last executing test programs:

9m37.290478374s ago: executing program 2 (id=280):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x4082172, 0xffffffffffffffff, 0xfffff000)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
mremap(&(0x7f0000007000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000006000/0x1000)=nil)
ioctl$OCFS2_IOC_INFO(0xffffffffffffffff, 0x80106f05, &(0x7f000000c980)={&(0x7f000000c7c0)=[0x0, 0x0, &(0x7f0000000280)=@clustersize={{0x4f32494e, 0x1, 0x10, 0x80000000}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x32})
r0 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000005c0)={'ip6gretap0\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @remote}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="3b844100c5dc2f"], 0xdd12}], 0x1}, 0x20040890)

9m37.078757547s ago: executing program 2 (id=281):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x190)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x404, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000001dc0)={0x50, 0x0, r1, {0x7, 0x2b, 0x0, 0xab418842, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, 0x50)
statx(0xffffffffffffff9c, &(0x7f0000000640)='./file0/file1\x00', 0x1000, 0x100, 0x0)
syz_fuse_handle_req(r0, &(0x7f000000cec0)="aa8e9df36226466e888b39901e75023156b5530e75c1e203314842ea78a6048cdec3383c60dcd8fa24f6928f6e02ab1090989c59ae38dceda05af132af4546a298837c63ea70975feb0919d7f7766791d530b90d522b23c58776ac7a4035383c5a0dd90d8b766c96816631f1742a0da0ce6ddd053a05966f6b6ec22dd28a0a2636d07696a307496b0b0d8bb370227dca3c96838e556681409be388f1dfbf500f1aee82b374f4473aecbdb77cf567fece7f8ec733fa91aa92a186f9768d16d0257ef826959fb3a73e4976a019bde8a82e9bb0a0443cbb1ab2c6e8f8748489948710294efb79d70edec2271491bc1cddc9c9d2713cc3063761f2bea07f5577bbe5224302ef23adcc96cb5ecee406c7977c97d7000000006e28198954bba79006fd58b2a2b43047e7f3ead143ccb6b27043d7a7512e9d3bad0138554f4b465ab6d1cec9b40cb301ac6491ee7fcdc0588e53eb2510471de91e3e73c98f0a3cc9929eac63f477a1208a80f8c75d0a1d9edb895d675d036a1863dddea98b18c846ac253b2470324b21eaaa6e69389b91bcd470995cd6835c6fac80d5ca41b66562c910f893124cf0f20dc65d90aa0f9cd1a7c88f755aaf33875d7639ae1b7413834636de57f44302b723646257ee7456bdfee10f2eaf0c05f2cf01a115ed8ac2908827af3d85da2f1bcf53d87ee830dc5e98fcfc1a22e547ce57508f606945a7599d8e1cc0268987cb7b3d00a6bfacea7bd05430255bc8b473a071b83695783944ef856fc89906e0b44a13166309bc8cc1dbae68399e1e8e4a2ea265c1a104dd862563cdaeee2b37e72fbda323cc72360b6d4fad2fd2409397f90422bbe6e9068aaf38e18918736e6357a6caac59ae803ffbe853ff716a388423bbc93bb2d6b1222bb94c96a3bddf421288d47039fa1b73573dbed87e1f6b280f8b045f9be8e0d85f6cf416bfc0f3f4ce988aefa2382cccf39e40b2a1657814b7953d0a0aea45d50d02d66982e5269f1ededd6a9f8f9e212314a4bb5c2f4898278fd3a585c1ff60e435b186c552134e5ddb0f2cc95dac405bc4bd32ccda41b05c6a376070c8ef2d6eb3ea7fce97da8f09440d47dc5faca6271d1ce4f4201b315d1cc3fa1d4cc2baa14e4c57bafb7b5bb2e9e859505360e1738a36100dd6c2fb6610fc0ed88e452148ecd8b73517f69c28f0c979525d21ba4fef353eebb2326f48217c44a322e9f1f08f92af1ff5ee5f2dc563f1a0edb09d0646105be0c46ddc8b71301e68013e863d539af5b3a2b11f770d8c0c086988216602619ec440f98d434add23bc7f54d145260773e53121188ca179832d5c406f2b4a91045edca91232416219fade02bf6ba002352943850294b05d9a142889205e6b69336cecfe8a7cfc88688368d54b475f3915eea851334395f80b41177ed4d17d91880a22c1c0cf33a550e32fbf76505458d07ebccc4e77bafae1700c9997f6fe28452f011e370642f228bbf0e2f3dc05741127f6d73e96c073b26e730ac19cb17dfc63c0ed4b5d53ffd6e312e3e80822c8bbea3cf2914f3f8ee53fb4edde1d4507fa9d7de54eecb75132befab6bf486cb05bc8727dadac49c83bf08d9eb94621b42241f9eb8fd1e6fbf969d932a023760faa62c178b7f0a1d43adbf5c21a35a58d381442ecdfc2dcce2d11e5efae8433b14fc9fc28294ae76eaa95f38ac121f255d9b478c81a1caf5c606c34e6efa80dd3aa77cc4001b9fceebcc77a1efea7bf9f749f62c7a8bd5deb0f70c54ab5daab010cf14b2f1012516dc1639edb2d890638b73559d060be47f594f322efdd40c5945148fe1690585923488910fcb3159006f935f7d184e4b4c404ccb6e2a799cc67aa2b56a13c16e3ad92b85a12060881c1d140708ffece6965f9746ed4eef74d37424e760f4b266c80c93390523eadc65494962bed4efc86a0fead2fe25c9108c5d591770cee92f9ff2d916ba0dedc6551a47ce3a4dbc97043e588b3483f0793786fe9f32f1b79ba3f4c4ccabba52a59861c8024bcdfc8ecb0acc821160b060d5dc24f0ade14d08b56218a32a03f9eba729c02fc6b714bc72b11cc7fe47b51b3a174cfa2d8f5df80a0fd4d1dd2ed36b868b46ee5a8cc72e91b57bd05005b5142b5531650813fb5496af379f9e7b1b73c49c64dead9725af0742a41b770205390791de856715c0138ca22f134911a28d2caf22ef21049d1ba721d278bcf675317c5303cbaf96535414fd92c55d741120200d49729e01e399e4c30fa8da659654196af7991a3d294c775a610f242a56c88d542641036de7eccbd64f9f306a3920596d350637a6409f667110b46c6d85ab94df4d7b0af12318522ba1e745e7de45176789a53213b9b3d23b2599275e4f1858fdb2fd63f8c6f7990235e2fb3c4c8f215715973b60b1e56d1f061b6ff33510d08fa403559cbcc21bd141b41f1e9ab4e163a0f80a918ba13031c483931a9dcdb790ad77fbdf5634662cb75e79d986e4724f64c80203600df7ac9950330431b83777bd968a86be5698b13c37513235ac89a0a1dcb799112a86a2d96b1708e0c5e983756d8243927fc7d42be6ff4c946c0763a9745897726f38b65920363b7c32051bf9e770ab1ec140ff11fc639f36fa760afcfd6ba2f609df8cb0949f26119895b69c8ffd0836a01da1e407ba08f37a1144674f5a71b3499ffcccb21e75f19cdfb33c7eded5fa5c264784a78edc5f6de17da15317a66fea522b6e92a52efa5013797212d816c3229c7dd523e2165f9f042c3b3b16e608a1d87ab9c46c2b291bf547e1f4312913b16e39a714c24ebc5cb4f4f80bb20ce4efdf2921db45b7389fef98bd0e8aa40be16758b0d7755ab631b27c5d49225e84fea63e3f031c665851ef4ed18628b26445da2cad4741800cf72a401ad79a7462657068e0f2ee65eeb86da66890247cb45b31d3ad06ea7500eac5be65528c55bf190b0ec27673b67b36117344097a0dbb9db47a2b5144218002d14cbb98629c2ed35db5cdcf93994e3e3d1a1673ff60ec0d9bae1217ba6f39ae4ac4c9e5a19f85634f3091150c4724aaabe3bd1445cfa33fac93b86c5871ca168a728899e2e0062a596fba22b962764420f1268bb8ae0a894559c488cfce6b71aa8478964d2eef5086b2cee891ca031b6543bb7ba55006621f1d80e17abcba9f9d05fc5e61c6c4a890aba4b205f5570e7866ec4de380420c4758de63ff0f7b1acb0521e45cd9bc54df1a4614c04c524f43e86f58757eddb645bbc56a63de5bb560f56a31796dc344d58e2ff2d3fe5228d87c0439e6353943c92160fb847a172eea37ad0c22de5d1e7cd66730218832c87b73366131e29a1545b26d4c500a9afd75864b460cea1ba33a5dca6e5585e9c78a8ee3361f20e2b79489ed2ef1c935d7deeef6de0d009b72a0751929209b351331c0225c29341f5d476b278061a0a33c1e455815bbb83eebf5f5c3fe97c4b3df32846a094501a157196b6c1db1e05cec4f2dee823ebea7da05f5ee63aee1670128471465ae83defcf26aba78f18544146fcc9305ed5899965edbcf9f677c499a52d984db346c12faf02553338e6553488c29c9f3f4537a9437b5eb7382f95f9e844d27fa0b1ffc48d2b44e383b1fdb567b7f23863e8e10b6210f8031859cea410d52f99b5a8d2f218e7c92e231904b171dc077c636db15087cfb0ca6a2cd09f6b7973627a03ebfb4772daddc8ad7c9e534d8bc58cfc6d1305374b589a2a85c8a3c471c7408712ff5cfd7a50bee627d0417a5667dba71866320857cdb84e071a37e477f1b5ac16bdd464d8bf3ae31860ad19722bea1d85d1a5c09e1ab36dcd6c4bf524ed2137745e3562147081027d7852bee1ccc9563e4ff0ce72affa7002e9a066591ddf31abc4388281d98d2d88fa1c5f22cb60523e72e3d838fc6b0163fe0082ce0d8d59098363a174818113182d40cdb6367cb4a867c5aaa480c95f4a98439a2b58291fedcbfedfc3ebb41fe6b0a12fce36518ea6082fb919cdff23e3b40aa26eac8d634e03fc3a1e0fafe402c875709b15b622f35bfdd233ea8d7989ec38dfa1e5b5688d76c615b5efba62dd7d50be97b92f16c838edecd426e18dd270ddda42121d7ad8d26ec28df29580e6dcd7f968885d1cbc5f573efda890a408b45701bdf5cb2e3c54f8481710145ac1f5bdb1b53a1e9a7efd8a3ad7dad7bd0fa017e080854913beda2ccc95631a5c1da5c5afaa84bcc3f1a7041208fac9e09ef52140f142bed882b8988ea062cc8ecd7fd78fd33aeee8e8d5cc891514e3407fbb171e84e45fa14713e995513e16763424e356032ac81047c8e2bfe05dfecc510b55866d4a8696c91afd7b6b809fcf2e0f8a21834f43149d8e2b5dc5fddacb8ff9341376281e8f7d762fdb61a8e6536529b0d4d3cd8217fdb4f0b8341587737da7f50dbe4e5b7851a25d52066bd0e3ad11aed47ee02bec11d0f125cdee1f505cc5c1223d386b2fda556331cf57d8df433927cf12a5fbff853be266c5a64b6424f7b106931d312f0fd447206d21c1945579915e7e21627c7fc423a813823ce5fa2c6f3114303d0995c5706418a088535c62eda2a60c82b727c31177252f8ea025c16a3676ea0ccec24ea57e68c7e0f1b0e06f78a8ccead63eb4c0ef5c59b1d3a805644f8089e604a5bd3aa4494ff7fca02dd5894a6f02e572edd487af04ace3e37f19074325613d6f7d2af73062607b45a3c9365337a1c5e6bae9702a65f0a1b9ce75e43f6381efd9d610ad37532b62c6ab5957ded77a5d01604f67d7ccaa495266ab7fe161268b9a6156643ab6289fa0be75ac433a0204df164c02d3d0cb1b7bf0acd92ca8ff19b710b0b511820d0500fdf58f598fc611380a0f7dffce7bbc934edc967ba0094a0281750176748a4e2c99684c1c4a40258b0da77a0bfb9a4b808d5932443389f0f346dad998cee519624aeb07ea4446064282b1448bfa2e5ac3393d30b5c3865a8995869f69bab0747cfcbbd2bfd407c82e198da326f36be9a508e12d6d73fb262b37fcd7ff70b372c966b7198a9f2364012ff8127f200c079cb70d550f9483c1bf9fba69ebc961c989a82fc38cffe853e4738f33f1fa42fe7167e4bb79110f237d7e4989d2f6f4bd21905e491e2d4b6ac5a66025c11a93ab1eddcade3c3e78c270eaf6a0a6ed43df6e35bcaea9aa716d547d2136c2388379abf645e3f7cad1cc1fdc92b882729ff92b0612302970bd9ca7e36d76b2eb4d9dfe35116bb7771e448867e57026e622e1e54422b064fdb707fef339aa16fde808f622a7269b77c292c7e85fade6dcde475c2f61d71370209bc0e46ba7c7b71e41df246d283f5574205ca6b4819c63d97193eb084fd6b0c20b956cfc4b45b51fd46b2e034ff0f003179c7539fbc4e888c0633767604ed0f07beb4fe00f5a3b56ad9f3997cb49c7a8b92a719411b20874686a8a5ab462914baa85d016df99796a868af3dfa6ad98ceaaa18af2f2fad2ebf3dee1df8c8863e84ed83d6da5e283ca9cc385e0ded20531f127ff4aa974b91634d8f367154d3e23ebb04571a5a453d1265e873d00d40be7e1eb7e74529822b4c81d742c981a988fb786084cbd1e721358c7a1ea5293aa609773b890a5c9de4d1349588def4232d41fa5d7cfbc3dd130754891c304118a895268555874613e9c89c66bceea609e7ca1a914ea327db1f85a3809098e801289d8ab71997c2ad5bd1f3fd4b3c6b80667ac2b6b23b35018206dbf708284f0e0fac58d0b6d72c0d0034b6ed37b1f9931158f2443f045f65e33084ebc6aac93d8c0e3c1c52878dd3f54b9f88a40821090cdeb3bdbb61f0be16338a2a7ba0f77e9ecd5400b6f809a49eee78346c69e7ab560fcc32f2d19e665bb91fbc00e4c00838a1385d5156d1696f694027a9e6a7ef66933202012caca81c1b3ebe64976a9d000e28a6aae5d6f061c5acf8e4bca00bc5ecc547ab1664cdb2125300130a5a92abc0d36cf911fb3123034e925ea097fde14253dd3de52bf5c8a6bf01436c92dbbf5450a9b7775a981b09eab05406dae83f8ddcf898b1bace4b8487f0b4ec5b5316a9b7e3bcd6da41caa23604b3932ff3daf31bb19e74c687773bb54503f6b3ed74aef1410dc4a9a72fa05b1e120e682a7e7f9b8c7b6836fa9d8f96d16fa17975bc3dd7784f0d621d5a69038b0947d1cb47381c82c6df030fc8033dd66b380d884b12991ef5d5283e552f723aaf791bf3af581423c57b536b91e5a158695b68f7eccfd72fd2af1016e261ec863215d1df0fe756366e56fa86c4495cd9a45e83227af93a5b431c5d33fea2b3d469aab08f57b85b3a14a47d7da8ca74dae34f963cf660057466dac3937ce00060f8db8099178944aa37474a37eaef3b9ca04bd0eb1d03c25887d530cd690625f5829830851a6a58a7b411bc87aa70f26e80514799664e35c44db243d61add5bcaba3695e45e9f1a3cbf8ebdfb87571c44b9dcddc5fd422e94cbeb02bb58abd14e140829e12f7f0c7e3cc1a1bcae8429775e531710bfa504e103b17c20c329f653c015ab514fd6cf162b96d871930de99413e148fa58c1ff262a997c6ed1bc008912c6b864031dc95b5a3ad6aa3521167a62fe771baff828cafaf178539048d2e91a62ee7a50df04062422150347774db320fb535ddd4c03a8cdfc3affd253c200e1d5678ff12eb6f5bd43da636778cd2f8551295f4cbbc902322e491c5c10fee144daeaec4cc2a2f855f5312f4c8cac1155c8d3b93a5fe6a60118a0a9912b16d583582b478e4f05c375247d4cd897c49a8cfd2540833311039d9b121e5d5779d71b206d0d862b95e0eab28005f86ddd6ec514d931a521fc035eaacfd10ec5f97af541cabf08512f6c79e7e0db5217bd14aab6d3e9458018c3e59769bcb689347d7e394b469e9c9d9da2be8fc7a54b1aab301b68c1faf7ba7bfd05b8a313c902ad3733e523fd64739d9af110e39a96f1048fd6a43d13045ec71ff3d1f64a904f3878cb18f58b3b84942331ec05d3372a328a83e8aab828574313964f6f6c5af246faf2c69a95e9ceca77c0fbf303103a2d38ef6da2929a3dbccae5823f82d9a37c989154c8a760df8e7d8589daf1fd69683cadd2c7ac13e285a7661c23913912ee272797e3a0808654fd0b9f74f2fe04cb34167aa630b8aa58efc2586bef8c7c2e354d7c8d08de7d25a80b08bae8d2326d16a15d537d8baffcbbae460ce608ded63a45bdf0caf9dc335aa8d2aac03a62a9c6c62ce7c2caa9a731baa549d1880d3facdb4bee43ae27ccd5a22f143da8e7b4deb5c2a194d450eb5ff6949a950115d4e1d60fc75115346a0aaaf1400a301dcc8a04f9d2762c093f88adac799f6bd5150ca9c7d3ac1f728b88b1b0807a7407ad9b8febd89a801c9845af62bf2fc98aea4835d52871774e72b9fc07d26d55ef163833fd2f5c951ff963f43fcdaf03995cf3f14360b05be587e7a19fb760a944166b1fbd04c0d02bda8ff5d92a23c4e683db1b2823a6b02a16a7bc7963aaeeec43d97a85752fa439544127fb71d8b4fee6a09b966bc4e7be67acca35bfe4acabf18f6e9cc938c1e0af43e11754cbe7b37738019d9a162083f5f1fcdd9299921a349f1e0ee840b19fed4c0b5273d5e71ff5f1f20dbb36c89e1edbbef78de1a6229a2cd22bcf2164a1b567f7c08c6ba78ff2e53bc348dd2ab53b9deffc9cf8726feaf9cb07b4f94d189314da8c0005f3bb031e44c402339588832779790e814c707fdbe0830d53b4d35812f27e7709bee185d6d6d67a65382dcf56d567180a4a74cb05b0f7d0202bf33b88729f2bab7003264a2d67ea93d022baea74d7ca54a0081923a82e56750f22f58bc997ea57afe1bce18405383055745f0c6bfbbc514df76107b3c5d04bfe033dace72bd5bead25e736a0052b6efe7eb1153d1afe9202e227d60e4e38f5f294894d2ef9b89998194492e427442a18506e24ddcc1952354fe0250ad949be08a63b6c0e206ecbac70415c36f1bf78d7068ce8eb804561eab2540c6c984e63d1217de1242ae70a5dd457d7a96f24ad9e8a59c060a2a95e9e04a6a4429f40d47d2770e9d3ece295d748aa30a7bbd2aec570733be7855c3a789d71d94b3c86ccdd3cca3ddcb35a969e8c2d5b17ded6ab8b81b90a4206ac2ff163c04ba9886b5ec6138db5eb6ffc19201f66a1057858e564960de679b2996bb93c8d2b440fde169d1fbb5886fe673639c514c2eb8bca75f79abbb73c4a125e5f4d7d4ccd5c9fc85cedc9fe6f2b2b75ec384fa6ecec37579a70bd29b4c9893badb36e1b33cf61b07ee7d2a5550ac9f23b5fe629297efe94eb8a8c2adce65a61ddae84544fe8f81455e2d053fdf7efde38b92b0b4d3e7ff9d81f5de7d571cb4db7e059cbe1ac2153b22b57b4d45d58fa50d152efa2d85d262238ce4816e40f93b65f53b6646297f69e3dde4ae7c57e9112054cb831eca5716863196db7667674b00be7c83f900c944ea2bc8e8e6b6b335a6e9f63e6f6635f6afc0889355aa4f0b928b90f76e6f03b5d40e9a0cace6243aff4590c0ef255860401b16da288687e890b1921b8ba63860df7aad86279c89d16cc4ad1ef4633639f203724c1958fb3b6a990f555e8df8f494fbdae25b353c14fe524541347c1d7f61c349f55773575fab73df09ebd1c635ad5f93fc8e075093ec3fd8b832e5331e329c2578d1f6f7a0a44838e578fe40db7d11645c2c73e0a438a80085988294d98a4ef4c5faa593dd5a9b0dec12d8a6dfd15cc4503bb2078739f26f9c10d0b1fc2634094cfd2ff6bec88a7513debde5fcabb85fd31df8d97bcfaf247edb89cb056fc52bc06f117a3e1022a57817b9abe1793cf279e163212f501681eb9ef08e39adb9ba80ec3cd45f5ae7afc0c256a3470e8ed3ca41c5502c510f0526eab848ec5a7115a53741cf05846989b9b5fc6d2ad74fb855a852e3fc7234bb0ed8b6937167133925dbeb4313a9895860e761300a0695e03e81c2c1e3fe3f4b8c42c946b010259ffa4c1d345350020cddc8e9697fb83c22fff5190558551584368e7a270f958bc72e2624c3e45bbef318b5134f0419e725945e445993f2f176f0a21f5dba86398529fe5159d57c0d75d64f950763b52935e778b20356615409dcb088514eeba3f811e9ce6ce2bd1ba6ac932bd79f7a518959f99d52acbc2a1d0c02c70b9ea46d662d39c315b36315f4220e5dce293275050a3e6df506d0c1d7786017572cd758ba4995963fa034ecd49cadb42bb1ee280600557ce2e17488e1dd4595b8c7d4f20f420a3a01b6228d764c5069222cc93e2091fd2053f05a50eda7840c13f45c6e2a2fbc0f9de4baefb7b40ea1fb7e9d30fb1fdb8f20eafca0c7c8c61c57dfcb8e2836e8d0ce546e8e37b9fc467e1bbeab314be171573398e0c2fb032049a99acf174a857c019609e83010dda8da078a4311efcaaff62fa908dde87cec4d41078c343eec5a80c42d0146d57e9a14f2b5611be05e3b665728c14ea9536d146926fe1e8d5acf12afca415ef5ad77bdfead7ea087183962592296d3d892c64a0a3b9fc95b50f03df7f4f50f950b43a289af09ca92a01a684e5c649b8da4a3365878273a00afd14b4fa2ddaeea5007f728899ba9f5fc9d1d7893a489e56c5fb152e5f775042f4b3bab6cea9cbf9a2b91647fe3c62d3ae4b5d065460b51d51b6e91f2f4fe90a3775e6312ffc805612fee8c314ee70c92de3feefb3cda56a59ddba83757b0e85cb0ee7ad1ac608a1e6a64656d9f586afc38fd1f6474b521724532d88cd351688db077dc9d229a78f8704b21f85324bf9c697874cac5f709c6701a421ac368edda0ec3a0b90268c449acf753d7e8cab501ae3d7e04788e899ec54a2517545b68fd928fb659349e1692bdeccca648fd13a7602868c44e77ed6fd587538a74adc6acdb1ebd1816af88ece2ca64f2603428a0aa842fe86be6b2b568fd29c23433c9e3f9f0e45bd13beb22ac06eb82ae0eb2b3b328aca4abba5e72a155e2cc82ac92c4697fdb9439511c1144fe2ba36f516fa181f7f8d58af69f87a6c936d1e561fff0509819e65a681aaea445a106f8ff3dfd987e2e24e977281cb85cc5e5eb987da2d17e73dacfd9880bd14ecad13d5705643f926303b389a61fd63139577de263a5fdef1facdac0068a9471fc17ac654e88e0a0d12c8aca1e850b64a88f2382e0cf3a4e3363827a06abc1eeb87216e3447dfbf8c04080ca2fe1a08cc2e2001eb386cf02ac0d3b328bcf1de009d048a03cd955c628971c30a137dc66879cbe938390a8f63251f55e559549dd11969b637876a20bc7c6f5fe2b753923d2f0269f2082206eb2312f40654cc95bb38add159104495018a5aa7b8f5836162de9a03b6981c662f2ee02a168d530a002616c09c4cc26c2a2726711e3e25b4e3acb6dcba25fde78ecede51f01e22a2f79409c77011a599ff57d81e70dbde5fcbdc841f9af0e49e8200cd2d3c73013e0e5608ee1951ac04a111864b545e7bc2434c2474286519feaff4da07324d1b13bb16d1daa1d485bcd5466b82c9622f92664f1153d08c6e644b3d0f5902b4d749895f7763015bf0e2849703ed920a3866a260f22fe40f46c76ca6ca10ae8994505fa613a6b1aec84ee6620c25ca4d002f56ddd21b12eed5132634a3194281283fe5fdac07d2fec091dc0f748fe25c6b08cf8d4ff893e863a43c4c92fba47d86c8dfbbabbdca0cec09f732bc0b8df2a97ee7208e64512249300aa4c44c10d4c4503bd76e7b4e2c9aa2e274166ef103d5c832a760f33b5a0eae4dab922f0fec5adbf409bff956b4ce40e6157d498d46ae053f1ad73655bfb0a3dfac6b96c09bac4d07e6bd7f3ac6337f58cccc631466985f6ad680d21a5fe9a9bde4b6980c689e6e8c7a413b6e3084997c089443ffaca9be80c96ce1d9b6de074b4aecfd2db3b679a2d5cf0523aa14414699d481eace4aa397d818ff4d3e73d82031849c7e4f1f1503b636728637f87cf7a7df5472abfcb7e5d77439e1018dba49a41e1c8e63942fe0d1a426f390e8e225fee14501a34762b8d835ca14d6a3a3d8042724ea9e6b568fe0eb84306397ffa8345935e9be8642e6ffbd96e636fd16cacae5d4b88fd0aa0bfbba8221f68eabc98c67de6f9eab2cca07b096b458bbfdc7f1da0bb845a1a6e19c6da87a958acb1aad0b74d6537e97fb0673a20178cbb963f909839e49ec593ddcfc3046aa54c22e3a54148c440d1f2ba1fa7417572c629e48e6d2e07760a87581971d1edccc03c0e465d4d6321d820b3346fb516c1813585a6a8462124f91428a90ed037f40cd6f23596dc90c03825636e55a061838964213c70104ec0c5909a0c62240e93314f9b67ce8fafa115251282a6ee7a036a861d1af11919dbfa7ceb7b2260e66be6300a536e78ebdf60a6f022574b35205341f3557e409d8ecc0c2304b372605c9284aebe1b92f13051db78210df83873b0496625507cf8e1ee5e90aa66f45be75e388d6e0a021b8af3787ee06cd710719b4d06ca5ba5f87de812a660f939584ea880d3c71bc58135e612431850180ee39b707bd98aff26d2c5e4396b43daefd82b2ec1004978637b8d389cc415d628fea6f66f28664f9409448e68a2d48a0a00", 0x2000, &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x90, 0x0, 0x7ff, {0x5, 0x3, 0xdc, 0x5, 0x2, 0x6, {0x6, 0x638, 0xfffffffffffffff8, 0x8, 0x3, 0x8, 0xfffffffe, 0x7, 0x1, 0x8000, 0x4, r2, r3, 0x7, 0x5}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004200)="3167e3143e951e71264cacf1b89587b5c048981787698fe1748f9c08e547dd6c86242a15ffafde749c98965ad401ec44914cbc74c29bea882a61eb24d4b139f5c0c59dcac4c96737e90a04d021df951da7b04cff388195fc43f3efc207563ccf03a6c098b190520771c43741498248af1f398343f8246a8245c317497f3dd05e8761a6c6ac6d19ff5b262a96818d820a391412ac981f836b947530889f67d93a6dad092e81eb3ee255f61ee3109ef495b859fdc1df6e05650cdbacb48d78672fe2c91b25cf00436d9df63fa5f80a3d367f488e13f5637ea62be0431d4c849386686f660a5d97908d6f11ce71f1aa178484dec4ddb51abc5f7c828568ecac737a8e082eb356205be7de398ef72a4465b2ee374a200dcfb3658ccbca45bd3c6a1ecc455680a215b4d2a9b53ef468d81168266e6fda475183f74045a69bff298825a6e20010d7cf5432d2c3f612885f3dc8af5a659d056fccd5d628ecbe45970c80ecbc8f14fbd1271297ad45ea76867ce0e5e197b30f08debeaa42d2cb5fff43f8efd71d1cf9efcdfa2bc5f27ae87c63461e83af93d4ee68b8c4827fc52ee9354c6f7156345aaae3cf2a0d2395f0c74cbdc9ef00af8ecb07c88d949d3830eb0059423de2452470ec44d790c71321d40eabd6aca0d1de700241e0d1dcd935624bd194b0fa5bc1dde8e46c07d2ac51ce311b9861674ca77e2fee9c4ef069a635b2e434e5e718a7988c0f8e3352bb9372be11a0c123df09973b69f782bc01274a03a4b5c1d33f80dc7a2e042f343a5a5982d47cde18f03af0b2e6c16473e751f989ec86d508f6560751ed5a314c33831ab263d9cae24116f13132ce2dfec24fa55a6f30926ea33224e0f321821aa554cc4dcdc885d3167d8ab29ba233b62b3154f302050ff79662ed7d7b56419ca6cc4b43d445ab4ce0b8e377f85c17eac62c2272230bbc4d745c3b2652c3c953a0a4c306ddfdbc708fb6efa627c219d02beb2c9750638987b13fe0d3788cc5d5e7bb799b1f93c680da6a8ff23107efda4651f133950c7d734c3ff76f5d680b685e67b86c84e5a65c927a45487d5a9c9072132b089ec8a28fe838e66085e5ba3200089bca6b3e32a6c686acfd98ea3ae8e034faa1a0dbbce6f3df4d05d85f3628b50b658183ec43d4c8a3ff82a50f474c80bfeee0eb43e3e97588ca7e22f890d66591697d0dcb4bb2be111367cd6fe09939e0f694416b077e386171d90f6b5c252807b55848a67ab37c73e5896dbeecc8d7e2beea1a121e05762b325c5b51e1281e0443bc1a7175ea3ee7e6e5bdc0fddc9cd05571eab646bb23af0c154abb522a73266aea217d705953e32911fc7aaf879837b144f3998cd06b60dd023ed4080347b1680d7c32fa3c97ba1e9e7ebb5e9135e6fe718af7b0e279c9388a1ef6fa69c3c3b4375118bb10473ba7b033dfe7d096489c04dcf53bdbb63d5e14728b7d32803960e8d18dc8521db43faeee1982f362ec08f40da82077cb3672f1d529b24e09b442a5784c7c8ec463e18ee5aa3c105e1757371533e79e96a68be4efade2f49e4ff009794caa2f90f3b7b81a71e8f97d9a444eb1f3b3635a569d22f500c29c2cab9e0835028fe688d09cdbd092285d4d720b590d0979ba3358ed148d9cf3262331649366f92a0f4067de191ec0c4c879178d3043f07a6b404638d33fee0d305fb683b84ab59887d114e03ee477b915791881d91bb3ec148b77c31c327f9454dc65857e0c786da24df61279a4728a33359ba56a128b29919f843799f5bf57055e8129d3b73544909b5d4130e635e1c096e535d7420e66306d8261fa73fc3387755a4f7a029866ca91a6e485d68c5ba91eadd1b14c5b157a91fe87b83bb4ef6aafdc872887d329fae15b29a3f9c403f99ffae7d8b1f5bfc9cdbcd23ff6f0129a771684dc1cbc8f7919dbee093e8c3d5408c9578fd21cdc926877543c9dd5a3e9021865af8ce49979e90654360d30e8a3d1264c3ee4f2e982c6d5d5753a07bade69b2f48e4651dd425d32db9323d5e974e611114fd649e29f970ae50011ae972a5ae2949bfb8fa3387c53ae054320884610564bc5245133d1e843edefaa409ce21d2e70c97f95666988710030db1f486b379b4f9f902b7ee3ce80526eca859aa8377858bfdc88756878856af55af39bf3d6b3f21489fdf16740a7728bec396054e700d05655b367b91396935d742384ccbf269e42148e69d12b6fa82359de8fa25b86ba4de34797ac35b09d05739a452450ae4d122038b6a2c31ae5489af32ec6bc533239f06d060704756d061edec1a8e3141b61d1589846b778ef6194bcbebd8d68b2291d9a6efa46a825425620c906d60b0c7258ac5b65b05cf8295fbf7ef15713ccc58b6080aee6a864bb1f771718f5c1ea0ac12df074e8e917cb4005c987c3d71b8b9c817973934ec30071faa814c49e30468eaef2fd8f1a75a30605bdb5f1ae5f81c8b338bca1851ebe81d29ee95528877ed3f9509ac275868eccce466b9d9b2eb698ba3abf4aac99712e8f4e14c0c5a89baf56f4b6afb159aae46723fbaa5a6b3cc92284c27b20e65702a64fd96c68d9eb0a42c8f231d6b3c6dd0978603144a4aabb8131b6c73de84d95e412c43d00f1ccd90cd837316c4a93c5cba0a3a57981044864c951ff044acb7d7bb4c4acf22b7447579d7389656fe10352653602328f1efa382329ec9cfdc6edef65dc6b5e19ff84331500f8ce6060f7458a78e25e33944681a73dc0d900f1ee63b81eec3feb7dba4b294d6bb9e75bac32128f2f7a9d07c651a70a4fd7f255577e5ad1511a67eda77814e1eae78a61d515e4aa2c294ebd2a2828dc03e45083d4efa88edc3ded4373b136ff9177fa58c53cb0079c49b6cecfb13cadcd9d09aa63b5422c7caeeb05ff7b5ad1c92fadab1fc5b9a8f75460a42a538f71095db79cca6cad3352f51f8f8efdf36c06691090979f886c08dd32598171ab506432078fe52575affb80e435d5396400371aabb2d3308d493c95c0cd554f7551bc9b62a48660bf7656988d0a0139cb09f972903704ded09bc57d498128ae10b00a1dc3e304871e255ca174a3ac63094e9895bf57a57d92c06225acfd461cdf4ab096d4d4fa3c6adb26307054cdfc246b57a5219ae41d2a75711e79dcebc1522dc2d8bf06396ddbf5a34bdc6f5f5e975e823e388612153ce73a0344858815725a89102ae0829e1bbab5399ca669868dd838fc0daf4252e100a1a80378a4f4601ca7f6321ad0dd55a6c9865378fbbf252496e46849b02c3d0603983a878679eeed1f8d2f1ea5c7d97d47279bef521d501e8b7f01bda187229ee2b176e743c7b995f1242891633689de948f5b0553d10c6dc5ebc0d35d2b91124b29367def10f8afacd08bda4121454d0fe5317024490524021545460ca95c69d0c2d4572c85fc472adfca92de54b73c049f6854c3f0a14287bde4a1ed7de84f6a014b3024de1ad18c81e2553bb742d0c154f285091e5311b7fb29999f9adf0f55a834b8b9974e2470a2719f1698e2d6689d93c1338834dc9331bac2589fa3de273269d6a7838884fb7f05267578f2a7465302c8b89d156b29ea7021260d17fd18e9cee22710c34eb238edfc12fb70cd3f8d25bdc4ce42cbd58e51de4de26d8421668e1acaa2ca75fb883ac0c80afd8e216a86e1ff9a5ad9d4aaef0533897106a795e4c5177bf95402db02d5ac4a16fedcd0f5ea9979c64b0ceb7dedcd143e25274b5e2bb78f7ed90bce952389a0580dc1362f36f849e1c2df597baa9ffaca3ca26f895cc3b3ba0f82bab210b2baddae5ef052635420f202b13a70613266c0bf1a36f9eac56f4006748e4cc9c6622ce4d04e36216a89de51eb3733b586c9017f66812147d47f7010ac19a0affa5e1136a7e3b236f185a0479700da767de634a753b11ebc7044393efa5615be4a76c4007f9cd6163ab0d22119bad6aaa3083855ccf25049e497e8c601febe6b5d90e83d2d883d9bde4b7b1bf3d4d3d1193d70e2ecb96a117f16fc04a495948b4b28d711d0fdd5ee7962014cb3340f4cd604f2379265ef0ef772f5e4e9ff8b71a44f44273f433b4e4ca4533250108b45288e4ab8a6e0499adef9966e413e064dcb22bb07ac7bc459ebddb415be7418464fc6a65ca6fbbdb5afe73701500e782172797811643e5edc7913d2458e83775398d459c05fd5d7952b0db5e326d9ccd398bb45544f763c4cbbd1dc06f13462aaf55774770e06cc263163398a22771274d7cb16106497f24691daa47226f25fac5956c8e2f97c3adfbcedcccb276193b8ca35233846bc05e2ac1286c0fcdef7023c32c62e01cbccfbf454815ea2fb101261e5d8faa9be785a6837a99fc12a975e063d9f3de56241f6322d6febbe6474ea6afb13d97f807a9d99b3f38f365e58ed2aef07ff4339d47c7101e6fccbb85a84c5c8ab388b952da8ac0ddd1fce5a20b17fbb4c5c100d25635f10f3066b3d0d9e40985b8a45cc9e0d6820c46cfc921d532f38a7dc6d3a958efcb552af9ef934e1504d55c7c62cddbc500ac10cab3f14acabe4801fa6480476577367d5219159249eaed3369054bf710ff158c2cfa3c79ae8d6e16c9fada2f3dc3aabe7d58757ec4b4d6535ae3d3dc470122518e49e21b26fa107b97fedf4b5fa4be9262cd8021266370426d24be08effaef07e0597c2c51f8af53e6e3fa6cb51ed18fa4f49a7be656917967d38ec3685d2a66d96d6b196db62643e7bcb064ddad84755b961da92bc187447209899327cd37406ec98dbf1d19ea3678a9e3cebe2d3f2ede64c1da264eeef869b1a500e2c4423ffb7a263fe8cfd1e782bdcde124094d3de1d8dc67e4167f97ae54ea904aeda2be6db3e0f27dbb17b4844b0dd1d2464256901911d687c064978da42290ff0fe0106e3ad460ae54385e72db63bd42e45eeaa0b36b1b8fbf00bbf63e297501aaba6b7e6acd681b2e8667916daee9d6aa5609a01d6f192bda3dd8ee864078dd1904f6a5ceecda7b2f2a90c316bf2ecaca71476275dbf942be7b26bf7deca6dc9cc9178a9a42c9ae7bff763fbaae00b9cb5921657d16b5b8164df44b4ab8c629d2df30a2fb2f49d16d9e1259d495e1e99be5dc8e4a84b8961f273c9d66e1197277e4b6e47180e34e885fa6dc45b785520499e9c677f51a527f5d7ea249080e9fd6893eecbdd4f59d52a1df15168154563aea3c6fbc7b5c4e365f7c737a3374649e9349509b5ebccbce1a5dfdd2645db311ec6ea4b4f297923ef8afac9be4d77d017f45bc7597f485883058db2aebe9a10d6fbcdbf3e320bd3917c117c5a5fe7e10c65bd052be83074484c1ccd8945f6600eb111f4f34b17190e73ac46b4e757bd2f125c2c1e2920cb647f4ac97ef20443233fee6390cf1ef407ba70390e2843f76db3bfb53b096b78ac0759b4fc5421e130a2b30903c9ca49baf688b8ba1bf0fdf57762ba1e6b533162d17ef2569e689c4915c891879e3feb7c0f8f62da0ecf31bfd64266065aba2a69acf2b6ca230be311a478464a2b746becabcdb9a5e9780410c7a4342a45702f1c334529cb5cd1d71663e337739cb4c2ecc19a293e9e9a17091b399cad5e902748a373933df0111e913fedf6e447a8e43029c6787659c1afa625b2832641fa18c657159906aa2f4ac204daa8e5fce337470aa1a802bcebdf34d6b270223cbf08f109a7ed5a6c9f7cb5ea824acbaa29986ec2326a768df4d18cf48d50031b26c89557b75c23d10cbce29814ee4a87a62715dc5a8df28de2024529239ba99ab4617aefe72774e25789e518bff667f4055b846c6b3c4b4c6fcd88e88860e0847cb3af330c63a75886965d8f7939abb128f60ef1b9e3fae46ff8ecb371b65f2e5032958840fa55c7ba764535fd9f269a86a2ddd4a4d18038ecd875894e1c72e512346350a7789ab0862e97271e769f85c6d40e61e8f0b62dfaffca2092952b10b28da3115ee4885c385875d200e2e736bf839a1179e1a5d5188f6a00870604182f2ddf9eed21f0cb7a0a4d438c32d4cc68f0efb07ba619efa798deb0d0b8f73ed20e54385c09bd471f9a82fad27a25e7202400b9414b24a1b688b04af4373597660b3e4d9f59af52bf13987640dc797d3e15538f2076aa9aa123b13e606e6d93df292da38e084c8d9eb9fd12e862ceb46d46dd8b6b41865bc463eea31debdf97694da8a039f48242ac7d7f99dd7cabf79e8b265c7ac04aff15b5a8babc9763cc7d8d7659ba37d5fe279338da1702867d2358ec05c14e2298be282a04eb38a9921332a93789a026a2191d7a289251e63d2ecc2aec0962938aae7ba6fae23de1f2b629a58d533e8f1eca431493b219336bfc2e9d337338f2578df82fb839063da26129308dc84305b1b82934e246d13179841cd8ac57920b69d08bd1f277b77744fc842435da4703eac6bdfbc1e84355ac01becfef619aa8585f29b6bb9680d8b60e68c8744c7e3c36c048c79e41d97edd7c973404c516b2710165384bfa671d7495046d69292620dae464288be7456a51ca2634ce4b91c4376cd290af830a9e8dbd5f4f8578c6ae25d7794e70ede8950930d710da0ab081761339720ce9e197d1c033e2ddb99d9156bbf84dbca9071e09f3936ad0e7acc4b8006dbc5c76c19d3ade9d48d32d35317a21a440e9fb532daeee979e1473d5ed956fa105038872d563f0de00364fb1ba19200b0b1f338eef0ae9c51a5f704d23ff17b6f7864a1148849d91b7dd2dc800adced22e2c5860a1c3443efed45f497bf2892eb282ffb9b643aee86c8025f143919768b2f068163d3d190ae50c259174fdea91de8e561454073aa5d02dd3eaf6e1b0d5fbb69e7eb69839a9794156f25455c52a484ea446f2ae0b5c352226b6e22c7b4fa8c57dce33866584b5e90f4216c873c215f844df843c5f1f5f90d809d8e4d2eecc622aa8f1beb1be1890d09d6865ae88c442a82380fb146e24b033ba034189abafb2e8635ed5e714c303546438337a6c37ae2b179afe332136f9d8333a6371fd7fa5be44760b80bc28b315b491f5dd0f475dd5daeb96fc9637d808f5179913ee3be27f336a73ee163a7af79ab0d0cfc9c6c7b6965a6c985f1fd496464b4b924f910f89d08e6bdc8a97782b5061bed5f9d71a6501f2b4f6ee76877585eb950f045645d4e5f6e410d8d575e2b87bf10d3d62952e4a08f466bf98394bb5af3f40fe2590a88a7f5036d7d84466c64184d9e08d34bddb2018c16a3741855ba30c7ef90c8f20d6bf76cae4098cb5311fb2b74d411f7cf4132f0a89b99030122ddd856e84fd3c998b85fb2e0fc12a8061380d88aa63e3025e00267a33650f0dd328ad7526051c2601fc924973eac6e62b04a6c1f6a91a05d8f3da547dec2a743e1d98a3f81ff39568652467ef818a9d6ba63502ad02b05cd1346ad041a17ac4d9696f2b7f35456ae31b6d0c7141898a6c2ad385fa25c316052aa6d1f4f41889f16cc91c856fcfd59f4eff033006815bfe4cb84fac08d0260b6d08255dc4ae5cca826315e3d36d92b0e04b9502ea5c621a5b371507dfb8aa48e7c3100f25269dd29cfd195c95231d55f2ba811e09866eb5c7f6388570a1f00e1de1eeb4050d66731057080ce5945e9f6457bf3e968a004d2c3a317c0b48d61a6d5f36642e7ef9c3b61b6a3daa36b9322c3af095df21a50f176f63fddb1190a1c52acb5be2ab2162120d083e48e1999a98a9a0bb895763629953f6c4cb4b0ed50c58c86b99a1a813a7544f8674784d8b3d78903d8d2e403db1e0ad9b3dfe77d2c78483f8c88a63823d950265d8aba11b83f28361123ee22988f1336e2758c566f88a92bda5fc8ccbf5d68238e38822ecec3e69d4495850bd6cd801cbb08669d3d36f36fc093abbbe704938f46a4c46318c2a31d873784052a891ab73b8ae5829ac76826e0bdf74fc2e4a73f88613231d37fefd8b07bfd76da165c3e0122c7d8aed51d956b44fd2b9471788470e41305beba77867e0566e2548092e2271e786129552cd47b41b76965d31917751f13fbb2a4634ac47e6faead1f47d006cf43fae99ebd32ae095d1e4501694f4a56591e0d89c020fc2a9eda53bf29a3dfb2402b25c02e0e240e5fa70e1935f85e5a10b859ff0615521cbc05bcbf4966f03698b7d96c632216da05c1dc22064abd7d789fdcdf593452249ec9b90c53f6648da09a241fd26e8711f120bd7fe18398a4e59c2f941fd7d838b279172b7cd2c52e96116c641bc56febe976e550fd120be46eecef83b5fb887a7a562f472f73aa4c71e7a9c5c6bd2533752a9c1d411e0b922917497b9e8c4f7964c9fcfb34598bb9d184dc408f2f2a390b14336beeb32b0e8cccc8af182e0d8104e1e7197c39017344c9e6410043d153d21f0895eed02900498675e2b55b7a31636d2ce72387030fb39267e3b5659d3e4b996e7ea501323894931681a09dcb14f4a98da889c05959674aec2c651081c281cfdfd44fe80d159c366091b41776d413327ab120f6bcebcbb79e4d6548fd31a8e7776363240a5bd9bb8b8875c114213af748c261e40bd68794f27985176f044abfea998048847e275a24ce2b9af3fd581ab5ecec2e3849824661bc1ad971e2c9fcee5c23e42a5a0759e8e567e49853ffb484e02aa0f1e3618b5537c332743ea29e3f7f7d7cfe646e2a26d1fbe7d103561da9af44239397f898afe29778dc08362427552ec2821de89058c2edd3c4af44d1d1c38899cb819bb9f3bc0ed8b1a94cebe68a98c2ddc5d66d9c895e978b6558fc98234d2a5b0e82e44dee19961971813641c416abf83531971247cc65d19aa515bfcabcb633fa11337834170be2c830992b063cfaa46c6f25f553b2d315e8b4e65072b667068586c59b9d663f592e3d890583d8a615c0e78e6bf19839c76ce05606bf4369e35e46b35a38bb23ca714f7008a211ac4a54f4951ec2aa8131fddeae7f043d6ffac4a94d1a42dc4fa953a46633ebd54a885901ec3567d17ce62df886ac37c3142ab301d0c65c078ece9e15dbe69b3ae82e6a833e6abe7c155702f86b9a9365d20aaf0e823a093072f9d234138d8b32dcd88924282cbfca6fb19e814d5f9437f3e1182f450464884dcfae162a22ced5848e2a7e8b3da9b787432c0f6c33160e430f4fbd8023634683caf09ff509d93148bc8425cc5fec6a590f8e3b7e21761da265c9ca1de7a176f6aedcaee881ae7dd7b4b0b6d9e28052248ce7aa27a2973f3e7df936456705a79436e807cd7c3f42ef67500c0cb840f8e070bc8b6a60390aeba5c9635f621157356803065ed4abb0759277f16d44fad68638cf1add2892626b05a1afd0b173e33c53c3cdbe72befc4a8596fb09dede5a4313bc861f1764e2922644009029aab0deae9f156ffa0f5bcd7ff47e8d693c1d2baff9955eae487f36bea5ff85b7efd5eb19a1c2d2f52adbfa5021f923505594347041fce9f079b96b266acf85d447894c527b8b7fa97388524df862182a7c592091bf52ab1a5d6fc767ffb5d3c300dc3bc5f5ca4edba0830cb77d69d4521f4b2797211e39a45e0cd4d0b51cc5bef755366135b252c350489fb04e6a12d0c5753b95e3ae70ac1a384969507aba95f16913ddc9d390b24b5a1d045466c2dec5ad32f98fd49fe0b969adedfa4459eac1e70251f1e2cd2e86e50320e75075973e8728c01d28b6198161f47fa3bb69916c06c95e795835d3559d16c764d7a5347456f92508aa1e31391602c00c6c96a7450da36151459b92f00af8531dc27c81c1d4783b9ef51c2f3d693f2bc6b7c8c6146fd79cff799e00bff4b99bb33b0e48527107e8f84031e7328ac6bef97f13762c953d8814b820d5d5b441c4284704fda5b47f6a4b0227a76c87a3055fc9286431fb17beb79b394645359e31fb2e10823f16333ebe5154d241829dabb60fa3dd829244f9cb349bc4d73ae55e04dd4975896706d4f28301f70b4429b7ef936e77691344e9bc1dd13f819ec673d7dbb8545d88bc3fdd3616a6b09e695cb1d48a26154968238984ee792202262203c69436452af6909d6014434c294acceaf538171e2526057ef5ba54976916a5268dadf9f38093b108a0fadd12940b1ffdba4eaaec088de12cc6165d84188d52cc0914e790257e6ffcbbb5c4addbb0c1b66d348de8f74c8b41edd9c7efb30bb71d23fcc3acaa9896b7dca230632b0a6b3b83fc823b8ec4cba6b6b2e0d37d006dba034de1c06fb8fa1e23cf85c867ea85d4c870afae84631e8faafc36f32a07a773dd3264716dab1154163981c57bf4442170e600581a2fd4f191468fae3bd2bfa4d9500971b70296f6a535158e4251502d9ab1910ec5b98250622c757f5d821219f7cddac099b5043c67382eaf4906c629ab9eb930894ea1fa2c11b739bd45d6c69626a9614ce09941c3293c75f6e2db4ed9859b9b8b9c3c42e033649bdbd999370dd60d9c59cb19b3ef91c49cd0c2772fe1239f63075e6d84995346372f985f76c08904481f021dc5bcb6cfb72206779715f3e6cea2876052c9da3cb9a0fc98223c04730511c759a3f8076b29d422bf7286c558ca65f901fefdb007cd89f27f32d0c860e934a3dd75c4e7ec06d64d1cda40aa92ff73c10a4fa9c6bf80c0baf848415a327426bff2139bca39903255ce5f4ca346c458fa9a9af216f9868f07a78f3fc948716ff328153378791a74facc2eb84f7caebf4f174f178b0ac9c0068997229867558e3004947819890d1262e1eb425bffd5e8487c9f75bd7d644d8af1f44a3dddcf73c7fd035efe6339c7690be67a73b93ba636abdded97f0675b54f7b8985f0f02a2508ebf44d73ea8b593b92c95754f20d1338737852f135363449a42d84571181f373b939b4003e4a08c4a3400e6ae5db0429b92b425d8d1ed541a3e3b5c4901b53314d0671d1655f47de78d5a5312983b17365f5e5c9ec44089493d1080b8e96e16f1b2e9cac29bd899f029718ba4796715d0a38c126c0484391925ff283ac87de3cdb5f57e749b418271558ccf3329b0a201efed53a9ecabf962e25c004fe15cffa2773d228a1480ea433b8bc1f4d7463ba9ded8145bf61ad2a4cf7caa1fdc57b95d4b1e9d4372a455db5217c246ebb8acbfbf80af1cb304b9d6bf1da6dd5d7109ac82c8f772f96881bc72da4a95f7ff48c99e59ee9c9f1c870dd53683e5704e4d2d5102f32642c8bb72826a396dd4cc34b0f0dbca568c3ad7adb0ea7045d8d5e57ffe6fb3de6c6a297e45e18175fa56c13157b55279c12a7752d06aaa47eb3e59846ebbe0abdfb4b892e3c3d6f7d4ade1860503dba8f23f9da4e56367ff7c6344cb25e122e97f96b7a92a60afe3b047cbab8b063001e2242800b0b285c3b37b74eb8d5a5bd98e0b0bd02f19d5f6ed4fde36879032281597d9a4bd59ffd454f11a55f9f7488d8e0f5b6bf9a7b4cab5ea6eeea02734e00406f02d13f3fcab298b23a16eb6b41b324337bce57a0f9993ad51f8f701de2e042d9cae1cac4a366dabbab05b89ca4f4f08c3191362647b36581b949e99b27df2011010ec4c12cbf5fb176dfd16d2f90199d8a5c624a322a4bf558c44dc0dbce6495242a52ad18eec14c0c9290a64c778ef1cc2f01cea463e214274e5abdd181bf76c1db873cf40f9b253d49046189c413a2", 0x2000, &(0x7f000000b000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f000000a640)={0x90, 0x0, 0x100000001, {0x6, 0x11, 0x1000, 0x7ffb, 0xffffffff, 0x5, {0xffffffffffffffff, 0x7c, 0xfffffffffffff801, 0x180000000000, 0x3, 0x7, 0x2, 0x3, 0x1e, 0xe000, 0x2, 0x0, r3, 0xfffffffb, 0xbb}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file1\x00', 0x880cc2, 0xc0)

