last executing test programs:

11.061610115s ago: executing program 2 (id=286):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0)

10.94262561s ago: executing program 2 (id=287):
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x442, 0x0)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000180))

10.901437179s ago: executing program 2 (id=288):
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00"/13], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)

8.100176808s ago: executing program 3 (id=301):
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0xd5)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101081, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000006380)="7f5912d07634539c3b2e15a57b311187a3eb119eb4b279cacf0b94d44882da90bb8c7bf605806fd007bddf798e1fed05db9ef39d3dff16e6eb4e5e642774588b2020a414a4574d1e0aa3474184583a655385fb5e7e632304e818af022a134095ea51f1f77a9472dabe407b36f0c47e318bfdd7c6ecb5a5bc07f28701201245abe626ab4592fac5b1544570a665a5e559eecf9505a828f5b0199a5dc33934b75bebb03744f92918f93553eb072cd2a940a5931a5907f82fc99d519f02287cac4341c4637dd8110214e9634088fc6b5a77a5065c4798538f41b263c6329df4d668d018f7ac9634910969342c836d78c7baa9893cef90deb8cbaa8cac81c262016a8dac72fa5c3d5094a8b64abbf82594b8cb1dc876e01a39fc9a26874052c47ec3ed015bc85933a98a61bbc108292a6c7932421162c82ec64518ce13f0fda30adf97b5c0d70fb0c69398e78d9dabe99d3d408bfef6e2518c820217b4a1cee43704fa5b5c4d4013bb61f631b813b8272188d403821fafe0ee4b5e09671c177e34a2566939920fcda640007845e4d19e2ce3693cea27e7ec2482ee603589260503c567e3dd320923e651d2530afe927013724b1ccc22c390c9e53a47331789172fb44c442cf558f9990badcbf377b731aa83d7b73a6675c687f16c9b96b59e0a6e262da754b1bba316a31fc262561d4628e33de9969794b879eb7ceee36abb30f5f977198bed19fbc4c4f13f32a3909fa76a3beef541a5dfff9ff8609fbfaba986e3a02b23dc0938e7e5b476f5b256a3e3333caea34de6410f75d1daedf4176f6e5a9fb915647bb65302b49895cfb699131513e1d7d937f8e452fe350a78783de31c96535c742b35edc7b117bc2fd2df6cdbef0cfa1000bade8a6c8a06019592b7dc144ffa88a01fb1f6093e82f63b05830f414a07779226b4928f5edc6d592a294c030d518f7e350b2e2536a2bae2616a574b63415c952c28cf6a82553411d305fdc33d1447b7356b8726b67d23dc0749bbb1230b18abfdb6a0fd35cc1489fcdd90aa83edcc613a77db36dd42fc5b83635df5c2acfddab054303e7c859c8bd5a21493742d8fc1adb1ae3f68f6103d65709a8d917292e648c5621691425a203de2e82e9e6bcd53a7f3e90238e89b2b05202ceafc72bb2f997a99487aa993a72d0cb44b345b3982784a78aafe5e5b6ddf2a17e4dca9a5433481fd8e60195832b704a1c186dc3317888c8c0849f1029d0df6af3a5fc93c8e643287ee38580ff450a259dc4bd45343aa453f462e92302c020ce91f26b1c2b66764cac41d2e809a46e51ac50121172759ba4c791cfc8856f7676ad8020433e00bb80e46d9d7709e196565b3a7b18270508d1e0023960e5b335bd901465dc328a581ca918dd295a110aa9f25ebb51ae5523eb619431a9db2b6e046cd94aae4b985bd663c6c6769015f49cb40d3f4b520c1022683487b170c9e47ed306097f1208a92ecf6727f7f276d19bcdfb987ca8b7f54732d0908f98ccac0ba9f6905e194da99608598ee87a6992c4dd33fad2e5e463c995babd0c7dad010499ee2cbf0f2fb63c7678d681a8b63d8a1316fcac3a107f8723dc004aaf7d9224090b6c78212172884eda7089cac24f196db5d3bd2747649e6fee4ebafb3d883df077f99bb945220161a3323aaa09a5caba3348a2d78096a18625aece41aad5cf9fc9cdb590f0cabb882839474c53a14fdbd34772f69cdd369260309a9500af55572adb7b23d4fdbfaa807242ba1130f7029fbcffde2da9b8a0814840e9b241febe92d6247419ae4cd15f5b073c7dc03e4541e24291ac5b4e29cde2649ca6cb7952e81308ae249906ca9d97d8ceb129b0b2b44a84e268b12b8a373965b877028cae0ead133c8422052a8f91d92f6695b6a3e9c36661c0cb6d03dc795490b09f62210803d88dfb3777b16e1485c9c7ce4a4becc718c9da4aaa32f5d9da57ffbfe6633a302b10c676a0e047f1b24e8dac251dffc841a2906002abdd64334a2cc50db924e196b6cee0f9261a87793dcbf8dcf1363b91b33dfcbca15798e9089cab241884ddacd61fa07f8797cb21f9c1f4f1d7fd8d0f2e19b99b40173853282bbe94e5c867006949b55c1a27e12fef9f264d2a14700fb5c828e21293b38502dadfd2e96dbbe866547a460a737951e55803fe5ed0b448aa1fbe65de9117d066b2f46dbe658510434d2d3fabc734fc5632fd16a3ddf04a0da7067908f3fe7d9c046ec9d528808d0f4a755a4467609386b31104db69605b78507f83995c297d049d6b028ffe981f0ecd972f23ca43096a955d437f604355e49e1d9fac491f955fae46a150555bd91173091a016aeddc51399b8dd20bb6e8e3060da97180d79a8eea89562bbe4dd19f5c36686c3ab5de9cdce1a241b407c78b2a8886b3e316f5163ec082bb1de53ac1797a633587d9319f3626ce3b052107cd55a6c44b97e27aaf9bf5fe0d4475ae2090920865b0a0f32567351c4ac9859e57cdd8254a58d2dc5d67dd16b513a02954d7c99a9544ce5d8ea8a59a06321083690cf6007bb941cafccb17a3b81c96453964cb469e07e8543407f2c03105d88bbd2073cf9fdc51c9fcf58854417f49141efb66b0f98b36b89eccfb616992286ebaa8f325eb9ca85a45d8b1dfa7a18dd46516ad40d2f46365fac4cbb044624139bb5a0bb0ed062edfa0260ea03b9268f18a7d94d83d4411ee46896ef955aada3e31d29e83414ac0a64353b6498c8f1ef37d051b38291369f6f124913d3fef14af925ab93a34d58f569f3c4f12aa458c85b2b29249e4c868e0bce4791c7f7226bf050c23ad590f6231315f1c9a087b3041ce33f6971c4d5a20f85bb103edd586184e90a34dd5c9e3eb1fea74fe413c503c5d48c70e3fc1d210985644ce5ce0b5636751947ae22e3dd6fa39dcbe1ee3def6a3097c8d9836db3b9ce1bcff91451bc46ef3000b5dc66b007ff2ace898a81631c5728c9de7710c41691332a268b18f0eec37ed7944ad0049936e9fe4df157a8eb324ef0d9954ee8da259c700b05bea37e4238c7be1ead4ca18ef228a15d9828476e899b77821f27512ad3ca27e2bdc769890e6addc2bc1ade2a5434421d627d978b72ce2fab1ee5769646881a2ecea9743ec88b48442806e946c27213bd7fe137d3979dcf477eee9ebec8fbe72fd9b6123c0523e83045dc88ef385d961cb4b48320e16350846ebb36accdcfe95cf541347dbdd7817e3e7d91b71a1dcb23ba7156484f90f789ba880b8019cb6a248f3db56e5cf7af156c6e84f58e8ffdc322b76dcd1b4ca02cb6fdd1d210807c34febac4c49ddb8257aa18ad782efca3406f34c6500fb65cbfec98077b50ef7a21e366e0fad97c6f6ca5d69b93639f7c608dae3e6b5c282ce130a8ef23908a626ef98e38bb9255ab6db1fdb48ca0d8f2d469123acbf6a1a83ca4f08d21bbf638ffe553fb4faa83993d9fbff7a9af18e21c74ffb720f41e02912d4507aee16acd64a34d2727bed087fa30c34202b34003330c15fbde12d5ba8e7a88b23501c6b837d01b97d78ea66e323579f0ffa9cbb40ebef25deb8a88f82a4e29441fdfcdb743bf98d1ac091677fd8fd3f172116697db4b2d1186303f68b71eae90dbcbee1cbd6eb49702dbf2de4f7f247bd071446fc2edeb68df92fb4436a3773ccc865587202f13083008f1dd964fc912c29bb0072f381b9d042d0fa058faba9d68886cd9fba2f41dd084ed13fbfe9e97afca35024025a83a6c6bbd798c8dae5bffdf486e88b6c32357b20b4b0fbea04c8cef7178a05d64bfcf836cd919216accd05b99ed4390b0016accac7e0fedacefb7ef4580ba6202aa241989fba902b5502bd4d6a3fb0c62c236f78969d395c67cf1ad2f5c250d8f8076189766d6e20ae9de72be45c2d68b5733a6d1f467db1b16a55da3245160188a217306298e5a86a4c4cad1ae72d6287c6b56684ab4452d54995322eb19c15724447b39c196e2056937fb2b956684c06bda117908000000f4524ddfab9c9fa5872f9fab3a5c3e1de343cb59744978ff286e037b2b8a122c6774291d713cd5b233ea9359764c528676e092840cfd716d995bdbae8dded68c71b8865490946df93c6c617b77ce830a1fb17b3459917ddb1797641ad2e5fa12a4ea8fdd0c914024913ea45237010d8f725c0d6ca6775a22285dab06c48432cee3faccfeda5c7756001121286c6ba8f52740a76a66632142fd84a088f5a0809d49b4cb513630a94acd1f5f246a997c85e90c7b0f9e55b3454a13cbc30518d3979789b76492afd411574ed54f0e9858693dd29b96a20aa55c6835a40c44c84d523054dcaded22718e48708958f977f94cdb360421878f67e97fe2140233f15924071c78fe5ea27b7f9e7eb0cc08fe19703df61906177cb8377c16d50ede70d62f1d8c0f8068323cd5eab2f6fba57ab3574c4742e06031d5a75f3d000b56051f43f987472a5f582a83f4c99a4366ac8c66673da6a312fe4804fb185f3fcbf6f3ffda91f5ebf6467ce6baa992a850765d37de2b3f16fd3ca44854993082e987ca1f520e0c149cdf92f727566c4c5ebe3ecf376c67a5fa7d51942784ff35236a0940a5f275a9ab8c0c5caf68421a14834edc9c29fd3adaedf4cca2802aaa33283ac811d97ef4affbba7315ce7fa5dd2783a067f223a4a8235fd67c23fa535efb4547202d171b51050d508081be9fb6467e9e7d052a7fa8fa8534c440f9f22c8f3d763d89666046951fe85f977a7ad816fc42037adbbec0352ed2b3454fa433e31a30159b9a3d5777944258f01dfe9d38f67af3e85dbdf23e5bb841401b40afeaa708f0a06a2efa2289f9ebda77c2a1390b887bf4b3dd90e418955d05431fd524b481b8b51c523fb1a3d0339bc3999c0a14d643a6ea69346f46a554bd25be3263a3c5ac0848b152d3eed833e7f2a6ce3b0d4100e49319120d4c2b520205fa2a344ab087bec0f73968768d0188007603a77428f12026cf3b296823f3138315ff0f95f3c62c060acb1a11850b46d361ab41b7ad241e45246b091ee2d0c1d444290ff6669a34f1fd0020795fe89d4b67bf07f16c88c8987e7f72480ad42109b43f37e4c753495661b0514553532364638ca8152782b99804b6f9da69fb2b5b7f93acad94ccbadf6e6d9547852088945d3d8c4c5702b1323c47fdd4fc77fcfd61c7ea8b26cfd0954be063cca429cb9915b8a937833ff4c1f2bd620b08dc00ddaab4fa5e13a5f4f2127f0b63b7140dd14b1dee95f178d2bc33cef7e820e609aaa20a733931625227529c714530574bb8cb38e6baef0cefe9a9e3277a4e1534f249abed7f06c8470ff3723c9140f5ed466ba7b79ab2ed2e61d2f5826d72a560c8cc6cf6a64fb9e70b1d15b80f22cd86bbd38b5c46741e054204476f63651f3cc9bce975600abb3133e104fe0145383d0d320367df2dd202daeb7b51b4a1e4e7d36fd1c847965efd71430b8bcef773163b1e378e1381f05083304ea41ee8d37ecd988cc671270101ad4800706cf0387bd038a7164d1586ef5e8791cd6bc3a91bdcf35982d46d841acc8342544d557d369cb4a84589082bf9503d45659791e522bec6a5f61f740ca5540787dc4a6a9f567bb6c0b13d618e80b2b348adde16fc63b2052f381