last executing test programs:

26m6.429134291s ago: executing program 32 (id=1004):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000001811000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x18)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r4 = dup(r3)
sendmsg$netlink(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000540)=ANY=[], 0x1b8}, {0x0, 0x1f88}], 0x2}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

23m10.223935281s ago: executing program 33 (id=1342):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = syz_io_uring_setup(0x2bd, &(0x7f00000002c0)={0x0, 0x105cc6, 0x1, 0x0, 0x207}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0xc000000, &(0x7f0000000000)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x12, 0x1})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)

22m53.829935621s ago: executing program 34 (id=1406):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000b00)=ANY=[@ANYBLOB="12010000e09d7040460a2196324f01020301090224000100000000090400000206d3450009050102100000000009058b0240"], 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000240)=ANY=[@ANYBLOB="20131d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

22m44.149536973s ago: executing program 35 (id=1429):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x14, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000006d0000", @ANYRES32], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r5 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_MCE_KILL(0x41555856, 0x1, 0x2)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x84}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x20048050}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x40}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r6, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)

20m19.320681924s ago: executing program 36 (id=1710):
getpid()
timer_create(0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sendmsg$nl_crypto(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f00000000c0)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8affbf514fd00"})
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x80c0, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000100), 0x24, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
rmdir(&(0x7f0000000380)='./file0/../file0\x00')
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r2, 0x3ba0, &(0x7f0000000340)={0x48})
syz_usb_connect(0x2, 0x2d, &(0x7f0000001400)={{0x12, 0x1, 0x0, 0x1f, 0xbf, 0xe4, 0x10, 0x79, 0x85eb, 0x90b7, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xd5, 0x0, 0x1, 0xff, 0x5d, 0x1, 0x0, [], [{{0x9, 0x5, 0x4, 0xc, 0x10, 0x0, 0xfa}}]}}]}}]}}, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
connect$tipc(0xffffffffffffffff, 0x0, 0x0)

18m5.012138548s ago: executing program 37 (id=2009):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000))
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[], 0x3c}}, 0x4000000)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)

13m50.517235862s ago: executing program 6 (id=2583):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
name_to_handle_at(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1400)

13m50.380284075s ago: executing program 6 (id=2584):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
connect$ax25(r0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x55779000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
madvise(&(0x7f0000304000/0x3000)=nil, 0x3000, 0x9)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='mpol=interleave=stotic:,'])
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r7 = accept(r4, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0xc000}, 0x10)
recvfrom(r6, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x4100, 0x0, 0x0)
fsopen(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000003, 0x4008032, 0xffffffffffffffff, 0x0)

13m48.396046636s ago: executing program 6 (id=2588):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000))
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[], 0x3c}}, 0x4000000)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0)
add_key(0x0, &(0x7f0000000180), 0x0, 0x0, 0xfffffffffffffffe)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r3}, 0x18)
socket$inet_mptcp(0x2, 0x1, 0x106)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_MASTER(0xffffffffffffffff, 0x641e)
setsockopt$sock_int(r2, 0x1, 0x9, &(0x7f0000000100)=0xfffffffc, 0x56)
connect$inet(r2, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000980)=@filter={'filter\x00', 0xe, 0x6, 0x4fe, [0x0, 0x2000000002c0, 0x20000000053c, 0x2000000006a8], 0x0, &(0x7f0000000080), &(0x7f00000002c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{0x7f3ad46531a296be, 0x1, 0xfac6, 'veth0_to_hsr\x00', 'pim6reg\x00', 'caif0\x00', 'pimreg\x00', @remote, [0xff, 0xff, 0x0, 0xff, 0xff, 0xff], @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, [0xff], 0x6e, 0x6e, 0xbe, [], [], @common=@log={'log\x00', 0x28, {{0x2, "12b9915ead9bb2fe9c095d865f1dd13d526960f00cf3abf7b8ec6468eec3", 0x4}}}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x2, [{0x11, 0x8, 0x6000, 'batadv0\x00', 'veth0_macvtap\x00', 'veth1_to_bridge\x00', 'syz_tun\x00', @multicast, [0x0, 0xff, 0xff], @random="ce3bdd4e8c29", [0x0, 0xff, 0x0, 0xff], 0x6e, 0x6e, 0x9e, [], [], @common=@NFQUEUE0={'NFQUEUE\x00', 0x8, {{0x7}}}}, {0x3, 0x33, 0x8847, 'bond_slave_1\x00', 'bridge_slave_0\x00', 'veth0_virt_wifi\x00', 'virt_wifi0\x00', @remote, [0x0, 0xff, 0xff, 0xff, 0x8e1c68f7a68146ea], @empty, [0xff, 0xff, 0xff, 0xff], 0x6e, 0x6e, 0x9e, [], [], @common=@redirect={'redirect\x00', 0x8}}]}, {0x0, '\x00', 0x4, 0xfffffffffffffffc, 0x2, [{0xa, 0x56, 0x3, 'macvtap0\x00', 'veth0_virt_wifi\x00', 'xfrm0\x00', 'ip6erspan0\x00', @multicast, [0x0, 0xff, 0xff, 0x0, 0xff], @local, [0xff, 0x0, 0xff, 0xff, 0xff, 0xff], 0x6e, 0xb6, 0xe6, [], [@common=@ERROR={'ERROR\x00', 0x20, {"160f3b94065c2eaecdd34e6b6e163509a89b0a6394ef44502a71e407d818"}}], @common=@NFQUEUE0={'NFQUEUE\x00', 0x8, {{0x7}}}}, {0x11, 0x6, 0xf5, 'erspan0\x00', 'batadv_slave_0\x00', 'macvtap0\x00', 'veth1_macvtap\x00', @local, [0x0, 0x0, 0x0, 0x0, 0x0, 0xff], @dev={'\xaa\xaa\xaa\xaa\xaa', 0x42}, [0x0, 0x0, 0xff, 0x1fe, 0x0, 0xff], 0xe6, 0x15e, 0x18e, [@cluster={{'cluster\x00', 0x0, 0x10}, {{0x200, 0xd, 0x6, 0x1}}}, @time={{'time\x00', 0x0, 0x18}, {{0x6, 0x9, 0xdd44, 0x6e3a, 0x7fffffff, 0x3}}}], [@common=@NFLOG={'NFLOG\x00', 0x50, {{0x8000, 0xc, 0x3, 0x0, 0x0, "5fc9f0f98aa11898fa0ce777f037953fe80732f661ce844f717efdfe1f62c394a51210580239844a16ff812e4d01d3d3b07e52510756e456a605edf90d8a16f1"}}}], @common=@NFQUEUE0={'NFQUEUE\x00', 0x8, {{0x8}}}}]}]}, 0x576)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)

13m47.50641544s ago: executing program 6 (id=2591):
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = socket$kcm(0x10, 0x2, 0x0)
socket$inet(0x2, 0x801, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x20802, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x2)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
socket$alg(0x26, 0x5, 0x0)
r3 = socket$phonet(0x23, 0x2, 0x1)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r4 = gettid()
r5 = getpid()
rt_tgsigqueueinfo(r5, r4, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4})
signalfd(0xffffffffffffffff, 0x0, 0x0)
ioctl$SIOCPNDELRESOURCE(r3, 0x89ef, 0x0)
fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, 0x0, 0x0, 0xffffffffffffffff)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000003c0)="d800000018007b18e00212ba0d8105040a0a1100fe0f040b067c55a1bc0009001e0006990300000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b01602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd601edef3d93452a92307f00000e97031e9f05e9f16e9cb5", 0xd2}, {&(0x7f00000004c0)="f80ec2e2badd", 0x6}], 0x2, 0x0, 0x0, 0x2663}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
listen(r6, 0xbabc)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newtaction={0x64, 0x30, 0x9e54f29ff072a93b, 0x0, 0xfffffffd}, 0x64}, 0x1, 0x0, 0x0, 0x81}, 0x0)

13m45.911494995s ago: executing program 6 (id=2595):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_icmp(0x2, 0x2, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
prlimit64(0xffffffffffffffff, 0x4, &(0x7f0000000140)={0x3ffffffffffffe, 0x88}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
faccessat2(r2, &(0x7f0000000100)='./file1\x00', 0xb1, 0x700)
setpgid(r3, 0x0)
setpgid(0x0, r3)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000, &(0x7f0000000500)=ANY=[@ANYBLOB="7472616e733d6e643998ff8a0a2c7266646e6f3d18664736835b523b60c4743b23c85b64cb88447591593b", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00'])
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000300)=@o_path={&(0x7f0000000340)='./file0\x00', 0x0, 0x0, r0}, 0x18)
mount$afs(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x88, 0x0)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
ioctl$AUTOFS_IOC_READY(r4, 0x9360, 0x800000000000001)

13m43.344476516s ago: executing program 6 (id=2600):
clock_gettime(0x3, &(0x7f0000000040))
fanotify_init(0x40, 0x1400)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYBLOB="2b63707561636374202d70696473212d7220d229ac1ddb69cdae094e92302f7d26ce035f459cbc92649a38e4935e"], 0x15)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_emit_ethernet(0x72, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "e400ff", 0x3c, 0x3a, 0x0, @private2, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, '\x00', 0x0, 0x11, 0x0, @empty, @ipv4={'\x00', '\xff\xff', @multicast1}, [], "17c17f079171000700110000"}}}}}}}, 0x0)
bind$inet(r0, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000001c0)=0x9a, 0x4)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
r1 = gettid()
mknod(&(0x7f0000000180)='./file0\x00', 0x1ffa, 0x0)
acct(&(0x7f0000000140)='./file0\x00')
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
syz_emit_ethernet(0x3e, &(0x7f00000004c0)=ANY=[], 0x0)

13m28.150472966s ago: executing program 38 (id=2600):
clock_gettime(0x3, &(0x7f0000000040))
fanotify_init(0x40, 0x1400)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYBLOB="2b63707561636374202d70696473212d7220d229ac1ddb69cdae094e92302f7d26ce035f459cbc92649a38e4935e"], 0x15)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_emit_ethernet(0x72, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "e400ff", 0x3c, 0x3a, 0x0, @private2, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, '\x00', 0x0, 0x11, 0x0, @empty, @ipv4={'\x00', '\xff\xff', @multicast1}, [], "17c17f079171000700110000"}}}}}}}, 0x0)
bind$inet(r0, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000001c0)=0x9a, 0x4)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
r1 = gettid()
mknod(&(0x7f0000000180)='./file0\x00', 0x1ffa, 0x0)
acct(&(0x7f0000000140)='./file0\x00')
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
syz_emit_ethernet(0x3e, &(0x7f00000004c0)=ANY=[], 0x0)

12m34.228803329s ago: executing program 8 (id=2753):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
socket$inet_icmp(0x2, 0x2, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = getpid()
syz_pidfd_open(r2, 0x0)
prlimit64(0xffffffffffffffff, 0x4, &(0x7f0000000140)={0x3ffffffffffffe, 0x88}, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
faccessat2(r3, &(0x7f0000000100)='./file1\x00', 0xb1, 0x700)
setpgid(r4, 0x0)
setpgid(0x0, r4)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000, &(0x7f0000000500)=ANY=[@ANYBLOB="7472616e733d6e643998ff8a0a2c7266646e6f3d18664736835b523b60c4743b23c85b64cb88447591593b", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00'])
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000300)=@o_path={&(0x7f0000000340)='./file0\x00', 0x0, 0x0, r1}, 0x18)
mount$afs(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x88, 0x0)
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
ioctl$AUTOFS_IOC_READY(r5, 0x9360, 0x800000000000001)

12m31.873645246s ago: executing program 9 (id=2757):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="12008864"], 0xfce)

12m31.64697566s ago: executing program 8 (id=2758):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, 0x0, <r2=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000440)={r2, 0x5, 0x80000000, 0x1, 0x0, [<r3=>0x0], [0x0, 0xfffffffd, 0x0, 0xfffffffe], [0x8], [0xa, 0x0, 0x7]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r3, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000280)={r2, 0x8000, 0x0, 0x5, 0x1, [<r5=>0x0], [0x0, 0x0, 0x10000], [0x0, 0x0, 0x1], [0x80, 0x3, 0x400000006]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000100)={r5})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000040)={0x0, 0x0, r4})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r4})

12m30.956743881s ago: executing program 8 (id=2760):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00'}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
r4 = memfd_create(&(0x7f0000000380)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xa9\x1fg\xf1\x85z{\x1d<\xe2\x1c7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xedn\x8c<5\xcf\x92;\x85)\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\x05\x831\xd3\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xf6\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xc6(\x19\xf8\xb4?Fv\xac\xc7m\xe1\xf68W\x19\x0f\x87\x84\xafK\x91v\xb5\xe7Cf\xe0L\b9\xe2\x15d~R4\xdf\xbb\xfeiH', 0x3)
ftruncate(r4, 0xffff)
fcntl$addseals(r4, 0x409, 0x7)
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f00000000c0))
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x0, 0xee00}}, './file0\x00'})
close(r5)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, 0x0, 0x0)

12m30.906160501s ago: executing program 9 (id=2761):
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000400)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x1, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0xa4}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c00)=ANY=[@ANYBLOB="d8000000000201030000000000000000070000028800018006000340000300002c00018014000300fe80000000000000000000000000000d14000400fc02000000000000000000000000000006000340000200000c000280050001003a0000000c000280050001002f00000014000180080001000080000008000200ac14142306000340000000000c000280050001000600000006000340000319000800044000006b0506000740007369702d32303030300000000900060073797a31000000000e0006007369702d3230303030000000"], 0xd8}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000)
socket(0x10, 0x803, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='nmi_noise\x00', r0, 0x0, 0x2}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xa, 0x21bb, &(0x7f0000000080)=ANY=[@ANYBLOB="18020000ff57ff57b9000000000000008500000041000000a20005ae7dac94c8769f7b937bc4593a7c567efdf6d6f52fe6a325"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x100)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0)
ioctl$COMEDI_POLL(r1, 0x640f)
ioctl$COMEDI_POLL(r1, 0x640f)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000080)={'dt2815\x00', [0xee, 0x80008000, 0x1, 0xa, 0x0, 0x0, 0x9, 0xf, 0x1000, 0x1, 0x8, 0x5, 0x6, 0x4, 0xffff, 0x6, 0xffffffa7, 0x3, 0xfffffffd, 0x65c, 0x3ff, 0x10000, 0x800, 0x400e2df, 0x9, 0x4e, 0x4, 0x3, 0x7, 0x5, 0x5]})
ioctl$COMEDI_DEVINFO(r1, 0x80b06401, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='devtmpfs\x00', 0x0, 0x0)
syz_open_dev$video4linux(&(0x7f0000000500), 0x20, 0x400)
ioctl$VIDIOC_SUBDEV_S_CROP(0xffffffffffffffff, 0xc038563c, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x6, 0x1000087}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r2 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r3 = gettid()
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
syz_open_dev$video4linux(&(0x7f0000000000), 0x71, 0x0)

12m29.678902071s ago: executing program 8 (id=2762):
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0xfffffffc, 0x4, 0x3, 0x0, 0x5})
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x4)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, 0x0)
userfaultfd(0x80c01)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x1, 0x0, &(0x7f0000000600)=""/52, 0x0, 0xffff1000})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x0, 0x0}]})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
pselect6(0x40, &(0x7f00000001c0)={0x1, 0x0, 0x3, 0x10001, 0x0, 0x0, 0x3, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7ffffffffffffffe, 0x0, 0x9, 0x0, 0xffffffffffffffff, 0x7fffffff, 0x2}, 0x0, 0x0)

12m29.14629326s ago: executing program 8 (id=2764):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(0x0, r0)
socket$inet_icmp(0x2, 0x2, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_pidfd_open(0x0, 0x0)
prlimit64(0xffffffffffffffff, 0x4, &(0x7f0000000140)={0x3ffffffffffffe, 0x88}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
faccessat2(r2, &(0x7f0000000100)='./file1\x00', 0xb1, 0x700)
setpgid(r3, 0x0)
setpgid(0x0, r3)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000, &(0x7f0000000500)=ANY=[@ANYBLOB="7472616e733d6e643998ff8a0a2c7266646e6f3d18664736835b523b60c4743b23c85b64cb88447591593b", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00'])
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000300)=@o_path={&(0x7f0000000340)='./file0\x00', 0x0, 0x0, r1}, 0x18)
mount$afs(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x88, 0x0)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
ioctl$AUTOFS_IOC_READY(r4, 0x9360, 0x800000000000001)

12m28.172914385s ago: executing program 5 (id=2766):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = open(0x0, 0x14167e, 0xa0)
fallocate(r2, 0x0, 0x0, 0x1000f4)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r6}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{}, &(0x7f0000000040), &(0x7f0000000080)=r6}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x12, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000140)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000440)={@flat=@weak_handle={0x77682a85, 0x1001, 0x1}, @flat=@handle={0x77682a85, 0xb}, @flat=@binder={0x73622a85, 0x1008, 0x1}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0x401, 0x2000, 0x0, {0x0, 0x0, 0x2, 0x0, 0x4124, 0x61830}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_IFLAGS={0x6, 0x2, 0x19}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x5}]}}}]}, 0x48}}, 0x0)

12m28.067620447s ago: executing program 8 (id=2767):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
r2 = gettid()
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r3, &(0x7f0000000740)={0x1f, @none}, 0x8)
listen(r3, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
accept4(r3, 0x0, 0x0, 0x80800)
r4 = openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x0, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r4, 0xa0044d07, 0x0)

12m27.628228273s ago: executing program 9 (id=2768):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000012c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xffffffffffffff1a, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xb000000}, {{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1c}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x3, 0xa, 0x2}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x4, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)

12m26.643191739s ago: executing program 5 (id=2769):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0), 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, 0x0, <r2=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000440)={r2, 0x5, 0x80000000, 0x1, 0x0, [<r3=>0x0], [0x0, 0xfffffffd, 0x0, 0xfffffffe], [0x8], [0xa, 0x0, 0x7]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r3, 0x0, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000280)={r2, 0x8000, 0x0, 0x5, 0x1, [<r5=>0x0], [0x0, 0x0, 0x10000], [0x0, 0x0, 0x1], [0x80, 0x3, 0x400000006]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000100)={r5})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000040)={0x0, 0x0, r4})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r4})

12m26.346320694s ago: executing program 5 (id=2771):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$inet_int(r0, 0x0, 0x18, 0x0, &(0x7f00000001c0))

12m26.306518544s ago: executing program 9 (id=2772):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000380)=ANY=[@ANYBLOB="6d616e676c650000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000"], 0x68)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
getpriority(0x0, r2)
r3 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$search(0xa, r3, &(0x7f0000000000)='keyring\x00', &(0x7f00000000c0)={'syz', 0x0}, r3)
semtimedop(0x0, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_type(r4, 0x0, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r5, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)