9m36.103021192s ago: executing program 2 (id=284):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, &(0x7f0000000380)=ANY=[@ANYBLOB="c60009"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001640)={0x24, 0x0, 0x0, &(0x7f0000001bc0)={0x0, 0x22, 0x1, {[@main=@item_012={0x0, 0x0, 0x9}]}}, 0x0}, 0x0)
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
syz_usb_disconnect(r0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(0xffffffffffffffff, 0x28, 0x8, &(0x7f0000000040)=0xffffffffffffffff, 0x57)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340"], 0x0)
syz_usb_disconnect(r1)

9m32.090561313s ago: executing program 2 (id=298):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})

9m31.998771165s ago: executing program 2 (id=299):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000840)='tasks\x00', 0x2, 0x0)
read$FUSE(r2, &(0x7f0000004f40)={0x2020}, 0x2020)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
preadv(r3, &(0x7f0000002880)=[{&(0x7f00000000c0)=""/91, 0x5b}], 0x1, 0xa2e1, 0xc)
pread64(r2, &(0x7f0000000bc0)=""/203, 0xcb, 0x7)

9m31.604558651s ago: executing program 2 (id=300):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0xcfa42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendfile(r0, r0, 0x0, 0x200000)

9m31.285239186s ago: executing program 32 (id=300):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0xcfa42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendfile(r0, r0, 0x0, 0x200000)

8m39.200423664s ago: executing program 4 (id=565):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
bind$netlink(r1, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r2, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=@newlink={0x3c, 0x10, 0x401, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x40018}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x3c}}, 0x0)

8m38.81934696s ago: executing program 4 (id=569):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000040)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
ftruncate(0xffffffffffffffff, 0x2)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4842, 0x1ff)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x6200, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4842, 0x1ff)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x6200, 0x0)
sendfile(r2, r3, 0x0, 0x20fffe82)
sendfile(r0, r1, 0x0, 0x20fffe82)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x100, 0x52)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r4, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @d}})

8m38.338729087s ago: executing program 4 (id=570):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
setresuid(0x0, 0xee00, 0x0)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)

8m38.041738481s ago: executing program 4 (id=574):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xf7, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x109342, 0x0)
pwrite64(r0, &(0x7f0000000300)="328f", 0x2, 0x8080c60)
creat(&(0x7f0000000580)='./bus\x00', 0x9e)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1084, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r2, &(0x7f0000000a00)="df", 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
fallocate(r0, 0x3, 0x8000c65, 0x8000c62)

8m36.983108318s ago: executing program 4 (id=577):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180)={0x1})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="0f01cb650f7410262e66f36d0f330f09660f3a0cb90000a6752066b9800000c00f326635004000000f300f01d7ba4100ed", 0x31}], 0x1, 0x4498bda7e2139f37, 0x0, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000100)={[{0xfffff001, 0xfff, 0x7, 0x0, 0x12, 0x8, 0x40, 0x4, 0x6b, 0x3, 0x7, 0x0, 0x7fffffffffffffff}, {0x7ff, 0x1ff, 0x9, 0x8, 0x10, 0x81, 0x4, 0x40, 0x5, 0xbc, 0x4, 0x9, 0x9}, {0xd2, 0x80b0, 0x5, 0xff, 0x84, 0x9, 0xfc, 0xe, 0xe, 0x9, 0xe, 0x6, 0x7}]})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x0, 0x5, 0x40, 0x40, 0x0, 0x3, 0x2004cb, 0x4000000000000000, 0x2, 0x3, 0x0, 0x1, 0x0, 0x2, 0x9, 0x1], 0x80a0000, 0x450})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

8m36.20848644s ago: executing program 4 (id=579):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000380)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000440)={@flat=@weak_binder={0x77622a85, 0x0, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100}, @fda={0x66646185, 0x9, 0x1, 0x100027}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}, 0x40}], 0x0, 0x0, 0x0})

8m35.695300448s ago: executing program 33 (id=579):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000380)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000440)={@flat=@weak_binder={0x77622a85, 0x0, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100}, @fda={0x66646185, 0x9, 0x1, 0x100027}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}, 0x40}], 0x0, 0x0, 0x0})

21.159343866s ago: executing program 1 (id=1649):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
socket$vsock_stream(0x28, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100000008e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
clock_adjtime(0x0, &(0x7f0000000280)={0x1000000000066fb, 0x800000000004, 0x2000000d, 0x0, 0x0, 0x51, 0x0, 0x4, 0x0, 0x0, 0x0, 0x240b, 0x3f, 0x9, 0x0, 0x0, 0xfffffffffffffffd, 0x1fff, 0xfffffffffffffffc, 0x4, 0x0, 0x0, 0x0, 0x100000000003f89, 0x0, 0x18ab})
r4 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
ioctl$int_in(r4, 0x5421, &(0x7f0000000440)=0x6)
connect$bt_rfcomm(r4, &(0x7f00000001c0)={0x1f, @any, 0x6}, 0xa)
close(r0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x6e6bb8, 0x1}, {{@in=@empty, 0x0, 0x33}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3, 0x2, 0x7}}, 0xe4)
sendmmsg(r5, &(0x7f0000000480), 0x2e9, 0x0)

19.832553216s ago: executing program 1 (id=1651):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
open(&(0x7f0000000000)='./file0/file0\x00', 0x48141, 0x10c)
read$msr(r2, &(0x7f0000019300)=""/102392, 0x18ff8)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r3, 0x0, 0x0)
setsockopt$CAN_RAW_ERR_FILTER(r3, 0x65, 0x2, &(0x7f0000001040)=0x8aa760e3, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x1a, 0x4, 0x0, 0x1, 0x8000, 0x1, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x50)
setsockopt$CAN_RAW_ERR_FILTER(r3, 0x65, 0x2, 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0xa, 0x42032, 0xffffffffffffffff, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000003, 0x20000000ec072, 0xffffffffffffffff, 0x0)

18.30114185s ago: executing program 3 (id=1653):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
process_vm_readv(0x0, &(0x7f0000000200)=[{0x0}, {0x0}, {&(0x7f0000000040)=""/122, 0x7a}], 0x3, 0x0, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010300000ae6f72087a003"], 0x3c}}, 0x0)
r4 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000300), r3)
sendmsg$SEG6_CMD_GET_TUNSRC(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="23020000000000000000030000000800020005000000140001"], 0x30}, 0x1, 0x0, 0x0, 0x4}, 0xa800)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, 0x0, 0x4000041)
sched_setaffinity(0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000040)={0x0, <r7=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)={0x24, 0x2e, 0x1, 0x70bd2a, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=r7}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x109, 0x0, 0x0, @ipv4=@rand_addr=0x64010101}]}]}, 0x24}], 0x1}, 0x0)
listen(0xffffffffffffffff, 0x5)
io_pgetevents(0x0, 0x2, 0x2, &(0x7f0000000100)=[{}, {}], 0x0, 0x0)
io_submit(0x0, 0x2, &(0x7f00000000c0)=[0x0, 0x0])
shutdown(0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8923, &(0x7f00000000c0)={'bond_slave_0\x00', @random="013301300108"})

17.088485828s ago: executing program 3 (id=1654):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000010c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0)
r3 = syz_open_procfs(0x0, 0x0)
pread64(r3, 0x0, 0x0, 0x1c2a)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8, 0xffffffff})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r5, &(0x7f0000000200)={0x0, 0x14, &(0x7f0000000000)={&(0x7f0000000100)={0x2c, r4, 0x1, 0x4, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0xa8}]}, 0x2c}}, 0x0)
ioctl$VIDIOC_ENUMAUDIO(0xffffffffffffffff, 0xc0345641, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0xfffffffc}, 0x10)
ioctl$XFS_IOC_ATTRMULTI_BY_HANDLE(0xffffffffffffffff, 0x4048587b, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000180)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000210", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra}}}}}, 0x0)

15.974797155s ago: executing program 3 (id=1655):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000700)='source', &(0x7f0000000780)='c:::/\x83\xc1\xcfD\xc4AO\x06)\xb03\xfcI\x95w\x96\x9b\xe9\xa6\x1a\x96\xael\x11\xa6\x06\xe3G\xb1\x1d$\xc2;\x8f\xf3\x13\xebB\x93\x94\x01\x8b\x88\xeb\xa3\x01\rx\x86bK&\x13a~\x04/\x18\x14ZM\xcb\xad\x92>\xe5\x01V\xdc\x05#\x13\xe9F\xa0\x1b\xf8\xe12\xe9\x80\x988\xd8?\x86\xe9i\x7f\xa8\xe0c\x94\xc1\xae\x9c\xba\x1c\xfa\xbc\xa8\xbf\xff\xfe\xfe!\x7f2\xf1\xc7P\x80A\x1c2k\xf6}P\x19\xee:i|0\x1c\x13u\xb0I\xaa\xe3\x14\x9a\x1f\x9f(\xd1$\x06\xa8&t&A0\xa7\xef\x9cL\x8e1K', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsopen(0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x14, 0x0, 0x0)
keyctl$clear(0x3, 0xfffffffffffffffd)
request_key(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000540)={'syz', 0x3}, &(0x7f0000000500)='\xbc50\xf4\xc4Fv:\xc0\xe3\x97\x8cL\x85\xf0\x9bhq\xa9', 0x0)
socket$inet6(0xa, 0x1, 0xffd)
add_key$fscrypt_v1(&(0x7f00000002c0), 0x0, 0x0, 0x0, 0xffffffffffffffff)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000100)='.\x00', &(0x7f00000001c0)='bfs\x00', 0x8000, 0x0)
r4 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000700), 0x101180, 0x0)
ioctl$SOUND_MIXER_WRITE_VOLUME(r4, 0xc0040d07, &(0x7f0000000040)=0x122)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c00000007060500080000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20004080}, 0x48810)
recvmsg(r5, &(0x7f000000c1c0)={0x0, 0x0, 0x0}, 0x20)

