last executing test programs:

6m22.358303725s ago: executing program 1 (id=124):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x1cba8c72}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x177ffb498171ed1, 0x8040010)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x1d, [0x7ffe, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x4d, 0x39cc191a, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x6afaa738, 0x8, 0x4, 0x3c5b, 0x1, 0x3, 0x9, 0x1, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x7, 0x101, 0x7fff, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x71, 0xfffffff8, 0x7, 0x3, 0x0, 0xd, 0x3e, 0x8f, 0x6, 0x10000006, 0x0, 0x5, 0x4, 0x8, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x131, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x6c9, 0x9, 0x6, 0x3, 0x0, 0x7, 0x8, 0x0, 0xe, 0x312, 0x78, 0x9, 0x0, 0x4, 0x4, 0x8000, 0x9, 0x400, 0x4, 0x6, 0x7, 0xff, 0x20005, 0x5, 0x5f31, 0x4, 0x1000, 0x2, 0x2, 0xa, 0x4, 0x9, 0xb, 0x800, 0x6, 0x7, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x7f, 0x9, 0x2, 0x3, 0x9, 0x1, 0x7, 0x3, 0x2, 0x48c93690, 0x42, 0x2], [0x7, 0x4, 0x0, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x4c2b, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0x3, 0x8, 0x4, 0x6d01, 0x5, 0x38, 0x800003, 0x200, 0x80, 0xf, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0x53cf697b, 0x5, 0x6, 0xac8, 0xbf, 0x2, 0x7, 0x7ff, 0xfffffff9, 0x1, 0x1, 0xffff, 0x3, 0x9, 0x1c, 0x120000, 0x3, 0x6, 0xaaed, 0x4, 0x65], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x2, 0x7, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7ffe, 0x8, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0xe, 0x6, 0xffffffff, 0x80000000, 0x5, 0x8, 0xc8, 0xee1, 0xfffff000, 0xffff, 0x3, 0x7f, 0x100, 0x9602, 0x7, 0x2, 0x4, 0x6, 0x1, 0x10080, 0x5, 0x8, 0x30b1d693, 0xa1f, 0x8, 0x7, 0x1, 0x2, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

6m22.288861033s ago: executing program 1 (id=125):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000080)=0x3, 0x4)
setreuid(0x0, 0xee00)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e24, 0xa636, @mcast1, 0x9}, 0x1c)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000080)=0x3, 0x4)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e24, 0x100a636, @empty, 0x1000009}, 0x1c)

6m22.238367476s ago: executing program 1 (id=126):
r0 = syz_usb_connect(0x2, 0x2d, &(0x7f0000000340)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582239f"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x800000000000)
syz_usb_disconnect(r0)
r1 = socket(0xa, 0x5, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
link(0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

6m20.865757718s ago: executing program 1 (id=141):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x1000, 0x0)
mount$bind(0x0, &(0x7f00000004c0)='./file0\x00', 0x0, 0x20000, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)

