last executing test programs: 11.733648628s ago: executing program 0 (id=315): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x3, {0x0, 0x0, 0x0, r3, {0x0, 0x3}, {0xffff, 0xffff}, {0xf, 0xa}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x38, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x7}}]}, 0x38}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080) r7 = socket(0x400000000010, 0x3, 0x0) r8 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r9, {0xf000, 0xffff}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0x0, 0x5}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x20000800) 11.611993249s ago: executing program 2 (id=316): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300) setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f00000001c0)=0x7f, 0x4) process_vm_writev(0x0, &(0x7f0000000240)=[{0x0}, {0x0}, {&(0x7f0000000400)=""/150, 0x96}], 0x3, 0x0, 0x0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000140)={'team0\x00', 0x0}) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000180)={r1, @loopback, @empty}, 0xc) r2 = io_uring_setup(0x1562, &(0x7f0000000040)={0x0, 0x36d, 0xc000, 0xc, 0xa0002f5}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0xfffffffffffffda2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x24, &(0x7f0000000000)=0xa, 0x4) io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0) 11.610266859s ago: executing program 1 (id=317): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000008880)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x2b, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}}, 0x50) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x80000, 0x0, 0x0, 0x0, 0xffffffff, 0x0, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f00004cb000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000400000/0xc00000)=nil, &(0x7f000067c000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000778000/0x2000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ba1000/0x1000)=nil, &(0x7f0000eb4000/0x2000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000dc1000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r3 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0x30bd, 0xc000, 0x8, 0x40000185}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50) io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0) syz_fuse_handle_req(r0, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0xa53, 0x0, 0x0, 0x0, {0x2, 0x0, 0x5, 0x1babc737, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x3, 0x0, r2, 0x10b}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0) 11.372758732s ago: executing program 1 (id=318): bpf$MAP_CREATE(0x0, &(0x7f00000011c0)=ANY=[@ANYRES32, @ANYBLOB="010000000500000001"], 0x50) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6) r3 = accept4(r2, 0x0, 0x0, 0x800) sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 11.242820963s ago: executing program 3 (id=319): syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_num_comp_blocks={{0x48, 0x1b}, {0x5, 0x4, [{0xc9, 0x4, 0x81}, {0xc8, 0x1a, 0x9da}, {0xc8, 0xfff, 0xa7}, {0xc9, 0x9, 0xd}]}}}, 0x1e) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x380000c, &(0x7f0000000340)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@debug}, {@data_journal}]}, 0x1, 0x437, &(0x7f0000000900)="$eJzs289PHFUcAPDv7EKR/hBs6o/Sqmg1En9AobX24EWjiQdNTPRQjwi0wW6LKZjYhigaU4+miXfj0cS/wJNejHoy8ap306QxXFo9rZndGdhddrdAF7a6n08y8N7MW9777szbfW8eE0DPGk1/JBH7I+L3iBiqZusLjFZ/3Vpdnvl7dXkmiXL5rb+SSrmbq8szedH8dfvyTF9E4bMkjjSpd/HylfPTpdLcpSw/sXTh/YnFy1eem78wfW7u3NzFqdOnT56YfOHU1PMdiTON6+bIRwtHD7/2zrU3Zs5ce/fnb5M8/oY4OmS03cEny+UOV9ddB2rSSV8XG8KWFKvdNPor/X8oirF+8obi1U+72jhgR5XL5fIDrQ+vlIH/sSS63QKgO/Iv+nT+m2+7NPS4K9x4qToBSuO+lW3VI31RyMr0N8xvO2k0Is6s/PNVusXO3IcAAKjzfTr+ebbZ+K8QtfeF7s3WUIYj4r6IOBgRpyLiUETcH1Ep+2BEPNSskqR1/Y2LJBvHP4Xr2w5uE9Lx34vZ2lb9+C8f/cVwMcsdqMTfn5ydL80dz96TsegfSPOTber44ZXfvmh1rHb8l25p/flYMGvH9b6B+tfMTi9N30nMtW58EjHS1yz+ZG0lID19hyNiZJt1zD/9zdFWx24ffxsdWGcqfx3xVPX8r0RD/Lmk/frkxD1Rmjs+kV8VG/3y69U3W9V/R/F3QHr+9za9/tfiH05q12sXt17H1T8+bzmn2e71vyd5u27fh9NLS5cmI/Ykr1cbXbt/qqHc1Hr5NP6xY837/8FYfyeORER6ET8cEY9ExKNZ2x+LiMcj4lib+H96+Yn3thf/QJu/2hlp/LNbOv/riT3RuKd5onj+x+/qKh3ebPyRnf+TldRYtmczn3+badf2rmYAAAD47ylExP5ICuNr6UJhfLz6P/yHYm+htLC49MzZhQ8uzlafERiO/kJ+p2uo5n7oZDatz/NTDfkT2X3jL4uDlfz4zEJpttvBQ4/b16L/p/4sdrt1wI7zvBb0Lv0fepf+D71L/4fe1aT/D3ajHcDua/b9/3EX2gHsvob+b9kPeoj5P/Qu/R96l/4PPWlxMG7/kLyExIZEFO6KZkjsUKLbn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//zpS5t0=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e943b0520"], 0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000000), &(0x7f00000001c0)=ANY=[], 0xfe37, 0x0) unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0) 10.819802058s ago: executing program 2 (id=320): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x4031, 0xffffffffffffffff, 0x0) mremap(&(0x7f00003ad000/0x400000)=nil, 0x400000, 0x3000, 0x3, &(0x7f0000ffd000/0x3000)=nil) write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x7, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0xa7c, 0x68ff, 0x5, 0x9, 0x3], 0xeeee8000, 0x202}) syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8052, &(0x7f0000000000)={[{@noauto_da_alloc}, {@init_itable_val={'init_itable', 0x3d, 0x4004}}, {@barrier_val={'barrier', 0x3d, 0x5}}]}, 0x43, 0x4e1, &(0x7f0000000740)="$eJzs3E9sVEUcAODf27a05Y+siCiIWkRjI7GFgsLBxGA08aCJERP12LSFIIUaWhIhaJbE4NGQeDcevXrwql6I8WTiFY8mhoQYLoCJcc3bfW93u91tadl2wX5fst2ZefvezOy8eTtvprsBrFtD6Z+kGr4WEVsjotD8gqHq0+2bFyfu3Lw4EaVy+dhfSWW3W2k8kx0mNmWR4UJE4fOkvqHB7PkLp8anp6fOZvHRudMfj86ev/DiyYEs5ciRQwcPHH557KXlV6pFfmm9bu36bGb3zjc/vPL2RG+enufWWI9OGYqhVkWpeK7TmXXZloZw0tvFgrAs6fmfNldfpf9vjZ5YrPFKa1gyYLWVy+Vyf/vNpXKzSwtSgAdWEt0uAdAd+Qd9ev+bP1oNBDaszvCj624crd4ApfW+nT0inq4k5vMgfU33t500FBEflP7+On3EKs1DAAA0+vFoPhJsGv8Vqysj/5y7+mr6/FC2hlKMiIcjYltEPBIR2yPi0YjYERGPRcTjTcfviYjyIvk3zzbX8q8tQhWud6iqLaXjv1eyta36+G9eAYo9WWxLRD5gntqfvSfD0dd//OT01IFF8vjp9d++bLetcfyXPtL887FgVo7rvU0TdJPjc+MrrnCTG5cidvU21z/pjUhqbZNExM6I2LWM4xYbwidf+HZ3LdI3/3VL17+i3HIdrQPrTOVvIp6vtn8p5rV/Pcdk3vrk6fETUyemzozV1idHB2J6av9oehbsb5nHL79efqdd/kvW//s/mnd54/APx7Kede/S9t/YcP5Hvn5br38xiUhq67Wzy8/j8u9ftL2nWen5vyF5rxLO70s/GZ+bO3sgYkPy1sL0sfq+eTx9jlK1/sN7W/f/bdk+6TvxRESkJ/GTEfFUVO8Q07LviYhnImLvIvX/+bVnP1p5/VdXWv/JputfteXntX99vb5dIMnWBqspg42bek7tuXanzcXj7tr/UCU0nKUsvP6lJUzmXSLalTT/tEtT/u3IOwgAAAD3v0JEbG6YS9ochcLISHUOaHtsLEzPzM7tOz5z7sxkui2iGH2FfKarOh/cl+Tzn8WG+FhT/GA2b/xVz2AlPjIxMz3Z1ZoDmyp9PimMRLzf09D/U392ZooZuJ/5vhasX4v1/3QQv+PKGhYGWFN3//l/9dNVLQiw5hr6f7tv+JdW8H9fwAPA/T9Qt/QP/bhmwIOvrC/Duras/r/PjwDC/0lvvFsLF7paEmCtGf/DurTk9/rvKVDub71pIBa+OAYWP2BPrKwYgy3y6kogHVl1JffBleyV/5pC29dEYXkH7I/OtOnxe3w3SmdnT+zo+Mlfzv5XvtMt+N2a9NNWga5cjgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADruvwAAAP//hS/gCQ==") r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r3, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 10.274944344s ago: executing program 1 (id=321): r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000080)={'syzkaller0\x00', @multicast}) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56741, 0x70b923, 0x7fffe, {0x0, 0x0, 0x0, r4, {0x0, 0xfff3}, {0xb, 0xb}, {0xe, 0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_TARGET={0x8, 0x8, 0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44040}, 0x8000) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', 0x0}) sendto$packet(r0, &(0x7f00000002c0)="05031400d3fc140000004788031c09102c28", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14) 10.091278696s ago: executing program 3 (id=322): syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x50) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@empty, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {}, 0xfffffffd, 0x0, 0x1, 0x1}}, 0xb8}}, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@empty, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x1, 0x0, 0x1}}, 0xb8}}, 0x0) 9.76147952s ago: executing program 2 (id=323): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000) lseek(0xffffffffffffffff, 0x1, 0x4) socket$alg(0x26, 0x5, 0x0) dup(0xffffffffffffffff) keyctl$join(0x1, 0x0) 9.713717201s ago: executing program 0 (id=324): prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f0000000040)=@hopopts={0x62}, 0x8) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c) sendmmsg$inet6(r3, &(0x7f0000007e40)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0x0, @dev}, 0x18, 0x0}}], 0x6c00, 0x48) ioctl$VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, 0x0) ioctl$VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f0000000000)={0x1}) 9.69879791s ago: executing program 3 (id=325): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$UI_ABS_SETUP(r3, 0x401c5504, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) 8.708954152s ago: executing program 2 (id=326): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) ioctl$FIBMAP(0xffffffffffffffff, 0x1, &(0x7f0000000080)=0x6d) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r4, 0x1, 0x70bd28, 0x25dfdbfb, {{}, {}, {0xc, 0x14, 'syz0\x00'}}}, 0x28}, 0x1, 0x0, 0x0, 0xc090}, 0x84) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x4814) 7.358699827s ago: executing