last executing test programs:

7m28.516919382s ago: executing program 3 (id=4):
socket$l2tp6(0xa, 0x2, 0x73)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
userfaultfd(0x80001)
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
pselect6(0x40, &(0x7f0000000240)={0x4, 0x1ce, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x5, 0xffffffffffffffff, 0x9, 0x0, 0x1, 0x1000000080000006}, 0x0, 0x0)

7m27.549665587s ago: executing program 3 (id=10):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000200)='./bus\x00', 0x201c08c, &(0x7f0000001180)=ANY=[], 0x25, 0x352, &(0x7f0000000c80)="$eJzs3T9sG2UUAPDnnhOnESUekCqYDBsSqtogBphSVUWqyABFFv8WIjWFEhukWFgKQxwvoIoJxIIEE1sHGDsjBoTYGFgpEiogFrpVasQh5872OXaoMzi06u83RE/v+959z+dL7hIlX97sxMalubh869bNWFgoRXnl3ErcLkU1jkUSmZ2Y6OP5yXkA4B53O03j7zRz99mfLvYj934AuH/t3f/fOjFMVA5RfPWhWbQEAMzYlN//vzgx+97M2gIAZmjs/v/EyPC+H/OXB78TAADcv15+7fUXzq5GXKzVFiKaH7Xr7Xo8Nxw/ezmuRCPW43QsxW5E9qCQPS30Pj5/YfX86VrP79Wo9yra9Yhmp13vPSmkSxFxpdw/WDWvTwf1Sa/+zF59LSJ2OnvrR7PUrs/FYr7+L4uxHsuxFI+M1UdcWD2/XMsPUG/26zsR3Vjor9vr/1QsxU/Dx5li/9tnarVz6epIfftaJS4d4fsAAAAAAAAAAAAAAAAAAAAAAMCD5VRtoDrY/yZtdtofXtw/oTqyP049G873B+pm+wOllf7uPFeT/fsDje7P066X49j/+soBAAAAAAAAAAAAAAAAAADg3tHamo+1RmN9s7X1wUYx6BQy7/7w9XfHYz4ieplyXvpOMqyKPDlynP7EwpGTGCyRDsrTJJtTyudnk5OI/uSdtWvXBx0Xl6gMXsVo83lQGRsqlQdLnHj8ty8mVf3TC3b2MkmMnZbRoN9xYaj5cC+xEBG7B1UdHCzfZc6NNE0PKt/+fLwqShHlOHQbUwTf33z70adbJ5/Zy3ybb/rw5FNLr9z47Ks/N9Ya0c3OTKMxv9naTac4cq/XxvqxGB1KCtdPKT/PpQlXwuSgO8x0N1tba8nPf7362Cc/7pucTL5+0mLm/YPX+mZ/Zj4LShHV/kn4r1bnYtoz/8ad4ifIId+4k1+urF3f/vWPaasKXyRs1AEAAAAAAAAAAAAAAAAAAEei8Lfih/DsS7PrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACO3vD//xeC7lhmmuBOJ8aHKuubrQMXP36kLxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAfYvwEAAP//jXFraQ==")
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x214802, &(0x7f0000000980)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}, {@bh}, {@init_itable}]}, 0xff, 0x551, &(0x7f0000000cc0)="$eJzs3d9vU1UcAPDv7Tp+KyMhJPpgFnkQg3Rs8wcmPuCjUSKJvmOzXRaylpK1I2ySCA/y4oshJsZIYvwDfPeR+A/4V5AoCTFk0Qdfam53ywprt9EVNuznk9xyzj23nHt67vdwbs8lDWBojWcvhYhXIuLbJOJwR1kx8sLx1eNWHl6fybYkms3P/koiyfe1j0/yPw+2M8WI376OOFl4rMqx7KW+tDxfrlTShXznRKN6ZaK+tHzqUrU8l86ll6emp8+8Mz31/nvvDqytb57/54dP73505pvjK9//cv/I7STOxqG8rLMd23CjMzMe4/lnMhpnnzhwcgCV7SbJTp8AfRnJ43w0sjHgcIzkUQ/8/30VEU1gSCXiH4ZUex7Qvrcf0H3wC+PBh6s3QOvbX1z9biT2te6NDqwkj90ZJe0vMrYpq+PXP+/czrYY3PcQAJu6cTMiTheL68e/JB//+nd6C8c8WYfxD56fu9n8561u85/Co/lPdJn/HOwSu/3YPP4L9wdQTU/Z/O+DrvPffNFqLMZG8txLrexocvFSJc3Gtpcj4kSM7s3yG63nnFm51+xV1jn/y7as/vZcMD+P+8W9j79nttwob6/Vax7cjHi16/w3edT/SZf+zz6P81us41h657VeZZu3/9lq/hzxRtf+X1vRSjZen5xoXQ8T7ativb9vHfu9V/073f6s/w9s3P6xpHO9tv70dfy079+0V1m/1/+e5PNWek++71q50ViYjNiTfLJ+/9Tae9v59vFZ+08c33j863b974+IL7bY/ltHb/U8dFv9P4BF16z9s0/V/0+fuPfxlz/23/6s/99upU7ke7Yy/m31BLfz2QEAAAAAAMBuU4iIQ5EUSo/ShUKptPp8x9E4UKjU6o2TF2uvR6us9fxDob3SfbjjeYjJ/HnYdn7qifx0RByJiO9G9rfypZlaZXanGw8AAAAAAAAAAAAAAAAAAAC7xMEe//8/88fITp8d8Mz5yW8YXpvG/yB+6QnYlfz7D8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8wvMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAADNT5c+eyrbny8PpMlp+9urQ4X7t6ajatz5eqizOlmdrCldJcrTZXSUsztepmf1+lVrsyORWL1yYaab0xUV9avlCtLV5uXLhULc+lF9LR59IqAAAAAAAAAAAAAAAAAAAAeLHUl5bny5VKuiAh0VeiuDtOQ2LAiZ0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//7VBN58=")
open(0x0, 0x109042, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x400141042, 0x2a)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
fallocate(r0, 0x0, 0xc, 0x10001)