6m20.767973152s ago: executing program 1 (id=143):
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f0000000040), 0x10000, &(0x7f0000000200)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}})
syz_fuse_handle_req(r0, &(0x7f0000009b40)="de98ee653502c564abeb97fc678bde22efebcf99c2d89952950acc703a3c6268a54c8b1bd1ee165c82980cd315b55a070dc41deeb2d4c1842d936a0bcde5fd7ed6031fdd9cb58ebfe8261528f097f309813b5722c24a1af8e6bc6ddaef7e85d2659690154bc5e6ee73c3fe7176509ad7b30e1098fc9873db91d3c1816825e710374de8d40693578b598922d9c523cfff93a630f121251d17ad40bce021d7fd57945fe2a186618a40b5f3995a9f0ceaa3e22b57e4f68e53fffeb5474fb83afaf5cde6b0aaf5cf0313ede442ddf1df6c280921e43d80dddfd005969272e1719b37fd8f749fcde83f8201826b4cf5b1c1da394568aa7d8833dd11309f46422b0152ede5ab29b17bc1ae80147346155b20a98d6fc2650bec3fe73327c45cad1b38f7c983cd070556a8f8ed5d58e1052f6436fad905099d18fb3e62c2c36a1c2209a94c820e30e5234e77be3beb4cd183015d281e7bf39cdcf0f1e541211c75d64a49b55ba4c2c444bef36d98df66bea814bab91ed65386d6a491a6295c24dbaf752a5e7a856e0dfe46a6f9e718ca3919c6f8978b0fd65c9e389114e5afd8e9e2a575b854463b63f46d08795f0f1d0d48d6d610fd74e9238de32ee3fa2ffef550336341803c083ac1d749be6c5440bbe4bd3bc3015bcde2b4e2160ba266d281a9641f74d9348fb6fa8550d1e8a8362999452e40b75c412cfa77ab8e1aaf1a9e83c855ec9b7ada38690f0d2e59f67a1f3babbcda8011595ea720816c24726b833beaca0a9d11e7b99373601d27d18c9e29940503d3a12149fdc4fe0065c3d023d6e7712eb853df19f2b4b886e08d61629288ff16c2597d7fae5bfc8b41f92fc325ffe0f61683b1f661409bdd7c3d88a854f8393484f4669b5d9654fd3a0819a32110b9064539a7419c332629b3fc71da35b783ef7c693842ce83733a63f2e6af37989cfcb768ab8cea5d21b82a0e9f6fdcec26b0107708867dec54c4e739fe9b931b3c6da013bfae097c57f1e16ba54f9028e672511938a0ad9d681d7feebc65a2f5f588abd66261393f3ba02d7b2cf650a9f7c6a4ca55b4d41132908dc9c90e26f0da8e2259e3a2b63b2d9e27754e278827ab80438070698c690ec375a9aeb4193079a28a2a062961ba0e65af01644af063f3ebefda92c4986379f7b099b2fd3960929578736f09887fc5816cb1b982e5b121b79662d1674dd0c6e82627cf8c63e576e5c1eb0af9415ddc10ff880e8ae3ce8c4fb87b8f9d364974c2a1d8eba4e04bc2bc018bfabc435683b2551c0e4908570b930c4fd7c03ddb95e9ec1d1994e3df0305fdac4e5b914641ae25b0c469b194c0bb78ab04887cdc4262da468475b926a18254d23b4c44705aeca34ef8a7b04dd55a43f39996529a23804e054655c5ba8661f7c02737e7539650364928d62b9b8d80988232009acb54214f06640e9bc6614c0ce02e4a22dc8b91a0aad711e4fd01d7020b7c7185e41e27ce266b9f5aec682cbd4bba3240d6277b17b564937254f37afe580cba0b78c6b0cc81830eaf10d7cc1f7e918d49e935629fe6c24b4368a04af1b99f6981340ee031874f3d4b3a9ebc31719b3b775bfe1fdfa0460a3820bff6f61b49b11ac2ca00836a0c4a74aed92a619f34231196669b942e761538e64f965d23d4f7814256e876263fe5307985c4e6eb69c974f66276764e80ab1de3f5c55e7b2cfdb78dd183a85473e968918ad73f29a266c818b9bf9f62eed86df25b2577bb6d98e3996e94f5bdf119b869541a94eb3536c979c3d77cc0df7c0c48a902ca2f03f5ba5a8ef9431cf95f6fc89744e8440e1d5ebb837e30ef7541fbc27672c31566ac3676a173cb9e466a2d206ba1ebc2b985eddcd6ff937375fbc8415eba46f5ec68cfa9f3a669d41b078867dd9f5160ba45fa4719f32cf877d4b7a6d77c977533659f7c7ac22c68f5e93c1df6c2a3d45b55a4afd3355680aed864f6bbe13da2da28a4851f73c88e555f3bb1c34a21fc45ab6c28287902e8b5fcae6899c804f364cd878a8d1734462bb075cb7bc709cc2c5d7747c4c29a2fa9259752301c26b852b7993adf889d45dbe39094c9b7b168756e5b939ed10bb6df57b8f5e14352cfc7d8b03cda5b978b06cf2430af5db17177b1ef664bc4b00307f970c4fc606a6bab72125f62b0f59655c35b104da7af188a953cfc09b3aa0785abf330830fefedcc8bf9a11d5dc4b5642f679d45cb44fe61ab1d906345c1c345f6b8027bae9585580c20115d2504d9c83ab54ea2557b6d2dd3bc65fa29f091aa46a215e77621836154104e6969fa9107139a19f2e45cc6bf55422a0e1a6d037ad9e63df5f9cd2045e13ac2d6a15bc12008c4cd23782df7d41bfecc0037292d22c7b42f2cc1a22db7502332d9f4fa85f7640c8635b9469681adb6bcec2dfdf6926f1815156d80a835ae918527f549ea6df45f350f618dc1f3ca139759be28e35013034f8bbfd3fa1a8f302594213c18015305911f42e287f2d86f17d76f8a0ea03fb574c60c808669f9f4454fc2eaf0e93873f688e34bd3341f6874d5d8fe754172a751d6ab23dc1642220e7fb1071df0ee3c7e07c338915494a3b360bdc0b38ed221c2c2bc86b29744448b255802b3ddfe600c1d0f9acabb2185e4e9dae5e456d5825f516c857f63e72e4a5f3d45eaf11a0e3a5ad0ba30a0bf0f94cc99586fd202d6118bb6f9c272f6cbe39dd9b8b36ea7fa51dfe0bb87a633be11c16a14d1bce8492387696e195fa3c5f172690b4434aa2e91ce7d225d73b1983d2605ec725aae0ae402cd2f79fc202a307f1896f3dfcf8c0fd8b841dcfeda5d65bb7d76f7c2d2eb1b164c0368e9984f320a224d7d438bc5c699acbc18a587b7589e960af114afbc9f59243646557962fc2e0cb5b5bf160a313bcfd9ade3e140b808e9f19415808aa312ae9c9e8bcd5a47fc721eda59d10670088714984a71d5c0df8b68e675a8e31ec15a92ff6a04d17e0ef849c782b302d11f742efe6486ab904fd65c0aac4ec25c6d877b453dce80e894de703aa8b1e5d00701850f149fe437fd0944cb95e54a924a49bd86bb9a602cf2904fbd9e399f1cdcd0b45b6d8f872e285f9dfeaa26aa760074651393c6451b36c643dd0b7236ec7803d69cec1b09bf1b63fbb68ad7c01507f00083b184ff01a62096f386f4c8fdc85e93eecf3f4b384aec1c10ccc60d8109a6d887bd389c3406163f9600879f0e944443d783e8644f69344f6f44f7bbf1883cda7369c9b9904d991c01552135f158a0bbb7f40c354f292c034824d82c209ebc770f5b756768ae51d45f8875b59904a07090689e65b40625566eed5d209130db812f287b966ae21ba46a3a7a3a0360a4e284d8d91ba9ed9806ea063827c8dda0fa98f758cbfa523ac645421f444a40b95bb065a64256c19354b1ad5002bb7b2add9b5236ad64e9052734b9d263515683db121b5e4dc1eab244dd8fc0fc62d962834ba0b21aad872b127afc0a33c7869a3f213519aa2ef51bab9ab28ed18859fd8239841a6668fc614dedd099121ae6c220a143c119cb9bff9068f65d0554b4c12105e59a22e91203a08ab8c718ec62c42d7ebb7b495e9e1be8fb7e4aab2777025da37b48d9d7b97578841a73898a6eab994e250106e096390c77b0600537be881ab7d81e3cb468bf1fe318b1e804d8df9875e9b8da22e6244997317391cce608085a28b8d070d654a29afab324ba3eecf427b6dfd43501ec0db919f71a932897eb37fe3bd64ab5a34ec60011696298b74ddd7a3710d3e444cedcc5cdc357f9dd58e67dc0ed3fc8df6dad82b3c00b4290c3280c28f78df052ec9cdd9df025abe8834616eddd5bb93379c69092911cd60761e7d14b426a83e335bfc8bf67a14e01df7cefb6023f0c6556534b975ed889de0d96d968526372402ce3d21a2c5c64a449dc3ba4ee0b5ceabc2fa29679e225681c8e946dc94b48af024bb1633e1860c7d8c14500967f24e2f8f46db537232a4e9f4abf8408f53bb52b035bdb89917a6f2f4bd22403ad002c2d936b785ecd965177e9f6235787a185d0eca92532f1aab16756ae86ece13925ba4a1fd08125102ae08c428d073aa426c4e792b5a4acf618605df1707021ce1eed62da4ee87334e34edf43338a0076b8ec739e2c31071e10c6a853e19fbf25b8a356527a67c8f7696dc184e374f4641f4e5b0aa345f1e6c4bfeba3a392d9a994bc271717a051c98d6c5b1f3296caf4c01d80ffb75b6fbdd0a0583f9d4695a44a2878df0c09a85aaab14522320cc3d2611603a34e52da03677a60cc87cc3c689975e5b5366c82e040b6643b8865d8bea0c84cef9ff85245a8b4bc41af1a50775b29fe55e42ac4b29fe80ddaf02e8c9bd07cab823f3d9021ac88236525ec045688a2fc9c6df66f549b10720cebf09ead919524f071cd128fb7575c84190c698b420f89b3c11195b5d83022d1f7e48afc21203995caf8f9286dcd5bd51b65c1af1caadf5a1b3f12579066855ff851075adb959dc3e086a7fb4e9a27fe80e8f3c0959b042486310ae7b785b0612e0385e36f50d4cae3474dd000c3957955534b4907b9480e2e5d83dedbeb76cb78d893c5b64dd51e31abc8e8b4c56b96f67c4b6e43861d91681af3270aae1a8f50712bd97326ee46a2640285b2902f051071d5a3400e99b76459956ac6908688c314bd8e54365383a65b186a6386cc5218e41e0b386759de81bccf5aa68f8608831a9d33ad1af2bdbd8579c5921cd8c3dd2f3bf1f123c742e118c76e2f43618bb7885e44826b7417c9ca5a139d774c16fbf74c8969c038ba6a54f27bab46ecc94d6455188d8dc1edf1da715c8d9976226877096df4158eeecced2248c7b88de0dd11a076db1f06bae4adba8286dc39aa62a55233886e011622ae1cf97238914a55078a78908145295777dbbc4e0d34364e0f3daa9eba6fa54c085777b18c0523818ff8710dee4bfeb3db549c3f38dde73b99a7b1b219282407a4e0ab3794089e21f6f2045ab6254ac3703903edb302fb2f0f97e47cca7969ad6b5b6cf27314137a04d5f4f29c193cfc5540592ab1342a1a9cbd514a7b4d6b23f724a5d7bfa6ffe8e3d9de29b8661139f179a0fafecf234f19bee75c25faffc765e02377d83e0ad0a0029c08f5c71595bc1b2fe88f0fe958f3f1f8ba6821ab834cab9bc902b2d47bd4b5ed52b5b0d7b3bc999b2f68879be39ddcb0428ce3a617b68c11459b746651f413d9e9a098cd2b5c0fcfd0ea1db2cde1672818d7bc73b053015692f9e9259a0153e3c9ac5e73e3343dd350cfbcaa57be93cc881a35063aec2db4ed71df2b1bd90b5ecbd84f399d4530c5450d622188423e151cec49673dc633e503c497d53843f4824750dc09abae9f2f465e92888715b6879f5edbab7bcd58f0899e1430ffb5f3063450945cb0fb3b5c3088ed6966c54dddae3aab489a80341b45a17cac02ae62749f209a7e16ecdfd86b43569c7b34511c65474acf2b2c18834e158e20957bf2320e4a6b9d63caea93b3a7dd4f7ba54443aba1ac2b6f2b27e1bf6f17d3fd1582462e0debc7069bb70e219654cbb99adfed54ab94329382163f2ab6710bb581d189cb3449a02c917c1f2d1d5f51958ce605fdb0e37ae5f3cb3f123276d43b2c26ea948dee863e0b679ecddf0fe41ce78bbca30167c9c7d6b0e9193c98090facd7205a490727e1ac49bb4d639348a32546007459c61c27bf8df87dd2ed3f3228b8193422a72d15f848bac13c6ffa7b8a767cf04866feb7c7a81267d7a8e890128d4709e4873223578aa7febdd562403c6092c0a3f6e0650772ede935ab6ef95e375bcbfa395e23ef1d73532388b845a95f158dc845a123f798176c73e177926d39abd38a910d40653006375110be2f2c5f6efc87b31908be36dd07c8ba5853519a37dfc4dea981af855293f49a3270bb67cdc17b780fbf2a418fcec8953dae927909a6bbbdce230d23113efad9c02474682dafc63311050cb4f3f86c282ff29728eefac5c678360122b4ce221bcec82d24e053b63972d2e9a631a180b48bb8d2d4de7254d91a856071df51a1d87ca7eb5d19ac3def1fdd6ebd8f57c2c9e43cb6ff2fa00d27f279368f5ee29a84ba219a51d1f0f1965781164edbb3aa6209fbce6d40284fbb4a33f59bf9e1248100a623de16613eebc11f510b7718dde9f13b4c9b2b6a10dd932696cdb7fa4b5733b0377453471462762457d42038ebf8c0fb392ca7656ad1f050c326de75fffc698c48f5d809ae360ddb9856b9a54b811073233294bf91e46414441b6665f432201da12e49718b0d7929b6cbcbf310a09ce0d22f07ee5cfa8ffb9f03acd224641171ffafdf50f18be8fa3c907226cc1a6f3b16a776781a6396dbf09f689ad6bba4d537dad490a6f036a45ee3e224e6f519e44b7352ee3e7d3f0d89f8c7c8f54b6d2698c0298a07866c9d9ca09c96c2ac8efd7974294df6dd1bb0598debadb6135e7123bbfddf84870de54476a291586fc0e64784e65fdf78d462e8b51cbac38e7ff1878b11418f188220e3deb5367a2d90ad7d44395f6965cc6d680c59daac268c16814d1085302d0453b48e4a8ae78b8a5b6951a875ef42776f6d11955da7e5734a72b61cefcc6889b8f8d58db51ee78d7b1a8ffebd90e15a64654054767aaec24dd3b5f338b572496c8731049c10622b7f54fdfa43aaea316946291fee7bc9e64640e8bccf33fd1e8693b67020b49cf77faaaa8269e2fecc4e2b43c8c3378a4a9b9b85a4fe2c346c5512cda631542e0ff5706eba996f4f72e629b076d6be1966d44b1835ce664e3c6a4f18c68f5e32f900a0a167e547d5aa79c0aede966f83d00366a623ef8107e328654c8558d5e606f69a12b6c2a6fcbe0e08f945c4ad2738ed0b28d79c98514abe0819569c6e4f4751c665fd651aaa9ee392c330560ef6d57c0a97f0764f88433b2bf7641ba391634316b0ee1dac23a63be21270e50ea1ac24ac3b429a0b46c38dbd48c540bfb1e141b8b3df6caa179c7e54f2b7b1371e8eb05a30f13da95200ab70dc58325f6bea0ee9fe1f04154998df393f2b4ff4431363f3a7450fa5210e883d67620ae63cc41f72e74e26a0244de1ac722b6f1c1d293f7483b331a0efda65a4e4e9144547fe6dce2f4535e29048b07079329b63754bb124b9e046a6e97929b1f4a387765bf93804530791c9f649db6efbebebf46fa4f9af7ff2587130d0e70a32d4aab1dfbee6aadd1f3e5317e3d4c8cde75b1479bc3dd16ea35db3dca11cf1eb1d2bbac60b83605e171619d85fd4b6d0e24be8db76df12efef05eb87473b832e59f3039df44ef034e5e7546b399cc817a41b2f020286ff139072a5b909ebb185a3c955cf88f4a9929b2112e0a9ab43da0288ce3ea268ccc9f46f852d387f5d0a2831dfc8cb0bf593905ba376c069b8c9b70558ec826c5bf9835031199c4c6d84c913da7e9e7db49c1d34511d917b9ad3c40af0598737d58fd61b8f2adc46b73a284957a99943cf73414412fa5440a5f85b63c20794d122c267fba72bfcd0e2741642fd8ff5a0ae1ffd8b30d852c053d0e31f505ca13a21c0223a8ee77cdd92de1b9f87ebee4ea332e9d4573d7efb2ad3f50c35fb7a596c4edb4b72bf6df5a16ffe3c8a236f2cab8c0712ac26c2cbcc68c1dc45209b579c952c7d645642aeed7d60407ee2dc168179d536da950108e962c5c976d3a05bf5142466ee38939ee94e707a0135f99c99b5d6376f63c711e4f64950f08dbc931c812f34735d9eb1c5997770d8159068cdca2e0f192311ca438d613728b544d6a3e50ae0e4e6b1eb611ce55a96bb2f991d49173073d8547f5ede69d8b587a34bb8f637297a15ab4fc45f1384bbd19b3feab5fb81322ba831386eeb6067e55af374c1b1eb9613a6c41dfe2bbbcfad157dd042c67c44400b350f0dc40a8611f2e947f32ea3ac3f609027b5dbc95b157c13216fe7c35edcc82950bd4e38bcb02b63d2576489c331a222e013e73b5333694889b184bedbbb6fdd6fd40a62b1d5d494e68cd2aefc264f74bf70ef38373e599faaa326f574ae32b1aad86854af22db8c9673d14666aa7c0c3bbe0d76a835ba4b391552777ed20c5c6cd0aa84f3be73ca0a3c128914107fb8fc02220317fb111cf13398480cd3325582a7e55f4c4ef5a258bcd01a97615e95f89c8064d41d04340b88cd5f4b1d827a030637145d98422facadbbbce97dc3060402a7bfa73d7b4dde53184a0923c0ee29c6e8e2c35e396808df2481af6aab053b619fcb2833f14f87051c5461567c5f8dd40383a7521971775493f896e18c78bad8219f88258ea686652780c03ebafb63ecbfcb23e24d52a2f88a77ed3b2280637807a5e155f4fad7149b76841772471a3b77aa42e8058c0af1ac2be9d88b5152851708f1a77582b3e31702864ee6a244a38f3f95d9797a60cddeb5ddf08cc48fc677f03f9e717ebe7f472883e5a6a7df31ca4272228f26991460c537ebc8aecb6a0c34a763eb1f57124fbfafd6db4c21bedf6723b252aeb21eb1fd9f4f811fd3e2e764422964761b2ef3aaaf986a48f7be66f6387578f9492feebc97dfbc6bc97380394a5635dbe582e52a1fb18ea8fc4e53974c63d198cf0d878ba8a8d58688a037c0f753c7073337ef3da4c134ef939c98c8806d09943591e6013a1342de7c722f993fd7eb36ba8e8407d1ea60eb5724b0d6262c70469dbd8ea1956b8d7f5a77707a9cbe2137079e7abda3966c5bee4fd86e8a3c4969bc88ff328a2adc8f4546f647575866d5ced16df06bf40d9a5f178f9d19e490bd76e187c441e7de0e571f6cea5512ec9bea48903d91a519dc82defe34a06b0244d623090b5a250786bbc66c1e76db6b18d81ed33c81a7c93782d5cdbe0a7cf7d1ab29c04be6ff4a9bbc10f716a67d52fd52d91425abd2002cf83c3797861db5fbeaec745a552ca4a50604340f2cf2c1b10e9ba76c8ea43b283c73f774f8be213f17f70cf93b9f6a8bab1f516a935e80c3cc6756945edafd572e6e00840eedf61fc40351869f03562d8c13006de585a1141c02f1311fbc8e45e4b3878c32810698e4764a6e8495f165eefee35714a1794f9ab50897c5565ab745425933d9d6272a172c1f2a274f9ca7bc8e1b01a27b8bd06fd9dc61880789696348c99e9a70c9dd2a62ca04d1f86dc87380b618c2a78b16229d614702fce242fa17ea90cda2648f9375bf7e78b4267d558983e08a9566d95871998d23cc6d22c23370ae067b677609844abc140df81cbd9addbf657fffaab5c22c479acca18f3e4b508cf01ff7b2ca308ff116389790f26f2c7635f89c747a5bc66f61de575653069349a89fd7e3dd785266b7bccf16eb8b4a8a86751de60d33e17d64f6e4e0f9d13a16d243ad7364114db7ad011f094c4debf20a39e35e7eeb440bbe8811db2857b965edd1e2675ceb1bc9a1691f123dedb341962fbbe539485d2241b0409adce2587d035187a0dd5a62076ac4eb5c3e2f4455569b6eac0fc16155da1774cbe505dc92e2087585a7846bae699bef32e3c5ec2356dd4433ed29d4b03ff7b38f7b3cb96b92874eefda6c2e0e326214e40f14cc2ef80e1cd3fe226257a423b8ff5bb368b87ac7066c5136487775b5b122a858334c37f6a3f53d758c3c866e2e79daf9aeab36a59eddbae2fa5b6d20973014196ef0a4cde1373c7297833e6f1e46828f4a42eebd829dd4f17999abe285218ed5dc6007b21bceb588a213b29dbb1ab1a79b41a12df26fe35f0cf6a310c9e50cf10d71ad5960626e4efec211032ec4ae52512001362ba4108d86eb774d2d4d0364cbb1dae68f03a774e328c2dc09899ee80c05ac2a8e3ba905b0b3b7a08a3df20b505901123e7dc0a15db48d09c84189ca4345c23c2010c12cc35287fad30211cab9631e148a7c1e8bfab61ced30e098d1c3cf7b6a7fbd8288dfdc48044d0d47c17f129f6b5d751af1984d395ab1b08ccca3e7309a89a8a36dfc3fb82d2a4269bffc32571438d04a7b98137b46ae1fea1bd9ea64f99e2f0c5f12ed84886b10bbd511993b0447036c4e57b9dae6d5bdad6aa3f2d12e62471194e43111613b8b6944c2baf1f539ea14dd76c356bfef7e3d4b6fb91f6d321a796a4bce5a4c6a5caaf0f3eccd914dea21ae909be7ba486075ff6139e7e351fdd7e98013ba51ff0248852398c734f245ffd7fde8cacfa4805496ad7350b1c96d7bf9da9be492f2f414e973937ac9109b6e8b8315aa9b81840f2c21239caf85a28f0e590bb6ad12148e75bd4d7ea69a9ffb053781db98d5fb5aca30a734017be7683a559c203c006ecd4b135afe3650b906e0aa208c889f2af09f3f8263260c3bd07cf8021124b6f0e0d021f9839e47996905c3d7562df810484552de3bcc9ae054b62a01af6a7991e4d63f30c7a92d8b58e01052e53818e64d7540a3208af321709a5d891ceecae5d27a999b00ed01616a73ec8854ca61973ed1fd3d82f8628b215c55eb7908e297d77098a7b0c362709005a7d13c89c54556589b2a926c6e08cc1c0afebc7eeb5d7ae4ef0507c91b8e706e6dbf83d898819192c812554ad1c6377871a8ca50f1325630f7b5266b807ef61d0c8d399fada49cb02a14c16d39f4fa7b81272573808e761c9dce7cfd12f4f18dd06b0ee471c166e095bf84aa4aaa2d82f1afcf09e5d960257c0a8dc404225b4b62187829c59e57da50bf848d72fabfb69362c117c6913541f84095a2a4ccdd2d30860cd96640bb2315e435a4af08c62c584ad129300adb02a871f3c548b96c4f6c47efdf4a1163a8a5ba9b4766b01437bc5957324660a8cd87df0f7e000d1309e896e3ce9f57b17562c9368a95a4cf66b3a5b57f0cca563b045452bbc8ad07b96fd0322728ccb3b05bfda14ef36ecfa2f32c5aa899811a67f2d62ed970db5723d6e4e4913c98c81ed6c03469112c23549f7e20be6401c6544db9078f34e6a4ad3cc868bace2e7ec6ea17225986f9e941ec67d9a3fc57958f9df8a60f585aa38b1769e26ed3f68dd85685b2cefae9dd72a18abc0de6b94689785df377ef4a812a6abc7f738a396f0e99ccbc5731801c36e746ab6b1dda88ca6ecb899528e18543cb3dfd439cd5be566594f01a4533da3638e6331fedf5b67870938ad044aa0dfdae33e3a6258ad40baadd726eacb1f3c1eb8d83ef4e185d7603a4f1eb006d90bf5849e2f65d37ffe750eb061bbad08a0c0cfabb9abf7f27d36ee5687d23feaa923e09d2ae905410a9193f21ed9b1d6331bb1f3babb90da2f2e023a6ceda4b4fe0f5d864738ee7f65a0b136021fbe076b4adf2d3af760e1361bad7ae35cb7ca010ddf4488255a2d3c492d0b26a1a5643f998b5d04a52a59f176d9bda85c916ff901329f09fe953b030b92f6415172476ad89d3e8cdcb4eda7dde5d4fcd5d6a584a312563558e784b0f9bcea7c53d26c3f2d3350c70a5e06a67c4c0373dd6279e29c320e6580fba8ab2df3039c289235c066af1b07dd112f25b25e292020f36c1aba246cba4e054d64b38f53ed57a712dffad7d3dc97f86af511638a2779107fc55da63b6498ea5f3ae36883163e5bf2324211a61a9889278f828e58daae797fdba9218d322da7aa23db7a48a00", 0x2000, &(0x7f0000007a80)={&(0x7f0000000400)={0x50, 0x0, 0x1ff, {0x7, 0x29, 0xfffffffd, 0x0, 0xdcf, 0x4005, 0xb, 0x800, 0x0, 0x0, 0x2, 0x3}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000042c0)="0d9ec529eb18ec94a35378619cb10ff8c913f67139447b7ee0cca809e36c363ba1d3975a7446b70c6bdd99e2cff540eda7589ea89efeb498df568916036f0848ede5f089bf502b483c67c0432c34b98b1bc085a99e2981103397e0b0eed2ec64c1075798b56a42ea532091f5326c97622a47c53fbf42e71c3ed4b954c559424b49a13598c6c63ef65b62384b038b3e6e98ebecd178289831eaecd986a01c751e8cca7a57c009f2b5310fe9dd8a63b91c4b5b13d1c44d2b874b32ae3e961b9e96a511ffaa3ed20248dfb470460d305e44ffcd287b355380319fd31f7538c6d00de06ddb8f72b3a59c4699c94d7379e1e190c6dd7786e12096f9e963a038b6b4375535047135ecc07b16035ceeb27ed09d77f52b6eae27a03071e060b05bf347b9ba44a984e5db346d230ae9c5324ecfd4e7725bc5019a9f4d20237c820359d73b82f9c668ae71f6b85d5350140a16f988bb2b8010effb52636e0b728be1b1ed37c1b8868ec67edd52951dbf65b479aa25e92667a98c755d88995e6303a48a64317bd4b201fc6dea59381abfb5e0fb1035bbd32a97a6324b08f404fe3991879a0c6362032864031737941d9cc534697da61a43c8723ecd1062906b65c504d86383cdf9631f228372b13aee64f8ea8db00dffc37fa092ab5daeb7431dab37091c44f91c9202df60876a6e06ceee3e6a095406fe5cc1f83de1a4adf36fbef5a94a622132cc85e56fb53a9cff67bc69a24d8c259ccfe19b1925061f0cad95d6b4158c1394b8acfa9a8f52a566c6cb4e0b14dd30c85b309289a5f395e01d981735f6fce6ab30994643d70b2f322b7a233a339e621ea2eb00a0082a175c231b330a58062680546c28db8ff5b7e66c0e3df0a9b74ab72abfd241fcbe1e3d27a2d1eab44cf88180dcef4482c866324133f9e4780b891a7c5000b005cab0c131c225e944fd1aab5de9e8d17b8770b4472b6e4a13b6cce90ba152e5144acf74cd8a9821ce3eae72dc7ddc81b76482226098329c3a8ecb923822610aa0b086f44329522dd8f9ae355b4666d1a10911ef8e21377578b42fe6ee0b2a77917157488d6e0bb388951f80551dcaebf212b396d1f922aec595bd340390d310f6006c4b3efdd80838f39d25470db39d6205ba8f52bac634f8145a3c10ed007acc2f25c5dbfe911f18f44a0c57cee33725eb8c5f2d9112f91787c2c323b67b67d9d1f593d26430d77189d4678fd8d7c11c1f2d744ad59a03a8cffc52ee0293c90b00d61897c80184aa63fcf43c109b06af20c808035af0a0bf9cbe544681768f92a2ebe3b4458dd020fb0550822bc2f769631e00d63bd91e7100299bbc4ce53a35e993e24028dc5c81d46f5377d21f2f38a9688ed981044346b865161b68f3390a50c2e625052396cdb6637e9434904c63d8ca45aa2325626293cdd9cd0179b1d995be10281fa8d281db16320f520e42af268ff30dc2d8885aa3d9e7f294eadb4d827d195cd5d18632928f2153261345c231efd143288b881638b61dc5dab8114c1948d83b8ac4e278f131ec3eef4e87e43a36f4b41a699a741ef3a7cd4f0bc5dbd2dffb1d223a5c5b38b98e49092631a176d15c4f3c077d639726a3482bf2fdc73c2bdb09208aaf90bc64b5fee89d231bb1679de3e5d31662db2c5824ce9941f94500e5a11b8fe79da548efed8cc44e9bc1d5175dd77fc16f8219a83b83ccca2181bf411b0945312598817e08e5277530eccffff17d198613cc8c991349141ced56e79031ab6cb98f3f39e5f20bac76017083041a1ee99ca257d0e0cf95e59617139afb08cf0c6a607d3f2ac2b5d3f4394a4a063c9769bb884ec522d46138228c7e9b5c7ea5e3a6c70815b565ce15a13fd0a5deb28e710c15fe25c744b430b4f6482532fb96566381c56e12632cab5acb5e08d6f973003c96a7d81ff76966e0f93c83c462bfcef230939e48c4983bfed78f68b0f540d1fff2196cbd1f1c1a1c310ec10f5a2745407000bc6db1fcc8540282cc7e96cf5582c4eaf874a2fe6369534176429b7505eb0aade883260806be2d86a42e76b315a76e5f686ca669f49e1f9054a77b8eaff14a43e9a9801244e8e94ff50a17b60dee0122ea70819bae3375070466c7f202c4ea0fc0c9aaae50c43cb65febea224c2b554e937f67689b3e18ed543749a7ef0997a7a7530b918c4ef935137137e1ee7e6a8919fb76a8f008ddcc2d8b2e18f3eb90f7a13cf4f49170ccf50c75de82e92a5e2d1f311e59071ff202b6cae4d6243fc3787cb9fbd401938cc18dcf5620f8b8f74e9e3b13dcde85ef896f31f5a2458118addae77206ab1506882f91873b4828950a7b91ddae74888155a9c486c7c60492813ac0e33362dc4e21e00538e5b05b78271d82486a0d156d4a5a07085bb1cd74f5d63763f18648a489352b5d05107909fe54b5d332cde2900c82c150b11071e028eeb275cc9a9614f1eda4e4830b128870e732d473100c24152aff2aa1659daa65d7e9591ebfcae5dca4e84c9a0965a01668e59843ef4a093d9b01067a0ae9d09e3d810c2cb63600ee05b10fc8685e8cb150e2d6d75baecfb8762f7a7d131417eb0721e19e1d21f5adcc1e09489f06b81d91b48608107fc7b3853e214a3c786a9812113ccbcf09907506d0e9cd72c79793584b4fe06a18a627bd969f628a5936367961f1e7d117d03a8fabc85f5ecdd0ddcfae49aa293893a2e5ae376be11031abc0e05ff250b35926345b52f8d3dc02b7497f7513e759247353db9b8e493120e73981aef4c4d9747621537a089848754c14cda1cad18084274e98ea2bf7400ca846184e0e31a571f9bd770222b1038a4ce60dcf8fe9cca4d60048cc29c37c1345de992e9dc7128ef093c1ce80232a88a3da7ae8bc87120c5b1f405d5186141288998fed9e021cd0ad6b12b51c217849390be3ea00cbd6c755958140bfb9b2a2765ad1f51ac045fdc5c28ee5886b1436015b88bd90d19328f91394110b0d891678e63b63d6cc4d35279f6f616d7692c6fe177a79d80ae8f7e4ad5078d8d7096f3ee664dcdb2f634eba98f4788de1f5e34f32ef09e2f0aee4fdc5bec4bc4aeec5721ac3a2da1bf52da017c3312095403d50dcde39671242b610f11832773796557f71455376a7741ab242a9fc94464180bf224d5e8c79b462e3a816f6c08ab0f5503386d34ddfd808b4b8d5d333548d4b873923c6c297b2fa1abe433ec9264385c50dca40316c37ed85db382e7c853ba331c727043cb3345de9f89b1c804e98205eda3d6b6e042c9c41877d456dcb8f12663e6dc1ba809229536fbcc4c58d01a137eb80af8596dfc7b5fa7a044cd141238aa82e440526e55a28c4ed2f4b26157a0eebb4a77c5ab66fcce2602e1a70aea07e5e7e7e5321d58ad128a5ea6b574730037f24a7300e0ad6fc96bd18e03763bbbf21bd3c388aff1cc5ea13728ba2f8e1eb70148d2603e55bb01cce0763c2020b5627a0ccb35ae3a9b3df380e6d9800d9506219a90971a3b8bde1dae6a43fce2aaecbc026be8f4e9bd749e10c87ed7d78f92014342fa449eef28e7175548e5a8ec4fe7d31fc86737aee63ef40b54485380b6898161676f0d82f76113b12a529fbce4482dd278a90aa416077c677aea623ddb3761bc81527ab7e3d73a3b4c8c3e4352c7c083cee8953ebd972a83caed837587e8d7cf360f28ce6ca71de75c9174e8744ba1098513bb6c7fdc6a3c7c8e5870223d6cc0b18b5d6edea926d5376aeb85488d3712e8f67128f0d3fb2b42f82363a0d4c1c806ff283f6e4ddc10ce4a0803be66a247207d6606c7dd67cd293dada159016d7fd7e88c4df53d09bdd9fd9fa3c732da45fb92bdf6f442eda15edd97bf1928a7699008f0b482240a684ff5efef0cadbf1b4f16888650d59b2bdaeae0d1112a79c5522dd0933ccc16fed7cd0ccabe929f625de8947b3b1532dc04253cca988a1584df2b31492b19410d6f681d614eaa20029592c00c948a98973a9fba87f1397f8859ba543edeb5c0b0db92f65462a1103947d780b539433332d65bd1418bc00c9e815f73e0cc0aca5fcc9f95f707c455013a55a0c4a29093b05b94edc5b5284ec7ccf3ec091002b4229036c174e2927127f40769ece890612bbeb960d9392f442765a2ca8990c52ad7d4441e975a7cf079d139945f2b2a8a34f0e85d76cbc96efbb52cf8b5ae681234e14b6648244d41cfee2d9b189cd831cc2f31ae7e5f11aaaff1629f8c2cf73494ac38e58da7010dd986f8b6134ee0dabfdcb30617d15720cffbec7651f22253aea21696d2ece4fe026543ea2f3473e4c12e65dbb3cbf764ffa0b3a396382b9b7f0c24eaaf3495554b2319b66f3cabf01a8d6cfd1382d94ab71cd11eae2a42e4dc841d4a9732c395688d3377c8ccff7e3f88a3129855a5f41a7de6b6a9ac40a87c288f4821295edfc4f5b8fe5a1fc0162e9820205c809935cc6047e8a835c651be02fb41c21de30ac770d7a7f2108c6a3f1cf2649cac444f028a6ebf4db422cbbdb7fd0cb39109a3130ffae17810bb58f5c557c99670224c2678fa07f1064911e6c665c0d1c26cd2f40f7089789208a48eb339bb8885910e035b4b8c69b1c3ad79270ac6e70b963493a6628b90501822878cdfac866268d914d8af2814612b0198f9e4c6b48e739e414d61f34e2f69ff7cdc4fc7ffe45a64c5faf191ef6c4e31cecebe09a2f6a63d60926ebaa7e925ccea5c93e403c7ec0ee55423ce4893471440006d4c09c141e489dda5577f73b57ecfc764ee5bc1bc88f7866dc6a494e3ee560c956dc12ae51842030251f1cedf2caca15549d0bb4ee3bef03702197350cd7586b5916ef6a0abcb5f30548d22ce5d8c4dbd82030b8d7b5481c51676b7d14d35c20346c74dcc7d96ea0b13f890f755a219993e88739da8246283ebbd82eb1b15956b5ec16ad523768c19ceba9199f97d7bb43b85fa11349ff7fb89a97b463b34c584ae9e2af6c8f20ab528750a22ff6c2297e400065fbd9a4660ec2c658afff6db9b67070352d2aa5e6cfe534eeb5ff271575b828dfd7f537e3627a1a6419ed0c84297fc3d362a52f3860a2eb7ae0a50f06d3c68c4a1463ec331ead7af2dba792332218b04d5b585de1a471d296df6e10316852d50f211e07643f749a1d75410e66e47db40bfcefe4b708d0b2879a50ccbd85939b89fe4b905a6a89a2d5a4e28d18c048e66108a06d8b6a64ec5737b5ae283d914484167c8ac7dde7ec007aad1999854c4d6a0e5f887f99de3662610d5e8d49bac7d41d6fb7d90b4b04939638e2151ba67e75362aded50edfb7d9919b345b5b7df6a909193ce64b20470e3480c68bd764968f4d8a5779ffd9a35e58558272a214ae26a094360b9f2ec97c5e0a7693f4b7509b962cd8537e90ce7be70b54e9531e7295f894b94566df49c50c2265842392dff50e17ed3f7beb9ba4ad0520a73db1d8d3b39759e7fffcbf26517316bc74437fef944fc915ec24affc1a53748cfc883e3ddea9e25063ea8383b06f0d5c9db13a0ff335f52699226b391543060ae5e2c25b585b9efdd5ff9495a4873cac58b5feff5f08717b04e81bfea349accc58fcc6a6505de3aa6ff4985d9c38bb83e8daa663ccb356df3ed52343ed7723687e416816f987c565eae22c7548c1d6b56a5b6819583da0ddf92739f65e604e37b3275a6cb1252d4ef7a515c4b1e9068d714be80066bf0d422f1e4d2ce6f95c9eac081d6e4596a6a8e16a57b732b575b7de16f176ff0e34e84b293d3fd77fa30a7b7cf12a1edd54170e56bf7f2d40620ad56acbc5cc615556300ff9e95ce3dda93c8333f23f0d97a5da12a0fe58f95d6b911f614563d343ac6e4f9fee1d149c94fc75a97ac839b6d8d7b27c5efb870d2bfc6dbe6b688490b23597d83982d7858215c59011042b1957a0b386842621c72f89a9b524008794ffa0c179753ab48d0f73e5ff13624b3b90287edaf6a5367dcfe4094a21ffad3e881b428b77ccac6924d5bde9c781d4189654d8f29885fbde07e6334c6406dd3ece359c6ac7c6147f5c4906e56764e9980a669bfdddd9eb780e7f9988630d1eb098b3e4fd4c795f11441fb6d0ff7cf086eb291b1ec8d90092e1eaf9722ccdcd15408617cdb8c49043bf71a6ea0ee6b7e840344fbcd377b995bfb1faf22754fcb363f6c630501b619bbd87cc13d5df0948a176771d2d69236eb50dd313817d9687967e7d71f854db6bff803f4501d999dfe3da37ccfdf894a7914c4c113fa7a18c3468a52d646a5070614a6f02b7ff21c9f6927f5de55be85ba815f4bb9e29f26a94423c58338947c804e0627d69bc5a6e93fc5fe8cae851700253f2d494622c6127b4d77bf54a1ac27957234628cbe2fea1729ec53be7d90806d510ccddfd76fab1b9bf1207db8b05c3eaa88fa4c0a5db13cec9310f4e02c1d8114705446fd6649df3829aa12786b8d10b4540d8c1f1c8208c4b41998435e3fa1ec5199cb2d3d0c5c04c5e0b3ffd69112252106bb39333ff23b38d167a9b45ad1bdabf434c8695e2676d461b34c5f048e70b67a44d824baa090c8be13a22ef0d0970cc7a94ed4b77bfc3a40427c6c11abd2b415817243f6801d535a3adc9924a1671b645100e822a0c1876a37d9c9e230e3d762f1cfbb89a8b28255ba4cc5b46cb1635cf185578fa068b68bac93991982b48e7faacc09745a7e33bb12de6b25a2342a7e03cff06dde29b4d05de84e56c78fc6d9dcd180438da3136767d5846bfe7168faeac5b9434394bd747126c5c1ecc6621d10817ce9b6540433828a3bb8f6da0cd8f2b54a47cd5473f6bc3dc1234bd115a6890aa678d1bce7840d7a4559cda556740860079e46217c20e45ee59b8b7078d9b70cb6a249eb2e5e4071d044f456fb61649f261689b8d7a532afaf88eb30041242ce491fb7e654a1f06add370e2706f75c2fe1afe8e065804414c660ec4d96f496b1ad87592de8b7d04baa7ab142f580f262c64c57fce8ef933f18904f001809cfdf94eb679c9eced5d125b4f1d0064ca2ccf5eaf61bb7841bd408ae213deeb15d860f7ee7224b9d2dd38ee9f6c3fca6590335715c218db8f8c98e6339a6944817a1ce2e115ae984699861631b9893c143f594d6dde0895a0c7edb9912fe9cd8fd0765227b3963033306d15711387044bc373ac10d7be73cd80f1a79cf1ea0989ea9ae8a0dbbd1227bc33df652792a6bd95f1d21c6497c4c35b9a1eadc0217e322285a2eb832753aae74ef42fc983e58a126b7c23e4b0bac16f0de1eff7d41477bb25052f32cc9cc956ebd209d6b945b1fa9182857e180672a6be7edeb5234830668b1ea749d0a0dd3a244684d4dd76221c3bdf98c2f1eacb7a6dcccafd249b0ba2592c88790de40895799ea4dfb045cc2392dbb623bfe420b24e5a425b84a4b24d787a68bbec9db363ac4e9453df597f0224d8b7b21629e1989e53accbae97e189cf9b59ebf8bb89591fe3fda450af548ffc46eff98b5216e238a9246e2fb95810f8f4d89504633a6d223484a765b9e6e5497159b31c51fa6cc10641bafa81b10c5ab853f3136fa1b4334bcbde99cb4689f077ca3c29c2f1aca2a05762943073d5992aac4d9b0d411ba25905c34fd02b8eb7b9db375a6f6516446cc195eb55eda1e007e26328e9e2642a9c4e90c56440cc60a1db77713860a56820901b3022d55c621e9d54f759dd17fc5b59331c63cf30e07081bf0cdee6cc94ddfe8c6179e7ed86607d4ba7d5f1e97fbc1139b43ae5fd04c1c715f4600f028d0852a421d472b1b48e591b6edfebcd86be3db2caf967b06776096e14f0deffc9bb126ec329c49ada996b963e942d9c404967dc23bdbd0eee951b2879f2ef7ae224d4ff25edac4ddeb2c0b8e579af283e87c625d3fae5286fa855930e45207af7054763937a9247dc38e37e6dee2e325b617280846012e463707b6ccfa2fc399a66e534221a45626cd18c79d46f5c77c2d359e19ea870cd230709b5e33cd52fd43388ef91dea0a1e0df6c72688d9fd32bb67f489a3618604ef1dfa0d7f569d40cc68e39994e4edab4007c988998f59485ce4723c1eeb7c72f7e833418bab47735a91c7ab24e8555d2ccf3a812b6c634c0c3a68271ec8b536aaa442e056945feca6fb4e54d2cf60a0334f494b2bdb6fbd597de0ce9d2cf03333a0c7121e086aa4c657360fbfb60f3ce0fc0d90ff12b03464e8ff0e5e546ff79735c5c800a0f9b680a478c772f60173a760e280d8287681986038444f2103e2894d5809d062cfe8380e34bca86475da3d7634131c2a8cdc98c5927bc137db61f94eaf9a74f87cc85072c201766eae17fbd5b732859fb1b1c980b36e377aa41a95bca18ccea529420e742899af7b968c1fb9c0d181da9f86358dbeea877c3e9123a9289c362fa61d96c707ac94b427318a1e5f21078aa9d1fd7a52704e0d73e527f3ca65b7b459734dd30db5335c450f1dbcc1e4259d657d13b6d6b4adddc3d0eae034d1878cd0aa1825991d75f8e6b5b4c0d6d17e8ce709b19ff794a8ef856abdfac65cd13631f1b66b20f2ebf2f3122d18e03cbfff88206a5998fc3cb2b40634fcecdb8f5bdbfe044dbf169ccd2cd60f7bf033272f38f587943fcc75d2d65d9028c02891c8415706c2b2459b7a3c5cc82b0446088d3b3bcc033ad453136afd4ac4678320fc17288dbfa1c5180ad57508a2a298ed4ebc716ede34fded574d9779be5d56517d4dd40f197312390c488f46914b0927b13901ce70c1684801f2811168fab533998a1fdabbb6e683abfa021f6b80077f19455c34cecf5dbdb2fa6e3930eb5940cb14504050cc74249424310dff81116b8f2076b8ebece84c302e758fa90af5a1888aa8a5a2bff4aeb7ebd1c7a216bdbb84bf9c021caf3c8efbfdc5d3aede46381bcda372a5398c89868ad57287736fec2a7e8ed638974fde5875eafa506a6bd7f772d2b221f4bde4920fe0c56f8e0847e2a7e8387c64ddef4203d77a526c46d7871befe0c5f9128bd67319acd963fc040185aac4e7815f728bbd7ffd8f3d125e63320182f202fa9a52505be9585556a5d1308c118ccdf01978027cbace7ab339d6f53d15e795b7f3fedae4f86c3f257ed80ee634375dc2333ceed1ccaeab1b6be7a9611ff33d79dccdec2007558c06dfc06612d56d37882e5f1de340cf05f4fffbe1a5def6d045bc5bdaf633f07360f9028cedd103bf03fec8beb9fdbf8c5fc684d12efae1859c53e2cc3e2f508a9cd0410ec036648d3760dd591f7ae04e4cdd61a2566319c943f0b63d87e422dfe5c0d1edcb2dc515778a0d7bb2c93ced3b1435adbc51d3fdca9c13679397bc4490093d64869998d6a28bb862ead0fa411585289cc00dc199eac6c607b8a84123dad3be80dd8fd86aa202113131046336352235f34c05f5ea6d5265adda98edbbfd11d6839c5b1bfe4fad4e688558d633d4a281df44d9c0a35abd464e01f8ab01a1e272cc8cd155a40b8aca4c6b1dc894c0fdc02f15a8f67ce94c7f99b6fcc0e4a3a8a71365645ad7809d47bb26f46ed8bd02f6e8f3d277224f82f3d41695f367e343ac6d507413f4bdacf9e344a49156c4de36d68c075415f8004748055b38b8a4110f869fafcc59cdae5663eda72a05be365a50e98bfd4b00e35aef687afae7bd6622cdd725326776f6fb1476c8cf8c20a0e5223e2bea494a1bbe4e79b25a5e48ba34bc66a84ecc4a0aba98e74ca2b1f61893e61a29498d855a778a2a9ce7b7fcaa44b4aedcbd0e28d6c49bdb6776975bf69161f372b964e4288ce6a3b877c3126f90c4c9749d45b8c5c840983b035993e484a945be5fc9d2d1bd3f3de4e6de7bc74a7a07b13e9e82acc11db85454f1d928fe52ad42ca783fd20dd3e94471b498c2736af40d2a45ff74f9ef874639e33306daa8a667674571e2ed93a48f49b57e9e3382fa8090774bc795609ee510b6a1ca48d9833819cbe8ac77eeebb0e3b6c59ced2d1ab355264934ff1914a3f654249bba60a692dd36368b8a866b333320e57e9c7d3646c375696ff14e303780ffd7b957d89ccdf57823d2d1e158773c2075233dd2f331eafe3802da683c293eaa24cd8b63a7582ddb202cd6f8c837c74f823727641c7eb680fe51ce7f250adb34956e4cab17b8a5f10edf144c700e376c682dd46c8fc89830fee1a44fafe0a5a2e7581d5d16ad6267d1dc2d5be8547f9352d1591b42de94f2559b44a80038360c6394541a77d95b196558a479b609882fc597b9cbe285ad7c7a41133ed85c8ab6e6dec5bf70f9e787985512d48865022705098a6703b255a6f2b05b62fc7ab32e67f06d785ccb33fb348205a76939e6c2991486c5aae8ec1556b2f8e30ca445a4a495cbf2c6013042b8cea615e58899fccbbf1fc4f17a6dc37e46b17ada0be033dc67904fbd7903086d3417e423af64338426a84ca0c2a3252db62695f9cdf10ebc09b9da5747d30e7f4adfb374e1d2bb24542b0373b1fb897690b49fe24d8575ec9800f019c9c76459421c11f002989ac82c13c04a202cf7f9f38b053f9a680d4d5012887a11d25cad201df20a4eee6d2c0474055579ac729c7514a88b1675bbf6b773448c6c1a5ccd157f44f7e032a6b848f2e734d773f029e48fd13c90d41666f9bd4e9bea91950737b6e7502f9d2677938f240e3f905d6095bb0f8bbe961b99b2d025538c3888bfff8957e3592ee5b26a75399b59c697f59fcdfbbe3bcffb8777340875611bf75486d2378e68de771800bfffe0572fb36ca855ec5fc8cb90c76455773c36ec40b101fb30c48f8a8e775f5220e024b4da9dddc2fcf4da413e7c5db9e0567cbb5fad0c91d779a0939debd9247d3f7d8107fd986f73a9c9067e6594fabde0b9e887040cfbe7d31332f41259de57b38f33275597725392efea51f290b8e1b5c243ffd9eb4c0231600f9b4b204344736849d527156c4720a463bbe88fbbdc333099d949853d5c6fda98bcd35ad3f1fb1d5a7d00541a8a202c8590e35360bb9d25d6431476649e1898f901fad37975d6dce9833956e7a78d0306f533d4aa3c9676017c7abc7e1f8f2f117774a4f5beba55d1c3cd580fb18defccc349cce24e94a4cf1f4c6f45d783ee0167a55369c9b5e1eb6d0a836f3eb2354fad3cd771a9d777ff84c63120baee86ddc52b3e6817dce339ac9c240e75f3e2f77afbffbc1d54eb5936d045370ce3b77365c5320892dc7bc36e488019461d2e552969de9f25bd8de049d693be450c43c5d22d7569fc384e8d56ddb577c5f3c3471f5ba2998bc0c697a06b6d8ba5f2f7236e78aaed69b468e761a5f07145c0326ebb94f50aaa8c5666c92006d8d139036f981003933f8e2eba106a0e251fa9f5407544e44aedbbb271a3bf1c660a9cb8c74dbd0713aaebba2dd046af8b9428709646521d6bf387a92996b35748e1e67b602309b7da0fb642e89de19f550925f4db082ef7e9821ac4b2aee93c9cf791c086751c4cb4172608a4f903dc40727858046851529205b45786e294c17abf5e5f6bc730cbfb8fd977c5501a8140ac7984a267880b53cb94157be9ac157be1cf12d8a9e5612947772b734ed6ae30e548a3b2faecf94a7e03f86317f52ac797aefb957d2a29de8f8ced414ce22c800e0dc7e49d3672fca633248f3e68c00", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000fc0)={0x78, 0x0, 0x1, {0x8, 0x0, 0x0, {0x5, 0x0, 0x8, 0x80000001, 0x40000000000003, 0x1, 0x9eb, 0x35741061, 0x41, 0x8000, 0x9e7, 0xffffffffffffffff, 0x0, 0x3d, 0xe}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
utimes(&(0x7f0000000040)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x64000, 0xa)