program 0 (id=327): r0 = socket$kcm(0x11, 0x3, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x4361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x870b926, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x0, 0xd}, {0x6, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0x3}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890) close(r3) socket$nl_route(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000600), 0x56) sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x0, r6, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600006fb96dbcf706e10500000086ddffff1144ee1611d4b8bf4a31accb", 0xee19}], 0x1}, 0x0) 7.355649037s ago: executing program 1 (id=328): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7f}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f00000001c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r4 = accept4(r3, 0x0, 0x0, 0x800) sendmsg$key(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x30}}, 0x80) 6.22155096s ago: executing program 1 (id=329): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) dup(0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) getpgrp(0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8) r3 = openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000001e80), 0x2, 0x0) lseek(r3, 0x6, 0x1) 4.569322859s ago: executing program 1 (id=330): r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r3 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd21, 0xfbffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x400) sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000280)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r4, {0xffff, 0x5}, {}, {0x7, 0x3}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x8, 0x8, 0x20000000, 0xa, 0xb}, 0x1}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x84}}, 0x800) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r5) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x7}}) r6 = socket$kcm(0x11, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\r', 0x1}], 0x1}, 0x4) 4.403836591s ago: executing program 0 (id=331): prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) r0 = syz_open_dev$I2C(0x0, 0x0, 0x80) ioctl$I2C_SMBUS(r0, 0x720, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x6) socket$igmp(0x2, 0x3, 0x2) r4 = socket$netlink(0x10, 0x3, 0x4) writev(r4, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1) 4.371801711s ago: executing program 3 (id=332): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x4d, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084) sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001f80)=@newqdisc={0x58, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdf8, {0x0, 0x0, 0x0, r3, {0x10}, {}, {0xa, 0x3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x8, 0x0, 0x80, 0x7, 0xff, 0x1800000}, {0x1d, 0x1, 0x1, 0x4, 0x7, 0xa}, 0x7, 0xa, 0x18b7}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40098}, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r5) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) r6 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmmsg$inet(r4, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r7, @dev={0xac, 0x14, 0x14, 0x41}, @empty}}}], 0x20}}], 0x1, 0x8000004) 3.321826093s ago: executing program 0 (id=333): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000040)={0x442, 0xdaf10de6d7e4e0a6}, 0x18) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = socket$inet6(0xa, 0x80003, 0xff) setsockopt$inet6_int(r3, 0x29, 0x16, &(0x7f0000fcb000), 0x4) setsockopt$inet6_int(r3, 0x29, 0x16, 0x0, 0x0) socket(0x10, 0x80002, 0x4) 2.335888934s ago: executing program 0 (id=334): syz_mount_image$squashfs(&(0x7f0000000940), &(0x7f0000000640)='./file0\x00', 0x2, &(0x7f0000000980)=ANY=[@ANYBLOB="00bc7811e943bbb3bc31a70c81525069e4320000000000f11fac5b600346a3cf2dc67c5bf96eefd90802c528f84db5e3fc53e166dfc62a0d50ae803645e5d16182a2681f3849384200268bfa5c4991d8ef3c2679ce26a969c0d9046fc4e1ca6999c39077bd2c8cd6cab448c9c880591bb4e20c350915203da8e126912d9df6847dee13e1c99fe1999a7b66331fd2447fc60d6e06e2ce393943ae07f22346d6901708f493c5ec64ff21318445692e7c4cbd1c3360"], 0x9, 0x1a1, &(0x7f00000001c0)="$eJzs0L9rE2Ecx/H393meyw+h1qg4RLABi/FCtbkUF6fgFCEHDi6CQUN6NsWrkl4HW1roIgWp9l/QQeqogk4i+g8UB8FBz6WbNENxEAeJXHLtP9HnBXef+37gHh6+3agXZYF/+6sd6gxpjvMFwQATMuqUGuX7dP6V5tYouJbOm2m+SrNollfut8MwWCxdLVGAYnRYAL+H3WEVveGMIi/UkW/7q5223PUZ1FlQsz6FJpWn6BY99xlFM8bpO2gG5U2uK3pSbsL4tGZ8OlpeuTS/0J4L5oIHtdqMA1SvJPcPg+o7xH0iiues4RqyPnl3DafF4x1zjClB3K6KtVT6ZFps7eiL56f6KHePAcKncp/sD9MtqZtccHK3OQENTgkv0D6TTfIKw735MKg2kBvqrXjmq/njKHLrWl/uPAxnN24p+ZvZrsteTrxdnLJHreIxk6yGk3xmI2YyphGzHbP7kwn5kKzoYK9mPXm/TqeznONlhkftpaVFzwFHyj615CnA2PA4NbxXAT6m/6TB94MPy7Isy7Isy7Is6wj4HwAA//8zKV8z") getpgrp(0x0) prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x400000, 0x0, 0xfffffeb6, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) creat(&(0x7f0000000100)='./bus\x00', 0x38) mount(&(0x7f0000003340)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) unlink(&(0x7f0000000000)='./bus\x00') 2.020669388s ago: executing program 3 (id=335): socketpair$unix(0x1, 0x3, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000140)={0x3c, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x9e}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000000}, 0x4040800) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) setxattr$incfs_metadata(&(0x7f0000000800)='./cgroup\x00', &(0x7f0000000840), &(0x7f0000000880)="22cff58056ac", 0xffd7, 0x1) setxattr$incfs_metadata(&(0x7f0000000480)='./cgroup\x00', &(0x7f0000000280), 0x0, 0x0, 0x0) 1.77248713s ago: executing program 3 (id=336): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x103400, 0x0) ioctl$TIOCMIWAIT(r1, 0x545c, 0x0) syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) 947.83598ms ago: executing program 2 (id=337): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0xffff}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0xd, 0x8b, 0xd, 0x2, 0x4, 0x2, 0xf, 0x6, 0x3, 0x7, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x3, 0xad1e, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x6, 0xe, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x4, 0x8, 0x1, 0x9, 0x5, 0x2, 0xc, 0x4, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffe00, {0x0, 0x0, 0x0, r7, {0x8}, {0xffff}, {0xfff2, 0xffe1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x45, 0x1, {0xe, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x6, 0x1, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x5, 0x7fff, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x8000, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0x2, 0x5, 0x2, 0xfff5, 0x4, 0x8, 0x7, 0x9, 0x5, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x1, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400dc}, 0x0) 0s ago: executing program 2 (id=338): bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000) openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r3, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.39' (ED25519) to the list of known hosts. [ 77.476980][ T5762] cgroup: Unknown subsys name 'net' [ 77.612629][ T5762] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 79.339392][ T5762] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 80.865534][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 80.874601][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 80.883521][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 80.891271][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 80.921407][ T5777] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 80.966991][ T5778] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 80.973008][ T5781] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 80.974433][ T5778] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 80.982348][ T5781] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 80.995982][ T5781] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 80.998690][ T5777] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 81.012914][ T5777] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 81.014449][ T5781] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 81.029192][ T5777] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 81.037272][ T5083] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 81.037806][ T5777] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 81.045298][ T5083] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 81.052439][ T5777] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 81.060204][ T5083] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 81.066402][ T5777] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 81.073529][ T5083] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 81.079851][ T5777] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 81.087034][ T5083] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 81.094015][ T5777] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 81.502006][ T5780] chnl_net:caif_netlink_parms(): no params data found [ 81.660843][ T5773] chnl_net:caif_netlink_parms(): no params data found [ 81.695375][ T5784] chnl_net:caif_netlink_parms(): no