12m25.926404201s ago: executing program 5 (id=2774):
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$kcm(0x10, 0x2, 0x0)
socket$inet(0x2, 0x801, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x20802, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x2)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
socket$alg(0x26, 0x5, 0x0)
r2 = socket$phonet(0x23, 0x2, 0x1)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r3 = gettid()
r4 = getpid()
rt_tgsigqueueinfo(r4, r3, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4})
ioctl$SIOCPNDELRESOURCE(r2, 0x89ef, 0x0)
fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, 0x0, 0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r5, 0x84, 0x1e, &(0x7f0000000000), 0x4)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newtaction={0x64, 0x30, 0x9e54f29ff072a93b, 0x0, 0xfffffffd}, 0x64}, 0x1, 0x0, 0x0, 0x81}, 0x0)

12m25.576513066s ago: executing program 9 (id=2775):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(0x0, r0)
socket$inet_icmp(0x2, 0x2, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_pidfd_open(0x0, 0x0)
prlimit64(0xffffffffffffffff, 0x4, &(0x7f0000000140)={0x3ffffffffffffe, 0x88}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
faccessat2(r2, &(0x7f0000000100)='./file1\x00', 0xb1, 0x700)
setpgid(r3, 0x0)
setpgid(0x0, r3)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000, &(0x7f0000000500)=ANY=[@ANYBLOB="7472616e733d6e643998ff8a0a2c7266646e6f3d18664736835b523b60c4743b23c85b64cb88447591593b", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00'])
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000300)=@o_path={&(0x7f0000000340)='./file0\x00', 0x0, 0x0, r1}, 0x18)
mount$afs(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x88, 0x0)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
ioctl$AUTOFS_IOC_READY(r4, 0x9360, 0x800000000000001)

12m24.849703507s ago: executing program 5 (id=2776):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
socket$inet_icmp(0x2, 0x2, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = getpid()
syz_pidfd_open(r2, 0x0)
prlimit64(0xffffffffffffffff, 0x4, &(0x7f0000000140)={0x3ffffffffffffe, 0x88}, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
faccessat2(r3, &(0x7f0000000100)='./file1\x00', 0xb1, 0x700)
setpgid(r4, 0x0)
setpgid(0x0, r4)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000, &(0x7f0000000500)=ANY=[@ANYBLOB="7472616e733d6e643998ff8a0a2c7266646e6f3d18664736835b523b60c4743b23c85b64cb88447591593b", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00'])
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000300)=@o_path={&(0x7f0000000340)='./file0\x00', 0x0, 0x0, r1}, 0x18)
mount$afs(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x88, 0x0)
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
ioctl$AUTOFS_IOC_READY(r5, 0x9360, 0x800000000000001)

12m24.739970839s ago: executing program 9 (id=2777):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000180))
write$dsp(r4, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_BSS(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, 0x0}, 0x40080)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
request_key(0x0, 0x0, 0x0, 0x0)

12m24.482332113s ago: executing program 5 (id=2778):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = open(0x0, 0x14167e, 0xa0)
fallocate(r2, 0x0, 0x0, 0x1000f4)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r6}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{}, &(0x7f0000000040), &(0x7f0000000080)=r6}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x12, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000140)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000440)={@flat=@weak_handle={0x77682a85, 0x1001, 0x1}, @flat=@handle={0x77682a85, 0xb}, @flat=@binder={0x73622a85, 0x1008, 0x1}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0x401, 0x2000, 0x0, {0x0, 0x0, 0x2, 0x0, 0x4124, 0x61830}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_IFLAGS={0x6, 0x2, 0x19}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x5}]}}}]}, 0x48}}, 0x0)

12m12.524252702s ago: executing program 39 (id=2767):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
r2 = gettid()
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r3, &(0x7f0000000740)={0x1f, @none}, 0x8)
listen(r3, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
accept4(r3, 0x0, 0x0, 0x80800)
r4 = openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x0, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r4, 0xa0044d07, 0x0)

12m9.535761099s ago: executing program 40 (id=2777):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000180))
write$dsp(r4, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_BSS(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, 0x0}, 0x40080)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
request_key(0x0, 0x0, 0x0, 0x0)

12m8.689946473s ago: executing program 41 (id=2778):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = open(0x0, 0x14167e, 0xa0)
fallocate(r2, 0x0, 0x0, 0x1000f4)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r6}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{}, &(0x7f0000000040), &(0x7f0000000080)=r6}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x12, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000140)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000440)={@flat=@weak_handle={0x77682a85, 0x1001, 0x1}, @flat=@handle={0x77682a85, 0xb}, @flat=@binder={0x73622a85, 0x1008, 0x1}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0x401, 0x2000, 0x0, {0x0, 0x0, 0x2, 0x0, 0x4124, 0x61830}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_IFLAGS={0x6, 0x2, 0x19}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x5}]}}}]}, 0x48}}, 0x0)

8m44.769707187s ago: executing program 4 (id=3249):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt(r0, 0xff, 0x2, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4276ef66ba420266b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, 0x0, 0x80)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000580)=[@textreal={0x8, &(0x7f0000000380)="0f35baf80c66b8c2473f8c66efbafc0cb80600ef0f072ed0649e64363e0f5b8c191366b92109000066b80000000066ba000000000f30baf80c66b8847c678866efbafc0cec66b97d0300000f320fc73e9a4a640fc7a8073a", 0x58}], 0x1, 0x53, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r4 = syz_io_uring_setup(0xa1, &(0x7f0000000640)={0x0, 0xe8ce, 0x0, 0x24, 0x40000339}, &(0x7f00000006c0)=<r5=>0x0, &(0x7f00000020c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6007, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r4, 0x47ba, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x882)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, 0x0)
write$sndseq(r8, &(0x7f0000000140)=[{0x1f, 0x0, 0x0, 0xfd, @tick, {}, {}, @raw32}], 0x1c)
mount(&(0x7f0000000100)=@nbd={'/dev/nbd', 0x0}, 0x0, 0x0, 0x5, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x30f, 0x100000003, &(0x7f0000000040))

8m42.225945438s ago: executing program 4 (id=3254):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt(r0, 0xff, 0x2, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4276ef66ba420266b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, 0x0, 0x80)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000580)=[@textreal={0x8, &(0x7f0000000380)="0f35baf80c66b8c2473f8c66efbafc0cb80600ef0f072ed0649e64363e0f5b8c191366b92109000066b80000000066ba000000000f30baf80c66b8847c678866efbafc0cec66b97d0300000f320fc73e9a4a640fc7a8073a", 0x58}], 0x1, 0x53, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r4 = syz_io_uring_setup(0xa1, &(0x7f0000000640)={0x0, 0xe8ce, 0x0, 0x24, 0x40000339}, &(0x7f00000006c0)=<r5=>0x0, &(0x7f00000020c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6007, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r4, 0x47ba, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x882)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, 0x0)
write$sndseq(r8, &(0x7f0000000140)=[{0x1f, 0x0, 0x0, 0xfd, @tick, {}, {}, @raw32}], 0x1c)
mount(&(0x7f0000000100)=@nbd={'/dev/nbd', 0x0}, 0x0, 0x0, 0x5, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

8m39.901074124s ago: executing program 4 (id=3260):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
lstat(0x0, &(0x7f0000000280))
mount$overlay(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000080), 0x102c41, &(0x7f00000004c0)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file2'}}, {@workdir={'workdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
fanotify_init(0xf00, 0x0)
open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan1\x00', <r1=>0x0})
connect$can_bcm(r0, &(0x7f0000000300)={0x1d, r1}, 0x10)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB=' \x00\x00\x00'], 0x20}, 0x1, 0x0, 0x0, 0x4000015}, 0x0)
sendmsg$can_bcm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0)
sendmsg$can_bcm(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="0500"/12, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, 0x0, {0x1}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})

8m38.597772945s ago: executing program 4 (id=3262):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000440)={0xc, @dev={0xac, 0x14, 0x14, 0x24}, 0x0, 0x3, 'lc\x00', 0x4, 0x0, 0x1a}, 0xe)
r1 = socket$kcm(0x29, 0x5, 0x0)
write$cgroup_pressure(r1, &(0x7f0000000140)={'full'}, 0xfffffdef)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000400}, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
syz_emit_ethernet(0x3e, 0x0, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)

8m37.225677957s ago: executing program 4 (id=3267):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
socket$inet_icmp(0x2, 0x2, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_pidfd_open(0x0, 0x0)
prlimit64(0xffffffffffffffff, 0x4, &(0x7f0000000140)={0x3ffffffffffffe, 0x88}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
faccessat2(r2, &(0x7f0000000100)='./file1\x00', 0xb1, 0x700)
setpgid(r3, 0x0)
setpgid(0x0, r3)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000300)=@o_path={&(0x7f0000000340)='./file0\x00', 0x0, 0x0, r1}, 0x18)
mount$afs(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x88, 0x0)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
ioctl$AUTOFS_IOC_READY(r4, 0x9360, 0x800000000000001)

8m35.994037306s ago: executing program 4 (id=3270):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd3, &(0x7f0000000440)={{0xa, 0x0, 0x9, @local}, {0xa, 0x0, 0x0, @empty}, 0xfffd, {[0x0, 0x0, 0x0, 0x0, 0x4, 0xe3]}}, 0x5c)

8m20.288141135s ago: executing program 42 (id=3270):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd3, &(0x7f0000000440)={{0xa, 0x0, 0x9, @local}, {0xa, 0x0, 0x0, @empty}, 0xfffd, {[0x0, 0x0, 0x0, 0x0, 0x4, 0xe3]}}, 0x5c)

6m29.194500202s ago: executing program 3 (id=3516):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x18)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, 0x0, 0x0)
listen(r0, 0x0)
r1 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bind$inet(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}, 0x10)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r5, 0x5421, &(0x7f0000000080)=0x2)
shutdown(r5, 0x1)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="300000001e000100", @ANYBLOB], 0x30}}, 0x0)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r5, &(0x7f0000000400)={0xf04601c4a2f46e46})
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r8, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

6m28.02304405s ago: executing program 3 (id=3517):
r0 = socket(0xa, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, 0x0)
r1 = memfd_create(0x0, 0x3)
write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x78)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socket$kcm(0x29, 0x5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512-generic\x00'}, 0x58)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r3, &(0x7f0000000000)={0x27}, 0x74)
r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000540)=0x9)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000300))
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x7e)
close_range(r5, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x13, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095", @ANYRES8=r2, @ANYRES64=r4, @ANYRES32=r2, @ANYRESDEC], &(0x7f0000000240)='GPL\x00', 0x85, 0x0, 0x0, 0x41000, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x1000000, 0x3})

6m26.000912912s ago: executing program 3 (id=3523):
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000400)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x1, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0xa4}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c00)=ANY=[@ANYBLOB="d8000000000201030000000000000000070000028800018006000340000300002c00018014000300fe80000000000000000000000000000d14000400fc02000000000000000000000000000006000340000200000c000280050001003a0000000c000280050001002f00000014000180080001000080000008000200ac14142306000340000000000c000280050001000600000006000340000319000800044000006b0506000740007369702d32303030300000000900060073797a31000000000e0006007369702d3230303030000000"], 0xd8}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000)
socket(0x10, 0x803, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xa, 0x21bb, &(0x7f0000000080)=ANY=[@ANYBLOB="18020000ff57ff57b9000000000000008500000041000000a20005ae7dac94c8769f7b937bc4593a7c567efdf6d6f52fe6a325"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x100)
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0)
ioctl$COMEDI_POLL(r0, 0x640f)
ioctl$COMEDI_POLL(r0, 0x640f)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000080)={'dt2815\x00', [0xee, 0x80008000, 0x1, 0xa, 0x0, 0x0, 0x9, 0xf, 0x1000, 0x1, 0x8, 0x5, 0x6, 0x4, 0xffff, 0x6, 0xffffffa7, 0x3, 0xfffffffd, 0x65c, 0x3ff, 0x10000, 0x800, 0x400e2df, 0x9, 0x4e, 0x4, 0x3, 0x7, 0x5, 0x5]})
ioctl$COMEDI_DEVINFO(r0, 0x80b06401, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='devtmpfs\x00', 0x0, 0x0)
syz_open_dev$video4linux(&(0x7f0000000500), 0x20, 0x400)
ioctl$VIDIOC_SUBDEV_S_CROP(0xffffffffffffffff, 0xc038563c, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x6, 0x1000087}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r2 = gettid()
process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
syz_open_dev$video4linux(&(0x7f0000000000), 0x71, 0x0)

6m22.505875677s ago: executing program 3 (id=3531):
r0 = socket(0xa, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, 0x0)
r1 = memfd_create(0x0, 0x3)
write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x78)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socket$kcm(0x29, 0x5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512-generic\x00'}, 0x58)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r3, &(0x7f0000000000)={0x27}, 0x74)
r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000540)=0x9)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000300))
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x7e)
close_range(r5, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x13, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095", @ANYRES8=r2, @ANYRES64=r4, @ANYRES32=r2, @ANYRESDEC], &(0x7f0000000240)='GPL\x00', 0x85, 0x0, 0x0, 0x41000, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x1000000, 0x3})

6m21.240662468s ago: executing program 3 (id=3535):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
socket$inet_icmp(0x2, 0x2, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
munmap(&(0x7f0000470000/0x400000)=nil, 0xe06500)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = getpid()
syz_pidfd_open(r2, 0x0)
prlimit64(0xffffffffffffffff, 0x4, &(0x7f0000000140)={0x3ffffffffffffe, 0x88}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
faccessat2(r3, &(0x7f0000000100)='./file1\x00', 0xb1, 0x700)
setpgid(r4, 0x0)
setpgid(0x0, r4)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000, &(0x7f0000000500)=ANY=[@ANYBLOB, @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00'])
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000300)=@o_path={&(0x7f0000000340)='./file0\x00', 0x0, 0x0, r1}, 0x18)
mount$afs(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x88, 0x0)
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
ioctl$AUTOFS_IOC_READY(r5, 0x9360, 0x800000000000001)

6m20.004750557s ago: executing program 3 (id=3537):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x850}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x5c, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x43d, 0x70bd2b, 0x10000, {0x0, 0x0, 0x0, 0x0, {0xc, 0xf}, {0x0, 0x4}, {0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r4 = userfaultfd(0x80801)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xa031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
r5 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x200000c0, 0xffffffff, 0xfffffff8}, 0x10)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@ipv4_newroute={0x1c, 0x1a, 0x1, 0x70bd29, 0x0, {0x2, 0x20, 0x20, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2000}}, 0x1c}}, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0/..\x00', &(0x7f0000000300)={0x0, 0x0, 0x10}, 0x18)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000940)=@newtfilter={0x148, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r8, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x118, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x1c, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x49}]}]}, @TCA_FLOWER_KEY_CT_ZONE={0x6, 0x5d, 0x5}, @TCA_FLOWER_KEY_ENC_OPTS_MASK={0xcc, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x34, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x3000000}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0xff}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5ac}]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x24, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x86}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x6}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x19d}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xe7}]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x2c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x7}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0xf2}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0xffff}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xb5}]}]}, @TCA_FLOWER_KEY_ARP_THA={0xa, 0x41, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x37}}, @TCA_FLOWER_KEY_TCP_SRC={0x6}, @TCA_FLOWER_KEY_ICMPV6_CODE={0x5}]}}]}, 0x148}, 0x1, 0x0, 0x0, 0x80}, 0x800)

6m4.801944417s ago: executing program 43 (id=3537):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x850}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x5c, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x43d, 0x70bd2b, 0x10000, {0x0, 0x0, 0x0, 0x0, {0xc, 0xf}, {0x0, 0x4}, {0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r4 = userfaultfd(0x80801)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xa031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
r5 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x200000c0, 0xffffffff, 0xfffffff8}, 0x10)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@ipv4_newroute={0x1c, 0x1a, 0x1, 0x70bd29, 0x0, {0x2, 0x20, 0x20, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2000}}, 0x1c}}, 0x0)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0/..\x00', &(0x7f0000000300)={0x0, 0x0, 0x10}, 0x18)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000940)=@newtfilter={0x148, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r8, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x118, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x1c, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x49}]}]}, @TCA_FLOWER_KEY_CT_ZONE={0x6, 0x5d, 0x5}, @TCA_FLOWER_KEY_ENC_OPTS_MASK={0xcc, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x34, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x3000000}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0xff}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5ac}]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x24, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x86}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x6}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x19d}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xe7}]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x2c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x7}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0xf2}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0xffff}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xb5}]}]}, @TCA_FLOWER_KEY_ARP_THA={0xa, 0x41, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x37}}, @TCA_FLOWER_KEY_TCP_SRC={0x6}, @TCA_FLOWER_KEY_ICMPV6_CODE={0x5}]}}]}, 0x148}, 0x1, 0x0, 0x0, 0x80}, 0x800)

17.105667178s ago: executing program 2 (id=4407):
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001b00)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x33, 0x0, 0x0)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r1, &(0x7f0000000600)=[{{&(0x7f0000000140)=@nfc_llcp, 0x80, 0x0, 0x0, &(0x7f0000000580)=""/70, 0x46}}], 0x1, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

13.688281713s ago: executing program 0 (id=4412):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
socket(0x2a, 0x2, 0x0)
select(0x40, &(0x7f0000000400)={0x9, 0x3, 0x80000000, 0x0, 0x7, 0x201}, 0x0, 0x0, &(0x7f0000000100)={0x0, 0xea60})
close(0x3)
socket$nl_generic(0x10, 0x3, 0x10)
getpid()
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000000c000000bca30000000000002403000020feffff620af8fff8ffffff71a4f8ff000000001f03000000000000e5000200000000002604fdffff02000014010000033800001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000000c0), 0x10}, 0x94)
sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000001}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)

12.379931803s ago: executing program 0 (id=4414):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
inotify_init()
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setscheduler(0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r2, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000005880), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0), 0x13f}}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000b000000000000000040004009660262c060000001800000065000000000000000900000064000000f100000018000000f8ffffff000000000110000095000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xa}, 0x94)
gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @thr={&(0x7f0000000240), 0x0}}, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r4, 0x6, 0x1, &(0x7f00000000c0)={0x0, 0x747, 0x3, 0x4, 0xfb, 0x8, 0x101}, 0xc)
connect$bt_l2cap(r4, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmmsg(r4, &(0x7f0000000640)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000300)="13", 0x1}], 0x1}}], 0x2, 0x20004840)

12.365806993s ago: executing program 2 (id=4415):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c00010062"], 0x3c}}, 0x0)
r4 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003002908000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r5], 0x5c}}, 0x40)

11.489565768s ago: executing program 7 (id=4418):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000002c0)={'syztnl1\x00', &(0x7f0000000240)={'syztnl0\x00', 0x0, 0x2f, 0xce, 0x7, 0x22, 0x1, @mcast1, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8, 0x7800, 0x9, 0x1}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000001000)={'batadv_slave_1\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="540000001400090525bd70000003000002180d00", @ANYRES32=r3, @ANYBLOB="08000b000000000008000200ac14143f080009"], 0x54}}, 0x20040040)