eab8c120f14ab623a4110030847db00ed2d19c0101991f82a8671738b68b6e0efaa8f771de3cb6c2165298df69383b775fafb7c249fd78ad2ee46390c1b905b3853680a80a1849952a10e69fa64d680cdeaf5a451408c5b5d64e0f244ee362f21f37c66b795d73647964d12e297f7f6b760ee4e4b46ef502a54483d3838674e1767eb93f91454f1dfb629e45ed71646f139b685cdac6c73afc20bf62b3b2dcd81d9adf65b4f4a5f2a2a2fa7e079d944739546462519521e523db10cbff9489d7ce84a78ed5fa80b2d5361f4829bfa4bef5c351c984cf58a5f227687eadceb8c0cdc51825a008f8bb8ebb549864b6fba1da22da5aa0a0161464695fad60e636e45091b6dee20498f33ff9f91c1ef927c90215cbf4f5711805eb13e0e65cf326627bcfdaf0bf07d5e9c53520b884411ed632f9f5169db46d674fd660637ab8ee1ca1aefee8ea4ab3b41e6fc18842a0a254db125243e4e996db939aab80b04d70fb22f3c1cf7edb1d18cb5af99be7dd4f01e2ee265109abc51845dcb3f5c8e8477fd7fa8fe41bd83809120428ea9dfef010005964d66ef96c1648516f1b0cacebd95ab20c2a2e2647c967c48c6c9b7977441a0dfeffba2beaec54a66f863c9ef3a4e2fc77928291753648b7abf3fc26128cb4eea246468b05cac113b3464546442e14d5aa760a3d7c481d238b2a5226bfe0dfd2dd5b2a9a5ad738c6a83e21312e0e11ea3daedaa7a6e527ec166337d24b083ccf97af580edb453dc1a7b841b7266ea143b294291ac5ed5dce7dac20d14bb6e53b64eec515515ef817611d22d3a306170d4f358f0b890411454e1bdf85ccc42589ba1a1d75289523e4aae1eb46328d0dac43539eab1d3aeca3db300e605c53cccf04d3688e5db58fe283b01745dc39baea5ff49db07deb7adeac2d3df45fa72f9fccc9d1947556fd8594faa393a2854691016eeea88e96272ee1156874b9ba78a4f71022e3ec2e0776f8db400e6b967be079684d3d80645125c488f5bc0a69a3d7e12bf187a41a8acc9b2f7a610798fb6e2e438b85a9012d6f6990c7b9a557b98d32753cc1786868dc864edd3f0edd8bbf48924fd09d0d7a2334bfcbb5786752765c8f33fc8cdab048b81607b1ba098ce44e6d99d8b1b08b5d19d177f6661c32031d475381c0c804c63d2b7ae9a2198c0d6114e7bdd0e01a4cbfc5c41e858d28f157efe5a52ffd6d70f2bef2066a2d65ec68ac1ea678588f1cf0c9eb030f34a2d99138c4a6a0f85edd8a382324c2c823a7bfc3db3e6822faa0ab1801361c1f23aff0fdb8fb27cdc1db4226d62c0101561e78b704854893c6bf0de79b45f87da7a8e4f65875842230d2bfa152e96fecbe4a7465fb400cb7790102d0a89f105e84a23173141245d641051b8d614d3be26423bc0d042990c62ea3b7392e7a8117e250348d3cf79be1529c8a764da382f019b5a750ab848ad03cf53921c8548318db7aaef2be3acce1a3d9a9715ebf6a5b53da18ef20b932d5926c3cb44c1a4e6ef83f2a84f8afa382d44ea35f17bc147ae1dc792784cfd9edeb9fe09f422aca81ec59688baf429509a6b27ad0f6e21c977756a022979c8a47d983d42a913d0ea6ecfd8bc0aaf9fba62a36d542710161a088656dca539a940ec6dc79ab197eebb803988674d93c8d604a5bcdcdeba44c331c72e58ff9320f39031fe711bca2e0269b1028862c2d2a6c8871a0f92dddd30629eafc739165a070c61c12be11bf3d3cabb31decf449059c99fcc12a1684d8cb48e496df33920dc0a4fd225981c0f45b7220fd9d9189808e4bb39e5accc10fd7a8f3cf1335cb9dc31043a1e2eaf75e0ba500d5ca4497b2924725c0892033eb0ef944e2fc204e9f1e177862af3d59190e2335061a76d4d3bd922d9bb72553a339dd1672b61a91a0d0e23ddf6b08bd13cdf82451b5e8fd3842ba71eebdde40f8563124fba86c3c500f2ceb7246967f497f1dd3e5e42f14774a909199dbec4b469b8b3b6b25a95caa86f334084d38d71d93a395acb14c145298c503f7f494bb9867c564ad7e32aa1ca7bcfa2181dc712165247462db25192f7cba05cee92826c0561303bc473c9485a989793b8bfc2d0285dfbb13c11a426dff4e404435e2e47760d45b76f91b6c7bf04d4504c2502293fc7b49d24fda5b5fcfabf714087582d25a69ead80222da1d574d599b39a0c54ea7709dea1798b9eddea5cff504cc5ae40c561976c11a514f2ba359f6791830926fa13ac7f71e7614d0233305d3ec694b7d31ef320a44079af2614956ba31a66b959a11a3bfbdb683037d6ca42d0e9bbd2d83af74fd4a73dd6537e393b7026169d3c0e017a9e3392e03e8d76cc0f5f0caad4926b3169d61ea09b6cd45e5f62aba4ecab5b053d54cdf8ec5a69320094d520f702cbd218125f24e38a5934a2f5f4d74c12df05cc0c7b3c36a37db2863e918a8cbc496fa77bf6109008e20602636ddbd53aec45741384aafd05ebbac9d6ddd8aeb3d75775bae5124cbc7fb5db4ce9c8af96ad05035a8dcb64c0b02f0669c65b07f60c9cb81e99462ef8318d0ab65b97d6a9271042f4d46a5d8ee42b90783db78827d018b8d392ab3eab88e06b409878fcf74067b1a1fede92874741cfde10bdb444819fb991c36c9dd458c8794e0b4bd9e3f7cd383c485e6a60fa4238b318e14896934d97b4b7993472f4f9f246ca7523e5979c984fd16248b087cc3eafd706328a3ec47f88247357c4b759a2a1f0efde24f4129fb612f8c3742847b39996487653d6bcaf5862dc1bca501abed2d0b5a23c1d2a62eb968acb01763718b27a57e99bcd66c9910d6d0bedc7e6197bd58267cb1a8c61eeef9f19aaa6a0cab7cc268e8bec46db3fbcf4de3e8abe483bb01811087fec18bbe471628c3bc80194d3661efa6d9130a524089b07d8cdf6198018a24d23bfee4a1664e68ae7c30f77bbbcc7116d9bda8a4e6c01f047a4ee60a09ab23a63e1bcdeb3869043efe60eb3b7a6beb366d11e786002b2e3d36d44f91ed87152697e456f8ebd2b0e15df21a773b1ea876319fada12bd340314944f8d9d90ea26380cd83692a2f634c241bfa0868fd7ba52a841ad418c97e818195047d6d11ade0aafabe0d627a68721f61f3758c40dd14498521966380d59e0cb621953f0ea908fd297178899b2e60c210479a4a9ef9a8cf1d2a0c2e909043ce75d2f4fb766eb166b995b714cfb71bad7462525aa15d3fc8462808f8a0cee080502765bb9d1e9912a9ba937a94e48708b531d5ba71bdddb97fe77dfc7fcbcc0ddbef56c1f78feff399eabe15aac18b95f0c88a40dd5ebbdcb3ae45ba66dc990e9267c5290f7b357e1ae5e354c72edab117bcc394e4e8a91d99ca2f000420ff9cb32f87c663c6bb9692cab44c5c26212dad70a5426ce7eee219cdeb6bcb65d9b1f957c3e495a1198a60dcf446f4b192fa50d8c4426b8ba3ef0e06be2d04d7e142e825718828617220349408bd313df2ae8f860058b169b7ec3416f4c73fbfe509b442b8332a7049e7dd59b77d199079c187f7afb9b869ddd27864fb1bd0ba7e0ff67ceefc88f86362540a3020b9a90d07b9634358142a4b095f3becfc810b2ca5d78361403cf09e59c3b747953ff3535bb9f99bfd20da8a64082fd8552739f622e5d24d2fee438083d839402aac872f3d98f394d56bb4564c8caac19ec4873ffd2dae20a0bd8f0781fb92984755014695ba1f3a2e01ce4fa33206b53138afdacf34c2be54b56cd76a9948013538c7ed8fa60055e9b60aafde90f50b4e0cc9b3009f45823f674f23ddd6cb2439c479e20ab975139055bc8ad72315c3c466093be1e06ad27f7601b9cfbce93f172143c6523e239fed636ece9407caa423db7e64d6ee1163976dd7f19c333d02d788111de7243b7dd6dba0a1d9957e758acd4ad9ceba61d0be6c2be89b65d18f1a7f1cee89f9fee5dc682e12e78d2822f99f4b2a920c36d0650604c545b76c9e5755032a8ea94d0fb21d513a138b5a1ad86acdf0097d5f289a9629c7a3e570a96383980c067a702cdc198712adade467e0baf05595108dff0b342d1b1fe243cf8145d024b46f8008c20ded574da9f49b49163591a6cd2fcad74caad0e95dc5714a15cfa88ff11a7d30028326575217447100f4c5c97f0cc25d79960e39b94f0ab60f986fa3c919865f8e231bd77c2c759b166d8874728e9e131b9b3aa5cd166a9ae330ca439ea3ffb7581f1f4389ebf9334810d07981c5ea03b42ef5615ebc17005a0c9c02478353c08f4cca0b6a2e98de3d51d3174ee8101387f52b12b699b57a4c50452a978eb43c3a101ae69213fe93f2606fc6bf7b771e3dea5e578b85e5642791e9aa281c8f91cebde1095cbc23ce174a1ceec151703a226749176d42d72468d48f88012d18e0f2640c3018e08c8a2df197f273596ca5d48cf976b7ee051189b8081f0863e613258f267a5bcf30509c6285fc37c0d045c29c471b04f189cb3c69914ba0591cfba1c71ed909362aa8840be28e624e3a6b8393170e809231e10820326ecd03e23e11dfe29ae47adddf3d4f858d51f9ca33ee85a5077a1463caac5d034293bcacafe15b3e6cac7247a33ace000f164cf8a5243f89b89b8b11220b35a07679e7af900e540d965669fa23ca0d0d3b47d9b2cb0fa31a90c69e686d582f6c9c8c628875c002cc5e288a5e1b738842258569fe2a4de3dfd7dfd13b1fd7c8c29dfa4f58ea8d0c7e56222fb9b0d29c68c7cb8ba3fd79b04a14366f83bbef2531311a3f385bdad440ee85e2dd947f32a349f9d1eb750ceb0f7211980b0b970c7b81f16935d4d3e764869edae7a45cb45a0445e8c8ec27fac4edd6ea269563b6f12f394782fd970cbfc2752fc9f4892c731eaac8e3a315797b0449b2a9ae3d4bd25d0e8f1a43e29630b4e2e882ece16dc542fcbc1f165b2cefc4deb40c23bf61f3e51d5acbc81135d35f0c055d8a003e03c0625e83f95ab2349c222dbc6d62d34e0119938d0b384a86dbdfd00c1226d0ff1f834c3529361c9db6d5612009bc39a0d654de2940ee2b8a96bd3c297ecad0a3df1b2a85a400fab889648315415c4ddbd0c9752146496d3769b3c9148330a8324453d4431d19727ddd12493003bd7eaeb05b2f5c333a33cba442df3dc11dc23c80292a52b040f5e707784b5d29f4c46d3ac8ae0e159517c1a196103bfd6bf6d32afd687773bf224ef00c844f1f36365e7220c57a97aa0904219a0ab84def7095b280b971b554e0142d154c5422c918b4744bb3b9e61721a983f4d63cc79fd88295b67b24fec0ec1ce8a2e80a1ca4e97cdda6d2df44a571a74b941f049886355e2bb5ed908e646850d85095d099e3a189a4298f4a25c0798b4dc25cd630695561a04f43ff009e4f49177e01c11442593fbc23657a46f918a77231b3405d4931b6f2c01f0207d6933304bb2106c5dbce23378bc7ca66ff4f57550bbc36500f6c4ce21dc22a4575c315d2f4c4fb1fb8e12ebc2c037451611718d4371c6d0a00bab9f68a1dea6bd654d49232ab3c85e07a6ec8e2b19012c31d540f81d666d0a236e9e2a4b6d85c0974efa172d13003b63e94cd7a5652f4703d88712fb63521abaf0e2a0dd4b2e457e42d4a811db6a77310b1aff1b9055c9995ce9a0fe2e0c3657c52ae562738b6c12693cb2bffd1d3c41b6a73feec4008e63562bbc38a8c56c10efdb2b67fcef74f6a6f7e35baa4685f7764977348db378b242ac5f81a8a69c666c0247d1d326faf3b7dd4f07bfb16c08bb2703f6997e1a6cf042c0ff0fea27217ac2c78328bd573e8dd86263de6ffcf3d26d45d8be7234da9f24f1a08ab16f3df9e85861fb1251933eb8982b81999234d6d56759acd528ffcaee5a300e711e0b7f0b208612caa6dfeddfe4557161933a1910ec4b35ed89760fb91de6c19f766845979e36855a11d7ba6b892a717b32e8e17b367c5fd11b940de937a975470bbf872f8a1cd637c76fe0a9aba5fb9e", 0x2000, &(0x7f0000001200)={0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x28, 0x0, 0xffffffffffff6260, {{0x7, 0x5, 0x0, r1}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
fcntl$lock(r2, 0x5, &(0x7f0000000200)={0x1})

