][T10196]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.568625][T10196]  do_group_exit+0x21b/0x2d0
[  548.573217][T10196]  ? _raw_spin_unlock_irq+0x23/0x50
[  548.578495][T10196]  get_signal+0x1284/0x1330
[  548.582999][T10196]  arch_do_signal_or_restart+0xbc/0x830
[  548.588538][T10196]  ? __pfx_task_work_add+0x10/0x10
[  548.593647][T10196]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  548.599787][T10196]  ? sock_ioctl+0x775/0x7f0
[  548.604291][T10196]  ? __fput_deferred+0x216/0x380
[  548.609214][T10196]  ? __pfx___fput_deferred+0x10/0x10
[  548.614499][T10196]  exit_to_user_mode_loop+0x86/0x480
[  548.619785][T10196]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.625410][T10196]  ? rcu_is_watching+0x15/0xb0
[  548.630297][T10196]  do_syscall_64+0x32d/0xf80
[  548.634891][T10196]  ? rcu_is_watching+0x15/0xb0
[  548.639644][T10196]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.645701][T10196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.651581][T10196] RIP: 0033:0x7f64ead9bf79
[  548.655987][T10196] Code: Unable to access opcode bytes at 0x7f64ead9bf4f.
[  548.662991][T10196] RSP: 002b:00007f64ebcf8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  548.671393][T10196] RAX: ffffffffffffff97 RBX: 00007f64eb016180 RCX: 00007f64ead9bf79
[  548.679351][T10196] RDX: 0000200000000140 RSI: 00000000000089f1 RDI: 0000000000000006
[  548.687305][T10196] RBP: 00007f64eae327e0 R08: 0000000000000000 R09: 0000000000000000
[  548.695258][T10196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  548.703212][T10196] R13: 00007f64eb016218 R14: 00007f64eb016180 R15: 00007ffd06ecbbe8
[  548.711184][T10196]  </TASK>
[  548.714492][T10196] Kernel Offset: disabled
[  548.718801][T10196] Rebooting in 86400 seconds..