11.445853558s ago: executing program 2 (id=4420):
socket(0x80000000000000a, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x4, [@func_proto={0x2, 0x0, 0x0, 0x13, 0x2}]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x28}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000580)=@ringbuf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f00000003c0)={0x0, 0x0, 0x401}, 0x10}, 0x94)
syz_io_uring_setup(0x239, 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000180)=[{0x0}], 0x1, 0x401, 0x6)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, 0x0, <r6=>0x0], &(0x7f0000000200), 0x4, r5})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r4, 0xc03864bc, &(0x7f0000000500)={0x200, 0x1, &(0x7f0000000180)=[r7], &(0x7f0000000200), &(0x7f0000000580)=[r6], &(0x7f0000000040)})
keyctl$set_reqkey_keyring(0xe, 0x3)
keyctl$chown(0x4, 0x0, 0xee01, 0x0)
keyctl$join(0x1, 0x0)

11.233153221s ago: executing program 0 (id=4421):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00'})
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000000680)=""/102392, 0x18ff8)
r2 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040), 0x43)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, 0x0, 0x0)
prctl$PR_MCE_KILL(0x21, 0x1, 0x1)
accept4$vsock_stream(0xffffffffffffffff, 0x0, 0x0, 0x80000)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl(r3, 0x8b21, 0x0)

9.266899023s ago: executing program 0 (id=4424):
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001b00)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x33, 0x0, 0x0)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r1, &(0x7f0000000600)=[{{&(0x7f0000000140)=@nfc_llcp, 0x80, 0x0, 0x0, &(0x7f0000000580)=""/70, 0x46}}], 0x1, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

6.715517993s ago: executing program 1 (id=4428):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c"], 0x3c}}, 0x0)
r4 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003002908000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r5], 0x5c}}, 0x40)

6.449175558s ago: executing program 7 (id=4429):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
inotify_init()
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setscheduler(0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r2, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000005880), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0), 0x13f}}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000b000000000000000040004009660262c060000001800000065000000000000000900000064000000f100000018000000f8ffffff000000000110000095000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0xa}, 0x94)
gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @thr={&(0x7f0000000240), 0x0}}, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r4, 0x6, 0x1, &(0x7f00000000c0)={0x0, 0x747, 0x3, 0x4, 0xfb, 0x8, 0x101}, 0xc)
connect$bt_l2cap(r4, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmmsg(r4, &(0x7f0000000640)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000300)="13", 0x1}], 0x1}}], 0x2, 0x20004840)

5.740457059s ago: executing program 1 (id=4430):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000340)=@filter={'filter\x00', 0x42, 0x4, 0x2e8, 0xffffffff, 0x1e8, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x280, 0x280, 0x280, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xd0, 0xf8, 0x0, {0x100000000000000}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x3, 0x0, 0x17}}, @common=@unspec=@connmark={{0x30}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@icmp={{0x28}, {0xb, "b22f"}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@ip={@empty, @loopback, 0x0, 0x0, 'vlan1\x00', 'dvmrp0\x00', {}, {}, 0x24, 0x0, 0x4}, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x2}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x348)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
getpid()
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_io_uring_setup(0xa0, &(0x7f0000000380)={0x0, 0x105cc6, 0x400, 0xfffffffe, 0x207}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0xa4, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r4, 0x847ba, 0x0, 0xe, 0x0, 0x0)

5.65833348s ago: executing program 2 (id=4431):
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000400)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x1, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0xa4}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c00)=ANY=[@ANYBLOB="d8000000000201030000000000000000070000028800018006000340000300002c00018014000300fe80000000000000000000000000000d14000400fc02000000000000000000000000000006000340000200000c000280050001003a0000000c000280050001002f00000014000180080001000080000008000200ac14142306000340000000000c000280050001000600000006000340000319000800044000006b0506000740007369702d32303030300000000900060073797a31000000000e0006007369702d3230303030000000"], 0xd8}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000)
socket(0x10, 0x803, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='nmi_noise\x00', r0, 0x0, 0x2}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xa, 0x21bb, &(0x7f0000000080)=ANY=[@ANYBLOB="18020000ff57ff57b9000000000000008500000041000000a20005ae7dac94c8769f7b937bc4593a7c567efdf6d6f52fe6a325"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x100)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0)
ioctl$COMEDI_POLL(r1, 0x640f)
ioctl$COMEDI_POLL(r1, 0x640f)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000080)={'dt2815\x00', [0xee, 0x80008000, 0x1, 0xa, 0x0, 0x0, 0x9, 0xf, 0x1000, 0x1, 0x8, 0x5, 0x6, 0x4, 0xffff, 0x6, 0xffffffa7, 0x3, 0xfffffffd, 0x65c, 0x3ff, 0x10000, 0x800, 0x400e2df, 0x9, 0x4e, 0x4, 0x3, 0x7, 0x5, 0x5]})
ioctl$COMEDI_DEVINFO(r1, 0x80b06401, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='devtmpfs\x00', 0x0, 0x0)
syz_open_dev$video4linux(&(0x7f0000000500), 0x20, 0x400)
ioctl$VIDIOC_SUBDEV_S_CROP(0xffffffffffffffff, 0xc038563c, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x6, 0x1000087}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r2 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r3 = gettid()
process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
syz_open_dev$video4linux(&(0x7f0000000000), 0x71, 0x0)

4.714252685s ago: executing program 1 (id=4432):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00'})
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000000680)=""/102392, 0x18ff8)
r2 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040), 0x43)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, 0x0, 0x0)
prctl$PR_MCE_KILL(0x21, 0x1, 0x1)
accept4$vsock_stream(0xffffffffffffffff, 0x0, 0x0, 0x80000)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl(r3, 0x8b21, 0x0)

4.689148515s ago: executing program 7 (id=4433):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
socket(0x2a, 0x2, 0x0)
select(0x40, &(0x7f0000000400)={0x9, 0x3, 0x80000000, 0x0, 0x7, 0x201}, 0x0, 0x0, &(0x7f0000000100)={0x0, 0xea60})
close(0x3)
socket$nl_generic(0x10, 0x3, 0x10)
getpid()
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000000c000000bca30000000000002403000020feffff620af8fff8ffffff71a4f8ff000000001f03000000000000e5000200000000002604fdffff02000014010000033800001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000000c0), 0x10}, 0x94)
sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000001}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)

2.892259534s ago: executing program 7 (id=4434):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00'}, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
ftruncate(0xffffffffffffffff, 0xffff)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f00000000c0))
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x0, 0xee00}}, './file0\x00'})
write$dsp(r4, &(0x7f0000000440)="024922acde319b3a7cac20447312ad1f7c62000000090000c83b899897a7ef9ccb3e45e10e93ded8367d55f030e634d42bc8b951c7b7fcbb7ef4041a", 0x3c)
close(r4)

2.877739584s ago: executing program 1 (id=4435):
socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, 0x0, 0x0}, 0x20)
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x208, 0xb8, 0x8, 0xfa04, 0xb8, 0x6c02, 0x170, 0x194, 0x194, 0x170, 0x194, 0x3, 0x0, {[{{@ip={@multicast2, @broadcast, 0x0, 0x0, 'veth0_to_hsr\x00', 'veth0_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0x90, 0xb8, 0x0, {0x0, 0x74020000}, [@common=@socket0={{0x20}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ip={@multicast2, @dev, 0x0, 0x0, '\x00', 'tunl0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x268)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000040)={{0x77359400}, {0x0, 0x3938700}}, 0x0)

2.855993145s ago: executing program 0 (id=4436):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, 0x0, 0x40)
landlock_restrict_self(0xffffffffffffffff, 0x0)
r1 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)

2.847131845s ago: executing program 2 (id=4437):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
r4 = memfd_create(&(0x7f0000000380)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xa9\x1fg\xf1\x85z{\x1d<\xe2\x1c7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xedn\x8c<5\xcf\x92;\x85)\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\x05\x831\xd3\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xf6\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xc6(\x19\xf8\xb4?Fv\xac\xc7m\xe1\xf68W\x19\x0f\x87\x84\xafK\x91v\xb5\xe7Cf\xe0L\b9\xe2\x15d~R4\xdf\xbb\xfeiH', 0x3)
ftruncate(r4, 0xffff)
fcntl$addseals(r4, 0x409, 0x7)
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f00000000c0))
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x0, 0xee00}}, './file0\x00'})
write$dsp(r5, &(0x7f0000000440)="024922acde319b3a7cac20447312ad1f7c62000000090000c83b899897a7ef9ccb3e45e10e93ded8367d55f030e634d42bc8b951c7b7fcbb", 0x38)
close(r5)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, 0x0, 0x0)

1.454480546s ago: executing program 1 (id=4438):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000780), r0)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000cc0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010828bd7000fddbdf251000000005000f000400000008000100", @ANYRES64], 0x2c}, 0x1, 0x0, 0x0, 0x8010}, 0x14)

1.2750674s ago: executing program 2 (id=4439):
r0 = socket(0xa, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, 0x0)
r1 = memfd_create(0x0, 0x3)
write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[], 0x78)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
socket$kcm(0x29, 0x5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512-generic\x00'}, 0x58)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r3, &(0x7f0000000000)={0x27}, 0x74)
r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000540)=0x9)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x7e)
close_range(r5, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x13, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095", @ANYRES8=r2, @ANYRES64=r4, @ANYRES32=r2, @ANYRESDEC], &(0x7f0000000240)='GPL\x00', 0x85, 0x0, 0x0, 0x41000, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x1000000, 0x3})

1.250875s ago: executing program 7 (id=4440):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000340)=@filter={'filter\x00', 0x42, 0x4, 0x2e8, 0xffffffff, 0x1e8, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x280, 0x280, 0x280, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xd0, 0xf8, 0x0, {0x100000000000000}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x3, 0x0, 0x17}}, @common=@unspec=@connmark={{0x30}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@icmp={{0x28}, {0xb, "b22f"}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@ip={@empty, @loopback, 0x0, 0x0, 'vlan1\x00', 'dvmrp0\x00', {}, {}, 0x24, 0x0, 0x4}, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x2}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x348)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
getpid()
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_io_uring_setup(0xa0, &(0x7f0000000380)={0x0, 0x105cc6, 0x400, 0xfffffffe, 0x207}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0xa4, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r4, 0x847ba, 0x0, 0xe, 0x0, 0x0)

810.252967ms ago: executing program 0 (id=4441):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0)
sendfile(r3, r2, 0x0, 0x6)
ioctl$SG_GET_TIMEOUT(r2, 0x2202, 0x0)
syz_io_uring_setup(0x5c45, &(0x7f0000000400)={0x0, 0x0, 0x40, 0x2, 0x15, 0x0, r2}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
futex(0x0, 0xb, 0x2, 0x0, 0x0, 0x2)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, 0x0, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x3, 0x8}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newtfilter={0x68, 0x2c, 0xd27, 0x70bd28, 0x6000000, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0x34, 0x2, [@TCA_FW_ACT={0x30, 0x4, [@m_nat={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x1, 0x8}}]}, 0x68}, 0x1, 0x0, 0x0, 0x4}, 0x4000800)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1a00000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB="0400"/20, @ANYRES32=0x0, @ANYRES32], 0x50)

69.636179ms ago: executing program 7 (id=4442):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
r1 = syz_open_dev$vim2m(0x0, 0x81, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x8000, 0x3000, 0x34343452, 0x4, 0x7, [{0x592e3537, 0x2}, {0xfffffff7, 0x9}, {0x1, 0x9}, {0xe53, 0x7}, {0x7000, 0x8}, {0x7, 0xc}, {0x8, 0x32}, {0x1, 0xfffffff0}], 0xd7, 0x4, 0x3, 0x2, 0x4}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x9)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x8200, 0x0)
setsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x2, 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r4 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000040)={0x7, 0x6576, 0x8})
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi1\x00', 0x2180, 0x0)
ioctl$COMEDI_DEVCONFIG(r6, 0x40946400, &(0x7f00000005c0)={'pcl812\x00', [0x2f00, 0x1000, 0x3, 0x2, 0x0, 0x1, 0x2, 0x9, 0xffe, 0x1, 0xc, 0x1, 0x4, 0x4, 0xffff, 0x8006, 0xffffffa7, 0x10001, 0x832, 0x30000, 0x3ff, 0x9, 0x800, 0xe2df, 0x2, 0x1, 0x80, 0x3, 0x3, 0x7, 0x70f]})
r7 = socket$l2tp6(0xa, 0x2, 0x73)
connect$pppl2tp(r5, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, r7, 0x4, 0x0, 0x0, 0x0, {0xa, 0x4e23, 0x2, @mcast1, 0x5a89}}}, 0x3a)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r4, 0x100000000)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="041706aaaaaaaaaa12e54b3fcd443f560eb95ff5f70b2b2bf6ecdf05cceb7d5e7e0046025f2758300b9fdf09adaeef5901457f17aca2fccbf1fa7aaaec57f979171331d77806578f7db21dc0b308a31b95340ec3afde72d05bd07a588540372b7037132e5333e4ff000000"], 0x9)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000180)='gfs2\x00', 0x2208004, 0x0)

0s ago: executing program 1 (id=4443):
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='tasks\x00', 0x2, 0x0)
gettid()
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8924, &(0x7f0000001300)={'nr0\x00'})
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000600)=ANY=[@ANYBLOB], 0x8)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000001c0)="00940a37", 0x4)
sendto$unix(r3, &(0x7f0000000440)="36d9a32e92c131d730b1abaedb51eb66fd2d5b1f7eda4f0e859fdaf294bad70673813533d8bf1c6a77b65a7afdc01b29e73571071a68d5def5d7df839810da130b9348f4d9d407eb478d5bfb298c552a498271af70914e14ba9476fd2a0e47984c25ea20afab3064a748add27a7149e9c4705475bda2ecec9ec30214f28c5e16fd3f50f604f20232c534409e52bff64fc6ca0f5e254083aec2794b7216e002e87caf3d0fa7d04ff9e3b03e81595a04979594ff6ea888bf13de8e8f74c6178e31e47593732ae1a501ad3641d423195a788efdb643f50a8c8b9794a62f7b8dfa0fa7da9d391b92ce2a7f9fe0f9d584a3775f", 0x703d59595f6742a8, 0x800, 0x0, 0x0)
recvfrom(r3, &(0x7f00000030c0)=""/4117, 0xffffffffffffffbf, 0x1, 0x0, 0xffffffffffffffb5)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000380)={{0x1, 0x1, 0x18, r3, {0x4}}, './file0\x00'})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
r4 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000840)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x10}, 0x18)
utimensat(r4, 0x0, 0x0, 0x0)
sendmsg$802154_raw(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)="eb", 0x1}, 0x1, 0x0, 0x0, 0x8008040}, 0x30008080)
sendmmsg$alg(r3, &(0x7f0000002a40), 0x0, 0x0)

kernel console output (not intermixed with test programs):