6m18.371343195s ago: executing program 1 (id=176):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=@newtfilter={0x84, 0x2c, 0xd27, 0x70bd21, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x4, 0xa}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4c, 0x2, [@TCA_FLOWER_ACT={0x48, 0x3, [@m_bpf={0x44, 0x1, 0x0, 0x0, {{0x8}, {0x1c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x9, 0x9, 0xffffffffffffffff, 0x9}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0xc, 0xbc}}]}, 0x84}, 0x1, 0x0, 0x0, 0x8848}, 0x80)

6m18.186026519s ago: executing program 32 (id=176):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=@newtfilter={0x84, 0x2c, 0xd27, 0x70bd21, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x4, 0xa}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4c, 0x2, [@TCA_FLOWER_ACT={0x48, 0x3, [@m_bpf={0x44, 0x1, 0x0, 0x0, {{0x8}, {0x1c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x9, 0x9, 0xffffffffffffffff, 0x9}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0xc, 0xbc}}]}, 0x84}, 0x1, 0x0, 0x0, 0x8848}, 0x80)

6m10.052790236s ago: executing program 3 (id=313):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
read(r1, &(0x7f00000002c0)=""/138, 0x8a)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000440)={'syz0\x00', {0x5a, 0x0, 0x2, 0x1000}, 0x4c, [0x7, 0x5, 0xfff, 0x81, 0x101, 0x3, 0x7, 0x0, 0x2, 0x9, 0x8000, 0x1, 0x0, 0x10000, 0x3, 0x3, 0xffffc577, 0x7, 0x6e9, 0x8, 0x0, 0x3f5, 0x1, 0xfffffff9, 0x1ff, 0x7f, 0x7fff, 0xff, 0x35d, 0x7fff, 0x7, 0x2, 0xffffffff, 0x5e, 0x7, 0x1000, 0x0, 0x3, 0x5, 0x7, 0x8, 0x800, 0xfffffffe, 0x1, 0x0, 0xfb, 0xfffffffc, 0x401, 0x7, 0x9, 0x7, 0x8, 0x1, 0x9, 0x1, 0xfa46, 0x5, 0x915, 0x7fb7, 0x1de, 0x1, 0x2, 0x3, 0x5], [0x3, 0x8, 0x688, 0x6, 0x16, 0x8, 0x6, 0x46ecd1fe, 0x0, 0x52, 0x3b, 0x0, 0x5, 0x7, 0x9, 0x0, 0xb, 0x8, 0x17de3372, 0x9, 0x2131, 0x101, 0x8, 0x2, 0x3ff, 0x80000000, 0xe, 0x8, 0x5, 0x2, 0x5, 0x545, 0x9, 0x5, 0x7, 0x5, 0x81, 0xbe, 0x6, 0x0, 0x1, 0x80, 0x80000001, 0x7fff, 0x4, 0x0, 0x5, 0x3, 0xa, 0x3, 0x4, 0x7, 0x8, 0x2, 0x7, 0x4, 0x6, 0x400, 0x7f, 0x9, 0x800, 0x6, 0x8, 0x9], [0x401, 0x0, 0x2, 0x1, 0xe6b, 0xc4, 0xa27f, 0x4, 0x6, 0xffff, 0xe54, 0x5, 0x7, 0x1000, 0x9, 0x6, 0x8, 0xe05f, 0xff, 0x5, 0x1, 0xc0000, 0x7, 0x6, 0xffffb477, 0x8, 0xffffade8, 0x2, 0xfffffff7, 0x800, 0x1, 0xe67, 0x10, 0x1000, 0x4, 0x1, 0x7, 0xde, 0x7, 0x8, 0x6, 0x2, 0x4e1cd451, 0xc, 0x5, 0x4, 0x8000, 0x4, 0x0, 0xd1a, 0x5, 0x2, 0x1d, 0x800, 0x80, 0x2, 0x3, 0x9, 0x2, 0xf, 0xe9, 0x3, 0x5, 0x9], [0xd, 0x6f2, 0x4, 0x3, 0x4, 0x5223, 0x0, 0x2, 0x7, 0x1, 0x2, 0xd, 0x8001, 0x5, 0x8, 0xfffffff9, 0x7, 0x8, 0x8, 0x6, 0x2, 0x8, 0xfffffffd, 0x1, 0x4937a73c, 0x3, 0x1806, 0x1, 0x4010000, 0x6, 0x40, 0x5, 0x7, 0xb7ea, 0x2, 0x9, 0x0, 0xff, 0x5, 0x80000000, 0x7, 0x0, 0xc0, 0x9, 0x0, 0x289, 0xfff, 0x1, 0x8, 0x3, 0x2, 0xc, 0xfffffff8, 0x5, 0x7, 0x8, 0x7, 0x0, 0x800, 0x5, 0x2, 0x7, 0x5, 0x1400000]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

6m9.18140052s ago: executing program 3 (id=324):
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000040), 0x4)
sendmsg$tipc(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4010}, 0x8820)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)

6m9.097557575s ago: executing program 3 (id=325):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000bc0)={{{@in=@private=0xa010100, @in6=@dev={0xfe, 0x80, '\x00', 0x12}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x33, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x0, 0x8, 0x8, 0x4}, {0x4, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1}, {{@in=@local, 0x80, 0x32}, 0x0, @in6=@empty, 0x3506, 0x3, 0x0, 0x8, 0xfffffffd}}, 0xe4)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010030bd701004000000050000000600010005000000080009000200000008000b000000000008000c"], 0x34}, 0x1, 0x0, 0x0, 0x20008000}, 0x30)

6m9.076801277s ago: executing program 3 (id=326):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
umount2(&(0x7f0000000380)='./file0\x00', 0x1)

6m9.014396503s ago: executing program 3 (id=327):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f00000010c0)=0x1, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

6m8.734521937s ago: executing program 3 (id=336):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@assoc={0x18, 0x117, 0x4, 0x1fd}], 0x18}, 0x28000054)
sendmsg$nl_route_sched_retired(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0)
recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000008c0)=""/223, 0xdf}, {&(0x7f0000000300)=""/131, 0x83}, {&(0x7f0000000600)=""/134, 0x86}, {&(0x7f00000006c0)=""/21, 0x15}], 0x4}, 0x4}], 0x2, 0x61, 0x0)

6m8.65406709s ago: executing program 33 (id=336):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[@assoc={0x18, 0x117, 0x4, 0x1fd}], 0x18}, 0x28000054)
sendmsg$nl_route_sched_retired(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0)
recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000008c0)=""/223, 0xdf}, {&(0x7f0000000300)=""/131, 0x83}, {&(0x7f0000000600)=""/134, 0x86}, {&(0x7f00000006c0)=""/21, 0x15}], 0x4}, 0x4}], 0x2, 0x61, 0x0)

4m47.365009526s ago: executing program 0 (id=1661):
r0 = socket(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r0, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r0, &(0x7f00000005c0)=@proc={0x10, 0x0, 0x1, 0x400000}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000b4bffc)=0x8, 0x4)
write(r0, &(0x7f0000000000)='\"', 0x1)
recvmmsg(r0, &(0x7f0000000780), 0x3ffffffffffff81, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000140)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)

4m45.477851163s ago: executing program 0 (id=1684):
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180), 0x4)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000380)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x20044002)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
mincore(&(0x7f0000ffc000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/84)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x0)

4m45.382843629s ago: executing program 0 (id=1678):
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x2}, &(0x7f0000000b80)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
pipe2(&(0x7f0000000580)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
pipe2(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
tee(r1, r3, 0xfffffffffffffc01, 0x0)
write$cgroup_devices(r2, &(0x7f0000000080)={'a', ' *:* ', 'w\x00'}, 0x8)

4m44.885417435s ago: executing program 0 (id=1681):
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
timerfd_gettime(0xffffffffffffffff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000080)={&(0x7f00006c6000/0x400000)=nil, &(0x7f000018b000/0x3000)=nil, 0x400000, 0x0, 0x6040000})

4m44.627612566s ago: executing program 0 (id=1686):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x300)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000001c0), 0x8c8000, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), 0x8, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0\x00'})

4m43.696630392s ago: executing program 0 (id=1690):
mount(0x0, 0x0, 0x0, 0x0, 0x0)
quotactl_fd$Q_SETQUOTA(0xffffffffffffffff, 0xffffffff80000802, 0x0, &(0x7f0000000380)={0x4, 0x2, 0x6, 0x0, 0x2, 0xfffd, 0x1, 0x6, 0x5})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeed, 0x8031, 0xffffffffffffffff, 0xf6d0d000)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
stat(0x0, 0x0)
getsockopt(0xffffffffffffffff, 0xff, 0x8001, 0x0, 0x0)

4m28.666842015s ago: executing program 34 (id=1690):
mount(0x0, 0x0, 0x0, 0x0, 0x0)
quotactl_fd$Q_SETQUOTA(0xffffffffffffffff, 0xffffffff80000802, 0x0, &(0x7f0000000380)={0x4, 0x2, 0x6, 0x0, 0x2, 0xfffd, 0x1, 0x6, 0x5})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeed, 0x8031, 0xffffffffffffffff, 0xf6d0d000)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
stat(0x0, 0x0)
getsockopt(0xffffffffffffffff, 0xff, 0x8001, 0x0, 0x0)

4m11.275246467s ago: executing program 6 (id=2120):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
unshare(0x2a020400)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
mount$tmpfs(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'})

4m11.238651733s ago: executing program 6 (id=2114):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1, 0x0, 0x0, 0x101d0}}], 0x400000000000181, 0x9200000000000000)
recvmmsg$unix(r1, &(0x7f00000043c0)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000002c0)=""/240, 0xf0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000640)=""/187, 0xbb}], 0x1}}, {{0x0, 0x0, &(0x7f0000002d00)=[{&(0x7f0000000900)=""/174, 0xae}], 0x1}}], 0x3, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

4m10.736447864s ago: executing program 6 (id=2132):
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x24, 0x0, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8}, @void}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x8}]]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x40)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x3}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000540)={&(0x7f0000000200)=@name, 0x10, 0x0}, 0x4)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88)

4m10.487282431s ago: executing program 6 (id=2126):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xffff}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa312, 0x1, 0xfffffffa}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r3, {0xffff}, {0xffff, 0xffff}, {0x2, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)

4m10.365192581s ago: executing program 6 (id=2136):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x100000, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
setpgid(r0, 0x0)
setpgid(0x0, r0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x96)

4m10.296741353s ago: executing program 6 (id=2129):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
rt_sigprocmask(0x0, &(0x7f0000000480)={[0xfffffffffffffffd]}, 0x0, 0x8)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
fcntl$setlease(r1, 0x400, 0x2)

3m55.262330083s ago: executing program 35 (id=2129):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
rt_sigprocmask(0x0, &(0x7f0000000480)={[0xfffffffffffffffd]}, 0x0, 0x8)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
fcntl$setlease(r1, 0x400, 0x2)

2m26.067649836s ago: executing program 2 (id=2990):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x80)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r0, &(0x7f0000000400)=""/4096, 0x1000)
mount$overlay(0x0, &(0x7f0000000240)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000100)='./bus\x00')
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
lseek(r1, 0x101, 0x0)
getdents64(r1, 0x0, 0x203e17d0)

2m25.73853923s ago: executing program 2 (id=2991):
r0 = openat(0xffffffffffffff9c, &(0x7f0000002000)='./file1\x00', 0x42, 0x1ff)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x7, 0x7fc00002}]})
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4040005)
r2 = mq_open(&(0x7f0000000200)='\xbaM\x00\xdc\x98\x8aY\xa4\xec\xe7\xf8\xaa\xcf\xc8\xec\xc11\x18\x10\x98\xf8f\x85N\x8f\xben\xf6\f\xc7o\x8d\xb9\xaeG(\xc3u1pd\xfa\xda\x96\x97\r\xdbu0\x13\xaf\x16o\xc2\x91\x16\x00\x00\x00\x00N\xe3\x13\xad!,\xad{l\xc5\x19\xfa\xc0\xcb\x11=\xc9\xde\x8eJ\xbb\x97\xc4\aW\xbb\xff2\x9d\x12\xde3\"\x9b\xb0Ce\'\xec,it\x83\xc5\xfd\xbe\x10\"n\xa1\x1b\xd7\xc1\x02m\xb7\xad\x80\x1c\xff\xb8M\x15\xe8\x8c\xe6\x00\x03\x00D\x83\xc7[H\x1b\xd4\x00(\xa7\x90e\x8d\xc9\x88;i\x04x\x90\xa5\n\xaa\xf8p\xb7t\xc0\xc9\xbf~z\x84\xdcX\n\xc9\xea\xf94\xb5\xc6nV\x94\xac\xcf\x01\x83\x88\xfb`\xa8u%k\xfdm\x80\xa4&\xdc\xb6\x98\x90\xec\xe6:@\xc2\xbb\xbf\x03S\x06\xde\x0e\xd1\xd9\x1c/9\xce\x9d?\xad\x96\x8dSv\xb5%z\xbb\x06E\x96\xdf\"\xe0\xa1z\xac\xc0\x8e\x19\xdew\x10\xb9\xe2N7\x95\xd7\x88\xb4ut\x84MfV\x9d\xc0\x00L\'\xe25\x00\x00\x00\x00\x80\xd15.\x15VJ\xf2-\x83H\x80\x1a9\xd9Z\xbf\b\x93\xd2\x18\x1d\xee\xfb \xaa\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\\\xea\xa5\x1e\xdd\xde3\xd3\xe1g\x9aw\xc5<e\xec\x89:\xea\xc1\x0e\xd4|\x04\x00\xab=\xe4\xa4\xc4\xcf>)\x84\xed)W\x8a\xc5\xa4I\x12\xaf\xfc\xd5[2\x90\xb7/\xd8\x00\x05\x82\x87\x1e\x9eN;\x96\xaf+\xee2i\xd1\x85\xe8\xe5)\xcd \xa5#\n\xcc\xae\\\xfb\xcbT\x16\xfa\xde\x9b\xfb\xb4s\xb7}\x02?\xd0\xb7\xc1\xd1\xbb\xb7\xb1\xf5\xa6I\x8d\xda', 0x7101779cc4dbb6e, 0x1e0, 0x0)
mq_notify(r2, &(0x7f00000003c0)={0x0, 0x26, 0x1})
pread64(r2, 0x0, 0x0, 0x9bfc)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x14, &(0x7f0000000000)={0x0, 0xea60}, 0x10)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f00000003c0)={<r3=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f00000000c0)={r3, 0x1, r0, 0x5, 0x80000})

2m24.712509045s ago: executing program 2 (id=2996):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = gettid()
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000000380))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000001440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r5, 0x0, r4, 0x0, 0x3, 0x0)
fcntl$setpipe(r3, 0x4, 0xfffffffffffff000)

2m23.805723652s ago: executing program 2 (id=3003):
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000040)={{}, 0x6e}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x240488d0)
syz_io_uring_setup(0x231, 0x0, 0x0, 0x0)
close(0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)

2m23.666567418s ago: executing program 2 (id=3004):
sched_setscheduler(0x0, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x300)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'})

2m23.664497423s ago: executing program 2 (id=3012):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000004700)={'team0\x00', <r3=>0x0})
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000047c0)={0x60, r2, 0x405, 0x70bd2b, 0x25dfdbfe, {}, [{{0x8, 0x1, r3}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, 0x0, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000000)={'team0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10104}, [@IFLA_IFNAME={0x14, 0x3, 'vlan0\x00'}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x3c}}, 0x0)

2m8.41748868s ago: executing program 36 (id=3012):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000004700)={'team0\x00', <r3=>0x0})
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000047c0)={0x60, r2, 0x405, 0x70bd2b, 0x25dfdbfe, {}, [{{0x8, 0x1, r3}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, 0x0, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000000)={'team0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10104}, [@IFLA_IFNAME={0x14, 0x3, 'vlan0\x00'}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x3c}}, 0x0)

9.99385947s ago: executing program 7 (id=3759):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x3ffa, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0xfffe, 0x0, 0xa40}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x2)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)
get_mempolicy(0x0, 0x0, 0xdf8, &(0x7f0000ff9000/0x1000)=nil, 0x2)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, 0x0, 0x0)

6.861133807s ago: executing program 5 (id=3753):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000300)=@gcm_128={{0x303}, "fc674d000000f8f7", "c5991ee20139b401046a89606ffcf92e", "2c5be7c6", "a0ca05c0707e52f4"}, 0x28)
recvfrom$inet6(r2, &(0x7f00000000c0)=""/3, 0x3, 0x300, 0x0, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
splice(r2, 0x0, r1, 0x0, 0x10000008ebc, 0x0)

6.799585715s ago: executing program 8 (id=3755):
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1, 0x0, 0x0, 0x2)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$lock(r1, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r1, 0x26, &(0x7f00000031c0)={0x1})
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(0xffffffffffffffff, 0x80dc5521, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$sock(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)

6.735000516s ago: executing program 5 (id=3756):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000240)={0x10c, 0x0, 0x400, 0x70bd25, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0xc}, {0xc, 0x90, 0x4}}, {@pci={{0x8}, {0x11}}, {0x8}, {0xc, 0x8f, 0xd522}, {0xc, 0x90, 0x3}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x2}, {0xc, 0x8f, 0xe}, {0xc, 0x90, 0x4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x2}, {0xc, 0x8f, 0x80}, {0xc, 0x90, 0x1}}]}, 0x10c}, 0x1, 0x0, 0x0, 0x40}, 0x4000)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1180015000600142603600e1208000f1000810401a80016000a0001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x4e24, 0x0, @mcast1}, 0x80, 0x0}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000060a09040000000000000000020000000900020073797a32000000000900010073797a3000000000300004"], 0x84}}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0)