params data found [ 81.742291][ T5780] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.750804][ T5780] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.758456][ T5780] bridge_slave_0: entered allmulticast mode [ 81.766139][ T5780] bridge_slave_0: entered promiscuous mode [ 81.776519][ T5780] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.783794][ T5780] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.792472][ T5780] bridge_slave_1: entered allmulticast mode [ 81.800261][ T5780] bridge_slave_1: entered promiscuous mode [ 81.879600][ T5780] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.891354][ T5776] chnl_net:caif_netlink_parms(): no params data found [ 81.925966][ T5780] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.968441][ T5784] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.975839][ T5784] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.983237][ T5784] bridge_slave_0: entered allmulticast mode [ 81.999086][ T5784] bridge_slave_0: entered promiscuous mode [ 82.019741][ T5780] team0: Port device team_slave_0 added [ 82.037764][ T5784] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.046653][ T5784] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.054111][ T5784] bridge_slave_1: entered allmulticast mode [ 82.061347][ T5784] bridge_slave_1: entered promiscuous mode [ 82.089057][ T5773] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.097332][ T5773] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.104563][ T5773] bridge_slave_0: entered allmulticast mode [ 82.117907][ T5773] bridge_slave_0: entered promiscuous mode [ 82.130373][ T5773] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.140086][ T5773] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.151599][ T5773] bridge_slave_1: entered allmulticast mode [ 82.161179][ T5773] bridge_slave_1: entered promiscuous mode [ 82.173865][ T5780] team0: Port device team_slave_1 added [ 82.271375][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.279755][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.311455][ T5780] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.338695][ T5784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.372583][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.380700][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.412592][ T5780] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 82.460694][ T5784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.478758][ T5773] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.498102][ T5773] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.650072][ T5776] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.657979][ T5776] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.666310][ T5776] bridge_slave_0: entered allmulticast mode [ 82.673292][ T5776] bridge_slave_0: entered promiscuous mode [ 82.709863][ T5784] team0: Port device team_slave_0 added [ 82.727129][ T5776] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.734286][ T5776] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.741965][ T5776] bridge_slave_1: entered allmulticast mode [ 82.749059][ T5776] bridge_slave_1: entered promiscuous mode [ 82.766965][ T5773] team0: Port device team_slave_0 added [ 82.788153][ T5784] team0: Port device team_slave_1 added [ 82.815597][ T5776] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 82.827010][ T5773] team0: Port device team_slave_1 added [ 82.867499][ T5780] hsr_slave_0: entered promiscuous mode [ 82.874501][ T5780] hsr_slave_1: entered promiscuous mode [ 82.886602][ T5776] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 82.910379][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 82.917544][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.943783][ T5784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 82.956947][ T5784] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 82.963941][ T5784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 82.990067][ T5784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 83.004094][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 83.011477][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.037981][ T5773] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 83.077175][ T5776] team0: Port device team_slave_0 added [ 83.089571][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 83.097791][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.124076][ T5773] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 83.124189][ T5778] Bluetooth: hci0: command tx timeout [ 83.170052][ T5776] team0: Port device team_slave_1 added [ 83.194992][ T5778] Bluetooth: hci2: command tx timeout [ 83.195011][ T5083] Bluetooth: hci3: command tx timeout [ 83.195219][ T5083] Bluetooth: hci1: command tx timeout [ 83.246555][ T5773] hsr_slave_0: entered promiscuous mode [ 83.254428][ T5773] hsr_slave_1: entered promiscuous mode [ 83.260775][ T5773] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 83.268842][ T5773] Cannot create hsr debugfs directory [ 83.295902][ T5784] hsr_slave_0: entered promiscuous mode [ 83.302315][ T5784] hsr_slave_1: entered promiscuous mode [ 83.308958][ T5784] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 83.316689][ T5784] Cannot create hsr debugfs directory [ 83.338233][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 83.345722][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.372652][ T5776] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 83.413331][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 83.420362][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 83.446660][ T5776] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 83.577630][ T5776] hsr_slave_0: entered promiscuous mode [ 83.584377][ T5776] hsr_slave_1: entered promiscuous mode [ 83.591282][ T5776] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 83.599216][ T5776] Cannot create hsr debugfs directory [ 83.877501][ T5780] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 83.890843][ T5780] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 83.901761][ T5780] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 83.914252][ T5780] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 83.999899][ T5784] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 84.009524][ T5784] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 84.020638][ T5784] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 84.036487][ T5784] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 84.166581][ T5776] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 84.180567][ T5776] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 84.190326][ T5776] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 84.202073][ T5776] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 84.215640][ T5780] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.299422][ T5780] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.331114][ T5773] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 84.351639][ T5773] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 84.363631][ T5773] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 84.375106][ T5773] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 84.390980][ T5784] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.414622][ T37] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.422353][ T37] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.456442][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.463622][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.483350][ T5784] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.551214][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.558387][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.602731][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.609905][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.752454][ T5776] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.780542][ T5773] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.834231][ T5776] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.871426][ T5773] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.894559][ T1124] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.901784][ T1124] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.952967][ T1124] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.960426][ T1124] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.971910][ T1124] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.979139][ T1124] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.994371][ T1124] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.001615][ T1124] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.109270][ T5773] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 85.151557][ T5776] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 85.189572][ T5780] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.197273][ T5083] Bluetooth: hci0: command tx timeout [ 85.277291][ T5083] Bluetooth: hci1: command tx timeout [ 85.282810][ T5774] Bluetooth: hci2: command tx timeout [ 85.282820][ T5778] Bluetooth: hci3: command tx timeout [ 85.298728][ T5784] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.442743][ T5780] veth0_vlan: entered promiscuous mode [ 85.477467][ T5784] veth0_vlan: entered promiscuous mode [ 85.503045][ T5780] veth1_vlan: entered promiscuous mode [ 85.563004][ T5784] veth1_vlan: entered promiscuous mode [ 85.627539][ T5773] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.650250][ T5780] veth0_macvtap: entered promiscuous mode [ 85.662500][ T5780] veth1_macvtap: entered promiscuous mode [ 85.698349][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.728305][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.750373][ T5776] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.765917][ T5780] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.775834][ T5780] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.784588][ T5780] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.796092][ T5780] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.808978][ T5784] veth0_macvtap: entered promiscuous mode [ 85.830305][ T5784] veth1_macvtap: entered promiscuous mode [ 85.869085][ T5773] veth0_vlan: entered promiscuous mode [ 85.894409][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 85.906695][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.921080][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.964464][ T5776] veth0_vlan: entered promiscuous mode [ 85.989112][ T5784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.000914][ T5784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.013429][ T5784] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 86.029656][ T5773] veth1_vlan: entered promiscuous mode [ 86.056228][ T5784] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.065651][ T5784] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.074371][ T5784] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.084806][ T5784] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.131822][ T5776] veth1_vlan: entered promiscuous mode [ 86.143914][ T1070] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.159146][ T1070] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.173339][ T5773] veth0_macvtap: entered promiscuous mode [ 86.206184][ T5773] veth1_macvtap: entered promiscuous mode [ 86.263313][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.273456][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.296249][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.300276][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.314880][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.326022][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.337719][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 86.354550][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.366117][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.376368][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.386978][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.400494][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 86.431031][ T5773] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.440243][ T5773] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.450155][ T5773] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.459497][ T5773] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.490708][ T5776] veth0_macvtap: entered promiscuous mode [ 86.517158][ T3451] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.532431][ T3451] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.533766][ T5776] veth1_macvtap: entered promiscuous mode [ 86.603193][ T1070] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.644539][ T1070] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.647130][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.677630][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.698562][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.710100][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.729011][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 86.742039][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.754605][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 86.771044][ T5840] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2'. [ 86.792545][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.811536][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.821711][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.832272][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.842228][ T5776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 86.853280][ T5776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 86.867721][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 86.946194][ T5776] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.957528][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.985907][ T5776] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.994839][ T5776] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 86.994986][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.003554][ T5776] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.168391][ T3451] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.191187][ T3451] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.213255][ T8] cfg80211: failed to load regulatory.db [ 87.275113][ T5083] Bluetooth: hci0: command tx timeout [ 87.356167][ T5083] Bluetooth: hci3: command tx timeout [ 87.361803][ T5083] Bluetooth: hci1: command tx timeout [ 87.367821][ T5774] Bluetooth: hci2: command tx timeout [ 87.376266][ T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.404870][ T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.530315][ T5853] warning: `syz.1.7' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 87.572487][ T37] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 87.595453][ T37] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 87.949928][ T5865] syz.1.9[5865]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 87.952283][ T5862] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3'. [ 87.967648][ T5865] loop1: detected capacity change from 0 to 512 [ 87.979274][ T5865] EXT4-fs: Ignoring removed i_version option [ 87.998128][ T5862] gre0: entered promiscuous mode [ 88.004245][ T5865] EXT4-fs: Ignoring removed bh option [ 88.007788][ T5862] gre0: entered allmulticast mode [ 88.039232][ T5867] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3'. [ 88.086471][ T5865] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.168771][ T5865] ext4 filesystem being mounted at /3/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 88.273083][ T5875] netlink: 'syz.0.12': attribute type 5 has an invalid length. [ 88.592437][ T5780] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.424530][ T5906] syz_tun: entered allmulticast mode [ 89.426079][ T5902] block device autoloading is deprecated and will be removed. [ 89.519853][ T5906] syz_tun (unregistering): left allmulticast mode [ 89.821491][ T5915] loop0: detected capacity change from 0 to 8192 [ 90.025549][ T5923] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 92.372447][ T5968] overlayfs: failed to clone upperpath [ 92.481693][ T5965] loop3: detected capacity change from 0 to 2048 [ 92.513121][ T5965] ======================================================= [ 92.513121][ T5965] WARNING: The mand mount option has been deprecated and [ 92.513121][ T5965] and is ignored by this kernel. Remove the mand [ 92.513121][ T5965] option from the mount to silence this warning. [ 92.513121][ T5965] ======================================================= [ 92.585545][ T5965] EXT4-fs: Ignoring removed nomblk_io_submit option [ 92.626431][ T5965] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 92.952664][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.445577][ T786] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 93.654987][ T786] usb 1-1: Using ep0 maxpacket: 32 [ 93.758226][ T786] usb 1-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 94.291949][ T786] usb 1-1: config 0 interface 0 has no altsetting 0 [ 94.407946][ T786] usb 1-1: New USB device found, idVendor=056a, idProduct=0343, bcdDevice= 0.00 [ 94.421844][ T786] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.438700][ T786] usb 1-1: config 0 descriptor?? [ 94.892769][ T786] wacom 0003:056A:0343.0001: unknown main item tag 0xe [ 94.922400][ T786] wacom 0003:056A:0343.0001: unknown main item tag 0x0 [ 94.948056][ T786] wacom 0003:056A:0343.0001: unknown main item tag 0x0 [ 94.983379][ T786] wacom 0003:056A:0343.0001: unknown main item tag 0x0 [ 95.013386][ T786] wacom 0003:056A:0343.0001: unknown main item tag 0x0 [ 95.023641][ T786] wacom 0003:056A:0343.0001: unknown main item tag 0x0 [ 95.043035][ T786] wacom 0003:056A:0343.0001: unknown main item tag 0x0 [ 95.050286][ T786] wacom 0003:056A:0343.0001: unknown main item tag 0x0 [ 95.085602][ T786] wacom 0003:056A:0343.0001: unknown main item tag 0x0 [ 95.092573][ T786] wacom 0003:056A:0343.0001: unknown main item tag 0x0 [ 95.128241][ T786] wacom 0003:056A:0343.0001: unknown main item tag 0x0 [ 95.152149][ T786] wacom 0003:056A:0343.0001: unknown main item tag 0x0 [ 95.169402][ T786] wacom 0003:056A:0343.0001: unknown