13.854801058s ago: executing program 0 (id=1658):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
socket$inet_tcp(0x2, 0x1, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getrusage(0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
futex(0x0, 0x84, 0x0, 0x0, 0x0, 0x0)
r3 = socket(0x1d, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
syz_mount_image$exfat(&(0x7f0000002bc0), &(0x7f0000000000)='./bus\x00', 0x10000, &(0x7f0000000040)={[{@iocharset={'iocharset', 0x3d, 'cp855'}}, {@errors_continue}, {@utf8}]}, 0x1, 0x1535, &(0x7f00000001c0)="$eJzs3AucjdX6OPDnWWu9Y0jaTXIZ1lrPy04uiyTJJUkuSZIkSW4JSZIjCYkht6QhCcllSC5DSC4Tk8b9fr8kJEmTJCG5Jev/mZi/OnX+55xfnfz+Z57v57M/s55Z+1nvs+aZvfe739l802VojUY1qzYgIvhD8OKXBACIBYCBAHANAAQAUDaubFzGfHaJCX/sIOzP9VDyla6AXUnc/6yN+5+1cf+zNu5/1sb9z9q4/1kb9z9r4/4zlpVtnp7/Wr5l3Rtf/8/K+PX/v0h6ybFfrC15fVeAmH81hfv//z/8A7nc//9awb9yJ+5/1sb9z6pir3QB7H8BfvxnBdn+4Qz3P2vj/jOWlf3yWnAsXPnr0X/1DSL/yb+B+F4Xf8pXfp//cP+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxthf4Iy/TAFA5vhK18UYY4wxxhhjjLE/j892pStgjDHGGGOMMcbYfx6CAAkKAoiBbBAL2SEHCICYzPlrIQ6ug9xwPeSBvJAP8kM8FICCoMGABYIQCkFhiMINUARuhKJQDIpDCXBQEkrBTVAaboYycAuUhVuhHNwG5aECVIRKcDtUhjugCtwJVeEuqAbVoQbUhLuhFtwDteFeqAP3QV24H+rBA1AfHoQG8BA0hIehETwCjeFRaAJNoRk0hxb/o/wXoAe8CD2hFyRAb+gDL0Ff6Af9YQAMhJdhELwCg+FVSIQhMBReg2HwOgyHN2AEjIRR8CaMhrdgDIyFcTAekmACTIS3YRK8A5NhCkyFaZAM02EGvAszYRbMhvdgDrwPc2EezIcFkAIfwEJYBKnwISyGjyANlsBSWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBtthB+yEj2EXfAK7YQ/shU9hH3z2b+af/rv8rggIKFCgQoUxGIOxGIs5MAfmxJyYC3NhBCMYh3GYG3NjHsyD+TAfxmM8FsSCaNAgIWEhLIRRjGIRLIJFsSgWx+Lo0GEpLIWl8WYsg2WwLJbFclgOy2MFrICVsBJWxspYBatgVayK1bAa1sAaeDfejb2xNtbGOlgH62LdzMtT2AAbYENsiI2wETbGxtgEm2AzbIYtsAW2xJbYClthG2yDbbEttsN22B7bYwfsgB2xI3bCTtgZO2MX7IJdsRt2S38hG+CL+CL2wmqiN/bBPtgXE7P1xwE4AF/GQfgKvoKvYiIOwaH4Gr6Gr+NwPIUjLozEUTgKK4u3cAyORRLjMQmTcCJOxEk4CSfjFJyC0zAZp+MMnIEzcRbOwvdwDr6P7+M8nIcLMAVTcCEuwlRMxcV4GtNwCS7FZbgcV+ByXIWrcRWuxXW4FjfgBtyEm3ALbsFtuA134A78GBUAfoJ7cA8m4j7ch/txPx7AA3gQD2I6puMhPISH8TAewSN4FI/iMTyOJ/A4nsSTeApP4xk8g+fwHJ7H5+K/avhxsTWJIDIooUSMiBGxIlbkEDlETpFT5BK5RERERJyIE7lFbpFH5BH5RD4RL+JFQVFQGGEEiTDjmUJERVQUEUVEUVFUFBfFhRNOlBKlRGlRWpQRZURZcasoJ24T5UUF0dpVEpVEZdHGVRF3iqqiqqgmqosaoqaoKWqJWqK2qC3qiDqirqgr6okHRH3RG/vjQyKjM43EEGwshmIT0VTIS89QLcVwbCVaizbiCTESR2A70dK1F0+LDmIMdhR/E2PxWdFZjMcu4nnRVXQT3cULoodo5XqKXmIy9hZ9xDTsK/qJ/mKAmInVxXs4J3sN8apIFEPEUPGaWICvi+HiKjFCjBSjxJtitHhLjBFjxTgxXiSJCWKieFtMEu+IyWKKmCqmiWQxXcwQ74qZYpaYLd4Tc8T7Yq6YJ+aLBSJFfCAWikUiVXwoFouPRJpYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu9ghdoqPxS7xidgt9oi94lOxT3wm9ovPxQHxhTgovhTp4itxSHwtDotvxBHxrTgqvhPHxHFxQnwvToofxClxWpwRZ8U58aM4L34SF4QXIFEKKaWSgYyR2WSszC5zyKtkThlkPv/LOHmdzC2vl3lkXplP5pfxsoAsKLU00kqSoSwkC8uovEEWkTfKorKYLC5LSCdLylLyJlla3izLyFtkWXmrLCdvk+VlBVlRVpK3y8ryDgmRi8eoJqvLGrKmvFsmwD2ytrxX1pH3ybryfllPPiDrywdlA/mQbCgflo3kI7KxfFQ2kU1lM9lctpCPyZbycdlKtpZt5BOyrXxStpNPyfbyadlB+ku/Is/KzvI52UU+L7vKbrK7/ElekF72lL0k9AbZR74k+8p+sr8cIAfKl+Ug+YocLF+ViXKIHCpfk8Pk63K4fEOOkCPlKPmmHC3fkmPkWDlOjpdJcoKcKN+Wk+Q7crKcIqfKaTJZTpf9L600W8p/mv/27+QP/vnom+RmuUVuldvkdrlD7pQfy11yl9wtd8u9cq/cJ/fJ/XK/PCAPyIPyoEyX6fKQPCQPy8PyiDwij8qj8pg8Ls/K7+VJ+YM8JU/L0/KsPCfPyfOXfgagUAkllVKBilHZVKzKrnKoq1ROdbXKpa5REXWtilPXqdzqepVH5VX5VH4Vrwqogkoro6wiFapCqrCKqhvw0i+MKq5KKKdKqlLqpn8nXxVRN6qiqtiv8jPrS/gH9bVQLVRL1VK1Uq1UG9VGtVVtVTvVTrVX7VUH1UF1VB1VJ9VJdVadVRfVRXVVXVV31V31UD1UT9VTJagE1Ue9pPqqfqq/GqAGqpdFxh4Gq8EqUSWqoWqoGqaGqeFquBqhRqhRapQarUarMWqMGqfGqSSVpCaqiWqSmqQmq8lqqpqqklWymqFmqJlqppqtZqs5ao6aq+aq+Wq+SlEpaqFaqFJVqlqsFqs0tUQtUcvUMrVCrVCr1Cq1Rq1R69Q6tUFtUGlqs9qstqqtarvarnaqnWqX2qV2q91qr9qr9ql9ar/arw6oA+qgOqjSVbo6pA6pw+qwOqKOqKPqqDqmjqkT6oQ6qU6qU+qUOqPOqHPqnDqvzqsL6kLGaV8gAhGoQAUxQUwQG8QGOYIcQc4gZ5AryBVEgkgQF8QFuYPrgzxB3iBfkD+IDwoEBQMdmMAG4lLTo8ENQZHgxqBoUCwoHpQIXFAyKBXcFJQObg7KBLcEZYNbg3LBbUH5oEJQMagU3B5UDu4IqgR3BlWDu4JqQfWgRlAzuDuoFdwT1A7uDeoE9wV1g/uDesEDQf3gwaBB8FDQMHg4aBQ8EjQOHg2aBE2DZkHzoMWfur73p/I+7nrqXjpB99Z99Eu6r+6n++sBeqB+WQ/Sr+jB+lWdqIfoofo1PUy/rofrN/QIPVKP0m/q0fotPUaP1eP0eJ2kJ+iJ+m09Sb+jJ+speqqeppP1dD1Dv6tn6ll6tn5Pz9Hv67l6np6vF+gU/YFeqBfpVP2hXqw/0ml6iV6ql+nleoVeqVfp1XqNXqvX6fV6g96oN+nNeoveqrfp7XqH3qk/1rv0J3q33qP36k/1Pv2Z3q8/1wf0F/qg/lKn66/0If21Pqy/0Uf0t/qo/k4f08d1Gf29Pql/0Kf0aX1Gn9Xn9I/6vP5JX9A+4+Q+4+XdKKNMjIkxsSbW5DA5TE6T0+QyuUzEREyciTO5TW6Tx+Qx+Uw+E2/iTUFT0GQgQ6aQKWSiJmqKmCKmqClqipvixhlnSplSprQpbcqYMqasKWvKmXKmvClvKpqK5nZzu7nD3GHuNHeau8xdprqpbmqamqaWqWVqm9qmjqlj6pq6pp6pZ+qb+qaBaWAamoamkWlkGpvGpolpYpqZZqaFaWFampamlWll2pg2pq1pa9qZdqa9aW86mA6mo+loOplOprPpbLqYLqar6Wq6m+6mh+lhepqeJsEkmD6mj+lr+pr+pr8ZaAaaQWaQGWwGm0STaIaaoWaYGWaGm+FmhBlpRmWcqJq3zBgz1owz402SSTITzUQzyUwyk81kM9VMNckm2cwwM8xMM9PMNrPNHDPHzDVzzXwz36SYFLPQLDSpJtUsNotNmkkzS81Ss9wsNyvNSrParDZrzVqzHtabjWaj2Ww2m61mq9lutpudZqfZZXaZ3Wa32Wv2mn1mn9lv9psD5oA5aA6adJNuDplD5rA5bI6YI+aoOWqOmWPmhDlhTpqT5pQ5Zc6YM+acyXvp9dKbWJvd5rBX2Zz2apvLXmP/Ps5n89t4W8AWtNrmsXl/FRtrbVFbzBa3JayzJW0pe9Nv4vK2gq1oK9nbbWV7h63ym7iWvcfWtvfaOvY+W9Pe/au4rr3f1rOP2PqIALapbWib20b2EdvYPmqb2Ka2mW1u29onbTv7lG1vn7Yd7DO/iRfaRXa1XWPX2nV2t91jz9iz9rD9xp6zP9qetpcdaF+2g+wrdrB91SbaIb+JR9k37Wj7lh1jx9pxdvxv4ql2mk220+0M+66daWf9Jk6xH9g5NtXOtfPsfLvg5zijplT7oV1sP7JpNoCldpldblfYlXbV/611md1gN9pNdpf9xG612+x2u8PuzDwRtnvsXvup3Wc/s4fs1/aA/cIetEdsuv3q5zhjf0fst/ao/c4es8ftCfu9PWl/UJnZGXv/3v5kL1hvgZCAJCkKKIayUSxlpxx0FeWkqykXXUMRupbi6DrKTddTHspL+Sg/xVMBKkiaDFkiCqkQFaYo3UCZ5RWnEuSoJJWim6g03Uxl6BYqS7dSObqNylMFqkiV6HaqTHdQFbqTqtJdVI2qUw2qSXdTLbqHatO9VIfuo7p0P9WjB6g+PUgN6CFqSA9TI3qEGtOj1ISaUjNqTi3oMWpJj1Mrak1t6AlqS09SO3qK2tPT1IGeoY70N+pEz1Jneo660PPUlbpRd3qBetCL1JN6UQL1pj70EvWlftSfBtBAepkG0Ss0mF6lRBpCQ+k1Gkav03B6g0bQSBpFb9JoeovG0FgaR+MpiSbQRHqbJtE7NJmm0FSaRsk0nWbQuzSTZtFseo/m0Ps0l+bRfFpAKfQBLaRFlEof0mL6iNJoCS2lZbScVtBKWkWraQ2tpXW0njbQRtpEm2kLbaVttJ120E76mHbRJ7Sb9tBe+pT20We0nz6nA/QFHaQvKZ2+okP0NR2mb+gIfet70Xd0jI7TCfqeTtIPdIpO0xk6S+foRzpPP9EF8gQhhiKUoQqDMCbMFsaG2cMc4VVhzvDqMFd4TRgJrw3jwuvC3OH1YZ4wb5gvzB/GhwXCgqEOTWhDCsOwUFg4jIY3hEXCG8OiYbGweFgidGHJsFR4U1g6vDksE94Slg1vDcuFt4XlwwrhI/dVCm8PK4d3hFXCO8Oq4V1htbB6WCOsGd4d1grvCWuH94Z1wvvCMuH9Yb3wgbB++GDYIHwobBg+HDYKHwkbh4+GTcKmYbOwedgifCxsGT4etgpbh23Cq8K24ZNhu/CpsH34dNghfObn+fsXZc4/8Zv5hLB32Cd8KXwp9P5eOT+6IJoS/SC6MLoomhr9MLo4+lE0LbokujS6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kep9zWzg0AknnXKBi3HZXKzL7nK4q1xOd7XL5a5xEXeti3PXudzuepfH5XX5XH4X7wq4gk4746wjF7pCrrCLuhtcEXejK+qKueKuhHOupCvlmrsWroVr6R53rVxr18Y94Z5wT7on3VPuKfe06+CecR3d31wn96zr7J5zz7nnXVfXzXV3L7gebkKui4/JBNfH9XF9XV/X3/V3A91AN8gNcoPdYJfoEt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NckktyE91EN8lNcpPdZDfVTXXJLtnNcDPcTDfTVZ518Shz3Vw33813KS7FLXQZ54ypbrFb7NJcmlvqlrrlbrlb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+l2ul1ul9vtr7m4qNvn9rv97oA74A66L126+8odcl+7w+4bd8R9646679wxd9ydcN+7k+4Hd8qddmfcWXfO/ejOu5/cBeddUmRCZGLk7cikyDuRyZEpkamRaZHkyPTIjMi7kZmRWZHZkfcicyLvR+ZG5kXmRxZEUiIfRBZGFkVSIx9GFkc+iqRFlkSWRpZFlkdWRLwvsDX0hXxhH/U3+CL+Rl/UF/PFfQnvfElfyt/kS1+sO837W305f5sv7yv4iv5R38Q39c18c9/CP+Zb+sd9K9/at/FP+Lb+Sd/OP+Xb+6d9B/+M7+j/5jv5Z31n/5zv4p/3XX03392/4Hv4F31P38sn+N6+j3/J9/X9fH8/wA/0L/tB/hU/2L/qE/0QP9S/5of51/1w/4Yf4Uf6UTFv+tGZb5FhvE/yE/xE/7af5N/xk/0UP9VP88l+up/h3/Uz/Sw/27/n5/j3/Vw/z8/3C3yK/8Av9It8qv/QL/Yf+TS/JPOisV/pV/nVfo1f69f59X6D3+g3+c1+i9/qt/ntfoff6T/2u/wnfrff4/f6T/0+/5nf7z/3B/wX/qD/0qf7r/wh/7U/7L/xR/y3/qj/zh/zx/0J/70/6X/wp/xpf8af9ef8j/68/8lf4H+zxhhjjDH2L5lweSh+PXPxcn7v38kRv7hzHwC4elv+9F/OZ5xRrs9zcdxPxMdmfH26V5eHMm/VqiUkJFy6b5qEoPA8gMy/BGX4+aMHl+Il0AaehPbQGkr/bv39RLdz9E/Wj94KkOMXORkFZcaX1/8cABN+s99+4rEnRi0sF56J+3+sPw+gaOHLOdnhcrwE2vx8faU1lPkH9edt+U/qz/5FEkCrX+TkhMvx5fpLwePwDLT/1T0ZY4wxxhhjjLGL+omKnTLff2Z+4vP33p/Hq8s52eBy/M/enzPGGGOMMcYYY+zKe7Zb96cea9++dad/f1Dlf5T1Lw8aw39qZR787sB7gMzvKAD4gwsCZAzkX7mLLX/JsRIvPXT+fmr5WR/A/45W/hmDK/zExBhjjDHGGPvTXT7p//X31ZUqiDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYy4L+iv9O7ErvkTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGLvS/k8AAAD///P/+v8=")
recvfrom(r3, &(0x7f0000001700)=""/176, 0xb0, 0x2040, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e24, 0x80000000, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
connect$inet6(r4, 0x0, 0x0)

11.362906046s ago: executing program 3 (id=1660):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x20040491)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0xdffffffe, 0x80, 0x0, 0x0, "8100e1c8e80b598c36ff000800"})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r4 = eventfd(0x1)
ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r4)
timer_create(0x1, &(0x7f00000001c0)={0x0, 0x21, 0x2}, &(0x7f0000000300))
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$FUSE_OPEN(r5, &(0x7f0000000080)={0x20, 0x8000000000000009, 0x0, {0x0, 0x8}}, 0x20)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
syz_emit_ethernet(0x3e, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60fca33f00087300fe8000000000000000000000000000aaf58002000000000000000000000000aa2f00074966000004"], 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r6 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x60})
r7 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000040)={0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00003, 0x8)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80387, 0x0)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r8, 0x40505331, &(0x7f0000000540)={{}, {0x18}, 0x0, 0x7})
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000100)={0x1, r4})
r9 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r9, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x29)
close_range(r2, 0xffffffffffffffff, 0x0)

11.361743386s ago: executing program 5 (id=1670):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x28, 0x3, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0xe}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0xbe}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000680)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4800000010000104000000000007000000000000", @ANYRES32=r5, @ANYBLOB="3f00000006020400280012800b0001006272696467650000180002800c002e0003000000030000000500070008"], 0x48}, 0x1, 0x0, 0x0, 0x44000}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="7000000010000304000080000000000000007400", @ANYRES32=r8, @ANYBLOB="0000000003120100500012800b000100627269646765000040000280080005000100000006002700000000000800010015000800050025000000000008000400000000000c002e"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40)

11.356341046s ago: executing program 0 (id=1662):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x800, &(0x7f0000000000)={[{}, {@nogrpid}]}, 0xfe, 0x572, &(0x7f0000000240)="$eJzs3U1rVFcfAPD/nSS+JD4aQeRpFyXgohbrxCR9sdCFXZZWKrR7OyTXIJk4kpmISYXqom66KVIopdLSD9B9l9Iv0E8htIIUCe2imyl35o6OyUwS42hG5/eDq+fcc6/nnrn3fzxnzgwTwMCayP4oRLwSEd8kEYfayoYjL5xoHrf24NpstiVRr3/6VxJJvq91fJL/PZZn/h8Rv30VcaKwsd7qyupCqVxOl/L8ZG3x8mR1ZfXkxcXSfDqfXpqemTn99sz0e+++s/HkvTtr6xvn/vn+kzsfnv762Np3v9w7fCuJM3EgL2tvx1O43p6ZiIn8NRmJM+sOnOpBZf0k2e0LYEeG8jgfiawPOBRDedQDL78vI6IODKhE/MOAas4AMs25/abz4PrLN8u7/0FzAtRq+6P2J833RmJfY240upY8NjPKXonxHtSf1fHrn7dvZVv07n0IgC1dvxERp4aHH+v/DkZb/7dzp7ZxzPo69H/w/NzJxj9v7u0w/ik8HP9Eh/HPWIfY3Ymt479wr/OZO1wEWicb/70fncZ/Dxetxofy3P8aY76R5MLFcpr1bVk3eTxG9mb5zdZzTq/drXcrax//ZVtWf2ssmF/HveF1TZ0r1UpP0+Z2929EvLrF+DfpcP+z1+PcNus4mt5+rVvZ1u1/tuo/R7ze8f4/muskm69PTjaeh8nWU7HR3zeP/t6t/t1uf3b/Rzdv/3jSvl5bffI6ftr3b9qtbCLJF02f8Pnfk3zWSO/J910t1WpLUxF7ko837p9upn9sy7eOz9p//Fjn+N/s+d8fEZ9vs/03j9zsemg/3P+5J7r/XRL1pGvR3Y+++KFb/dvr/95qpI7ne7bT/3W+0tG89GmeZgAAAAAAAOhfhYg4EEmh+DBdKBSLzc93HInRQrlSrZ24UFm+NBeN78qOx0ihtdI91vZ5iKn887Ct/PS6/ExEHI6Ib4f2N/LF2Up5brcbDwAAAAAAAAAAAAAAAAAAAH1irMv3/zN/DO321QHPnJ/8hsG1Zfz34peegL7k/38YXOIfBpf4h8El/mFwiX8YXOIfBpf4h8El/gEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp09m231tQfXZrP83JWV5YXKlZNzaXWhuLg8W5ytLF0uzlcq8+W0OFtZ3OrfK1cql6emY/nqZC1NapPVldXzi5XlS7XzFxdL8+n5dOS5tAoAAAAAAAAAAAAAAAAAAABeLNWV1YVSuZwuvVyJQt68bZ91MD+hHy7+xUoM98dlSPQ4sYudEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACs818AAAD//0efKxA=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x80, 0x0, 0x0)
openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0)
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r3, 0x0, 0xd2, 0x0, 0x0)
setsockopt$MRT_ADD_MFC(r3, 0x0, 0xcc, &(0x7f0000000280)={@broadcast, @multicast1, 0x0, "7ea97ddb2ac127ffa5b7216fe75ebaa2855a422a8bf8ec7caf003751804500", 0x0, 0xfffffffd, 0x4, 0xfffffffe}, 0x3c)
setsockopt$MRT_FLUSH(r3, 0x0, 0xd4, &(0x7f00000003c0)=0xa, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x6b, 0x60000000, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)

11.258227498s ago: executing program 1 (id=1663):
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000180)=<r1=>0x0)
sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x9, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x6000, 0x0)
r5 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r5, 0x84, 0x71, &(0x7f00000001c0)={<r7=>0x0, 0x2}, 0x0)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f0000000340)={r7, 0x10005}, &(0x7f0000000380)=0x8)
r8 = dup2(r5, r5)
ioctl$BLKTRACESETUP(r8, 0xc0481273, &(0x7f0000000240)={'\x00', 0x40, 0xa, 0x3, 0x40000000, 0x10})
ioctl$BLKTRACESTART(r5, 0x1274, 0x0)
ioctl$BLKTRACESTOP(r8, 0x1275, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$BLKTRACETEARDOWN(r8, 0x1276, 0x0)
clock_adjtime(0x0, 0x0)
ioctl$BTRFS_IOC_SCRUB_CANCEL(r3, 0x941c, 0x0)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x14, r0, 0xe27, 0x70bd2b, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000)

10.059907666s ago: executing program 1 (id=1665):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340)={0x0, 0x0, 0x4}, 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_DELDEST(r3, 0x0, 0x488, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r4, 0xffffffffffffffff, 0x200000000000000)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
syz_open_procfs(0x0, &(0x7f0000005840)='net/snmp6\x00')
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4a}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r6 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00')
read$qrtrtun(r6, &(0x7f00000004c0)=""/57, 0x39)

9.029145671s ago: executing program 5 (id=1666):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
process_vm_readv(0x0, &(0x7f0000000200)=[{0x0}, {0x0}, {&(0x7f0000000040)=""/122, 0x7a}], 0x3, 0x0, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010300000ae6f72087a003"], 0x3c}}, 0x0)
r4 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000300), r3)
sendmsg$SEG6_CMD_GET_TUNSRC(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="23020000000000000000030000000800020005000000140001"], 0x30}, 0x1, 0x0, 0x0, 0x4}, 0xa800)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, 0x0, 0x4000041)
sched_setaffinity(0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000040)={0x0, <r7=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)={0x24, 0x2e, 0x1, 0x70bd2a, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=r7}, @nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x109, 0x0, 0x0, @ipv4=@rand_addr=0x64010101}]}]}, 0x24}], 0x1}, 0x0)
listen(0xffffffffffffffff, 0x5)
io_pgetevents(0x0, 0x2, 0x2, &(0x7f0000000100)=[{}, {}], 0x0, 0x0)
io_submit(0x0, 0x2, &(0x7f00000000c0)=[0x0, 0x0])
shutdown(0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8923, &(0x7f00000000c0)={'bond_slave_0\x00', @random="013301300108"})

9.028902611s ago: executing program 0 (id=1667):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x2000)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="0815000000051104000000000000000001000005540201"], 0x1508}}, 0x10)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r5, 0x11b, 0x3, &(0x7f0000000180)=0x800, 0x4)
r6 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000400)={'dummy0\x00', <r7=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r5, &(0x7f0000000100)={0x2c, 0x0, r7}, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000010)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(0xffffffffffffffff, 0x29, 0x37, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0)

7.347995947s ago: executing program 5 (id=1668):
ioctl$IOC_WATCH_QUEUE_SET_FILTER(0xffffffffffffffff, 0x5761, 0xfffffffffffffffc)
set_mempolicy(0x6005, 0x0, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socket$kcm(0x2, 0x5, 0x84)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x28, 0x801, 0x0)
connect$vsock_stream(r3, &(0x7f0000000880)={0x28, 0x0, 0x0, @local}, 0x10)
shutdown(r3, 0x2)
setsockopt$sock_int(r2, 0x1, 0x28, &(0x7f0000000100)=0x7, 0x4)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r4)
sendmsg$NLBL_CIPSOV4_C_ADD(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000740)={0x40, r5, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSCATLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0xc, 0x8, 0x0, 0x1, [{0x4}, {0x4}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x2}, @NLBL_CIPSOV4_A_TAGLST={0x4}]}, 0x40}}, 0x0)

7.346873767s ago: executing program 1 (id=1677):
syz_usb_connect$uac1(0x2, 0xb8, 0x0, 0x0)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, 0x0, 0x101, 0x0)
io_setup(0x81, &(0x7f0000001440)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f00000008c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0x800, r1, 0x0, 0x0, 0x0, 0x0, 0x2}])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000e00)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
pipe2(0x0, 0x800)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x9b2, 0xf)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4028800)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0xf5, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0500000000000000000002000000300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x54}, 0x20008000)

5.23783791s ago: executing program 0 (id=1669):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xf)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$FUSE_STATFS(r1, &(0x7f0000005f00)={0x60, 0x0, 0x0, {{0xfffffffffffffffd, 0x8, 0x6, 0x4, 0x8, 0xfffffc00, 0xb8, 0x8}}}, 0x60)
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, 0x0, &(0x7f0000000180))
r2 = socket$kcm(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80080a, &(0x7f0000000940)={[{@bsdgroups}, {@resuid}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xffff}}, {@noblock_validity}]}, 0x1, 0x7b2, &(0x7f00000009c0)="$eJzs3c9rXNUeAPDvnfxq077XPHjw2rdpVloonbQ1tgqCERciWCjoVtswmYaYSaZkJqUJWbSIIIigxYWgG9dV686t6Nq/wY2ItFRNgxUXMnLnR5Lmd9KZTNt8PnCTc+6cO+d87517z5m5h5kA9qz+9E8m4khEfJhEHKqvTyKiq5rqjBiqlbs/P5dLlyQqldd/S6plFubncrFsm9SBeuZwRHz3bsTxzOp6SzOz48OFQn6qnh8oT1weKM3MnhibGB7Nj+Ynz5waHDx99tmzZ5oX6x8/zB6889ErT3819Nc7/7v1wfdJDMXB+mPL42iW/uiv75OudBc+4OVmV9ZmSbsbwI6kp2ZH7SyPI3EoOqopAOBJlvb/FQBgj0n0/wCwxzQ+B1iYn8s1lvZ+IrG77r4UEftq8Tfub9Ye6azfs9tXvQ/au5BEZ/2OaOrNJtXfHxGfffPWF+mS5hc6bzbpmQE2du16RFzs6199/U9WzVnYrpNbKNO/Ir/X+h9op2/T8c9za43/Movjn1gc/yzpWePc3Yn+iO7l+dXnf+b2mhu+2ITK6+O/F2pz29JA6+O/5FrtzlhVX0f9Ptm/0szRiBgr5NNr278j4lh09VwaK+RPbVDHsXt/31vvseXjv99vvH0zrT/9v1Qic7uz58FtRobLww8Z9qK71yP+37k0t68afzX02vV/f31u18rjn647v9ETH11Kvvr8e5+uVyyNP423sayOv7Uqn0c8FSvir1qa0ZZsOD9xID38J2t/167j658+6V2v/uXHP13S+hvvBdbRvfNoV0uPf+/G8fcly+drlppZ+1biX/v13528UU03dsbV4XJ56lREd/La6vWnl7Zt5Bvl0/hrka6Mf+n6t9brP30neHGLMXbe+fXLnce/qCVTLNP4R7Z1/LefuHV/vGPn8afHf7CaOlZfs5Xr31Yb+DD7DgAAAAAAAAAAAAAAAAAAAAAAAAC2KhMRByPJZBfTmUw2W/sN7/9Gb6ZQLJWPXypOT45E9bey+6Ir0/iqy0O1fNL4/tO+ZfnTK/LPRMR/IuLjnv3VfDZXLIy0O3gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqDuwzu//p37paXfrAICW2bdpiXv5B7KVSqXSwvYAAK23ef8PADxpNuj/9+9mOwCA3eP9PwDsPfp/ANh79P8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC02Plz59Kl8uf8XC7Nj1yZmR4vXjkxki+NZyemc9lccepydrRYHC3ks7nixGbPVygWLw/G5PTVgXK+VB4ozcxemChOT5YvjE0Mj+Yv5Lt2JSoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2J7SzOz4cKGQn3oiEu9HxCPQjFYkkngkmtGWxM8nfjy8UZkbm7yMhx6JKB6zRLuvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACPh38CAAD//4BhJWs=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0x0, 0xfffffffd}, 0x20)
getpeername$l2tp6(r3, 0x0, &(0x7f0000000300))
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$RTC_EPOCH_READ(r1, 0x8008700d, &(0x7f00000001c0))
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600073582c137153e37080c188009ac0f000300", 0x33fe0}], 0x1, 0x0, 0x0, 0x8100000}, 0x0)

5.236292519s ago: executing program 5 (id=1679):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
syz_io_uring_setup(0x8d2, 0x0, 0x0, &(0x7f0000000080), &(0x7f0000000200))
openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x88a01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
mount(0x0, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x208000, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
r2 = socket(0x10, 0x3, 0x0)
r3 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r3, 0x40187542, &(0x7f0000000000)={0xffffffffffffffff, 0x1f, 0x0, 0x1000000})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800e80010000d0428bd7000fcdbff2500008000", @ANYRES32=r2, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000"], 0x48}}, 0x4084)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0)
write$UHID_INPUT(r0, &(0x7f0000001040)={0x9, {"a2e3ad21ed0d09f90e3d090987f70e06d038e7ff7fc6e5539b0d5b0e8b099b3f36006e090890e0878f0e1ac6e7f89b334d959b4a9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0a6193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000400000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617679314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec230911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918c91243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac5a4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4b333bd5bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3be3b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ce0700c7e658828163e2d25c4aa348561f927eff7f3aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f05004b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d486046b2c0e2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee6157eb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de225727aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d78749a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29c60acebdbe8ddbd75c2f998d8a57f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95ff80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8870b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513007000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae8489d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60299473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d946a2daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810300000000000000a12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf000000800000000007b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae0e797e8bd1f4108b7807fb36207685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ad50dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b9048017848416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1db44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b00f1000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de9c0587c2cb5fe36d7d3e5db21b013b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cf4b23329072e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06810002000000000000957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f3e90d5943dbc10360a1a49700d1dfbf66d69f6fbafe1e83cdde8bb0d872a02238926407a4eddd5d0fc5a752f900000000000000100", 0x35e}}, 0x1006)

4.069249457s ago: executing program 0 (id=1671):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000240), 0x4)
socket$netlink(0x10, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_rdma(0x10, 0x3, 0x14)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x9}]}}]}, 0x38}}, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r6, &(0x7f0000009f40)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x7, @remote, 0x6}, 0x1c, &(0x7f0000000100)=[{&(0x7f0000000040)="b1", 0x1}], 0x1}}], 0x1, 0x4000054)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000380)=[{0x0}, {&(0x7f0000002c00)=""/4096, 0x1000}], 0x2, 0x401, 0xc)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000c80)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x12, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0xd, 0xfff2}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_BUCKETS_LOG={0x8, 0x8, 0x1}]}}]}, 0x38}}, 0x0)