6.631713658s ago: executing program 7 (id=3757):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r1)
getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r4, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x428a4}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x3c}}, 0x8000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f0000000040)="e06921e8682d85ff9782762f86dd", 0x0, 0xc7d, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5)
sendto$packet(r0, &(0x7f0000000040)="2717a90af1a30d71286f47000000", 0x6f, 0x40000, &(0x7f0000000180)={0x11, 0x16, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)

6.585345879s ago: executing program 4 (id=3758):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0xfff, 0x7, 0x1000}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x18)

6.474988717s ago: executing program 7 (id=3760):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[], 0x48}}, 0x0)
r1 = socket$inet(0x2, 0x2, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={0x4c, 0x2, 0x6, 0x701, 0x0, 0x0, {0x0, 0x0, 0x4}, [@IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x20000000)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040803}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000070601080005000000000000000000000500010006"], 0x1c}, 0x1, 0x0, 0x0, 0x20048005}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xf2, 0x30, 0x39, 0x20, 0x2c42, 0x1202, 0x8540, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xc, 0x2, 0x0, 0xc1, 0x7f, 0xc}}]}}]}}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

6.286088915s ago: executing program 4 (id=3761):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
r3 = socket(0x2a, 0x2, 0x0)
socket$kcm(0xa, 0x2, 0x3a)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=@newtfilter={0x88, 0x2c, 0x6f14cf9ac61f9c9b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r4, {0xfffa}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x58, 0x2, [@TCA_FLOWER_ACT={0x54, 0x3, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xfffffff8, 0xfff, 0x0, 0x5, 0xb}, 0x3}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x88}}, 0x24000000)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
close(r2)
socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x2, 0x11}, &(0x7f0000001fee)='R\brust\xe3c*sgrVex:D0', 0x0)

5.877509882s ago: executing program 8 (id=3762):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x400c000)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x4500}, 0x50)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000004c0)=ANY=[], 0x20)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={@mcast2, @private1, @mcast1, 0x5, 0x0, 0x4, 0x400, 0xf44, 0x8})
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00006000000080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, 0x0, &(0x7f0000000180)=0xfffffe1f)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x24008000}, 0x4040000)

5.875989306s ago: executing program 5 (id=3763):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, &(0x7f00000000c0)={'pcmda12\x00', [0x4f27, 0x8, 0x10000, 0x9, 0x8, 0xfffffbf6, 0xfffffffc, 0xfffffffe, 0x800000, 0x100100, 0x2, 0x1, 0x1, 0xfffffffe, 0x404, 0xf, 0xfffffffc, 0x0, 0x3, 0x40000003, 0x89, 0xfffffff6, 0x0, 0x20001e52, 0x400000b, 0xfff, 0x0, 0x7fffffff, 0x7, 0x8000000, 0xfffffff8]})

5.816050977s ago: executing program 8 (id=3764):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
fsopen(&(0x7f0000000200)='qnx4\x00', 0x1)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
gettid()
timer_create(0x0, 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x5, &(0x7f0000000000))
personality(0x4000000)
ppoll(0x0, 0x0, &(0x7f0000000040)={0x0, 0x3938700}, 0x0, 0x0)
read$char_usb(r1, &(0x7f0000000100)=""/67, 0x43)
close_range(r0, 0xffffffffffffffff, 0x0)
rseq(&(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x7, 0x0, 0x1}, 0x3}, 0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$sw_sync_info(0xffffff9c, &(0x7f0000000080), 0x369940, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0), 0x13f}}, 0x20)

5.380329754s ago: executing program 4 (id=3765):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x110, 0x0, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
socket$l2tp(0x2, 0x2, 0x73)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r4 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0xfffffffd, 0xb6}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r4, 0x47f6, 0x0, 0x4, 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, 0x0)

5.162072498s ago: executing program 8 (id=3766):
set_mempolicy(0x3, &(0x7f0000000000)=0x7, 0x7)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40008c4}, 0x8000)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_req={{0x34, 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}}}, 0x9)
syz_80211_inject_frame(0x0, &(0x7f0000000440)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @random=0x9, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val, @void, @void, @void, @void, @val={0x72, 0x6}, @val={0x71, 0x7, {0x1, 0xffffffffffffffff, 0x1, 0x1, 0x0, 0x4, 0x21}}}, 0x3f)
syz_80211_inject_frame(0x0, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val, @void}, 0x20)
close(0xffffffffffffffff)
r0 = socket$kcm(0x1e, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0xa0}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80)
syz_io_uring_setup(0x487, &(0x7f0000000100)={0x0, 0x59c4, 0x800, 0x1000, 0x5cc}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000080))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)

5.146305218s ago: executing program 7 (id=3767):
socket$kcm(0x2, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
r0 = syz_io_uring_setup(0x4190, &(0x7f00000000c0)={0x0, 0xfee1, 0x30001, 0x0, 0x1e}, 0x0, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x25b9, 0x100, 0x0, 0x215, 0x0, r0}, 0x0, 0x0)
socket$inet6(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000a80))
socket$kcm(0x21, 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4800000010000304000000000400000000007400", @ANYRES32=0x0, @ANYBLOB="0000000003120100280012800b00010062726964676500001800028005002c00020000000c002e"], 0x48}, 0x1, 0x0, 0x0, 0x20040884}, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r2 = socket(0x400000000010, 0x3, 0x0)
write(r2, &(0x7f0000000040)="3a03000018002551075c0165ff0ffc02802000030004000500e1000c0400070080000900", 0x33a)

4.819885233s ago: executing program 7 (id=3768):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
utime(0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone3(&(0x7f0000000240)={0x4c000000, 0x0, 0x0, 0x0, {0x23}, 0x0, 0x0, 0x0, 0x0}, 0x58)
syz_clone(0xa800000, 0x0, 0x0, 0x0, 0x0, 0x0)

4.540184093s ago: executing program 8 (id=3769):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x2c020400)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x5885, 0x100, 0x0, 0xffeffc03}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000240)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0x8, 0x0, 0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0xffffffffffffffff, 0x3400, 0x1})
io_uring_enter(r3, 0x351e, 0x483, 0x0, 0x0, 0x0)

4.3375824s ago: executing program 4 (id=3770):
syz_io_uring_setup(0xb7f, 0x0, 0x0, &(0x7f0000000600))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
clock_nanosleep(0x9, 0x0, &(0x7f0000000080)={0x0, 0x3938700}, &(0x7f0000000200))
socket$nl_generic(0x10, 0x3, 0x10)
recvmsg(0xffffffffffffffff, 0x0, 0x1f00)
syz_io_uring_setup(0xbd9, 0x0, &(0x7f0000000dc0), 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r1, 0x0, 0x7, 0x0, &(0x7f0000000000)="6f5bec00000000", 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_DEL(r2, 0x0, 0x10)

4.089503612s ago: executing program 4 (id=3771):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x18, 0x4, &(0x7f0000000800)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffffff}, [@jmp={0x5, 0x0, 0x849aee721dcc84be, 0x0, 0x0, 0x2}]}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000240)={0x8, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4ec, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x548)

3.729814531s ago: executing program 5 (id=3772):
openat$fb0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x800, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000400), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
io_uring_setup(0x3450, &(0x7f0000000080))
pipe(&(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
writev(r2, &(0x7f00000001c0)=[{&(0x7f0000000140)="580000001400ad", 0x7}], 0x1)
write$binfmt_elf64(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB="0800000011ff03000001"], 0x1c)
r3 = socket$netlink(0x10, 0x3, 0x4)
write$binfmt_misc(r2, &(0x7f0000000100), 0xfef0)
splice(r1, 0x0, r3, 0x0, 0x80000001, 0x0)

3.409167952s ago: executing program 7 (id=3773):
openat$dsp1(0xffffffffffffff9c, 0x0, 0x801, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000008340)={0x2020}, 0x2020)
socket$inet6(0xa, 0x1, 0x84)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0xbcb8, 0x0, 0x1, 0x1000}, &(0x7f0000000340), &(0x7f0000000300))
r1 = syz_io_uring_setup(0x497, &(0x7f0000000240)={0x0, 0x330b, 0x1000, 0x3, 0xae}, &(0x7f00000004c0)=<r2=>0x0, &(0x7f0000000480)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = socket$caif_stream(0x25, 0x1, 0x1)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x24088001})
io_uring_enter(r1, 0x3498, 0x969, 0xffff000000000000, 0x0, 0x0)

3.385368071s ago: executing program 8 (id=3774):
mmap(&(0x7f00009bf000/0x3000)=nil, 0x3000, 0xf, 0x200000005c831, 0xffffffffffffffff, 0x0)
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = memfd_secret(0x80000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r0, 0x0)
ftruncate(r0, 0x51a9497)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x309})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f000050a000/0x13000)=nil, 0x13000}, 0x1})
readv(r1, &(0x7f00000002c0)=[{&(0x7f0000000400)=""/224, 0x20}], 0x1000000000000108)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x18)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = openat$sw_sync_info(0xffffffffffffff9c, 0x0, 0x6dda87c55e1b1fc, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, 0x0)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, 0x0)

3.384716584s ago: executing program 5 (id=3775):
socket(0x39, 0x3, 0x3a)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
msgget$private(0x0, 0x3ac)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x14, r3, 0x9c3fa077fa966179, 0x4, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x0)

221.008697ms ago: executing program 4 (id=3776):
syz_open_dev$vbi(0x0, 0x0, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x18, 0x3e, 0x229, 0x0, 0x25dfdbfc, {0xa, 0x0, 0xa6}, [@typed={0x4}]}, 0x18}}, 0x8000)

0s ago: executing program 5 (id=3777):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20040844)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x4000050, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
cachestat(r2, &(0x7f0000000040), &(0x7f000009de80), 0x0)

kernel console output (not intermixed with test programs):