main item tag 0x0 [ 95.192563][ T786] wacom 0003:056A:0343.0001: unknown main item tag 0x0 [ 95.224930][ T786] wacom 0003:056A:0343.0001: unknown main item tag 0x0 [ 95.268831][ T786] wacom 0003:056A:0343.0001: hidraw0: USB HID v0.0a Device [HID 056a:0343] on usb-dummy_hcd.0-1/input0 [ 95.358156][ T786] usb 1-1: USB disconnect, device number 2 [ 95.589845][ T6031] fido_id[6031]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 98.226104][ T6072] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 98.659976][ T6087] Zero length message leads to an empty skb [ 99.549109][ T966] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 99.760871][ T966] usb 1-1: Using ep0 maxpacket: 32 [ 99.778720][ T966] usb 1-1: config 0 has an invalid interface number: 230 but max is 0 [ 99.801884][ T966] usb 1-1: config 0 has no interface number 0 [ 99.827192][ T966] usb 1-1: too many endpoints for config 0 interface 230 altsetting 80: 88, using maximum allowed: 30 [ 99.842769][ T966] usb 1-1: config 0 interface 230 altsetting 80 has 0 endpoint descriptors, different from the interface descriptor's value: 88 [ 99.864072][ T49] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.881903][ T966] usb 1-1: config 0 interface 230 has no altsetting 0 [ 99.900273][ T966] usb 1-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 99.936371][ T966] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 99.954048][ T966] usb 1-1: Product: syz [ 99.983951][ T966] usb 1-1: Manufacturer: syz [ 99.991341][ T966] usb 1-1: SerialNumber: syz [ 100.018220][ T49] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 100.033412][ T966] usb 1-1: config 0 descriptor?? [ 100.144676][ T49] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 100.277775][ T49] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 100.328309][ T966] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 100.994115][ T966] gspca_ov534_9: reg_w failed -71 [ 101.382699][ T5778] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 101.396595][ T5778] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 101.415021][ T966] gspca_ov534_9: Unknown sensor 0000 [ 101.415076][ T5778] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 101.415118][ T966] ov534_9: probe of 1-1:0.230 failed with error -22 [ 101.441087][ T966] usbhid 1-1:0.230: couldn't find an input interrupt endpoint [ 101.450860][ T5778] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 101.461823][ T5778] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 101.469728][ T5778] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 101.484238][ T5083] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 101.536319][ T966] usb 1-1: USB disconnect, device number 3 [ 101.547326][ T5083] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 101.555117][ T5083] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 101.563383][ T5083] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 101.572032][ T5083] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 101.579903][ T5083] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 103.188892][ T6150] netlink: 12 bytes leftover after parsing attributes in process `syz.2.74'. [ 103.371643][ T6121] chnl_net:caif_netlink_parms(): no params data found [ 103.686406][ T5083] Bluetooth: hci3: command tx timeout [ 103.704309][ T49] hsr_slave_0: left promiscuous mode [ 103.723482][ T49] hsr_slave_1: left promiscuous mode [ 103.732046][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 103.737801][ T6164] loop1: detected capacity change from 0 to 2048 [ 103.749398][ T49] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 103.794631][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 103.839854][ T6164] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 103.855195][ T49] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 103.906651][ T49] bridge_slave_1: left allmulticast mode [ 103.912388][ T49] bridge_slave_1: left promiscuous mode [ 103.946704][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.994500][ T49] bridge_slave_0: left allmulticast mode [ 104.032841][ T49] bridge_slave_0: left promiscuous mode [ 104.039863][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.359502][ T49] veth1_macvtap: left promiscuous mode [ 104.373754][ T49] veth0_macvtap: left promiscuous mode [ 104.396895][ T49] veth1_vlan: left promiscuous mode [ 104.402909][ T49] veth0_vlan: left promiscuous mode [ 105.481477][ T6180] syz.0.77 (6180): drop_caches: 2 [ 105.754880][ T5083] Bluetooth: hci3: command tx timeout [ 107.123557][ T49] team0 (unregistering): Port device team_slave_1 removed [ 107.229425][ T49] team0 (unregistering): Port device team_slave_0 removed [ 107.321918][ T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 107.369869][ T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 107.688806][ T49] bond0 (unregistering): Released all slaves [ 107.817472][ T6121] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.824890][ T6121] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.832080][ T6121] bridge_slave_0: entered allmulticast mode [ 107.839306][ T6121] bridge_slave_0: entered promiscuous mode [ 107.844953][ T5083] Bluetooth: hci3: command tx timeout [ 107.916634][ T6121] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.934965][ T6121] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.942260][ T6121] bridge_slave_1: entered allmulticast mode [ 107.985713][ T6121] bridge_slave_1: entered promiscuous mode [ 108.121237][ T6121] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 108.152049][ T6121] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 108.212570][ T6121] team0: Port device team_slave_0 added [ 108.271874][ T6121] team0: Port device team_slave_1 added [ 108.378441][ T6121] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 108.385809][ T6121] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.412282][ T6121] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 108.611946][ T6121] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 108.800350][ T6121] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.092581][ T6121] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 109.224651][ T6218] loop1: detected capacity change from 0 to 1024 [ 110.461103][ T5083] Bluetooth: hci3: command tx timeout [ 110.533767][ T6121] hsr_slave_0: entered promiscuous mode [ 110.645321][ T6121] hsr_slave_1: entered promiscuous mode [ 110.666564][ T6121] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 110.674245][ T6121] Cannot create hsr debugfs directory [ 111.494242][ T6238] tipc: Enabling of bearer rejected, failed to enable media [ 113.900430][ T6121] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 114.356346][ T6121] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 114.429153][ T6121] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 114.555578][ T6121] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 115.248109][ T6121] 8021q: adding VLAN 0 to HW filter on device bond0 [ 115.499974][ T6121] 8021q: adding VLAN 0 to HW filter on device team0 [ 115.559499][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 115.566863][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 115.616607][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 115.624025][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 115.685719][ T6304] process 'syz.2.106' launched './file0' with NULL argv: empty string added [ 116.348963][ T6121] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 116.524616][ T6121] veth0_vlan: entered promiscuous mode [ 116.603639][ T6121] veth1_vlan: entered promiscuous mode [ 116.707338][ T6121] veth0_macvtap: entered promiscuous mode [ 116.751147][ T6121] veth1_macvtap: entered promiscuous mode [ 116.789813][ T6341] netlink: 100 bytes leftover after parsing attributes in process `syz.1.113'. [ 116.798189][ T6121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 116.845629][ T6121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 116.864818][ T6121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 116.888519][ T6121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 116.922376][ T6121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 116.969364][ T6121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 116.984497][ T6121] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 117.048238][ T6121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 117.082422][ T6121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 117.105548][ T6121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 117.118629][ T6121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 117.152999][ T6121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 117.283312][ T6121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 117.332697][ T6121] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 117.460377][ T6121] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.567455][ T6121] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.733069][ T6121] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.911014][ T6121] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 