nt blktraces are not allowed on loop13
[  925.013124][   T58] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  925.452346][   T58] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  927.090192][T10426] Bluetooth: hci2: command tx timeout
[  927.548055][T14059] chnl_net:caif_netlink_parms(): no params data found
[  928.918055][T14114] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2057'.
[  928.948631][T14059] bridge0: port 1(bridge_slave_0) entered blocking state
[  928.988639][T14059] bridge0: port 1(bridge_slave_0) entered disabled state
[  928.996030][T14059] bridge_slave_0: entered allmulticast mode
[  929.030863][T14059] bridge_slave_0: entered promiscuous mode
[  929.063495][T14059] bridge0: port 2(bridge_slave_1) entered blocking state
[  929.098024][T10426] Bluetooth: hci2: command tx timeout
[  929.104978][T14059] bridge0: port 2(bridge_slave_1) entered disabled state
[  929.145510][T14059] bridge_slave_1: entered allmulticast mode
[  929.185891][T14059] bridge_slave_1: entered promiscuous mode
[  929.524623][T14059] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  929.828849][T14135] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2060'.
[  929.998639][T14059] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  930.744716][T14059] team0: Port device team_slave_0 added
[  930.841435][T14059] team0: Port device team_slave_1 added
[  931.187864][T10426] Bluetooth: hci2: command tx timeout
[  931.698502][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  931.809905][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  932.110309][T14059] batman_adv: batadv0: Adding interface: batadv_slave_0
[  932.117610][T14059] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  932.145637][T14059] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  932.197440][T14059] batman_adv: batadv0: Adding interface: batadv_slave_1
[  932.213005][T14059] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  932.275932][T14059] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  932.811854][T14166] blktrace: Concurrent blktraces are not allowed on loop13
[  932.845287][T14059] hsr_slave_0: entered promiscuous mode
[  932.860550][T14059] hsr_slave_1: entered promiscuous mode
[  932.890788][T14059] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  932.925313][T14059] Cannot create hsr debugfs directory
[  933.020438][   T58] hsr_slave_0: left promiscuous mode
[  933.043092][   T58] hsr_slave_1: left promiscuous mode
[  933.061503][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  933.078694][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[  933.115903][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  933.138124][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[  933.148210][   T58] bridge_slave_1: left allmulticast mode
[  933.170826][   T58] bridge_slave_1: left promiscuous mode
[  933.191116][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[  933.243673][   T58] bridge_slave_0: left allmulticast mode
[  933.258633][T10426] Bluetooth: hci2: command tx timeout
[  933.290294][   T58] bridge_slave_0: left promiscuous mode
[  933.323708][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[  933.524542][   T58] veth1_macvtap: left promiscuous mode
[  933.551220][   T58] veth0_macvtap: left promiscuous mode
[  933.578309][   T58] veth1_vlan: left promiscuous mode
[  933.583767][   T58] veth0_vlan: left promiscuous mode
[  934.394364][   T58] bond1 (unregistering): Released all slaves
[  935.633345][   T58] team0 (unregistering): Port device team_slave_1 removed
[  935.766816][   T58] team0 (unregistering): Port device team_slave_0 removed
[  936.055365][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  936.242397][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  937.554114][   T58] bond0 (unregistering): Released all slaves
[  938.868400][T14219] blktrace: Concurrent blktraces are not allowed on loop11
[  939.532370][   T58] IPVS: stop unused estimator thread 0...
[  939.737993][T14059] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  939.782577][T14059] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  939.820395][T14059] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  939.852184][T14059] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  940.286630][T14059] 8021q: adding VLAN 0 to HW filter on device bond0
[  940.391552][T14059] 8021q: adding VLAN 0 to HW filter on device team0
[  940.438966][ T2934] bridge0: port 1(bridge_slave_0) entered blocking state
[  940.446271][ T2934] bridge0: port 1(bridge_slave_0) entered forwarding state
[  940.497000][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[  940.504568][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[  942.280503][T14059] 8021q: adding VLAN 0 to HW filter on device batadv0
[  943.277229][T14288] tmpfs: Bad value for 'mpol'
[  944.355108][T14059] veth0_vlan: entered promiscuous mode
[  944.454345][T14059] veth1_vlan: entered promiscuous mode
[  945.703019][T14059] veth0_macvtap: entered promiscuous mode
[  945.747533][T14059] veth1_macvtap: entered promiscuous mode
[  945.915054][T14059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  945.969357][T14059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  946.003392][T14059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  946.035728][T14059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  946.065274][T14059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  946.107929][T14059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  946.184306][T14059] batman_adv: batadv0: Interface activated: batadv_slave_0
[  946.225811][T14059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  946.292175][T14059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  947.207950][T14059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  947.257773][T14059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  947.287767][T14059] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  947.314337][T14059] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  947.331127][T14059] batman_adv: batadv0: Interface activated: batadv_slave_1
[  947.368381][T14059] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  947.391689][T14059] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  947.402655][T14059] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  947.416582][T14059] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  948.330063][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  948.370893][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  948.484547][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  948.513447][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  953.847954][T14395] blktrace: Concurrent blktraces are not allowed on loop17
[  956.301846][T14428] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  956.550883][T14432] tipc: Started in network mode
[  956.742717][T14432] tipc: Node identity 56efce01ec3c, cluster identity 4711
[  956.901480][T14432] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  956.919935][T14437] dlm: plock device version mismatch: kernel (1.2.0), user (4.0.16777355)
[  957.054898][T14438] syzkaller0: entered promiscuous mode
[  957.071201][T14438] syzkaller0: entered allmulticast mode
[  957.306056][T14432] tipc: Resetting bearer <eth:syzkaller0>
[  957.430646][T14431] tipc: Resetting bearer <eth:syzkaller0>
[  957.527593][T14431] tipc: Disabling bearer <eth:syzkaller0>
[  959.140821][T14473] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  962.323063][T14483] dlm: plock device version mismatch: kernel (1.2.0), user (4.0.16777355)
[  965.281862][T14520] tmpfs: Bad value for 'mpol'
[  965.386196][T14525] blktrace: Concurrent blktraces are not allowed on loop17
[  967.168540][T14543] dlm: plock device version mismatch: kernel (1.2.0), user (4.0.16777355)
[  969.733708][T14582] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2147'.
[  970.862877][T14589] tmpfs: Bad value for 'mpol'
[  971.456670][T14597] dlm: plock device version mismatch: kernel (1.2.0), user (4.0.16777355)
[  972.844198][T14615] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2152'.
[  973.766145][T14634] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2158'.
[  974.214302][T14645] tmpfs: Bad value for 'mpol'
[  974.269138][T14648] blktrace: Concurrent blktraces are not allowed on loop11
[  975.220664][T14660] dlm: plock device version mismatch: kernel (1.2.0), user (4.0.16777355)
[  977.674661][T14684] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2165'.
[  979.950630][T14720] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2173'.
[  981.548806][T14730] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  981.770312][T14737] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2177'.
[  984.334419][T14770] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2183'.
[  988.031348][T14784] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2188'.
[  992.068703][T14832] overlayfs: failed to resolve './file0': -2
[  993.104048][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  993.111754][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  993.769492][T14849] tmpfs: Bad value for 'mpol'
[  994.296000][T14856] blktrace: Concurrent blktraces are not allowed on loop13
[  995.168051][T14864] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2208'.
[  997.369467][T14879] netlink: 1 bytes leftover after parsing attributes in process `syz.8.2212'.
[ 1000.857071][T14905] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2219'.
[ 1002.551986][T14918] netlink: 1 bytes leftover after parsing attributes in process `syz.8.2223'.
[ 1003.328701][T14932] blktrace: Concurrent blktraces are not allowed on loop13
[ 1005.728345][T14947] netlink: 'syz.9.2231': attribute type 10 has an invalid length.
[ 1005.879911][T14947] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1005.955331][T14947] team0: Port device bond0 added
[ 1006.630798][T14955] netlink: 1 bytes leftover after parsing attributes in process `syz.8.2235'.
[ 1007.454395][T14970] blktrace: Concurrent blktraces are not allowed on loop13
[ 1009.144580][T14990] netlink: 'syz.9.2245': attribute type 10 has an invalid length.
[ 1009.166617][T14987] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[ 1009.551793][T14996] netlink: 1 bytes leftover after parsing attributes in process `syz.9.2246'.
[ 1010.113973][T15001] tmpfs: Bad value for 'mpol'
[ 1010.908243][T15017] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2247'.
[ 1014.256987][T15046] tmpfs: Bad value for 'mpol'
[ 1015.363473][T15045] netlink: 'syz.8.2254': attribute type 10 has an invalid length.
[ 1015.391705][T15045] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1015.400385][T15045] team0: Port device bond0 added
[ 1015.953918][T15065] tmpfs: Bad value for 'mpol'
[ 1017.770215][T15081] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[ 1018.402106][T15104] tmpfs: Bad value for 'mpol'
[ 1018.961230][T15111] netlink: 'syz.8.2267': attribute type 10 has an invalid length.
[ 1022.102260][T15140] tmpfs: Bad value for 'mpol'
[ 1022.887835][T15153] vivid-000: disconnect
[ 1024.017734][T15148] vivid-000: reconnect
[ 1024.020211][T15162] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[ 1024.422892][T15170] netlink: 'syz.5.2276': attribute type 10 has an invalid length.
[ 1026.954751][T15195] tmpfs: Bad value for 'mpol'
[ 1028.486623][T15227] netlink: 20 bytes leftover after parsing attributes in process `syz.9.2280'.
[ 1030.881501][T15245] netlink: 'syz.5.2286': attribute type 10 has an invalid length.
[ 1032.052425][T15257] dlm: plock device version mismatch: kernel (1.2.0), user (4.0.16777355)
[ 1032.787754][  T787] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1032.987849][  T787] usb 9-1: Using ep0 maxpacket: 16
[ 1033.016572][  T787] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1033.091296][  T787] usb 9-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[ 1033.160820][  T787] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1033.997793][  T787] usb 9-1: Product: syz
[ 1034.002145][  T787] usb 9-1: Manufacturer: syz
[ 1034.006773][  T787] usb 9-1: SerialNumber: syz
[ 1034.059431][  T787] usb 9-1: config 0 descriptor??
[ 1034.085349][  T787] port100 9-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[ 1034.818274][T15305] netlink: 'syz.6.2297': attribute type 10 has an invalid length.
[ 1035.549632][   T42] usb 9-1: USB disconnect, device number 2
[ 1036.089240][T15325] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2299'.
[ 1036.638762][T15328] tmpfs: Bad value for 'mpol'
[ 1038.508633][T15344] dlm: plock device version mismatch: kernel (1.2.0), user (4.0.16777355)
[ 1039.968652][T15366] netlink: 'syz.5.2307': attribute type 10 has an invalid length.
[ 1044.193335][T15409] dlm: plock device version mismatch: kernel (1.2.0), user (4.0.16777355)
[ 1045.754429][T15429] netlink: 'syz.5.2318': attribute type 10 has an invalid length.
[ 1047.637097][T15449] tmpfs: Bad value for 'mpol'
[ 1049.594037][T15452] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2321'.
[ 1051.737838][T10426] Bluetooth: hci2: command 0x0406 tx timeout
[ 1052.651925][T15482] dlm: plock device version mismatch: kernel (1.2.0), user (4.0.16777355)
[ 1054.556114][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.562634][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.901629][T15506] tmpfs: Bad value for 'mpol'
[ 1056.339136][T15513] warning: `syz.8.2333' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[ 1056.426151][T15516] futex_wake_op: syz.5.2334 tries to shift op by -1; fix this program
[ 1058.117611][T15528] netlink: 'syz.5.2337': attribute type 10 has an invalid length.
[ 1060.170650][T15552] tmpfs: Bad value for 'mpol'
[ 1063.776451][T15565] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2345'.
[ 1070.888688][T15628] netlink: 'syz.6.2360': attribute type 10 has an invalid length.
[ 1075.989955][T15678] netlink: 20 bytes leftover after parsing attributes in process `syz.9.2370'.
[ 1077.193759][T15685] trusted_key: encrypted_key: insufficient parameters specified
[ 1078.904736][T15706] netlink: 'syz.6.2377': attribute type 10 has an invalid length.
[ 1078.925394][T15709] tmpfs: Bad value for 'mpol'
[ 1081.505305][T15730] genirq: Flags mismatch irq 4. 00000000 (das16m1) vs. 00000000 (ttyS0)
[ 1084.532382][T15773] syz.8.2393: attempt to access beyond end of device
[ 1084.532382][T15773] nbd8: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1084.587686][T15773] syz.8.2393: attempt to access beyond end of device
[ 1084.587686][T15773] nbd8: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1084.611173][T15773] Mount JFS Failure: -5
[ 1085.445816][T15781] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2394'.
[ 1087.522922][T15804] tmpfs: Bad value for 'mpol'
[ 1088.644848][T15817] syz.6.2405: attempt to access beyond end of device
[ 1088.644848][T15817] nbd6: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1088.660068][T15817] syz.6.2405: attempt to access beyond end of device
[ 1088.660068][T15817] nbd6: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1088.673612][T15817] Mount JFS Failure: -5
[ 1097.043635][T15875] tmpfs: Bad value for 'mpol'
[ 1105.845176][T15953] tmpfs: Bad value for 'mpol'
[ 1110.022871][T15989] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2444'.
[ 1111.413141][T16008] tmpfs: Bad value for 'mpol'
[ 1112.821930][T16026] netlink: 1 bytes leftover after parsing attributes in process `syz.5.2452'.
[ 1113.642922][T16035] tmpfs: Bad value for 'mpol'
[ 1116.168540][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.175225][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.872603][T16065] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1116.880498][T16065] IPv6: NLM_F_CREATE should be set when creating new route
[ 1116.888118][T16065] IPv6: NLM_F_CREATE should be set when creating new route
[ 1116.895582][T16065] IPv6: NLM_F_CREATE should be set when creating new route
[ 1118.229676][T16065] netlink: 80 bytes leftover after parsing attributes in process `syz.6.2459'.
[ 1118.701757][T16083] tmpfs: Bad value for 'mpol'
[ 1120.902847][T16087] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2465'.
[ 1124.336142][T16152] netlink: 'syz.5.2476': attribute type 10 has an invalid length.
[ 1124.545122][T16154] syz.6.2479: attempt to access beyond end of device
[ 1124.545122][T16154] nbd6: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1124.559417][T16154] syz.6.2479: attempt to access beyond end of device
[ 1124.559417][T16154] nbd6: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1124.572921][T16154] Mount JFS Failure: -5
[ 1127.864021][T16195] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2487'.
[ 1129.455072][T16212] netlink: 'syz.8.2491': attribute type 10 has an invalid length.
[ 1142.607962][T16278] tmpfs: Bad value for 'mpol'
[ 1146.664831][T16324] syz.6.2516: attempt to access beyond end of device
[ 1146.664831][T16324] nbd6: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1146.698845][T16324] syz.6.2516: attempt to access beyond end of device
[ 1146.698845][T16324] nbd6: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1146.724793][T16324] Mount JFS Failure: -5
[ 1150.941500][T16358] tmpfs: Bad value for 'mpol'
[ 1153.897130][T16383] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2527'.
[ 1154.078172][T16385] ubi31: attaching mtd0
[ 1154.123448][T16385] ubi31: scanning is finished
[ 1154.129402][T16385] ubi31: empty MTD device detected
[ 1154.908411][T16385] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[ 1154.947849][T16385] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[ 1155.101958][T16385] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[ 1155.138647][T16385] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[ 1155.146240][T16385] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[ 1155.376548][T16385] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[ 1156.144386][T16385] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2891521358
[ 1156.217873][T16385] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[ 1156.275674][T16394] ubi31: background thread "ubi_bgt31d" started, PID 16394
[ 1159.137524][T16433] netlink: 'syz.5.2539': attribute type 10 has an invalid length.
[ 1159.182187][T16437] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2540'.
[ 1161.283997][T16450] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1161.291354][T16450] IPv6: NLM_F_CREATE should be set when creating new route
[ 1161.298615][T16450] IPv6: NLM_F_CREATE should be set when creating new route
[ 1161.305816][T16450] IPv6: NLM_F_CREATE should be set when creating new route
[ 1161.767557][T16462] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2546'.
[ 1164.842952][T16487] tmpfs: Bad value for 'mpol'
[ 1166.485036][T16502] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2552'.
[ 1167.127156][T16514] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1169.246649][T16544] tmpfs: Bad value for 'mpol'
[ 1170.720995][T16553] dlm: plock device version mismatch: kernel (1.2.0), user (4.0.16777355)
[ 1171.584779][T16565] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2566'.
[ 1171.677947][T16564] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1171.685364][T16564] IPv6: NLM_F_CREATE should be set when creating new route
[ 1171.692675][T16564] IPv6: NLM_F_CREATE should be set when creating new route
[ 1171.699944][T16564] IPv6: NLM_F_CREATE should be set when creating new route
[ 1172.234638][T16581] netlink: 'syz.9.2568': attribute type 10 has an invalid length.
[ 1174.507975][T16601] tmpfs: Bad value for 'mpol'
[ 1176.991677][T16632] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2578'.
[ 1177.441026][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.554954][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1178.847523][T16651] tmpfs: Bad value for 'mpol'
[ 1179.734982][T16654] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2586'.
[ 1179.971298][T16668] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2587'.
[ 1181.151875][T16689] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1181.221095][T16689] netlink: 80 bytes leftover after parsing attributes in process `syz.6.2591'.
[ 1181.578242][T16691] netlink: 'syz.8.2590': attribute type 10 has an invalid length.
[ 1181.908579][T16701] syz.9.2593: attempt to access beyond end of device
[ 1181.908579][T16701] nbd9: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1181.936824][T16701] syz.9.2593: attempt to access beyond end of device
[ 1181.936824][T16701] nbd9: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1181.951680][T16701] Mount JFS Failure: -5
[ 1184.229159][T16726] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1184.936620][T16738] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2598'.
[ 1186.978278][T16750] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1186.987032][T16750] netlink: 80 bytes leftover after parsing attributes in process `syz.8.2603'.
[ 1190.378983][T16789] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2609'.
[ 1190.670430][T16798] netlink: 'syz.9.2611': attribute type 10 has an invalid length.
[ 1191.229358][T16804] syz.8.2613: attempt to access beyond end of device
[ 1191.229358][T16804] nbd8: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1191.242515][T16804] syz.8.2613: attempt to access beyond end of device
[ 1191.242515][T16804] nbd8: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1191.256197][T16804] Mount JFS Failure: -5
[ 1191.829787][T16808] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1191.948936][T16806] netlink: 80 bytes leftover after parsing attributes in process `syz.5.2614'.
[ 1192.193332][T16815] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2617'.
[ 1193.312192][T16825] ubi: mtd0 is already attached to ubi31
[ 1193.350088][T16828] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2620'.
[ 1194.905456][T16860] syz.9.2625: attempt to access beyond end of device
[ 1194.905456][T16860] nbd9: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1194.918450][T16860] syz.9.2625: attempt to access beyond end of device
[ 1194.918450][T16860] nbd9: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1194.931367][T16860] Mount JFS Failure: -5
[ 1195.654039][T16863] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1195.678937][T16862] netlink: 80 bytes leftover after parsing attributes in process `syz.5.2627'.
[ 1196.136917][T16877] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2631'.
[ 1196.873986][T10426] Bluetooth: hci2: command 0x0406 tx timeout
[ 1199.470919][T16926] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2642'.
[ 1202.751699][ T5794] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1202.767718][ T5794] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1202.796600][ T5794] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1202.838090][ T5794] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1202.858854][ T5794] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1202.866302][ T5794] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1202.888317][ T5905] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1203.103470][ T5905] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1203.606147][T16980] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2651'.
[ 1203.854575][ T5905] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1203.969605][T16993] syz.8.2654: attempt to access beyond end of device
[ 1203.969605][T16993] nbd8: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1203.983392][T16993] syz.8.2654: attempt to access beyond end of device
[ 1203.983392][T16993] nbd8: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1203.996327][T16993] Mount JFS Failure: -5
[ 1204.045560][ T5905] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1205.894423][ T5794] Bluetooth: hci1: command tx timeout
[ 1207.965049][T16967] chnl_net:caif_netlink_parms(): no params data found