lem connecting socket to 127.0.0.1
[  216.635642][T12000] 9pnet_fd: p9_fd_create_tcp (12000): problem connecting socket to 127.0.0.1
[  216.639957][T12000] 9pnet_fd: p9_fd_create_tcp (12000): problem connecting socket to 127.0.0.1
[  216.725519][T12000] 9pnet_fd: p9_fd_create_tcp (12000): problem connecting socket to 127.0.0.1
[  216.863151][T12036] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2231'.
[  216.898445][T12036] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[  216.902160][T12036] bond4: (slave vxcan3): Error -95 calling set_mac_address
[  216.951039][T12043] macvlan2: entered promiscuous mode
[  216.952971][T12043] macvlan2: entered allmulticast mode
[  216.955375][T12043] bond4: (slave macvlan2): Error -98 calling set_mac_address
[  216.962999][T12045] batadv_slave_0: entered promiscuous mode
[  217.243258][T12064] netlink: 'syz.5.2239': attribute type 1 has an invalid length.
[  217.288448][T12064] bond5: (slave veth5): Enslaving as an active interface with a down link
[  217.320988][T12064] bond5: entered promiscuous mode
[  217.323145][T12064] bond5: entered allmulticast mode
[  217.325558][T12064] 8021q: adding VLAN 0 to HW filter on device bond5
[  217.375649][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  217.507601][   T40] kauditd_printk_skb: 25 callbacks suppressed
[  217.507618][   T40] audit: type=1326 audit(1766785224.968:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.4.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  217.519965][   T40] audit: type=1326 audit(1766785224.968:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.4.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  217.529621][   T40] audit: type=1326 audit(1766785224.968:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.4.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  217.539424][   T40] audit: type=1326 audit(1766785224.968:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.4.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  217.553863][   T40] audit: type=1326 audit(1766785224.968:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.4.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  217.561170][   T40] audit: type=1326 audit(1766785224.968:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.4.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=245 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  217.569077][   T40] audit: type=1326 audit(1766785224.968:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.4.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  217.578054][   T40] audit: type=1326 audit(1766785224.968:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.4.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  217.585036][   T40] audit: type=1326 audit(1766785224.968:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.4.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  217.590112][T12090] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2248'.
[  217.592765][   T40] audit: type=1326 audit(1766785224.968:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.4.2247" exe="/syz-executor" sig=0 arch=40000003 syscall=246 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  217.637205][T12090] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2248'.
[  217.707263][T12095] netlink: 'syz.2.2250': attribute type 27 has an invalid length.
[  217.734711][T12095] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2250'.
[  217.764439][T12095] 8021q: adding VLAN 0 to HW filter on device bond0
[  217.769655][T12095] 8021q: adding VLAN 0 to HW filter on device team0
[  217.774260][T12095] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  217.950718][T12107] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2255'.
[  218.107136][T12117] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2260'.
[  218.425856][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  219.130753][T12152] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  219.350029][T12155] overlayfs: failed to clone upperpath
[  219.465590][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  219.755021][T12163] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2277'.
[  220.025576][ T6111] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  220.175806][ T6111] usb 7-1: Using ep0 maxpacket: 16
[  220.182255][ T6111] usb 7-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  220.187063][ T6111] usb 7-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  220.190287][ T6111] usb 7-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  220.194530][ T6111] usb 7-1: config 1 interface 0 has no altsetting 0
[  220.198921][ T6111] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  220.201853][ T6111] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.204513][ T6111] usb 7-1: Product: syz
[  220.206208][ T6111] usb 7-1: Manufacturer: syz
[  220.206649][T12167] netlink: 'syz.4.2279': attribute type 4 has an invalid length.
[  220.207739][ T6111] usb 7-1: SerialNumber: syz
[  220.219429][T12167] netlink: 'syz.4.2279': attribute type 4 has an invalid length.
[  220.417471][ T6111] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 12 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  220.495709][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  221.120730][T12179] netlink: 'syz.5.2282': attribute type 1 has an invalid length.
[  221.142210][T12179] bond6: entered promiscuous mode
[  221.144850][T12179] 8021q: adding VLAN 0 to HW filter on device bond6
[  221.176441][T12179] bond6: (slave bridge11): making interface the new active one
[  221.179272][T12179] bridge11: entered promiscuous mode
[  221.182091][T12179] bond6: (slave bridge11): Enslaving as an active interface with an up link
[  221.536346][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  221.960152][ T5950] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  221.965799][ T5950] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  221.974126][ T5950] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  221.984283][ T5950] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  221.988231][ T5950] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  222.166264][T12207] 9pnet: p9_errstr2errno: server reported unknown error 0x00000000
[  222.196538][T12195] chnl_net:caif_netlink_parms(): no params data found
[  222.242501][T10050] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.305762][T12195] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.308666][T12195] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.311138][T12195] bridge_slave_0: entered allmulticast mode
[  222.313999][T12195] bridge_slave_0: entered promiscuous mode
[  222.319477][T12195] bridge0: port 2(bridge_slave_1) entered blocking state
[  222.322635][T12195] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.332661][T12195] bridge_slave_1: entered allmulticast mode
[  222.337794][T12195] bridge_slave_1: entered promiscuous mode
[  222.482090][T10050] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.501950][T12195] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  222.507934][T12195] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  222.523722][T12195] team0: Port device team_slave_0 added
[  222.527342][T12195] team0: Port device team_slave_1 added
[  222.542356][T12195] batman_adv: batadv0: Adding interface: batadv_slave_0
[  222.545238][T12195] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  222.555998][T12195] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  222.561576][T12195] batman_adv: batadv0: Adding interface: batadv_slave_1
[  222.564378][T12195] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  222.575035][T12195] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  222.585628][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  222.601097][T12195] hsr_slave_0: entered promiscuous mode
[  222.603926][T12195] hsr_slave_1: entered promiscuous mode
[  222.607460][T12195] debugfs: 'hsr0' already exists in 'hsr'
[  222.609997][T12195] Cannot create hsr debugfs directory
[  222.650303][T10050] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.723816][T10050] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.806789][T12195] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  222.811543][T12195] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  222.817523][T12195] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  222.821398][ T6111] usb 7-1: USB disconnect, device number 12
[  222.822772][T12195] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  222.826430][ T6111] usblp0: removed
[  222.880078][T12195] bridge0: port 2(bridge_slave_1) entered blocking state
[  222.882485][T12195] bridge0: port 2(bridge_slave_1) entered forwarding state
[  222.885162][T12195] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.888217][T12195] bridge0: port 1(bridge_slave_0) entered forwarding state
[  222.917306][T10050] bridge_slave_1: left allmulticast mode
[  222.919727][T10050] bridge_slave_1: left promiscuous mode
[  222.922418][T10050] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.927751][T10050] bridge_slave_0: left allmulticast mode
[  222.929899][T10050] bridge_slave_0: left promiscuous mode
[  222.932009][T10050] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.295206][T10050] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  223.305154][T10050] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  223.311162][T10050] bond0 (unregistering): Released all slaves
[  223.323817][T10086] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.330302][T10086] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.397043][T12195] 8021q: adding VLAN 0 to HW filter on device bond0
[  223.422598][T12195] 8021q: adding VLAN 0 to HW filter on device team0
[  223.475496][T10086] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.478769][T10086] bridge0: port 1(bridge_slave_0) entered forwarding state
[  223.492036][T10038] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.495253][T10038] bridge0: port 2(bridge_slave_1) entered forwarding state
[  223.615597][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  223.621454][T10050] hsr_slave_0: left promiscuous mode
[  223.624215][T10050] hsr_slave_1: left promiscuous mode
[  223.626526][T10050] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  223.628922][T10050] batman_adv: batadv0: Removing interface: batadv_slave_0
[  223.632764][T10050] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  223.635753][T10050] batman_adv: batadv0: Removing interface: batadv_slave_1
[  223.671826][T10050] veth1_macvtap: left promiscuous mode
[  223.673936][T10050] veth0_macvtap: left promiscuous mode
[  223.678664][T10050] veth1_vlan: left promiscuous mode
[  223.680605][T10050] veth0_vlan: left promiscuous mode
[  224.021252][ T5950] Bluetooth: hci2: command tx timeout
[  224.158180][T10050] team0 (unregistering): Port device team_slave_1 removed
[  224.194592][T10050] team0 (unregistering): Port device team_slave_0 removed
[  224.197761][T12282] netlink: 'syz.5.2313': attribute type 1 has an invalid length.
[  224.467885][T12274] netem: change failed
[  224.483158][T12282] 8021q: adding VLAN 0 to HW filter on device bond7
[  224.492549][T12283] ip6erspan0: entered promiscuous mode
[  224.497927][T12283] bond7: (slave ip6erspan0): making interface the new active one
[  224.501908][T12283] bond7: (slave ip6erspan0): Enslaving as an active interface with an up link
[  224.529259][T12195] 8021q: adding VLAN 0 to HW filter on device batadv0
[  224.655584][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  224.711032][T12195] veth0_vlan: entered promiscuous mode
[  224.719561][T12195] veth1_vlan: entered promiscuous mode
[  224.738588][T12195] veth0_macvtap: entered promiscuous mode
[  224.744659][T12195] veth1_macvtap: entered promiscuous mode
[  224.759364][T12195] batman_adv: batadv0: Interface activated: batadv_slave_0
[  224.769386][T12195] batman_adv: batadv0: Interface activated: batadv_slave_1
[  224.778254][T10108] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  224.781275][T10108] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  224.784234][T10108] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  224.803849][T10108] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  224.850459][T12306] netlink: 'syz.2.2317': attribute type 4 has an invalid length.
[  224.870415][T10071] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  224.873799][T10071] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.905352][T10050] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  224.909574][T10050] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  225.695561][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  226.105569][ T5950] Bluetooth: hci2: command tx timeout
[  226.293834][T12324] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.735620][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  226.784981][T12324] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.152397][T12324] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.236683][T12324] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.339656][ T1142] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  227.342570][ T1142] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  227.354071][ T1142] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  227.365151][ T1142] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  227.369305][T12363] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2338'.
[  227.409049][T12363] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2338'.
[  227.778867][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  228.175551][ T5950] Bluetooth: hci2: command tx timeout
[  228.211884][T12386] infiniband syz1: set down
[  228.215556][T12386] infiniband syz1: added syz_tun
[  228.268773][T12386] RDS/IB: syz1: added
[  228.286916][T12386] smc: adding ib device syz1 with port count 1
[  228.289233][T12386] smc:    ib device syz1 port 1 has no pnetid
[  228.463632][T12405] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2353'.
[  228.636798][T12417] overlayfs: failed to clone upperpath
[  228.815739][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  228.917287][T12387] smc: removing ib device syz1
[  229.855710][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  229.964279][   T40] kauditd_printk_skb: 59 callbacks suppressed
[  229.964292][   T40] audit: type=1804 audit(1766785237.418:157): pid=12458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2372" name="file0" dev="tmpfs" ino=3326 res=1 errno=0
[  230.065229][T12460] bridge12: entered promiscuous mode
[  230.067822][T12460] bridge12: entered allmulticast mode
[  230.072476][T12460] team0: Port device bridge12 added
[  230.083279][T12460] bridge0: port 3(team0) entered blocking state
[  230.088064][T12460] bridge0: port 3(team0) entered disabled state
[  230.092645][T12460] team0: entered allmulticast mode
[  230.094774][T12460] team_slave_0: entered allmulticast mode
[  230.097886][T12460] team_slave_1: entered allmulticast mode
[  230.105681][T12460] team0: entered promiscuous mode
[  230.107910][T12460] team_slave_0: entered promiscuous mode
[  230.111569][T12460] team_slave_1: entered promiscuous mode
[  230.133156][T12460] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2373'.
[  230.141902][T12460] team0: left allmulticast mode
[  230.144160][T12460] team_slave_0: left allmulticast mode
[  230.153548][T12460] team_slave_1: left allmulticast mode
[  230.158018][T12460] team0: left promiscuous mode
[  230.160169][T12460] team_slave_0: left promiscuous mode
[  230.162719][T12460] team_slave_1: left promiscuous mode
[  230.176036][T12460] bridge0: port 3(team0) entered disabled state
[  230.181599][T12460] bridge_slave_1: left allmulticast mode
[  230.184084][T12460] bridge_slave_1: left promiscuous mode
[  230.196020][T12460] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.216573][T12460] bridge_slave_0: left allmulticast mode
[  230.219310][T12460] bridge_slave_0: left promiscuous mode
[  230.221936][T12460] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.260782][T12462] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2374'.
[  230.265577][ T5950] Bluetooth: hci2: command tx timeout
[  230.895706][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  230.918405][T12487] netlink: 'syz.2.2380': attribute type 1 has an invalid length.
[  230.924860][ T5950] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  230.931173][ T5950] CPU: 1 UID: 0 PID: 5950 Comm: kworker/u33:5 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  230.931203][ T5950] Tainted: [L]=SOFTLOCKUP
[  230.931209][ T5950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  230.931221][ T5950] Workqueue: hci2 hci_rx_work
[  230.931253][ T5950] Call Trace:
[  230.931260][ T5950]  <TASK>
[  230.931268][ T5950]  dump_stack_lvl+0x16c/0x1f0
[  230.931298][ T5950]  sysfs_warn_dup+0x7f/0xa0
[  230.931318][ T5950]  sysfs_create_dir_ns+0x24b/0x2b0
[  230.931339][ T5950]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  230.931356][ T5950]  ? find_held_lock+0x2b/0x80
[  230.931384][ T5950]  ? do_raw_spin_unlock+0x172/0x230
[  230.931405][ T5950]  kobject_add_internal+0x2c4/0x9d0
[  230.931428][ T5950]  kobject_add+0x16e/0x240
[  230.931444][ T5950]  ? __pfx_kobject_add+0x10/0x10
[  230.931465][ T5950]  ? kobject_put+0xaf/0x6f0
[  230.931478][ T5950]  ? _raw_spin_unlock+0x28/0x50
[  230.931508][ T5950]  device_add+0x288/0x1980
[  230.931532][ T5950]  ? __pfx_dev_set_name+0x10/0x10
[  230.931557][ T5950]  ? __pfx_device_add+0x10/0x10
[  230.931580][ T5950]  ? mgmt_send_event_skb+0x2fb/0x460
[  230.931609][ T5950]  hci_conn_add_sysfs+0x1a8/0x260
[  230.931635][ T5950]  le_conn_complete_evt+0x11ed/0x1fa0
[  230.931665][ T5950]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  230.931694][ T5950]  hci_le_conn_complete_evt+0x23c/0x3a0
[  230.931721][ T5950]  hci_le_meta_evt+0x357/0x610
[  230.931744][ T5950]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  230.931771][ T5950]  hci_event_packet+0x685/0x1210
[  230.931793][ T5950]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  230.931821][ T5950]  ? __pfx_hci_event_packet+0x10/0x10
[  230.931848][ T5950]  ? kcov_remote_start+0x3a9/0x680
[  230.931924][ T5950]  hci_rx_work+0x2c9/0x1020
[  230.931952][ T5950]  process_one_work+0x9ba/0x1b20
[  230.931981][ T5950]  ? __pfx_process_one_work+0x10/0x10
[  230.932008][ T5950]  ? assign_work+0x1a0/0x250
[  230.932028][ T5950]  worker_thread+0x6c8/0xf10
[  230.932054][ T5950]  ? __kthread_parkme+0x19e/0x250
[  230.932080][ T5950]  ? __pfx_worker_thread+0x10/0x10
[  230.932098][ T5950]  kthread+0x3c5/0x780
[  230.932116][ T5950]  ? __pfx_kthread+0x10/0x10
[  230.932135][ T5950]  ? rcu_is_watching+0x12/0xc0
[  230.932162][ T5950]  ? __pfx_kthread+0x10/0x10
[  230.932183][ T5950]  ret_from_fork+0x983/0xb10
[  230.932202][ T5950]  ? __pfx_ret_from_fork+0x10/0x10
[  230.932221][ T5950]  ? __switch_to+0x7af/0x10d0
[  230.932244][ T5950]  ? __pfx_kthread+0x10/0x10
[  230.932262][ T5950]  ret_from_fork_asm+0x1a/0x30
[  230.932301][ T5950]  </TASK>
[  230.932326][ T5950] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  230.973286][T12487] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[  230.973972][ T5950] Bluetooth: hci2: failed to register connection device
[  230.976621][T12487] bond4: (slave vxcan3): Setting fail_over_mac to active for active-backup mode
[  231.021448][T12491] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2380'.
[  231.026876][T12487] bond4: (slave vxcan3): making interface the new active one
[  231.061638][T12487] bond4: (slave vxcan3): Enslaving as an active interface with an up link
[  231.066028][T12491] bond4 (unregistering): (slave vxcan3): Releasing backup interface
[  231.069748][T12491] bond4 (unregistering): Released all slaves
[  231.181811][T12496] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.254444][T12496] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.310519][T12496] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.347805][T12502] overlayfs: failed to clone upperpath
[  231.390230][T12496] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.509957][T10071] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  231.512809][T10071] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  231.526167][T10071] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  231.529112][T10071] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  231.612442][T12512] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2388'.
[  231.916671][   T40] audit: type=1804 audit(1766785239.378:158): pid=12529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.2395" name="file0" dev="ramfs" ino=43766 res=1 errno=0
[  231.935652][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  232.072043][T12531] tipc: Started in network mode
[  232.073773][T12531] tipc: Node identity ac1414aa, cluster identity 4711
[  232.078430][T12531] tipc: Enabled bearer <udp:syz2>, priority 10
[  232.091578][T12531] tipc: Enabled bearer <eth:veth0_macvtap>, priority 0
[  232.385710][ T5985] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  232.545532][ T5985] usb 7-1: Using ep0 maxpacket: 16
[  232.556078][ T5985] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  232.560971][ T5985] usb 7-1: config 0 interface 0 has no altsetting 0
[  232.563898][ T5985] usb 7-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  232.575598][ T5985] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.582774][ T5985] usb 7-1: config 0 descriptor??
[  232.985535][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  233.070357][ T5985] usbhid 7-1:0.0: can't add hid device: -71
[  233.072539][ T5985] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  233.077937][ T5985] usb 7-1: USB disconnect, device number 13
[  233.205502][ T6111] tipc: Node number set to 2886997162
[  234.015547][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  234.936544][T12613] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2422'.
[  235.065732][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  235.831066][T12623] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  235.834047][T12623] IPv6: NLM_F_CREATE should be set when creating new route
[  236.095639][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  236.323160][T12640] dvmrp0: entered allmulticast mode
[  236.428129][T10051] dvmrp0 (unregistering): left allmulticast mode
[  237.135613][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  237.272861][T12670] netlink: 'syz.5.2437': attribute type 4 has an invalid length.
[  237.292522][T12670] netlink: 'syz.5.2437': attribute type 4 has an invalid length.
[  238.175655][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  239.218384][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  240.160094][T12755] lo: entered allmulticast mode
[  240.162812][T12754] lo: left allmulticast mode
[  240.255693][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  240.428639][T12770] binder: 12769:12770 ioctl c0306201 80000280 returned -14
[  241.305711][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  241.524211][T12799] netlink: 'syz.7.2478': attribute type 4 has an invalid length.
[  241.542425][   T76] libceph: connect (1)[c::]:6789 error -101
[  241.544950][   T76] libceph: mon0 (1)[c::]:6789 connect error
[  241.674565][T12796] ceph: No mds server is up or the cluster is laggy
[  241.817975][   T76] libceph: connect (1)[c::]:6789 error -101
[  241.820725][   T76] libceph: mon0 (1)[c::]:6789 connect error
[  242.335672][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  243.385548][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  243.459545][T12864] loop6: detected capacity change from 0 to 2640
[  243.462385][T12864] buffer_io_error: 6 callbacks suppressed
[  243.462395][T12864] Buffer I/O error on dev loop6, logical block 0, async page read
[  243.467675][T12864] Buffer I/O error on dev loop6, logical block 0, async page read
[  243.472310][T12864] Buffer I/O error on dev loop6, logical block 0, async page read
[  243.475106][T12864] Buffer I/O error on dev loop6, logical block 0, async page read
[  243.479155][T12864] Buffer I/O error on dev loop6, logical block 0, async page read
[  243.482842][T12864] Buffer I/O error on dev loop6, logical block 0, async page read
[  243.486770][T12864] Buffer I/O error on dev loop6, logical block 0, async page read
[  243.490317][T12864] Buffer I/O error on dev loop6, logical block 0, async page read
[  243.495690][T12864] ldm_validate_partition_table(): Disk read failed.
[  243.498687][T12864] Buffer I/O error on dev loop6, logical block 0, async page read
[  243.502177][T12864] Buffer I/O error on dev loop6, logical block 0, async page read
[  243.506618][T12864] Dev loop6: unable to read RDB block 0
[  243.509283][T12864]  loop6: unable to read partition table
[  243.511982][T12864] loop_reread_partitions: partition scan of loop6 (3�����) failed (rc=-5)
[  243.547371][T12868] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2500'.
[  244.346787][T12887] netlink: 'syz.4.2507': attribute type 1 has an invalid length.
[  244.374970][T12887] 8021q: adding VLAN 0 to HW filter on device bond7
[  244.387141][T12887] bond7: up delay (35976) is not a multiple of miimon (100), value rounded to 35900 ms
[  244.391550][T12887] bond7: entered allmulticast mode
[  244.406847][T12887] bond7: (slave ip6gretap2): Enslaving as an active interface with an up link
[  244.425541][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  245.394504][T12919] uprobe: syz.7.2515:12919 failed to unregister, leaking uprobe
[  245.465583][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  246.346184][T12936] dvmrp0: entered allmulticast mode
[  246.495551][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  246.706810][ T1140] dvmrp0 (unregistering): left allmulticast mode
[  246.938632][   T40] audit: type=1804 audit(1766785254.398:159): pid=12960 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2531" name="/newroot/602/file0" dev="tmpfs" ino=3303 res=1 errno=0
[  247.227499][   T40] audit: type=1326 audit(1766785254.688:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12972 comm="syz.2.2536" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x0
[  247.545530][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  248.006728][T12980] dvmrp0: entered allmulticast mode
[  248.117851][T10046] dvmrp0 (unregistering): left allmulticast mode
[  248.137267][T12998] syz_tun: entered allmulticast mode
[  248.147836][T12998] dvmrp6: entered allmulticast mode
[  248.575571][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  248.753889][T13024] sch_tbf: burst 274 is lower than device lo mtu (11337746) !
[  249.351597][T13039] dvmrp0: entered allmulticast mode
[  249.429042][T10038] dvmrp0 (unregistering): left allmulticast mode
[  249.615586][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  249.740198][T13059] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2562'.
[  250.655530][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  251.476444][T13077] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2569'.
[  251.556457][T13082] sch_tbf: burst 274 is lower than device lo mtu (11337746) !
[  251.705492][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  252.556119][T13101] Set syz0 is full, maxelem 0 reached
[  252.559441][T13101] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  252.745482][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  253.775574][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  254.751349][T13124] 9pnet: p9_errstr2errno: server reported unknown error 0x000000000
[  254.784615][ T6030] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  254.803190][   T40] audit: type=1326 audit(1766785262.258:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13127 comm=77DEA305FF07 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  254.812700][   T40] audit: type=1326 audit(1766785262.268:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13127 comm=77DEA305FF07 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  254.816406][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  254.822695][   T40] audit: type=1326 audit(1766785262.268:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13127 comm=77DEA305FF07 exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  254.837007][   T40] audit: type=1326 audit(1766785262.268:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13127 comm=77DEA305FF07 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  254.846474][   T40] audit: type=1326 audit(1766785262.268:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13127 comm=77DEA305FF07 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  254.857183][   T40] audit: type=1326 audit(1766785262.268:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13127 comm=77DEA305FF07 exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  254.867439][   T40] audit: type=1326 audit(1766785262.268:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13127 comm=77DEA305FF07 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  254.876962][   T40] audit: type=1326 audit(1766785262.268:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13127 comm=77DEA305FF07 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  254.897870][   T40] audit: type=1326 audit(1766785262.268:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13127 comm=77DEA305FF07 exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  254.909508][   T40] audit: type=1326 audit(1766785262.268:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13127 comm=77DEA305FF07 exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  254.956001][ T6030] usb 7-1: Using ep0 maxpacket: 8
[  254.963217][ T6030] usb 7-1: config 1 has an invalid interface number: 4 but max is 2
[  254.969647][ T6030] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  254.974257][ T6030] usb 7-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  254.981054][ T6030] usb 7-1: config 1 has no interface number 1
[  254.988529][ T6030] usb 7-1: too many endpoints for config 1 interface 4 altsetting 16: 195, using maximum allowed: 30
[  254.993464][ T6030] usb 7-1: config 1 interface 4 altsetting 16 has 0 endpoint descriptors, different from the interface descriptor's value: 195
[  255.003567][ T6030] usb 7-1: config 1 interface 4 has no altsetting 0
[  255.009068][ T6030] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  255.013014][ T6030] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  255.020487][ T6030] usb 7-1: Product: syz
[  255.022423][ T6030] usb 7-1: Manufacturer: syz
[  255.025775][ T6030] usb 7-1: SerialNumber: syz
[  255.240958][ T6030] usb 7-1: 0:2 : does not exist