3.827220361s ago: executing program 5 (id=1672):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
socket$inet_tcp(0x2, 0x1, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getrusage(0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
futex(0x0, 0x84, 0x0, 0x0, 0x0, 0x0)
r3 = socket(0x1d, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
syz_mount_image$exfat(&(0x7f0000002bc0), &(0x7f0000000000)='./bus\x00', 0x10000, &(0x7f0000000040)={[{@iocharset={'iocharset', 0x3d, 'cp855'}}, {@errors_continue}, {@utf8}]}, 0x1, 0x1535, &(0x7f00000001c0)="$eJzs3AucjdX6OPDnWWu9Y0jaTXIZ1lrPy04uiyTJJUkuSZIkSW4JSZIjCYkht6QhCcllSC5DSC4Tk8b9fr8kJEmTJCG5Jev/mZi/OnX+55xfnfz+Z57v57M/s55Z+1nvs+aZvfe739l802VojUY1qzYgIvhD8OKXBACIBYCBAHANAAQAUDaubFzGfHaJCX/sIOzP9VDyla6AXUnc/6yN+5+1cf+zNu5/1sb9z9q4/1kb9z9r4/4zlpVtnp7/Wr5l3Rtf/8/K+PX/v0h6ybFfrC15fVeAmH81hfv//z/8A7nc//9awb9yJ+5/1sb9z6pir3QB7H8BfvxnBdn+4Qz3P2vj/jOWlf3yWnAsXPnr0X/1DSL/yb+B+F4Xf8pXfp//cP+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxthf4Iy/TAFA5vhK18UYY4wxxhhjjLE/j892pStgjDHGGGOMMcbYfx6CAAkKAoiBbBAL2SEHCICYzPlrIQ6ug9xwPeSBvJAP8kM8FICCoMGABYIQCkFhiMINUARuhKJQDIpDCXBQEkrBTVAaboYycAuUhVuhHNwG5aECVIRKcDtUhjugCtwJVeEuqAbVoQbUhLuhFtwDteFeqAP3QV24H+rBA1AfHoQG8BA0hIehETwCjeFRaAJNoRk0hxb/o/wXoAe8CD2hFyRAb+gDL0Ff6Af9YQAMhJdhELwCg+FVSIQhMBReg2HwOgyHN2AEjIRR8CaMhrdgDIyFcTAekmACTIS3YRK8A5NhCkyFaZAM02EGvAszYRbMhvdgDrwPc2EezIcFkAIfwEJYBKnwISyGjyANlsBSWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBtthB+yEj2EXfAK7YQ/shU9hH3z2b+af/rv8rggIKFCgQoUxGIOxGIs5MAfmxJyYC3NhBCMYh3GYG3NjHsyD+TAfxmM8FsSCaNAgIWEhLIRRjGIRLIJFsSgWx+Lo0GEpLIWl8WYsg2WwLJbFclgOy2MFrICVsBJWxspYBatgVayK1bAa1sAaeDfejb2xNtbGOlgH62LdzMtT2AAbYENsiI2wETbGxtgEm2AzbIYtsAW2xJbYClthG2yDbbEttsN22B7bYwfsgB2xI3bCTtgZO2MX7IJdsRt2S38hG+CL+CL2wmqiN/bBPtgXE7P1xwE4AF/GQfgKvoKvYiIOwaH4Gr6Gr+NwPIUjLozEUTgKK4u3cAyORRLjMQmTcCJOxEk4CSfjFJyC0zAZp+MMnIEzcRbOwvdwDr6P7+M8nIcLMAVTcCEuwlRMxcV4GtNwCS7FZbgcV+ByXIWrcRWuxXW4FjfgBtyEm3ALbsFtuA134A78GBUAfoJ7cA8m4j7ch/txPx7AA3gQD2I6puMhPISH8TAewSN4FI/iMTyOJ/A4nsSTeApP4xk8g+fwHJ7H5+K/avhxsTWJIDIooUSMiBGxIlbkEDlETpFT5BK5RERERJyIE7lFbpFH5BH5RD4RL+JFQVFQGGEEiTDjmUJERVQUEUVEUVFUFBfFhRNOlBKlRGlRWpQRZURZcasoJ24T5UUF0dpVEpVEZdHGVRF3iqqiqqgmqosaoqaoKWqJWqK2qC3qiDqirqgr6okHRH3RG/vjQyKjM43EEGwshmIT0VTIS89QLcVwbCVaizbiCTESR2A70dK1F0+LDmIMdhR/E2PxWdFZjMcu4nnRVXQT3cULoodo5XqKXmIy9hZ9xDTsK/qJ/mKAmInVxXs4J3sN8apIFEPEUPGaWICvi+HiKjFCjBSjxJtitHhLjBFjxTgxXiSJCWKieFtMEu+IyWKKmCqmiWQxXcwQ74qZYpaYLd4Tc8T7Yq6YJ+aLBSJFfCAWikUiVXwoFouPRJpYIpaKZWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im1iu9ghdoqPxS7xidgt9oi94lOxT3wm9ovPxQHxhTgovhTp4itxSHwtDotvxBHxrTgqvhPHxHFxQnwvToofxClxWpwRZ8U58aM4L34SF4QXIFEKKaWSgYyR2WSszC5zyKtkThlkPv/LOHmdzC2vl3lkXplP5pfxsoAsKLU00kqSoSwkC8uovEEWkTfKorKYLC5LSCdLylLyJlla3izLyFtkWXmrLCdvk+VlBVlRVpK3y8ryDgmRi8eoJqvLGrKmvFsmwD2ytrxX1pH3ybryfllPPiDrywdlA/mQbCgflo3kI7KxfFQ2kU1lM9lctpCPyZbycdlKtpZt5BOyrXxStpNPyfbyadlB+ku/Is/KzvI52UU+L7vKbrK7/ElekF72lL0k9AbZR74k+8p+sr8cIAfKl+Ug+YocLF+ViXKIHCpfk8Pk63K4fEOOkCPlKPmmHC3fkmPkWDlOjpdJcoKcKN+Wk+Q7crKcIqfKaTJZTpf9L600W8p/mv/27+QP/vnom+RmuUVuldvkdrlD7pQfy11yl9wtd8u9cq/cJ/fJ/XK/PCAPyIPyoEyX6fKQPCQPy8PyiDwij8qj8pg8Ls/K7+VJ+YM8JU/L0/KsPCfPyfOXfgagUAkllVKBilHZVKzKrnKoq1ROdbXKpa5REXWtilPXqdzqepVH5VX5VH4Vrwqogkoro6wiFapCqrCKqhvw0i+MKq5KKKdKqlLqpn8nXxVRN6qiqtiv8jPrS/gH9bVQLVRL1VK1Uq1UG9VGtVVtVTvVTrVX7VUH1UF1VB1VJ9VJdVadVRfVRXVVXVV31V31UD1UT9VTJagE1Ue9pPqqfqq/GqAGqpdFxh4Gq8EqUSWqoWqoGqaGqeFquBqhRqhRapQarUarMWqMGqfGqSSVpCaqiWqSmqQmq8lqqpqqklWymqFmqJlqppqtZqs5ao6aq+aq+Wq+SlEpaqFaqFJVqlqsFqs0tUQtUcvUMrVCrVCr1Cq1Rq1R69Q6tUFtUGlqs9qstqqtarvarnaqnWqX2qV2q91qr9qr9ql9ar/arw6oA+qgOqjSVbo6pA6pw+qwOqKOqKPqqDqmjqkT6oQ6qU6qU+qUOqPOqHPqnDqvzqsL6kLGaV8gAhGoQAUxQUwQG8QGOYIcQc4gZ5AryBVEgkgQF8QFuYPrgzxB3iBfkD+IDwoEBQMdmMAG4lLTo8ENQZHgxqBoUCwoHpQIXFAyKBXcFJQObg7KBLcEZYNbg3LBbUH5oEJQMagU3B5UDu4IqgR3BlWDu4JqQfWgRlAzuDuoFdwT1A7uDeoE9wV1g/uDesEDQf3gwaBB8FDQMHg4aBQ8EjQOHg2aBE2DZkHzoMWfur73p/I+7nrqXjpB99Z99Eu6r+6n++sBeqB+WQ/Sr+jB+lWdqIfoofo1PUy/rofrN/QIPVKP0m/q0fotPUaP1eP0eJ2kJ+iJ+m09Sb+jJ+speqqeppP1dD1Dv6tn6ll6tn5Pz9Hv67l6np6vF+gU/YFeqBfpVP2hXqw/0ml6iV6ql+nleoVeqVfp1XqNXqvX6fV6g96oN+nNeoveqrfp7XqH3qk/1rv0J3q33qP36k/1Pv2Z3q8/1wf0F/qg/lKn66/0If21Pqy/0Uf0t/qo/k4f08d1Gf29Pql/0Kf0aX1Gn9Xn9I/6vP5JX9A+4+Q+4+XdKKNMjIkxsSbW5DA5TE6T0+QyuUzEREyciTO5TW6Tx+Qx+Uw+E2/iTUFT0GQgQ6aQKWSiJmqKmCKmqClqipvixhlnSplSprQpbcqYMqasKWvKmXKmvClvKpqK5nZzu7nD3GHuNHeau8xdprqpbmqamqaWqWVqm9qmjqlj6pq6pp6pZ+qb+qaBaWAamoamkWlkGpvGpolpYpqZZqaFaWFampamlWll2pg2pq1pa9qZdqa9aW86mA6mo+loOplOprPpbLqYLqar6Wq6m+6mh+lhepqeJsEkmD6mj+lr+pr+pr8ZaAaaQWaQGWwGm0STaIaaoWaYGWaGm+FmhBlpRmWcqJq3zBgz1owz402SSTITzUQzyUwyk81kM9VMNckm2cwwM8xMM9PMNrPNHDPHzDVzzXwz36SYFLPQLDSpJtUsNotNmkkzS81Ss9wsNyvNSrParDZrzVqzHtabjWaj2Ww2m61mq9lutpudZqfZZXaZ3Wa32Wv2mn1mn9lv9psD5oA5aA6adJNuDplD5rA5bI6YI+aoOWqOmWPmhDlhTpqT5pQ5Zc6YM+acyXvp9dKbWJvd5rBX2Zz2apvLXmP/Ps5n89t4W8AWtNrmsXl/FRtrbVFbzBa3JayzJW0pe9Nv4vK2gq1oK9nbbWV7h63ym7iWvcfWtvfaOvY+W9Pe/au4rr3f1rOP2PqIALapbWib20b2EdvYPmqb2Ka2mW1u29onbTv7lG1vn7Yd7DO/iRfaRXa1XWPX2nV2t91jz9iz9rD9xp6zP9qetpcdaF+2g+wrdrB91SbaIb+JR9k37Wj7lh1jx9pxdvxv4ql2mk220+0M+66daWf9Jk6xH9g5NtXOtfPsfLvg5zijplT7oV1sP7JpNoCldpldblfYlXbV/611md1gN9pNdpf9xG612+x2u8PuzDwRtnvsXvup3Wc/s4fs1/aA/cIetEdsuv3q5zhjf0fst/ao/c4es8ftCfu9PWl/UJnZGXv/3v5kL1hvgZCAJCkKKIayUSxlpxx0FeWkqykXXUMRupbi6DrKTddTHspL+Sg/xVMBKkiaDFkiCqkQFaYo3UCZ5RWnEuSoJJWim6g03Uxl6BYqS7dSObqNylMFqkiV6HaqTHdQFbqTqtJdVI2qUw2qSXdTLbqHatO9VIfuo7p0P9WjB6g+PUgN6CFqSA9TI3qEGtOj1ISaUjNqTi3oMWpJj1Mrak1t6AlqS09SO3qK2tPT1IGeoY70N+pEz1Jneo660PPUlbpRd3qBetCL1JN6UQL1pj70EvWlftSfBtBAepkG0Ss0mF6lRBpCQ+k1Gkav03B6g0bQSBpFb9JoeovG0FgaR+MpiSbQRHqbJtE7NJmm0FSaRsk0nWbQuzSTZtFseo/m0Ps0l+bRfFpAKfQBLaRFlEof0mL6iNJoCS2lZbScVtBKWkWraQ2tpXW0njbQRtpEm2kLbaVttJ120E76mHbRJ7Sb9tBe+pT20We0nz6nA/QFHaQvKZ2+okP0NR2mb+gIfet70Xd0jI7TCfqeTtIPdIpO0xk6S+foRzpPP9EF8gQhhiKUoQqDMCbMFsaG2cMc4VVhzvDqMFd4TRgJrw3jwuvC3OH1YZ4wb5gvzB/GhwXCgqEOTWhDCsOwUFg4jIY3hEXCG8OiYbGweFgidGHJsFR4U1g6vDksE94Slg1vDcuFt4XlwwrhI/dVCm8PK4d3hFXCO8Oq4V1htbB6WCOsGd4d1grvCWuH94Z1wvvCMuH9Yb3wgbB++GDYIHwobBg+HDYKHwkbh4+GTcKmYbOwedgifCxsGT4etgpbh23Cq8K24ZNhu/CpsH34dNghfObn+fsXZc4/8Zv5hLB32Cd8KXwp9P5eOT+6IJoS/SC6MLoomhr9MLo4+lE0LbokujS6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kep9zWzg0AknnXKBi3HZXKzL7nK4q1xOd7XL5a5xEXeti3PXudzuepfH5XX5XH4X7wq4gk4746wjF7pCrrCLuhtcEXejK+qKueKuhHOupCvlmrsWroVr6R53rVxr18Y94Z5wT7on3VPuKfe06+CecR3d31wn96zr7J5zz7nnXVfXzXV3L7gebkKui4/JBNfH9XF9XV/X3/V3A91AN8gNcoPdYJfoEt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NckktyE91EN8lNcpPdZDfVTXXJLtnNcDPcTDfTVZ518Shz3Vw33813KS7FLXQZ54ypbrFb7NJcmlvqlrrlbrlb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+l2ul1ul9vtr7m4qNvn9rv97oA74A66L126+8odcl+7w+4bd8R9646679wxd9ydcN+7k+4Hd8qddmfcWXfO/ejOu5/cBeddUmRCZGLk7cikyDuRyZEpkamRaZHkyPTIjMi7kZmRWZHZkfcicyLvR+ZG5kXmRxZEUiIfRBZGFkVSIx9GFkc+iqRFlkSWRpZFlkdWRLwvsDX0hXxhH/U3+CL+Rl/UF/PFfQnvfElfyt/kS1+sO837W305f5sv7yv4iv5R38Q39c18c9/CP+Zb+sd9K9/at/FP+Lb+Sd/OP+Xb+6d9B/+M7+j/5jv5Z31n/5zv4p/3XX03392/4Hv4F31P38sn+N6+j3/J9/X9fH8/wA/0L/tB/hU/2L/qE/0QP9S/5of51/1w/4Yf4Uf6UTFv+tGZb5FhvE/yE/xE/7af5N/xk/0UP9VP88l+up/h3/Uz/Sw/27/n5/j3/Vw/z8/3C3yK/8Av9It8qv/QL/Yf+TS/JPOisV/pV/nVfo1f69f59X6D3+g3+c1+i9/qt/ntfoff6T/2u/wnfrff4/f6T/0+/5nf7z/3B/wX/qD/0qf7r/wh/7U/7L/xR/y3/qj/zh/zx/0J/70/6X/wp/xpf8af9ef8j/68/8lf4H+zxhhjjDH2L5lweSh+PXPxcn7v38kRv7hzHwC4elv+9F/OZ5xRrs9zcdxPxMdmfH26V5eHMm/VqiUkJFy6b5qEoPA8gMy/BGX4+aMHl+Il0AaehPbQGkr/bv39RLdz9E/Wj94KkOMXORkFZcaX1/8cABN+s99+4rEnRi0sF56J+3+sPw+gaOHLOdnhcrwE2vx8faU1lPkH9edt+U/qz/5FEkCrX+TkhMvx5fpLwePwDLT/1T0ZY4wxxhhjjLGL+omKnTLff2Z+4vP33p/Hq8s52eBy/M/enzPGGGOMMcYYY+zKe7Zb96cea9++dad/f1Dlf5T1Lw8aw39qZR787sB7gMzvKAD4gwsCZAzkX7mLLX/JsRIvPXT+fmr5WR/A/45W/hmDK/zExBhjjDHGGPvTXT7p//X31ZUqiDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYy4L+iv9O7ErvkTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGLvS/k8AAAD///P/+v8=")
recvfrom(r3, &(0x7f0000001700)=""/176, 0xb0, 0x2040, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e24, 0x80000000, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
connect$inet6(r4, 0x0, 0x0)

3.781959522s ago: executing program 3 (id=1673):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x6000003, 0x42031, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0xe0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x97, &(0x7f0000000380)=[{}], 0x8, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0x87, 0x8, 0x0, 0x0}}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000095"], &(0x7f0000000440)='GPL\x00', 0x4, 0x99, &(0x7f0000000480)=""/153}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r3, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x8, &(0x7f0000000800)=[{}], 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = openat$comedi(0xffffff9c, &(0x7f0000000080)='/dev/comedi2\x00', 0x14a300, 0x0)
ioctl$COMEDI_DEVCONFIG(r6, 0x40946400, &(0x7f0000000300)={'dt2814\x00', [0xfffffff9, 0x5, 0x5, 0xbff7ffff, 0xffff7ffd, 0x0, 0x20000004, 0x6, 0xffd, 0x9, 0x200001, 0x1001, 0x8004, 0x3, 0xfffc, 0x5, 0x8, 0x40000006, 0x3, 0x8, 0x80208, 0x5, 0x800800, 0xeadb, 0xffffffff, 0x1, 0xffff, 0x81, 0x1, 0xd6d, 0x70f]})
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000003740)=@newtaction={0xee4, 0x30, 0xb, 0x0, 0x0, {}, [{0xed0, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80006}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}, @m_pedit={0xe84, 0x2, 0x0, 0x0, {{0xa}, {0xe58, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x5, 0xa, 0x4, 0x1, 0x2000000}, 0x5, 0x1}, [{0x9, 0x80000001, 0x1, 0x630, 0x8, 0x1}, {0xdf, 0x4, 0x5, 0x5, 0x10, 0xe}, {0x1, 0x85a, 0x5, 0xe6db, 0x3, 0xfffffffc}, {0x6, 0x400, 0x9321, 0x9, 0x6, 0x7}, {0x5, 0x5, 0xffffffc0, 0x80, 0x3}, {0xe, 0xf5, 0x3, 0x9, 0xffffbff8, 0x3}, {0x0, 0x7, 0xfff, 0x2, 0x9163ef6c, 0x80003}, {0x3, 0x3, 0x80, 0x0, 0xacc4, 0x2}, {0x8001, 0xffb, 0x9, 0xffff, 0xfffffffe, 0x81}, {0x8, 0xfff, 0x6, 0xeb84, 0x8, 0x30c4}, {0x7, 0x9, 0xfffffffc, 0x100, 0x4}, {0x8004, 0x80000001, 0xfffffeff, 0xdf, 0x4, 0x5}, {0x7, 0x80000001, 0x9, 0x7, 0x1000, 0x7}, {0x5, 0x2, 0xfffffffd, 0x9, 0x474, 0x594}, {0x7fffffff, 0x1, 0x8, 0xfffffff9, 0x6, 0xffffffff}, {0x24, 0x5, 0xf, 0x6, 0x6, 0x8000003}, {0xbb, 0x5, 0x2, 0x310, 0xf}, {0x9b7d, 0x52fc, 0x3, 0x3, 0x48, 0x9}, {0xbd, 0x8, 0x10, 0xe4d, 0x7f, 0x3}, {0x8, 0x8, 0x9, 0x3, 0x2, 0x5}, {0x4, 0x1000, 0x5, 0x6, 0x93e, 0x6}, {0x1, 0x7, 0x0, 0x1, 0xff, 0x3}, {0xb, 0x7f, 0xfffff419, 0x1, 0x3ff, 0x9}, {0x4, 0x8, 0x7, 0xb, 0x8, 0x80004d}, {0x34db, 0xffff, 0x0, 0x3ff, 0x1, 0x400}, {0xf, 0xcb1d, 0x8, 0x1, 0x0, 0x4}, {0x5, 0x3, 0x7, 0x8, 0x3, 0x984}, {0x2, 0xffffffff, 0x3, 0x2, 0x9, 0x40}, {0x7, 0x281, 0x7fffffff, 0x381, 0x3, 0x8}, {0x5, 0x4, 0x1, 0x8, 0x4, 0x2f}, {0x6, 0x3, 0x4, 0xd1a1, 0x9, 0x7}, {0x5, 0x3, 0x8, 0x4, 0x16, 0x2}, {0x8001, 0x87, 0x6, 0x1, 0x3, 0x4}, {0x6, 0x9e4, 0x8b7f, 0x11, 0x3, 0x7}, {0x7, 0x1, 0x800, 0x70f, 0x8001, 0x3}, {0x4, 0x10, 0x6, 0x1, 0x4, 0x22ff}, {0x5, 0x10001, 0x9, 0x0, 0x10001, 0x7}, {0xf85, 0x2e, 0x100, 0x3, 0x100, 0xe60c}, {0x2, 0x5, 0x1, 0xe000000}, {0x4e2, 0x6b0, 0x2, 0x100, 0x4, 0xd}, {0x1, 0xcad, 0xa5, 0x2, 0x4d800, 0x33}, {0x20, 0x7f, 0x33, 0x2, 0x400, 0x4}, {0x4, 0x62e, 0xb, 0x219c, 0x0, 0x5}, {0x0, 0x4, 0x0, 0x1, 0x1, 0x1}, {0x7f, 0x945a, 0x0, 0x0, 0x8, 0x3}, {0xda1, 0x893, 0x2, 0x9, 0xfffffa2e, 0x6}, {0x1, 0xfffffff3, 0x7fffffff, 0x8, 0x0, 0x1}, {0x2, 0x8, 0x2, 0xe, 0x2, 0x2}, {0x6, 0x100, 0xe, 0x10000, 0x5, 0x7}, {0x0, 0x6, 0x7, 0x4, 0xc, 0x800}, {0x8, 0x10000, 0x1, 0x1, 0x7}, {0x7d5, 0x2, 0x4, 0x800, 0xf}, {0x1, 0x5, 0x6, 0x2, 0x8, 0xc}, {0x2, 0x1, 0x3, 0xc, 0x1, 0x2c3}, {0x1000, 0x3, 0xbc, 0x8001, 0xfa, 0x8}, {0x2, 0x3, 0x9, 0x50e, 0x55ac, 0xa5e2}, {0x0, 0x196680, 0xffffff91, 0x100, 0x3, 0x7}, {0x4, 0x4, 0x2, 0x1, 0x0, 0xe}, {0xfffffff5, 0x8, 0x7023, 0x8, 0x5, 0x851}, {0x3, 0x78, 0x7, 0xa, 0x5dec4cac, 0x6}, {0x4, 0x9, 0x3a, 0x2, 0x8, 0x602}, {0x4, 0x7fffffff, 0x0, 0x8, 0x8, 0xff}, {0x7, 0xfffffff1, 0x2f2c, 0x400, 0x6, 0x6}, {0x10001, 0x81, 0x40, 0x2, 0x89, 0x2}, {0x2, 0x8550, 0x4c, 0x3, 0xfffffffa, 0x736d}, {0x7f, 0x199, 0x5, 0x9, 0x7, 0x2}, {0x7, 0x1, 0x9, 0x7, 0x2, 0x7}, {0x9, 0x3f1, 0x4, 0x5, 0x5, 0x8}, {0x100, 0x3ff, 0x4, 0x7f53, 0x7, 0x1}, {0x3ff, 0xc, 0x4, 0x1, 0x4, 0x4}, {0x9, 0x381, 0xfff, 0x5d7c, 0x0, 0x8001}, {0x8, 0x0, 0x7, 0xfffffffb, 0x3ee, 0x4}, {0xbfffffe, 0x6, 0x101, 0x5, 0x400, 0x400}, {0x7fff, 0xb3, 0x2, 0x10000, 0x6, 0x14}, {0x0, 0x1, 0x4c90, 0x4, 0x7f, 0x8}, {0x5, 0x25b, 0xe9, 0x3, 0x2, 0x2}, {0x29dbdf0, 0xd, 0xfffffffd, 0x7, 0x6, 0x3}, {0x7, 0x1, 0xa, 0x8, 0x5, 0x5}, {0x473, 0x8, 0x2, 0x400, 0x4000000, 0x69b3d6e6}, {0x1, 0xb7bb, 0x22800000, 0x3, 0x10, 0x9}, {0x7f, 0x4, 0x6, 0xffffffff, 0x3, 0x8}, {0xfffffff7, 0x80000000, 0xa, 0x40, 0x863, 0x2}, {0xb, 0x9, 0xc, 0x3c1, 0x6e, 0x40}, {0x6, 0xd, 0x6, 0xfb0000, 0x1, 0x7}, {0xe0, 0x100, 0x1, 0x7, 0x8, 0x7}, {0xfff, 0x1, 0x0, 0x38, 0x0, 0x9}, {0x82, 0x10, 0x401, 0x0, 0x4, 0xef}, {0x7, 0x2, 0x200, 0x8, 0x9, 0x2}, {0x54, 0x5, 0xa33f, 0x101, 0x2, 0x10001}, {0x1, 0x4, 0x800004, 0x10001, 0x2, 0xce}, {0x4, 0x8, 0x8, 0x3, 0xf, 0x9}, {0x6, 0x5, 0x8, 0xffffffff, 0x405b9, 0x6}, {0x9, 0x0, 0x9, 0x2, 0x9}, {0x0, 0x2, 0xb, 0x7fffffff, 0xfc0, 0x7f1b4893}, {0x4, 0xd, 0xc, 0x4, 0x7, 0x4}, {0x4, 0x5, 0xe, 0x3, 0x3dcb, 0x9}, {0x200, 0x0, 0xe8, 0x1, 0x800000d4, 0x1}, {0xc651, 0x5f83, 0x2, 0x1, 0xd, 0x8}, {0xfff, 0x5, 0x1, 0x0, 0x49, 0x5}, {0x5, 0x3, 0x7, 0x97fd, 0xef, 0x202}, {0x2, 0xa, 0x1000, 0x1, 0x6, 0xe0}, {0x800, 0x4c, 0x7, 0x0, 0xfffffff7, 0x9}, {0x6, 0xffff, 0xffff8001, 0xa, 0xae36, 0x8}, {0xcfb7, 0x0, 0x101, 0x2, 0x1, 0x1aca}, {0x6, 0x800, 0xec3d, 0xffffffff, 0xea5, 0x3}, {0x9, 0x5, 0x2, 0x0, 0x0, 0xdd}, {0x6, 0x6, 0x0, 0x1e9, 0x6, 0x1}, {0x3, 0x7, 0x7, 0x3, 0x400, 0x81}, {0x970, 0x100, 0xb2eb, 0x2, 0x3, 0x9}, {0x3, 0x6, 0x8, 0x7, 0xd, 0x474c}, {0xf, 0x101, 0x9a, 0x1000, 0x2, 0xfffffffc}, {0x3, 0x98e, 0x1a5e666b, 0x10, 0x7, 0x9}, {0xfffffffb, 0x3, 0x3, 0x2ee8000, 0x8}, {0x3, 0x2, 0x2, 0x3, 0x3, 0x2}, {0x7, 0x4, 0x1, 0x7, 0x101, 0xef}, {0x709e, 0x9, 0x425b597f, 0x1, 0x2, 0x7}, {0x6, 0xc000000, 0x3ff, 0x4, 0x8, 0x5}, {0x3, 0x6, 0x7, 0xfffffff9, 0x0, 0xffffffff}, {0x7, 0x9, 0x8, 0x0, 0x9, 0xd6}, {0x24, 0x10001, 0x6, 0x1, 0x39d6}, {0x401, 0x7d4, 0x9, 0x8000, 0xffff, 0x7}, {0x6, 0x92c4, 0x130, 0x0, 0x4, 0x9}, {0x1, 0x7fff, 0x7, 0x8001, 0x8, 0x5}, {0x7e, 0x800, 0xfffffff9, 0xa, 0x4b64, 0x80000001}, {0x2ad78a25, 0x2, 0x6, 0x6, 0x4, 0x8}, {0x2, 0x9, 0x0, 0x8a7, 0x129, 0xc}, {0x7, 0x2, 0x8, 0x3, 0xe01, 0xf933271}, {0x4a3, 0x0, 0x3, 0x514c, 0xf8b, 0x19}], [{0x5}, {0x4, 0x1}, {}, {0x1}, {0x3}, {0x0, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {}, {0x5}, {0x1}, {0x2}, {0x0, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x4}, {}, {0x1, 0x1}, {0x5, 0x1}, {0x5}, {0x3}, {0x5, 0x1}, {}, {0x0, 0x1}, {0x3}, {0x2, 0x1}, {0x4}, {0x5}, {0x5, 0x1}, {0x3, 0x1}, {}, {0x1}, {0x0, 0x1}, {0x3, 0x1}, {0x4}, {0x1}, {0x1, 0x1}, {0x4}, {0x5}, {0x3, 0x1}, {0x1}, {0x3}, {0x2, 0x1}, {0x5, 0x1}, {0x3}, {0x3}, {0x0, 0x1}, {0x3, 0x1}, {0x4}, {0x4, 0x1}, {0x2}, {0x3}, {0x5, 0x1}, {0x1}, {0x1}, {0x3}, {0x5, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x4}, {0x5}, {0x1, 0x1}, {}, {0x3}, {0x0, 0x1}, {0x5}, {0x4}, {0x4, 0x1}, {0x0, 0x1}, {0x2}, {0x5}, {0x9, 0x1}, {0x2, 0x1}, {0x3, 0x1}, {}, {0x3, 0x1}, {}, {0x1, 0x1}, {0x1}, {0x1}, {0x2, 0x1}, {0x6, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x3}, {0x3}, {0x1}, {0x2}, {0x2}, {0x5}, {0x3, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x2}, {0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x5}, {0x4}, {0x2, 0x1}, {0x3, 0x1}, {0x4}, {0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x3}, {0x3, 0x1}, {0x0, 0x1}, {0x5}, {0x3, 0x1}, {0x4}, {0x5, 0x1}, {0x3}, {0x5, 0x1}, {0x3}, {0x4}, {0x5, 0x1}, {0x1, 0x1}, {0x4}, {0x1, 0x1}, {0x4, 0x1}, {0x6, 0x1}, {0x5, 0x1}]}}, @TCA_PEDIT_KEYS_EX={0x34, 0x5, 0x0, 0x1, [{0x4}, {0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x5}]}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xee4}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_ERRQUEUE(r7, 0x6b, 0x4, &(0x7f0000000000)=0xfffbffff, 0x4)

3.636118104s ago: executing program 0 (id=1674):
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24040045)
syz_open_dev$loop(0x0, 0xffffffffffffffff, 0x2001)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = io_uring_setup(0x1195, 0x0)
io_uring_enter(r0, 0x2219, 0xcf74, 0x16, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
unshare(0x24060400)
r3 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x2401)
unshare(0x10000000)
syncfs(r3)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in=@rand_addr=0x64010101, 0x4e24, 0x0, 0x8, 0x0, 0xa, 0x0, 0x0, 0x4f}, {}, {}, 0x0, 0x20000, 0x0, 0x1, 0x2, 0x1}, {{@in=@remote, 0x404d3, 0x2b}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0xd, 0x0, 0x7}}, 0xe8)
r4 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r5 = socket(0x10, 0x3, 0x0)
write(r5, &(0x7f0000000000)="2400000011005f0414f900655e00000000ae00002d000000000000ea08000f0001000000", 0x24)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4f}}, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x404d3, 0x2b}, 0x0, @in=@empty}}, 0xe8)

310.073475ms ago: executing program 5 (id=1675):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r1, 0x6, 0x19, 0x0, 0x0)
bind$inet(r1, 0x0, 0x0)
sendmmsg$inet(r1, 0x0, 0x0, 0x20008000)
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, 0x0)
syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=@get={0xe0, 0x13, 0x1, 0x0, 0x0, {{'xchacha20\x00'}}}, 0xe0}}, 0x0)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, 0x0)
r7 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r7, 0xc0045627, &(0x7f00000000c0)=0x3)
recvmsg(r1, &(0x7f0000001480)={0x0, 0x0, 0x0}, 0x123)
shutdown(r1, 0x1)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x10000042, 0x3}, 0x10)

305.653066ms ago: executing program 3 (id=1676):
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000180)=<r1=>0x0)
sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x9, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x6000, 0x0)
r5 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r5, 0x84, 0x71, &(0x7f00000001c0)={<r7=>0x0, 0x2}, 0x0)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f0000000340)={r7, 0x10005}, &(0x7f0000000380)=0x8)
r8 = dup2(r5, r5)
ioctl$BLKTRACESETUP(r8, 0xc0481273, &(0x7f0000000240)={'\x00', 0x40, 0xa, 0x3, 0x40000000, 0x10})
ioctl$BLKTRACESTART(r5, 0x1274, 0x0)
ioctl$BLKTRACESTOP(r8, 0x1275, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$BLKTRACETEARDOWN(r8, 0x1276, 0x0)
clock_adjtime(0x0, 0x0)
ioctl$BTRFS_IOC_SCRUB_CANCEL(r3, 0x941c, 0x0)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x14, r0, 0xe27, 0x70bd2b, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000)