6.742458679s ago: executing program 3 (id=306):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xe8381, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
r1 = socket$inet(0x2, 0x80000, 0xfffffffd)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x0, 0x0}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000400)='dctcp\x00', 0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x10a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xb, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x40)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
listen(0xffffffffffffffff, 0x6)
getdents(r3, 0x0, 0x0)

5.753425266s ago: executing program 1 (id=311):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x442, 0x0)
ioctl$TIOCGDEV(r0, 0x80045432, 0x0)

5.578796598s ago: executing program 2 (id=312):
timer_create(0x7, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040), 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
r1 = epoll_create(0xd)
epoll_pwait2(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)

5.396745246s ago: executing program 1 (id=313):
fspick(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1803000000000000000000ddffffffff17110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0a000000070000000300000001"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)

5.23137798s ago: executing program 1 (id=314):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b80)=@delchain={0x150, 0x65, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0xe}, {0x0, 0xb}}, [@filter_kind_options=@f_flow={{0x9}, {0x114, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x8065738cbab9bcb1}, @TCA_FLOW_EMATCHES={0xe8, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x84, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x18, 0x3, 0x0, 0x0, {{0x7, 0x2, 0x4}, {0x4, 0x5, 0x6, "ebe6c48aa9"}}}, @TCF_EM_CONTAINER={0x4c, 0x3, 0x0, 0x0, {{0x4, 0x0, 0xb}, "d0fa3d16cd50d147bab4e8cc66b89a2f2ddd8dea788aa8b6931170f39e3b56c21d1c85ab32acb6397660ea603b182034545dd0bd1327d2665d5a78a956"}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x1, 0x3, 0x81}, {0x10, 0xe, 0x6, 0xd4c}}}]}, @TCA_EMATCH_TREE_LIST={0x4}, @TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_LIST={0x54, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x2, 0x7, 0x4}, {{0x3, 0x1}, {0x3, 0x0, 0x1, 0x1}}}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x0, 0x7, 0xfffa}, {{0x4, 0x1, 0x0, 0x1}, {0x2, 0x0, 0x1, 0x1}}}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x1, 0x7, 0xa}, {{0x1, 0x0, 0x1}, {0x4, 0x1, 0x0, 0x1}}}}, @TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x5, 0x7, 0x6}, {{0x4, 0x0, 0x1}, {0x3, 0x0, 0x1}}}}]}]}, @TCA_FLOW_XOR={0x8, 0x7, 0xffffff7b}, @TCA_FLOW_PERTURB={0x8}, @TCA_FLOW_DIVISOR={0x8, 0x8, 0x7fff}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}]}}, @filter_kind_options=@f_bpf={{0x8}, {0x4}}]}, 0x150}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}], 0x7, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x2040000, &(0x7f0000003700)={0x77359400})

4.534662251s ago: executing program 0 (id=315):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4$alg(r0, 0x0, 0x0, 0x80800)
sendmmsg(r1, &(0x7f0000002c80)=[{{0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000002e00)="3451a7f7992239", 0x7}], 0x1}}], 0x1, 0x4000000)
io_setup(0xff, &(0x7f0000000380)=<r2=>0x0)
io_submit(r2, 0x2000000000000225, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0xfffb, r1, &(0x7f0000000340), 0x2d}])

4.404017646s ago: executing program 1 (id=316):
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x3e, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x0)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f00000001c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x4, @empty}, 0x1c)
getsockopt$sock_buf(r3, 0x1, 0x1c, &(0x7f0000000540)=""/142, &(0x7f00000003c0)=0x8e)
request_key(0x0, 0x0, &(0x7f0000001fee)='R\x10rust\xe3cusg\x91\xdeeH\xe5+\xf0', 0xffffffffffffffff)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="05000000050000000200000004"], 0x48)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newqdisc={0x2c, 0x28, 0x4ee4e6a52ff56541, 0x70bd29, 0xeffffcfc, {0x0, 0x0, 0x0, r5, {0x9}, {0xffff, 0xffff}, {0xfff1, 0x1}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x80}]}, 0x2c}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000084)

4.344285105s ago: executing program 4 (id=317):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000e40)={0x15c, 0x0, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@ETHTOOL_A_DEBUG_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_DEBUG_MSGMASK={0x134, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x47, 0x4, "6740389b0eff8357fb217f80537e9dff259c84d51a5e22cfa60d0d5e31c6378ee77876b78a3ce4c9d63dd75d166e7aa185e8ac50bcd15c7113c428db9fff23d2adbbc3"}, @ETHTOOL_A_BITSET_BITS={0xe0, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '%%.-\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffff6}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '%%.-\x00'}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, 'W$\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, '/dev/kvm\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, 'msdos\x00'}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x29}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '-+\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '&$[@\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, 'wpan4\x00'}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xe}]}, {0x4}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, 'W$\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '+)&\x00'}]}, {0x4}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xf, 0x2, '$\\.\xd9{\\&%}+\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x8}]}]}, 0x15c}, 0x1, 0x0, 0x0, 0x802}, 0x4048090)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x29d})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000040))

4.010856151s ago: executing program 3 (id=318):
syz_emit_ethernet(0x2e, &(0x7f0000000180)={@random="e904a200", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x1, 0x1, 0x4, 0x0, @void}}}}}}}, 0x0)

3.911884979s ago: executing program 0 (id=319):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0xd, 0x10, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000010000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182100", @ANYRES32=r0, @ANYBLOB="0000000002000000b705000008000000850000005d00000095"], &(0x7f0000000000)='syzkaller\x00', 0x4, 0xfeb, &(0x7f0000001e00)=""/4075, 0x41000}, 0x94)

3.290749406s ago: executing program 4 (id=320):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='mm_page_alloc\x00', r1, 0x0, 0x1}, 0x18)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)

3.232318473s ago: executing program 1 (id=321):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={0x0, r1}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./control\x00', 0x480, &(0x7f0000000000), 0x1, 0x786, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbLNJ37Tv27zwwms9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnq2Wm9e/XHVP8C7B2mpmhYjHiQym9102+ymmzSbbdnPByZ5npnZfOc7z8w8T3aG3QD61mj6IxNxOCI+SCIO1ecnEZGtlQYiTq6vt7qyXEinJNbWXvstqa1ze2W5EE2vSR2oVx6LiO/ejTiS2Ry3srg0ky+VivP1+nh19sJ4ZXHp6PnZ/HRxujh3fGJy8tiJZ08c371c//hx6eCND19+6suTf73z/2vvf5/EyThYX9acx24ZjdH6Psmmu/AuL8Vbux2up5JebwA7kp6a+9bP8jicpOWBXm8SANBl6Sh0DQDoM4n+HwD6TON9gNsry4XG1Nt3JPbWzRcjYv96/o37m+tLBur37PbX7oMO307uujOSRMTILsQfjYjPvn7jajpFl+5DArTy9uWIODsyuvn6n2x6ZmG7nu5gndF76hvxf8o+YHTgfr5Jxz/PtRr/ZTbGP9Fi/DPU4tzdibbn/4bM9V0I01Y6/nuh6dm21ab860b21Wv/ro35ssm586Viem37T0SMRXYorU9sEWPs1t+32i1rHv/9/tGbn6fx09931shcHxi6+zVT+Wr+QXJudvNyxOMDrfJPNto/aTP+Pd1hjFeef+/TdsvS/NN8G9Pm/Ltr7UrEky3b/84TbcmWzyeO1w6H8cZB0cJXP38y3C5+c/un0+rK8loScXX3M20tbf/hrfMfSZqf16xsP8YPVw59225Zi/wLjf+F1rU+/geT12vlwfq8S/lqdX4iYjB5dfP8Y3de26g31k/zH3ui9fm/1fGfjk7Odpj/wI1fv9h5/t2V5j+1rfbffuHa6sy+dvE7a//JWmmsPqeT61+nG/gg+w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWJiIORZHIb5Uwml1v/Du//xXCmVK5Uj5wrL8xNRe27skcim2l81OWhps9Dnah/Hn6jfuye+jMR8d+I+HjoX7V6rlAuTfU6eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Dm+/9Tvwz1eusAgK7Z3+sNAAD2nP4fAPqP/h8A+o/+HwD6j/4fAPqP/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAuO33qVDqt/bmyXEjrUxcXF2bKF49OFSszudmFQq5Qnr+Qmy6Xp0vFXKE8e7+/VyqXL0zG3MKl8WqxUh2vLC6dmS0vzFXPnJ/NTxfPFLN7khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9lcWkmXyoV5xUegcJAvdUelu3ZUSHTSGKvgg52K4uHYGd2r9DDixIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI+SfAAAA///WoyFe")
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x2000000000000022, &(0x7f0000000340)=0x1, 0x4)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)