[  255.251280][ T6030] hub 7-1:1.4: Invalid hub with more than one config or interface
[  255.253967][ T6030] hub 7-1:1.4: probe with driver hub failed with error -22
[  255.258021][ T6030] usb 7-1: USB disconnect, device number 14
[  255.541626][T13151] overlayfs: failed to clone upperpath
[  255.855530][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  256.219492][T13173] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2605'.
[  256.222759][T13173] netlink: 'syz.5.2605': attribute type 7 has an invalid length.
[  256.225927][T13173] netlink: 'syz.5.2605': attribute type 8 has an invalid length.
[  256.228594][T13173] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2605'.
[  256.895583][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  257.340709][T13213] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2618'.
[  257.604835][T13216] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2619'.
[  257.935563][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  258.904795][T13246] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2627'.
[  258.975482][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  259.365268][T13260] netlink: 'syz.7.2633': attribute type 1 has an invalid length.
[  259.393320][T13260] 8021q: adding VLAN 0 to HW filter on device bond1
[  259.471208][T13260] gretap1: entered promiscuous mode
[  259.480071][T13260] bond1: (slave gretap1): making interface the new active one
[  259.485259][T13260] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  259.608836][T13263] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2634'.
[  259.620461][T13263] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2634'.
[  259.892927][T13267] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2636'.
[  260.015531][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  260.588263][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  260.590658][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  261.055488][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  262.095565][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  262.167452][T13315] overlayfs: failed to clone upperpath
[  263.135694][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  263.683880][T13345] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2663'.
[  264.185699][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  265.225514][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
N[  266.265522][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  267.295532][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  268.335551][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  268.425147][T13464] netlink: 'syz.2.2700': attribute type 13 has an invalid length.
[  268.520845][T13467] netlink: 'syz.2.2702': attribute type 12 has an invalid length.
[  269.092341][T13484] overlayfs: failed to clone upperpath
[  269.138190][T13486] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2709'.
[  269.249103][T13491] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2711'.
[  269.375640][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  269.466866][   T40] kauditd_printk_skb: 17 callbacks suppressed
[  269.466882][   T40] audit: type=1804 audit(1766785276.918:188): pid=13506 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.2716" name="bus" dev="ramfs" ino=52348 res=1 errno=0
[  269.555680][   T40] audit: type=1804 audit(1766785276.938:189): pid=13506 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.2716" name="bus" dev="ramfs" ino=52348 res=1 errno=0
[  269.586660][T13510] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2718'.
[  269.600623][T13510] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2718'.
[  269.722850][T13514] No such timeout policy "syz0"
[  270.043680][T13532] syzkaller0: entered promiscuous mode
[  270.046103][T13532] syzkaller0: entered allmulticast mode
[  270.425542][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  271.455697][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  271.487715][T13582] faux_driver vgem: [drm] Unknown color mode 65545; guessing buffer size.
[  271.931568][T13588] netlink: 'syz.5.2743': attribute type 1 has an invalid length.
[  271.936838][T13588] netlink: 'syz.5.2743': attribute type 4 has an invalid length.
[  271.944574][T13588] netlink: 15334 bytes leftover after parsing attributes in process `syz.5.2743'.
[  272.284282][T13593] syzkaller0: entered promiscuous mode
[  272.286342][T13593] syzkaller0: entered allmulticast mode
[  272.291427][T13593] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  272.299562][T13592] tipc: Resetting bearer <eth:syzkaller0>
[  272.320305][T13592] tipc: Disabling bearer <eth:syzkaller0>
[  272.491665][T13603] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  272.495647][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  272.911471][T13623] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2755'.
[  273.158994][T13628] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  273.163605][T13628] xt_HMARK: spi-set and port-set can't be combined
[  273.535533][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  273.705318][T13638] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2761'.
[  273.935908][T13645] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2764'.
[  273.943138][T13647] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2765'.
[  273.991977][T13649] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2766'.
[  274.575523][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  274.941746][T13668] gtp0: entered promiscuous mode
[  275.044240][T13672] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2774'.
[  275.521301][T13699] netlink: 'syz.5.2783': attribute type 5 has an invalid length.
[  275.615668][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  275.685117][T13703] netlink: 'syz.2.2784': attribute type 4 has an invalid length.
[  275.757167][  T840] libceph: connect (1)[c::]:6789 error -101
[  275.759387][  T840] libceph: mon0 (1)[c::]:6789 connect error
[  275.906758][T13705] ceph: No mds server is up or the cluster is laggy
[  276.015962][  T840] libceph: connect (1)[c::]:6789 error -101
[  276.018831][  T840] libceph: mon0 (1)[c::]:6789 connect error
[  276.655563][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  277.695753][    C2] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  278.572752][T13718] netlink: 48 bytes leftover after parsing attributes in process `syz.7.2785'.
[  278.735549][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  279.695641][T13744] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000
[  279.785791][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  279.903623][T13753] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  280.524543][   T76] libceph: connect (1)[c::]:6789 error -101
[  280.527080][   T76] libceph: mon0 (1)[c::]:6789 connect error
[  280.677993][T13767] ceph: No mds server is up or the cluster is laggy
[  280.815696][    C1] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  280.928781][T13784] netlink: 'syz.4.2815': attribute type 39 has an invalid length.
[  281.036805][T13784] syz_tun (unregistering): left allmulticast mode
[  281.046371][T13784] bond0: (slave syz_tun): Releasing backup interface
[  281.052084][T13789] syz_tun: entered allmulticast mode
[  281.062577][T13790] dvmrp6: entered allmulticast mode
[  282.849317][T13827] syzkaller0: entered promiscuous mode
[  282.851768][T13827] syzkaller0: entered allmulticast mode
[  282.950643][   T34] libceph: connect (1)[c::]:6789 error -101
[  282.952806][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  283.091442][T13830] ceph: No mds server is up or the cluster is laggy
[  283.430655][   T40] audit: type=1804 audit(1766785290.888:190): pid=13847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.2829" name="/newroot/676/file1" dev="fuse" ino=1 res=1 errno=0
[  283.440252][   T40] audit: type=1800 audit(1766785290.888:191): pid=13847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2829" name="/" dev="fuse" ino=1 res=0 errno=0
[  283.454531][   T40] audit: type=1800 audit(1766785290.888:192): pid=13847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2829" name="/" dev="fuse" ino=1 res=0 errno=0
[  283.840806][T13871] netlink: 1363 bytes leftover after parsing attributes in process `syz.2.2836'.
[  283.905168][T13875] netlink: 'syz.7.2838': attribute type 10 has an invalid length.
[  283.910579][T13875] 8021q: adding VLAN 0 to HW filter on device team0
[  283.914130][T13875] bond0: (slave team0): Enslaving as an active interface with an up link
[  283.919647][T13875] netlink: 'syz.7.2838': attribute type 10 has an invalid length.
[  283.968316][T13875] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  283.980259][T13875] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  283.991814][T13875] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  284.092400][T13885] syzkaller1: entered promiscuous mode
[  284.095038][T13885] syzkaller1: entered allmulticast mode
[  284.289673][T13882] syzkaller0: entered promiscuous mode
[  284.292627][T13882] syzkaller0: entered allmulticast mode
[  285.339510][T13906] overlayfs: failed to clone upperpath
[  289.215109][T13943] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN
[  289.714598][T13961] overlayfs: failed to clone upperpath
[  289.844894][T13968] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  290.386791][T13983] netlink: 'syz.2.2870': attribute type 10 has an invalid length.
[  290.391174][T13983] 8021q: adding VLAN 0 to HW filter on device team0
[  290.394299][T13983] bond0: (slave team0): Enslaving as an active interface with an up link
[  290.401881][T13983] netlink: 'syz.2.2870': attribute type 10 has an invalid length.
[  290.407478][T13983] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  290.413897][T13983] siw: device registration error -23
[  290.601820][T13986] syzkaller0: entered promiscuous mode
[  290.606881][T13986] syzkaller0: entered allmulticast mode
[  292.057570][   T40] audit: type=1804 audit(1766785299.518:193): pid=14028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.2886" name="/newroot/129/file0/bus" dev="9p" ino=72095793 res=1 errno=0
[  293.241178][T14048] netlink: 'syz.4.2891': attribute type 10 has an invalid length.
[  293.307745][T14049] netlink: 'syz.4.2891': attribute type 10 has an invalid length.
[  293.357435][T14052] siw: device registration error -23
[  293.494895][T14048] 8021q: adding VLAN 0 to HW filter on device team0
[  293.510905][T14048] bond0: (slave team0): Enslaving as an active interface with an up link
[  294.090472][T14073] netlink: 'syz.2.2899': attribute type 1 has an invalid length.
[  294.130881][T14073] 8021q: adding VLAN 0 to HW filter on device bond4
[  294.240449][T14073] bond4: (slave ip6gretap2): making interface the new active one
[  294.244242][T14073] bond4: (slave ip6gretap2): Enslaving as an active interface with an up link
[  294.713682][T14091] netlink: 'syz.5.2905': attribute type 10 has an invalid length.
[  294.718318][T14091] 8021q: adding VLAN 0 to HW filter on device team0
[  294.722508][T14091] bond0: (slave team0): Enslaving as an active interface with a down link
[  294.738195][T14091] netlink: 'syz.5.2905': attribute type 10 has an invalid length.
[  294.741399][T14091] syz_tun: left allmulticast mode
[  294.743208][T14091] syz_tun: left promiscuous mode
[  294.745562][T14091] bridge0: port 1(syz_tun) entered disabled state
[  294.787431][T14091] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  294.788400][T14093] siw: device registration error -23
[  298.059907][T14157] netlink: 'syz.5.2924': attribute type 10 has an invalid length.
[  298.079369][T14157] netlink: 'syz.5.2924': attribute type 10 has an invalid length.
[  298.087846][T14157] siw: device registration error -23
[  302.489212][T14199] overlayfs: failed to clone lowerpath
[  302.497611][T14199] overlayfs: failed to clone upperpath
[  304.345708][ T6030] usb 12-1: new high-speed USB device number 2 using dummy_hcd
[  304.431444][T14228] netlink: 'syz.4.2946': attribute type 13 has an invalid length.
[  304.495578][ T6030] usb 12-1: Using ep0 maxpacket: 8
[  304.500534][ T6030] usb 12-1: unable to get BOS descriptor or descriptor too short
[  304.505205][ T6030] usb 12-1: config 0 has no interfaces?
[  304.510013][ T6030] usb 12-1: New USB device found, idVendor=04e8, idProduct=6889, bcdDevice=2b.cd
[  304.513950][ T6030] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  304.517783][ T6030] usb 12-1: Product: syz
[  304.519689][ T6030] usb 12-1: Manufacturer: syz
[  304.521965][ T6030] usb 12-1: SerialNumber: syz
[  304.526612][ T6030] usb 12-1: config 0 descriptor??
[  305.629916][T14240] ref_ctr going negative. vaddr: 0x80ffd002, curr val: -2360, delta: 1
[  305.635849][   T40] audit: type=1804 audit(1766785313.088:194): pid=14240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.2950" name="file0" dev="tmpfs" ino=4249 res=1 errno=0
[  305.645583][T14240] ref_ctr increment failed for inode: 0x1099 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88806b33e200
[  305.654404][T14240] ref_ctr going negative. vaddr: 0x80ffd002, curr val: -2360, delta: -1
[  305.658828][T14240] ref_ctr decrement failed for inode: 0x1099 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88806b33e200
[  305.663701][T14240] uprobe: syz.5.2950:14240 failed to unregister, leaking uprobe
[  305.672062][   T40] audit: type=1804 audit(1766785313.128:195): pid=14238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.2949" name="/newroot/704/file0/bus" dev="9p" ino=72095793 res=1 errno=0
[  305.811317][T14245] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2951'.
[  306.153816][T14255] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2954'.
[  306.418266][   T40] audit: type=1804 audit(1766785313.878:196): pid=14260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2956" name="bus" dev="ramfs" ino=54385 res=1 errno=0
[  306.431449][   T40] audit: type=1804 audit(1766785313.878:197): pid=14260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.2956" name="bus" dev="ramfs" ino=54385 res=1 errno=0
[  307.141233][ T6030] usb 12-1: USB disconnect, device number 2
[  307.475571][   T34] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  307.865630][   T34] usb 7-1: Using ep0 maxpacket: 8
[  307.869489][   T34] usb 7-1: unable to get BOS descriptor or descriptor too short
[  307.875561][   T34] usb 7-1: config 0 has no interfaces?
[  307.880085][   T34] usb 7-1: New USB device found, idVendor=04e8, idProduct=6889, bcdDevice=2b.cd
[  307.884772][   T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.889403][   T34] usb 7-1: Product: syz
[  307.891685][   T34] usb 7-1: Manufacturer: syz
[  307.894441][   T34] usb 7-1: SerialNumber: syz
[  307.900106][   T34] usb 7-1: config 0 descriptor??
[  308.329016][T14294] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2965'.
[  308.702874][T14304] overlayfs: failed to clone lowerpath
[  308.712711][T14304] overlayfs: failed to clone upperpath
[  308.735612][   T34] usb 7-1: USB disconnect, device number 15
[  309.927658][T14329] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2978'.
[  310.497113][T14335] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2980'.
[  311.104907][T14361] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  311.160568][T14361] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  311.165001][T14361] overlayfs: failed to look up (tracing) for ino (-66)
[  311.184933][T14361] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  311.852355][T14371] bond0: (slave team0): Releasing backup interface
[  311.865304][T14371] bond0: (slave bond_slave_0): Releasing backup interface
[  311.873267][T14371] bond0: (slave bond_slave_1): Releasing backup interface
[  311.878857][T14371] team0: Port device team_slave_0 removed
[  311.883490][T14371] team0: Port device team_slave_1 removed
[  311.888062][T14371] batman_adv: batadv0: Removing interface: batadv_slave_0
[  311.891773][T14371] batman_adv: batadv0: Removing interface: batadv_slave_1
[  311.895875][T14371] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  311.902603][T14374] team0: No ports can be present during mode change
[  313.106631][   T40] audit: type=1326 audit(1766785320.568:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14396 comm="syz.5.3001" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x0
[  313.949624][T14413] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  313.965705][T14413] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type
[  313.969135][T14413] overlayfs: failed to look up (tracing) for ino (-66)
[  313.983409][T14413] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  314.193790][T14419] overlayfs: failed to clone upperpath
[  314.385851][T14425] netlink: set zone limit has 4 unknown bytes
[  314.510322][T14427] Cannot find del_set index 1 as target
[  314.879789][   T40] audit: type=1804 audit(1766785322.338:199): pid=14433 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.3011" name="bus" dev="ramfs" ino=55406 res=1 errno=0
[  314.891468][   T40] audit: type=1804 audit(1766785322.338:200): pid=14433 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.3011" name="bus" dev="ramfs" ino=55406 res=1 errno=0
[  315.153403][T14438] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3015'.
[  322.018942][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  322.021098][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  328.813263][ T5944] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  328.817581][ T5944] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  328.820925][ T5944] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  328.823841][ T5944] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  328.827057][ T5944] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  329.087384][ T7322] syz_tun (unregistering): left allmulticast mode
[  329.092286][ T7322] bond0: (slave syz_tun): Releasing backup interface
[  329.103199][T14476] chnl_net:caif_netlink_parms(): no params data found
[  329.202543][T14476] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.205617][T14476] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.208242][T14476] bridge_slave_0: entered allmulticast mode
[  329.211048][T14476] bridge_slave_0: entered promiscuous mode
[  329.215775][T14476] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.218164][T14476] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.220637][T14476] bridge_slave_1: entered allmulticast mode
[  329.223596][T14476] bridge_slave_1: entered promiscuous mode
[  329.263585][T14476] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  329.268478][T14476] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  329.284058][T14476] team0: Port device team_slave_0 added
[  329.290312][T14476] team0: Port device team_slave_1 added
[  329.304556][T14476] batman_adv: batadv0: Adding interface: batadv_slave_0
[  329.307162][T14476] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  329.316300][T14476] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  329.320965][T14476] batman_adv: batadv0: Adding interface: batadv_slave_1
[  329.323359][T14476] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  329.325617][   T40] audit: type=1326 audit(1766785336.768:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14496 comm="syz.4.3029" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x0
[  329.332550][T14476] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  329.365174][T14476] hsr_slave_0: entered promiscuous mode
[  329.367940][T14476] hsr_slave_1: entered promiscuous mode
[  329.370223][T14476] debugfs: 'hsr0' already exists in 'hsr'
[  329.372461][T14476] Cannot create hsr debugfs directory
[  329.470840][T14476] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  329.476979][T14476] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  329.482379][T14476] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  329.488959][T14476] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  329.506739][T14476] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.509451][T14476] bridge0: port 2(bridge_slave_1) entered forwarding state
[  329.512443][T14476] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.515717][T14476] bridge0: port 1(bridge_slave_0) entered forwarding state
[  329.547467][T14476] 8021q: adding VLAN 0 to HW filter on device bond0
[  329.557173][T10046] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.560496][T10046] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.570775][T14476] 8021q: adding VLAN 0 to HW filter on device team0
[  329.579935][T10057] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.582276][T10057] bridge0: port 1(bridge_slave_0) entered forwarding state
[  329.589871][T10057] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.592263][T10057] bridge0: port 2(bridge_slave_1) entered forwarding state
[  329.712847][T14476] 8021q: adding VLAN 0 to HW filter on device batadv0
[  329.850114][T14476] veth0_vlan: entered promiscuous mode
[  329.856121][T14476] veth1_vlan: entered promiscuous mode
[  329.883227][T14476] veth0_macvtap: entered promiscuous mode
[  329.898384][T14476] veth1_macvtap: entered promiscuous mode
[  329.908739][T14476] batman_adv: batadv0: Interface activated: batadv_slave_0
[  329.946436][T14476] batman_adv: batadv0: Interface activated: batadv_slave_1
[  329.952898][T10096] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  329.956062][T10096] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  329.959202][T10096] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  329.962599][T10096] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  330.013458][T10039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  330.025740][T10039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  330.039566][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  330.042854][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  330.115527][   T40] audit: type=1804 audit(1766785337.568:202): pid=14525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.3023" name="bus" dev="ramfs" ino=55456 res=1 errno=0
[  330.122782][   T40] audit: type=1804 audit(1766785337.568:203): pid=14525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.8.3023" name="bus" dev="ramfs" ino=55456 res=1 errno=0
[  330.640308][T14543] netlink: 'syz.8.3038': attribute type 1 has an invalid length.
[  330.895689][ T5944] Bluetooth: hci4: command tx timeout
[  331.472537][T14578] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  331.485158][T14578] batadv_slave_0: entered promiscuous mode
[  332.103995][T14600] netlink: 'syz.8.3059': attribute type 4 has an invalid length.
[  332.659538][T14617] bond5: left promiscuous mode
[  332.661673][T14617] bond5: left allmulticast mode
[  332.667545][T14617] bond6: left promiscuous mode
[  332.669381][T14617] bridge11: left promiscuous mode
[  332.679532][T14617] ip6erspan0: left promiscuous mode
[  332.682852][T14617] gtp0: left promiscuous mode
[  332.940622][T14628] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3069'.
[  332.975578][ T5944] Bluetooth: hci4: command tx timeout
[  333.118828][T14637] netlink: 'syz.4.3072': attribute type 1 has an invalid length.
[  333.137293][T14637] 8021q: adding VLAN 0 to HW filter on device bond8
[  333.573046][T14657] x_tables: duplicate underflow at hook 1
[  333.578521][T14657] overlayfs: failed to clone upperpath
[  333.832455][T14669] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3086'.
[  334.042064][T14678] netlink: 72 bytes leftover after parsing attributes in process `syz.8.3087'.
[  334.859689][T14696] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3094'.
[  334.866975][T14696] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3094'.
[  334.908091][T14696] team0: Port device team_slave_0 removed
[  335.056176][ T5944] Bluetooth: hci4: command tx timeout
[  335.066978][T14699] netlink: 'syz.8.3095': attribute type 1 has an invalid length.
[  335.167229][T14705] syzkaller0: entered promiscuous mode
[  335.169218][T14705] syzkaller0: entered allmulticast mode
[  337.135773][ T5944] Bluetooth: hci4: command tx timeout
[  337.398729][T14761] fuse: root generation should be zero
[  337.402083][T14762] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3119'.
[  337.655529][ T6429] usb 13-1: new high-speed USB device number 2 using dummy_hcd
[  337.805582][ T6429] usb 13-1: Using ep0 maxpacket: 8
[  337.810024][ T6429] usb 13-1: New USB device found, idVendor=0403, idProduct=f0c8, bcdDevice= 2.56
[  337.813805][ T6429] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.821057][ T6429] usb 13-1: config 0 descriptor??
[  337.824711][ T6429] ftdi_sio 13-1:0.0: FTDI USB Serial Device converter detected
[  337.828449][ T6429] ftdi_sio ttyUSB0: unknown device type: 0x256
[  338.065908][T14774] overlayfs: failed to clone upperpath
[  338.202108][T14781] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3126'.
[  338.431421][ T6030] IPVS: starting estimator thread 0...
[  338.525683][T14788] IPVS: using max 43 ests per chain, 103200 per kthread
[  338.689788][T14787] IPVS: lblc: FWM 3 0x00000003 - no destination available
[  338.712842][T14797] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3132'.
[  338.735116][T14797] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3132'.
[  338.977447][T14810] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3136'.
[  338.983019][T14811] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3135'.
[  339.044016][T14810] veth23: entered promiscuous mode
[  339.046372][T14810] veth23: entered allmulticast mode
[  339.050351][T14810] bridge14: port 1(veth23) entered blocking state
[  339.054091][T14810] bridge14: port 1(veth23) entered disabled state
[  339.149287][T14810] bridge14: port 1(veth23) entered blocking state
[  339.151861][T14810] bridge14: port 1(veth23) entered forwarding state
[  339.157643][T10057] bridge14: port 1(veth23) entered disabled state
[  339.188523][T14810] veth25: entered promiscuous mode
[  339.191037][T14810] veth25: entered allmulticast mode
[  339.198354][T14810] bridge14: port 2(veth25) entered blocking state
[  339.204001][T14810] bridge14: port 2(veth25) entered disabled state
[  339.209925][T14810] bridge14: port 2(veth25) entered blocking state
[  339.212164][T14810] bridge14: port 2(veth25) entered forwarding state
[  339.224765][T10096] bridge14: port 2(veth25) entered disabled state
[  340.130004][T14838] futex_wake_op: syz.5.3144 tries to shift op by -1; fix this program
[  340.136314][   T40] audit: type=1326 audit(1766785347.598:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14837 comm="syz.5.3144" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  340.144980][   T40] audit: type=1326 audit(1766785347.598:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14837 comm="syz.5.3144" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  340.153527][   T40] audit: type=1326 audit(1766785347.598:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14837 comm="syz.5.3144" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  340.161709][   T40] audit: type=1326 audit(1766785347.598:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14837 comm="syz.5.3144" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  340.171090][   T40] audit: type=1326 audit(1766785347.598:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14837 comm="syz.5.3144" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  340.180532][   T40] audit: type=1326 audit(1766785347.598:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14837 comm="syz.5.3144" exe="/syz-executor" sig=0 arch=40000003 syscall=313 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  340.189483][   T40] audit: type=1326 audit(1766785347.598:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14837 comm="syz.5.3144" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  340.200106][   T40] audit: type=1326 audit(1766785347.598:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14837 comm="syz.5.3144" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70ed5a7 code=0x7ffc0000
[  340.208674][   T40] audit: type=1326 audit(1766785347.598:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14837 comm="syz.5.3144" exe="/syz-executor" sig=0 arch=40000003 syscall=313 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  340.217179][   T40] audit: type=1326 audit(1766785347.598:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14837 comm="syz.5.3144" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70ed579 code=0x7ffc0000
[  340.363292][ T6429] usb 13-1: USB disconnect, device number 2
[  340.367100][ T6429] ftdi_sio 13-1:0.0: device disconnected
[  340.416934][T14842] netlink: 'syz.8.3146': attribute type 1 has an invalid length.
[  340.453027][T14842] veth3: entered promiscuous mode
[  340.525560][T14844] erspan0: entered allmulticast mode
[  340.663674][T14849] bridge15: entered promiscuous mode
[  340.665738][T14849] bridge15: entered allmulticast mode
[  340.668954][T14849] team0: Port device bridge15 added
[  340.682035][T14849] bridge0: port 1(team0) entered blocking state
[  340.684334][T14849] bridge0: port 1(team0) entered disabled state
[  340.686770][T14849] team0: entered allmulticast mode
[  342.036028][T14849] Set syz1 is full, maxelem 65536 reached
[  342.597613][T14866] netlink: 'syz.5.3153': attribute type 1 has an invalid length.
[  342.610926][T14866] bond8: entered promiscuous mode
[  342.612919][T14866] 8021q: adding VLAN 0 to HW filter on device bond8
[  342.655315][T14866] 8021q: adding VLAN 0 to HW filter on device bond8
[  342.658739][T14866] bond8: (slave gre1): The slave device specified does not support setting the MAC address
[  342.662958][T14866] bond8: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  342.669973][T14866] bond8: (slave gre1): making interface the new active one
[  342.673155][T14866] gre1: entered promiscuous mode
[  342.677728][T14866] bond8: (slave gre1): Enslaving as an active interface with an up link
[  343.109456][T14888] IPVS: length: 218 != 24
[  343.121950][T14888] dvmrp6: left allmulticast mode
[  343.314481][T14894] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3163'.
[  343.319767][T14894] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3163'.
[  343.323496][T14894] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3163'.
[  343.399710][T14898] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  343.402307][T14898] IPv6: NLM_F_CREATE should be set when creating new route
[  343.848359][T14901] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3166'.
[  343.852388][T14901] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3166'.
[  344.579151][ T5944] Bluetooth: hci2: command 0x0406 tx timeout
[  344.899037][T14898] lo: entered allmulticast mode