0s ago: executing program 1 (id=1678):
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
getdents64(0xffffffffffffffff, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600)
socket$kcm(0x29, 0x7, 0x0)
socket(0x1e, 0x805, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = shmget(0x1, 0x4000, 0xa20, &(0x7f0000ffb000/0x4000)=nil)
shmat(r3, &(0x7f0000ffd000/0x2000)=nil, 0x4000)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r4, 0x3)
accept4$bt_l2cap(r4, &(0x7f0000000200), 0x0, 0x800)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e130100c900", @ANYBLOB=' '], 0x16)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r5, 0x5423, 0x0)

kernel console output (not intermixed with test programs):

s=0 errno=0
[  161.398689][    C0] usblp0: nonzero read bulk status received: -71
[  161.408066][ T5841] usb 4-1: USB disconnect, device number 10
[  161.437199][ T5158] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  161.638070][ T7150] usblp0: removed
[  161.654794][ T5158] usb 2-1: Using ep0 maxpacket: 32
[  161.667211][ T5158] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  161.688969][ T5158] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.704750][ T5158] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  161.724151][ T5158] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.745374][ T5158] usb 2-1: config 0 descriptor??
[  161.754351][ T5158] hub 2-1:0.0: USB hub found
[  161.932651][ T6763] ocfs2: Unmounting device (7,4) on (node local)
[  161.986244][ T5158] hub 2-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  162.405983][ T5158] hid-generic 0003:046D:C31C.0005: unknown main item tag 0x0
[  162.446695][ T5158] hid-generic 0003:046D:C31C.0005: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.1-1/input0
[  163.037519][ T7217] loop3: detected capacity change from 0 to 32768
[  163.130482][ T7202] usb 2-1: reset high-speed USB device number 7 using dummy_hcd
[  163.173248][ T7217] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  163.237400][ T7215] loop4: detected capacity change from 0 to 40427
[  163.270828][ T7215] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  163.280725][ T7215] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  163.338978][ T7217] XFS (loop3): Ending clean mount
[  163.362317][ T7215] F2FS-fs (loop4): Found nat_bits in checkpoint
[  163.594432][ T7215] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  163.625148][ T7202] usbhid 2-1:0.0: reset_resume error -1
[  163.641072][ T7215] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  163.773000][   T28] audit: type=1804 audit(2000000033.090:12): pid=7215 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.395" name="/newroot/10/file0/bus" dev="loop4" ino=10 res=1 errno=0
[  163.919235][ T5815] usb 2-1: USB disconnect, device number 7
[  163.962083][ T5778] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  164.488187][ T7257] netlink: 64 bytes leftover after parsing attributes in process `syz.3.399'.
[  164.569860][ T7257] syzkaller1: entered promiscuous mode
[  164.589118][ T7257] syzkaller1: entered allmulticast mode
[  164.736846][ T7262] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size
[  165.215838][ T7274] kvm: pic: level sensitive irq not supported
[  165.216293][ T7274] kvm: pic: single mode not supported
[  165.225324][ T7277] kvm: kvm [7275]: vcpu0, guest rIP: 0x208 Unhandled WRMSR(0x11e) = 0x60000000000
[  165.241966][ T7274] kvm: pic: single mode not supported
[  165.242167][ T7274] kvm: pic: single mode not supported
[  165.255896][ T7274] kvm: pic: level sensitive irq not supported
[  165.274919][ T7274] kvm: pic: single mode not supported
[  165.300593][ T7274] kvm: pic: non byte write
[  166.694774][ T5158] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  166.898416][ T5158] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00
[  166.915444][ T5158] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  166.934008][ T5158] usb 5-1: Product: syz
[  166.941847][ T5158] usb 5-1: SerialNumber: syz
[  166.965884][ T5158] usb 5-1: config 0 descriptor??
[  167.191477][ T5158] hso 5-1:0.0: Failed to find BULK IN ep
[  167.409294][ T5158] usb 5-1: USB disconnect, device number 2
[  168.515566][   T28] audit: type=1326 audit(2000000037.840:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7367 comm="syz.3.443" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffa2f99ce59 code=0x0
[  168.795073][ T7356] loop4: detected capacity change from 0 to 32768
[  170.245605][ T7394] overlayfs: failed to clone upperpath
[  170.554124][ T7379] loop1: detected capacity change from 0 to 32768
[  172.186839][ T7437] kvm: pic: non byte read
[  172.191672][ T7437] kvm: pic: level sensitive irq not supported
[  172.191749][ T7437] kvm: pic: non byte read
[  172.203371][ T7437] kvm: pic: level sensitive irq not supported
[  172.203479][ T7437] kvm: pic: non byte read
[  172.219492][ T7437] kvm: pic: level sensitive irq not supported
[  172.219567][ T7437] kvm: pic: non byte read
[  172.231355][ T7437] kvm: pic: level sensitive irq not supported
[  172.231424][ T7437] kvm: pic: non byte read
[  172.243562][ T7437] kvm: pic: level sensitive irq not supported
[  172.243628][ T7437] kvm: pic: non byte read
[  172.255102][ T7437] kvm: pic: level sensitive irq not supported
[  172.255170][ T7437] kvm: pic: non byte read
[  172.399118][ T7447] tipc: Failed to remove unknown binding: 66,0,0/0:2735427244/2735427245
[  172.542023][ T7452] netlink: 128 bytes leftover after parsing attributes in process `syz.3.462'.
[  172.570756][ T7452] netlink: 16 bytes leftover after parsing attributes in process `syz.3.462'.
[  175.802131][ T7561] warning: `syz.0.485' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  176.177174][ T7573] kvm: pic: non byte read
[  176.181935][ T7573] kvm: pic: level sensitive irq not supported
[  176.182015][ T7573] kvm: pic: non byte read
[  176.198338][ T7573] kvm: pic: level sensitive irq not supported
[  176.198420][ T7573] kvm: pic: non byte read
[  176.213996][ T7573] kvm: pic: level sensitive irq not supported
[  176.214249][ T7573] kvm: pic: level sensitive irq not supported
[  176.310600][  T788] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  176.524645][  T788] usb 5-1: Using ep0 maxpacket: 8
[  176.541399][  T788] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  176.574738][  T788] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.607508][  T788] usb 5-1: Product: syz
[  176.612778][  T788] usb 5-1: Manufacturer: syz
[  176.627846][  T788] usb 5-1: SerialNumber: syz
[  176.645804][  T788] usb 5-1: config 0 descriptor??
[  176.921628][  T788] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  177.984864][ T5841] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  178.078709][ T7623] netlink: 4 bytes leftover after parsing attributes in process `syz.0.493'.
[  178.132220][  T788] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -32
[  178.158859][  T788] usb 5-1: USB disconnect, device number 3
[  178.184783][ T5841] usb 2-1: Using ep0 maxpacket: 8
[  178.212681][ T5841] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  178.242136][ T5841] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  178.269102][ T5841] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  178.281627][ T5841] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  178.296609][ T5841] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  178.316218][ T5841] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  178.325761][ T5841] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.558666][ T5841] usb 2-1: usb_control_msg returned -32
[  178.564418][ T5841] usbtmc 2-1:16.0: can't read capabilities
[  179.853388][ T5158] usb 2-1: USB disconnect, device number 8
[  180.783004][ T7662] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  180.934874][ T7650] loop4: detected capacity change from 0 to 32768
[  180.955660][ T7650] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 9
[  180.966814][ T5815] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  181.058770][ T7667] loop3: detected capacity change from 0 to 512
[  181.096978][ T7667] EXT4-fs: Ignoring removed i_version option
[  181.103156][ T7667] EXT4-fs: Ignoring removed nobh option
[  181.123750][ T7667] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  181.189842][ T5815] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  181.204940][ T7667] EXT4-fs (loop3): 1 truncate cleaned up
[  181.222278][ T7667] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  181.233684][ T5815] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  181.303545][ T5815] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  181.341149][ T5815] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  181.354831][ T7673] overlayfs: failed to clone upperpath
[  181.384696][ T5815] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.411205][ T5815] usb 2-1: config 0 descriptor??
[  181.541562][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.872099][ T5815] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  181.925435][ T5815] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  181.981724][ T7690] overlayfs: failed to clone upperpath
[  182.222577][ T7660] loop1: detected capacity change from 0 to 8
[  182.260225][ T7660] squashfs image failed sanity check
[  182.265028][ T5841] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  182.302178][ T7678] loop4: detected capacity change from 0 to 32768
[  182.310427][ T5815] usb 2-1: USB disconnect, device number 9
[  182.479923][ T5841] usb 4-1: config 0 interface 0 altsetting 255 endpoint 0x4 has an invalid bInterval 0, changing to 4
[  182.510053][ T5841] usb 4-1: config 0 interface 0 has no altsetting 0
[  182.534543][ T5841] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  182.565012][ T5841] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  182.583518][ T5841] usb 4-1: Product: syz
[  182.593636][ T5841] usb 4-1: Manufacturer: syz
[  182.603743][ T5841] usb 4-1: SerialNumber: syz
[  182.623300][ T5841] usb 4-1: config 0 descriptor??
[  182.664010][ T5841] usb 4-1: selecting invalid altsetting 0
[  183.108763][ T5841] usb 4-1: USB disconnect, device number 11
[  183.115527][ T7688] usb 4-1: cannot submit urb 0, error -19: no device
[  183.126195][ T7688] usb 4-1: cannot submit urb 0, error -19: no device
[  183.133343][ T7688] usb 4-1: cannot submit urb 0, error -19: no device
[  184.118635][ T7719] loop3: detected capacity change from 0 to 512
[  184.129026][ T7719] EXT4-fs: Ignoring removed orlov option
[  184.510358][ T7719] EXT4-fs (loop3): 1 orphan inode deleted
[  184.523310][ T7719] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.536706][ T7719] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.662570][   T11] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  184.858030][   T11] EXT4-fs error (device loop3): ext4_release_dquot:6989: comm kworker/u4:0: Failed to release dquot type 1
[  185.162355][   T11] EXT4-fs (loop3): Remounting filesystem read-only
[  185.307045][ T7719] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.764049][ T7710] loop4: detected capacity change from 0 to 32768
[  185.867717][ T7710] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  186.150300][ T7710] XFS (loop4): Ending clean mount
[  186.487794][ T6763] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  186.932597][ T7742] loop1: detected capacity change from 0 to 32768
[  186.988993][ T7742] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  187.206793][ T7742] XFS (loop1): Ending clean mount
[  187.234646][ T7742] XFS (loop1): Quotacheck needed: Please wait.
[  187.302071][ T7742] XFS (loop1): Quotacheck: Done.
[  187.786864][ T5782] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  188.269830][ T7785] loop1: detected capacity change from 0 to 256
[  191.284781][    T8] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  191.476784][    T8] usb 2-1: config 0 interface 0 altsetting 255 endpoint 0x4 has an invalid bInterval 0, changing to 4
[  191.487998][    T8] usb 2-1: config 0 interface 0 has no altsetting 0
[  191.499081][    T8] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  191.508465][    T8] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  191.518120][    T8] usb 2-1: Product: syz
[  191.522407][    T8] usb 2-1: Manufacturer: syz
[  191.528069][    T8] usb 2-1: SerialNumber: syz
[  191.545254][    T8] usb 2-1: config 0 descriptor??
[  191.556568][    T8] usb 2-1: selecting invalid altsetting 0
[  191.858812][    T8] usb 2-1: USB disconnect, device number 10
[  191.858817][    C1] usb 2-1: Unable to submit urb #2: -19 at snd_usb_queue_pending_output_urbs
[  191.860468][ T7830] usb 2-1: cannot submit urb 0, error -19: no device
[  192.266537][ T7838] loop3: detected capacity change from 0 to 32768
[  192.284879][ T7838] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 9
[  192.449895][ T5779] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 9
[  192.759941][ T7863] binder: 7861:7863 ioctl c0306201 200000000680 returned -14
[  192.794749][   T23] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  192.963147][ T7872] loop1: detected capacity change from 0 to 128
[  192.970909][ T7872] EXT4-fs: inline encryption not supported
[  192.977949][ T7872] EXT4-fs (loop1): Test dummy encryption mode enabled
[  193.002692][ T7868] 8021q: adding VLAN 0 to HW filter on device bond1
[  193.023832][   T23] usb 4-1: config 0 has no interfaces?
[  193.032011][ T7872] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  193.044252][   T23] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  193.050081][ T7872] ext4 filesystem being mounted at /122/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  193.084674][   T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.095460][   T23] usb 4-1: config 0 descriptor??
[  193.138652][ T7870] bond1: (slave geneve2): Enslaving as a backup interface with an up link
[  193.224815][ T1149] net_ratelimit: 2 callbacks suppressed
[  193.224831][ T1149] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  193.309656][   T23] usb 4-1: USB disconnect, device number 12
[  193.334019][ T7882] loop4: detected capacity change from 0 to 512
[  193.385492][ T6350] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  193.404283][ T7882] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.417870][ T7882] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  193.505090][   T28] audit: type=1800 audit(2000000062.820:14): pid=7882 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.569" name="file1" dev="loop4" ino=15 res=0 errno=0
[  193.536052][ T7872] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  193.570356][   T28] audit: type=1800 audit(2000000062.820:15): pid=7882 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.569" name="file1" dev="loop4" ino=15 res=0 errno=0
[  193.649366][ T7893] EXT4-fs (loop4): shut down requested (2)
[  193.683764][ T7872] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  193.714335][ T6763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.837204][ T5782] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  193.899754][ T7898] overlayfs: upper fs does not support file handles, falling back to index=off.
[  194.244421][ T7907] loop4: detected capacity change from 0 to 512
[  194.338378][ T7907] EXT4-fs error (device loop4): ext4_orphan_get:1404: inode #15: comm syz.4.574: inode has both inline data and extents flags
[  194.353681][ T7907] EXT4-fs error (device loop4): ext4_orphan_get:1409: comm syz.4.574: couldn't read orphan inode 15 (err -117)
[  194.373060][ T7907] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.526683][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  194.538907][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  194.586557][ T7910] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5939: Out of memory
[  194.652459][ T7910] EXT4-fs error (device loop4): ext4_dirty_inode:6143: inode #18: comm syz.4.574: mark_inode_dirty error
[  194.724955][ T7910] EXT4-fs error (device loop4): ext4_discard_preallocations:5632: comm syz.4.574: Error -117 loading buddy information for 4294967295
[  194.794443][ T7910] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #18: comm syz.4.574: attempt to clear invalid blocks 37 len 1
[  194.861359][ T7910] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5939: Out of memory
[  194.900008][ T7910] EXT4-fs error (device loop4): ext4_punch_hole:4136: inode #18: comm syz.4.574: mark_inode_dirty error
[  195.038525][ T6763] EXT4-fs error (device loop4): ext4_map_blocks:610: inode #2: block 36: comm syz-executor: lblock 0 mapped to illegal pblock 36 (length 1)
[  195.100122][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805e757400: rx timeout, send abort
[  195.260138][ T6763] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.610249][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805e757400: abort rx timeout. Force session deactivation
[  195.727929][ T7912] loop1: detected capacity change from 0 to 32768
[  195.817219][ T7912] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  195.849022][   T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.863194][   T23] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  195.871589][ T7912] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  195.895963][ T7912] BTRFS warning (device loop1): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  195.919352][ T7912] BTRFS info (device loop1): trying to use backup root at mount time
[  195.928410][ T7912] BTRFS info (device loop1): setting nodatasum
[  195.935419][ T7912] BTRFS info (device loop1): enabling ssd optimizations
[  195.942582][ T7912] BTRFS info (device loop1): using spread ssd allocation scheme
[  195.953007][ T7912] BTRFS info (device loop1): force zlib compression, level 3
[  195.968757][ T7912] BTRFS info (device loop1): allowing degraded mounts
[  195.978479][ T7912] BTRFS info (device loop1): turning on flush-on-commit
[  195.988702][ T7912] BTRFS info (device loop1): setting nodatacow
[  195.998556][ T7912] BTRFS info (device loop1): using free space tree
[  196.073673][   T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.094879][   T23] usb 4-1: Using ep0 maxpacket: 16
[  196.114733][   T23] usb 4-1: unable to get BOS descriptor or descriptor too short
[  196.132977][   T23] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  196.154647][   T23] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  196.176792][   T23] usb 4-1: New USB device found, idVendor=17cc, idProduct=1969, bcdDevice= 0.40
[  196.186139][   T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.194180][   T23] usb 4-1: Product: syz
[  196.198581][   T23] usb 4-1: Manufacturer: syz
[  196.214617][   T23] usb 4-1: SerialNumber: syz
[  196.264730][ T7912] BTRFS info (device loop1): auto enabling async discard
[  196.330422][   T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.524951][   T23] snd-usb-audio: probe of 4-1:1.0 failed with error -22
[  196.546562][   T23] usb 4-1: selecting invalid altsetting 1
[  196.552363][   T23] snd-usb-caiaq 4-1:1.0: can't set alt interface.
[  196.555639][   T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.585819][   T23] usb 4-1: unable to init card! (ret=-5)
[  196.593159][   T23] snd-usb-caiaq: probe of 4-1:1.0 failed with error -5
[  196.627084][   T23] usb 4-1: selecting invalid altsetting 1
[  196.653226][   T23] snd-usb-caiaq 4-1:1.1: can't set alt interface.
[  196.676252][   T23] usb 4-1: unable to init card! (ret=-5)
[  196.696921][   T23] snd-usb-caiaq: probe of 4-1:1.1 failed with error -5
[  196.739657][   T23] usb 4-1: USB disconnect, device number 13
[  196.827120][ T5788] udevd[5788]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  196.871437][ T7912] BTRFS info (device loop1): balance: start -d -m
[  197.129923][ T7912] BTRFS info (device loop1): relocating block group 6881280 flags data|metadata
[  197.594913][ T5783] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  197.613735][ T5783] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  197.624985][ T5783] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  197.645902][ T5783] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  197.655874][ T5783] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  197.663453][ T5783] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  197.813544][ T7912] BTRFS info (device loop1): relocating block group 5242880 flags data|metadata
[  197.902891][ T7912] BTRFS info (device loop1): balance: canceled
[  198.116306][ T5782] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  199.190869][ T7987] overlayfs: failed to clone upperpath
[  199.446097][    T8] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  199.500961][ T7998] binder: 7996:7998 ioctl c0306201 200000000080 returned -14
[  199.502185][ T7954] chnl_net:caif_netlink_parms(): no params data found
[  199.572373][   T11] hsr_slave_0: left promiscuous mode
[  199.589444][ T7998] binder: 7996:7998 ioctl c0306201 2000000003c0 returned -14
[  199.628761][   T11] hsr_slave_1: left promiscuous mode
[  199.651092][    T8] usb 4-1: unable to get BOS descriptor or descriptor too short
[  199.659825][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  199.677878][    T8] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  199.690341][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  199.711362][    T8] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  199.727231][    T8] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  199.740173][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  199.755790][ T5783] Bluetooth: hci1: command tx timeout
[  199.760558][    T8] usb 4-1: New USB device found, idVendor=0441, idProduct=4248, bcdDevice= 0.40
[  199.781239][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  199.794845][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.829496][   T11] bridge_slave_1: left allmulticast mode
[  199.849128][   T11] bridge_slave_1: left promiscuous mode
[  199.855645][    T8] usb 4-1: Product: syz
[  199.860513][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.867679][    T8] usb 4-1: Manufacturer: syz
[  199.884679][    T8] usb 4-1: SerialNumber: syz
[  199.923208][   T11] bridge_slave_0: left allmulticast mode
[  199.930327][   T11] bridge_slave_0: left promiscuous mode
[  199.945167][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.058240][   T11] veth1_macvtap: left promiscuous mode
[  200.087941][   T11] veth0_macvtap: left promiscuous mode
[  200.093910][   T11] veth1_vlan: left promiscuous mode
[  200.103708][   T11] veth0_vlan: left promiscuous mode
[  200.838601][    T8] usb 4-1: Quirk or no altest; falling back to MIDI 1.0
[  200.869624][    T8] usb 4-1: MIDIStreaming interface descriptor not found
[  200.977859][   T11] bond1 (unregistering): (slave geneve2): Removing an active aggregator
[  201.015266][   T11] bond1 (unregistering): (slave geneve2): Releasing backup interface
[  201.039567][    T8] usb 4-1: USB disconnect, device number 14
[  201.129091][ T7695] udevd[7695]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  201.690011][   T11] bond1 (unregistering): Released all slaves
[  201.824784][ T5783] Bluetooth: hci1: command tx timeout
[  202.767880][   T11] team0 (unregistering): Port device team_slave_1 removed
[  202.837329][   T11] team0 (unregistering): Port device team_slave_0 removed
[  202.900195][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  202.975107][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  203.488314][   T11] bond0 (unregistering): Released all slaves
[  203.611460][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805df0d800: rx timeout, send abort
[  203.638554][ T8037] netlink: 7 bytes leftover after parsing attributes in process `syz.3.597'.
[  203.829146][ T7954] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.848346][ T7954] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.858131][ T7954] bridge_slave_0: entered allmulticast mode
[  203.886698][ T7954] bridge_slave_0: entered promiscuous mode
[  203.905064][ T5783] Bluetooth: hci1: command tx timeout
[  203.934256][ T7954] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.942230][ T7954] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.962971][ T7954] bridge_slave_1: entered allmulticast mode
[  203.970951][ T7954] bridge_slave_1: entered promiscuous mode
[  204.030825][ T7954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  204.086521][ T7954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  204.112617][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805df0e400: rx timeout, send abort
[  204.121036][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805df0d800: abort rx timeout. Force session deactivation
[  204.316592][ T7954] team0: Port device team_slave_0 added
[  204.333536][ T8062] xt_hashlimit: size too large, truncated to 1048576
[  204.355440][ T7954] team0: Port device team_slave_1 added
[  204.443699][ T7954] batman_adv: batadv0: Adding interface: batadv_slave_0
[  204.458818][ T7954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.525702][ T7954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  204.564905][ T7954] batman_adv: batadv0: Adding interface: batadv_slave_1
[  204.576362][ T7954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.620953][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805df0e400: abort rx timeout. Force session deactivation
[  204.639225][ T7954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  204.880773][ T7954] hsr_slave_0: entered promiscuous mode
[  204.905401][ T7954] hsr_slave_1: entered promiscuous mode
[  205.141432][   T28] audit: type=1326 audit(2000000074.460:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8076 comm="syz.0.608" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc84459ce59 code=0x0
[  205.554746][ T7954] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  205.581141][ T7954] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  205.617845][ T7954] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  205.644506][ T7954] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  205.883159][ T7954] 8021q: adding VLAN 0 to HW filter on device bond0
[  205.957670][ T7954] 8021q: adding VLAN 0 to HW filter on device team0
[  205.994845][ T5784] Bluetooth: hci1: command tx timeout
[  206.033356][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.040636][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.099077][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.106331][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  206.394932][ T8093] netlink: 12 bytes leftover after parsing attributes in process `syz.0.610'.
[  206.789653][ T5784] Bluetooth: hci2: command 0x0406 tx timeout
[  206.796537][ T5784] Bluetooth: hci3: command 0x0406 tx timeout
[  206.802592][ T5784] Bluetooth: hci0: command 0x0406 tx timeout
[  206.822133][ T7954] 8021q: adding VLAN 0 to HW filter on device batadv0
[  208.223598][ T7954] veth0_vlan: entered promiscuous mode
[  208.322902][ T7954] veth1_vlan: entered promiscuous mode
[  208.574044][ T7954] veth0_macvtap: entered promiscuous mode
[  208.622125][ T7954] veth1_macvtap: entered promiscuous mode
[  208.757784][ T7954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  208.829935][ T7954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  208.889233][ T7954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  208.954717][ T7954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  208.997365][ T7954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.054677][ T7954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.111042][ T7954] batman_adv: batadv0: Interface activated: batadv_slave_0
[  209.197339][ T7954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  209.266607][ T7954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.320675][ T7954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  209.337296][ T8119] loop3: detected capacity change from 0 to 40427
[  209.386127][ T7954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.405503][ T8119] F2FS-fs (loop3): invalid crc value
[  209.455826][ T7954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  209.481248][ T8119] F2FS-fs (loop3): Found nat_bits in checkpoint
[  209.521036][ T7954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.602545][ T7954] batman_adv: batadv0: Interface activated: batadv_slave_1
[  209.639426][ T7954] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  209.708153][ T7954] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  209.751015][ T7954] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  209.777436][ T8119] F2FS-fs (loop3): Start checkpoint disabled!
[  209.815168][ T7954] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  209.924803][ T8119] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  210.576512][ T6350] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  210.745914][ T6350] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  210.960985][ T6361] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  211.033812][ T6361] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  212.054035][ T8168] netlink: 4 bytes leftover after parsing attributes in process `syz.5.621'.
[  212.678518][ T8192] netlink: 4 bytes leftover after parsing attributes in process `syz.0.628'.
[  212.914879][ T8196] loop3: detected capacity change from 0 to 256
[  213.624167][ T8196] loop3: detected capacity change from 0 to 32768
[  213.664507][ T8210] syzkaller0: entered promiscuous mode
[  213.691043][ T8210] syzkaller0: entered allmulticast mode
[  214.008658][ T5779] BTRFS: device fsid db05bf05-c4f4-4d41-ba1f-eb57295b561b devid 1 transid 8 /dev/loop3 scanned by udevd (5779)
[  217.292552][ T8224] netlink: 'syz.0.636': attribute type 1 has an invalid length.
[  217.333739][ T8224] 8021q: adding VLAN 0 to HW filter on device bond2
[  217.385889][ T8227] bond2: (slave veth3): Enslaving as an active interface with a down link
[  217.427604][ T8232] bond2: (slave dummy0): making interface the new active one
[  217.444112][ T8232] dummy0: entered promiscuous mode
[  217.450347][ T8232] bond2: (slave dummy0): Enslaving as an active interface with an up link
[  217.463350][ T8234] netlink: 14 bytes leftover after parsing attributes in process `syz.0.636'.
[  217.550494][ T8234] bond2: (slave dummy0): Releasing active interface
[  217.560145][ T8234] dummy0 (unregistering): left promiscuous mode
[  217.591487][ T8247] netlink: 8 bytes leftover after parsing attributes in process `syz.5.641'.
[  217.842893][ T8266] fuse: Bad value for 'fd'
[  217.853193][ T8272] loop1: detected capacity change from 0 to 128
[  217.900279][ T8272] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  217.944811][ T8272] ext4 filesystem being mounted at /140/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  218.090436][ T8272] fscrypt: loop1: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12
[  218.250442][ T5782] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  218.488982][ T5158] IPVS: starting estimator thread 0...
[  218.594999][ T8289] IPVS: using max 17 ests per chain, 40800 per kthread
[  219.023613][ T8304] netlink: 28 bytes leftover after parsing attributes in process `syz.1.658'.
[  219.034798][ T8304] netlink: 28 bytes leftover after parsing attributes in process `syz.1.658'.
[  219.353002][ T8280] loop5: detected capacity change from 0 to 32768
[  219.465820][ T8280] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  219.820834][ T8280] XFS (loop5): Ending clean mount
[  220.097884][ T8280] XFS (loop5): Quotacheck needed: Please wait.
[  220.349051][ T8280] XFS (loop5): Quotacheck: Done.
[  220.993223][ T7954] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  221.556398][ T8365] loop5: detected capacity change from 0 to 512
[  221.617429][ T8365] EXT4-fs error (device loop5): ext4_iget_extra_inode:4739: inode #15: comm syz.5.671: corrupted in-inode xattr: invalid ea_ino
[  221.636961][ T8365] EXT4-fs error (device loop5): ext4_orphan_get:1409: comm syz.5.671: couldn't read orphan inode 15 (err -117)
[  221.691001][ T8365] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.460257][ T7954] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.553669][ T8384] loop5: detected capacity change from 0 to 16
[  222.611130][ T8384] erofs: (device loop5): mounted with root inode @ nid 36.
[  222.670177][ T8384] syz.5.680: attempt to access beyond end of device
[  222.670177][ T8384] loop5: rw=524288, sector=8, nr_sectors = 24 limit=16
[  222.701375][ T8384] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -48 in[55, 4041] out[4096]
[  222.717691][   T28] audit: type=1800 audit(2000000092.040:17): pid=8384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.680" name="file2" dev="loop5" ino=89 res=0 errno=0
[  222.891213][ T8392] netlink: 'syz.5.682': attribute type 1 has an invalid length.
[  223.094501][ T8392] netlink: 14 bytes leftover after parsing attributes in process `syz.5.682'.
[  223.214402][ T8401] overlayfs: failed to clone upperpath
[  224.857703][ T5815] libceph: connect (1)[c::]:6789 error -101
[  224.895498][ T5815] libceph: mon0 (1)[c::]:6789 connect error
[  224.906143][ T8422] ceph: No mds server is up or the cluster is laggy
[  225.014447][ T8440] netlink: 4 bytes leftover after parsing attributes in process `syz.0.695'.