118.498720][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.545954][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.663630][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 118.716793][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 118.848007][ T27] audit: type=1326 audit(1777946934.926:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.2.122" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f4ad9cdd9 code=0x7ffc0000 [ 118.949380][ T27] audit: type=1326 audit(1777946934.956:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.2.122" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f4ad9cdd9 code=0x7ffc0000 [ 119.030742][ T27] audit: type=1326 audit(1777946934.956:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.2.122" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f4ad9cdd9 code=0x7ffc0000 [ 119.124995][ T27] audit: type=1326 audit(1777946934.956:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.2.122" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f4ad9cdd9 code=0x7ffc0000 [ 119.175441][ T6391] input: syz1 as /devices/virtual/input/input8 [ 119.182869][ T27] audit: type=1326 audit(1777946934.976:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.2.122" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f0f4ad9cdd9 code=0x7ffc0000 [ 119.284913][ T27] audit: type=1326 audit(1777946934.976:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.2.122" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0f4ad9cb42 code=0x7ffc0000 [ 119.374965][ T27] audit: type=1326 audit(1777946934.976:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.2.122" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0f4ad5d60e code=0x7ffc0000 [ 119.400203][ T27] audit: type=1326 audit(1777946934.976:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.2.122" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f0f4ad9cc07 code=0x7ffc0000 [ 119.439217][ T27] audit: type=1326 audit(1777946934.976:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.2.122" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0f4ad5d60e code=0x7ffc0000 [ 119.482690][ T27] audit: type=1326 audit(1777946934.976:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6379 comm="syz.2.122" exe="/root/ci2-linux-6-6-kasan/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f0f4ad5d60e code=0x7ffc0000 [ 121.783747][ T6424] loop1: detected capacity change from 0 to 1024 [ 121.925281][ T6417] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 122.036981][ T6417] kvm: pic: non byte read [ 122.062637][ T6417] kvm: pic: level sensitive irq not supported [ 122.062859][ T6417] kvm: pic: non byte read [ 122.091914][ T6417] kvm: pic: level sensitive irq not supported [ 122.092447][ T6417] kvm: pic: non byte read [ 122.114520][ T6417] kvm: pic: level sensitive irq not supported [ 122.114676][ T6417] kvm: pic: non byte read [ 122.132760][ T6417] kvm: pic: level sensitive irq not supported [ 122.132881][ T6417] kvm: pic: non byte read [ 122.187059][ T6417] kvm: pic: level sensitive irq not supported [ 122.187204][ T6417] kvm: pic: non byte read [ 122.199031][ T6417] kvm: pic: level sensitive irq not supported [ 122.199117][ T6417] kvm: pic: non byte read [ 122.210919][ T6417] kvm: pic: level sensitive irq not supported [ 122.211067][ T6417] kvm: pic: non byte read [ 122.222518][ T6417] kvm: pic: level sensitive irq not supported [ 122.222668][ T6417] kvm: pic: non byte read [ 122.234712][ T6417] kvm: pic: level sensitive irq not supported [ 122.235499][ T6417] kvm: pic: non byte read [ 122.261826][ T6417] kvm: pic: level sensitive irq not supported [ 122.394306][ T1070] hfsplus: b-tree write err: -5, ino 25 [ 122.486702][ T1070] hfsplus: b-tree write err: -5, ino 4 [ 122.523026][ T1070] hfsplus: b-tree write err: -5, ino 2 [ 123.747619][ T6465] syzkaller0: entered promiscuous mode [ 123.778349][ T6465] syzkaller0: entered allmulticast mode [ 124.198859][ T6480] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 124.555925][ T6485] syzkaller0: entered promiscuous mode [ 124.579895][ T6485] syzkaller0: entered allmulticast mode [ 126.281386][ T6497] Cannot find add_set index 0 as target [ 127.063681][ T6503] loop3: detected capacity change from 0 to 16 [ 127.086803][ T6503] erofs: Unknown parameter './cgroup/syz1' [ 127.169884][ T5766] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 129.319959][ T6532] loop1: detected capacity change from 0 to 256 [ 129.338794][ T6535] sch_tbf: burst 255 is lower than device syzkaller0 mtu (1500) ! [ 129.352878][ T6532] FAT-fs (loop1): Unrecognized mount option "ÿÿÿÿÿÿÿÿÿÿÒ·Àžb‹}¶h«:CÞêÐY¼îWÍliJrÍCDOβ²äů´¼qº6¥ [ 129.352878][ T6532] ­­ŠQ˜q¥BÜ“»E29¹4Ø Êeˆ—€.$Ÿ.·JžÂ(µ½üA(0xffffffffffffffff" or missing value [ 129.383483][ T6535] syzkaller0: entered promiscuous mode [ 129.394425][ T6535] syzkaller0: entered allmulticast mode [ 129.582735][ T6532] loop1: detected capacity change from 0 to 2048 [ 129.654949][ T5766] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 132.908886][ T6554] netlink: 12 bytes leftover after parsing attributes in process `syz.3.161'. [ 133.342700][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.461643][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.624861][ T2180] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 133.653606][ T6562] netlink: 8 bytes leftover after parsing attributes in process `syz.2.162'. [ 133.824843][ T2180] usb 4-1: Using ep0 maxpacket: 8 [ 133.832762][ T2180] usb 4-1: unable to get BOS descriptor or descriptor too short [ 133.846351][ T2180] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 133.858473][ T2180] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 133.940301][ T2180] usb 4-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84 [ 133.964041][ T2180] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 134.002769][ T2180] usb 4-1: Product: syz [ 134.022484][ T2180] usb 4-1: Manufacturer: syz [ 134.048052][ T2180] usb 4-1: SerialNumber: syz [ 134.067045][ T2180] usb 4-1: config 0 descriptor?? [ 135.317178][ T42] usb 4-1: USB disconnect, device number 2 [ 135.453745][ T6577] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 135.496079][ T6581] Cannot find add_set index 2 as target [ 136.584860][ T6592] loop3: detected capacity change from 0 to 32768 [ 136.607411][ T6592] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.170 (6592) [ 136.637415][ T6592] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 136.648130][ T6592] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 136.656844][ T6592] BTRFS info (device loop3): turning on async discard [ 136.663632][ T6592] BTRFS info (device loop3): metadata ratio 0 [ 136.669916][ T6592] BTRFS info (device loop3): setting nodatasum [ 136.676131][ T6592] BTRFS info (device loop3): using free space tree [ 136.847414][ T6592] BTRFS info (device loop3): enabling ssd optimizations [ 138.002449][ T27] kauditd_printk_skb: 43 callbacks suppressed [ 138.002469][ T27] audit: type=1800 audit(1777946953.866:55): pid=6619 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.170" name="file1" dev="loop3" ino=260 res=0 errno=0 [ 138.892931][ T6121] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 139.007984][ T6627] bridge1: entered promiscuous mode [ 141.132552][ T5766] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 10 /dev/loop3 scanned by udevd (5766) [ 142.267826][ T6643] syz.2.181: attempt to access beyond end of device [ 142.267826][ T6643] loop5: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 142.295167][ T6643] SQUASHFS error: Failed to read block 0x0: -5 [ 142.403508][ T6649] kvm_intel: kvm [6648]: vcpu0, guest rIP: 0x0 Unhandled WRMSR(0x1d9) = 0x3 [ 142.419602][ T6649] kvm_intel: kvm [6648]: vcpu0, guest rIP: 0x9100 Unhandled WRMSR(0x1d9) = 0x3 [ 142.431095][ T6649] kvm_intel: kvm [6648]: vcpu0, guest rIP: 0x9100 Unhandled WRMSR(0x1d9) = 0x3 [ 142.570018][ T6649] kvm_intel: kvm [6648]: vcpu0, guest rIP: 0x9100 Unhandled WRMSR(0x1d9) = 0x3 [ 142.580610][ T6649] kvm_intel: kvm [6648]: vcpu0, guest rIP: 0x9100 Unhandled WRMSR(0x1d9) = 0x3 [ 142.593651][ T6649] kvm_intel: kvm [6648]: vcpu0, guest rIP: 0x9100 Unhandled WRMSR(0x1d9) = 0x3 [ 142.616296][ T6649] kvm_intel: kvm [6648]: vcpu0, guest rIP: 0x9100 Unhandled WRMSR(0x1d9) = 0x3 [ 142.636171][ T6649] kvm_intel: kvm [6648]: vcpu0, guest rIP: 0x9100 Unhandled WRMSR(0x1d9) = 0x3 [ 142.676321][ T6649] kvm_intel: kvm [6648]: vcpu0, guest rIP: 0x9100 Unhandled WRMSR(0x1d9) = 0x3 [ 142.736359][ T6649] kvm_intel: kvm [6648]: vcpu0, guest rIP: 0x9100 Unhandled WRMSR(0x1d9) = 0x3 [ 144.104743][ C0] sched: RT throttling activated [ 144.702614][ T6679] loop0: detected capacity change from 0 to 1024 [ 144.788296][ T6679] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 145.057492][ T6679] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5939: Out of memory [ 145.131694][ T6679] EXT4-fs error (device loop0): ext4_setattr:5621: inode #15: comm syz.0.191: mark_inode_dirty error [ 145.173298][ T6679] EXT4-fs error (device loop0) in ext4_setattr:5682: Out of memory [ 145.367329][ T6679] syz.0.191: attempt to access beyond end of device [ 145.367329][ T6679] loop0: rw=1, sector=3606377190, nr_sectors = 2 limit=1024 [ 145.535964][ T6679] EXT4-fs warning (device loop0): ext4_end_bio:357: I/O error 10 writing to inode 15 starting block 1803188595) [ 145.824893][ T6679] Buffer I/O error on device loop0, logical block 1803188595 [ 146.173686][ T6679] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5939: Out of memory [ 146.229518][ T6679] EXT4-fs error (device loop0): mpage_map_and_submit_extent:2317: inode #15: comm syz.0.191: mark_inode_dirty error [ 146.317073][ T6679] EXT4-fs error (device loop0): mpage_map_and_submit_extent:2321: comm syz.0.191: Failed to mark inode 15 dirty [ 146.325656][ T6685] EXT4-fs warning (device loop0): ext4_read_block_bitmap_nowait:487: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 7546266866099511129 [ 146.409368][ T6685] EXT4-fs warning (device loop0): ext4_read_block_bitmap_nowait:487: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 7546266866099511129 [ 146.437225][ T6679] syz.0.191: attempt to access beyond end of device [ 146.437225][ T6679] loop0: rw=1, sector=3403208898, nr_sectors = 2 limit=1024 [ 146.460936][ T6679] EXT4-fs warning (device loop0): ext4_end_bio:357: I/O error 10 writing to inode 15 starting block 1701604449) [ 146.502131][ T6679] Buffer I/O error on device loop0, logical block 1701604449 [ 146.870929][ T5773] EXT4-fs (loop0): Inode 15 (ffff8880771a0000): i_reserved_data_blocks (1) not cleared! [ 147.172882][ T5773] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.576017][ T6705] syzkaller0: entered promiscuous mode [ 148.581726][ T6705] syzkaller0: entered allmulticast mode [ 150.936925][ T6707] bridge0: port 2(bridge_slave_1) entered disabled state [ 150.946129][ T6707] bridge0: port 1(bridge_slave_0) entered disabled state [ 151.185254][ T966] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 151.415243][ T966] usb 2-1: Using ep0 maxpacket: 32 [ 151.443672][ T966] usb 2-1: config 0 has an invalid interface number: 67 but max is 0 [ 151.460388][ T6707] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 151.465239][ T966] usb 2-1: config 0 has no interface number 0 [ 151.479648][ T966] usb 2-1: config 0 interface 67 altsetting 0 has a duplicate endpoint with address 0x82, skipping [ 151.494714][ T966] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 151.509269][ T966] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 151.524937][ T966] usb 2-1: Product: syz [ 151.529191][ T966] usb 2-1: Manufacturer: syz [ 151.531595][ T6707] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 151.533820][ T966] usb 2-1: SerialNumber: syz [ 151.555681][ T966] usb 2-1: config 0 descriptor?? [ 151.574367][ T966] smsc95xx v2.0.0 [ 151.583372][ T966] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 151.598782][ T966] smsc95xx: probe of 2-1:0.67 failed with error -22 [ 151.936864][ T42] usb 2-1: USB disconnect, device number 2 [ 151.943998][ T6707] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.956649][ T6707] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.974892][ T6707] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.984090][ T6707] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 152.055700][ T6716] syzkaller0: entered promiscuous mode [ 152.061456][ T6716] syzkaller0: entered allmulticast mode [ 154.744819][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 155.316834][ T6754] syzkaller0: entered promiscuous mode [ 155.325133][ T6754] syzkaller0: entered allmulticast mode [ 160.524175][ T6796] IPv6: NLM_F_REPLACE set, but no existing node found! [ 162.424807][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 163.309928][ T6814] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 163.354424][ T6813] loop1: detected capacity change from 0 to 2048 [ 163.390761][ T6813] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=3932051, location=3932051 [ 163.444484][ T6815] loop0: detected capacity change from 0 to 256 [ 163.465587][ T6813] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 163.478639][ T6815] exfat: Bad value for 'uid' [ 163.531442][ T5764] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 165.605144][ T6826] loop1: detected capacity change from 0 to 128 [ 167.093657][ T6826] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 167.126681][ T6826] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 167.336232][ T27] audit: type=1800 audit(1777946983.416:56): pid=6826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.233" name="file2" dev="loop1" ino=13 res=0 errno=0 [ 167.418708][ T5780] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 169.129349][ T6847] loop1: detected capacity change from 0 to 128 [ 169.210824][ T6847] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 169.314960][ T6847] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 171.420969][ T5780] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 171.758813][ T6871] tipc: Started in network mode [ 171.763780][ T6871] tipc: Node identity 16c9ff7186c3, cluster identity 4711 [ 171.816084][ T6871] tipc: Enabled bearer , priority 0 [ 171.845785][ T6873] syzkaller0: entered promiscuous mode [ 171.851357][ T6873] syzkaller0: entered allmulticast mode [ 173.467007][ T966] tipc: Node number set to 2416639857 [ 173.565613][ T6871] tipc: Resetting bearer [ 173.599031][ T6869] tipc: Resetting bearer [ 173.679176][ T6869] tipc: Disabling bearer [ 174.053950][ T6881] tipc: Enabling of bearer rejected, failed to enable media [ 174.195182][ T42] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 175.104202][ T42] usb 4-1: unable to get BOS descriptor or descriptor too short [ 175.113970][ T42] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 175.121792][ T42] usb 4-1: can't read configurations, error -71 [ 176.631051][ T6899] loop0: detected capacity change from 0 to 16 [ 178.221798][ T6901] loop1: detected capacity change from 0 to 128 [ 178.307967][ T6901] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 179.401045][ T6901] ext4 filesystem being mounted at /66/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 179.581851][ T27] audit: type=1804 audit(1777946995.656:57): pid=6901 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.251" name="/newroot/66/file0/bus" dev="loop1" ino=12 res=1 errno=0 [ 179.707690][ T6901] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5939: Out of memory [ 179.730465][ T5766] udevd[5766]: incorrect ext4 checksum on /dev/loop1 [ 179.756320][ T6901] EXT4-fs error (device loop1): ext4_write_end:1351: inode #12: comm syz.1.251: mark_inode_dirty error [ 179.888596][ T5780] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 185.356791][ T6948] syzkaller0: entered promiscuous mode [ 185.366823][ T6948] syzkaller0: entered allmulticast mode [ 186.066896][ T6953] loop0: detected capacity change from 0 to 128 [ 186.345073][ T6953] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 54) [ 186.363007][ T6953] FAT-fs (loop0): Filesystem has been set read-only [ 186.379459][ T6953] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 54) [ 195.043384][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 195.052511][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 197.626910][ T7032] syzkaller0: entered promiscuous mode [ 197.638714][ T7032] syzkaller0: entered allmulticast mode [ 197.692954][ T7032] tipc: Started in network mode [ 197.704942][ T7032] tipc: Node identity 62598a1e8fdc, cluster identity 4711 [ 197.722700][ T7032] tipc: Enabled bearer , priority 0 [ 197.747102][ T7031] tipc: Resetting bearer [ 197.836983][ T7031] tipc: Disabling bearer [ 198.146039][ T7037] syzkaller0: entered promiscuous mode [ 198.167537][ T7037] syzkaller0: entered allmulticast mode [ 199.531470][ T7050] loop1: detected capacity change from 0 to 2048 [ 199.604391][ T7050] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 199.638475][ T7050] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 200.562413][ T7071] netlink: 28 bytes leftover after parsing attributes in process `syz.1.294'. [ 201.321378][ T7076] syzkaller0: entered promiscuous mode [ 201.348417][ T7076] syzkaller0: entered allmulticast mode [ 204.815534][ T7095] netlink: 'syz.2.303': attribute type 12 has an invalid length. [ 206.730273][ T7102] 0: reclassify loop, rule prio 0, protocol 700 [ 214.192432][ T7148] syzkaller0: entered promiscuous mode [ 214.214235][ T7148] syzkaller0: entered allmulticast mode [ 214.641653][ T7159] loop3: detected capacity change from 0 to 512 [ 214.683855][ T7159] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 214.728759][ T7159] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 214.784803][ T7159] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0082] [ 214.804964][ T7159] System zones: 1-12 [ 214.823820][ T7159] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 214.899505][ T7159] EXT4-fs (loop3): 1 truncate cleaned up [ 214.926769][ T7159] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 215.650806][ T6121] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.829257][ T7174] syzkaller0: entered promiscuous mode [ 215.857746][ T7174] syzkaller0: entered allmulticast mode [ 217.400246][ T7193] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 