3.153984685s ago: executing program 3 (id=322):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x2d0, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x100, 0x130, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x330)
syz_emit_ethernet(0x72, &(0x7f0000000000)={@broadcast, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "101040", 0x3c, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0xf, 0x70, 0x4, 0x0, 0x0, {[@exp_fastopen={0xfe, 0x4}, @sack={0x5, 0x22, [0x2, 0x401, 0xf4a, 0xab9, 0x80000001, 0xe, 0x0, 0x7]}]}}}}}}}}, 0x0)

3.001417784s ago: executing program 0 (id=323):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x442, 0x0)
ioctl$TIOCGDEV(r0, 0x80045432, 0x0)

3.000855103s ago: executing program 4 (id=324):
fspick(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1803000000000000000000ddffffffff17110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0a000000070000000300000001"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)

2.918607559s ago: executing program 3 (id=325):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xe8381, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
r1 = socket$inet(0x2, 0x80000, 0xfffffffd)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000400)='dctcp\x00', 0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x10a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xb, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x40)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
listen(0xffffffffffffffff, 0x6)
getdents(r3, 0x0, 0x0)

2.720622403s ago: executing program 4 (id=326):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)

2.690681596s ago: executing program 0 (id=327):
capset(0x0, &(0x7f0000000040)={0x0, 0x0, 0x7})
r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x6f5e, 0x202)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x5393, &(0x7f0000006fc0)=ANY=[@ANYBLOB="9e"])

1.930153941s ago: executing program 2 (id=328):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x0, 0x0}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x30}, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x1, 0x3c, 0x1c, 0x66, 0x0, 0x44, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x1e}, @rand_addr=0x64010101}, @info_request={0xf, 0x0, 0x0, 0x316, 0x5}}}}}, 0x0)

1.92975217s ago: executing program 4 (id=329):
openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000100)={0x2, 0x0, @ioapic={0x8082801, 0x5fa, 0x8, 0x1ff, 0x0, [{0x6d, 0x9, 0x8, '\x00', 0xe}, {0x5, 0xb, 0x72, '\x00', 0x1}, {0x1, 0x7f, 0x9, '\x00', 0x5}, {0x81, 0x1, 0x8, '\x00', 0x5}, {0xb, 0x54, 0x4, '\x00', 0x7}, {0x0, 0x0, 0x2, '\x00', 0x8}, {0x6, 0x9, 0x1, '\x00', 0xa}, {0x5, 0x7, 0xb, '\x00', 0x45}, {0xa, 0x9, 0x0, '\x00', 0xff}, {0x6, 0x3, 0x0, '\x00', 0x3}, {0x40, 0x4, 0x2, '\x00', 0x1}, {0x8, 0x4, 0x1c, '\x00', 0xff}, {0x3, 0x86, 0xc, '\x00', 0xf9}, {0x5, 0x4f}, {0x4, 0x4, 0x96, '\x00', 0x9}, {0x8, 0x5, 0x7, '\x00', 0x7f}, {0x3, 0x7, 0xd1, '\x00', 0x4}, {0x68, 0x3, 0x2, '\x00', 0x3}, {0x8, 0x9e, 0xc0, '\x00', 0x2}, {0x3e, 0x4c, 0xa, '\x00', 0x3}, {0x7, 0x1, 0x2, '\x00', 0x1}, {0x3, 0x0, 0x6, '\x00', 0x4}, {0x93, 0x9, 0x4, '\x00', 0xe6}, {0x3, 0x7f, 0xdf, '\x00', 0x47}]}})
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r0, 0x4400ae8f, &(0x7f0000000740)={"0bd13af7e222d7b82977a894bcf2d741b99f8f02da617b9ad94014424a83db0314f34fdfe9a260e953f1aaf3610eec4c839a08a42b569d1e59b5520d8ad988ecacf773bc8c1855c13291a20986512ff73d4967f734679cb88ac4c1013a6d38828f96b71019283ce07d08bbb370738322ffae7a0afc79279598c1166ec564d5be5344fc87a5f00ca1354bced1fccde226dcd6e864d8262199e37fda0824cafccbe5f8cd0518aa106eb5f8a0986aca2d05a5eaa0177c72d3caeb3579fd729cfe1e7c8e2bb7a9dcfc32e31c7dd4cb48b11128a933481391a63c788de6306217984ef3aa5c402cf680385d96c065818632f2eb3b976ae7997d793ee5a91e26017c70319748f5b8505ce26e2fc2a50296523adc134596ff6ce79f6b58e5ca0612085af940096fb90cb23a7eac4d0e1f0933ef17dd5b760ed2864d8cc3dca7174f7d10bc4ccde5463f72f0265c673a73a1d7d41a581d8491c8f37615278b543c2c3310ae461a924409d0b5a1a75085d800e69f7351d6f2e058d6323d3ae70c7a1b7961a017dcbd827381d2133be3eda141656239ee6859843e51305726cc2444f1360e65e2993842d09428843f2c50c989084ed7722d34e930873d420e9c9fffda5fedf8370000000000000000885e2e653d083ccc91792e12e3082139763d44f68d1115d8e545444accee3bb38a9fa3b9ff7172868cfaf0a8f22a6939248404db646f2aa405a21b953498132fe3167e4783623451da9253e12187b4086f56bdd827e75a5523e04683335992552fa2cce95d2b23833d57bf2872f9e428b374d049a35636113207f68e34d7f1392c05add0d78b9d999c7a5d47dcbb803bcab54544dbceb73f41d5ac0970883308fecd0edcbb3eea10c1b56c851d13ff248353994d4fc68815b1bf45d202c9944b5cecc4d09a99b422ef51442a8c16e1dbb6a955c4618d592d43cd7e52c206929662f178afe060401868ffaf0db2f1eb3aaeb591be9eae546ae97266315e87487dd399ea4ec20423904c3953376a3ab41853f00b720b270b6ae8fd3cbd6c66e4af6d15bbae6aa085e56a3f8ca4a40117a72209d18e4e31e06389650b8115ef5f1fcd8c2d56b37d66fff06008836e501304a332dd3a9e6eea4f8f8d9e3671edc0abe7788692ba653850e980c36a4d3f60d090a58e34fa033b8e92ce7c19a1730872bd9b58530729400823e68ebb0ab9294bebfcd5404194a9dce119d204e01736b57ef37f7bc11ebf9bbf4d33a35ccebc67a3e38bc092cc208e8d70f33d830d26e16b5adcfb3a8928ececc4273771716dce7a0cd4d6f37f8cf70242fe91f09d9d07745e60c35b93bc343eb27751afc6ffb4693ef290668824287595c20cda170ff582c630e2a5df595cb8b7868b8f28665c7fb592d8763b6a0c3e20154f6400"})
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000100)={0x2, 0x0, @pic={0x0, 0x0, 0x3, 0x93, 0x0, 0x0, 0x1, 0xbb, 0x2, 0xc0, 0x6d, 0x9, 0x61, 0x7, 0x90, 0xd}})

1.920738602s ago: executing program 1 (id=330):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x1, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, 0x40814, 0x3}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_TX_RATE={0xffffffffffffffb7, 0x3, {0x7ffffffc, 0x6}}]}]}, @IFLA_PROMISCUITY={0x8, 0x1e, 0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x4000080)

1.892406976s ago: executing program 0 (id=331):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r4}, 0x0, &(0x7f00000056c0)}, 0x20)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioprio_get$uid(0x3, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0xfffffffc}, 0x1c)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000140)=[{&(0x7f0000000300)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000c0c100000000300000000001e5e787f66e264b99277293a5c878f3f141bfb9ae74339bbd16b2502a05a18e85d76912e72d7d4125e58606315b914ee8829b0a4cda6f4b69e4fe4a0817c8a554fea49f3578091849dcaf3125ba94b16efee348ee2da1cd090a9b124fd9389f4dc8fe7a5e61f3a99805be75c7d9dcb69b8812e68d97b7d523dca2011b180c6b70cff4605671ec19d533c348292227e95fb6dc0fc2eedab5735c9701df0d35240d6996aa2965843e6ad8b83992c", 0x105}], 0x1)

1.862057865s ago: executing program 3 (id=332):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000004b80)=[{{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f00000008c0)="3bcbdb0fcfa026557d2ea2b0fa34b7b3ddf4e60fe678186210e935989ea66d7c81fcd371943f18f118107da91cf43c5479ca82428e90b96b3635a98e39939ef5109511d949224164c044f18fb4d64db5c0404f01b99fba50263ee03e82a28fcd751660b0cab68a62a8b6eac29946c988fc747092d35e935ad8442feece96b4ee481cf95a8feb6ec3d6e5cff03f59eb97136d7cb400c1d0ed4ed9b83090abb113aa4e92606957", 0xa6}, {&(0x7f0000000980)="742f311a83a225186454bcfd09e48b60d703de616d0e6f11523b39811b58bc", 0x1f}], 0x2}}, {{0x0, 0x0, &(0x7f0000004080)=[{&(0x7f0000000f00)="52348bf9812fc081678b5760a4c4967393fd8939aaf12a894c5424df616c4eea14fbac2dad114a75c405d89fafa5715b56abba4bbceca456d8225e3f6eb57a03287e74c7bd74e40e3fda3150f92d181e7c82cb2f8ea0416fc4c0f111161cdb9a52911925644e25f871d02f403c83214f830f93b30b874e75cab53f1ed7871f21c0d654a47fab0637868517d7e8d9915e99b4dc2dcafdcb2ef2a012ec95418a544c32181fb969e01318e00a12fd1b2a0eb57bcf7de086e320f2d4be4e1453010be849e4d7dba41558329699aacd3d1c7d97b9bf74caf8b7946647309d209558b1965ef7ea4576ec0e289b73c2089310271d0a67d88a312f4cb0194c4f28ec3c2fe269311d0cec1fe0efef17d376d183b08e392b6cb58e930e1f959dd4528ec95350fc86e5297e6d59af036b132df17833881238ba8692842a8da4d5b4a37c94915331143d9128a197495433c2f550b4455a9ae03b937305e192e861ca3a60f9b3a14288e3daeb6936593485388a4aaab39b3843ee2960d9c8728eafb904333e7b78a270480e8dd89bc4cf0b791013cff43bf314e11a44d5f9c4fdad8a2fcdb04f76de29a50a0428148f4bc3eff1e84d25ea95dabddfba6162860a3c3389ee366450b6bcf1409f920caf1be5702af0402e2cef4896d9544a26ebfab694d7a47eca55bd2f62e7d7eb1f6061f7e441df5ab31344f02179764822036ef706133ea1a6380e042f074b2b0ddcc578cb8a668a846b9d5792f8d434f8ec7b562594587c49e8e6b3450e545fc070644bd06a36106cdb63f9e8ad7ae50b5b44e47f377961f5e29392330fb40d63c911ffd13e094f0452cc5c77b0731b56211b2d8a7554f6077ae593626a54f56d6dea49058fd1d48db02a7b33d50474b58a7e14e6a4d935bfaf4865f00074d59ece4b2d5f5e768e952733ee2c34b3e4b0be230f792f8b16f872afbbd155fe5314d4f54ea7b747eb2cd2410db7464c73ecd4815cda0bcc839fb603bb3f0c04b2d233b54a78b7aa3db974e469c8788e155cc2ef39bcf8491101058093c842df8cd0ac03d29e6d6902187f31eaf960b306debf734d8d26cc34a7e62c64a98b5a8a61020d81f5213d4d5722088be5b5ea6b1ee19b148d1f8b7172cd507533360d2d668e85252463b1d61302a75a7e3dc5e8c607a1026c66c2e8a6cbd34e3e5e99890da6cf07ed1247a07f004a6b1d643e00be7c156127bd7b39326e84ea6963d0530a4538eea35cf8048440a65148f1fe6314020bbe9c9358242589360fa5b1425d24b9f59141d81c0dbdd2e802eb82849e6342a4ffd0dcf307e2c73c707f54d54a2d04f2e504cae3d1719253ea4f455ae0e5fd35c08808b1fb8c6f5a25e7a3b082cd2159b9e624b67f1ed7faf2e5a0e6cd2560e26e4eabf626b65ce42c7855512ad92bcd6849d0c73e4cf41962ae0d17d850cd598e016b1db978f7a8d7f5fd88c7952982633e7673f11f3dc1ea4363ecbd106b3f410be357a29d0ddff9cb8448f71b39c60c3e7d5fba9e6115e64e88813418614419fcc8e27c2bd13109425528e44927ff85444cc076fbebbbf5c8b5a7bb8c7c9dd61a2bb4eed88d057a7268904cdd84f5e1eb8e4800a4d0c516e33e97c83f859c5e83fcd841ec6af3eb609c50bfd4794edb29d3a4c50088821ebd1f964eb9689e75c8ba3912ef50641b12a090e8687542763ed92bf85aae23b320f36f2b6b48327d5a58c0ea4b5725b655a33ac84dcf473a4f5adc3eabb7eb8efaeb18660d4b35405dc05a752f663ceaf25975849c708d41cdc53a8b4de94a10612b3901e8fd3a4797d5e6bfb1fcafebb7ad602cac461b014549574a8bba04601d4270749b17855d6e0bf912a823f801f74716bff0c5b5b7f8b62111168277a7725a9aa4b90a728304888f60bf1ff5de292e1451e01c34e38666cbfafb5dbc2b6af55c06a4bc758dab1081685c284f6480223f08be99fe93f758780b11e019ea305dd4ae2d7998830077ffbacdf545f94df06bfe57c5aac1c235d2ec4494c57228258517c7757bba41ebbb4a91d4d7c17d56a8a4f4896f8b87105bb91339bc817f51a14e657dd76934ba125e66df998d16f0467a71a437d6d9535d442af1a96ea753074fca588ee3cea87e01c8e2c7903f3d493c1f03dc77187acd17471769286c77f8d9c740705e1dc1cc1c528959ca6437766706dae23e117ba6585204e7ff30128d4629e107a409f744e4bae6dfec03cdc53d95f5d06c82258b17e9a215dda1dd153b20d3", 0x639}], 0x1}}], 0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