[  225.269589][ T8440] team0 (unregistering): Port device team_slave_0 removed
[  225.325904][ T8440] team0 (unregistering): Port device team_slave_1 removed
[  225.375668][ T8440] team0 (unregistering): Port device netdevsim0 removed
[  226.560978][ T8500] netlink: 28 bytes leftover after parsing attributes in process `syz.3.705'.
[  226.570198][ T8500] netlink: 28 bytes leftover after parsing attributes in process `syz.3.705'.
[  229.350950][ T8533] team0: Port device team_slave_0 removed
[  229.964388][ T8536] syz.5.716 (8536): drop_caches: 2
[  230.347948][ T8560] netlink: 'syz.0.726': attribute type 4 has an invalid length.
[  230.442159][ T8562] netlink: 'syz.0.726': attribute type 4 has an invalid length.
[  230.476042][ T8564] tipc: Failed to remove unknown binding: 66,0,0/0:1011095019/1011095021
[  230.484673][ T8564] tipc: Failed to remove unknown binding: 66,0,0/0:1011095019/1011095020
[  230.511013][ T8564] tipc: Failed to remove unknown binding: 66,0,0/0:1011095019/1011095021
[  230.534718][ T8564] tipc: Failed to remove unknown binding: 66,0,0/0:1011095019/1011095020
[  230.779956][ T5815] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  230.880253][ T5815] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  233.752421][   T28] audit: type=1800 audit(2000000103.070:18): pid=8658 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.747" name="file0" dev="fuse" ino=0 res=0 errno=0
[  233.791968][ T8666] netlink: 4 bytes leftover after parsing attributes in process `syz.0.748'.
[  235.338042][ T8717] netlink: 'syz.3.760': attribute type 4 has an invalid length.
[  235.410547][ T8717] netlink: 'syz.3.760': attribute type 4 has an invalid length.
[  235.509594][ T8722] netlink: 24 bytes leftover after parsing attributes in process `syz.0.762'.
[  235.543623][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88805e780800: rx timeout, send abort
[  235.552765][    C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff88805e780800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[  235.743362][ T8729] binder: 8728:8729 unknown command 0
[  235.764684][ T8729] binder: 8728:8729 ioctl c0306201 2000000001c0 returned -22
[  236.631665][ T8735] team0 (unregistering): Failed to send port change of device team_slave_0 via netlink (err -105)
[  236.665429][ T8735] team0 (unregistering): Port device team_slave_0 removed
[  236.756742][ T8735] team0 (unregistering): Port device team_slave_1 removed
[  236.919839][ T8751] netlink: 'syz.0.768': attribute type 6 has an invalid length.
[  241.950340][ T8851] loop5: detected capacity change from 0 to 512
[  241.975533][ T8851] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  242.030681][ T8851] EXT4-fs error (device loop5): ext4_orphan_get:1404: inode #15: comm syz.5.793: iget: bad i_size value: 38620345925642
[  242.062295][ T8851] EXT4-fs error (device loop5): ext4_orphan_get:1409: comm syz.5.793: couldn't read orphan inode 15 (err -117)
[  242.208603][ T8851] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.334301][ T8863] loop1: detected capacity change from 0 to 512
[  242.381905][ T8863] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  242.393935][ T8863] EXT4-fs error (device loop1): ext4_orphan_get:1404: inode #15: comm syz.1.795: iget: bad i_size value: 38620345925642
[  242.398507][ T8863] EXT4-fs error (device loop1): ext4_orphan_get:1409: comm syz.1.795: couldn't read orphan inode 15 (err -117)
[  242.425386][ T8863] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.527318][ T8851] EXT4-fs error (device loop5): ext4_validate_block_bitmap:430: comm syz.5.793: bg 0: block 5: invalid block bitmap
[  242.537840][ T8851] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 420 with error 28
[  242.537995][ T8851] EXT4-fs (loop5): This should not happen!! Data will be lost
[  242.537995][ T8851] 
[  242.538014][ T8851] EXT4-fs (loop5): Total free blocks count 0
[  242.538029][ T8851] EXT4-fs (loop5): Free/Dirty block details
[  242.538102][ T8851] EXT4-fs (loop5): free_blocks=0
[  242.538175][ T8851] EXT4-fs (loop5): dirty_blocks=424
[  242.538190][ T8851] EXT4-fs (loop5): Block reservation details
[  242.538203][ T8851] EXT4-fs (loop5): i_reserved_data_blocks=424
[  242.770036][ T8863] EXT4-fs error (device loop1): ext4_validate_block_bitmap:430: comm syz.1.795: bg 0: block 5: invalid block bitmap
[  242.770794][ T8863] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 552 with error 28
[  242.770827][ T8863] EXT4-fs (loop1): This should not happen!! Data will be lost
[  242.770827][ T8863] 
[  242.770844][ T8863] EXT4-fs (loop1): Total free blocks count 0
[  242.770860][ T8863] EXT4-fs (loop1): Free/Dirty block details
[  242.770875][ T8863] EXT4-fs (loop1): free_blocks=0
[  242.770891][ T8863] EXT4-fs (loop1): dirty_blocks=556
[  242.770906][ T8863] EXT4-fs (loop1): Block reservation details
[  242.770919][ T8863] EXT4-fs (loop1): i_reserved_data_blocks=556
[  243.289600][ T8866] tty tty2: ldisc open failed (-12), clearing slot 1
[  243.299276][ T8874] tty tty2: ldisc open failed (-12), clearing slot 1
[  243.422411][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.435410][ T7954] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.471626][ T8894] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  244.840887][ T8915] veth1_to_bond: entered promiscuous mode
[  244.880993][ T8915] netlink: 4 bytes leftover after parsing attributes in process `syz.0.804'.
[  245.000280][ T8919] loop1: detected capacity change from 0 to 1024
[  245.023108][ T8919] EXT4-fs: Ignoring removed bh option
[  245.032674][ T8919] ext4: Unknown parameter 'uid<00000000000000000000'
[  245.062120][ T8919] overlayfs: metacopy with no lower data found - abort lookup (/file2)
[  245.140678][ T8915] veth1_to_bond (unregistering): left promiscuous mode
[  245.147935][ T8919] overlayfs: failed to look up (file2) for ino (-5)
[  245.241092][ T8915] bond0: (slave bond_slave_1): Releasing backup interface
[  247.423016][ T8971] kvm: pic: non byte write
[  247.943862][ T8979] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  248.010614][ T8985] netlink: 4 bytes leftover after parsing attributes in process `syz.5.825'.
[  248.047320][ T8979] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  250.670699][ T9003] syzkaller0: entered promiscuous mode
[  250.700618][ T9003] syzkaller0: entered allmulticast mode
[  251.958155][ T9022] netlink: 24 bytes leftover after parsing attributes in process `syz.5.834'.
[  252.596193][ T9036] netlink: 'syz.1.841': attribute type 1 has an invalid length.
[  256.045494][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  256.051819][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  256.648205][ T9079] loop5: detected capacity change from 0 to 512
[  256.663502][ T9079] EXT4-fs: Ignoring removed oldalloc option
[  256.801189][ T9079] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: comm syz.5.854: Parent and EA inode have the same ino 15
[  256.828109][ T9079] EXT4-fs (loop5): Remounting filesystem read-only
[  256.846037][ T9079] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -5)
[  256.863529][ T9079] EXT4-fs (loop5): 1 orphan inode deleted
[  256.990387][ T9079] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.638324][ T9079] Bluetooth: hci0: invalid length 0, exp 2 for type 7
[  257.727805][ T9089] netlink: 'syz.1.857': attribute type 10 has an invalid length.
[  257.739751][ T9089] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.749257][ T9089] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.765921][ T7954] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.865799][ T9089] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.873026][ T9089] bridge0: port 2(bridge_slave_1) entered forwarding state
[  257.882808][ T9089] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.890083][ T9089] bridge0: port 1(bridge_slave_0) entered forwarding state
[  257.918635][ T9089] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  260.529364][ T9129] lo: entered allmulticast mode
[  260.542782][ T9129] lo: left allmulticast mode
[  262.610657][ T9146] syz_tun: entered allmulticast mode
[  262.693359][ T9146] syz_tun: left allmulticast mode
[  263.407450][ T9166] netlink: 4 bytes leftover after parsing attributes in process `syz.3.878'.
[  263.636978][  T788] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  263.845134][  T788] usb 6-1: Using ep0 maxpacket: 8
[  263.862329][  T788] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  263.904612][  T788] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  263.913669][  T788] usb 6-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  263.943492][  T788] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.985128][  T788] usb 6-1: config 0 descriptor??
[  264.019768][ T9176] netlink: 'syz.3.880': attribute type 1 has an invalid length.
[  264.096492][ T9176] 8021q: adding VLAN 0 to HW filter on device bond2
[  264.113611][ T9178] tipc: Started in network mode
[  264.118703][ T9178] tipc: Node identity aaaaaaaaaa2b, cluster identity 4711
[  264.126776][ T9178] tipc: Enabled bearer <eth:netdevsim0>, priority 2
[  264.447978][ T9176] bond2 (unregistering): Released all slaves
[  264.501840][ T9181] netdevsim netdevsim0 
€Â: renamed from netdevsim0
[  264.540634][ T9181] tipc: Disabling bearer <eth:netdevsim0>
[  266.260969][   T28] audit: type=1326 audit(2000000135.580:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9197 comm="syz.1.886" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa44919ce59 code=0x7fc00000
[  266.342610][   T23] usb 6-1: USB disconnect, device number 2
[  266.351483][   T28] audit: type=1326 audit(2000000135.640:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9197 comm="syz.1.886" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fa44919ce59 code=0x7fc00000
[  269.265724][ T9227] binder: BINDER_SET_CONTEXT_MGR already set
[  269.284998][ T9227] binder: 9226:9227 ioctl 4018620d 2000000002c0 returned -16
[  269.379360][ T9229] netlink: 24 bytes leftover after parsing attributes in process `syz.5.894'.
[  271.091623][ T5841] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  271.864120][ T9248] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  271.922169][ T9248] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  271.951025][ T9248] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  271.959042][ T9248] IPv6: NLM_F_CREATE should be set when creating new route
[  272.203439][ T9261] binder: BINDER_SET_CONTEXT_MGR already set
[  272.224968][ T9261] binder: 9260:9261 ioctl 4018620d 200000004a80 returned -16
[  274.917760][ T9248] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.925591][ T9248] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.633799][ T9248] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  275.691636][ T9248] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  276.187064][ T9248] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  276.200859][ T9248] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  276.211959][ T9248] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  276.231645][ T9248] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  276.454004][ T9271] bridge0: port 1(bridge_slave_0) entered disabled state
[  276.462329][ T9272] netlink: 'syz.0.906': attribute type 4 has an invalid length.
[  276.471502][ T9272] netlink: 'syz.0.906': attribute type 5 has an invalid length.
[  276.480729][ T9272] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.906'.
[  276.538340][ T5841] usb 6-1: unable to get BOS descriptor or descriptor too short
[  276.555879][ T5841] usb 6-1: unable to read config index 0 descriptor/start: -71
[  276.573789][ T5841] usb 6-1: can't read configurations, error -71
[  276.667320][ T9290] syzkaller0: entered promiscuous mode
[  276.672877][ T9290] syzkaller0: entered allmulticast mode
[  281.067608][ T9333] syz_tun: entered allmulticast mode
[  281.278679][ T9356] loop1: detected capacity change from 0 to 128
[  281.301747][ T9356] ext4: Unknown parameter 'fsmagic'
[  281.355838][ T9357] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  286.195634][ T9425] netlink: 180 bytes leftover after parsing attributes in process `syz.0.942'.
[  286.205429][ T9425] openvswitch: netlink: Message has 4 unknown bytes.
[  288.182969][ T9441] netlink: 'syz.5.947': attribute type 1 has an invalid length.
[  288.295067][ T9441] bond1: entered promiscuous mode
[  288.319933][ T9441] 8021q: adding VLAN 0 to HW filter on device bond1
[  288.406494][ T9445] 8021q: adding VLAN 0 to HW filter on device bond2
[  288.425555][ T9445] bond1: (slave bond2): making interface the new active one
[  288.433845][ T9445] bond2: entered promiscuous mode
[  288.618633][ T9445] bond1: (slave bond2): Enslaving as an active interface with an up link
[  288.984145][ T9450] bond1: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  289.017335][ T9450] bond1: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  291.813109][ T9496] smc: net device bond0 applied user defined pnetid SYZ2
[  291.842076][ T9496] netlink: 14 bytes leftover after parsing attributes in process `syz.1.962'.
[  291.968137][ T9496] smc: removing net device bond0 with user defined pnetid SYZ2
[  291.995011][ T9496] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  292.034235][ T9496] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  292.063244][ T9496] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  292.073184][ T9496] bridge0: port 2(bridge_slave_1) entered disabled state
[  292.080826][ T9496] bridge0: port 1(bridge_slave_0) entered disabled state
[  292.101313][ T9496] bond0 (unregistering): Released all slaves
[  292.113519][ T9498] netlink: 24 bytes leftover after parsing attributes in process `syz.3.963'.
[  292.468674][ T9507] netlink: 8 bytes leftover after parsing attributes in process `syz.3.967'.
[  300.918644][ T9593] netlink: 8 bytes leftover after parsing attributes in process `syz.5.986'.
[  300.927555][ T9593] IPVS: Unknown mcast interface: vcan0
[  302.727160][ T9599] netlink: 'syz.3.991': attribute type 1 has an invalid length.
[  303.100199][ T9599] 8021q: adding VLAN 0 to HW filter on device bond2
[  303.188941][ T9611] bond2: (slave ip6gretap1): making interface the new active one
[  303.207993][ T9611] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  304.839139][ T9632] netlink: 12 bytes leftover after parsing attributes in process `syz.1.994'.
[  305.316981][ T9632] smc: adding net device bond0 with user defined pnetid SYZ2
[  305.502396][ T9637] veth3: entered allmulticast mode
[  305.523983][ T9637] bond0: (slave veth3): Enslaving as an active interface with an up link
[  308.543726][ T9666] kvm: pic: single mode not supported
[  308.910011][ T9675] bridge_slave_0: left allmulticast mode
[  308.927729][ T9675] bridge_slave_0: left promiscuous mode
[  308.933721][ T9675] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.947916][ T9675] bridge_slave_1: left allmulticast mode
[  308.953717][ T9675] bridge_slave_1: left promiscuous mode
[  308.966890][ T9675] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.980693][ T9675] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  308.988749][ T9675] batman_adv: batadv0: Removing interface: batadv_slave_0
[  309.011612][ T9675] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  309.024189][ T9675] batman_adv: batadv0: Removing interface: batadv_slave_1
[  309.080837][ T9675] bond0: (slave veth3): Releasing backup interface
[  309.273203][ T9683] xt_socket: unknown flags 0x4c
[  311.351828][ T9698] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1014'.
[  311.449863][ T9698] team0: Port device team_slave_0 removed
[  315.069513][ T9722] loop1: detected capacity change from 0 to 512
[  315.077905][ T9717] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  315.668728][ T9722] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.194763][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.257037][ T9741] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1022'.
[  317.268667][ T9741] IPVS: Error joining to the multicast group
[  317.333407][ T9742] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  317.368413][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  317.385118][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  317.431687][ T9744] binder: 9743:9744 ioctl c0306201 2000000002c0 returned -14
[  318.533249][ T9763] tipc: Started in network mode
[  318.538373][ T9763] tipc: Node identity 4, cluster identity 4711
[  318.552702][ T9763] tipc: Node number set to 4
[  320.513742][ T9774] netlink: 'syz.5.1034': attribute type 1 has an invalid length.
[  320.677369][ T9774] 8021q: adding VLAN 0 to HW filter on device bond3
[  320.710035][ T9776] bond3: up delay (136) is not a multiple of miimon (100), value rounded to 100 ms
[  320.824742][ T9776] bond3: entered allmulticast mode
[  320.914046][ T9780] bond3: (slave ip6gretap1): Enslaving as an active interface with an up link
[  321.496528][ T9798] bridge_slave_0: left allmulticast mode
[  321.502291][ T9798] bridge_slave_0: left promiscuous mode
[  321.514906][ T9798] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.531798][ T9798] bridge_slave_1: left allmulticast mode
[  321.537578][ T9798] bridge_slave_1: left promiscuous mode
[  321.543318][ T9798] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.557601][ T9798] bond0: (slave bond_slave_0): Releasing backup interface
[  321.902802][ T9798] bond0: (slave bond_slave_1): Releasing backup interface
[  322.195810][ T9798] team0: Port device team_slave_1 removed
[  322.202697][ T9798] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  322.210315][ T9798] batman_adv: batadv0: Removing interface: batadv_slave_0
[  322.227174][ T9798] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  322.234927][ T9798] batman_adv: batadv0: Removing interface: batadv_slave_1
[  322.282426][ T9798] bond2: (slave ip6gretap1): Releasing active interface
[  323.940361][ T9825] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1047'.
[  324.564681][ T5783] Bluetooth: hci1: command 0x0406 tx timeout
[  324.953680][ T9833] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1050'.
[  325.022136][ T9833] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1050'.
[  325.190070][ T9839] syzkaller0: entered promiscuous mode
[  325.218102][ T9839] syzkaller0: entered allmulticast mode
[  330.931186][ T9854] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  331.389901][ T9861] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  334.403239][ T9884] loop1: detected capacity change from 0 to 40427
[  334.421721][ T9884] F2FS-fs (loop1): Wrong segment_count / block_count (31 > 0)
[  334.449565][ T9884] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  334.493428][ T9884] F2FS-fs (loop1): invalid crc value
[  334.519152][ T9884] F2FS-fs (loop1): Found nat_bits in checkpoint
[  334.648389][ T9884] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  334.655759][ T9884] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  339.145097][ T9897] syz.1.1064: attempt to access beyond end of device
[  339.145097][ T9897] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  339.160665][ T9897] syz.1.1064: attempt to access beyond end of device
[  339.160665][ T9897] loop1: rw=2049, sector=45128, nr_sectors = 32 limit=40427
[  339.174980][ T9897] syz.1.1064: attempt to access beyond end of device
[  339.174980][ T9897] loop1: rw=2049, sector=45168, nr_sectors = 24 limit=40427
[  339.189848][ T9897] syz.1.1064: attempt to access beyond end of device
[  339.189848][ T9897] loop1: rw=2049, sector=45216, nr_sectors = 32 limit=40427
[  339.207725][ T9897] syz.1.1064: attempt to access beyond end of device
[  339.207725][ T9897] loop1: rw=2049, sector=45256, nr_sectors = 32 limit=40427
[  339.222959][ T9897] syz.1.1064: attempt to access beyond end of device
[  339.222959][ T9897] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  339.238274][ T9897] syz.1.1064: attempt to access beyond end of device
[  339.238274][ T9897] loop1: rw=2049, sector=45128, nr_sectors = 32 limit=40427
[  339.252547][ T9897] syz.1.1064: attempt to access beyond end of device
[  339.252547][ T9897] loop1: rw=2049, sector=45168, nr_sectors = 24 limit=40427
[  339.267267][ T9897] syz.1.1064: attempt to access beyond end of device
[  339.267267][ T9897] loop1: rw=2049, sector=45312, nr_sectors = 8 limit=40427
[  339.281443][ T9897] syz.1.1064: attempt to access beyond end of device
[  339.281443][ T9897] loop1: rw=2049, sector=45216, nr_sectors = 24 limit=40427
[  344.488215][ T5782] syz-executor: attempt to access beyond end of device
[  344.488215][ T5782] loop1: rw=2049, sector=45352, nr_sectors = 8 limit=40427
[  344.571973][ T5782] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  345.453336][ T9920] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1070'.
[  346.096604][ T9302] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  346.287315][ T9302] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  346.312071][ T9302] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  346.323293][ T9302] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  346.337882][ T9302] usb 2-1: Product: syz
[  346.342361][ T9302] usb 2-1: Manufacturer: syz
[  346.349876][ T9302] usb 2-1: SerialNumber: syz
[  346.596458][ T9302] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 11 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  346.877392][    C0] usblp0: nonzero write bulk status received: -71
[  346.884758][ T5841] usb 2-1: USB disconnect, device number 11
[  346.901304][ T5841] usblp0: removed
[  351.113453][ T9974] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1090'.
[  352.151171][ T9981] loop1: detected capacity change from 0 to 1024
[  352.530394][ T9991] atomic_op ffff888077e8b998 conn xmit_atomic 0000000000000000
[  353.314612][ T9981] hfsplus: request for non-existent node 33423360 in B*Tree
[  353.322620][ T9981] hfsplus: request for non-existent node 33423360 in B*Tree
[  353.486657][T10000] hfsplus: request for non-existent node 33423360 in B*Tree
[  353.494034][T10000] hfsplus: request for non-existent node 33423360 in B*Tree
[  353.625707][ T9981] hfsplus: request for non-existent node 33423360 in B*Tree
[  353.643375][ T9981] hfsplus: request for non-existent node 33423360 in B*Tree
[  353.883308][T10000] hfsplus: request for non-existent node 33423360 in B*Tree
[  354.141803][T10000] hfsplus: request for non-existent node 33423360 in B*Tree
[  354.334292][T10003] hfsplus: request for non-existent node 33423360 in B*Tree
[  354.378356][T10003] hfsplus: request for non-existent node 33423360 in B*Tree
[  354.415794][T10000] hfsplus: request for non-existent node 33423360 in B*Tree
[  354.443709][T10000] hfsplus: request for non-existent node 33423360 in B*Tree
[  354.473112][ T9981] hfsplus: request for non-existent node 33423360 in B*Tree
[  354.481635][ T9981] hfsplus: request for non-existent node 33423360 in B*Tree
[  354.493707][T10000] hfsplus: request for non-existent node 33423360 in B*Tree
[  354.501205][T10000] hfsplus: request for non-existent node 33423360 in B*Tree
[  354.870180][ T9981] hfsplus: request for non-existent node 33423360 in B*Tree
[  354.982210][ T9981] hfsplus: request for non-existent node 33423360 in B*Tree
[  355.167580][T10000] hfsplus: request for non-existent node 33423360 in B*Tree
[  355.259073][T10000] hfsplus: request for non-existent node 33423360 in B*Tree
[  355.429098][ T9981] hfsplus: request for non-existent node 33423360 in B*Tree
[  355.439327][ T9981] hfsplus: request for non-existent node 33423360 in B*Tree
[  356.843091][T10025] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  356.918285][T10030] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1103'.
[  357.941889][T10030] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1103'.
[  358.162996][T10040] 8021q: adding VLAN 0 to HW filter on device bond4
[  358.202667][T10041] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  358.278794][ T6348] bond4: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  358.323602][T10041] bond4: (slave macvlan2): Enslaving as an active interface with an up link
[  358.412551][   T11] bond4: (slave macvlan2): link status up again after 0 ms
[  358.449637][   T11] bond4: (slave macvlan2): failed to get link speed/duplex
[  358.663594][   T11] bond4: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  359.241028][ T6357] bond4: (slave macvlan2): failed to get link speed/duplex
[  359.324605][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  360.214805][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  360.745306][   T49] bond4: (slave macvlan2): failed to get link speed/duplex
[  360.988371][   T49] bond4: (slave macvlan2): failed to get link speed/duplex
[  361.825401][ T6353] bond4: (slave macvlan2): failed to get link speed/duplex
[  361.957416][ T6353] bond4: (slave macvlan2): failed to get link speed/duplex
[  362.087179][   T49] bond4: (slave macvlan2): failed to get link speed/duplex
[  362.216352][ T6348] bond4: (slave macvlan2): failed to get link speed/duplex
[  362.645938][T10066] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  362.686477][T10066] syzkaller0: entered promiscuous mode
[  362.692066][T10066] syzkaller0: entered allmulticast mode
[  362.969007][T10068] tipc: Resetting bearer <eth:syzkaller0>
[  363.012249][T10065] tipc: Resetting bearer <eth:syzkaller0>
[  363.111003][T10065] tipc: Disabling bearer <eth:syzkaller0>
[  363.289868][ T6355] net_ratelimit: 4 callbacks suppressed
[  363.289910][ T6355] bond4: (slave macvlan2): failed to get link speed/duplex
[  363.640611][ T6355] bond4: (slave macvlan2): failed to get link speed/duplex
[  363.926587][ T6355] bond4: (slave macvlan2): failed to get link speed/duplex
[  364.135074][   T49] bond4: (slave macvlan2): failed to get link speed/duplex
[  364.294820][   T49] bond4: (slave macvlan2): failed to get link speed/duplex
[  364.433569][T10076] libceph: secret too big 32
[  364.470964][ T6353] bond4: (slave macvlan2): failed to get link speed/duplex
[  364.595128][ T6353] bond4: (slave macvlan2): failed to get link speed/duplex
[  366.139102][T10085] bond1: left promiscuous mode
[  366.143911][T10085] bond2: left promiscuous mode
[  366.217371][T10085] bond3: left allmulticast mode
[  370.613490][T10114] bridge_slave_1: left allmulticast mode
[  370.637960][T10114] bridge_slave_1: left promiscuous mode
[  370.648865][T10114] bridge0: port 2(bridge_slave_1) entered disabled state
[  370.685383][T10114] bridge_slave_0: left allmulticast mode
[  370.691288][T10114] bridge_slave_0: left promiscuous mode
[  370.701995][T10114] bridge0: port 1(bridge_slave_0) entered disabled state
[  372.208742][T10166] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1140'.
[  377.216117][T10211] syz_tun (unregistering): left allmulticast mode
[  378.763661][T10231] atomic_op ffff888077e73998 conn xmit_atomic 0000000000000000
[  378.825949][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  378.832506][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  379.553871][T10235] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1158'.
[  379.715422][T10245] netlink: 'syz.5.1161': attribute type 10 has an invalid length.
[  379.734583][T10245] netlink: 'syz.5.1161': attribute type 10 has an invalid length.
[  397.650619][T10414] netlink: 'syz.5.1201': attribute type 10 has an invalid length.
[  397.658881][T10414] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1201'.
[  397.685708][T10414] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  397.694456][T10414] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  397.703190][T10414] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  397.711641][T10414] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  397.754747][T10414] team0: Port device geneve0 added
[  398.400002][T10416] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1202'.
[  398.483885][T10416] ip6gretap0: entered promiscuous mode
[  398.952561][T10416] macvtap1: entered promiscuous mode
[  398.958749][T10416] macvtap1: entered allmulticast mode
[  398.964189][T10416] ip6gretap0: entered allmulticast mode
[  399.518095][T10420] ip6gretap0: left allmulticast mode
[  399.526220][T10420] ip6gretap0: left promiscuous mode
[  399.532168][T10420] macvtap1: left promiscuous mode
[  399.550366][T10420] macvtap1: left allmulticast mode
[  401.077289][T10442] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1209'.
[  405.979939][T10487] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  407.776622][T10502] loop1: detected capacity change from 0 to 512
[  407.817024][T10502] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  408.060690][T10502] EXT4-fs error (device loop1): ext4_orphan_get:1430: comm syz.1.1222: bad orphan inode 131083
[  408.126277][T10502] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  408.962011][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.632523][T10548] tipc: Started in network mode
[  413.638870][T10548] tipc: Node identity 7f000001, cluster identity 4711
[  413.678735][T10548] tipc: Enabled bearer <udp:syz2>, priority 10
[  414.684786][ T9304] tipc: Node number set to 2130706433
[  414.903629][T10554] netlink: 'syz.5.1237': attribute type 10 has an invalid length.
[  414.911608][T10554] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1237'.
[  414.920910][T10554] team0: entered promiscuous mode
[  414.925989][T10554] team_slave_1: entered promiscuous mode
[  414.932049][T10554] geneve0: entered promiscuous mode
[  414.937556][T10554] team0: entered allmulticast mode
[  414.942692][T10554] team_slave_1: entered allmulticast mode
[  414.948503][T10554] geneve0: entered allmulticast mode
[  414.956178][T10554] 8021q: adding VLAN 0 to HW filter on device team0
[  414.963619][T10554] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  415.638499][T10568] hugetlbfs: syz.0.1239 (10568): Using mlock ulimits for SHM_HUGETLB is obsolete
[  416.696709][T10577] lo speed is unknown, defaulting to 1000
[  418.186487][T10577] lo speed is unknown, defaulting to 1000
[  418.196517][T10577] lo speed is unknown, defaulting to 1000
[  418.208685][T10577] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  418.224844][T10577] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  418.280893][T10577] lo speed is unknown, defaulting to 1000
[  418.288987][T10577] lo speed is unknown, defaulting to 1000
[  418.299033][T10577] lo speed is unknown, defaulting to 1000
[  418.305904][T10577] lo speed is unknown, defaulting to 1000
[  419.458799][T10594] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.1244'.
[  423.490102][ T5816] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  423.891384][ T5816] usb 2-1: Using ep0 maxpacket: 8
[  424.225907][ T5816] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  424.264830][ T5816] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  424.291747][ T5816] usb 2-1: Product: syz
[  424.316641][ T5816] usb 2-1: Manufacturer: syz
[  424.332454][ T5816] usb 2-1: SerialNumber: syz
[  424.370332][ T5816] usb 2-1: config 0 descriptor??
[  424.436556][T10626] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  424.661476][ T5816] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  425.748052][ T5816] dvb_usb_rtl28xxu: probe of 2-1:0.0 failed with error -32
[  429.538041][ T9304] usb 2-1: USB disconnect, device number 12
[  433.303406][T10686] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1267'.
[  433.543933][T10692] futex_wake_op: syz.5.1268 tries to shift op by 144; fix this program
[  440.362048][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  440.374785][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  442.478820][T10742] netlink: 'syz.0.1281': attribute type 4 has an invalid length.
[  443.964727][ T5816] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  444.388297][ T5816] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  444.414537][ T5816] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  444.425438][ T5816] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  444.435605][ T5816] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  444.447800][ T5816] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  444.608192][T10763] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  444.646995][ T5816] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  444.655244][ T5816] usb 2-1: Product: syz
[  444.659708][ T5816] usb 2-1: Manufacturer: syz
[  444.783657][ T5816] cdc_wdm 2-1:1.0: skipping garbage
[  444.863414][ T5816] cdc_wdm 2-1:1.0: skipping garbage
[  445.104229][ T5816] cdc_wdm: probe of 2-1:1.0 failed with error -22
[  445.202250][ T5816] usb 2-1: USB disconnect, device number 13
[  450.980444][T10803] can: request_module (can-proto-0) failed.
[  453.011710][T10822] loop1: detected capacity change from 0 to 32768
[  453.631550][T10822] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  453.733901][T10822] XFS (loop1): Ending clean mount
[  455.088583][ T5782] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  455.230440][T10845] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1304'.
[  456.309943][T10845] hsr_slave_0 (unregistering): left promiscuous mode
[  457.480275][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  457.491428][T10863] lo speed is unknown, defaulting to 1000
[  461.241377][T10894] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1314'.