[ 1207.978801][ T5794] Bluetooth: hci1: command tx timeout
[ 1209.612944][T16967] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1209.643662][T16967] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1209.671988][T16967] bridge_slave_0: entered allmulticast mode
[ 1209.697093][T16967] bridge_slave_0: entered promiscuous mode
[ 1209.792575][T16967] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1209.822157][T16967] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1209.842659][T16967] bridge_slave_1: entered allmulticast mode
[ 1209.891101][T16967] bridge_slave_1: entered promiscuous mode
[ 1210.059180][ T5794] Bluetooth: hci1: command tx timeout
[ 1210.776018][T16967] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1210.912825][T16967] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1211.584600][T17059] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2663'.
[ 1211.691302][T16967] team0: Port device team_slave_0 added
[ 1211.774834][T16967] team0: Port device team_slave_1 added
[ 1212.138885][ T5794] Bluetooth: hci1: command tx timeout
[ 1212.989217][T16967] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1212.996215][T16967] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1213.116220][T16967] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1213.161136][T16967] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1213.168212][T16967] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1213.196106][T16967] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1214.875107][T17093] 9pnet_fd: Insufficient options for proto=fd
[ 1216.139698][T16967] hsr_slave_0: entered promiscuous mode
[ 1216.191240][T16967] hsr_slave_1: entered promiscuous mode
[ 1216.217688][T16967] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1216.225298][T16967] Cannot create hsr debugfs directory
[ 1216.273780][ T5905] hsr_slave_0: left promiscuous mode
[ 1216.314594][ T5905] hsr_slave_1: left promiscuous mode
[ 1216.347734][ T5905] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1216.355195][ T5905] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1216.410515][ T5905] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1216.437913][ T5905] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1216.454603][ T5905] bridge_slave_1: left allmulticast mode
[ 1216.478519][ T5905] bridge_slave_1: left promiscuous mode
[ 1216.484413][ T5905] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1216.523514][ T5905] bridge_slave_0: left allmulticast mode
[ 1216.530858][ T5905] bridge_slave_0: left promiscuous mode
[ 1216.543597][ T5905] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1216.636119][ T5905] veth1_macvtap: left promiscuous mode
[ 1216.643047][ T5905] veth0_macvtap: left promiscuous mode
[ 1216.658093][ T5905] veth1_vlan: left promiscuous mode
[ 1216.674784][ T5905] veth0_vlan: left promiscuous mode
[ 1218.702734][ T5905] team0 (unregistering): Port device team_slave_1 removed
[ 1218.936810][ T5905] team0 (unregistering): Port device team_slave_0 removed
[ 1219.445431][ T5905] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1219.560715][ T5905] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1221.022204][ T5905] team0 (unregistering): Port device bond0 removed
[ 1221.617266][ T5905] bond0 (unregistering): Released all slaves
[ 1222.326474][T17151] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1222.377534][T17152] netlink: 80 bytes leftover after parsing attributes in process `syz.8.2682'.
[ 1225.912040][ T5905] IPVS: stop unused estimator thread 0...
[ 1226.645457][T17204] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1226.666940][T17205] netlink: 80 bytes leftover after parsing attributes in process `syz.5.2693'.
[ 1227.861471][T16967] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1227.895289][T16967] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1228.028190][T16967] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1228.156207][T16967] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1228.845655][T16967] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1229.578110][T16967] 8021q: adding VLAN 0 to HW filter on device team0
[ 1229.989720][ T5905] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1229.996911][ T5905] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1230.312512][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1230.319755][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1232.936383][T16967] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1233.030390][T16967] veth0_vlan: entered promiscuous mode
[ 1233.053707][T16967] veth1_vlan: entered promiscuous mode
[ 1233.119357][T16967] veth0_macvtap: entered promiscuous mode
[ 1233.135351][T16967] veth1_macvtap: entered promiscuous mode
[ 1233.353892][T16967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1233.395688][T16967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1233.416731][T16967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1233.438930][T16967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1233.463643][T16967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1233.479278][T16967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1233.513303][T16967] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1233.584210][T16967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1233.663334][T16967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1233.722692][T16967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1233.812362][T16967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1233.911705][T16967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1233.996162][T16967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1234.106478][T16967] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1234.235741][T16967] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1234.338059][T16967] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1234.427427][T16967] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1234.675550][T16967] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1236.897331][ T2934] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1236.950280][ T2934] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1237.572897][ T2934] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1237.592884][ T2934] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1238.864550][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.872062][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1240.567110][T17376] netlink: 20 bytes leftover after parsing attributes in process `syz.9.2726'.
[ 1242.944894][T17397] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2728'.
[ 1249.078618][T17450] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2737'.
[ 1250.058173][T17481] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2741'.
[ 1250.129367][T17480] blktrace: Concurrent blktraces are not allowed on loop11
[ 1251.276198][T17493] overlayfs: missing 'lowerdir'
[ 1259.391836][T17583] netlink: 80 bytes leftover after parsing attributes in process `syz.5.2763'.
[ 1260.683947][T17602] tmpfs: Bad value for 'mpol'
[ 1262.953435][T17629] netlink: 80 bytes leftover after parsing attributes in process `syz.5.2774'.
[ 1272.580826][    T8] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[ 1272.791213][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1272.802411][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1272.820619][    T8] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[ 1272.832389][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1272.843342][    T8] usb 4-1: config 0 descriptor??
[ 1273.274562][    T8] cp2112 0003:10C4:EA90.0002: unknown main item tag 0x0
[ 1273.292385][    T8] cp2112 0003:10C4:EA90.0002: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.3-1/input0
[ 1273.473570][    T8] cp2112 0003:10C4:EA90.0002: Part Number: 0x82 Device Version: 0xFE
[ 1274.085393][T17777] cp2112 0003:10C4:EA90.0002: Error starting transaction: -38
[ 1274.086322][    T8] cp2112 0003:10C4:EA90.0002: error reading lock byte: -32
[ 1274.121007][    T8] usb 4-1: USB disconnect, device number 4
[ 1276.412728][T17884] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1276.425884][T17884] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1276.436112][T17884] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1276.454436][T17884] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1276.462882][T17884] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1276.476195][T17884] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1276.543690][ T9279] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1276.742853][ T9279] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1277.129894][ T9279] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1277.683007][ T9279] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1278.026420][T17883] chnl_net:caif_netlink_parms(): no params data found
[ 1278.299113][T17883] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1278.306342][T17883] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1278.314402][T17883] bridge_slave_0: entered allmulticast mode
[ 1278.322483][T17883] bridge_slave_0: entered promiscuous mode
[ 1278.335564][T17883] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1278.343114][T17883] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1278.350672][T17883] bridge_slave_1: entered allmulticast mode
[ 1278.358347][T17883] bridge_slave_1: entered promiscuous mode
[ 1278.443459][T17883] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1278.480010][T17883] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1278.539000][ T5794] Bluetooth: hci3: command tx timeout
[ 1278.561863][T17883] team0: Port device team_slave_0 added
[ 1278.585562][T17883] team0: Port device team_slave_1 added
[ 1278.794503][T17883] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1278.812441][T17883] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1279.168040][T17883] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1279.645779][T17883] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1279.674577][T17883] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1279.700638][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1279.757603][T17883] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1280.332168][T17884] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1280.345786][T17883] hsr_slave_0: entered promiscuous mode
[ 1280.360306][T17884] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1280.368436][T17884] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1280.378365][T17884] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1280.386432][T17883] hsr_slave_1: entered promiscuous mode
[ 1280.386477][T17884] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1280.400148][T17884] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1280.476072][T17883] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1280.520886][T17883] Cannot create hsr debugfs directory
[ 1280.618398][T17884] Bluetooth: hci3: command tx timeout
[ 1280.794175][ T5794] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1280.808215][ T5794] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1280.819201][ T5794] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1280.833764][ T5794] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1280.845993][ T5794] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1280.856581][ T5794] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1281.242861][ T9279] hsr_slave_0: left promiscuous mode
[ 1281.255648][ T9279] hsr_slave_1: left promiscuous mode
[ 1281.263501][ T9279] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1281.282507][ T9279] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1281.294291][ T9279] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1281.305448][ T9279] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1281.316208][ T9279] bridge_slave_1: left allmulticast mode
[ 1281.333462][ T9279] bridge_slave_1: left promiscuous mode
[ 1281.339752][ T9279] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1281.355260][ T9279] bridge_slave_0: left allmulticast mode
[ 1281.361190][ T9279] bridge_slave_0: left promiscuous mode
[ 1281.375241][ T9279] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1281.425121][ T9279] veth1_macvtap: left promiscuous mode
[ 1281.442821][ T9279] veth0_macvtap: left promiscuous mode
[ 1281.449795][ T9279] veth1_vlan: left promiscuous mode
[ 1281.455145][ T9279] veth0_vlan: left promiscuous mode
[ 1282.617737][ T5794] Bluetooth: hci0: command tx timeout
[ 1282.698744][ T5794] Bluetooth: hci3: command tx timeout
[ 1282.937853][ T5794] Bluetooth: hci2: command tx timeout
[ 1283.545036][ T9279] team0 (unregistering): Port device team_slave_1 removed
[ 1283.665251][ T9279] team0 (unregistering): Port device team_slave_0 removed
[ 1283.773429][ T9279] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1283.820582][ T9279] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1284.148233][ T9279] team0 (unregistering): Port device bond0 removed
[ 1284.377223][ T9279] bond0 (unregistering): Released all slaves
[ 1284.608658][T18007] tmpfs: Bad value for 'mpol'
[ 1284.737600][ T5794] Bluetooth: hci0: command tx timeout
[ 1285.398168][ T5794] Bluetooth: hci3: command tx timeout
[ 1285.403689][ T5794] Bluetooth: hci2: command tx timeout
[ 1286.155713][T18024] tmpfs: Bad value for 'mpol'
[ 1286.981704][T17884] Bluetooth: hci0: command tx timeout
[ 1287.060126][T17942] chnl_net:caif_netlink_parms(): no params data found
[ 1287.430352][T17884] Bluetooth: hci2: command tx timeout
[ 1288.084230][T17942] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1288.098200][T17942] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1288.105545][T17942] bridge_slave_0: entered allmulticast mode
[ 1288.117170][T17942] bridge_slave_0: entered promiscuous mode
[ 1288.293275][T17942] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1288.308351][T17942] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1288.328803][T17942] bridge_slave_1: entered allmulticast mode
[ 1288.348136][T17942] bridge_slave_1: entered promiscuous mode
[ 1288.374821][T17949] chnl_net:caif_netlink_parms(): no params data found
[ 1288.505590][T17942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1288.547111][T17942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1288.669104][T17942] team0: Port device team_slave_0 added
[ 1288.708090][T17942] team0: Port device team_slave_1 added
[ 1288.955563][T17942] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1289.018468][T17884] Bluetooth: hci0: command tx timeout
[ 1289.035585][T17942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1289.176800][T17942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1289.242186][T17942] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1289.253705][T17942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1289.296884][T17942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1289.497777][T17884] Bluetooth: hci2: command tx timeout
[ 1289.559449][T17949] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1289.602434][T17949] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1289.627998][T17949] bridge_slave_0: entered allmulticast mode
[ 1289.679327][T17949] bridge_slave_0: entered promiscuous mode
[ 1289.994721][T17949] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1290.002746][T17949] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1290.027282][T17949] bridge_slave_1: entered allmulticast mode
[ 1290.088926][T17949] bridge_slave_1: entered promiscuous mode
[ 1290.209321][ T9279] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1290.379974][T17883] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1290.751883][T17949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1290.764204][T17949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1290.777753][T17883] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1290.808387][T17883] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1290.855781][ T9279] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1290.919266][T17883] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1291.020003][ T9279] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1291.503746][T17942] hsr_slave_0: entered promiscuous mode
[ 1291.554628][T17942] hsr_slave_1: entered promiscuous mode
[ 1291.573045][T17949] team0: Port device team_slave_0 added
[ 1291.593670][ T9279] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1291.641959][T17949] team0: Port device team_slave_1 added
[ 1291.768446][T17949] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1291.775514][T17949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1291.816845][T17949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1291.949165][T17949] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1291.956166][T17949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1292.004717][T17949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1292.147725][T18092] tmpfs: Bad value for 'mpol'
[ 1293.222058][T17949] hsr_slave_0: entered promiscuous mode
[ 1293.237101][T17949] hsr_slave_1: entered promiscuous mode
[ 1293.300612][T17949] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1293.309420][T18097] ubi: mtd0 is already attached to ubi31
[ 1293.319965][T17949] Cannot create hsr debugfs directory
[ 1293.966213][ T9279] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1294.065555][ T9279] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1294.087010][T18099] tipc: Started in network mode
[ 1294.095122][T18099] tipc: Node identity ca712b09f74b, cluster identity 4711
[ 1294.102712][T18099] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1294.120041][T18100] syzkaller0: entered promiscuous mode
[ 1294.125540][T18100] syzkaller0: entered allmulticast mode
[ 1294.179513][ T9279] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1294.222487][T17883] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1294.248621][T18099] tipc: Resetting bearer <eth:syzkaller0>
[ 1294.278774][ T9279] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1294.301018][T18098] tipc: Resetting bearer <eth:syzkaller0>
[ 1294.324439][T18098] tipc: Disabling bearer <eth:syzkaller0>
[ 1294.357345][T17883] 8021q: adding VLAN 0 to HW filter on device team0
[ 1294.398039][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1294.405257][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1294.436365][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1294.443580][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1295.466806][ T9279] tipc: Left network mode
[ 1296.243768][T17883] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1296.352068][T18117] tmpfs: Bad value for 'mpol'
[ 1297.477415][T17883] veth0_vlan: entered promiscuous mode
[ 1297.532409][T17883] veth1_vlan: entered promiscuous mode
[ 1298.145772][T17883] veth0_macvtap: entered promiscuous mode
[ 1298.159526][T17883] veth1_macvtap: entered promiscuous mode
[ 1298.189604][T17883] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1298.200242][T17883] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1298.211731][T17883] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1298.224067][T17883] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1298.236669][T17883] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1298.265857][T17883] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1298.278738][T17883] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1298.296221][T17883] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1298.329154][T17883] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1298.347747][T17883] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1298.368275][T17883] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1298.406035][T17883] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1298.423208][T17883] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1298.464227][T17883] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1298.684698][T17883] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1298.695493][T17883] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1298.719912][T17883] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1298.729653][T17883] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1299.361679][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1299.379075][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1300.105574][T18128] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2819'.
[ 1300.311947][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.324532][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.356876][ T2934] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1300.402768][ T2934] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1300.414565][ T9279] hsr_slave_0: left promiscuous mode
[ 1300.450153][ T9279] hsr_slave_1: left promiscuous mode
[ 1300.457376][ T9279] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1300.485390][ T9279] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1300.503698][ T9279] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1300.514355][ T9279] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1300.565182][ T9279] bridge_slave_1: left allmulticast mode
[ 1300.575941][ T9279] bridge_slave_1: left promiscuous mode
[ 1300.586707][ T9279] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1300.606523][ T9279] bridge_slave_0: left allmulticast mode
[ 1300.614227][ T9279] bridge_slave_0: left promiscuous mode
[ 1300.628332][ T9279] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1300.653588][ T9279] hsr_slave_0: left promiscuous mode
[ 1300.664445][ T9279] hsr_slave_1: left promiscuous mode
[ 1300.676884][ T9279] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1300.691522][ T9279] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1300.703459][ T9279] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1300.726847][ T9279] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1300.742364][ T9279] bridge_slave_1: left allmulticast mode
[ 1300.748250][ T9279] bridge_slave_1: left promiscuous mode
[ 1300.753980][ T9279] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1300.763777][ T9279] bridge_slave_0: left allmulticast mode
[ 1300.769571][ T9279] bridge_slave_0: left promiscuous mode
[ 1300.775329][ T9279] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1300.854058][T18137] Bluetooth: MGMT ver 1.22
[ 1300.880115][ T9279] veth1_macvtap: left promiscuous mode
[ 1300.886007][ T9279] veth0_macvtap: left promiscuous mode
[ 1300.894460][ T9279] veth1_vlan: left promiscuous mode
[ 1300.907006][ T9279] veth0_vlan: left promiscuous mode
[ 1300.931639][ T9279] veth1_macvtap: left promiscuous mode
[ 1300.966406][ T9279] veth0_macvtap: left promiscuous mode
[ 1300.996739][ T9279] veth1_vlan: left promiscuous mode
[ 1301.034831][ T9279] veth0_vlan: left promiscuous mode
[ 1303.370760][ T9279] team0 (unregistering): Port device team_slave_1 removed
[ 1303.428877][ T9279] team0 (unregistering): Port device team_slave_0 removed
[ 1303.470144][T18148] blktrace: Concurrent blktraces are not allowed on loop7
[ 1303.819016][ T9279] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1304.025077][ T9279] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1304.296295][T18152] ubi: mtd0 is already attached to ubi31
[ 1305.012250][ T9279] team0 (unregistering): Port device bond0 removed
[ 1305.152907][ T9279] bond0 (unregistering): Released all slaves
[ 1305.687937][ T9279] team0 (unregistering): Port device team_slave_1 removed
[ 1305.736700][ T9279] team0 (unregistering): Port device team_slave_0 removed
[ 1305.786312][ T9279] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1305.836565][ T9279] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1306.211202][ T9279] team0 (unregistering): Port device bond0 removed
[ 1306.349147][ T9279] bond0 (unregistering): Released all slaves