1.720386904s ago: executing program 2 (id=333):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat$kvm(0xffffffffffffff9c, 0x0, 0x8001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000240000"], &(0x7f0000000980)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18)
socket$nl_audit(0x10, 0x3, 0x9)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xf, &(0x7f0000000100)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0}, 0x94)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000140), 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x18e)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
rmdir(&(0x7f0000000380)='./file0/../file0\x00')
mknod(&(0x7f0000000240)='./file0\x00', 0x1000, 0xfffffff6)
r5 = syz_io_uring_setup(0x2d64, &(0x7f0000000100)={0x0, 0x3daf, 0x80, 0x4, 0x62}, &(0x7f0000000040), &(0x7f0000011000))
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r5, 0x2, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)

1.719840035s ago: executing program 4 (id=334):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet(0x2, 0x1, 0x100)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000e40)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x300, 0x18c, 0x203, 0x300, 0x19030000, 0x3f0, 0x2e0, 0x2e0, 0x3f0, 0x2e0, 0x7fffffe, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x300, 0x0, {0x1000000}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xe}, {}, {0x0, 0x0, 0x3}, {0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {0x16}, {}, {}, {0x7}, {}, {0x0, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {}, {}, {0xfffe}, {}, {}, {}, {0x0, 0xfd}, {}, {0x7a04}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {0xb84, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz1\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f0000000340)={'ip6gre0\x00', &(0x7f0000000f00)=@ethtool_per_queue_op={0x4b, 0xf, [0xf68f, 0x8, 0x9, 0x1ff, 0x0, 0x4, 0xe97, 0x4, 0x6, 0xecbf, 0xff, 0x101, 0x7, 0x200, 0x3d, 0x5e, 0x1000, 0x1, 0xf557, 0x2, 0x5, 0x7c, 0xce, 0x2, 0xffffff6b, 0xe52c, 0xaa8, 0x80000000, 0xd, 0xe9c4, 0xcd8, 0x6c, 0x6, 0x7, 0xd, 0x8a, 0x3, 0x6, 0x3, 0x3, 0x3, 0xfffffffc, 0xfd2, 0x6, 0x8, 0x401, 0xfffff801, 0x2b, 0xa, 0x0, 0x7, 0x8, 0x5, 0x0, 0x6, 0x8, 0x23, 0xff, 0x3, 0x10, 0x3, 0xffffffff, 0x6, 0x6000000, 0xd1, 0xf, 0x4, 0xa, 0x0, 0x400, 0x80000000, 0x8000, 0x3, 0x5, 0x2, 0x0, 0x2, 0x8, 0x80, 0x4, 0x2, 0x0, 0xd, 0x6, 0x3, 0x8, 0x10, 0x1, 0xfffffffc, 0x9, 0x7ff, 0x7, 0x2, 0xbde, 0x37, 0x9, 0x4, 0x1, 0x9, 0x6, 0x7fff, 0x1, 0x704, 0x33e4, 0x401, 0x5, 0x7fff, 0x8, 0x100, 0x3, 0xfffffffd, 0x2, 0x6, 0x8, 0x6, 0x7, 0x200, 0x9, 0xe, 0x81, 0x0, 0x4, 0x5, 0x5, 0x8, 0x3, 0x1, 0xfffffffa]}})
r6 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r6, &(0x7f0000003600)=[{{&(0x7f0000000000)={0x2, 0xe21, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="50000000000000000000000007000000070b5264010101ffffffff8613"], 0x50}}], 0x1, 0x40000)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)