[  344.901023][T14898] tunl0: entered allmulticast mode
[  344.906438][T14898] gre0: entered allmulticast mode
[  344.942412][T14898] gretap0: entered allmulticast mode
[  344.948896][T14898] erspan0: entered allmulticast mode
[  344.953900][T14898] ip_vti0: entered allmulticast mode
[  344.959124][T14898] ip6_vti0: entered allmulticast mode
[  344.963778][T14898] sit0: entered allmulticast mode
[  344.969638][T14898] ip6tnl0: entered allmulticast mode
[  344.973207][T14898] ip6gre0: entered allmulticast mode
[  344.977094][T14898] syz_tun: entered allmulticast mode
[  344.980976][T14898] ip6gretap0: entered allmulticast mode
[  344.984808][T14898] bridge0: port 2(bridge_slave_1) entered disabled state
[  344.987795][T14898] bridge0: port 1(bridge_slave_0) entered disabled state
[  344.991432][T14898] bridge0: entered allmulticast mode
[  344.996744][T14898] bond0: entered allmulticast mode
[  344.998492][T14898] bond_slave_0: entered allmulticast mode
[  345.000474][T14898] bond_slave_1: entered allmulticast mode
[  345.002439][T14898] team0: entered allmulticast mode
[  345.004240][T14898] team_slave_0: entered allmulticast mode
[  345.006533][T14898] team_slave_1: entered allmulticast mode
[  345.012816][T14898] dummy0: entered allmulticast mode
[  345.020096][T14898] nlmon0: entered allmulticast mode
[  345.023436][T14898] caif0: entered allmulticast mode
[  345.027196][T14898] batadv0: entered allmulticast mode
[  345.032852][T14898] vxcan0: entered allmulticast mode
[  345.035908][T14898] vxcan1: entered allmulticast mode
[  345.039328][T14898] veth0: entered allmulticast mode
[  345.043814][T14898] veth1: entered allmulticast mode
[  345.052015][T14898] wg0: entered allmulticast mode
[  345.055644][T14898] wg1: entered allmulticast mode
[  345.059626][T14898] wg2: entered allmulticast mode
[  345.062691][T14898] veth0_to_bridge: entered allmulticast mode
[  345.068625][T14898] veth1_to_bridge: entered allmulticast mode
[  345.074036][T14898] veth0_to_bond: entered allmulticast mode
[  345.078520][T14898] veth1_to_bond: entered allmulticast mode
[  345.082392][T14898] veth0_to_team: entered allmulticast mode
[  345.087307][T14898] veth1_to_team: entered allmulticast mode
[  345.092224][T14898] veth0_to_batadv: entered allmulticast mode
[  345.095724][T14898] batadv_slave_0: left promiscuous mode
[  345.097547][T14898] batadv_slave_0: entered allmulticast mode
[  345.099667][T14898] veth1_to_batadv: entered allmulticast mode
[  345.103322][T14898] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  345.106883][T14898] batadv_slave_1: entered allmulticast mode
[  345.110384][T14898] xfrm0: entered allmulticast mode
[  345.113439][T14898] veth0_to_hsr: entered allmulticast mode
[  345.117361][T14898] hsr_slave_0: entered allmulticast mode
[  345.120429][T14898] veth1_to_hsr: entered allmulticast mode
[  345.123889][T14898] hsr_slave_1: entered allmulticast mode
[  345.128367][T14898] hsr0: entered allmulticast mode
[  345.131433][T14898] veth1_virt_wifi: entered allmulticast mode
[  345.135491][T14898] veth0_virt_wifi: entered allmulticast mode
[  345.154318][T14898] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  345.158465][T14898] veth1_vlan: entered allmulticast mode
[  345.161850][T14898] veth0_vlan: entered allmulticast mode
[  345.169826][T14898] vlan0: entered allmulticast mode
[  345.171695][T14898] vlan1: entered allmulticast mode
[  345.181160][T14898] macvlan0: entered allmulticast mode
[  345.185548][T14898] macvlan1: entered allmulticast mode
[  345.189448][T14898] ipvlan0: entered allmulticast mode
[  345.191621][T14898] ipvlan1: entered allmulticast mode
[  345.193877][T14898] veth1_macvtap: entered allmulticast mode
[  345.197758][T14898] tipc: Resetting bearer <eth:veth0_macvtap>
[  345.199922][T14898] veth0_macvtap: entered allmulticast mode
[  345.203764][T14898] macvtap0: entered allmulticast mode
[  345.208795][T14898] macsec0: entered allmulticast mode
[  345.215475][T14898] geneve0: entered allmulticast mode
[  345.220662][T14898] geneve1: entered allmulticast mode
[  345.230508][T14898] mac80211_hwsim hwsim17 wlan0: entered allmulticast mode
[  345.243009][T14898] mac80211_hwsim hwsim18 wlan1: entered allmulticast mode
[  345.246999][T14898] netdevsim netdevsim7 eth0: entered allmulticast mode
[  345.250160][T14898] netdevsim netdevsim7 eth1: entered allmulticast mode
[  345.253281][T14898] netdevsim netdevsim7 eth2: entered allmulticast mode
[  345.256861][T14898] netdevsim netdevsim7 eth3: entered allmulticast mode
[  345.260325][T14898] gre1: entered allmulticast mode
[  345.277029][T14898] bond1: entered allmulticast mode
[  345.278999][T14898] gretap1: entered allmulticast mode
[  345.281942][T14898] gretap1: left promiscuous mode
[  345.284161][T14898] vxlan0: entered allmulticast mode
[  345.288451][T14898] veth2: entered allmulticast mode
[  345.290773][T14898] veth3: entered allmulticast mode
[  345.293464][T14898] bridge1: entered allmulticast mode
[  345.300698][T14913] netlink: 'syz.8.3169': attribute type 4 has an invalid length.
[  345.304881][T10038] netdevsim netdevsim7 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  345.308729][T10038] netdevsim netdevsim7 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  345.311832][T10038] netdevsim netdevsim7 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  345.324757][T10038] netdevsim netdevsim7 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  347.675678][T14960] netlink: 'syz.7.3185': attribute type 1 has an invalid length.
[  347.693654][T14960] 8021q: adding VLAN 0 to HW filter on device bond2
[  347.739395][T14960] veth5: entered promiscuous mode
[  347.745014][T14960] bond2: (slave veth5): Enslaving as an active interface with a down link
[  347.803162][T14960] bond2: (slave erspan0): making interface the new active one
[  347.825689][T14960] erspan0: entered promiscuous mode
[  347.827833][T14960] bond2: (slave erspan0): Enslaving as an active interface with an up link
[  350.388264][T15018] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3212'.
[  350.535663][T15024] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3214'.
[  350.538619][T15024] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3214'.
[  350.575275][T15027] netlink: 'syz.4.3205': attribute type 1 has an invalid length.
[  351.504134][T15046] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3211'.
[  351.545089][T15046] veth17: entered promiscuous mode
[  351.554728][T15046] veth17: entered allmulticast mode
[  351.558176][T15046] bridge15: port 1(veth17) entered blocking state
[  351.560431][T15046] bridge15: port 1(veth17) entered disabled state
[  351.565265][T15046] bridge15: port 1(veth17) entered blocking state
[  351.568028][T15046] bridge15: port 1(veth17) entered forwarding state
[  351.587580][T10044] bridge15: port 1(veth17) entered disabled state
[  351.679009][T15046] veth19: entered promiscuous mode
[  351.681158][T15046] veth19: entered allmulticast mode
[  351.686339][T15046] bridge15: port 2(veth19) entered blocking state
[  351.693179][T15046] bridge15: port 2(veth19) entered disabled state
[  351.702540][T15046] bridge15: port 2(veth19) entered blocking state
[  351.705556][T15046] bridge15: port 2(veth19) entered forwarding state
[  351.713131][T10039] bridge15: port 2(veth19) entered disabled state
[  352.536592][   T40] kauditd_printk_skb: 254 callbacks suppressed
[  352.536605][   T40] audit: type=1326 audit(1766785359.998:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15060 comm="syz.4.3218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  352.548212][   T40] audit: type=1326 audit(1766785359.998:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15060 comm="syz.4.3218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  352.557386][   T40] audit: type=1326 audit(1766785359.998:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15060 comm="syz.4.3218" exe="/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  352.566468][   T40] audit: type=1326 audit(1766785359.998:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15060 comm="syz.4.3218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  352.575184][   T40] audit: type=1326 audit(1766785359.998:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15060 comm="syz.4.3218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  352.595825][T15063] netlink: 'syz.5.3219': attribute type 1 has an invalid length.
[  352.596720][   T40] audit: type=1326 audit(1766785359.998:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15060 comm="syz.4.3218" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  352.618480][   T40] audit: type=1326 audit(1766785359.998:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15060 comm="syz.4.3218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  352.627181][T15063] bond9: entered promiscuous mode
[  352.629914][T15063] bond9: entered allmulticast mode
[  352.632910][T15063] 8021q: adding VLAN 0 to HW filter on device bond9
[  352.643906][   T40] audit: type=1326 audit(1766785359.998:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15060 comm="syz.4.3218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  352.649668][T15063] erspan1: entered allmulticast mode
[  352.657105][T15063] bond9: (slave erspan1): making interface the new active one
[  352.660380][T15063] erspan1: entered promiscuous mode
[  352.660972][   T40] audit: type=1326 audit(1766785359.998:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15060 comm="syz.4.3218" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  352.663968][T15063] bond9: (slave erspan1): Enslaving as an active interface with an up link
[  352.678849][   T40] audit: type=1326 audit(1766785359.998:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15060 comm="syz.4.3218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  352.705238][T15063] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3219'.
[  352.828505][T15063] bond9 (unregistering): (slave erspan1): Releasing active interface
[  352.831268][T15063] erspan1: left promiscuous mode
[  352.840242][T15063] bond9 (unregistering): Released all slaves
[  353.406382][T15084] netlink: 72 bytes leftover after parsing attributes in process `syz.5.3221'.
[  353.495664][ T5950] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  354.349378][T15111] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.352850][T15111] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.567582][T15111] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  354.573063][T15111] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  354.637071][T10096] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  354.642389][T10096] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  354.658269][T10096] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  354.661321][T10096] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  354.971587][T15129] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3236'.
[  355.002890][T15129] veth3: entered promiscuous mode
[  355.004713][T15129] veth3: entered allmulticast mode
[  355.007581][T15129] bridge1: port 1(veth3) entered blocking state
[  355.009929][T15129] bridge1: port 1(veth3) entered disabled state
[  355.013879][T15129] bridge1: port 1(veth3) entered blocking state
[  355.016283][T15129] bridge1: port 1(veth3) entered forwarding state
[  355.096069][T15129] veth5: entered promiscuous mode
[  355.098102][T15129] veth5: entered allmulticast mode
[  355.100453][T15129] bridge1: port 2(veth5) entered blocking state
[  355.102903][T15129] bridge1: port 2(veth5) entered disabled state
[  355.107788][T15129] bridge1: port 2(veth5) entered blocking state
[  355.110004][T15129] bridge1: port 2(veth5) entered forwarding state
[  355.792811][ T1140] bridge1: port 1(veth3) entered disabled state
[  355.838082][T15142] cgroup: fork rejected by pids controller in /syz7
[  355.925410][ T1140] bridge1: port 2(veth5) entered disabled state
[  357.295600][T17049] Process accounting resumed
[  357.325600][ T6066] usb 12-1: new full-speed USB device number 3 using dummy_hcd
[  357.478537][ T6066] usb 12-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  357.481934][ T6066] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 2
[  357.485030][ T6066] usb 12-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  357.488279][ T6066] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  357.492117][ T6066] usb 12-1: config 0 descriptor??
[  357.495467][ T6066] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  357.498136][ T6066] dvb-usb: bulk message failed: -22 (3/0)
[  357.504024][ T6066] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  357.507722][ T6066] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  357.510170][ T6066] usb 12-1: media controller created
[  357.513251][ T6066] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  357.519079][ T6066] dvb-usb: bulk message failed: -22 (6/0)
[  357.521471][ T6066] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  357.525307][ T6066] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.7/usb12/12-1/input/input11
[  357.531941][ T6066] dvb-usb: schedule remote query interval to 150 msecs.
[  357.535234][ T6066] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  357.688549][ T6429] dvb-usb: bulk message failed: -22 (1/0)
[  357.691321][ T6429] dvb-usb: error while querying for an remote control event.
[  357.711181][   T29] usb 12-1: USB disconnect, device number 3
[  357.747715][   T29] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  357.791315][T17061] netlink: 'syz.4.3252': attribute type 12 has an invalid length.
[  358.299619][   T40] kauditd_printk_skb: 35 callbacks suppressed
[  358.299630][   T40] audit: type=1326 audit(1766785365.758:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17072 comm="syz.4.3255" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  358.309261][   T40] audit: type=1326 audit(1766785365.768:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17072 comm="syz.4.3255" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  358.316869][   T40] audit: type=1326 audit(1766785365.768:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17072 comm="syz.4.3255" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  358.324095][   T40] audit: type=1326 audit(1766785365.768:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17072 comm="syz.4.3255" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  358.331666][   T40] audit: type=1326 audit(1766785365.778:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17072 comm="syz.4.3255" exe="/syz-executor" sig=0 arch=40000003 syscall=288 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  358.340095][   T40] audit: type=1326 audit(1766785365.778:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17072 comm="syz.4.3255" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  358.348965][   T40] audit: type=1326 audit(1766785365.778:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17072 comm="syz.4.3255" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  358.355983][   T40] audit: type=1326 audit(1766785365.778:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17072 comm="syz.4.3255" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  358.363208][   T40] audit: type=1326 audit(1766785365.778:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17072 comm="syz.4.3255" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  358.371819][   T40] audit: type=1326 audit(1766785365.778:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17072 comm="syz.4.3255" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  359.195636][T10096] erspan0: left promiscuous mode
[  359.419517][T17099] uprobe: syz.7.3267:17099 failed to unregister, leaking uprobe
[  360.546805][T17122] netlink: 'syz.4.3271': attribute type 1 has an invalid length.
[  360.565773][T17122] 8021q: adding VLAN 0 to HW filter on device bond9
[  360.593178][T17122] bond9: (slave gretap2): making interface the new active one
[  360.596034][T17122] bond9: (slave gretap2): Enslaving as an active interface with an up link
[  361.166280][T17130] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  362.505577][   T29] usb 12-1: new high-speed USB device number 4 using dummy_hcd
[  362.675541][   T29] usb 12-1: Using ep0 maxpacket: 32
[  362.680043][   T29] usb 12-1: config 0 has no interfaces?
[  362.689531][   T29] usb 12-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  362.693198][   T29] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  362.699391][   T29] usb 12-1: Product: syz
[  362.701819][   T29] usb 12-1: Manufacturer: syz
[  362.704062][   T29] usb 12-1: SerialNumber: syz
[  362.711545][   T29] usb 12-1: config 0 descriptor??
[  364.899920][   T29] libceph: connect (1)[c::]:6789 error -101
[  364.903558][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  364.976885][T17187] ceph: No mds server is up or the cluster is laggy
[  365.952082][   T24] usb 12-1: USB disconnect, device number 4
[  366.632064][T17217] veth1_to_bond: entered allmulticast mode
[  366.637423][T17217] veth1_to_bond: entered promiscuous mode
[  366.642485][T17217] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3299'.
[  366.694381][T17217] veth1_to_bond (unregistering): left allmulticast mode
[  366.700459][T17217] veth1_to_bond (unregistering): left promiscuous mode
[  366.820743][T17220] 8021q: adding VLAN 0 to HW filter on device bond1
[  366.865933][T17220] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3300'.
[  366.870247][T17220] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3300'.
[  366.875595][T17220] 8021q: adding VLAN 0 to HW filter on device bond0
[  366.881294][T17220] bond1: (slave bond0): making interface the new active one
[  366.885057][T17220] bond1: (slave bond0): Enslaving as an active interface with an up link
[  366.906437][T17220] bond1: (slave bond0): Releasing active interface
[  366.918902][T17220] bridge_slave_0: left allmulticast mode
[  366.921864][T17220] bridge_slave_0: left promiscuous mode
[  366.925181][T17220] bridge0: port 1(bridge_slave_0) entered disabled state
[  366.937480][T17220] bridge_slave_1: left allmulticast mode
[  366.940246][T17220] bridge_slave_1: left promiscuous mode
[  366.942934][T17220] bridge0: port 2(bridge_slave_1) entered disabled state
[  366.951160][T17220] bond0: (slave bond_slave_0): Releasing backup interface
[  366.957505][T17220] bond0: (slave bond_slave_1): Releasing backup interface
[  366.977122][T17220] team0: Port device team_slave_1 removed
[  366.980421][T17220] batman_adv: batadv0: Removing interface: batadv_slave_0
[  366.988210][T17220] batman_adv: batadv0: Removing interface: batadv_slave_1
[  366.994594][T17220] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  367.192794][T17227] syzkaller0: entered promiscuous mode
[  367.195200][T17227] syzkaller0: entered allmulticast mode
[  367.333617][T17231] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3305'.
[  367.434920][T17238] netlink: 220 bytes leftover after parsing attributes in process `syz.8.3308'.
[  367.439371][T17238] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3308'.
[  367.443408][T17238] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3308'.
[  367.450496][T17238] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3308'.
[  367.454729][T17238] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3308'.
[  367.469359][T17238] netlink: 27 bytes leftover after parsing attributes in process `syz.8.3308'.
[  367.849422][T17251] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  367.860851][T17251] kvm: pic: non byte read
[  367.865665][T17251] pic_ioport_write: 119 callbacks suppressed
[  367.865682][T17251] kvm: pic: level sensitive irq not supported
[  367.869477][T17251] kvm: pic: non byte read
[  367.877632][T17251] kvm: pic: level sensitive irq not supported
[  367.878365][T17251] kvm: pic: non byte read
[  370.663079][T17305] can: request_module (can-proto-3) failed.
[  370.963198][T17318] ip6erspan0: entered promiscuous mode
[  372.571134][T17384] netlink: 'syz.8.3347': attribute type 27 has an invalid length.
[  372.575953][T17384] erspan0: left allmulticast mode
[  372.808127][T17390] 8021q: adding VLAN 0 to HW filter on device bond0
[  372.811613][T17390] 8021q: adding VLAN 0 to HW filter on device team0
[  372.818973][T17390] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  376.015607][ T6030] usb 12-1: new high-speed USB device number 5 using dummy_hcd
[  376.171074][ T6030] usb 12-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  376.175009][ T6030] usb 12-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  376.188309][ T6030] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 66
[  376.192456][ T6030] usb 12-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  376.207968][ T6030] usb 12-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  376.211954][ T6030] usb 12-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  376.215907][ T6030] usb 12-1: Product: syz
[  376.217993][ T6030] usb 12-1: Manufacturer: syz
[  376.259761][T17431] syz.4.3359: vmalloc error: size 2147479872, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  376.268787][T17431] CPU: 2 UID: 0 PID: 17431 Comm: syz.4.3359 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  376.268838][T17431] Tainted: [L]=SOFTLOCKUP
[  376.268845][T17431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  376.268859][T17431] Call Trace:
[  376.268867][T17431]  <TASK>
[  376.268875][T17431]  dump_stack_lvl+0x16c/0x1f0
[  376.268911][T17431]  warn_alloc+0x248/0x3a0
[  376.268939][T17431]  ? __pfx_warn_alloc+0x10/0x10
[  376.268971][T17431]  ? __lock_acquire+0x436/0x2890
[  376.269004][T17431]  __vmalloc_node_range_noprof+0x12c2/0x16b0
[  376.269024][T17431]  ? lock_acquire+0x179/0x330
[  376.269043][T17431]  ? find_held_lock+0x2b/0x80
[  376.269068][T17431]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  376.269102][T17431]  ? policy_nodemask+0xea/0x4e0
[  376.269133][T17431]  ? netlink_alloc_large_skb+0x9b/0x140
[  376.269165][T17431]  ? alloc_pages_mpol+0x25a/0x550
[  376.269198][T17431]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  376.269227][T17431]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  376.269248][T17431]  ? __schedule+0x114c/0x6150
[  376.269281][T17431]  ? ___kmalloc_large_node+0x10c/0x150
[  376.269306][T17431]  __kvmalloc_node_noprof+0x42c/0xa40
[  376.269335][T17431]  ? netlink_alloc_large_skb+0x9b/0x140
[  376.269366][T17431]  ? netlink_alloc_large_skb+0x9b/0x140
[  376.269394][T17431]  ? __pfx___might_resched+0x10/0x10
[  376.269423][T17431]  ? find_held_lock+0x2b/0x80
[  376.269452][T17431]  ? netlink_alloc_large_skb+0x9b/0x140
[  376.269480][T17431]  netlink_alloc_large_skb+0x9b/0x140
[  376.269512][T17431]  netlink_sendmsg+0x698/0xdd0
[  376.269545][T17431]  ? __pfx_netlink_sendmsg+0x10/0x10
[  376.269579][T17431]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  376.269619][T17431]  sock_write_iter+0x566/0x610
[  376.269659][T17431]  ? __pfx_sock_write_iter+0x10/0x10
[  376.269700][T17431]  ? bpf_lsm_file_permission+0x9/0x10
[  376.269724][T17431]  ? security_file_permission+0x71/0x210
[  376.269750][T17431]  ? rw_verify_area+0xcf/0x6c0
[  376.269777][T17431]  vfs_write+0x7d3/0x11d0
[  376.269806][T17431]  ? __pfx_sock_write_iter+0x10/0x10
[  376.269841][T17431]  ? __pfx_vfs_write+0x10/0x10
[  376.269866][T17431]  ? find_held_lock+0x2b/0x80
[  376.269908][T17431]  ksys_write+0x1f8/0x250
[  376.269936][T17431]  ? __pfx_ksys_write+0x10/0x10
[  376.269972][T17431]  __do_fast_syscall_32+0xe8/0x680
[  376.270007][T17431]  do_fast_syscall_32+0x32/0x80
[  376.270027][T17431]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  376.270052][T17431] RIP: 0023:0xf7f35579
[  376.270069][T17431] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  376.270088][T17431] RSP: 002b:00000000f542655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  376.270108][T17431] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000280
[  376.270121][T17431] RDX: 00000000ffffff03 RSI: 0000000000000000 RDI: 0000000000000000
[  376.270134][T17431] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  376.270146][T17431] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  376.270159][T17431] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  376.270188][T17431]  </TASK>
[  376.270258][T17431] Mem-Info:
[  376.415308][T17431] active_anon:4918 inactive_anon:7820 isolated_anon:25
[  376.415308][T17431]  active_file:403 inactive_file:3587 isolated_file:0
[  376.415308][T17431]  unevictable:1768 dirty:204 writeback:0
[  376.415308][T17431]  slab_reclaimable:7139 slab_unreclaimable:87655
[  376.415308][T17431]  mapped:21849 shmem:13200 pagetables:1458
[  376.415308][T17431]  sec_pagetables:325 bounce:0
[  376.415308][T17431]  kernel_misc_reclaimable:0
[  376.415308][T17431]  free:31391 free_pcp:10427 free_cma:0
[  376.440868][T17431] Node 0 active_anon:80kB inactive_anon:380kB active_file:160kB inactive_file:12kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:28kB dirty:4kB writeback:0kB shmem:3808kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:10168kB pagetables:1828kB sec_pagetables:1152kB all_unreclaimable? no Balloon:0kB
[  376.455373][T17431] Node 1 active_anon:21404kB inactive_anon:29140kB active_file:1452kB inactive_file:14336kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:87496kB dirty:820kB writeback:0kB shmem:48992kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6824kB pagetables:3984kB sec_pagetables:148kB all_unreclaimable? no Balloon:0kB
[  376.469344][T17431] Node 0 DMA free:2056kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:28kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:196kB local_pcp:80kB free_cma:0kB
[  376.482722][T17431] lowmem_reserve[]: 0 289 289 289 289
[  376.485391][T17431] Node 0 DMA32 free:12268kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:2048KB free_highatomic:160KB active_anon:8kB inactive_anon:380kB active_file:160kB inactive_file:12kB unevictable:3536kB writepending:4kB zspages:1112kB present:1032196kB managed:296812kB mlocked:0kB bounce:0kB free_pcp:9912kB local_pcp:1984kB free_cma:0kB
[  376.499937][T17431] lowmem_reserve[]: 0 0 0 0 0
[  376.502737][ T6030] cdc_wdm 12-1:1.0: skipping garbage
[  376.505131][ T6030] cdc_wdm 12-1:1.0: probe with driver cdc_wdm failed with error -22
[  376.511015][ T6030] usb 12-1: USB disconnect, device number 5
[  376.515225][T17431] Node 1 DMA32 free:107368kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:21404kB inactive_anon:29140kB active_file:1452kB inactive_file:14336kB unevictable:3536kB writepending:820kB zspages:5380kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:35892kB local_pcp:2764kB free_cma:0kB
[  376.531270][T17431] lowmem_reserve[]: 0 0 0 0 0
[  376.533408][T17431] Node 0 DMA: 22*4kB (UM) 12*8kB (UM) 5*16kB (UM) 6*32kB (UM) 5*64kB (UM) 0*128kB 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2056kB
[  376.540115][T17431] Node 0 DMA32: 29*4kB (UMEH) 53*8kB (UMEH) 79*16kB (UMEH) 61*32kB (UMEH) 37*64kB (UMEH) 14*128kB (UME) 5*256kB (UME) 6*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 12268kB
[  376.547706][T17431] Node 1 DMA32: 2017*4kB (UME) 2472*8kB (UME) 1355*16kB (UME) 147*32kB (ME) 82*64kB (ME) 95*128kB (UME) 71*256kB (UME) 24*512kB (UM) 5*1024kB (UM) 0*2048kB 0*4096kB = 107220kB
[  376.555252][T17431] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  376.559563][T17431] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  376.563480][T17431] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  376.568645][T17431] Node 1 hugepages_total=6 hugepages_free=1 hugepages_surp=3 hugepages_size=2048kB
[  376.572692][T17431] 18098 total pagecache pages
[  376.574766][T17431] 912 pages in swap cache
[  376.577032][T17431] Free swap  = 33504kB
[  376.578996][T17431] Total swap = 124996kB
[  376.580936][T17431] 524155 pages RAM
[  376.582622][T17431] 0 pages HighMem/MovableOnly
[  376.584832][T17431] 209059 pages reserved
[  376.586808][T17431] 0 pages cma reserved
[  376.853574][ T6030] libceph: connect (1)[c::]:6789 error -101
[  376.856696][ T6030] libceph: mon0 (1)[c::]:6789 connect error
[  376.901104][T17439] ceph: No mds server is up or the cluster is laggy
[  377.888281][T17469] __nla_validate_parse: 2 callbacks suppressed
[  377.888299][T17469] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3366'.
[  378.083854][T17479] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3369'.
[  378.219195][T17487] vlan2: entered allmulticast mode
[  378.222567][T17487] bridge_slave_0: entered allmulticast mode
[  379.163434][T17506] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3377'.
[  379.170418][T17506] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3377'.
[  380.158838][T17546] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3382'.
[  380.208164][T17546] bond3: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  380.228378][T17546] bond3: (slave lo): Enslaving as a backup interface with an up link
[  380.232580][T17546] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  380.489801][ T6030] libceph: connect (1)[c::]:6789 error -101
[  380.491860][ T6030] libceph: mon0 (1)[c::]:6789 connect error
[  380.535746][T17561] block nbd7: shutting down sockets
[  380.567023][T17557] ceph: No mds server is up or the cluster is laggy
[  381.475840][T17575] netlink: 'syz.5.3390': attribute type 1 has an invalid length.
[  381.509366][T17575] 8021q: adding VLAN 0 to HW filter on device bond9
[  381.663692][T17575] 8021q: adding VLAN 0 to HW filter on device bond9
[  381.666338][T17575] bond9: (slave vxcan3): The slave device specified does not support setting the MAC address
[  381.670193][T17575] bond9: (slave vxcan3): Error -95 calling set_mac_address
[  381.837965][T17575] bond10: entered promiscuous mode
[  381.842384][T17575] 8021q: adding VLAN 0 to HW filter on device bond10
[  381.847193][T17575] bond9: (slave bond10): Enslaving as an active interface with a down link
[  381.857199][T17579] macvlan2: entered promiscuous mode
[  381.859481][T17579] macvlan2: entered allmulticast mode
[  381.862285][T17579] bond9: entered promiscuous mode
[  381.865131][T17579] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  381.871717][T17579] bond9: left promiscuous mode
[  381.978192][T17582] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3392'.
[  382.004432][T17582] bond2: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  382.013530][T17582] bond2: (slave lo): Enslaving as a backup interface with an up link
[  382.017885][T17582] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  382.144988][T17592] netlink: 'syz.4.3395': attribute type 1 has an invalid length.
[  382.162538][T17592] bond10: entered promiscuous mode