[ 1306.832615][T17942] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1306.854505][T17942] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1306.880857][T17942] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1306.920743][T17942] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1308.580907][T18176] syz.2.2828: attempt to access beyond end of device
[ 1308.580907][T18176] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1308.622067][T18176] syz.2.2828: attempt to access beyond end of device
[ 1308.622067][T18176] nbd2: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1308.651762][T18176] Mount JFS Failure: -5
[ 1309.052555][T17942] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1309.795084][T18184] ubi: mtd0 is already attached to ubi31
[ 1309.919488][T17949] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1309.994332][T17942] 8021q: adding VLAN 0 to HW filter on device team0
[ 1310.014709][T17949] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1310.053397][ T9279] IPVS: stop unused estimator thread 0...
[ 1310.074960][T17949] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1310.168361][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1310.175501][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1310.212942][T17949] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1310.294334][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1310.301585][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1310.605916][T18198] random: crng reseeded on system resumption
[ 1310.958305][T17949] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1311.046787][T17949] 8021q: adding VLAN 0 to HW filter on device team0
[ 1311.090415][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1311.097659][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1311.218794][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1311.225992][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1311.418076][T17942] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1312.115794][T17942] veth0_vlan: entered promiscuous mode
[ 1312.155005][T17942] veth1_vlan: entered promiscuous mode
[ 1312.358433][T17942] veth0_macvtap: entered promiscuous mode
[ 1313.095420][T17942] veth1_macvtap: entered promiscuous mode
[ 1313.164430][T18223] syz.3.2836: attempt to access beyond end of device
[ 1313.164430][T18223] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1313.217509][T18223] syz.3.2836: attempt to access beyond end of device
[ 1313.217509][T18223] nbd3: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1313.233499][T18223] Mount JFS Failure: -5
[ 1313.325239][T17942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1313.360160][T17942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1313.396940][T17942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1313.458262][T17942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1313.489699][T17942] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1313.534343][T17949] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1313.596266][T17942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1313.623645][T17942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1313.654493][T17942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1313.680923][T17942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1313.709349][T17942] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1313.775387][T17942] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1313.997416][T17942] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1314.008565][T17942] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1314.071789][T17942] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1314.699261][T14482] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1314.707222][T14482] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1314.840710][ T9279] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1314.856477][ T9279] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1314.858081][T18243] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2840'.
[ 1316.149804][T17949] veth0_vlan: entered promiscuous mode
[ 1316.211372][T17949] veth1_vlan: entered promiscuous mode
[ 1316.362248][T17949] veth0_macvtap: entered promiscuous mode
[ 1316.459693][T17949] veth1_macvtap: entered promiscuous mode
[ 1317.005367][T17949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1317.042211][T17949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1317.066488][T17949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1317.084823][T17949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1317.095748][T17949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1317.111696][T17949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1317.126983][T17949] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1317.173784][T17949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1317.208374][T17949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1317.218927][T17949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1317.229793][T17949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1317.250057][T17949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1317.297868][T17949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1317.356347][T17949] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1317.416554][T17949] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1317.440121][T17949] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1317.452846][T17949] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1317.476616][T17949] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1319.447148][T14482] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1319.469258][ T9279] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1319.488693][T14482] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1319.513215][ T9279] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1322.457679][T18314] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2853'.
[ 1323.970706][T18321] vxfs: WRONG superblock magic 00000000 at 1
[ 1323.977352][T18321] vxfs: WRONG superblock magic 00000000 at 8
[ 1323.984909][T18321] vxfs: can't find superblock.
[ 1324.655703][T18328] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2856'.
[ 1327.977783][ T5794] Bluetooth: hci1: command 0x0406 tx timeout
[ 1328.457155][T18379] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2869'.
[ 1330.592759][T18397] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2873'.
[ 1331.120025][T18422] tmpfs: Bad value for 'mpol'
[ 1333.417623][T18434] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1333.424898][T18434] IPv6: NLM_F_CREATE should be set when creating new route
[ 1333.432531][T18434] IPv6: NLM_F_CREATE should be set when creating new route
[ 1333.439978][T18434] IPv6: NLM_F_CREATE should be set when creating new route
[ 1333.820041][T18434] netlink: 80 bytes leftover after parsing attributes in process `syz.2.2880'.
[ 1333.963339][T18449] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2883'.
[ 1334.144512][T18454] autofs4:pid:18454:autofs_fill_super: called with bogus options
[ 1334.839648][T18456] netlink: 80 bytes leftover after parsing attributes in process `syz.2.2886'.
[ 1335.209720][T18477] ubi: mtd0 is already attached to ubi31
[ 1336.029044][T18497] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1336.036352][T18497] IPv6: NLM_F_CREATE should be set when creating new route
[ 1336.043827][T18497] IPv6: NLM_F_CREATE should be set when creating new route
[ 1336.051246][T18497] IPv6: NLM_F_CREATE should be set when creating new route
[ 1336.136914][T18497] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2894'.
[ 1337.365635][T18505] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2896'.
[ 1337.909056][T18520] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2897'.
[ 1337.941864][T18520] netlink: 'syz.3.2897': attribute type 10 has an invalid length.
[ 1338.399435][T18524] autofs4:pid:18524:autofs_fill_super: called with bogus options
[ 1338.474040][T18520] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1338.515918][T18520] team0: Port device bond0 added
[ 1341.135064][T18555] random: crng reseeded on system resumption
[ 1342.048503][T18566] autofs4:pid:18566:autofs_fill_super: called with bogus options
[ 1342.720450][T18583] tmpfs: Bad value for 'mpol'
[ 1344.268843][T18601] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2911'.
[ 1346.730967][T18627] autofs4:pid:18627:autofs_fill_super: called with bogus options
[ 1349.067924][T13964] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 1349.341229][T13964] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1349.415687][T18671] tmpfs: Bad value for 'mpol'
[ 1350.497882][T13964] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1350.587600][T13964] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1350.609826][T13964] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1350.619499][T13964] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1350.661218][T13964] usb 5-1: config 0 descriptor??
[ 1350.972758][T18679] autofs4:pid:18679:autofs_fill_super: called with bogus options
[ 1351.103293][T13964] plantronics 0003:047F:FFFF.0003: unknown main item tag 0xd
[ 1351.171758][T13964] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[ 1351.192242][T13964] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[ 1351.460523][T13964] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[ 1351.589014][T13964] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[ 1351.668083][T13964] usb 5-1: USB disconnect, device number 2
[ 1351.776211][T18690] fido_id[18690]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory
[ 1351.799485][T18691] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2930'.
[ 1354.643810][T18729] tmpfs: Bad value for 'mpol'
[ 1354.913497][T18733] tmpfs: Bad value for 'mpol'
[ 1355.795425][T18737] autofs4:pid:18737:autofs_fill_super: called with bogus options
[ 1356.166473][T18753] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2941'.
[ 1357.875796][T18775] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1357.915386][T18775] syzkaller0: entered promiscuous mode
[ 1357.973508][T18775] syzkaller0: entered allmulticast mode
[ 1358.041338][T18777] tipc: Resetting bearer <eth:syzkaller0>
[ 1358.219489][T18774] tipc: Resetting bearer <eth:syzkaller0>
[ 1358.301782][T18774] tipc: Disabling bearer <eth:syzkaller0>
[ 1359.773467][T18799] tmpfs: Bad value for 'mpol'
[ 1361.102016][T18806] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2951'.
[ 1361.745841][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.753077][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1362.407439][T18836] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2957'.
[ 1363.331729][T18851] tmpfs: Bad value for 'mpol'
[ 1364.311539][T18856] Unsupported ieee802154 address type: 0
[ 1365.526304][T18867] tipc: Started in network mode
[ 1365.543676][T18867] tipc: Node identity eafe55e09a5c, cluster identity 4711
[ 1365.583340][T18867] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1365.628343][T18870] syzkaller0: entered promiscuous mode
[ 1365.633890][T18870] syzkaller0: entered allmulticast mode
[ 1365.709381][T18867] tipc: Resetting bearer <eth:syzkaller0>
[ 1365.749922][T18866] tipc: Resetting bearer <eth:syzkaller0>
[ 1365.775420][T18866] tipc: Disabling bearer <eth:syzkaller0>
[ 1366.068391][T18875] tmpfs: Bad value for 'mpol'
[ 1366.938630][T18884] netlink: 'syz.1.2965': attribute type 10 has an invalid length.
[ 1367.383927][T18884] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1367.540236][T18884] team0: Port device bond0 added
[ 1370.403865][T18924] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1370.411359][T18924] IPv6: NLM_F_CREATE should be set when creating new route
[ 1370.418883][T18924] IPv6: NLM_F_CREATE should be set when creating new route
[ 1370.426246][T18924] IPv6: NLM_F_CREATE should be set when creating new route
[ 1370.455557][T18924] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2973'.
[ 1371.869267][T18938] netlink: 'syz.3.2976': attribute type 10 has an invalid length.
[ 1373.555024][T18966] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1373.751109][T18966] netlink: 80 bytes leftover after parsing attributes in process `syz.2.2983'.
[ 1374.431125][T18984] autofs4:pid:18984:autofs_fill_super: called with bogus options
[ 1374.461027][T18985] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2987'.
[ 1377.774585][T19028] autofs4:pid:19028:autofs_fill_super: called with bogus options
[ 1378.012030][T19038] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2999'.
[ 1378.080402][T19040] syz.1.3000: attempt to access beyond end of device
[ 1378.080402][T19040] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1378.093349][T19040] syz.1.3000: attempt to access beyond end of device
[ 1378.093349][T19040] nbd1: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1378.106281][T19040] Mount JFS Failure: -5
[ 1380.096962][T19062] vivid-000: disconnect
[ 1380.412691][T19050] vivid-000: reconnect
[ 1380.476274][T19066] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3006'.
[ 1381.418902][T19071] ubi: mtd0 is already attached to ubi31
[ 1381.721034][T19079] autofs4:pid:19079:autofs_fill_super: called with bogus options
[ 1384.889487][T19105] random: crng reseeded on system resumption
[ 1385.409105][T19112] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3017'.
[ 1386.261315][T19116] ubi: mtd0 is already attached to ubi31
[ 1386.919611][T19130] autofs4:pid:19130:autofs_fill_super: called with bogus options
[ 1388.567012][T19164] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3028'.
[ 1388.990439][  T787] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[ 1389.419990][  T787] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1389.467664][  T787] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1389.478318][T19169] ubi: mtd0 is already attached to ubi31
[ 1389.498342][  T787] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[ 1389.519172][  T787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1389.538246][  T787] usb 3-1: config 0 descriptor??
[ 1389.697399][T19177] autofs4:pid:19177:autofs_fill_super: called with bogus options
[ 1389.969846][  T787] usbhid 3-1:0.0: can't add hid device: -71
[ 1390.000948][  T787] usbhid: probe of 3-1:0.0 failed with error -71
[ 1390.036370][  T787] usb 3-1: USB disconnect, device number 5
[ 1390.952060][T19218] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3038'.
[ 1391.987893][T19215] ubi: mtd0 is already attached to ubi31
[ 1392.480159][T19236] syz.1.3045: attempt to access beyond end of device
[ 1392.480159][T19236] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1392.495455][T19236] syz.1.3045: attempt to access beyond end of device
[ 1392.495455][T19236] nbd1: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1392.508879][T19236] Mount JFS Failure: -5
[ 1393.617882][    T8] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[ 1393.974847][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1394.024452][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1394.054773][    T8] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[ 1394.090954][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1394.130889][    T8] usb 3-1: config 0 descriptor??
[ 1394.573928][    T8] usbhid 3-1:0.0: can't add hid device: -71
[ 1394.612518][    T8] usbhid: probe of 3-1:0.0 failed with error -71
[ 1394.679419][    T8] usb 3-1: USB disconnect, device number 6
[ 1395.410078][T19268] ubi: mtd0 is already attached to ubi31
[ 1395.791597][T19277] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3052'.
[ 1396.936695][T19289] syz.1.3057: attempt to access beyond end of device
[ 1396.936695][T19289] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1396.977762][T19289] syz.1.3057: attempt to access beyond end of device
[ 1396.977762][T19289] nbd1: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1397.005856][T19289] Mount JFS Failure: -5
[ 1399.657633][ T5794] Bluetooth: hci3: command 0x0406 tx timeout
[ 1399.771894][T19320] ubi: mtd0 is already attached to ubi31
[ 1401.166231][T19331] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3064'.
[ 1401.640556][T19342] syz.3.3068: attempt to access beyond end of device
[ 1401.640556][T19342] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1401.654248][T19342] syz.3.3068: attempt to access beyond end of device
[ 1401.654248][T19342] nbd3: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1401.667604][T19342] Mount JFS Failure: -5
[ 1403.734612][T19368] tmpfs: Bad value for 'mpol'
[ 1404.782153][T19358] Bluetooth: hci0: command 0x0406 tx timeout
[ 1404.789163][T19358] Bluetooth: hci2: command 0x0406 tx timeout
[ 1406.089852][T19399] syz.2.3080: attempt to access beyond end of device
[ 1406.089852][T19399] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1406.120773][T19399] syz.2.3080: attempt to access beyond end of device
[ 1406.120773][T19399] nbd2: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1406.141504][T19399] Mount JFS Failure: -5
[ 1409.413191][T19445] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3088'.
[ 1410.518624][T19453] tmpfs: Bad value for 'mpol'
[ 1412.614911][T19493] random: crng reseeded on system resumption
[ 1414.784942][T19520] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1414.879711][T19520] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3103'.
[ 1417.107629][T19547] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3108'.
[ 1419.867043][T19580] autofs4:pid:19580:autofs_fill_super: called with bogus options
[ 1420.038507][T19586] syz.1.3114: attempt to access beyond end of device
[ 1420.038507][T19586] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1420.076634][T19586] syz.1.3114: attempt to access beyond end of device
[ 1420.076634][T19586] nbd1: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1420.108739][T19586] Mount JFS Failure: -5
[ 1421.135399][T19598] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3118'.
[ 1422.284060][T19609] tmpfs: Bad value for 'mpol'
[ 1423.275612][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.282069][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1425.012566][T19638] autofs4:pid:19638:autofs_fill_super: called with bogus options
[ 1429.870393][T19679] syz.3.3132: attempt to access beyond end of device
[ 1429.870393][T19679] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1429.884259][T19679] syz.3.3132: attempt to access beyond end of device
[ 1429.884259][T19679] nbd3: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1429.897657][T19679] Mount JFS Failure: -5
[ 1430.147955][T19683] autofs4:pid:19683:autofs_fill_super: called with bogus options
[ 1430.609879][T19700] random: crng reseeded on system resumption
[ 1434.418245][T19728] syzkaller0: entered promiscuous mode
[ 1434.423915][T19728] syzkaller0: entered allmulticast mode
[ 1435.885141][T19747] random: crng reseeded on system resumption
[ 1441.822700][T19790] syzkaller0: entered promiscuous mode
[ 1441.835852][T19790] syzkaller0: entered allmulticast mode
[ 1445.466775][T19832] overlayfs: missing 'lowerdir'
[ 1446.646109][T19847] syzkaller0: entered promiscuous mode
[ 1446.678452][T19847] syzkaller0: entered allmulticast mode
[ 1449.198338][T19875] overlayfs: missing 'lowerdir'
[ 1450.072827][T19881] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3181'.
[ 1454.346734][T19926] overlayfs: missing 'lowerdir'
[ 1455.593432][T19939] random: crng reseeded on system resumption
[ 1455.732686][T19938] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3193'.
[ 1458.187638][T19959] vivid-000: disconnect
[ 1458.550893][T19952] vivid-000: reconnect
[ 1460.584498][T19981] random: crng reseeded on system resumption
[ 1461.575972][T19987] overlayfs: missing 'workdir'
[ 1462.521269][T19995] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3204'.
[ 1467.080815][T20041] overlayfs: missing 'workdir'
[ 1470.108940][T20070] tmpfs: Bad value for 'mpol'
[ 1470.913003][T20078] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3222'.
[ 1474.803516][T20123] tmpfs: Bad value for 'mpol'
[ 1476.694147][T20139] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3233'.
[ 1479.549210][T20160] tipc: Started in network mode
[ 1479.554244][T20160] tipc: Node identity 568c837c65c7, cluster identity 4711
[ 1479.580553][T20160] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1479.631125][T20160] tipc: Resetting bearer <eth:syzkaller0>
[ 1480.248053][T20159] tipc: Disabling bearer <eth:syzkaller0>
[ 1482.436518][T20192] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3244'.
[ 1483.774569][T20223] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3247'.
[ 1484.625162][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.632509][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1488.699708][T20271] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3260'.
[ 1499.172723][T20410] tmpfs: Bad value for 'mpol'
[ 1502.980343][T20456] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3295'.
[ 1503.162512][T20460] random: crng reseeded on system resumption
[ 1504.213389][T20469] tmpfs: Bad value for 'mpol'
[ 1507.391625][T20514] vivid-000: disconnect
[ 1507.861912][T20505] vivid-000: reconnect
[ 1508.269886][T20522] random: crng reseeded on system resumption
[ 1508.792813][T20525] tmpfs: Bad value for 'mpol'
[ 1511.730334][T17884] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1511.799986][T17884] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1511.811396][T17884] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1511.850113][T17884] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1511.860563][T17884] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1511.872265][T17884] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1512.052009][ T2971] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1512.252356][ T2971] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1512.521063][ T2971] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1512.596523][T20570] tmpfs: Bad value for 'mpol'
[ 1513.744626][ T2971] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1513.919214][T17884] Bluetooth: hci2: command tx timeout
[ 1515.179880][ T2971] tipc: Left network mode
[ 1515.213591][T20548] chnl_net:caif_netlink_parms(): no params data found
[ 1516.048828][T17884] Bluetooth: hci2: command tx timeout
[ 1517.155841][T20600] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1517.238390][T20601] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3322'.
[ 1518.057644][T17884] Bluetooth: hci2: command tx timeout
[ 1519.500652][T20626] tmpfs: Bad value for 'mpol'
[ 1520.178308][T17884] Bluetooth: hci2: command tx timeout
[ 1520.411783][T20548] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1520.509007][T20548] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1520.561651][T20548] bridge_slave_0: entered allmulticast mode
[ 1520.583289][T20548] bridge_slave_0: entered promiscuous mode
[ 1520.735890][T20548] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1520.762149][T20548] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1520.772690][T20548] bridge_slave_1: entered allmulticast mode
[ 1521.002586][T20548] bridge_slave_1: entered promiscuous mode
[ 1522.581787][T20548] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1522.625011][T20652] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1522.685488][T20548] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1522.701682][T20652] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3332'.
[ 1522.849853][T20548] team0: Port device team_slave_0 added
[ 1522.867948][  T787] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[ 1522.926861][T20548] team0: Port device team_slave_1 added
[ 1522.997167][ T2971] hsr_slave_0: left promiscuous mode
[ 1523.008202][ T2971] hsr_slave_1: left promiscuous mode