[  461.253897][T10896] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1314'.
[  464.519982][   T28] audit: type=1326 audit(2000000332.796:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10926 comm="syz.1.1322" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa44919ce59 code=0x0
[  465.946296][T10927] syz.1.1322: attempt to access beyond end of device
[  465.946296][T10927] loop1: rw=0, sector=16, nr_sectors = 2 limit=0
[  465.972245][T10927] netlink: 160 bytes leftover after parsing attributes in process `syz.1.1322'.
[  468.780849][T10962] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1331'.
[  468.789906][T10962] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1331'.
[  468.810616][T10962] netdevsim netdevsim0 
€Â: set [0, 0] type 1 family 0 port 8472 - 0
[  468.819281][T10962] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  468.828033][T10962] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  468.836822][T10962] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  469.060530][T10965] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1331'.
[  469.099421][T10965] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1331'.
[  469.219113][T10970] netlink: 14 bytes leftover after parsing attributes in process `syz.5.1332'.
[  469.405543][T10974] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  469.417275][T10974] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  471.520415][T10986] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1334'.
[  475.041123][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  476.028107][T11002] loop1: detected capacity change from 0 to 512
[  476.035730][T11002] EXT4-fs: Ignoring removed mblk_io_submit option
[  476.067000][T11002] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  476.115274][T11002] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002]
[  476.123725][T11002] EXT4-fs (loop1): orphan cleanup on readonly fs
[  476.141627][T11002] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.1342: bg 0: block 361: padding at end of block bitmap is not set
[  476.306715][T11002] EXT4-fs (loop1): Remounting filesystem read-only
[  476.364246][T11002] EXT4-fs (loop1): 1 truncate cleaned up
[  476.386779][T11002] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  477.685018][T11013] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.1342: dx entry: limit 0 != root limit 125
[  477.708529][T11013] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.1342: Corrupt directory, running e2fsck is recommended
[  478.161044][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  484.048878][T11053] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[  485.674012][T11066] siw: device registration error -23
[  486.346636][T11074] syz.0.1356 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  486.442932][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  487.370539][T11079] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1355'.
[  487.397375][ T5783] Bluetooth: hci0: command 0x0406 tx timeout
[  488.511481][T11092] netlink: 209844 bytes leftover after parsing attributes in process `syz.5.1357'.
[  488.989089][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  489.774449][T11096] ceph: No mds server is up or the cluster is laggy
[  489.791171][ T9304] libceph: connect (1)[c::]:6789 error -101
[  489.816688][ T9304] libceph: mon0 (1)[c::]:6789 connect error
[  491.127405][ T5816] libceph: connect (1)[c::]:6789 error -101
[  491.133679][ T5816] libceph: mon0 (1)[c::]:6789 connect error
[  493.214975][T11117] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1365'.
[  499.304058][ T5783] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  499.314937][ T5783] CPU: 1 PID: 5783 Comm: kworker/u5:2 Not tainted syzkaller #0
[  499.322550][ T5783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  499.332650][ T5783] Workqueue: hci1 hci_rx_work
[  499.337397][ T5783] Call Trace:
[  499.340722][ T5783]  <TASK>
[  499.343692][ T5783]  dump_stack_lvl+0x18c/0x250
[  499.348425][ T5783]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  499.354162][ T5783]  ? show_regs_print_info+0x20/0x20
[  499.359411][ T5783]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  499.365142][ T5783]  sysfs_create_dir_ns+0x26e/0x2a0
[  499.370308][ T5783]  ? __lock_acquire+0x7d80/0x7d80
[  499.375387][ T5783]  ? sysfs_warn_dup+0xa0/0xa0
[  499.380123][ T5783]  ? do_raw_spin_unlock+0x121/0x230
[  499.385388][ T5783]  kobject_add_internal+0x617/0xc90
[  499.390659][ T5783]  kobject_add+0x164/0x240
[  499.395140][ T5783]  ? kobject_init+0x1d0/0x1d0
[  499.399889][ T5783]  ? get_device_parent+0x366/0x390
[  499.405103][ T5783]  device_add+0x3fa/0xc40
[  499.409506][ T5783]  hci_conn_add_sysfs+0xd5/0x1e0
[  499.414501][ T5783]  le_conn_complete_evt+0xe9f/0x1480
[  499.419848][ T5783]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[  499.426150][ T5783]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  499.431865][ T5783]  hci_le_conn_complete_evt+0x187/0x440
[  499.437479][ T5783]  ? hci_remote_host_features_evt+0x150/0x150
[  499.443603][ T5783]  hci_event_packet+0x7b4/0x1280
[  499.448608][ T5783]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  499.454306][ T5783]  ? bis_list+0x290/0x290
[  499.458727][ T5783]  ? kcov_remote_start+0x1b5/0x7e0
[  499.463901][ T5783]  ? hci_send_to_monitor+0xd7/0x4f0
[  499.469161][ T5783]  hci_rx_work+0x43a/0xd60
[  499.473644][ T5783]  ? process_scheduled_works+0x975/0x1600
[  499.479424][ T5783]  process_scheduled_works+0xa60/0x1600
[  499.485054][ T5783]  ? worker_attach_to_pool+0x370/0x370
[  499.490602][ T5783]  ? assign_work+0x3cc/0x5d0
[  499.495249][ T5783]  worker_thread+0xa5e/0xfe0
[  499.499930][ T5783]  kthread+0x2fa/0x390
[  499.504043][ T5783]  ? pr_cont_work+0x550/0x550
[  499.508773][ T5783]  ? kthread_blkcg+0xd0/0xd0
[  499.513406][ T5783]  ret_from_fork+0x48/0x80
[  499.517891][ T5783]  ? kthread_blkcg+0xd0/0xd0
[  499.522520][ T5783]  ret_from_fork_asm+0x11/0x20
[  499.527374][ T5783]  </TASK>
[  499.530543][    C1] vkms_vblank_simulate: vblank timer overrun
[  499.539602][ T5783] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  499.554465][ T5783] Bluetooth: hci1: failed to register connection device
[  501.726787][ T5841] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  501.927326][ T5841] usb 2-1: Using ep0 maxpacket: 32
[  501.956991][ T5841] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[  501.990298][ T5841] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  502.018334][ T5841] usb 2-1: config 0 has no interface number 0
[  502.034986][ T5841] usb 2-1: config 0 interface 8 altsetting 248 endpoint 0xC has an invalid bInterval 0, changing to 7
[  502.106175][ T5841] usb 2-1: config 0 interface 8 altsetting 248 has 1 endpoint descriptor, different from the interface descriptor's value: 10
[  502.120150][ T5841] usb 2-1: config 0 interface 8 has no altsetting 0
[  502.135758][ T5841] usb 2-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=2d.bb
[  502.148601][ T5841] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  502.158541][ T5841] usb 2-1: Product: syz
[  502.162964][ T5841] usb 2-1: Manufacturer: syz
[  502.174459][ T5841] usb 2-1: SerialNumber: syz
[  502.199722][ T5841] usb 2-1: config 0 descriptor??
[  506.172613][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  506.178985][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  507.348094][ T5841] ath6kl: Failed to submit usb control message: -71
[  507.354807][ T5841] ath6kl: unable to send the bmi data to the device: -71
[  507.375680][ T5841] ath6kl: Unable to send get target info: -71
[  507.405048][ T5841] ath6kl: Failed to init ath6kl core: -71
[  507.458141][ T5841] ath6kl_usb: probe of 2-1:0.8 failed with error -71
[  507.632357][ T5841] usb 2-1: USB disconnect, device number 14
[  512.427478][T11246] RDS: rds_bind could not find a transport for ::ffff:172.30.1.4, load rds_tcp or rds_rdma?
[  512.440097][T11246] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1395'.
[  515.630784][T11278] bridge0: entered allmulticast mode
[  524.158658][T11320] netlink: 4768 bytes leftover after parsing attributes in process `syz.1.1411'.
[  525.144328][T11324] loop1: detected capacity change from 0 to 4096
[  525.186301][T11324] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  525.505359][T11324] ntfs: (device loop1): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy.
[  525.955373][T11326] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  526.034667][T11324] ntfs: (device loop1): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  526.160949][T11324] ntfs: (device loop1): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  526.230600][T11324] ntfs: (device loop1): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  526.239407][T11324] ntfs: (device loop1): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5).
[  526.305871][T11324] ntfs: (device loop1): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  526.390275][T11324] ntfs: (device loop1): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[  526.922652][T11335] netlink: 'syz.3.1415': attribute type 11 has an invalid length.
[  526.930690][T11335] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1415'.
[  527.058837][T11324] ntfs: (device loop1): ntfs_mapping_pairs_decompress(): Corrupt attribute.
[  527.416121][T11324] ntfs: (device loop1): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x200 because its location on disk could not be determined even after retrying (error code -5).
[  527.534021][T11324] ntfs: volume version 3.1.
[  529.034392][T11346] loop1: detected capacity change from 0 to 32768
[  529.403397][T11349] netlink: 'syz.0.1412': attribute type 1 has an invalid length.
[  529.477239][T11355] 
: renamed from bond_slave_0 (while UP)
[  530.060668][ T6361] read_mapping_page failed!
[  530.065783][ T6361] ERROR: (device loop1): txCommit: 
[  530.065783][ T6361] 
[  530.351170][ T6361] jfs_write_inode: jfs_commit_inode failed!
[  532.960307][T11390] loop1: detected capacity change from 0 to 64
[  538.567236][T11392] netlink: 'syz.1.1422': attribute type 1 has an invalid length.
[  538.640445][T11392] IPv6: Can't replace route, no match found
[  542.164791][T11438] trusted_key: encrypted_key: keylen parameter is missing
[  542.588271][T11435] input: syz1 as /devices/virtual/input/input7
[  546.416502][T11464] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1439'.
[  547.585594][T11453] ceph: No mds server is up or the cluster is laggy
[  547.964048][T11463] overlayfs: failed to clone upperpath
[  549.823364][T11474] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  550.262281][T11474] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  554.366390][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  556.531139][T11525] tipc: Can't bind to reserved service type 1
[  558.375451][T11538] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1457'.
[  559.514438][T11547] 9pnet_fd: Insufficient options for proto=fd
[  559.521511][T11547] raw_sendmsg: syz.5.1458 forgot to set AF_INET. Fix it!
[  559.979577][T11545] libceph: resolve '400' (ret=-3): failed
[  560.319851][T11550] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  560.327019][T11550] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  560.359621][T11550] vhci_hcd vhci_hcd.0: Device attached
[  560.812162][ T9302] usb 35-1: new high-speed USB device number 2 using vhci_hcd
[  561.470691][ T5841] usb 2-1: new full-speed USB device number 15 using dummy_hcd
[  561.700518][T11563] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1461'.
[  561.748900][ T5841] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  561.765629][ T5841] usb 2-1: New USB device found, idVendor=05f3, idProduct=0240, bcdDevice=1b.24
[  561.775843][ T5841] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  561.784905][ T5841] usb 2-1: Product: syz
[  561.789298][ T5841] usb 2-1: Manufacturer: syz
[  561.794110][ T5841] usb 2-1: SerialNumber: syz
[  561.801994][ T5841] usb 2-1: config 0 descriptor??
[  561.813025][ T5841] powermate: probe of 2-1:0.0 failed with error -22
[  563.813298][ T5841] usb 2-1: USB disconnect, device number 15
[  563.826459][T11551] vhci_hcd: connection reset by peer
[  563.866177][ T6357] vhci_hcd: stop threads
[  563.878333][ T6357] vhci_hcd: release socket
[  563.885617][ T6357] vhci_hcd: disconnect device
[  566.538070][T11589] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1469'.
[  566.794269][ T9302] vhci_hcd: vhci_device speed not set
[  567.335746][T11595] loop1: detected capacity change from 0 to 1024
[  567.825235][T11595] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  568.680336][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  569.018174][T11617] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1468'.
[  569.033400][T11617] gtp0: entered allmulticast mode
[  575.757275][T11632] orangefs_mount: mount request failed with -4
[  577.736090][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  577.742467][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  578.848712][T11646] MTD: Couldn't look up '/dev/nullb0': -15
[  581.884154][T11680] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1488'.
[  586.025457][T11692] autofs4:pid:11692:autofs_fill_super: called with bogus options
[  587.450244][T11699] ecryptfs_parse_options: eCryptfs: unrecognized option [grpquota]
[  587.480995][T11699] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  587.496252][T11699] Error parsing options; rc = [-22]
[  588.815399][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  588.967544][T11713] (syz.5.1497,11713,1):dlmfs_mkdir:421 ERROR: invalid domain name for directory.
[  590.086642][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  595.216510][T11742] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1495'.
[  595.303816][T11745] fuse: Unknown parameter '0x0000000000000007'
[  597.443137][T11754] overlayfs: failed to clone upperpath
[  598.236700][T11760] fuse: root generation should be zero
[  599.100711][T11762] overlayfs: statfs failed on './file0'
[  607.122353][T11812] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1522'.
[  608.300234][T11821] loop1: detected capacity change from 0 to 512
[  608.447227][T11821] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  608.462324][T11821] ext4 filesystem being mounted at /312/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  609.249786][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  613.213541][T11853] netlink: 'syz.1.1530': attribute type 4 has an invalid length.
[  620.018441][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  620.307390][T11889] No such timeout policy "syz1"
[  621.345182][T11913] set match dimension is over the limit!
[  621.889411][ T5087] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  622.546546][T11925] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1545'.
[  622.563294][T11925] netlink: 'syz.1.1545': attribute type 2 has an invalid length.
[  622.573661][T11925] netlink: 'syz.1.1545': attribute type 1 has an invalid length.
[  622.738041][T11925] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  622.747426][T11925] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  622.756686][T11925] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  623.479851][T11928] syz.5.1544: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[  623.558205][T11928] CPU: 1 PID: 11928 Comm: syz.5.1544 Not tainted syzkaller #0
[  623.565759][T11928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  623.575864][T11928] Call Trace:
[  623.579192][T11928]  <TASK>
[  623.582168][T11928]  dump_stack_lvl+0x18c/0x250
[  623.586916][T11928]  ? show_regs_print_info+0x20/0x20
[  623.592175][T11928]  ? load_image+0x420/0x420
[  623.596733][T11928]  ? __rcu_read_unlock+0x7c/0xd0
[  623.601734][T11928]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  623.608212][T11928]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  623.614782][T11928]  warn_alloc+0x246/0x340
[  623.619182][T11928]  ? stack_trace_save+0xaa/0x100
[  623.624181][T11928]  ? zone_watermark_ok_safe+0x230/0x230
[  623.629797][T11928]  ? kasan_set_track+0x5f/0x70
[  623.634616][T11928]  ? kasan_set_track+0x4e/0x70
[  623.639427][T11928]  ? __kasan_kmalloc+0x8f/0xa0
[  623.644246][T11928]  ? xsk_init_queue+0xad/0x100
[  623.649065][T11928]  ? xsk_setsockopt+0x413/0x750
[  623.653967][T11928]  ? do_sock_setsockopt+0x175/0x1a0
[  623.659218][T11928]  ? __x64_sys_setsockopt+0x182/0x200
[  623.664647][T11928]  __vmalloc_node_range+0x129/0x1320
[  623.670028][T11928]  ? free_vm_area+0x50/0x50
[  623.674618][T11928]  vmalloc_user+0x74/0x80
[  623.679009][T11928]  ? xskq_create+0xbf/0x170
[  623.683601][T11928]  xskq_create+0xbf/0x170
[  623.687982][T11928]  xsk_init_queue+0xad/0x100
[  623.692626][T11928]  xsk_setsockopt+0x413/0x750
[  623.697366][T11928]  ? xsk_poll+0x670/0x670
[  623.701749][T11928]  ? __fget_files+0x28/0x460
[  623.706411][T11928]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  623.712053][T11928]  ? security_socket_setsockopt+0x7e/0xa0
[  623.717831][T11928]  ? xsk_poll+0x670/0x670
[  623.722213][T11928]  do_sock_setsockopt+0x175/0x1a0
[  623.727297][T11928]  ? __fdget+0x180/0x210
[  623.731610][T11928]  __x64_sys_setsockopt+0x182/0x200
[  623.736877][T11928]  do_syscall_64+0x55/0xb0
[  623.741348][T11928]  ? clear_bhb_loop+0x40/0x90
[  623.746106][T11928]  ? clear_bhb_loop+0x40/0x90
[  623.750839][T11928]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  623.756808][T11928] RIP: 0033:0x7f554c59ce59
[  623.761278][T11928] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  623.780941][T11928] RSP: 002b:00007f554a7f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  623.789418][T11928] RAX: ffffffffffffffda RBX: 00007f554c816090 RCX: 00007f554c59ce59
[  623.797442][T11928] RDX: 0000000000000006 RSI: 000000000000011b RDI: 000000000000000a
[  623.805637][T11928] RBP: 00007f554c632e6f R08: 0000000000000029 R09: 0000000000000000
[  623.813661][T11928] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  623.821683][T11928] R13: 00007f554c816128 R14: 00007f554c816090 R15: 00007ffe0daf5f38
[  623.829725][T11928]  </TASK>
[  623.897494][T11928] Mem-Info:
[  623.900741][T11928] active_anon:26759 inactive_anon:67 isolated_anon:0
[  623.900741][T11928]  active_file:18165 inactive_file:40500 isolated_file:0
[  623.900741][T11928]  unevictable:17729 dirty:219 writeback:0
[  623.900741][T11928]  slab_reclaimable:8966 slab_unreclaimable:94311
[  623.900741][T11928]  mapped:25385 shmem:21457 pagetables:712
[  623.900741][T11928]  sec_pagetables:0 bounce:0
[  623.900741][T11928]  kernel_misc_reclaimable:0
[  623.900741][T11928]  free:1303234 free_pcp:10564 free_cma:0
[  624.054588][T11928] Node 0 active_anon:106436kB inactive_anon:268kB active_file:72660kB inactive_file:161800kB unevictable:69380kB isolated(anon):0kB isolated(file):0kB mapped:101540kB dirty:876kB writeback:0kB shmem:83292kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11740kB pagetables:2948kB sec_pagetables:0kB all_unreclaimable? no
[  625.498884][T11928] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  625.695681][T11928] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  625.853010][T11928] lowmem_reserve[]: 0 2521 2522 2522 2522
[  625.859597][T11928] Node 0 DMA32 free:1292176kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:118712kB inactive_anon:268kB active_file:72660kB inactive_file:160980kB unevictable:69380kB writepending:668kB present:3129332kB managed:2586936kB mlocked:0kB bounce:0kB free_pcp:18916kB local_pcp:16668kB free_cma:0kB
[  626.117479][T11928] lowmem_reserve[]: 0 0 0 0 0
[  627.050498][T11928] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:820kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB
[  627.124930][T11928] lowmem_reserve[]: 0 0 0 0 0
[  627.167380][T11928] Node 1 Normal free:3894328kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:20120kB local_pcp:7072kB free_cma:0kB
[  627.509466][T11928] lowmem_reserve[]: 0 0 0 0 0
[  627.517228][T11928] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  627.531154][T11928] Node 0 DMA32: 147*4kB (UE) 726*8kB (UE) 81*16kB (UME) 344*32kB (UME) 346*64kB (UME) 186*128kB (UME) 131*256kB (UME) 79*512kB (UME) 43*1024kB (UME) 10*2048kB (M) 267*4096kB (UM) = 1296780kB
[  627.551468][T11928] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  628.014530][T11928] Node 1 Normal: 243*4kB (UME) 58*8kB (UME) 35*16kB (UME) 69*32kB (UME) 18*64kB (UE) 9*128kB (UME) 1*256kB (M) 3*512kB (UM) 3*1024kB (ME) 4*2048kB (UME) 946*4096kB (M) = 3894380kB
[  628.034628][T11928] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  628.050608][T11928] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  628.060392][T11928] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  628.071140][T11928] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  628.081276][T11928] 102124 total pagecache pages
[  628.086339][T11928] 67 pages in swap cache
[  628.091272][T11928] Free swap  = 124360kB
[  628.095661][T11928] Total swap = 124996kB
[  628.107393][T11928] 2097051 pages RAM
[  628.205516][T11928] 0 pages HighMem/MovableOnly
[  628.210839][T11928] 416931 pages reserved
[  628.215643][T11928] 0 pages cma reserved
[  628.795640][T11957] sock: sock_timestamping_bind_phc: sock not bind to device
[  631.153980][T11979] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1553'.
[  631.201166][T11967] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20004 - 0
[  631.216666][T11967] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20004 - 0
[  631.249459][T11967] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20004 - 0
[  631.360062][   T28] kauditd_printk_skb: 12 callbacks suppressed
[  631.360105][   T28] audit: type=1326 audit(2000524776.396:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11973 comm="syz.5.1555" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f554c59ce59 code=0x0
[  631.448428][T11967] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20004 - 0
[  632.051212][T11980] IPVS: wlc: FWM 3 0x00000003 - no destination available
[  633.921439][T11991] Cannot find add_set index 0 as target
[  634.231371][T11997] comedi comedi0: Minor 3 could not be opened
[  635.800430][T12006] syz.3.1563 (12006) used greatest stack depth: 17896 bytes left
[  637.362882][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  637.369260][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  644.665513][T12063] IPVS: set_ctl: invalid protocol: 108 10.1.1.0:20002
[  644.695918][   T28] audit: type=1326 audit(2000524788.955:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12070 comm="syz.5.1573" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f554c59ce59 code=0x7ffc0000
[  644.901896][   T28] audit: type=1326 audit(2000524788.983:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12070 comm="syz.5.1573" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f554c59ce59 code=0x7ffc0000
[  644.927221][   T28] audit: type=1326 audit(2000524788.992:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12070 comm="syz.5.1573" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f554c59ce59 code=0x7ffc0000
[  644.983187][   T28] audit: type=1326 audit(2000524788.992:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12070 comm="syz.5.1573" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f554c59ce59 code=0x7ffc0000
[  645.977937][T12077] loop1: detected capacity change from 0 to 256
[  646.230916][T12077] FAT-fs (loop1): Directory bread(block 64) failed
[  646.238790][T12077] FAT-fs (loop1): Directory bread(block 65) failed
[  646.253101][T12077] FAT-fs (loop1): Directory bread(block 66) failed
[  646.259875][T12077] FAT-fs (loop1): Directory bread(block 67) failed
[  646.267034][T12077] FAT-fs (loop1): Directory bread(block 68) failed
[  646.273749][T12077] FAT-fs (loop1): Directory bread(block 69) failed
[  646.281395][T12077] FAT-fs (loop1): Directory bread(block 70) failed
[  646.288335][T12077] FAT-fs (loop1): Directory bread(block 71) failed
[  646.295588][T12077] FAT-fs (loop1): Directory bread(block 72) failed
[  646.302272][T12077] FAT-fs (loop1): Directory bread(block 73) failed
[  646.337414][   T28] audit: type=1326 audit(2000524788.992:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12070 comm="syz.5.1573" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f554c59ce59 code=0x7ffc0000
[  646.534666][T12077] syz.1.1574: attempt to access beyond end of device
[  646.534666][T12077] loop1: rw=2049, sector=1224, nr_sectors = 8 limit=256
[  646.810366][   T28] audit: type=1326 audit(2000524788.992:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12070 comm="syz.5.1573" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f554c59ce59 code=0x7ffc0000
[  646.887722][T12077] syz.1.1574: attempt to access beyond end of device
[  646.887722][T12077] loop1: rw=524288, sector=1160, nr_sectors = 4 limit=256
[  646.905542][T12077] syz.1.1574: attempt to access beyond end of device
[  646.905542][T12077] loop1: rw=0, sector=1160, nr_sectors = 4 limit=256
[  647.093457][   T28] audit: type=1326 audit(2000524788.992:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12070 comm="syz.5.1573" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f554c59ce59 code=0x7ffc0000
[  647.117656][   T28] audit: type=1326 audit(2000524788.992:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12070 comm="syz.5.1573" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f554c59ce59 code=0x7ffc0000
[  647.142895][   T28] audit: type=1326 audit(2000524788.992:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12070 comm="syz.5.1573" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f554c59ce59 code=0x7ffc0000
[  647.167242][   T28] audit: type=1326 audit(2000524788.992:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12070 comm="syz.5.1573" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f554c59ce59 code=0x7ffc0000
[  648.642419][ T5087] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  648.826957][T12096] netlink: 'syz.1.1579': attribute type 4 has an invalid length.
[  648.941917][ T5816] lo speed is unknown, defaulting to 1000
[  649.633690][T12099] IPVS: wlc: FWM 3 0x00000003 - no destination available
[  649.663406][ T5850] IPVS: starting estimator thread 0...
[  649.793263][T12105] IPVS: using max 18 ests per chain, 43200 per kthread
[  655.061417][T12144] lo: entered allmulticast mode
[  655.095043][T12144] tunl0: entered allmulticast mode
[  655.136268][T12144] gre0: entered allmulticast mode
[  655.194259][T12144] gretap0: entered allmulticast mode
[  655.406253][T12144] erspan0: entered allmulticast mode
[  655.449920][T12144] ip_vti0: entered allmulticast mode
[  655.493196][T12144] ip6_vti0: entered allmulticast mode
[  655.621928][T12144] sit0: entered allmulticast mode
[  655.630245][T12144] ip6tnl0: entered allmulticast mode
[  655.638367][T12144] ip6gre0: entered allmulticast mode
[  655.644709][T12144] ip6gretap0: entered allmulticast mode
[  655.655780][T12144] bond0: entered allmulticast mode
[  655.777908][T12144] bond_slave_0: entered allmulticast mode
[  655.815500][ T5850] IPVS: starting estimator thread 0...
[  655.839598][T12144] bond_slave_1: entered allmulticast mode
[  655.869620][T12144] team0: left promiscuous mode
[  656.140881][T12144] team_slave_1: left promiscuous mode
[  656.146636][T12144] geneve0: left promiscuous mode
[  656.244711][T12150] IPVS: using max 18 ests per chain, 43200 per kthread
[  656.351961][T12144] nlmon0: entered allmulticast mode
[  656.421632][T12144] caif0: entered allmulticast mode
[  656.617591][T12144] batadv0: entered allmulticast mode
[  656.623311][T12144] veth0: entered allmulticast mode
[  656.644546][T12144] veth1: entered allmulticast mode
[  656.654937][T12144] wg1: entered allmulticast mode
[  656.660237][T12144] wg2: entered allmulticast mode
[  656.670713][T12144] veth0_to_bridge: entered allmulticast mode
[  656.678707][T12144] bridge_slave_0: entered allmulticast mode
[  656.766396][T12144] veth1_to_bridge: entered allmulticast mode
[  656.790084][T12144] bridge_slave_1: entered allmulticast mode
[  656.807208][T12144] veth0_to_bond: entered allmulticast mode
[  656.821523][T12144] veth1_to_bond: entered allmulticast mode
[  656.839138][T12144] veth1_to_team: entered allmulticast mode
[  656.860269][T12144] veth0_to_batadv: entered allmulticast mode
[  657.040998][T12144] batadv_slave_0: entered allmulticast mode
[  657.067037][T12144] veth1_to_batadv: entered allmulticast mode
[  657.140072][T12144] batadv_slave_1: entered allmulticast mode
[  657.150889][T12144] xfrm0: entered allmulticast mode
[  657.167496][T12144] veth0_to_hsr: entered allmulticast mode
[  657.173895][T12144] hsr_slave_0: entered allmulticast mode
[  657.396244][T12144] veth1_to_hsr: entered allmulticast mode
[  657.407000][T12144] hsr_slave_1: entered allmulticast mode
[  657.430205][T12144] hsr0: entered allmulticast mode
[  657.435469][T12144] veth1_virt_wifi: entered allmulticast mode
[  658.637972][T12144] veth0_virt_wifi: entered allmulticast mode
[  658.664336][T12144] virt_wifi0: entered allmulticast mode
[  658.679262][T12144] veth1_vlan: entered allmulticast mode
[  658.690211][T12144] veth0_vlan: entered allmulticast mode
[  658.701264][T12144] vlan0: entered allmulticast mode
[  658.711630][T12172] netlink: 'syz.0.1594': attribute type 11 has an invalid length.
[  658.723981][ T5087] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  658.733592][T12144] vlan1: entered allmulticast mode
[  658.757240][T12172] netlink: 184116 bytes leftover after parsing attributes in process `syz.0.1594'.
[  658.788612][T12144] macvlan0: entered allmulticast mode
[  658.794235][T12144] macvlan1: entered allmulticast mode
[  658.799917][T12144] ipvlan0: entered allmulticast mode
[  658.805431][T12144] ipvlan1: entered allmulticast mode
[  658.813087][T12144] veth1_macvtap: entered allmulticast mode
[  658.819311][T12144] veth0_macvtap: entered allmulticast mode
[  658.825375][T12144] macvtap0: entered allmulticast mode
[  658.847242][T12144] macsec0: entered allmulticast mode
[  658.866860][T12144] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  658.880584][T12175] damon-dbgfs: DAMON debugfs interface is deprecated, so users should move to DAMON_SYSFS. If you cannot, please report your usecase to damon@lists.linux.dev and linux-mm@kvack.org.
[  658.898757][T12144] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  658.907381][T12144] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  658.921987][T12144] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  659.006223][T12144] geneve1: entered allmulticast mode
[  659.040866][T12144] mac80211_hwsim hwsim12 wlan0: entered allmulticast mode
[  659.054835][T12144] mac80211_hwsim hwsim13 wlan1: entered allmulticast mode
[  659.073152][T12144] ipip0: entered allmulticast mode
[  659.089516][T12144] veth2: entered allmulticast mode
[  659.115204][T12144] veth3: entered allmulticast mode
[  659.131855][T12144] vlan2: entered allmulticast mode
[  659.146429][T12144] veth4: entered allmulticast mode
[  659.160793][T12144] veth5: entered allmulticast mode
[  659.176707][T12144] netdevsim netdevsim5 eth0: entered allmulticast mode
[  659.184680][T12144] netdevsim netdevsim5 eth1: entered allmulticast mode
[  659.191838][T12144] netdevsim netdevsim5 eth2: entered allmulticast mode
[  659.199004][T12144] netdevsim netdevsim5 eth3: entered allmulticast mode
[  659.206106][T12144] bond1: entered allmulticast mode
[  659.211366][T12144] bond2: entered allmulticast mode
[  659.216840][T12144] bond3: entered allmulticast mode
[  659.222146][T12144] ip6gretap1: entered allmulticast mode
[  659.228083][T12144] bond4: entered allmulticast mode
[  659.233264][T12144] macvlan2: entered allmulticast mode
[  659.239002][T12144] mac80211_hwsim hwsim15 wlan2: entered allmulticast mode
[  659.246471][T12144] erspan0.1: entered allmulticast mode
[  662.456023][T12207] set match dimension is over the limit!
[  663.056416][T12211] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[  663.209327][T12214] Set syz0 is full, maxelem 0 reached
[  664.701520][T12224] loop1: detected capacity change from 0 to 512
[  664.715559][T12224] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  664.754020][T12224] EXT4-fs error (device loop1): ext4_orphan_get:1404: inode #15: comm syz.1.1607: iget: bad i_size value: 38620345925642
[  664.772732][T12226] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1605'.
[  664.782798][T12226] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1605'.
[  664.794736][T12224] EXT4-fs error (device loop1): ext4_orphan_get:1409: comm syz.1.1607: couldn't read orphan inode 15 (err -117)
[  664.809029][T12226] overlayfs: failed to resolve './bus': -2
[  664.831115][T12224] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  666.057129][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  670.260807][T12253] (syz.3.1612,12253,1):dlmfs_mkdir:421 ERROR: invalid domain name for directory.
[  673.377010][T12272] set match dimension is over the limit!
[  674.557204][T12280] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  675.533095][T12290] loop1: detected capacity change from 0 to 1024
[  675.638981][T12290] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  677.501029][ T5782] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  679.173208][T12300] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1631'.