0s ago: executing program 0 (id=335):
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x3e, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x0)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f00000001c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x4, @empty}, 0x1c)
getsockopt$sock_buf(r3, 0x1, 0x1c, &(0x7f0000000540)=""/142, &(0x7f00000003c0)=0x8e)
request_key(&(0x7f0000000040)='asymmetric\x00', 0x0, 0x0, 0xffffffffffffffff)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="05000000050000000200000004"], 0x48)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newqdisc={0x2c, 0x28, 0x4ee4e6a52ff56541, 0x70bd29, 0xeffffcfc, {0x0, 0x0, 0x0, r5, {0x9}, {0xffff, 0xffff}, {0xfff1, 0x1}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x80}]}, 0x2c}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000084)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.31' (ED25519) to the list of known hosts.
[   84.717320][ T5831] cgroup: Unknown subsys name 'net'
[   84.828183][ T5831] cgroup: Unknown subsys name 'cpuset'
[   84.837434][ T5831] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   86.489526][ T5831] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   89.188490][ T5842] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   89.205091][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   89.213113][ T5842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   89.234479][ T5842] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   89.244481][ T5842] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   89.400907][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   89.409234][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   89.417400][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   89.426217][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   89.455090][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   89.541263][ T5842] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   89.549568][ T5842] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   89.557416][ T5842] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   89.565715][ T5842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   89.578752][ T5842] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   89.626436][ T5165] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   89.656065][   T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   89.663565][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   89.664590][ T5841] chnl_net:caif_netlink_parms(): no params data found
[   89.673221][   T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   89.725691][   T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   89.735544][   T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   89.745114][ T5858] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   89.752634][   T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   89.754697][ T5858] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   89.768730][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   89.998209][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.006072][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.013578][ T5841] bridge_slave_0: entered allmulticast mode
[   90.021390][ T5841] bridge_slave_0: entered promiscuous mode
[   90.062820][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.071101][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.078434][ T5841] bridge_slave_1: entered allmulticast mode
[   90.086389][ T5841] bridge_slave_1: entered promiscuous mode
[   90.245545][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.263115][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.406597][ T5841] team0: Port device team_slave_0 added
[   90.437034][ T5850] chnl_net:caif_netlink_parms(): no params data found
[   90.470014][ T5841] team0: Port device team_slave_1 added
[   90.477500][ T5846] chnl_net:caif_netlink_parms(): no params data found
[   90.659253][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.668623][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.695301][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.743497][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.751041][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.777494][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.801807][ T5854] chnl_net:caif_netlink_parms(): no params data found
[   90.883699][ T5853] chnl_net:caif_netlink_parms(): no params data found
[   90.897106][ T5850] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.904393][ T5850] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.911748][ T5850] bridge_slave_0: entered allmulticast mode
[   90.919593][ T5850] bridge_slave_0: entered promiscuous mode
[   90.961556][ T5850] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.969160][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.976542][ T5850] bridge_slave_1: entered allmulticast mode
[   90.983874][ T5850] bridge_slave_1: entered promiscuous mode
[   91.007778][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.015052][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.022272][ T5846] bridge_slave_0: entered allmulticast mode
[   91.031231][ T5846] bridge_slave_0: entered promiscuous mode
[   91.089449][ T5850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.098797][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.106184][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.113396][ T5846] bridge_slave_1: entered allmulticast mode
[   91.121639][ T5846] bridge_slave_1: entered promiscuous mode
[   91.182211][ T5841] hsr_slave_0: entered promiscuous mode
[   91.190275][ T5841] hsr_slave_1: entered promiscuous mode
[   91.200496][ T5850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.265817][ T5842] Bluetooth: hci0: command tx timeout
[   91.318551][ T5854] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.326296][ T5854] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.333517][ T5854] bridge_slave_0: entered allmulticast mode
[   91.340981][ T5854] bridge_slave_0: entered promiscuous mode
[   91.380354][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.402790][ T5854] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.410563][ T5854] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.418079][ T5854] bridge_slave_1: entered allmulticast mode
[   91.426944][ T5854] bridge_slave_1: entered promiscuous mode
[   91.441548][ T5850] team0: Port device team_slave_0 added
[   91.450868][ T5850] team0: Port device team_slave_1 added
[   91.459276][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.468831][ T5853] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.476255][ T5853] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.483446][ T5853] bridge_slave_0: entered allmulticast mode
[   91.491937][ T5853] bridge_slave_0: entered promiscuous mode
[   91.504387][ T5842] Bluetooth: hci1: command tx timeout
[   91.573589][ T5853] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.586685][ T5853] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.598659][ T5853] bridge_slave_1: entered allmulticast mode
[   91.607023][ T5853] bridge_slave_1: entered promiscuous mode
[   91.664313][ T5842] Bluetooth: hci2: command tx timeout
[   91.679290][ T5854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.703287][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_0
[   91.710543][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.736653][ T5850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   91.755968][ T5846] team0: Port device team_slave_0 added
[   91.779516][ T5854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.797443][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_1
[   91.804889][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.831654][ T5842] Bluetooth: hci3: command tx timeout
[   91.831960][ T5850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   91.837832][ T5842] Bluetooth: hci4: command tx timeout
[   91.862778][ T5846] team0: Port device team_slave_1 added
[   91.871359][ T5853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.884606][ T5853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.975405][ T5854] team0: Port device team_slave_0 added
[   91.991188][  T892] cfg80211: failed to load regulatory.db
[   92.043569][ T5854] team0: Port device team_slave_1 added
[   92.053586][ T5853] team0: Port device team_slave_0 added
[   92.069489][ T5853] team0: Port device team_slave_1 added
[   92.114962][ T5850] hsr_slave_0: entered promiscuous mode
[   92.121501][ T5850] hsr_slave_1: entered promiscuous mode
[   92.128536][ T5850] debugfs: 'hsr0' already exists in 'hsr'
[   92.134925][ T5850] Cannot create hsr debugfs directory
[   92.141232][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.152160][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.178593][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.254493][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.261570][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.287768][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.300178][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.307855][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.333811][ T5854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.346783][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.353758][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.379758][ T5854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.419329][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.426427][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.452799][ T5853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.471645][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.478683][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.505135][ T5853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.690999][ T5854] hsr_slave_0: entered promiscuous mode
[   92.698065][ T5854] hsr_slave_1: entered promiscuous mode
[   92.704405][ T5854] debugfs: 'hsr0' already exists in 'hsr'
[   92.710166][ T5854] Cannot create hsr debugfs directory
[   92.728220][ T5846] hsr_slave_0: entered promiscuous mode
[   92.735962][ T5846] hsr_slave_1: entered promiscuous mode
[   92.742078][ T5846] debugfs: 'hsr0' already exists in 'hsr'
[   92.747886][ T5846] Cannot create hsr debugfs directory
[   92.759110][ T5853] hsr_slave_0: entered promiscuous mode
[   92.766085][ T5853] hsr_slave_1: entered promiscuous mode
[   92.772252][ T5853] debugfs: 'hsr0' already exists in 'hsr'
[   92.778044][ T5853] Cannot create hsr debugfs directory
[   92.921351][ T5841] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   92.935904][ T5841] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   92.994648][ T5841] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   93.051172][ T5841] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   93.307228][ T5850] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   93.344846][ T5842] Bluetooth: hci0: command tx timeout
[   93.353637][ T5850] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   93.366041][ T5850] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   93.376891][ T5850] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   93.475657][ T5854] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   93.500868][ T5854] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   93.518607][ T5854] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   93.537307][ T5854] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   93.584243][ T5842] Bluetooth: hci1: command tx timeout
[   93.640786][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.670626][ T5853] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   93.682042][ T5853] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   93.696579][ T5853] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   93.726659][ T5853] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   93.744137][ T5842] Bluetooth: hci2: command tx timeout
[   93.773529][ T5841] 8021q: adding VLAN 0 to HW filter on device team0
[   93.817177][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.824498][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.868672][ T5846] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   93.882360][ T5846] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   93.895892][ T5846] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   93.904639][ T5842] Bluetooth: hci4: command tx timeout
[   93.904648][   T51] Bluetooth: hci3: command tx timeout
[   93.918804][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.925964][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.945747][ T5846] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   94.014882][ T5850] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.106188][ T5850] 8021q: adding VLAN 0 to HW filter on device team0
[   94.135663][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.142830][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.155318][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.162481][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.276767][ T5854] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.365917][ T5853] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.378295][ T5854] 8021q: adding VLAN 0 to HW filter on device team0
[   94.441449][ T1170] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.448658][ T1170] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.491462][ T1170] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.498657][ T1170] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.519351][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.531954][ T5853] 8021q: adding VLAN 0 to HW filter on device team0
[   94.549435][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.593415][ T5846] 8021q: adding VLAN 0 to HW filter on device team0
[   94.613342][   T78] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.620629][   T78] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.652496][   T78] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.659729][   T78] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.675914][   T78] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.683092][   T78] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.696621][   T78] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.703827][   T78] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.877386][ T5854] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   95.040792][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.238565][ T5850] veth0_vlan: entered promiscuous mode
[   95.281361][ T5850] veth1_vlan: entered promiscuous mode
[   95.426941][ T5842] Bluetooth: hci0: command tx timeout
[   95.479614][ T5841] veth0_vlan: entered promiscuous mode
[   95.493686][ T5841] veth1_vlan: entered promiscuous mode
[   95.529250][ T5850] veth0_macvtap: entered promiscuous mode
[   95.552926][ T5854] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.586653][ T5850] veth1_macvtap: entered promiscuous mode
[   95.633595][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.664913][ T5842] Bluetooth: hci1: command tx timeout