227.517808][ T5083] Bluetooth: hci3: command 0x0406 tx timeout [ 331.504661][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 331.511721][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P5780/1:b..l [ 331.520018][ C0] rcu: (detected by 0, t=10502 jiffies, g=22013, q=119 ncpus=2) [ 331.527856][ C0] task:syz-executor state:R running task stack:21704 pid:5780 ppid:5770 flags:0x00004002 [ 331.539598][ C0] Call Trace: [ 331.542890][ C0] [ 331.545827][ C0] __schedule+0x1553/0x45a0 [ 331.550355][ C0] ? asan.module_dtor+0x20/0x20 [ 331.555211][ C0] ? mark_lock+0x94/0x320 [ 331.559548][ C0] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 331.565626][ C0] ? preempt_schedule_irq+0xb4/0x150 [ 331.570924][ C0] preempt_schedule_irq+0xbf/0x150 [ 331.576076][ C0] ? preempt_schedule_notrace+0x110/0x110 [ 331.581863][ C0] ? mark_lock+0x94/0x320 [ 331.586213][ C0] ? rcu_irq_exit_check_preempt+0xdf/0x210 [ 331.592047][ C0] irqentry_exit+0x67/0x70 [ 331.596469][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 331.602452][ C0] RIP: 0010:preempt_count_add+0x2b/0x1a0 [ 331.608184][ C0] Code: 0f 1e fa 41 57 41 56 53 49 bf 00 00 00 00 00 fc ff df 48 c7 c0 80 d4 2c 97 48 c1 e8 03 42 0f b6 04 38 84 c0 0f 85 eb 00 00 00 <83> 3d 6e 4d d0 15 00 75 07 65 8b 05 ad 2e a7 7e 65 01 3d a6 2e a7 [ 331.627882][ C0] RSP: 0000:ffffc900045172f8 EFLAGS: 00000297 [ 331.633970][ C0] RAX: 0000000000000004 RBX: 1ffff920008a2e7d RCX: ffffffff972cd403 [ 331.642046][ C0] RDX: ffff88807ac68000 RSI: 0000000000000001 RDI: 0000000000000001 [ 331.650108][ C0] RBP: 0000000000000001 R08: ffffc900045174b0 R09: 000000000000000a [ 331.658112][ C0] R10: 0000000000000004 R11: 0000000000000000 R12: ffffc900045173e8 [ 331.666125][ C0] R13: dffffc0000000000 R14: ffffc90004517420 R15: dffffc0000000000 [ 331.674160][ C0] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 331.680321][ C0] unwind_next_frame+0xbe/0x2970 [ 331.685385][ C0] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 331.691508][ C0] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 331.697585][ C0] ? stack_trace_save+0x100/0x100 [ 331.702621][ C0] arch_stack_walk+0x144/0x190 [ 331.707390][ C0] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 331.713456][ C0] stack_trace_save+0xaa/0x100 [ 331.718227][ C0] ? stack_trace_snprint+0xf0/0xf0 [ 331.723356][ C0] save_stack+0x125/0x230 [ 331.727690][ C0] ? __reset_page_owner+0x190/0x190 [ 331.732885][ C0] ? free_unref_page_prepare+0x7b2/0x8c0 [ 331.738524][ C0] ? free_unref_page_list+0xbe/0x860 [ 331.743817][ C0] ? release_pages+0x1f7a/0x2200 [ 331.748752][ C0] ? __folio_batch_release+0x71/0xe0 [ 331.754046][ C0] ? shmem_undo_range+0x630/0x1b20 [ 331.759157][ C0] ? shmem_evict_inode+0x245/0x9e0 [ 331.764270][ C0] ? evict+0x4ca/0x8d0 [ 331.768342][ C0] ? do_unlinkat+0x38c/0x590 [ 331.772928][ C0] ? __x64_sys_unlink+0x49/0x50 [ 331.777772][ C0] ? do_syscall_64+0x55/0xa0 [ 331.782361][ C0] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 331.788434][ C0] ? page_ext_get+0x22/0x2b0 [ 331.793023][ C0] ? page_ext_get+0x1e2/0x2b0 [ 331.797699][ C0] __reset_page_owner+0x4e/0x190 [ 331.802633][ C0] ? rcu_is_watching+0x15/0xb0 [ 331.807403][ C0] free_unref_page_prepare+0x7b2/0x8c0 [ 331.812882][ C0] free_unref_page_list+0xbe/0x860 [ 331.817995][ C0] ? __folio_memcg+0x63/0x160 [ 331.822671][ C0] ? folio_memcg+0x127/0x480 [ 331.827258][ C0] release_pages+0x1f7a/0x2200 [ 331.832031][ C0] ? lru_cache_disable+0x30/0x30 [ 331.836967][ C0] ? do_raw_spin_unlock+0x121/0x230 [ 331.842177][ C0] __folio_batch_release+0x71/0xe0 [ 331.847300][ C0] shmem_undo_range+0x630/0x1b20 [ 331.852243][ C0] ? shmem_truncate_range+0xa0/0xa0 [ 331.857468][ C0] ? inode_wait_for_writeback+0x1e3/0x230 [ 331.863208][ C0] ? __lock_acquire+0x7d40/0x7d40 [ 331.868244][ C0] ? do_raw_spin_lock+0x11f/0x2c0 [ 331.873291][ C0] shmem_evict_inode+0x245/0x9e0 [ 331.878323][ C0] ? inode_wait_for_writeback+0x1e3/0x230 [ 331.884071][ C0] ? shmem_free_in_core_inode+0xb0/0xb0 [ 331.889621][ C0] ? sb_clear_inode_writeback+0x360/0x360 [ 331.895350][ C0] ? do_raw_spin_lock+0x11f/0x2c0 [ 331.900382][ C0] ? bit_waitqueue+0x30/0x30 [ 331.905004][ C0] ? do_raw_spin_unlock+0x121/0x230 [ 331.910298][ C0] ? shmem_free_in_core_inode+0xb0/0xb0 [ 331.915959][ C0] evict+0x4ca/0x8d0 [ 331.919879][ C0] ? proc_nr_inodes+0x230/0x230 [ 331.924770][ C0] ? do_raw_spin_unlock+0x121/0x230 [ 331.929986][ C0] ? _raw_spin_unlock+0x28/0x40 [ 331.934841][ C0] ? iput+0x706/0x920 [ 331.938839][ C0] do_unlinkat+0x38c/0x590 [ 331.943375][ C0] ? fsnotify_link_count+0xf0/0xf0 [ 331.948502][ C0] ? getname_flags+0x20a/0x500 [ 331.953272][ C0] __x64_sys_unlink+0x49/0x50 [ 331.958075][ C0] do_syscall_64+0x55/0xa0 [ 331.962494][ C0] ? clear_bhb_loop+0x40/0x90 [ 331.967171][ C0] ? clear_bhb_loop+0x40/0x90 [ 331.971943][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 331.977835][ C0] RIP: 0033:0x7f7e7099bec7 [ 331.982252][ C0] RSP: 002b:00007ffec260c758 EFLAGS: 00000206 ORIG_RAX: 0000000000000057 [ 331.990667][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7e7099bec7 [ 331.998645][ C0] RDX: 00007ffec260c780 RSI: 00007ffec260c810 RDI: 00007ffec260c810 [ 332.006614][ C0] RBP: 00007ffec260c810 R08: 00007ffec260d810 R09: 00000000ffffffff [ 332.014583][ C0] R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffec260d8a0 [ 332.022553][ C0] R13: 00007f7e70a32120 R14: 000000000003597f R15: 00007ffec260d8e0 [ 332.030531][ C0] [ 332.033548][ C0] rcu: rcu_preempt kthread starved for 9918 jiffies! g22013 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 332.044651][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 332.054724][ C0] rcu: RCU grace-period kthread stack dump: [ 332.060618][ C0] task:rcu_preempt state:R running task stack:27720 pid:17 ppid:2 flags:0x00004000 [ 332.071390][ C0] Call Trace: [ 332.074689][ C0] [ 332.077627][ C0] __schedule+0x1553/0x45a0 [ 332.082146][ C0] ? asan.module_dtor+0x20/0x20 [ 332.087019][ C0] ? enqueue_timer+0x23d/0x550 [ 332.091782][ C0] ? __mod_timer+0x984/0xdb0 [ 332.096379][ C0] schedule+0xbd/0x170 [ 332.100451][ C0] schedule_timeout+0x188/0x2d0 [ 332.105302][ C0] ? console_conditional_schedule+0x40/0x40 [ 332.111210][ C0] ? _raw_spin_unlock_irqrestore+0x86/0x120 [ 332.117102][ C0] ? update_process_times+0x1b0/0x1b0 [ 332.122473][ C0] ? prepare_to_swait_event+0x339/0x360 [ 332.128019][ C0] rcu_gp_fqs_loop+0x313/0x1590 [ 332.132871][ C0] ? rcu_gp_init+0x1162/0x1560 [ 332.137655][ C0] ? rcu_gp_kthread+0x3b0/0x3b0 [ 332.142595][ C0] ? dyntick_save_progress_counter+0x2b0/0x2b0 [ 332.148937][ C0] ? lockdep_hardirqs_on+0x98/0x150 [ 332.154219][ C0] ? rcu_gp_init+0x1560/0x1560 [ 332.159059][ C0] ? _raw_spin_unlock_irqrestore+0xc5/0x120 [ 332.165045][ C0] ? finish_swait+0xc7/0x1d0 [ 332.169737][ C0] rcu_gp_kthread+0x9d/0x3b0 [ 332.174322][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 332.179434][ C0] ? __kthread_parkme+0x7a/0x1c0 [ 332.184376][ C0] ? __kthread_parkme+0x162/0x1c0 [ 332.189487][ C0] kthread+0x2fa/0x390 [ 332.193575][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 332.199221][ C0] ? kthread_blkcg+0xd0/0xd0 [ 332.203986][ C0] ret_from_fork+0x48/0x80 [ 332.208405][ C0] ? kthread_blkcg+0xd0/0xd0 [ 332.213003][ C0] ret_from_fork_asm+0x11/0x20 [ 332.217789][ C0] [ 332.220805][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 332.227119][ C0] Sending NMI from CPU 0 to CPUs 1: [ 332.232333][ C1] NMI backtrace for cpu 1 [ 332.232342][ C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 [ 332.232355][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 332.232362][ C1] RIP: 0010:pv_native_safe_halt+0xf/0x10 [ 332.232383][ C1] Code: 19 21 02 c3 cc cc cc cc cc cc cc f3 0f 1e fa 0f 0b 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 66 90 0f 00 2d e3 d3 41 00 fb f4 66 0f 1f 00 55 41 57 41 56 41 54 53 50 8b 2f eb 2e 41 89 de 80 [ 332.232394][ C1] RSP: 0018:ffffc90000187de0 EFLAGS: 000002c6 [ 332.232409][ C1] RAX: 483bcb660e89fc00 RBX: ffffffff8162a8f1 RCX: 483bcb660e89fc00 [ 332.232419][ C1] RDX: 0000000000000001 RSI: ffffffff8acac9e0 RDI: ffffffff8b1c8fa0 [ 332.232428][ C1] RBP: ffffc90000187f20 R08: ffff8880b8f36b2b R09: 1ffff110171e6d65 [ 332.232438][ C1] R10: dffffc0000000000 R11: ffffed10171e6d66 R12: 1ffff92000030fc8 [ 332.232448][ C1] R13: dffffc0000000000 R14: 1ffff110036cd780 R15: 0000000000000000 [ 332.232458][ C1] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 332.232470][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 332.232480][ C1] CR2: 00007f6493a873f4 CR3: 000000002ca71000 CR4: 00000000003506e0 [ 332.232495][ C1] Call Trace: [ 332.232501][ C1] [ 332.232505][ C1] default_idle+0x13/0x20 [ 332.232522][ C1] default_idle_call+0x6c/0xa0 [ 332.232539][ C1] do_idle+0x221/0x590 [ 332.232554][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 332.232572][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 332.232589][ C1] ? idle_inject_timer_fn+0x60/0x60 [ 332.232609][ C1] ? do_idle+0x11/0x590 [ 332.232628][ C1] cpu_startup_entry+0x43/0x60 [ 332.232644][ C1] start_secondary+0xee/0xf0 [ 332.232659][ C1] secondary_startup_64_no_verify+0x179/0x17b [ 332.232684][ C1]