[ 1523.015324][ T2971] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1523.046275][ T2971] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1523.056881][ T2971] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1523.070412][  T787] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1523.084608][ T2971] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1523.087489][  T787] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1523.109079][ T2971] bridge_slave_1: left allmulticast mode
[ 1523.122056][  T787] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[ 1523.135064][ T2971] bridge_slave_1: left promiscuous mode
[ 1523.154721][  T787] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1523.161202][ T2971] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1523.187118][ T2971] bridge_slave_0: left allmulticast mode
[ 1523.192242][  T787] usb 4-1: config 0 descriptor??
[ 1523.197051][ T2971] bridge_slave_0: left promiscuous mode
[ 1523.204094][ T2971] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1523.289499][ T2971] veth1_macvtap: left promiscuous mode
[ 1523.295105][ T2971] veth0_macvtap: left promiscuous mode
[ 1523.300966][ T2971] veth1_vlan: left promiscuous mode
[ 1523.308029][ T2971] veth0_vlan: left promiscuous mode
[ 1523.659913][  T787] cp2112 0003:10C4:EA90.0004: item fetching failed at offset 5/7
[ 1523.705631][  T787] cp2112 0003:10C4:EA90.0004: parse failed
[ 1523.730120][  T787] cp2112: probe of 0003:10C4:EA90.0004 failed with error -22
[ 1525.270898][ T2971] team0 (unregistering): Port device team_slave_1 removed
[ 1525.297665][T20676] vivid-000: disconnect
[ 1525.463030][ T2971] team0 (unregistering): Port device team_slave_0 removed
[ 1525.646965][ T2971] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1525.701157][T20668] vivid-000: reconnect
[ 1525.870145][ T2971] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1526.124687][T16188] usb 4-1: USB disconnect, device number 5
[ 1529.674090][ T2971] bond0 (unregistering): Released all slaves
[ 1529.878406][T20548] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1529.927902][T20548] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1530.015642][T20548] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1530.093516][T20548] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1530.113186][T20548] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1530.372543][T20548] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1532.721494][T20548] hsr_slave_0: entered promiscuous mode
[ 1532.743665][T20548] hsr_slave_1: entered promiscuous mode
[ 1532.777597][T20548] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1532.785257][T20548] Cannot create hsr debugfs directory
[ 1533.839448][T20762] random: crng reseeded on system resumption
[ 1534.873827][T20773] vivid-000: disconnect
[ 1535.353823][T20767] vivid-000: reconnect
[ 1537.272935][T20811] random: crng reseeded on system resumption
[ 1538.791309][T20823] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3359'.
[ 1540.238990][T20829] overlayfs: failed to resolve './file0': -2
[ 1541.717933][T20548] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1541.744404][T20548] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1541.792087][T20548] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1541.811502][T20548] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1541.946048][T20862] random: crng reseeded on system resumption
[ 1542.841405][T20548] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1542.863570][T20548] 8021q: adding VLAN 0 to HW filter on device team0
[ 1542.896150][ T6650] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1542.903376][ T6650] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1542.989086][ T6650] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1542.996358][ T6650] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1543.395641][T20876] netlink: 'syz.1.3369': attribute type 10 has an invalid length.
[ 1545.925345][T20901] tipc: Enabled bearer <eth:team0>, priority 0
[ 1546.070387][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.077790][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.855416][T20548] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1546.926970][T20913] random: crng reseeded on system resumption
[ 1547.032543][  T788] tipc: Node number set to 1027222281
[ 1547.885905][T20925] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1547.893373][T20925] IPv6: NLM_F_CREATE should be set when creating new route
[ 1547.900668][T20925] IPv6: NLM_F_CREATE should be set when creating new route
[ 1547.907923][T20925] IPv6: NLM_F_CREATE should be set when creating new route
[ 1548.417232][T20928] netlink: 'syz.2.3378': attribute type 10 has an invalid length.
[ 1548.542501][T20928] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1548.571739][T20928] team0: Port device bond0 added
[ 1548.581049][T20925] netlink: 80 bytes leftover after parsing attributes in process `syz.3.3377'.
[ 1549.027410][T20548] veth0_vlan: entered promiscuous mode
[ 1549.265550][T20548] veth1_vlan: entered promiscuous mode
[ 1549.844684][T20548] veth0_macvtap: entered promiscuous mode
[ 1549.901612][T20548] veth1_macvtap: entered promiscuous mode
[ 1550.074205][T20548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1550.091983][T20548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1550.105794][T20548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1550.124129][T20548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1550.143814][T20548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1550.161979][T20548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1550.182037][T20548] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1550.201545][T20548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1550.227366][T20548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1550.261874][T20548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1550.281799][T20548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1550.306329][T20548] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1550.331389][T20548] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1550.367427][T20548] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1550.415592][T20548] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1550.454613][T20548] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1550.480211][T20548] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1550.502201][T20548] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1550.893989][T14482] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1550.948007][T14482] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1551.162125][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1551.193151][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1552.343213][T20971] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3306'.
[ 1555.182368][T21001] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1557.977283][T21045] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1557.984710][T21045] IPv6: NLM_F_CREATE should be set when creating new route
[ 1557.992029][T21045] IPv6: NLM_F_CREATE should be set when creating new route
[ 1557.999285][T21045] IPv6: NLM_F_CREATE should be set when creating new route
[ 1558.964262][T21043] netlink: 80 bytes leftover after parsing attributes in process `syz.7.3394'.
[ 1561.822497][T21085] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3404'.
[ 1564.377543][    T8] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[ 1565.128749][    T8] usb 2-1: Using ep0 maxpacket: 16
[ 1565.149333][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1565.186470][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1565.217082][    T8] usb 2-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[ 1565.257524][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1565.293763][    T8] usb 2-1: config 0 descriptor??
[ 1566.826474][    T8] usb 2-1: string descriptor 0 read error: -71
[ 1566.865609][T21131] random: crng reseeded on system resumption
[ 1567.056465][    T8] usb 2-1: Max retries (5) exceeded reading string descriptor 200
[ 1567.827620][    T8] letsketch: probe of 0003:6161:4D15.0005 failed with error -32
[ 1567.914886][    T8] usb 2-1: USB disconnect, device number 5
[ 1569.088551][T21145] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1569.214188][T21145] netlink: 80 bytes leftover after parsing attributes in process `syz.3.3414'.
[ 1571.949606][T21180] random: crng reseeded on system resumption
[ 1572.509912][T21194] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3426'.
[ 1575.667117][T21231] random: crng reseeded on system resumption
[ 1580.986776][T21278] random: crng reseeded on system resumption
[ 1582.392763][T21310] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3451'.
[ 1591.294502][T21377] random: crng reseeded on system resumption
[ 1594.684050][T21408] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3471'.
[ 1594.890388][T21412] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1594.900920][T21412] netlink: 80 bytes leftover after parsing attributes in process `syz.7.3473'.
[ 1599.048499][T21448] random: crng reseeded on system resumption
[ 1601.957870][T21463] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1602.001796][T21463] netlink: 80 bytes leftover after parsing attributes in process `syz.7.3483'.
[ 1602.252307][T21455] netlink: 80 bytes leftover after parsing attributes in process `syz.3.3482'.
[ 1603.301269][T21477] syzkaller0: entered promiscuous mode
[ 1603.359919][T21477] syzkaller0: entered allmulticast mode
[ 1604.180996][T21481] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3488'.
[ 1605.698397][T21512] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1605.706493][T21512] netlink: 80 bytes leftover after parsing attributes in process `syz.3.3494'.
[ 1607.529829][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.536339][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1609.431356][T21533] netlink: 80 bytes leftover after parsing attributes in process `syz.7.3497'.
[ 1609.665616][T21542] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3501'.
[ 1609.703538][T21540] syzkaller0: entered promiscuous mode
[ 1609.747568][T21540] syzkaller0: entered allmulticast mode
[ 1616.149207][T21590] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3510'.
[ 1616.993336][T21593] udevd[21593]: failed to send result of seq 19296 to main daemon: Connection refused
[ 1617.478744][T21600] random: crng reseeded on system resumption
[ 1619.429992][T21616] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3516'.
[ 1621.673439][T21629] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3520'.
[ 1621.869884][T21623] random: crng reseeded on system resumption
[ 1623.559916][T21652] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3525'.
[ 1626.005374][T21670] random: crng reseeded on system resumption
[ 1628.817292][T21700] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1628.891745][T21700] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3539'.
[ 1630.004214][T21710] random: crng reseeded on system resumption
[ 1630.388008][T21713] random: crng reseeded on system resumption
[ 1632.008317][  T788] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[ 1632.868629][  T788] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1632.884327][  T788] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1632.894306][  T788] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[ 1632.903770][  T788] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1632.933435][  T788] usb 3-1: config 0 descriptor??
[ 1633.451107][  T788] cp2112 0003:10C4:EA90.0006: unknown main item tag 0x0
[ 1634.162578][  T788] cp2112 0003:10C4:EA90.0006: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0
[ 1634.258631][  T788] cp2112 0003:10C4:EA90.0006: error requesting version
[ 1634.270238][  T788] cp2112: probe of 0003:10C4:EA90.0006 failed with error -5
[ 1634.399056][T21758] random: crng reseeded on system resumption
[ 1636.317774][ T5775] usb 3-1: USB disconnect, device number 7
[ 1640.037492][T14409] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[ 1640.219519][T14409] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1640.230552][T14409] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1640.240397][T14409] usb 8-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[ 1640.249837][T14409] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1640.260302][T14409] usb 8-1: config 0 descriptor??
[ 1640.680049][T14409] cp2112 0003:10C4:EA90.0007: unknown main item tag 0x0
[ 1640.695262][T14409] cp2112 0003:10C4:EA90.0007: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.7-1/input0
[ 1640.881285][T14409] cp2112 0003:10C4:EA90.0007: error requesting version
[ 1640.929025][T14409] cp2112: probe of 0003:10C4:EA90.0007 failed with error -5
[ 1643.373802][ T5775] usb 8-1: USB disconnect, device number 3
[ 1645.005123][ T5794] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1645.809384][ T5794] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1645.817712][ T5794] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1645.827272][ T5794] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1645.835546][ T5794] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1645.844041][ T5794] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1647.835812][ T1134] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1647.897703][ T5794] Bluetooth: hci4: command tx timeout
[ 1648.020802][ T1134] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1648.206698][ T6129] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[ 1648.298746][ T1134] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1648.539049][ T6129] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1648.628239][ T6129] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1648.651181][ T6129] usb 8-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[ 1648.665478][ T1134] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1648.666320][ T6129] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1648.729648][ T6129] usb 8-1: config 0 descriptor??
[ 1648.922051][T21838] chnl_net:caif_netlink_parms(): no params data found
[ 1648.972551][ T1134] tipc: Disabling bearer <eth:team0>
[ 1648.985154][ T1134] tipc: Left network mode
[ 1649.036915][T21838] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1649.044422][T21838] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1649.052268][T21838] bridge_slave_0: entered allmulticast mode
[ 1649.060145][T21838] bridge_slave_0: entered promiscuous mode
[ 1649.069545][T21838] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1649.079233][T21838] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1649.087141][T21838] bridge_slave_1: entered allmulticast mode
[ 1649.095030][T21838] bridge_slave_1: entered promiscuous mode
[ 1649.244775][ T6129] cp2112 0003:10C4:EA90.0008: unknown main item tag 0x0
[ 1649.265761][ T6129] cp2112 0003:10C4:EA90.0008: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.7-1/input0
[ 1649.394325][ T6129] cp2112 0003:10C4:EA90.0008: Part Number: 0x82 Device Version: 0xFE
[ 1649.490115][T21838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1649.626142][ T6129] cp2112 0003:10C4:EA90.0008: error requesting SMBus config
[ 1649.695275][ T6129] cp2112: probe of 0003:10C4:EA90.0008 failed with error -32
[ 1649.813609][T21838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1649.977845][ T5794] Bluetooth: hci4: command tx timeout
[ 1650.817114][T21838] team0: Port device team_slave_0 added
[ 1651.007054][T21838] team0: Port device team_slave_1 added
[ 1651.105869][T21838] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1651.116939][T21838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1651.159395][T21838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1651.878436][ T6129] usb 8-1: USB disconnect, device number 4
[ 1651.921798][T21838] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1651.955813][T21838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1652.062462][ T5794] Bluetooth: hci4: command tx timeout
[ 1652.107425][T21838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1652.683583][T21892] tipc: Started in network mode
[ 1652.688760][T21892] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[ 1652.696022][T21892] tipc: Enabled bearer <eth:team0>, priority 0
[ 1652.859183][T21838] hsr_slave_0: entered promiscuous mode
[ 1652.868232][T21838] hsr_slave_1: entered promiscuous mode
[ 1652.888930][T21838] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1652.896539][T21838] Cannot create hsr debugfs directory
[ 1652.990569][T21902] random: crng reseeded on system resumption
[ 1653.580901][ T1134] hsr_slave_0: left promiscuous mode
[ 1653.597865][ T1134] hsr_slave_1: left promiscuous mode
[ 1653.604048][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1653.622220][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1653.644260][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1653.667885][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1653.689061][  T787] tipc: Node number set to 11578026
[ 1653.699881][ T1134] bridge_slave_1: left allmulticast mode
[ 1653.718472][ T1134] bridge_slave_1: left promiscuous mode
[ 1653.724372][ T1134] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1653.760334][ T1134] bridge_slave_0: left allmulticast mode
[ 1653.775748][ T1134] bridge_slave_0: left promiscuous mode
[ 1653.782452][ T1134] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1653.870196][ T1134] veth1_macvtap: left promiscuous mode
[ 1653.875792][ T1134] veth0_macvtap: left promiscuous mode
[ 1653.897904][ T1134] veth1_vlan: left promiscuous mode
[ 1653.923728][ T1134] veth0_vlan: left promiscuous mode
[ 1654.138604][ T5794] Bluetooth: hci4: command tx timeout
[ 1657.544273][ T1134] team0 (unregistering): Port device team_slave_1 removed
[ 1657.600794][ T1134] team0 (unregistering): Port device team_slave_0 removed
[ 1657.862208][ T1134] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1658.088570][ T1134] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1658.607168][ T1134] team0 (unregistering): Port device bond0 removed
[ 1658.746783][ T1134] bond0 (unregistering): Released all slaves
[ 1658.914581][T21927] tipc: Enabled bearer <eth:team0>, priority 0
[ 1660.027514][  T788] tipc: Node number set to 1889687008
[ 1661.586886][T21838] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1661.735338][T21838] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1661.790355][T21838] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1661.806116][T21838] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1662.645647][T21838] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1664.075585][T21838] 8021q: adding VLAN 0 to HW filter on device team0
[ 1664.721150][  T140] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1664.728392][  T140] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1664.844908][ T5905] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1664.852142][ T5905] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1668.908047][T22019] random: crng reseeded on system resumption
[ 1668.946433][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1668.953205][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1669.965577][T21838] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1670.603528][T21838] veth0_vlan: entered promiscuous mode
[ 1670.771828][T21838] veth1_vlan: entered promiscuous mode
[ 1671.022468][T17884] Bluetooth: hci2: command 0x0406 tx timeout
[ 1671.035868][T21838] veth0_macvtap: entered promiscuous mode
[ 1671.097099][T21838] veth1_macvtap: entered promiscuous mode
[ 1671.191721][T21838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1671.203108][T21838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1671.216359][T21838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1671.227647][T21838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1671.238517][T21838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1671.249864][T21838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1671.275908][T21838] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1671.297709][T21838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1671.309328][T21838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1671.324130][T21838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1671.335151][T21838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1671.354714][T21838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1671.365353][T21838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1671.382559][T21838] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1671.397897][T21838] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1671.406776][T21838] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1671.425365][T21838] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1671.434735][T21838] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1671.670991][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1671.671023][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1671.722959][T19086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1671.731634][T19086] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1672.858845][T22055] tmpfs: Bad value for 'mpol'
[ 1679.781491][T22102] tmpfs: Bad value for 'mpol'
[ 1681.533671][T22112] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1681.533813][T22112] IPv6: NLM_F_CREATE should be set when creating new route
[ 1681.533954][T22112] IPv6: NLM_F_CREATE should be set when creating new route
[ 1681.534016][T22112] IPv6: NLM_F_CREATE should be set when creating new route
[ 1681.538311][T22112] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3648'.
[ 1682.777004][T22126] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1684.931578][T22145] tmpfs: Bad value for 'mpol'
[ 1686.335468][T22151] random: crng reseeded on system resumption
[ 1686.617575][T22154] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3661'.
[ 1690.372493][T22174] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1690.929306][T22188] tmpfs: Bad value for 'mpol'
[ 1692.648442][T22197] overlayfs: overlapping lowerdir path
[ 1694.461535][T22209] netlink: 80 bytes leftover after parsing attributes in process `syz.7.3674'.
[ 1696.257813][T22221] tmpfs: Bad value for 'mpol'
[ 1701.774970][T22261] tmpfs: Bad value for 'mpol'
[ 1703.253249][T22269] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1705.532932][T22292] random: crng reseeded on system resumption
[ 1706.370025][T22299] tmpfs: Bad value for 'mpol'
[ 1708.889184][T22315] tipc: Started in network mode
[ 1708.895959][T22315] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[ 1708.904469][T22315] tipc: Enabled bearer <eth:team0>, priority 0
[ 1710.103561][T21952] tipc: Node number set to 11578026
[ 1713.813597][T22362] vivid-000: disconnect
[ 1713.873099][T22359] vivid-000: reconnect
[ 1717.649008][T22393] tmpfs: Bad value for 'mpol'
[ 1719.235269][T22403] vivid-000: disconnect
[ 1719.459976][T22392] vivid-000: reconnect
[ 1722.326876][T22437] tmpfs: Bad value for 'mpol'
[ 1725.328592][T22467] tmpfs: Bad value for 'mpol'
[ 1726.378816][T22474] random: crng reseeded on system resumption
[ 1727.192666][T22481] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[ 1728.579163][T22493] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3758'.
[ 1729.991752][T22510] tmpfs: Bad value for 'mpol'
[ 1730.741135][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1730.747583][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1731.666813][T22522] random: crng reseeded on system resumption
[ 1733.153188][T22528] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[ 1733.438407][T22535] syzkaller0: entered promiscuous mode
[ 1733.511049][ T5775] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[ 1733.569846][T22535] syzkaller0: entered allmulticast mode
[ 1733.707567][ T5775] usb 8-1: Using ep0 maxpacket: 8