[   95.669073][ T5853] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.686547][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.711749][ T5841] veth0_macvtap: entered promiscuous mode
[   95.723524][ T5841] veth1_macvtap: entered promiscuous mode
[   95.736449][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.771705][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.786294][ T1170] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.797022][ T1170] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.824951][ T5842] Bluetooth: hci2: command tx timeout
[   95.831863][   T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.842150][   T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.851263][ T5854] veth0_vlan: entered promiscuous mode
[   95.865676][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.921962][ T5854] veth1_vlan: entered promiscuous mode
[   95.932263][   T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.941465][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.984929][ T5842] Bluetooth: hci4: command tx timeout
[   95.985338][   T51] Bluetooth: hci3: command tx timeout
[   95.994902][   T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.004765][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.047646][ T1010] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.058376][ T1010] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.143275][ T5853] veth0_vlan: entered promiscuous mode
[   96.159217][ T1010] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.167384][ T1010] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.200064][ T5853] veth1_vlan: entered promiscuous mode
[   96.213440][ T1010] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.234990][ T1010] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.257697][ T5846] veth0_vlan: entered promiscuous mode
[   96.280188][ T5854] veth0_macvtap: entered promiscuous mode
[   96.318535][ T5850] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   96.325578][ T5854] veth1_macvtap: entered promiscuous mode
[   96.375560][ T5846] veth1_vlan: entered promiscuous mode
[   96.386227][ T1010] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.388238][ T5853] veth0_macvtap: entered promiscuous mode
[   96.412259][ T1010] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.429389][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.481037][ T5853] veth1_macvtap: entered promiscuous mode
[   96.537304][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.576581][ T5956] loop0: detected capacity change from 0 to 512
[   96.591717][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.602798][   T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.612508][ T5956] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   96.650990][ T5956] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   96.670433][   T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.711019][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.715171][ T5956] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   96.760455][   T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.780945][ T5956] EXT4-fs (loop0): 1 truncate cleaned up
[   96.786969][ T5846] veth0_macvtap: entered promiscuous mode
[   96.801764][ T5956] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.819703][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.843480][ T5956] EXT4-fs error (device loop0): ext4_find_extent:903: inode #15: comm syz.0.1: inode has invalid extent depth: 25964
[   96.886462][ T5956] fs-verity (loop0, inode 15): Error -117 getting verity descriptor size
[   96.899131][ T5846] veth1_macvtap: entered promiscuous mode
[   96.917382][ T1170] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.926746][   T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.946242][   T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.955302][ T1170] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.002064][ T5850] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.037297][ T1170] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.124938][ T1170] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.152775][ T1161] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.166963][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.193583][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.201680][ T1161] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.309860][ T1161] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.333644][ T1161] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.468398][   T37] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.481648][   T37] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.505536][   T51] Bluetooth: hci0: command tx timeout
[   97.662372][ T1170] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.703206][ T1170] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.745417][   T51] Bluetooth: hci1: command tx timeout
[   97.801117][   T78] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.842400][   T78] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.865142][ T1170] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.873013][ T1170] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.906708][   T51] Bluetooth: hci2: command tx timeout
[   97.975485][ T5976] process 'syz.4.10' launched './file1' with NULL argv: empty string added
[   98.077202][   T51] Bluetooth: hci4: command tx timeout
[   98.082766][   T51] Bluetooth: hci3: command tx timeout
[   98.263474][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.291965][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.963502][ T5996] loop1: detected capacity change from 0 to 256
[   98.979561][ T5997] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   99.036283][ T5996] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   99.435743][ T5999] loop4: detected capacity change from 0 to 2048
[   99.453476][ T5999] EXT4-fs: Ignoring removed mblk_io_submit option
[   99.515708][ T5999] EXT4-fs: Ignoring removed bh option
[   99.603880][ T5999] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.145132][   T12] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  100.194215][   T12] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  100.225313][   T12] EXT4-fs (loop4): This should not happen!! Data will be lost
[  100.225313][   T12] 
[  100.296798][   T12] EXT4-fs (loop4): Total free blocks count 0
[  100.324917][   T12] EXT4-fs (loop4): Free/Dirty block details
[  100.346823][   T12] EXT4-fs (loop4): free_blocks=2415919104
[  100.374798][   T12] EXT4-fs (loop4): dirty_blocks=16
[  100.410112][   T12] EXT4-fs (loop4): Block reservation details
[  100.442779][   T12] EXT4-fs (loop4): i_reserved_data_blocks=1
[  100.475787][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.870768][ T6017] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  100.993599][ T6021] loop4: detected capacity change from 0 to 256
[  101.133830][ T6021] FAT-fs (loop4): Directory bread(block 64) failed
[  101.193308][ T6021] FAT-fs (loop4): Directory bread(block 65) failed
[  101.208739][ T6021] FAT-fs (loop4): Directory bread(block 66) failed
[  101.216912][ T6021] FAT-fs (loop4): Directory bread(block 67) failed
[  101.224355][ T6021] FAT-fs (loop4): Directory bread(block 68) failed
[  101.244235][ T6021] FAT-fs (loop4): Directory bread(block 69) failed
[  101.302465][ T6021] FAT-fs (loop4): Directory bread(block 70) failed
[  101.319743][ T6021] FAT-fs (loop4): Directory bread(block 71) failed
[  101.334476][ T6021] FAT-fs (loop4): Directory bread(block 72) failed
[  101.361115][ T6021] FAT-fs (loop4): Directory bread(block 73) failed
[  105.052967][ T6068] loop2: detected capacity change from 0 to 128
[  105.106893][ T6068] FAT-fs (loop2): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  105.237479][   T78] FAT-fs (loop2): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  106.878390][ T6103] netlink: 'syz.4.52': attribute type 1 has an invalid length.
[  106.886450][ T6103] netlink: 16 bytes leftover after parsing attributes in process `syz.4.52'.
[  107.732490][ T6111] netlink: 176 bytes leftover after parsing attributes in process `syz.3.56'.
[  107.815722][ T6113] loop1: detected capacity change from 0 to 2048
[  107.885899][ T6116] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  107.966826][ T6113] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.357007][ T5854] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.151792][ T6133] netlink: 4 bytes leftover after parsing attributes in process `syz.4.67'.
[  109.161697][ T6133] netlink: 12 bytes leftover after parsing attributes in process `syz.4.67'.
[  109.171729][ T6131] netlink: 40 bytes leftover after parsing attributes in process `syz.3.65'.
[  109.551575][ T6146] netlink: 176 bytes leftover after parsing attributes in process `syz.3.71'.
[  109.656129][ T6150] netlink: 'syz.0.68': attribute type 1 has an invalid length.
[  109.663894][ T6150] netlink: 16 bytes leftover after parsing attributes in process `syz.0.68'.
[  111.815000][ T6173] loop3: detected capacity change from 0 to 4096
[  111.932019][ T6173] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.149263][ T6144] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  112.195979][ T6144] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  112.820870][ T5846] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.190387][ T6199] netlink: 'syz.1.85': attribute type 1 has an invalid length.
[  113.198225][ T6199] netlink: 16 bytes leftover after parsing attributes in process `syz.1.85'.
[  113.883059][ T6204] netlink: 12 bytes leftover after parsing attributes in process `syz.3.86'.
[  116.585244][ T6233] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  117.437784][ T6247] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  117.449036][ T6247] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  117.693353][ T6251] netlink: 12 bytes leftover after parsing attributes in process `syz.3.103'.
[  119.610600][ T6261] loop3: detected capacity change from 0 to 2048
[  120.258781][ T6264] fuse: Unknown parameter '0x0000000000000004'
[  120.291127][ T6261] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.350278][ T6285] fuse: Unknown parameter '0x0000000000000004'
[  121.368526][ T5846] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.424519][ T6300] loop3: detected capacity change from 0 to 1024
[  123.317331][ T6300] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  123.352844][ T6300] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  123.477037][ T6300] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #14: comm syz.3.117: attempt to clear invalid blocks 1886221359 len 1
[  123.652349][ T5846] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.887274][ T6328] netlink: 12 bytes leftover after parsing attributes in process `syz.4.128'.
[  124.145974][ T6335] loop1: detected capacity change from 0 to 256
[  124.256183][ T6335] FAT-fs (loop1): Directory bread(block 64) failed
[  124.294879][ T6338] fuse: Unknown parameter '0x0000000000000004'
[  124.327123][ T6335] FAT-fs (loop1): Directory bread(block 65) failed
[  124.351069][ T6335] FAT-fs (loop1): Directory bread(block 66) failed
[  124.394995][ T6335] FAT-fs (loop1): Directory bread(block 67) failed
[  124.555184][ T6335] FAT-fs (loop1): Directory bread(block 68) failed
[  124.628584][ T6335] FAT-fs (loop1): Directory bread(block 69) failed
[  124.728012][ T6335] FAT-fs (loop1): Directory bread(block 70) failed
[  124.831398][ T6335] FAT-fs (loop1): Directory bread(block 71) failed
[  125.054582][ T6335] FAT-fs (loop1): Directory bread(block 72) failed
[  125.100462][ T6335] FAT-fs (loop1): Directory bread(block 73) failed
[  126.481356][ T6353] fuse: Unknown parameter '0x0000000000000004'
[  127.485581][ T6370] loop3: detected capacity change from 0 to 1024
[  127.830639][ T6370] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.005357][ T5846] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.298453][ T6403] netlink: 12 bytes leftover after parsing attributes in process `syz.3.147'.
[  129.607563][ T6410] loop0: detected capacity change from 0 to 2048
[  129.734330][ T6410] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.783335][ T6421] loop1: detected capacity change from 0 to 256
[  129.859924][ T6421] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  131.553024][ T5850] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.172048][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  133.182792][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  134.570259][ T6493] loop1: detected capacity change from 0 to 4096
[  134.601784][ T6493] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.679091][ T6500] netlink: 'syz.2.187': attribute type 1 has an invalid length.
[  134.686888][ T6500] netlink: 16 bytes leftover after parsing attributes in process `syz.2.187'.
[  137.100082][ T5854] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.067191][ T6557] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  139.078662][ T6557] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  144.401829][ T6625] loop4: detected capacity change from 0 to 4096
[  144.459369][ T6623] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.501852][ T6625] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.450598][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.654516][ T6681] loop4: detected capacity change from 0 to 512
[  148.770998][ T6681] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.066468][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.100672][ T6719] loop3: detected capacity change from 0 to 512
[  150.264257][ T6719] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.417968][ T5846] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.153671][ T6767] team_slave_0: entered promiscuous mode
[  153.160305][ T6767] team_slave_1: entered promiscuous mode
[  153.176968][ T6768] loop0: detected capacity change from 0 to 764
[  153.198351][ T6767] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  153.252520][ T6767] team0: Device macvlan2 is already an upper device of the team interface
[  153.383163][ T6767] team_slave_0: left promiscuous mode
[  153.388760][ T6767] team_slave_1: left promiscuous mode
[  153.670105][ T6775] loop1: detected capacity change from 0 to 4096
[  153.716225][ T6775] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.353267][ T5854] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.597434][ T6820] loop4: detected capacity change from 0 to 512
[  157.675858][ T6820] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.742718][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.014797][ T6826] loop1: detected capacity change from 0 to 4096
[  158.066072][ T6826] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.286134][ T5854] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.373047][ T6849] loop4: detected capacity change from 0 to 512
[  159.461568][ T6849] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.530367][ T6849] ext4 filesystem being mounted at /60/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.657956][ T6856] loop0: detected capacity change from 0 to 2048