[  382.164854][T17592] 8021q: adding VLAN 0 to HW filter on device bond10
[  382.237163][T17592] 8021q: adding VLAN 0 to HW filter on device bond11
[  382.240436][T17592] bond10: (slave bond11): making interface the new active one
[  382.242812][T17592] bond11: entered promiscuous mode
[  382.246698][T17592] bond10: (slave bond11): Enslaving as an active interface with an up link
[  383.472241][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  383.475097][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  383.969146][T17640] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3403'.
[  384.027845][T17640] bond11: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  384.037231][T17640] bond11: (slave lo): Enslaving as a backup interface with an up link
[  384.041098][T17640] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  384.227382][T17621] overlayfs: failed to resolve './file1': -2
[  385.392062][T17677] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3413'.
[  385.405537][ T5944] Bluetooth: hci4: unexpected cc 0x203e length: 2 > 1
[  386.407097][T17697] futex_wake_op: syz.4.3419 tries to shift op by -1; fix this program
[  386.410541][   T40] kauditd_printk_skb: 60 callbacks suppressed
[  386.410551][   T40] audit: type=1326 audit(1766785393.868:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17696 comm="syz.4.3419" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  386.424992][   T40] audit: type=1326 audit(1766785393.878:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17696 comm="syz.4.3419" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  386.435530][   T40] audit: type=1326 audit(1766785393.878:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17696 comm="syz.4.3419" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f355a7 code=0x7ffc0000
[  386.445772][   T40] audit: type=1326 audit(1766785393.878:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17696 comm="syz.4.3419" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  386.453067][   T40] audit: type=1326 audit(1766785393.878:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17696 comm="syz.4.3419" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  386.463129][   T40] audit: type=1326 audit(1766785393.888:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17696 comm="syz.4.3419" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  386.472523][   T40] audit: type=1326 audit(1766785393.888:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17696 comm="syz.4.3419" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f355a7 code=0x7ffc0000
[  386.481907][   T40] audit: type=1326 audit(1766785393.888:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17696 comm="syz.4.3419" exe="/syz-executor" sig=0 arch=40000003 syscall=313 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  386.493778][   T40] audit: type=1326 audit(1766785393.898:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17696 comm="syz.4.3419" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f35579 code=0x7ffc0000
[  386.503055][   T40] audit: type=1326 audit(1766785393.898:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17696 comm="syz.4.3419" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f355a7 code=0x7ffc0000
[  386.526242][T17699] overlayfs: failed to clone lowerpath
[  387.044066][ T6030] libceph: connect (1)[c::]:6789 error -101
[  387.046242][ T6030] libceph: mon0 (1)[c::]:6789 connect error
[  387.092380][T17706] ceph: No mds server is up or the cluster is laggy
[  387.321637][T17714] vlan0: entered allmulticast mode
[  387.323582][T17714] bridge_slave_0: entered allmulticast mode
[  388.831794][T17738] netlink: 72 bytes leftover after parsing attributes in process `syz.8.3430'.
[  389.465591][ T5944] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  389.471231][ T5944] Bluetooth: hci4: Injecting HCI hardware error event
[  389.483614][ T5944] Bluetooth: hci4: hardware error 0x00
[  390.859729][T17776] bond5: option mode: unable to set because the bond device has slaves
[  390.863932][T17776] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3440'.
[  390.867746][T17776] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3440'.
[  390.872515][T17776] 8021q: adding VLAN 0 to HW filter on device bond0
[  390.876853][T17776] bond5: (slave bond0): Enslaving as an active interface with a down link
[  390.896392][T17776] bond5: (slave bond0): Releasing active interface
[  390.898668][T17776] ip6gretap1: entered promiscuous mode
[  390.904426][T17776] team0: left allmulticast mode
[  390.907112][T17776] bridge0: port 1(team0) entered disabled state
[  391.005198][T17776] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  391.535533][ T5944] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  391.887553][T17800] netlink: 72 bytes leftover after parsing attributes in process `syz.7.3446'.
[  392.782385][T17812] syzkaller0: entered promiscuous mode
[  392.785059][T17812] syzkaller0: entered allmulticast mode
[  392.802355][T17812] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  392.806650][T17811] tipc: Resetting bearer <eth:syzkaller0>
[  392.819728][T17811] tipc: Disabling bearer <eth:syzkaller0>
[  393.641021][T17824] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3455'.
[  394.469520][T17843] syzkaller0: entered promiscuous mode
[  394.471485][T17843] syzkaller0: entered allmulticast mode
[  394.475609][ T1162] 0: reclassify loop, rule prio 0, protocol 800
[  396.471687][T17862] ALSA: mixer_oss: invalid OSS volume ''
[  396.473661][T17862] ALSA: mixer_oss: invalid OSS volume '�p6��Fo���?��i{G������?�^�J�'
[  396.476592][T17862] ALSA: mixer_oss: invalid OSS volume ']��2E�6��r�b�$�[���gϻ����'
[  396.479321][T17862] ALSA: mixer_oss: invalid OSS volume 'h�N�vs.wV/��S����'
[  396.481739][T17862] ALSA: mixer_oss: invalid OSS volume '�l`����|Ql�hZ���R:�"'
[  396.484388][T17862] ALSA: mixer_oss: invalid OSS volume 'j�S���NWxRe\'
[  396.486730][T17862] ALSA: mixer_oss: invalid OSS volume '���^�mo�'���w�ZU3�'
[  396.489078][T17862] ALSA: mixer_oss: invalid OSS volume '����HM��/�8jxL���'
[  396.491451][T17862] ALSA: mixer_oss: invalid OSS volume '��b����?-@��4�ԩz�V��X��u�H'
[  396.494226][T17862] ALSA: mixer_oss: invalid OSS volume '�|ܽ֞��j�D�k����y@~bą�����'
[  396.497144][T17862] ALSA: mixer_oss: invalid OSS volume '�즬0�̗'
[  396.499260][T17862] ALSA: mixer_oss: invalid OSS volume ')��������K��"a���(�@CD'
[  396.501822][T17862] ALSA: mixer_oss: invalid OSS volume '<��"��
�!^�m�#Y�[��t��=�ɍ'
[  396.504910][T17862] ALSA: mixer_oss: invalid OSS volume '�Xh�e�U?�մ�����S�ō�1?��ҁ��'
[  396.508163][T17862] ALSA: mixer_oss: invalid OSS volume '6�MU��JS.�d�-���)IKA(|eDBB9'
[  396.511139][T17862] ALSA: mixer_oss: invalid OSS volume '�F��A�g��B��Z���8Ȟ�
м�WF��'
[  396.513854][T17862] ALSA: mixer_oss: invalid OSS volume '�ұB���;T`�@$���E��cX�MYd��,'
[  396.516812][T17862] ALSA: mixer_oss: invalid OSS volume 'b��@h�#'
[  396.519019][T17862] ALSA: mixer_oss: invalid OSS volume '��h4���X��S4v=0�_>�&��'
[  396.521581][T17862] ALSA: mixer_oss: invalid OSS volume '|�/"tj'
[  396.523720][T17862] ALSA: mixer_oss: invalid OSS volume '-z5��c^�J��6�$���'
[  396.526452][T17862] ALSA: mixer_oss: invalid OSS volume '0��T���y����󉴪���j�P&��a�t'
[  396.529255][T17862] ALSA: mixer_oss: invalid OSS volume '�|��~�\'
[  396.531352][T17862] ALSA: mixer_oss: invalid OSS volume '��@�^3bɜ�}��G�$�#\�("/�o�L�'
[  396.534160][T17862] ALSA: mixer_oss: invalid OSS volume 'I
��:����'
[  396.536582][T17862] ALSA: mixer_oss: invalid OSS volume '%^�v��hc�GJP������r�('⍯Q='
[  396.539305][T17862] ALSA: mixer_oss: invalid OSS volume '�Gj�;4��Ì���z�3�W�Ҽ0�F=%�'
[  396.541975][T17862] ALSA: mixer_oss: invalid OSS volume ';4���4�fh�߇G��Iב�Q�5o�J'
[  396.544905][T17862] ALSA: mixer_oss: invalid OSS volume 'W���l�]Y1�-����J<����A�>��o'
[  396.719166][T17886] netlink: 72 bytes leftover after parsing attributes in process `syz.8.3473'.
[  398.685324][T17905] netlink: 'syz.4.3480': attribute type 4 has an invalid length.
[  399.407219][T17926] batman_adv: batadv0: Adding interface: ipvlan2
[  399.409462][T17926] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  399.418679][T17926] batman_adv: batadv0: Interface activated: ipvlan2
[  401.479683][T17983] netlink: 'syz.5.3500': attribute type 39 has an invalid length.
[  401.503183][T17985] netlink: 'syz.8.3501': attribute type 1 has an invalid length.
[  401.546189][T17985] 8021q: adding VLAN 0 to HW filter on device bond3
[  401.593117][T17985] bond3: (slave dummy0): making interface the new active one
[  401.606375][T17985] bond3: (slave dummy0): Enslaving as an active interface with an up link
[  401.760932][T17999] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3502'.
[  401.764731][T17999] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3502'.
[  403.002138][T18029] overlayfs: failed to clone upperpath
[  403.145169][   T40] kauditd_printk_skb: 250 callbacks suppressed
[  403.145181][   T40] audit: type=1804 audit(1766785410.598:843): pid=18036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.3520" name="bus" dev="ramfs" ino=62032 res=1 errno=0
[  403.853018][T18049] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3517'.
[  403.981337][T18049] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3517'.
[  404.788474][T18065] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3524'.
[  404.796613][   T40] audit: type=1326 audit(1766785412.258:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18058 comm="syz.7.3522" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x0
[  405.255588][T18065] vlan2: entered promiscuous mode
[  405.257688][T18065] bridge0: entered promiscuous mode
[  405.524670][T18078] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3528'.
[  406.649557][T18101] netlink: 'syz.4.3533': attribute type 4 has an invalid length.
[  406.911704][T18104] �2��: renamed from team_slave_1
[  407.180378][T18115] netlink: 'syz.8.3541': attribute type 39 has an invalid length.
[  407.639940][T18125] bond0: (slave syz_tun): Releasing backup interface
[  408.583249][ T5950] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  408.589001][ T5950] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  408.593055][ T5950] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  408.599555][ T5950] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  408.603090][ T5950] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  408.776724][T18144] chnl_net:caif_netlink_parms(): no params data found
[  408.866908][T18144] bridge0: port 1(bridge_slave_0) entered blocking state
[  408.869293][T18144] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.871677][T18144] bridge_slave_0: entered allmulticast mode
[  408.874440][T18144] bridge_slave_0: entered promiscuous mode
[  408.878041][T18144] bridge0: port 2(bridge_slave_1) entered blocking state
[  408.880543][T18144] bridge0: port 2(bridge_slave_1) entered disabled state
[  408.882966][T18144] bridge_slave_1: entered allmulticast mode
[  408.885891][T18144] bridge_slave_1: entered promiscuous mode
[  408.903086][T18144] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  408.908228][T18144] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  408.925816][T18144] team0: Port device team_slave_0 added
[  408.929185][T18144] team0: Port device team_slave_1 added
[  408.944344][T18144] batman_adv: batadv0: Adding interface: batadv_slave_0
[  408.946881][T18144] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  408.955395][T18144] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  408.960180][T18144] batman_adv: batadv0: Adding interface: batadv_slave_1
[  408.962450][T18144] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  408.971215][T18144] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  408.995264][T18144] hsr_slave_0: entered promiscuous mode
[  408.997846][T18144] hsr_slave_1: entered promiscuous mode
[  409.000773][T18144] debugfs: 'hsr0' already exists in 'hsr'
[  409.003216][T18144] Cannot create hsr debugfs directory
[  409.401923][T18144] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  409.417308][T18144] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  409.427577][T18144] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  409.472575][T18144] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  409.604532][T18144] bridge0: port 2(bridge_slave_1) entered blocking state
[  409.607483][T18144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  409.610058][T18144] bridge0: port 1(bridge_slave_0) entered blocking state
[  409.612559][T18144] bridge0: port 1(bridge_slave_0) entered forwarding state
[  409.680820][T18144] 8021q: adding VLAN 0 to HW filter on device bond0
[  409.696242][ T1142] bridge0: port 1(bridge_slave_0) entered disabled state
[  409.707355][ T1142] bridge0: port 2(bridge_slave_1) entered disabled state
[  409.787860][T18144] 8021q: adding VLAN 0 to HW filter on device team0
[  409.795270][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state
[  409.797705][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state
[  409.812957][T10039] bridge0: port 2(bridge_slave_1) entered blocking state
[  409.816308][T10039] bridge0: port 2(bridge_slave_1) entered forwarding state
[  409.950514][T18144] 8021q: adding VLAN 0 to HW filter on device batadv0
[  410.143087][T18144] veth0_vlan: entered promiscuous mode
[  410.153500][T18144] veth1_vlan: entered promiscuous mode
[  410.174591][T18144] veth0_macvtap: entered promiscuous mode
[  410.181555][T18144] veth1_macvtap: entered promiscuous mode
[  410.191629][T18144] batman_adv: batadv0: Interface activated: batadv_slave_0
[  410.199323][T18144] batman_adv: batadv0: Interface activated: batadv_slave_1
[  410.205263][T10039] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  410.210267][T10039] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  410.213817][T10039] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  410.217196][T10039] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  410.275942][T10039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  410.278567][T10039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  410.281959][ T1142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  410.284560][ T1142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  410.655630][ T5950] Bluetooth: hci1: command tx timeout
[  410.680984][T18201] netlink: 'syz.5.3562': attribute type 1 has an invalid length.
[  410.714662][T18201] 8021q: adding VLAN 0 to HW filter on device bond12
[  410.740455][T18201] batman_adv: batadv0: Removing interface: dummy0
[  410.748802][T18201] bond12: (slave dummy0): making interface the new active one
[  410.751986][T18201] bond12: (slave dummy0): Enslaving as an active interface with an up link
[  410.893601][T18206] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3564'.
[  410.898736][T18206] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3564'.
[  410.906341][T18206] vlan0: entered allmulticast mode
[  410.908689][T18206] hsr0: entered allmulticast mode
[  410.910792][T18206] hsr_slave_0: entered allmulticast mode
[  410.912788][T18206] hsr_slave_1: entered allmulticast mode
[  411.230145][T18216] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3568'.
[  411.233097][T18216] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3568'.
[  412.737138][ T5950] Bluetooth: hci1: command tx timeout
[  414.815556][ T5950] Bluetooth: hci1: command tx timeout
[  416.895779][ T5950] Bluetooth: hci1: command tx timeout
[  418.112205][   T40] audit: type=1326 audit(1766785425.568:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18337 comm="syz.4.3599" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f35579 code=0x0
[  419.069030][   T24] libceph: connect (1)[c::]:6789 error -101
[  419.071139][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  419.124347][T18348] ceph: No mds server is up or the cluster is laggy
[  421.228591][   T40] audit: type=1326 audit(1766785428.688:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18376 comm="syz.5.3609" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ed579 code=0x0
[  422.178338][   T40] audit: type=1326 audit(1766785429.638:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18392 comm="syz.7.3611" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f74579 code=0x0
[  422.180881][T18403] MPI: mpi too large (124808 bits)
[  425.186178][T18474] netlink: 'syz.7.3640': attribute type 4 has an invalid length.
[  425.197334][T18474] netlink: 152 bytes leftover after parsing attributes in process `syz.7.3640'.
[  425.228829][T18474] .`: renamed from bond0 (while UP)
[  426.410516][T18505] bridge_slave_0: left allmulticast mode
[  426.412479][T18505] bridge_slave_0: left promiscuous mode
[  426.414540][T18505] bridge0: port 1(bridge_slave_0) entered disabled state
[  426.433039][T18505] bridge_slave_1: left allmulticast mode
[  426.435013][T18505] bridge_slave_1: left promiscuous mode
[  426.438707][T18505] bridge0: port 2(bridge_slave_1) entered disabled state
[  426.447517][T18505] .`: (slave bond_slave_0): Releasing backup interface
[  426.458483][T18505] .`: (slave bond_slave_1): Releasing backup interface
[  426.469294][T18505] team0: Port device team_slave_0 removed
[  426.478471][T18505] team0: Port device team_slave_1 removed
[  426.482452][T18505] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  426.486594][T18505] batman_adv: batadv0: Removing interface: batadv_slave_0
[  426.497496][T18505] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  426.500387][T18505] batman_adv: batadv0: Removing interface: batadv_slave_1
[  426.507187][T18505] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  429.805195][   T40] audit: type=1804 audit(1766785437.258:848): pid=18566 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.3654" name="bus" dev="ramfs" ino=65335 res=1 errno=0
[  432.433843][T18596] dvmrp1: entered allmulticast mode
[  433.071699][T18612] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3667'.
[  433.718230][T18634] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3673'.
[  434.660241][T18658] Unknown options in mask b7f2
[  436.738409][T18694] netlink: 'syz.5.3691': attribute type 4 has an invalid length.
[  436.741096][T18694] netlink: 152 bytes leftover after parsing attributes in process `syz.5.3691'.
[  436.746050][T18694] .`: renamed from bond0
[  437.267327][T18703] GUP no longer grows the stack in syz.8.3696 (18703): 80004000-80005000 (80001000)
[  437.271164][T18703] CPU: 1 UID: 0 PID: 18703 Comm: syz.8.3696 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  437.271186][T18703] Tainted: [L]=SOFTLOCKUP
[  437.271190][T18703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  437.271198][T18703] Call Trace:
[  437.271202][T18703]  <TASK>
[  437.271207][T18703]  dump_stack_lvl+0x16c/0x1f0
[  437.271229][T18703]  gup_vma_lookup+0x1d2/0x220
[  437.271248][T18703]  __get_user_pages+0x241/0x3590
[  437.271272][T18703]  ? register_lock_class+0x41/0x4b0
[  437.271293][T18703]  ? __pfx___get_user_pages+0x10/0x10
[  437.271314][T18703]  __gup_longterm_locked+0xa92/0x17e0
[  437.271332][T18703]  ? __lock_acquire+0x436/0x2890
[  437.271345][T18703]  ? __pfx___gup_longterm_locked+0x10/0x10
[  437.271370][T18703]  pin_user_pages_remote+0xed/0x140
[  437.271389][T18703]  ? __pfx_pin_user_pages_remote+0x10/0x10
[  437.271406][T18703]  ? mm_access+0x22d/0x2e0
[  437.271427][T18703]  process_vm_rw_core.constprop.0+0x41b/0x970
[  437.271447][T18703]  ? trace_kmalloc+0x2b/0xb0
[  437.271466][T18703]  ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[  437.271482][T18703]  ? iovec_from_user+0xbb/0x140
[  437.271501][T18703]  ? iovec_from_user+0xbb/0x140
[  437.271514][T18703]  process_vm_rw+0x216/0x2c0
[  437.271529][T18703]  ? __pfx_process_vm_rw+0x10/0x10
[  437.271547][T18703]  ? putname+0xf5/0x1a0
[  437.271563][T18703]  ? find_held_lock+0x2b/0x80
[  437.271583][T18703]  ? __pfx___ia32_sys_futex_time32+0x10/0x10
[  437.271600][T18703]  __ia32_sys_process_vm_writev+0xdf/0x1b0
[  437.271616][T18703]  ? __do_fast_syscall_32+0x9a/0x680
[  437.271634][T18703]  ? lockdep_hardirqs_on+0x7c/0x110
[  437.271650][T18703]  __do_fast_syscall_32+0xe8/0x680
[  437.271669][T18703]  do_fast_syscall_32+0x32/0x80
[  437.271680][T18703]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  437.271694][T18703] RIP: 0023:0xf7fa5579
[  437.271704][T18703] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  437.271715][T18703] RSP: 002b:00000000f549655c EFLAGS: 00000296 ORIG_RAX: 000000000000015c
[  437.271726][T18703] RAX: ffffffffffffffda RBX: 000000000000020f RCX: 0000000080c22000
[  437.271733][T18703] RDX: 000000000000002b RSI: 0000000080c22fa0 RDI: 0000000000000001
[  437.271739][T18703] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  437.271745][T18703] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  437.271752][T18703] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  437.271765][T18703]  </TASK>
[  444.909544][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  444.912354][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  444.925354][T18850] syz_tun: entered allmulticast mode
[  445.467548][T18865] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3741'.
[  445.508749][T18865] nbd: socks must be embedded in a SOCK_ITEM attr
[  445.995820][T18878] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3745'.
[  446.029877][T18878] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3745'.
[  446.607728][T18889] input: syz0 as /devices/virtual/input/input13
[  450.450303][T18922] netlink: 'syz.5.3756': attribute type 1 has an invalid length.
[  450.452844][T18922] netlink: 'syz.5.3756': attribute type 4 has an invalid length.
[  450.456871][T18922] netlink: 15334 bytes leftover after parsing attributes in process `syz.5.3756'.
[  450.519211][T18924] netlink: 'syz.7.3757': attribute type 1 has an invalid length.
[  450.542471][T18924] 8021q: adding VLAN 0 to HW filter on device bond0
[  450.584874][T18924] bond0: (slave dummy0): making interface the new active one
[  450.588587][T18924] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  450.985551][   T24] usb 12-1: new high-speed USB device number 6 using dummy_hcd
[  451.145549][   T24] usb 12-1: Using ep0 maxpacket: 32
[  451.149237][   T24] usb 12-1: config 0 has an invalid interface number: 12 but max is 0
[  451.152380][   T24] usb 12-1: config 0 has no interface number 0
[  451.154814][   T24] usb 12-1: config 0 interface 12 has no altsetting 0
[  451.158847][   T24] usb 12-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  451.162478][   T24] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  451.165055][   T24] usb 12-1: Product: syz
[  451.166750][   T24] usb 12-1: Manufacturer: syz
[  451.168388][   T24] usb 12-1: SerialNumber: syz
[  451.171376][   T24] usb 12-1: config 0 descriptor??
[  451.174423][   T24] f81534 12-1:0.12: required endpoints missing
[  451.421305][ T6429] usb 12-1: USB disconnect, device number 6
[  452.028815][T18950] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  481.426157][ T1142] bridge_slave_1: left allmulticast mode
[  481.428461][ T1142] bridge_slave_1: left promiscuous mode
[  481.431043][ T1142] bridge0: port 2(bridge_slave_1) entered disabled state
[  481.447340][ T1142] bridge_slave_0: left allmulticast mode
[  481.449725][ T1142] bridge_slave_0: left promiscuous mode
[  481.454526][ T1142] bridge0: port 1(bridge_slave_0) entered disabled state
[  481.633142][ T1142] batman_adv: batadv0: Removing interface: ip6gretap1
[  482.504630][ T1142] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  482.528611][ T1142] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  482.536054][ T1142] bond0 (unregistering): Released all slaves
[  482.837487][ T1142] bond1 (unregistering): Released all slaves
[  482.949067][ T1142] tipc: Left network mode
[  483.145784][ T1142] hsr_slave_0: left promiscuous mode
[  483.158275][ T1142] hsr_slave_1: left promiscuous mode
[  483.161287][ T1142] batman_adv: batadv0: Removing interface: batadv_slave_0
[  483.188299][ T1142] veth1_macvtap: left allmulticast mode
[  484.345879][ T1142] team0 (unregistering): Port device team_slave_1 removed
[  484.474278][ T1142] team0 (unregistering): Port device team_slave_0 removed
[  485.669240][ T1142] IPVS: stop unused estimator thread 0...
[  506.338079][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  506.340326][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  512.875785][T10040] ------------[ cut here ]------------
[  512.878466][T10040] WARNING: io_uring/io_uring.c:3026 at io_ring_exit_work+0x3b1/0x1130, CPU#1: kworker/u32:19/10040
[  512.882692][T10040] Modules linked in:
[  512.884812][T10040] CPU: 1 UID: 0 PID: 10040 Comm: kworker/u32:19 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  512.888787][T10040] Tainted: [L]=SOFTLOCKUP
[  512.890274][T10040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  512.893768][T10040] Workqueue: iou_exit io_ring_exit_work
[  512.895788][T10040] RIP: 0010:io_ring_exit_work+0x3b1/0x1130
[  512.897782][T10040] Code: 0f 85 65 0b 00 00 48 8b 05 9c f1 62 09 4c 8b 74 24 68 31 ff 49 29 c6 4c 89 f6 e8 7a 32 20 fd 4d 85 f6 79 12 e8 a0 37 20 fd 90 <0f> 0b 90 48 c7 44 24 60 70 17 00 00 e8 8e 37 20 fd 48 8b 74 24 60
[  512.904193][T10040] RSP: 0000:ffffc900063f7a10 EFLAGS: 00010293
[  512.906393][T10040] RAX: 0000000000000000 RBX: ffff888025de66d0 RCX: ffffffff849e20f6
[  512.909016][T10040] RDX: ffff888023af8000 RSI: ffffffff849e2100 RDI: 0000000000000007
[  512.911501][T10040] RBP: ffffc900063f7bd0 R08: 0000000000000007 R09: 0000000000000000
[  512.914151][T10040] R10: fffffffffffffffe R11: 0000000000000000 R12: ffff888025de6000
[  512.917297][T10040] R13: dffffc0000000000 R14: fffffffffffffffe R15: ffff888025de6040
[  512.920160][T10040] FS:  0000000000000000(0000) GS:ffff8880977fc000(0000) knlGS:0000000000000000
[  512.923260][T10040] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  512.926042][T10040] CR2: 00007f3f15dacd60 CR3: 000000002af4b000 CR4: 0000000000352ef0
[  512.929715][T10040] Call Trace:
[  512.931223][T10040]  <TASK>
[  512.932556][T10040]  ? __pfx_io_ring_exit_work+0x10/0x10
[  512.935373][T10040]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  512.938695][T10040]  ? debug_object_deactivate+0x1ec/0x3a0
[  512.941078][T10040]  ? rcu_is_watching+0x12/0xc0
[  512.943140][T10040]  process_one_work+0x9ba/0x1b20
[  512.945301][T10040]  ? __pfx_process_one_work+0x10/0x10
[  512.947699][T10040]  ? assign_work+0x1a0/0x250
[  512.949731][T10040]  worker_thread+0x6c8/0xf10
[  512.951753][T10040]  ? __kthread_parkme+0x19e/0x250
[  512.953966][T10040]  ? __pfx_worker_thread+0x10/0x10
[  512.956428][T10040]  kthread+0x3c5/0x780
[  512.958261][T10040]  ? __pfx_kthread+0x10/0x10
[  512.960260][T10040]  ? rcu_is_watching+0x12/0xc0
[  512.962463][T10040]  ? __pfx_kthread+0x10/0x10
[  512.964512][T10040]  ret_from_fork+0x983/0xb10
[  512.966745][T10040]  ? __pfx_ret_from_fork+0x10/0x10
[  512.969210][T10040]  ? __switch_to+0x7af/0x10d0
[  512.971516][T10040]  ? __pfx_kthread+0x10/0x10
[  512.973690][T10040]  ret_from_fork_asm+0x1a/0x30
[  512.975980][T10040]  </TASK>
[  512.977379][T10040] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  512.980590][T10040] CPU: 1 UID: 0 PID: 10040 Comm: kworker/u32:19 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  512.985382][T10040] Tainted: [L]=SOFTLOCKUP
[  512.987264][T10040] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  512.992316][T10040] Workqueue: iou_exit io_ring_exit_work
[  512.994811][T10040] Call Trace:
[  512.996272][T10040]  <TASK>
[  512.997608][T10040]  dump_stack_lvl+0x3d/0x1f0
[  512.999632][T10040]  vpanic+0x640/0x6f0
[  513.001398][T10040]  ? io_ring_exit_work+0x3b1/0x1130
[  513.003680][T10040]  panic+0xca/0xd0
[  513.005347][T10040]  ? __pfx_panic+0x10/0x10
[  513.007300][T10040]  ? check_panic_on_warn+0x1f/0xb0
[  513.009608][T10040]  check_panic_on_warn+0xab/0xb0
[  513.011802][T10040]  __warn+0x108/0x3c0
[  513.013591][T10040]  __report_bug+0x2a0/0x520
[  513.015829][T10040]  ? io_ring_exit_work+0x3b1/0x1130
[  513.018144][T10040]  ? __pfx___report_bug+0x10/0x10
[  513.020353][T10040]  ? rcu_is_watching+0x12/0xc0
[  513.022481][T10040]  ? trace_contention_end+0xdd/0x110
[  513.024825][T10040]  ? __mutex_lock+0x27b/0x1ca0
[  513.027082][T10040]  ? find_held_lock+0x2b/0x80
[  513.029294][T10040]  ? io_ring_exit_work+0x366/0x1130
[  513.031741][T10040]  ? io_ring_exit_work+0x3b1/0x1130
[  513.034062][T10040]  report_bug+0xb2/0x220
[  513.035917][T10040]  ? io_ring_exit_work+0x3b1/0x1130
[  513.038215][T10040]  handle_bug+0x127/0x260
[  513.040125][T10040]  exc_invalid_op+0x17/0x50
[  513.042140][T10040]  asm_exc_invalid_op+0x1a/0x20
[  513.044459][T10040] RIP: 0010:io_ring_exit_work+0x3b1/0x1130
[  513.047333][T10040] Code: 0f 85 65 0b 00 00 48 8b 05 9c f1 62 09 4c 8b 74 24 68 31 ff 49 29 c6 4c 89 f6 e8 7a 32 20 fd 4d 85 f6 79 12 e8 a0 37 20 fd 90 <0f> 0b 90 48 c7 44 24 60 70 17 00 00 e8 8e 37 20 fd 48 8b 74 24 60
[  513.055746][T10040] RSP: 0000:ffffc900063f7a10 EFLAGS: 00010293
[  513.058485][T10040] RAX: 0000000000000000 RBX: ffff888025de66d0 RCX: ffffffff849e20f6
[  513.061948][T10040] RDX: ffff888023af8000 RSI: ffffffff849e2100 RDI: 0000000000000007
[  513.065448][T10040] RBP: ffffc900063f7bd0 R08: 0000000000000007 R09: 0000000000000000
[  513.068926][T10040] R10: fffffffffffffffe R11: 0000000000000000 R12: ffff888025de6000
[  513.072460][T10040] R13: dffffc0000000000 R14: fffffffffffffffe R15: ffff888025de6040
[  513.075885][T10040]  ? io_ring_exit_work+0x3a6/0x1130
[  513.078305][T10040]  ? io_ring_exit_work+0x3b0/0x1130
[  513.080618][T10040]  ? __pfx_io_ring_exit_work+0x10/0x10
[  513.083012][T10040]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  513.085636][T10040]  ? debug_object_deactivate+0x1ec/0x3a0
[  513.088233][T10040]  ? rcu_is_watching+0x12/0xc0
[  513.090371][T10040]  process_one_work+0x9ba/0x1b20
[  513.092561][T10040]  ? __pfx_process_one_work+0x10/0x10
[  513.094919][T10040]  ? assign_work+0x1a0/0x250
[  513.097137][T10040]  worker_thread+0x6c8/0xf10
[  513.099401][T10040]  ? __kthread_parkme+0x19e/0x250
[  513.101627][T10040]  ? __pfx_worker_thread+0x10/0x10
[  513.103885][T10040]  kthread+0x3c5/0x780
[  513.105731][T10040]  ? __pfx_kthread+0x10/0x10
[  513.107769][T10040]  ? rcu_is_watching+0x12/0xc0
[  513.109915][T10040]  ? __pfx_kthread+0x10/0x10
[  513.111926][T10040]  ret_from_fork+0x983/0xb10
[  513.113981][T10040]  ? __pfx_ret_from_fork+0x10/0x10
[  513.116288][T10040]  ? __switch_to+0x7af/0x10d0
[  513.118367][T10040]  ? __pfx_kthread+0x10/0x10
[  513.120404][T10040]  ret_from_fork_asm+0x1a/0x30
[  513.122478][T10040]  </TASK>
[  513.124509][T10040] Kernel Offset: disabled
[  513.125916][T10040] Rebooting in 86400 seconds..