[  679.501749][T12322] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1629'.
[  683.056751][T12342] overlayfs: failed to clone upperpath
[  683.069093][T12342] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '
'
[  683.423755][T12347] set match dimension is over the limit!
[  684.168275][T12351] pim6reg: entered allmulticast mode
[  684.173811][T12352] netlink: 'syz.3.1628': attribute type 4 has an invalid length.
[  684.229537][T12348] pim6reg: left allmulticast mode
[  684.400703][T12359] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  685.406242][T12365] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1637'.
[  685.708256][T12363] netdevsim netdevsim0 
€Â: set [1, 1] type 2 family 0 port 20004 - 0
[  685.726498][T12363] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20004 - 0
[  686.400898][T12363] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20004 - 0
[  686.442328][T12363] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20004 - 0
[  686.731248][T12371] syz.1.1639: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1
[  686.956713][T12371] CPU: 0 PID: 12371 Comm: syz.1.1639 Not tainted syzkaller #0
[  686.964279][T12371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  686.974471][T12371] Call Trace:
[  686.977793][T12371]  <TASK>
[  686.980765][T12371]  dump_stack_lvl+0x18c/0x250
[  686.985523][T12371]  ? show_regs_print_info+0x20/0x20
[  686.990789][T12371]  ? load_image+0x420/0x420
[  686.995347][T12371]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  687.001811][T12371]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  687.008622][T12371]  warn_alloc+0x246/0x340
[  687.013009][T12371]  ? stack_trace_save+0xaa/0x100
[  687.018020][T12371]  ? zone_watermark_ok_safe+0x230/0x230
[  687.023638][T12371]  ? kasan_set_track+0x5f/0x70
[  687.028444][T12371]  ? kasan_set_track+0x4e/0x70
[  687.033256][T12371]  ? __kasan_kmalloc+0x8f/0xa0
[  687.038071][T12371]  ? xsk_init_queue+0xad/0x100
[  687.043321][T12371]  ? xsk_setsockopt+0x413/0x750
[  687.048215][T12371]  ? do_sock_setsockopt+0x175/0x1a0
[  687.053474][T12371]  ? __x64_sys_setsockopt+0x182/0x200
[  687.058900][T12371]  __vmalloc_node_range+0x129/0x1320
[  687.064705][T12371]  ? free_vm_area+0x50/0x50
[  687.069279][T12371]  vmalloc_user+0x74/0x80
[  687.073661][T12371]  ? xskq_create+0xbf/0x170
[  687.078216][T12371]  xskq_create+0xbf/0x170
[  687.082596][T12371]  xsk_init_queue+0xad/0x100
[  687.087236][T12371]  xsk_setsockopt+0x413/0x750
[  687.091962][T12371]  ? xsk_poll+0x670/0x670
[  687.096354][T12371]  ? __fget_files+0x28/0x460
[  687.101007][T12371]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  687.106622][T12371]  ? security_socket_setsockopt+0x7e/0xa0
[  687.112393][T12371]  ? xsk_poll+0x670/0x670
[  687.116776][T12371]  do_sock_setsockopt+0x175/0x1a0
[  687.121848][T12371]  ? __fdget+0x180/0x210
[  687.126146][T12371]  __x64_sys_setsockopt+0x182/0x200
[  687.131398][T12371]  do_syscall_64+0x55/0xb0
[  687.135863][T12371]  ? clear_bhb_loop+0x40/0x90
[  687.140580][T12371]  ? clear_bhb_loop+0x40/0x90
[  687.145312][T12371]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  687.151267][T12371] RIP: 0033:0x7fa44919ce59
[  687.155728][T12371] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  687.175385][T12371] RSP: 002b:00007fa44a070028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  687.183851][T12371] RAX: ffffffffffffffda RBX: 00007fa449416090 RCX: 00007fa44919ce59
[  687.192068][T12371] RDX: 0000000000000006 RSI: 000000000000011b RDI: 000000000000000d
[  687.200113][T12371] RBP: 00007fa449232e6f R08: 0000000000000029 R09: 0000000000000000
[  687.208141][T12371] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  687.216156][T12371] R13: 00007fa449416128 R14: 00007fa449416090 R15: 00007ffe29328958
[  687.224296][T12371]  </TASK>
[  687.684954][T12371] Mem-Info:
[  687.688140][T12371] active_anon:32246 inactive_anon:79 isolated_anon:0
[  687.688140][T12371]  active_file:18165 inactive_file:40762 isolated_file:0
[  687.688140][T12371]  unevictable:17729 dirty:222 writeback:0
[  687.688140][T12371]  slab_reclaimable:8737 slab_unreclaimable:95285
[  687.688140][T12371]  mapped:25431 shmem:26534 pagetables:849
[  687.688140][T12371]  sec_pagetables:0 bounce:0
[  687.688140][T12371]  kernel_misc_reclaimable:0
[  687.688140][T12371]  free:1296632 free_pcp:9720 free_cma:0
[  687.882235][T12371] Node 0 active_anon:117784kB inactive_anon:316kB active_file:72660kB inactive_file:162848kB unevictable:69380kB isolated(anon):0kB isolated(file):0kB mapped:101724kB dirty:888kB writeback:0kB shmem:93200kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11812kB pagetables:3196kB sec_pagetables:0kB all_unreclaimable? no
[  688.617072][T12371] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  688.793467][T12371] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  688.900979][T12402] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1644'.
[  689.126205][T12391] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[  689.127318][T12371] lowmem_reserve[]: 0 2521 2522 2522 2522
[  689.142501][T12371] Node 0 DMA32 free:1261392kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:142308kB inactive_anon:268kB active_file:72660kB inactive_file:162124kB unevictable:69380kB writepending:940kB present:3129332kB managed:2586936kB mlocked:0kB bounce:0kB free_pcp:21440kB local_pcp:14024kB free_cma:0kB
[  689.295434][T12371] lowmem_reserve[]: 0 0 0 0 0
[  689.300277][T12371] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:820kB unevictable:0kB writepending:4kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB
[  689.338059][T12371] lowmem_reserve[]: 0 0 0 0 0
[  689.342879][T12371] Node 1 Normal free:3896420kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:18080kB local_pcp:11520kB free_cma:0kB
[  689.450514][T12371] lowmem_reserve[]: 0 0 0 0 0
[  689.455584][T12371] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  689.482638][T12390] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1642'.
[  689.492304][T12371] Node 0 DMA32: 4*4kB (UME) 474*8kB (UE) 105*16kB (UME) 127*32kB (UE) 128*64kB (UME) 150*128kB (UME) 139*256kB (UME) 76*512kB (UME) 35*1024kB (UME) 10*2048kB (M) 267*4096kB (UM) = 1261392kB
[  689.540942][T12371] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  689.562541][T12371] Node 1 Normal: 239*4kB (UME) 53*8kB (UME) 34*16kB (UME) 81*32kB (UME) 25*64kB (UE) 9*128kB (UME) 0*256kB 2*512kB (UM) 1*1024kB (E) 2*2048kB (UE) 948*4096kB (M) = 3896420kB
[  689.591182][T12371] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  689.626701][T12371] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  689.646948][T12371] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  689.667818][T12371] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  689.688168][T12371] 105494 total pagecache pages
[  689.700677][T12371] 67 pages in swap cache
[  689.707446][T12371] Free swap  = 124448kB
[  689.717017][T12371] Total swap = 124996kB
[  689.732072][T12371] 2097051 pages RAM
[  689.744809][T12371] 0 pages HighMem/MovableOnly
[  689.765466][T12371] 416931 pages reserved
[  689.786848][T12371] 0 pages cma reserved
[  693.936303][T12445] netlink: 'syz.3.1653': attribute type 1 has an invalid length.
[  693.996936][T12446] 
: renamed from bond_slave_0
[  696.211040][    T8] libceph: connect (1)[c::]:6789 error -101
[  696.226258][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  696.514349][    T8] libceph: connect (1)[c::]:6789 error -101
[  696.939694][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  697.030745][T12462] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1655'.
[  697.248839][T12454] ceph: No mds server is up or the cluster is laggy
[  698.141164][ T5850] libceph: connect (1)[c::]:6789 error -101
[  698.147842][ T5850] libceph: mon0 (1)[c::]:6789 connect error
[  700.589648][T12480] can: request_module (can-proto-0) failed.
[  701.843891][T12496] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[  702.705680][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  702.713336][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  703.664235][T12512] netlink: 'syz.5.1666': attribute type 1 has an invalid length.
[  703.809727][T12513] 
: renamed from bond_slave_0
[  704.812756][T12495] syz.3.1660: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[  704.884271][T12518] netlink: 4768 bytes leftover after parsing attributes in process `syz.0.1667'.
[  705.101339][T12495] CPU: 0 PID: 12495 Comm: syz.3.1660 Not tainted syzkaller #0
[  705.108907][T12495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  705.119228][T12495] Call Trace:
[  705.122570][T12495]  <TASK>
[  705.125558][T12495]  dump_stack_lvl+0x18c/0x250
[  705.130393][T12495]  ? show_regs_print_info+0x20/0x20
[  705.135744][T12495]  ? load_image+0x420/0x420
[  705.140310][T12495]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  705.147000][T12495]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  705.153593][T12495]  warn_alloc+0x246/0x340
[  705.158013][T12495]  ? stack_trace_save+0xaa/0x100
[  705.163030][T12495]  ? zone_watermark_ok_safe+0x230/0x230
[  705.168849][T12495]  ? kasan_set_track+0x5f/0x70
[  705.173674][T12495]  ? kasan_set_track+0x4e/0x70
[  705.178501][T12495]  ? __kasan_kmalloc+0x8f/0xa0
[  705.183329][T12495]  ? xsk_init_queue+0xad/0x100
[  705.188232][T12495]  ? xsk_setsockopt+0x413/0x750
[  705.193254][T12495]  ? do_sock_setsockopt+0x175/0x1a0
[  705.198972][T12495]  ? __x64_sys_setsockopt+0x182/0x200
[  705.204421][T12495]  __vmalloc_node_range+0x129/0x1320
[  705.209821][T12495]  ? free_vm_area+0x50/0x50
[  705.214412][T12495]  vmalloc_user+0x74/0x80
[  705.218842][T12495]  ? xskq_create+0xbf/0x170
[  705.223407][T12495]  xskq_create+0xbf/0x170
[  705.227892][T12495]  xsk_init_queue+0xad/0x100
[  705.232562][T12495]  xsk_setsockopt+0x413/0x750
[  705.237277][T12495]  ? xsk_poll+0x670/0x670
[  705.241637][T12495]  ? __fget_files+0x28/0x460
[  705.246358][T12495]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  705.252049][T12495]  ? security_socket_setsockopt+0x7e/0xa0
[  705.257813][T12495]  ? xsk_poll+0x670/0x670
[  705.262170][T12495]  do_sock_setsockopt+0x175/0x1a0
[  705.267226][T12495]  ? __fdget+0x180/0x210
[  705.271508][T12495]  __x64_sys_setsockopt+0x182/0x200
[  705.276749][T12495]  do_syscall_64+0x55/0xb0
[  705.281206][T12495]  ? clear_bhb_loop+0x40/0x90
[  705.285925][T12495]  ? clear_bhb_loop+0x40/0x90
[  705.290640][T12495]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  705.296581][T12495] RIP: 0033:0x7ffa2f99ce59
[  705.301024][T12495] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  705.320669][T12495] RSP: 002b:00007ffa307b5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  705.329117][T12495] RAX: ffffffffffffffda RBX: 00007ffa2fc16090 RCX: 00007ffa2f99ce59
[  705.337128][T12495] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000009
[  705.345137][T12495] RBP: 00007ffa2fa32e6f R08: 0000000000000029 R09: 0000000000000000
[  705.353142][T12495] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  705.361140][T12495] R13: 00007ffa2fc16128 R14: 00007ffa2fc16090 R15: 00007ffeb3800518
[  705.369159][T12495]  </TASK>
[  705.389290][T12495] Mem-Info:
[  705.392487][T12495] active_anon:48440 inactive_anon:67 isolated_anon:0
[  705.392487][T12495]  active_file:18165 inactive_file:41277 isolated_file:0
[  705.392487][T12495]  unevictable:17729 dirty:159 writeback:0
[  705.392487][T12495]  slab_reclaimable:8730 slab_unreclaimable:95191
[  705.392487][T12495]  mapped:42176 shmem:42851 pagetables:904
[  705.392487][T12495]  sec_pagetables:0 bounce:0
[  705.392487][T12495]  kernel_misc_reclaimable:0
[  705.392487][T12495]  free:1278606 free_pcp:10880 free_cma:0
[  706.187450][T12495] Node 0 active_anon:217212kB inactive_anon:268kB active_file:72660kB inactive_file:164924kB unevictable:69380kB isolated(anon):0kB isolated(file):0kB mapped:184272kB dirty:656kB writeback:0kB shmem:192896kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12156kB pagetables:3740kB sec_pagetables:0kB all_unreclaimable? no
[  706.389053][T12495] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  706.660230][T12495] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  706.747675][T12495] lowmem_reserve[]: 0 2521 2522 2522 2522
[  706.767510][T12495] Node 0 DMA32 free:1195116kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:194260kB inactive_anon:268kB active_file:72660kB inactive_file:164104kB unevictable:69380kB writepending:660kB present:3129332kB managed:2586936kB mlocked:0kB bounce:0kB free_pcp:32284kB local_pcp:18924kB free_cma:0kB
[  706.879297][T12495] lowmem_reserve[]: 0 0 0 0 0
[  706.894000][T12495] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:820kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB
[  707.118599][T12495] lowmem_reserve[]:
[  707.132440][T12535] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1679'.
[  707.145416][T12535] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1679'.
[  707.159434][T12535] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  707.168299][T12535] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  707.176538][T12535] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  707.184836][T12535] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  707.274038][T12538] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1669'.
[  707.732322][T12495]  0 0 0 0 0
[  707.737198][T12495] Node 1 Normal free:3896180kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:18320kB local_pcp:6800kB free_cma:0kB
[  707.806900][T12495] lowmem_reserve[]: 0 0 0 0 0
[  707.811819][T12495] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  707.824968][T12495] Node 0 DMA32: 1*4kB (E) 161*8kB (UE) 59*16kB (UE) 60*32kB (UME) 120*64kB (UME) 44*128kB (UE) 20*256kB (UME) 43*512kB (UME) 38*1024kB (UME) 2*2048kB (M) 267*4096kB (UM) = 1181244kB
[  707.844374][T12495] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  707.916586][T12537] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1679'.
[  707.936003][T12537] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1679'.
[  707.948093][T12495] Node 1 Normal: 239*4kB (UME) 53*8kB (UME) 19*16kB (UME) 81*32kB (UME) 25*64kB (UE) 9*128kB (UME) 0*256kB 2*512kB (UM) 1*1024kB (E) 2*2048kB (UE) 948*4096kB (M) = 3896180kB
[  707.978492][T12495] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  708.025874][T12495] Node 0 hugepages_total=6 hugepages_free=0 hugepages_surp=4 hugepages_size=2048kB
[  708.073303][T12495] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  708.083997][T12495] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  708.095865][T12495] 119683 total pagecache pages
[  708.100777][T12495] 67 pages in swap cache
[  708.105162][T12495] Free swap  = 124448kB
[  708.109686][T12495] Total swap = 124996kB
[  708.113967][T12495] 2097051 pages RAM
[  708.117919][T12495] 0 pages HighMem/MovableOnly
[  708.123019][T12495] 416931 pages reserved
[  708.127888][T12495] 0 pages cma reserved
[  710.132029][T12546] can: request_module (can-proto-0) failed.
[  711.703472][T12553] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1674'.
[  712.680216][T12563] blktrace: Concurrent blktraces are not allowed on loop6
[  713.779687][    C1] ------------[ cut here ]------------
[  713.785245][    C1] WARNING: CPU: 1 PID: 12567 at net/mac80211/tx.c:5033 __ieee80211_beacon_get+0x1141/0x1520
[  713.795467][    C1] Modules linked in:
[  713.799450][    C1] CPU: 1 PID: 12567 Comm: syz.1.1678 Not tainted syzkaller #0
[  713.806958][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  713.817380][    C1] RIP: 0010:__ieee80211_beacon_get+0x1141/0x1520
[  713.823841][    C1] Code: f7 4c 89 ef e8 b0 a4 c2 f7 45 31 ed 4c 8b bc 24 a0 00 00 00 e9 7f fe ff ff e8 7b c6 84 f7 0f 0b e9 61 f8 ff ff e8 6f c6 84 f7 <0f> 0b e9 85 fb ff ff e8 63 c6 84 f7 48 c7 c7 40 50 64 8e 4c 89 e6
[  713.843664][    C1] RSP: 0018:ffffc900001f0a18 EFLAGS: 00010246
[  713.849799][    C1] RAX: ffffffff8a021ee1 RBX: dffffc0000000000 RCX: ffff88802467da00
[  713.857907][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  713.866166][    C1] RBP: 0000000000000000 R08: ffff88802467da00 R09: 0000000000000003
[  713.874210][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805d526440
[  713.882270][    C1] R13: ffff88805db23424 R14: ffff88805d526930 R15: ffff88805db23400
[  713.884310][ T5087] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  713.890318][    C1] FS:  00007fa44a0706c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  713.890365][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  713.890383][    C1] CR2: 00007fa44a06fff8 CR3: 000000001db20000 CR4: 00000000003506e0
[  713.890405][    C1] DR0: 00000000000000d8 DR1: 0000000000000000 DR2: 0000000000000000
[  713.890420][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  713.900529][ T5087] CPU: 0 PID: 5087 Comm: kworker/u5:1 Not tainted syzkaller #0
[  713.909327][    C1] Call Trace:
[  713.915825][ T5087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  713.924039][    C1]  <IRQ>
[  713.931882][ T5087] Workqueue: hci2 hci_rx_work
[  713.931917][ T5087] Call Trace:
[  713.931928][ T5087]  <TASK>
[  713.939989][    C1]  ? __ieee80211_beacon_get+0x36/0x1520
[  713.947485][ T5087]  dump_stack_lvl+0x18c/0x250
[  713.950971][    C1]  ieee80211_beacon_get_tim+0xbf/0x580
[  713.960867][ T5087]  ? show_regs_print_info+0x20/0x20
[  713.963856][    C1]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[  713.968421][ T5087]  ? load_image+0x420/0x420
[  713.971760][    C1]  mac80211_hwsim_beacon_tx+0x3bd/0x770
[  713.974681][ T5087]  sysfs_create_dir_ns+0x26e/0x2a0
[  713.980217][    C1]  __iterate_interfaces+0x225/0x4c0
[  713.984891][ T5087]  ? __lock_acquire+0x7d80/0x7d80
[  713.984921][ T5087]  ? sysfs_warn_dup+0xa0/0xa0
[  713.990399][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  713.995607][ T5087]  ? do_raw_spin_unlock+0x121/0x230
[  713.995645][ T5087]  kobject_add_internal+0x617/0xc90
[  714.002577][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  714.007101][ T5087]  kobject_add+0x164/0x240
[  714.007144][ T5087]  ? kobject_init+0x1d0/0x1d0
[  714.012695][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  714.017816][ T5087]  ? get_device_parent+0x366/0x390
[  714.017855][ T5087]  device_add+0x3fa/0xc40
[  714.023062][    C1]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  714.028100][ T5087]  hci_conn_add_sysfs+0xd5/0x1e0
[  714.028140][ T5087]  le_conn_complete_evt+0xe9f/0x1480
[  714.032828][    C1]  mac80211_hwsim_beacon+0xbb/0x1b0
[  714.039078][ T5087]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[  714.039116][ T5087]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  714.044315][    C1]  ? hw_scan_work+0xf10/0xf10
[  714.049524][ T5087]  ? mutex_unlock+0x10/0x10
[  714.049553][ T5087]  ? skb_pull_data+0xf0/0x1f0
[  714.049586][ T5087]  hci_le_conn_complete_evt+0x187/0x440
[  714.056782][    C1]  __hrtimer_run_queues+0x525/0xc10
[  714.061208][ T5087]  ? hci_remote_host_features_evt+0x150/0x150
[  714.061247][ T5087]  hci_event_packet+0x7b4/0x1280
[  714.066147][    C1]  ? hrtimer_interrupt+0x980/0x980
[  714.072354][ T5087]  ? __lock_acquire+0x7d80/0x7d80
[  714.072383][ T5087]  ? lock_chain_count+0x20/0x20
[  714.077536][    C1]  ? read_tsc+0x9/0x20
[  714.081891][ T5087]  ? bis_list+0x290/0x290
[  714.081938][ T5087]  ? lockdep_hardirqs_on+0x98/0x150
[  714.089019][    C1]  hrtimer_run_softirq+0x177/0x290
[  714.093936][ T5087]  ? hci_send_to_monitor+0xd7/0x4f0
[  714.093973][ T5087]  hci_rx_work+0x43a/0xd60
[  714.099310][    C1]  handle_softirqs+0x27d/0x820
[  714.104830][ T5087]  ? process_scheduled_works+0x975/0x1600
[  714.104874][ T5087]  process_scheduled_works+0xa60/0x1600
[  714.111139][    C1]  ? read_tsc+0x9/0x20
[  714.116812][ T5087]  ? worker_attach_to_pool+0x370/0x370
[  714.121525][    C1]  ? ktime_get+0x24b/0x280
[  714.126051][ T5087]  ? assign_work+0x3cc/0x5d0
[  714.126091][ T5087]  worker_thread+0xa5e/0xfe0
[  714.130787][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  714.136353][ T5087]  ? _raw_spin_unlock+0x40/0x40
[  714.136387][ T5087]  ? __kthread_parkme+0x71/0x1c0
[  714.141602][    C1]  ? do_softirq+0x1a0/0x1a0
[  714.147688][ T5087]  kthread+0x2fa/0x390
[  714.147712][ T5087]  ? pr_cont_work+0x550/0x550
[  714.152687][    C1]  __irq_exit_rcu+0xd3/0x190
[  714.157792][ T5087]  ? kthread_blkcg+0xd0/0xd0
[  714.157817][ T5087]  ret_from_fork+0x48/0x80
[  714.157843][ T5087]  ? kthread_blkcg+0xd0/0xd0
[  714.162956][    C1]  ? irq_exit_rcu+0x20/0x20
[  714.167741][ T5087]  ret_from_fork_asm+0x11/0x20
[  714.167791][ T5087]  </TASK>
[  714.171869][    C1]  irq_exit_rcu+0x9/0x20
[  714.299591][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  714.305295][    C1]  </IRQ>
[  714.308312][    C1]  <TASK>
[  714.311291][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  714.317329][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x60
[  714.324023][    C1] Code: 00 00 f3 0f 1e fa 53 48 89 fb e8 13 00 00 00 48 8b 3d cc 02 04 0d 48 89 de 5b e9 b3 a3 57 00 cc cc cc f3 0f 1e fa 48 8b 04 24 <65> 48 8b 0d e0 d2 7c 7e 65 8b 15 e1 d2 7c 7e 81 e2 00 01 ff 00 74
[  714.343780][    C1] RSP: 0018:ffffc9000c8b7970 EFLAGS: 00000246
[  714.349940][    C1] RAX: ffffffff8427ea21 RBX: ffffc9000c8b7b40 RCX: ffff88802467da00
[  714.354436][ T5087] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  714.358048][    C1] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  714.372377][ T5087] Bluetooth: hci2: failed to register connection device
[  714.380026][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffc9000c8b7d30
[  714.380045][    C1] R10: ffffc9000c8b7d70 R11: fffff52001916fb0 R12: 0000000000000000
[  714.403303][    C1] R13: dffffc0000000000 R14: 0000000000000008 R15: 0000000000000000
[  714.411455][    C1]  ? iovec_from_user+0x61/0x240
[  714.416434][    C1]  iovec_from_user+0x61/0x240
[  714.421185][    C1]  __import_iovec+0x13d/0x850
[  714.425948][    C1]  ? __might_fault+0xaa/0x120
[  714.430757][    C1]  import_iovec+0x73/0xa0
[  714.435173][    C1]  ___sys_recvmsg+0x4b6/0x590
[  714.440886][    C1]  ? lock_acquire+0xb7/0x420
[  714.443600][ T6348] ------------[ cut here ]------------
[  714.445535][    C1]  ? __sys_recvmsg+0x2a0/0x2a0
[  714.445600][    C1]  ? __lock_acquire+0x7d80/0x7d80
[  714.453347][ T6348] WARNING: CPU: 0 PID: 6348 at net/mac80211/chan.c:92 ieee80211_vif_use_reserved_switch+0x110e/0x2900
[  714.456215][    C1]  ? __might_fault+0xc6/0x120
[  714.461980][ T6348] Modules linked in:
[  714.472310][    C1]  ? __might_fault+0xaa/0x120
[  714.472345][    C1]  do_recvmmsg+0x377/0x810
[  714.472414][    C1]  ? __sys_recvmmsg+0x290/0x290
[  714.477066][ T6348] 
[  714.477078][ T6348] CPU: 0 PID: 6348 Comm: kworker/u4:12 Not tainted syzkaller #0
[  714.481029][    C1]  ? lock_release+0x594/0x8c0
[  714.481078][    C1]  ? __ia32_sys_get_robust_list+0x110/0x110
[  714.485790][ T6348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  714.490405][    C1]  ? rcu_read_lock_sched_held+0x8a/0x110
[  714.495539][ T6348] Workqueue: phy5 ieee80211_csa_finalize_work
[  714.497724][    C1]  __x64_sys_recvmmsg+0x199/0x250
[  714.505362][ T6348] 
[  714.505374][ T6348] RIP: 0010:ieee80211_vif_use_reserved_switch+0x110e/0x2900
[  714.510063][    C1]  ? do_recvmmsg+0x810/0x810
[  714.516083][ T6348] Code: 48 89 df e8 a4 8d d8 f7 e9 d6 fc ff ff e8 4a 19 80 f7 eb 24 e8 43 19 80 f7 c7 04 24 f4 ff ff ff e9 cc f5 ff ff e8 32 19 80 f7 <0f> 0b 0f 0b e9 b7 f5 ff ff e8 24 19 80 f7 48 8b 7c 24 08 4c 8b 74
[  714.526451][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  714.526490][    C1]  do_syscall_64+0x55/0xb0
[  714.526515][    C1]  ? clear_bhb_loop+0x40/0x90
[  714.526536][    C1]  ? clear_bhb_loop+0x40/0x90
[  714.526560][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  714.532236][ T6348] RSP: 0018:ffffc9000bd379c0 EFLAGS: 00010293
[  714.538435][    C1] RIP: 0033:0x7fa44919ce59
[  714.538459][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  714.538479][    C1] RSP: 002b:00007fa44a070028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  714.538505][    C1] RAX: ffffffffffffffda RBX: 00007fa449416090 RCX: 00007fa44919ce59
[  714.538522][    C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000005
[  714.538537][    C1] RBP: 00007fa449232e6f R08: 0000000000000000 R09: 0000000000000000
[  714.538552][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  714.538566][    C1] R13: 00007fa449416128 R14: 00007fa449416090 R15: 00007ffe29328958
[  714.538600][    C1]  </TASK>
[  714.538611][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  714.538623][    C1] CPU: 1 PID: 12567 Comm: syz.1.1678 Not tainted syzkaller #0
[  714.538641][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  714.538660][    C1] Call Trace:
[  714.538667][    C1]  <IRQ>
[  714.538674][    C1]  dump_stack_lvl+0x18c/0x250
[  714.538702][    C1]  ? show_regs_print_info+0x20/0x20
[  714.538728][    C1]  ? load_image+0x420/0x420
[  714.538764][    C1]  panic+0x2ca/0x720
[  714.538850][    C1]  ? bpf_jit_dump+0xd0/0xd0
[  714.539004][    C1]  __warn+0x2e0/0x470
[  714.539082][    C1]  ? __ieee80211_beacon_get+0x1141/0x1520
[  714.539175][    C1]  ? __ieee80211_beacon_get+0x1141/0x1520
[  714.539258][    C1]  report_bug+0x2be/0x4f0
[  714.539323][    C1]  ? __ieee80211_beacon_get+0x1141/0x1520
[  714.539401][    C1]  ? __ieee80211_beacon_get+0x1141/0x1520
[  714.539486][    C1]  ? __ieee80211_beacon_get+0x1143/0x1520
[  714.539564][    C1]  handle_bug+0xcf/0x120
[  714.539633][    C1]  exc_invalid_op+0x1a/0x50
[  714.539709][    C1]  asm_exc_invalid_op+0x1a/0x20
[  714.539776][    C1] RIP: 0010:__ieee80211_beacon_get+0x1141/0x1520
[  714.539863][    C1] Code: f7 4c 89 ef e8 b0 a4 c2 f7 45 31 ed 4c 8b bc 24 a0 00 00 00 e9 7f fe ff ff e8 7b c6 84 f7 0f 0b e9 61 f8 ff ff e8 6f c6 84 f7 <0f> 0b e9 85 fb ff ff e8 63 c6 84 f7 48 c7 c7 40 50 64 8e 4c 89 e6
[  714.539906][    C1] RSP: 0018:ffffc900001f0a18 EFLAGS: 00010246
[  714.539950][    C1] RAX: ffffffff8a021ee1 RBX: dffffc0000000000 RCX: ffff88802467da00
[  714.539994][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  714.540026][    C1] RBP: 0000000000000000 R08: ffff88802467da00 R09: 0000000000000003
[  714.540059][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805d526440
[  714.540092][    C1] R13: ffff88805db23424 R14: ffff88805d526930 R15: ffff88805db23400
[  714.540180][    C1]  ? __ieee80211_beacon_get+0x1141/0x1520
[  714.540294][    C1]  ? __ieee80211_beacon_get+0x1141/0x1520
[  714.540390][    C1]  ? __ieee80211_beacon_get+0x36/0x1520
[  714.540499][    C1]  ieee80211_beacon_get_tim+0xbf/0x580
[  714.540587][    C1]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[  714.540723][    C1]  mac80211_hwsim_beacon_tx+0x3bd/0x770
[  714.540820][    C1]  __iterate_interfaces+0x225/0x4c0
[  714.540885][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  714.540961][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  714.541034][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  714.541103][    C1]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  714.541172][    C1]  mac80211_hwsim_beacon+0xbb/0x1b0
[  714.541245][    C1]  ? hw_scan_work+0xf10/0xf10
[  714.541310][    C1]  __hrtimer_run_queues+0x525/0xc10
[  714.541419][    C1]  ? hrtimer_interrupt+0x980/0x980
[  714.541472][    C1]  ? read_tsc+0x9/0x20
[  714.541558][    C1]  hrtimer_run_softirq+0x177/0x290
[  714.541634][    C1]  handle_softirqs+0x27d/0x820
[  714.541745][    C1]  ? read_tsc+0x9/0x20
[  714.541807][    C1]  ? ktime_get+0x24b/0x280
[  714.541872][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  714.541926][    C1]  ? do_softirq+0x1a0/0x1a0
[  714.542004][    C1]  __irq_exit_rcu+0xd3/0x190
[  714.542064][    C1]  ? irq_exit_rcu+0x20/0x20
[  714.542133][    C1]  irq_exit_rcu+0x9/0x20
[  714.542179][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  714.542256][    C1]  </IRQ>
[  714.542276][    C1]  <TASK>
[  714.542297][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  714.542373][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x8/0x60
[  714.542441][    C1] Code: 00 00 f3 0f 1e fa 53 48 89 fb e8 13 00 00 00 48 8b 3d cc 02 04 0d 48 89 de 5b e9 b3 a3 57 00 cc cc cc f3 0f 1e fa 48 8b 04 24 <65> 48 8b 0d e0 d2 7c 7e 65 8b 15 e1 d2 7c 7e 81 e2 00 01 ff 00 74
[  714.542484][    C1] RSP: 0018:ffffc9000c8b7970 EFLAGS: 00000246
[  714.542527][    C1] RAX: ffffffff8427ea21 RBX: ffffc9000c8b7b40 RCX: ffff88802467da00
[  714.542568][    C1] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[  714.542593][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffc9000c8b7d30
[  714.542625][    C1] R10: ffffc9000c8b7d70 R11: fffff52001916fb0 R12: 0000000000000000
[  714.542667][    C1] R13: dffffc0000000000 R14: 0000000000000008 R15: 0000000000000000
[  714.542720][    C1]  ? iovec_from_user+0x61/0x240
[  714.542790][    C1]  iovec_from_user+0x61/0x240
[  714.542863][    C1]  __import_iovec+0x13d/0x850
[  714.542920][    C1]  ? __might_fault+0xaa/0x120
[  714.542983][    C1]  import_iovec+0x73/0xa0
[  714.543064][    C1]  ___sys_recvmsg+0x4b6/0x590
[  714.543137][    C1]  ? lock_acquire+0xb7/0x420
[  714.543204][    C1]  ? __sys_recvmsg+0x2a0/0x2a0
[  714.543323][    C1]  ? __lock_acquire+0x7d80/0x7d80
[  714.543401][    C1]  ? __might_fault+0xc6/0x120
[  714.543452][    C1]  ? __might_fault+0xaa/0x120
[  714.543507][    C1]  do_recvmmsg+0x377/0x810
[  714.543594][    C1]  ? __sys_recvmmsg+0x290/0x290
[  714.543657][    C1]  ? lock_release+0x594/0x8c0
[  714.543747][    C1]  ? __ia32_sys_get_robust_list+0x110/0x110
[  714.543806][ T6348] 
[  714.543812][ T6348] RAX: ffffffff8a06c812 RBX: 0000000000000001 RCX: ffff888029ffbc00
[  714.543855][ T6348] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  714.543896][ T6348] RBP: dffffc0000000000 R08: ffff88805d52562f R09: 1ffff1100baa4ac5
[  714.543946][ T6348] R10: dffffc0000000000 R11: ffffed100baa4ac6 R12: 0000000000000001
[  714.544005][ T6348] R13: ffff88805d526659 R14: ffff88805d4cad48 R15: ffff888063771700
[  714.544048][ T6348] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  714.544092][ T6348] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  714.544135][ T6348] CR2: 00007ff5180a57a4 CR3: 0000000061499000 CR4: 00000000003506f0
[  714.544178][ T6348] DR0: ffffffffffffffff DR1: 8000000000000000 DR2: 00000000000003ff
[  714.544222][ T6348] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  714.544255][ T6348] Call Trace:
[  714.544268][ T6348]  <TASK>
[  714.544333][ T6348]  ieee80211_link_use_reserved_context+0x37b/0x5c0
[  714.544441][ T6348]  ieee80211_csa_finalize+0x571/0xeb0
[  714.544527][ T6348]  ? mutex_lock_nested+0x20/0x20
[  714.544604][ T6348]  ? lockdep_hardirqs_on_prepare+0x44c/0x7d0
[  714.544675][ T6348]  ? ieee80211_csa_finalize_work+0x140/0x140
[  714.544762][ T6348]  ? read_lock_is_recursive+0x20/0x20
[  714.544856][ T6348]  ieee80211_csa_finalize_work+0xf6/0x140
[  714.544934][ T6348]  ? process_scheduled_works+0x975/0x1600
[  714.545012][ T6348]  process_scheduled_works+0xa60/0x1600
[  714.545177][ T6348]  ? worker_attach_to_pool+0x370/0x370
[  714.545314][ T6348]  ? assign_work+0x3cc/0x5d0
[  714.545408][ T6348]  worker_thread+0xa5e/0xfe0
[  714.545568][ T6348]  kthread+0x2fa/0x390
[  714.545620][ T6348]  ? pr_cont_work+0x550/0x550
[  714.545679][ T6348]  ? kthread_blkcg+0xd0/0xd0
[  714.545735][ T6348]  ret_from_fork+0x48/0x80
[  714.545878][ T6348]  ? kthread_blkcg+0xd0/0xd0
[  714.545937][ T6348]  ret_from_fork_asm+0x11/0x20
[  714.546061][ T6348]  </TASK>
[  714.546093][ T6348] irq event stamp: 3963119
[  714.546115][ T6348] hardirqs last  enabled at (3963121): [<ffffffff816b41bb>] vprintk_store+0x9fb/0xd50
[  714.546175][ T6348] hardirqs last disabled at (3963122): [<ffffffff816b3954>] vprintk_store+0x194/0xd50
[  714.546269][ T6348] softirqs last  enabled at (3963046): [<ffffffff81525883>] __irq_exit_rcu+0xd3/0x190
[  714.546352][ T6348] softirqs last disabled at (3963011): [<ffffffff81525883>] __irq_exit_rcu+0xd3/0x190
[  714.546426][ T6348] ---[ end trace 0000000000000000 ]---
[  715.387152][    C1]  ? rcu_read_lock_sched_held+0x8a/0x110
[  715.392822][    C1]  __x64_sys_recvmmsg+0x199/0x250
[  715.397870][    C1]  ? do_recvmmsg+0x810/0x810
[  715.402491][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  715.407706][    C1]  do_syscall_64+0x55/0xb0
[  715.412245][    C1]  ? clear_bhb_loop+0x40/0x90
[  715.416973][    C1]  ? clear_bhb_loop+0x40/0x90
[  715.421674][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  715.427591][    C1] RIP: 0033:0x7fa44919ce59
[  715.432019][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  715.451649][    C1] RSP: 002b:00007fa44a070028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  715.460073][    C1] RAX: ffffffffffffffda RBX: 00007fa449416090 RCX: 00007fa44919ce59
[  715.468076][    C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000005
[  715.476149][    C1] RBP: 00007fa449232e6f R08: 0000000000000000 R09: 0000000000000000
[  715.484135][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  715.492218][    C1] R13: 00007fa449416128 R14: 00007fa449416090 R15: 00007ffe29328958
[  715.500217][    C1]  </TASK>
[  715.503393][    C1] Kernel Offset: disabled
[  715.507794][    C1] Rebooting in 86400 seconds..