[  159.709458][ T6849] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.303: bg 0: block 64: padding at end of block bitmap is not set
[  159.728744][ T6856] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.993122][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.758878][ T5850] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.099785][ T6878] netlink: 8 bytes leftover after parsing attributes in process `syz.0.310'.
[  161.301616][ T6867] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  161.929634][ T6867] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  163.462812][ T6903] loop1: detected capacity change from 0 to 2048
[  163.583690][ T6903] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  163.879863][ T6914] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  163.891137][ T6914] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  164.613724][ T5854] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.614902][ T6939] ==================================================================
[  166.623111][ T6939] BUG: KASAN: slab-use-after-free in tcp_prune_ofo_queue+0x37e/0x6e0
[  166.631216][ T6939] Read of size 4 at addr ffff88807b5a55d0 by task syz.3.332/6939
[  166.638950][ T6939] 
[  166.641311][ T6939] CPU: 0 UID: 0 PID: 6939 Comm: syz.3.332 Not tainted 6.16.0-rc6-next-20250716-syzkaller #0 PREEMPT(full) 
[  166.641336][ T6939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  166.641357][ T6939] Call Trace:
[  166.641368][ T6939]  <TASK>
[  166.641378][ T6939]  dump_stack_lvl+0x189/0x250
[  166.641406][ T6939]  ? __virt_addr_valid+0x1c8/0x5c0
[  166.641431][ T6939]  ? rcu_is_watching+0x15/0xb0
[  166.641452][ T6939]  ? __pfx_dump_stack_lvl+0x10/0x10
[  166.641475][ T6939]  ? rcu_is_watching+0x15/0xb0
[  166.641495][ T6939]  ? lock_release+0x4b/0x3e0
[  166.641524][ T6939]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  166.641549][ T6939]  ? __virt_addr_valid+0x1c8/0x5c0
[  166.641581][ T6939]  ? __virt_addr_valid+0x4a5/0x5c0
[  166.641607][ T6939]  print_report+0xca/0x230
[  166.641626][ T6939]  ? tcp_prune_ofo_queue+0x37e/0x6e0
[  166.641649][ T6939]  kasan_report+0x118/0x150
[  166.641677][ T6939]  ? tcp_prune_ofo_queue+0x37e/0x6e0
[  166.641705][ T6939]  tcp_prune_ofo_queue+0x37e/0x6e0
[  166.641737][ T6939]  tcp_try_rmem_schedule+0xb6b/0x1830
[  166.641766][ T6939]  tcp_data_queue+0x4e3/0x6380
[  166.641800][ T6939]  ? __pfx_tcp_data_queue+0x10/0x10
[  166.641820][ T6939]  ? __pfx_tcp_urg+0x10/0x10
[  166.641840][ T6939]  ? read_tsc+0x9/0x20
[  166.641873][ T6939]  tcp_rcv_established+0xf9e/0x1eb0
[  166.641896][ T6939]  ? rt_is_expired+0x1c/0x2d0
[  166.641930][ T6939]  ? __pfx_tcp_rcv_established+0x10/0x10
[  166.641948][ T6939]  ? rt_is_expired+0x1c/0x2d0
[  166.641975][ T6939]  ? rt_is_expired+0x1c/0x2d0
[  166.642004][ T6939]  ? rt_is_expired+0x250/0x2d0
[  166.642032][ T6939]  ? __pfx_ipv4_dst_check+0x10/0x10
[  166.642060][ T6939]  ? __pfx_ipv4_dst_check+0x10/0x10
[  166.642090][ T6939]  tcp_v4_do_rcv+0xa23/0xce0
[  166.642119][ T6939]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[  166.642143][ T6939]  __release_sock+0x21c/0x350
[  166.642167][ T6939]  release_sock+0x5f/0x1f0
[  166.642192][ T6939]  sk_stream_wait_memory+0x724/0xf70
[  166.642226][ T6939]  ? __pfx_sk_stream_wait_memory+0x10/0x10
[  166.642248][ T6939]  ? __pfx_woken_wake_function+0x10/0x10
[  166.642280][ T6939]  ? __tcp_push_pending_frames+0xd2/0x360
[  166.642309][ T6939]  ? tcp_push+0x40f/0x660
[  166.642329][ T6939]  tcp_sendmsg_locked+0x1c62/0x56d0
[  166.642381][ T6939]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  166.642401][ T6939]  ? __local_bh_enable_ip+0x12d/0x1c0
[  166.642423][ T6939]  ? __local_bh_enable_ip+0x12d/0x1c0
[  166.642449][ T6939]  tcp_sendmsg+0x2f/0x50
[  166.642470][ T6939]  __sock_sendmsg+0x19c/0x270
[  166.642493][ T6939]  __sys_sendto+0x3bd/0x520
[  166.642521][ T6939]  ? __pfx___sys_sendto+0x10/0x10
[  166.642546][ T6939]  ? do_futex+0x395/0x420
[  166.642594][ T6939]  ? rcu_is_watching+0x15/0xb0
[  166.642617][ T6939]  __x64_sys_sendto+0xde/0x100
[  166.642645][ T6939]  do_syscall_64+0xfa/0x3b0
[  166.642671][ T6939]  ? lockdep_hardirqs_on+0x9c/0x150
[  166.642695][ T6939]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.642715][ T6939]  ? clear_bhb_loop+0x60/0xb0
[  166.642738][ T6939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.642759][ T6939] RIP: 0033:0x7fdee5f8e929
[  166.642783][ T6939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.642801][ T6939] RSP: 002b:00007fdee6e5b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  166.642824][ T6939] RAX: ffffffffffffffda RBX: 00007fdee61b5fa0 RCX: 00007fdee5f8e929
[  166.642839][ T6939] RDX: 000000000000059a RSI: 0000200000000580 RDI: 0000000000000003
[  166.642852][ T6939] RBP: 00007fdee6010ca1 R08: 0000000000000000 R09: 0000000000000000
[  166.642865][ T6939] R10: 0000000010008095 R11: 0000000000000246 R12: 0000000000000000
[  166.642878][ T6939] R13: 0000000000000000 R14: 00007fdee61b5fa0 R15: 00007ffee110d888
[  166.642902][ T6939]  </TASK>
[  166.642909][ T6939] 
[  167.006855][ T6939] Allocated by task 6939:
[  167.011283][ T6939]  kasan_save_track+0x3e/0x80
[  167.015990][ T6939]  __kasan_slab_alloc+0x6c/0x80
[  167.020867][ T6939]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[  167.026786][ T6939]  __alloc_skb+0x112/0x2d0
[  167.031241][ T6939]  tcp_stream_alloc_skb+0x3d/0x340
[  167.036411][ T6939]  tcp_write_xmit+0xeec/0x67f0
[  167.041206][ T6939]  __tcp_push_pending_frames+0x97/0x360
[  167.046772][ T6939]  tcp_rcv_established+0x1012/0x1eb0
[  167.052073][ T6939]  tcp_v4_do_rcv+0xa23/0xce0
[  167.056685][ T6939]  __release_sock+0x21c/0x350
[  167.061378][ T6939]  release_sock+0x5f/0x1f0
[  167.065902][ T6939]  tcp_sendmsg+0x39/0x50
[  167.070160][ T6939]  __sock_sendmsg+0x19c/0x270
[  167.074853][ T6939]  ____sys_sendmsg+0x52d/0x830
[  167.079644][ T6939]  ___sys_sendmsg+0x21f/0x2a0
[  167.084351][ T6939]  __sys_sendmmsg+0x227/0x430
[  167.089062][ T6939]  __x64_sys_sendmmsg+0xa0/0xc0
[  167.093937][ T6939]  do_syscall_64+0xfa/0x3b0
[  167.098475][ T6939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.104395][ T6939] 
[  167.106730][ T6939] Freed by task 6939:
[  167.110716][ T6939]  kasan_save_track+0x3e/0x80
[  167.115497][ T6939]  kasan_save_free_info+0x46/0x50
[  167.120538][ T6939]  __kasan_slab_free+0x62/0x70
[  167.125318][ T6939]  kmem_cache_free+0x18f/0x400
[  167.130101][ T6939]  tcp_prune_ofo_queue+0x198/0x6e0
[  167.135233][ T6939]  tcp_try_rmem_schedule+0xb6b/0x1830
[  167.140622][ T6939]  tcp_data_queue+0x4e3/0x6380
[  167.145405][ T6939]  tcp_rcv_established+0xf9e/0x1eb0
[  167.150624][ T6939]  tcp_v4_do_rcv+0xa23/0xce0
[  167.155232][ T6939]  __release_sock+0x21c/0x350
[  167.159921][ T6939]  release_sock+0x5f/0x1f0
[  167.164363][ T6939]  sk_stream_wait_memory+0x724/0xf70
[  167.169691][ T6939]  tcp_sendmsg_locked+0x1c62/0x56d0
[  167.174924][ T6939]  tcp_sendmsg+0x2f/0x50
[  167.179207][ T6939]  __sock_sendmsg+0x19c/0x270
[  167.183911][ T6939]  __sys_sendto+0x3bd/0x520
[  167.188536][ T6939]  __x64_sys_sendto+0xde/0x100
[  167.193339][ T6939]  do_syscall_64+0xfa/0x3b0
[  167.197877][ T6939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.203796][ T6939] 
[  167.206128][ T6939] The buggy address belongs to the object at ffff88807b5a5400
[  167.206128][ T6939]  which belongs to the cache skbuff_fclone_cache of size 488
[  167.220895][ T6939] The buggy address is located 464 bytes inside of
[  167.220895][ T6939]  freed 488-byte region [ffff88807b5a5400, ffff88807b5a55e8)
[  167.234710][ T6939] 
[  167.237045][ T6939] The buggy address belongs to the physical page:
[  167.243474][ T6939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7b5a4
[  167.252251][ T6939] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  167.260760][ T6939] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  167.268666][ T6939] page_type: f5(slab)
[  167.272665][ T6939] raw: 00fff00000000040 ffff8881416a7a00 ffffea0001e45100 0000000000000003
[  167.281263][ T6939] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000
[  167.289871][ T6939] head: 00fff00000000040 ffff8881416a7a00 ffffea0001e45100 0000000000000003
[  167.298568][ T6939] head: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000
[  167.307259][ T6939] head: 00fff00000000001 ffffea0001ed6901 00000000ffffffff 00000000ffffffff
[  167.315940][ T6939] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  167.324609][ T6939] page dumped because: kasan: bad access detected
[  167.331034][ T6939] page_owner tracks the page as allocated
[  167.336748][ T6939] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5831, tgid 5831 (syz-executor), ts 149243415812, free_ts 144369992422
[  167.358286][ T6939]  post_alloc_hook+0x240/0x2a0
[  167.363063][ T6939]  get_page_from_freelist+0x21e4/0x22c0
[  167.368622][ T6939]  __alloc_frozen_pages_noprof+0x181/0x370
[  167.374443][ T6939]  alloc_pages_mpol+0x232/0x4a0
[  167.379301][ T6939]  allocate_slab+0x8a/0x370
[  167.383806][ T6939]  ___slab_alloc+0xbeb/0x1410
[  167.388495][ T6939]  kmem_cache_alloc_node_noprof+0x280/0x3c0
[  167.394409][ T6939]  __alloc_skb+0x112/0x2d0
[  167.398840][ T6939]  tcp_stream_alloc_skb+0x3d/0x340
[  167.403953][ T6939]  tcp_sendmsg_locked+0xefc/0x56d0
[  167.409067][ T6939]  tcp_sendmsg+0x2f/0x50
[  167.413310][ T6939]  __sock_sendmsg+0x19c/0x270
[  167.417992][ T6939]  sock_write_iter+0x258/0x330
[  167.422757][ T6939]  vfs_write+0x548/0xa90
[  167.427007][ T6939]  ksys_write+0x145/0x250
[  167.431376][ T6939]  do_syscall_64+0xfa/0x3b0
[  167.435904][ T6939] page last free pid 6614 tgid 6612 stack trace:
[  167.442224][ T6939]  __free_frozen_pages+0xbc4/0xd30
[  167.447342][ T6939]  pagetable_dtor_free+0x2d2/0x3b0
[  167.452462][ T6939]  __mmdrop+0xb5/0x460
[  167.456538][ T6939]  exit_mm+0x1da/0x2c0
[  167.460614][ T6939]  do_exit+0x648/0x2300
[  167.464774][ T6939]  do_group_exit+0x21c/0x2d0
[  167.469371][ T6939]  get_signal+0x1286/0x1340
[  167.473884][ T6939]  arch_do_signal_or_restart+0x9a/0x750
[  167.479448][ T6939]  exit_to_user_mode_loop+0x75/0x110
[  167.484764][ T6939]  do_syscall_64+0x2bd/0x3b0
[  167.489366][ T6939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.495264][ T6939] 
[  167.497594][ T6939] Memory state around the buggy address:
[  167.503223][ T6939]  ffff88807b5a5480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  167.511284][ T6939]  ffff88807b5a5500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  167.519352][ T6939] >ffff88807b5a5580: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
[  167.527412][ T6939]                                                  ^
[  167.534084][ T6939]  ffff88807b5a5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  167.542143][ T6939]  ffff88807b5a5680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  167.550207][ T6939] ==================================================================
[  167.574111][ T6939] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  167.581471][ T6939] CPU: 1 UID: 0 PID: 6939 Comm: syz.3.332 Not tainted 6.16.0-rc6-next-20250716-syzkaller #0 PREEMPT(full) 
[  167.592880][ T6939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  167.602963][ T6939] Call Trace:
[  167.606253][ T6939]  <TASK>
[  167.609209][ T6939]  dump_stack_lvl+0x99/0x250
[  167.613808][ T6939]  ? __asan_memcpy+0x40/0x70
[  167.618404][ T6939]  ? __pfx_dump_stack_lvl+0x10/0x10
[  167.623632][ T6939]  ? __pfx__printk+0x10/0x10
[  167.628236][ T6939]  vpanic+0x281/0x750
[  167.632226][ T6939]  ? preempt_schedule+0xae/0xc0
[  167.637102][ T6939]  ? __pfx_vpanic+0x10/0x10
[  167.641608][ T6939]  ? preempt_schedule_common+0x83/0xd0
[  167.647071][ T6939]  ? preempt_schedule+0xae/0xc0
[  167.651928][ T6939]  ? __pfx_preempt_schedule+0x10/0x10
[  167.657311][ T6939]  panic+0xb9/0xc0
[  167.661036][ T6939]  ? __pfx_panic+0x10/0x10
[  167.665479][ T6939]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  167.671383][ T6939]  ? is_module_address+0x17/0xf0
[  167.676336][ T6939]  ? tcp_prune_ofo_queue+0x37e/0x6e0
[  167.681631][ T6939]  check_panic_on_warn+0x89/0xb0
[  167.686576][ T6939]  ? tcp_prune_ofo_queue+0x37e/0x6e0
[  167.691880][ T6939]  end_report+0x78/0x160
[  167.696132][ T6939]  kasan_report+0x129/0x150
[  167.700648][ T6939]  ? tcp_prune_ofo_queue+0x37e/0x6e0
[  167.705942][ T6939]  tcp_prune_ofo_queue+0x37e/0x6e0
[  167.711071][ T6939]  tcp_try_rmem_schedule+0xb6b/0x1830
[  167.716460][ T6939]  tcp_data_queue+0x4e3/0x6380
[  167.721323][ T6939]  ? __pfx_tcp_data_queue+0x10/0x10
[  167.726612][ T6939]  ? __pfx_tcp_urg+0x10/0x10
[  167.731208][ T6939]  ? read_tsc+0x9/0x20
[  167.735294][ T6939]  tcp_rcv_established+0xf9e/0x1eb0
[  167.740500][ T6939]  ? rt_is_expired+0x1c/0x2d0
[  167.745193][ T6939]  ? __pfx_tcp_rcv_established+0x10/0x10
[  167.750846][ T6939]  ? rt_is_expired+0x1c/0x2d0
[  167.755619][ T6939]  ? rt_is_expired+0x1c/0x2d0
[  167.760309][ T6939]  ? rt_is_expired+0x250/0x2d0
[  167.765085][ T6939]  ? __pfx_ipv4_dst_check+0x10/0x10
[  167.770297][ T6939]  ? __pfx_ipv4_dst_check+0x10/0x10
[  167.775504][ T6939]  tcp_v4_do_rcv+0xa23/0xce0
[  167.780107][ T6939]  ? __pfx_tcp_v4_do_rcv+0x10/0x10
[  167.785225][ T6939]  __release_sock+0x21c/0x350
[  167.789909][ T6939]  release_sock+0x5f/0x1f0
[  167.794336][ T6939]  sk_stream_wait_memory+0x724/0xf70
[  167.799636][ T6939]  ? __pfx_sk_stream_wait_memory+0x10/0x10
[  167.805451][ T6939]  ? __pfx_woken_wake_function+0x10/0x10
[  167.811128][ T6939]  ? __tcp_push_pending_frames+0xd2/0x360
[  167.816860][ T6939]  ? tcp_push+0x40f/0x660
[  167.821196][ T6939]  tcp_sendmsg_locked+0x1c62/0x56d0
[  167.826428][ T6939]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  167.831989][ T6939]  ? __local_bh_enable_ip+0x12d/0x1c0
[  167.837372][ T6939]  ? __local_bh_enable_ip+0x12d/0x1c0
[  167.842755][ T6939]  tcp_sendmsg+0x2f/0x50
[  167.847002][ T6939]  __sock_sendmsg+0x19c/0x270
[  167.851685][ T6939]  __sys_sendto+0x3bd/0x520
[  167.856200][ T6939]  ? __pfx___sys_sendto+0x10/0x10
[  167.861233][ T6939]  ? do_futex+0x395/0x420
[  167.865586][ T6939]  ? rcu_is_watching+0x15/0xb0
[  167.870359][ T6939]  __x64_sys_sendto+0xde/0x100
[  167.875139][ T6939]  do_syscall_64+0xfa/0x3b0
[  167.879653][ T6939]  ? lockdep_hardirqs_on+0x9c/0x150
[  167.884858][ T6939]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.890932][ T6939]  ? clear_bhb_loop+0x60/0xb0
[  167.895615][ T6939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.901512][ T6939] RIP: 0033:0x7fdee5f8e929
[  167.905935][ T6939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.925546][ T6939] RSP: 002b:00007fdee6e5b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  167.934076][ T6939] RAX: ffffffffffffffda RBX: 00007fdee61b5fa0 RCX: 00007fdee5f8e929
[  167.942054][ T6939] RDX: 000000000000059a RSI: 0000200000000580 RDI: 0000000000000003
[  167.950032][ T6939] RBP: 00007fdee6010ca1 R08: 0000000000000000 R09: 0000000000000000
[  167.958003][ T6939] R10: 0000000010008095 R11: 0000000000000246 R12: 0000000000000000
[  167.965977][ T6939] R13: 0000000000000000 R14: 00007fdee61b5fa0 R15: 00007ffee110d888
[  167.973963][ T6939]  </TASK>
[  167.977292][ T6939] Kernel Offset: disabled
[  167.981615][ T6939] Rebooting in 86400 seconds..