[ 1733.723862][ T5775] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1733.733810][ T5775] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[ 1733.754539][ T5775] usb 8-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[ 1733.770626][ T5775] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1733.779126][ T5775] usb 8-1: Product: syz
[ 1733.783405][ T5775] usb 8-1: Manufacturer: syz
[ 1733.789182][T22533] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3769'.
[ 1733.799160][ T5775] usb 8-1: SerialNumber: syz
[ 1733.809231][ T5775] usb 8-1: config 0 descriptor??
[ 1734.520632][T20776] usb 8-1: USB disconnect, device number 5
[ 1735.988528][T22556] random: crng reseeded on system resumption
[ 1736.941522][T22562] random: crng reseeded on system resumption
[ 1741.557246][T22599] ntfs3: nullb0: Primary boot signature is not NTFS.
[ 1741.565121][T22599] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00
[ 1750.360922][T22670] random: crng reseeded on system resumption
[ 1750.793023][T22675] netlink: 80 bytes leftover after parsing attributes in process `syz.7.3810'.
[ 1755.148081][T22713] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3820'.
[ 1755.730283][T22720] random: crng reseeded on system resumption
[ 1758.032152][T22755] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3833'.
[ 1759.018981][T22760] random: crng reseeded on system resumption
[ 1759.172872][ T5775] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[ 1760.147701][ T5775] usb 8-1: Using ep0 maxpacket: 8
[ 1760.164675][ T5775] usb 8-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[ 1760.174065][ T5775] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1760.183586][ T5775] usb 8-1: Product: syz
[ 1760.188535][ T5775] usb 8-1: Manufacturer: syz
[ 1760.193535][ T5775] usb 8-1: SerialNumber: syz
[ 1760.200833][ T5775] usb 8-1: config 0 descriptor??
[ 1761.573848][T22776] ntfs3: nullb0: Primary boot signature is not NTFS.
[ 1761.611634][T22776] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00
[ 1763.463374][ T6129] usb 8-1: USB disconnect, device number 6
[ 1763.929147][T22801] random: crng reseeded on system resumption
[ 1765.159030][T22816] ntfs3: nullb0: Primary boot signature is not NTFS.
[ 1765.165931][T22816] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00
[ 1767.375636][T22840] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1768.485981][T22845] random: crng reseeded on system resumption
[ 1771.201837][T22878] random: crng reseeded on system resumption
[ 1775.073186][T22917] ntfs3: nullb0: Primary boot signature is not NTFS.
[ 1775.080290][T22917] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00
[ 1775.999857][T22919] random: crng reseeded on system resumption
[ 1779.700375][T22958] random: crng reseeded on system resumption
[ 1780.075933][T22964] random: crng reseeded on system resumption
[ 1781.959910][T22981] syzkaller0: entered promiscuous mode
[ 1781.966762][T22981] syzkaller0: entered allmulticast mode
[ 1782.069875][T22985] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1782.334484][T22991] random: crng reseeded on system resumption
[ 1784.576260][T23021] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1785.780134][T23030] random: crng reseeded on system resumption
[ 1791.186157][T23091] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1791.822689][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1791.829139][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1793.238471][T23116] syzkaller0: entered promiscuous mode
[ 1793.244019][T23116] syzkaller0: entered allmulticast mode
[ 1793.707285][T23125] netlink: 'syz.1.3945': attribute type 11 has an invalid length.
[ 1793.719420][T23125] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3945'.
[ 1796.693799][T23155] syzkaller0: entered promiscuous mode
[ 1796.700547][T23155] syzkaller0: entered allmulticast mode
[ 1796.722923][   T27] audit: type=1326 audit(1753224432.695:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23156 comm="syz.2.3955" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa58678e9a9 code=0x0
[ 1800.027665][T23195] syzkaller0: entered promiscuous mode
[ 1800.036773][T23195] syzkaller0: entered allmulticast mode
[ 1801.367466][T13964] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[ 1801.557510][T13964] usb 3-1: Using ep0 maxpacket: 8
[ 1801.579453][T13964] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1801.594143][T13964] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[ 1801.645130][T13964] usb 3-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[ 1801.658609][T13964] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1801.668418][T13964] usb 3-1: Product: syz
[ 1801.673204][T13964] usb 3-1: Manufacturer: syz
[ 1801.678545][T13964] usb 3-1: SerialNumber: syz
[ 1801.704288][T13964] usb 3-1: config 0 descriptor??
[ 1801.952685][T13964] usb 3-1: USB disconnect, device number 8
[ 1804.656264][T23218] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3972'.
[ 1806.786077][T23239] kvm: pic: non byte write
[ 1809.734192][T23269] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3985'.
[ 1814.733454][T23310] netlink: 80 bytes leftover after parsing attributes in process `syz.7.3997'.
[ 1817.253755][T21952] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[ 1817.604756][T21952] usb 2-1: Using ep0 maxpacket: 8
[ 1817.778518][T21952] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1817.857603][T21952] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[ 1817.890432][T21952] usb 2-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[ 1817.914604][T21952] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1817.933033][T21952] usb 2-1: Product: syz
[ 1817.937222][T21952] usb 2-1: Manufacturer: syz
[ 1817.956610][T21952] usb 2-1: SerialNumber: syz
[ 1817.974842][T21952] usb 2-1: config 0 descriptor??
[ 1818.693288][T23339] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4006'.
[ 1818.714869][T13964] usb 2-1: USB disconnect, device number 6
[ 1818.909170][T23349] netlink: 'syz.7.4009': attribute type 11 has an invalid length.
[ 1818.917181][T23349] netlink: 36 bytes leftover after parsing attributes in process `syz.7.4009'.
[ 1822.094646][T23374] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4016'.
[ 1822.315616][T23377] netlink: 'syz.7.4018': attribute type 11 has an invalid length.
[ 1822.324800][T23377] netlink: 36 bytes leftover after parsing attributes in process `syz.7.4018'.
[ 1824.494306][T10100] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[ 1824.677517][T10100] usb 1-1: Using ep0 maxpacket: 8
[ 1824.699812][T10100] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1824.727408][T10100] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[ 1824.741998][T10100] usb 1-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[ 1824.751477][T10100] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1824.767830][T10100] usb 1-1: Product: syz
[ 1824.772483][T10100] usb 1-1: Manufacturer: syz
[ 1824.777226][T10100] usb 1-1: SerialNumber: syz
[ 1825.008176][T10100] usb 1-1: config 0 descriptor??
[ 1825.935668][T21952] usb 1-1: USB disconnect, device number 5
[ 1826.131855][T23410] netlink: 80 bytes leftover after parsing attributes in process `syz.1.4027'.
[ 1828.039070][T23425] random: crng reseeded on system resumption
[ 1829.896822][T23442] netlink: 80 bytes leftover after parsing attributes in process `syz.1.4037'.
[ 1834.240636][T23475] netlink: 80 bytes leftover after parsing attributes in process `syz.2.4047'.
[ 1834.897038][T23478] ntfs3: nullb0: Primary boot signature is not NTFS.
[ 1834.904069][T23478] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00
[ 1836.110960][T23492] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4052'.
[ 1837.178660][T23502] netlink: 'syz.2.4056': attribute type 1 has an invalid length.
[ 1837.222149][T23502] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1837.257968][T23502] bond1: (slave gretap2): making interface the new active one
[ 1837.273572][T23502] bond1: (slave gretap2): Enslaving as an active interface with an up link
[ 1839.133047][T23519] vxcan1: entered allmulticast mode
[ 1839.879179][T23529] netlink: 'syz.0.4064': attribute type 11 has an invalid length.
[ 1839.887192][T23529] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4064'.
[ 1841.601719][T23544] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4069'.
[ 1844.117543][T23573] netlink: 'syz.0.4078': attribute type 1 has an invalid length.
[ 1844.231475][T23573] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1845.974657][T23592] random: crng reseeded on system resumption
[ 1847.169173][T23600] random: crng reseeded on system resumption
[ 1847.432523][ T5794] Bluetooth: hci2: unexpected Set CIG Parameters response data
[ 1847.471126][ T5794] Bluetooth: hci2: unexpected event for opcode 0x2062
[ 1848.395022][T23613] ntfs3: nullb0: Primary boot signature is not NTFS.
[ 1848.402024][T23613] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00
[ 1849.806565][T23631] random: crng reseeded on system resumption
[ 1851.517677][ T5794] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 1851.528234][ T5794] Bluetooth: hci2: Injecting HCI hardware error event
[ 1851.540084][T17884] Bluetooth: hci2: hardware error 0x00
[ 1852.103256][T23644] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1853.402918][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1853.409520][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1853.578376][T17884] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1853.611979][T23655] netlink: 'syz.0.4100': attribute type 1 has an invalid length.
[ 1854.188195][T23655] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1854.783918][T23669] random: crng reseeded on system resumption
[ 1855.728057][T23674] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1855.736437][T23674] syzkaller0: entered promiscuous mode
[ 1855.742544][T23674] syzkaller0: entered allmulticast mode
[ 1855.793115][T23674] tipc: Resetting bearer <eth:syzkaller0>
[ 1855.821387][T23672] tipc: Resetting bearer <eth:syzkaller0>
[ 1855.972945][T23672] tipc: Disabling bearer <eth:syzkaller0>
[ 1857.860500][T23677] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4107'.
[ 1859.087814][T23704] random: crng reseeded on system resumption
[ 1863.301479][T23730] syz_tun: entered promiscuous mode
[ 1863.319836][T23730] vlan2: entered promiscuous mode
[ 1863.974963][T23737] random: crng reseeded on system resumption
[ 1864.816167][T23751] tipc: Started in network mode
[ 1864.835994][T23751] tipc: Node identity 02d849503773, cluster identity 4711
[ 1865.600912][T23751] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1865.639537][T23745] syzkaller0: entered promiscuous mode
[ 1865.686254][T23745] syzkaller0: entered allmulticast mode
[ 1865.719736][T23758] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1865.751658][T23745] tipc: Resetting bearer <eth:syzkaller0>
[ 1865.785045][T23744] tipc: Resetting bearer <eth:syzkaller0>
[ 1866.369857][T23744] tipc: Disabling bearer <eth:syzkaller0>
[ 1871.657220][T23800] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.4142'.
[ 1871.853992][T23807] ntfs3: nullb0: Primary boot signature is not NTFS.
[ 1871.860956][T23807] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00
[ 1874.873074][T23831] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.4152'.
[ 1877.225045][T23857] ntfs3: nullb0: Primary boot signature is not NTFS.
[ 1877.262558][T23859] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1877.281357][T23857] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00
[ 1877.282514][T23859] syzkaller0: entered promiscuous mode
[ 1877.304125][T23859] syzkaller0: entered allmulticast mode
[ 1877.333359][T23859] tipc: Resetting bearer <eth:syzkaller0>
[ 1877.346840][T23858] tipc: Resetting bearer <eth:syzkaller0>
[ 1877.380298][T23858] tipc: Disabling bearer <eth:syzkaller0>
[ 1877.644016][T23868] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.4163'.
[ 1880.878857][T23892] netlink: 'syz.0.4169': attribute type 11 has an invalid length.
[ 1880.886813][T23892] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4169'.
[ 1881.439348][T23899] xt_TCPMSS: Only works on TCP SYN packets
[ 1881.815199][T23897] random: crng reseeded on system resumption
[ 1886.985718][T23943] random: crng reseeded on system resumption
[ 1893.693227][T23989] random: crng reseeded on system resumption
[ 1898.533583][T24023] random: crng reseeded on system resumption
[ 1899.355601][T24017] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1899.364390][T24017] syzkaller0: entered promiscuous mode
[ 1899.375295][T24017] syzkaller0: entered allmulticast mode
[ 1899.499425][T24017] tipc: Resetting bearer <eth:syzkaller0>
[ 1900.013116][T24016] tipc: Resetting bearer <eth:syzkaller0>
[ 1900.108276][T24016] tipc: Disabling bearer <eth:syzkaller0>
[ 1902.159335][T17884] Bluetooth: hci0: unexpected Set CIG Parameters response data
[ 1902.478477][T17884] Bluetooth: hci0: unexpected event for opcode 0x2062
[ 1902.665330][T24052] kvm: pic: non byte write
[ 1903.465784][T24059] random: crng reseeded on system resumption
[ 1907.509289][T17884] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[ 1907.518265][T17884] Bluetooth: hci0: Injecting HCI hardware error event
[ 1907.527481][T17884] Bluetooth: hci0: hardware error 0x00
[ 1907.886864][   T27] audit: type=1326 audit(1753224543.865:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24077 comm="syz.1.4221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3dd38e9a9 code=0x7ffc0000
[ 1907.917503][   T27] audit: type=1326 audit(1753224543.865:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24077 comm="syz.1.4221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb3dd38e9a9 code=0x7ffc0000
[ 1910.137404][T17884] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 1910.505642][T24112] random: crng reseeded on system resumption
[ 1914.713500][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1914.720317][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1917.126381][T24156] random: crng reseeded on system resumption
[ 1922.879148][T24195] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1923.134736][T24202] random: crng reseeded on system resumption
[ 1929.162177][T24236] vivid-000: kernel_thread() failed
[ 1929.532844][T24246] random: crng reseeded on system resumption
[ 1935.715433][T24298] random: crng reseeded on system resumption
[ 1937.083159][T24302] tipc: Enabled bearer <eth:team0>, priority 0
[ 1938.448667][T21952] tipc: Node number set to 900417872
[ 1942.038395][T24340] random: crng reseeded on system resumption
[ 1948.310432][T24401] netlink: 'syz.2.4302': attribute type 11 has an invalid length.
[ 1948.336832][T24401] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4302'.
[ 1949.647235][T24409] random: crng reseeded on system resumption
[ 1950.621817][T24413] vivid-000: disconnect
[ 1950.785504][T24394] vivid-000: reconnect
[ 1952.363366][T24423] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1952.400564][T24423] syzkaller0: entered promiscuous mode
[ 1952.425002][T24423] syzkaller0: entered allmulticast mode
[ 1953.042555][T24430] tipc: Resetting bearer <eth:syzkaller0>
[ 1953.109775][T24422] tipc: Resetting bearer <eth:syzkaller0>
[ 1953.181279][T24422] tipc: Disabling bearer <eth:syzkaller0>
[ 1953.448521][T24437] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1953.566437][T24442] random: crng reseeded on system resumption
[ 1956.212094][T24467] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1956.245194][T24467] syzkaller0: entered promiscuous mode
[ 1956.260868][T24467] syzkaller0: entered allmulticast mode
[ 1956.284642][T24470] netlink: 'syz.0.4325': attribute type 11 has an invalid length.
[ 1956.293359][T24470] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4325'.
[ 1956.311677][T24471] ntfs3: nullb0: Primary boot signature is not NTFS.
[ 1956.318691][T24471] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00
[ 1956.376196][T24466] tipc: Resetting bearer <eth:syzkaller0>
[ 1956.490474][T24466] tipc: Disabling bearer <eth:syzkaller0>
[ 1959.568830][T24505] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1959.586553][T24505] syzkaller0: entered promiscuous mode
[ 1959.626860][T24505] syzkaller0: entered allmulticast mode
[ 1959.711284][T24502] tipc: Resetting bearer <eth:syzkaller0>
[ 1959.785642][T24502] tipc: Disabling bearer <eth:syzkaller0>
[ 1962.524918][T24545] netlink: 'syz.7.4345': attribute type 11 has an invalid length.
[ 1962.533425][T24545] netlink: 36 bytes leftover after parsing attributes in process `syz.7.4345'.
[ 1965.175936][T24558] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1965.207877][T24558] syzkaller0: entered promiscuous mode
[ 1965.217771][T24558] syzkaller0: entered allmulticast mode
[ 1966.666170][T24557] tipc: Resetting bearer <eth:syzkaller0>
[ 1966.786445][T24557] tipc: Disabling bearer <eth:syzkaller0>
[ 1972.345176][T24614] xt_TCPMSS: Only works on TCP SYN packets
[ 1975.702249][T24641] ntfs3: nullb0: Primary boot signature is not NTFS.
[ 1975.752783][T24641] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00
[ 1976.596447][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1976.606770][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1980.207990][T24683] random: crng reseeded on system resumption
[ 1981.262896][T24694] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4385'.
[ 1986.698440][T24734] random: crng reseeded on system resumption
[ 1989.638994][T17884] Bluetooth: hci4: unexpected Set CIG Parameters response data
[ 1990.477441][T24762] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 1990.922045][T24764] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4403'.
[ 1991.731439][T24777] ntfs3: nullb0: Primary boot signature is not NTFS.
[ 1991.738516][T24777] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00
[ 1993.728959][T17884] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[ 1994.316432][T17884] Bluetooth: hci4: Injecting HCI hardware error event
[ 1994.326630][T17884] Bluetooth: hci4: hardware error 0x00
[ 1996.114517][T24810] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4415'.
[ 1996.707417][T17884] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[ 1998.250927][T24831] netlink: 'syz.7.4418': attribute type 11 has an invalid length.
[ 1998.261900][T24831] netlink: 36 bytes leftover after parsing attributes in process `syz.7.4418'.
[ 1998.404663][T24834] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4422'.
[ 1998.707360][T17884] Bluetooth: hci3: command 0x0406 tx timeout
[ 2001.677062][T24857] 8021q: adding VLAN 0 to HW filter on device bond1
[ 2001.862364][T24859] bond1: (slave gretap1): Enslaving as an active interface with an up link
[ 2002.121353][T24862] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 2004.391573][T24817] Bluetooth: hci3: command 0x0406 tx timeout
[ 2005.487798][T24891] xt_TCPMSS: Only works on TCP SYN packets
[ 2007.186218][T24901] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4438'.
[ 2008.194269][T24911] random: crng reseeded on system resumption
[ 2008.955350][T24922] ================================================================================
[ 2008.964841][T24922] UBSAN: shift-out-of-bounds in drivers/comedi/drivers/pcl812.c:1152:10
[ 2008.973719][T24922] shift exponent 4096 is too large for 32-bit type 'int'
[ 2008.980949][T24922] CPU: 0 PID: 24922 Comm: syz.7.4442 Not tainted 6.6.99-syzkaller #0
[ 2008.989049][T24922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2008.999142][T24922] Call Trace:
[ 2009.002452][T24922]  <TASK>
[ 2009.005421][T24922]  dump_stack_lvl+0x16c/0x230
[ 2009.010145][T24922]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2009.015835][T24922]  ? show_regs_print_info+0x20/0x20
[ 2009.021080][T24922]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2009.026795][T24922]  ? ubsan_epilogue+0x5/0x30
[ 2009.031435][T24922]  ubsan_epilogue+0xa/0x30
[ 2009.035893][T24922]  __ubsan_handle_shift_out_of_bounds+0x380/0x400
[ 2009.042376][T24922]  pcl812_attach+0x1cd1/0x2440
[ 2009.047190][T24922]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2009.052906][T24922]  comedi_device_attach+0x519/0x660
[ 2009.058162][T24922]  comedi_unlocked_ioctl+0x68d/0xf00
[ 2009.063497][T24922]  ? tomoyo_path_number_perm+0x477/0x590
[ 2009.069175][T24922]  ? comedi_poll+0x8c0/0x8c0
[ 2009.073867][T24922]  ? __fget_files+0x28/0x4d0
[ 2009.078512][T24922]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 2009.083506][T24922]  ? security_file_ioctl+0x80/0xa0
[ 2009.088668][T24922]  ? comedi_poll+0x8c0/0x8c0
[ 2009.093303][T24922]  __se_sys_ioctl+0xfd/0x170
[ 2009.097939][T24922]  do_syscall_64+0x55/0xb0
[ 2009.102394][T24922]  ? clear_bhb_loop+0x40/0x90
[ 2009.107099][T24922]  ? clear_bhb_loop+0x40/0x90
[ 2009.111811][T24922]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2009.117748][T24922] RIP: 0033:0x7f06d1f8e9a9
[ 2009.122216][T24922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2009.141864][T24922] RSP: 002b:00007f06d2d41038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2009.150334][T24922] RAX: ffffffffffffffda RBX: 00007f06d21b6080 RCX: 00007f06d1f8e9a9
[ 2009.158345][T24922] RDX: 00002000000005c0 RSI: 0000000040946400 RDI: 0000000000000008
[ 2009.166366][T24922] RBP: 00007f06d2010d69 R08: 0000000000000000 R09: 0000000000000000
[ 2009.174378][T24922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2009.182385][T24922] R13: 0000000000000000 R14: 00007f06d21b6080 R15: 00007ffe86be09e8
[ 2009.190408][T24922]  </TASK>
[ 2009.235221][T24922] ================================================================================
[ 2009.244794][T24922] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[ 2009.252017][T24922] CPU: 0 PID: 24922 Comm: syz.7.4442 Not tainted 6.6.99-syzkaller #0
[ 2009.260113][T24922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2009.270203][T24922] Call Trace:
[ 2009.273507][T24922]  <TASK>
[ 2009.276564][T24922]  dump_stack_lvl+0x16c/0x230
[ 2009.281281][T24922]  ? show_regs_print_info+0x20/0x20
[ 2009.286511][T24922]  ? load_image+0x3b0/0x3b0
[ 2009.291067][T24922]  panic+0x2c0/0x710
[ 2009.295016][T24922]  ? bpf_jit_dump+0xd0/0xd0
[ 2009.299558][T24922]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2009.305241][T24922]  ? check_panic_on_warn+0x70/0xa0
[ 2009.310419][T24922]  check_panic_on_warn+0x84/0xa0
[ 2009.315392][T24922]  __ubsan_handle_shift_out_of_bounds+0x380/0x400
[ 2009.321863][T24922]  pcl812_attach+0x1cd1/0x2440
[ 2009.326658][T24922]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2009.332346][T24922]  comedi_device_attach+0x519/0x660
[ 2009.337596][T24922]  comedi_unlocked_ioctl+0x68d/0xf00
[ 2009.342897][T24922]  ? tomoyo_path_number_perm+0x477/0x590
[ 2009.348562][T24922]  ? comedi_poll+0x8c0/0x8c0
[ 2009.353231][T24922]  ? __fget_files+0x28/0x4d0
[ 2009.357845][T24922]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 2009.362813][T24922]  ? security_file_ioctl+0x80/0xa0
[ 2009.367945][T24922]  ? comedi_poll+0x8c0/0x8c0
[ 2009.372575][T24922]  __se_sys_ioctl+0xfd/0x170
[ 2009.377203][T24922]  do_syscall_64+0x55/0xb0
[ 2009.381632][T24922]  ? clear_bhb_loop+0x40/0x90
[ 2009.386324][T24922]  ? clear_bhb_loop+0x40/0x90
[ 2009.391022][T24922]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2009.396939][T24922] RIP: 0033:0x7f06d1f8e9a9
[ 2009.401358][T24922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2009.420974][T24922] RSP: 002b:00007f06d2d41038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2009.429414][T24922] RAX: ffffffffffffffda RBX: 00007f06d21b6080 RCX: 00007f06d1f8e9a9
[ 2009.437400][T24922] RDX: 00002000000005c0 RSI: 0000000040946400 RDI: 0000000000000008
[ 2009.445388][T24922] RBP: 00007f06d2010d69 R08: 0000000000000000 R09: 0000000000000000
[ 2009.453380][T24922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2009.461360][T24922] R13: 0000000000000000 R14: 00007f06d21b6080 R15: 00007ffe86be09e8
[ 2009.469352][T24922]  </TASK>
[ 2009.472758][T24922] Kernel Offset: disabled
[ 2009.477176][T24922] Rebooting in 86400 seconds..