7m26.158195988s ago: executing program 3 (id=14):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r0=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r2, r0, 0x25, 0x0, @void}, 0x10)
add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
socket(0xc, 0x803, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x10, &(0x7f0000000600)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r4, 0xfffff000, 0xe, 0x0, &(0x7f0000001700)="61df7100c80400d5721ff59fe864", 0x0, 0x0, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x4c)

7m24.797340827s ago: executing program 3 (id=23):
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x4004000)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
close_range(r4, 0xffffffffffffffff, 0x2)
io_uring_setup(0x323, &(0x7f0000000580)={0x0, 0xddf7, 0x2, 0xfffffffe, 0x182})
unshare(0x22020600)

7m24.540308342s ago: executing program 32 (id=23):
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x4004000)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
close_range(r4, 0xffffffffffffffff, 0x2)
io_uring_setup(0x323, &(0x7f0000000580)={0x0, 0xddf7, 0x2, 0xfffffffe, 0x182})
unshare(0x22020600)

7m19.535738772s ago: executing program 1 (id=41):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000980)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000025000f001fffffffbd0301000000000095002008000000006916700000000000bf6700000000000017060000b964b01a4606feff0020000037060000d3551b84bf150000000000000f5700000000000065070000020000002c030000000000001f75000000000000bf54000000000000070000000400f9ffad430100000000007c400000000000000500000000000000950000000000000032ed3c53e95e5db67754bb12dc8c4ed68ecfd00000000000000030e3c7bdd2d17f2f09000000000000005d7095f9ce000078af6d71d79a5e12814cb1d8a5d4601d295c45a69eb9bdb7dd390700000500000000f16d0a3e127bee45a0100000fe9de56c9d8a814261bdb94a0500000084c6c60bef0d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cac3e1d5af65727546e7c955ccefa1f6ab689ffffff7f63ede202fa4e0a2127b8b83c71a51445dc8da39eb8f512036a5ba6d04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e4c16dfecc8158f0200000000c8fb735fd552bdc268694aeb0743e326c819b6cf5c8ac86f8a297dff0445a13d0045fb3cda30a673a6bb55d8c85f21dce431e56723888fb126a163f16fb2ad9bc1172b84b3ebe174aba210d739a018f9bbec63222d20cecac4d03723f1d932b3a6158446c02bcef3e4acbb400001e3738270b315d362ed834f2af97792f69b649a462e7ee4bcf8b07a10311145eac1f2ede14308d582685e1bece9f35154bcb4000000000000000000000000000000bc3af2b170ad3e2b268f4ddc211bc3ccf0bd9d42ca019dd5d022cf74686e9fbe2562979eaed8400200aab43176e65ec1118d46d1e827f3472f4441401d2ddc1cbf60ab3a123da773af2245d753887a5ad103649afa1769080584f800231e03a651bb04000000ab04871bc47287cd31cc43ea0ffb567b40407d000000000000000000000000007f37d83f84e98a523d80bd56a57fa82b82f639601ae899a559944cb9be2a29ab028acfc1cb26a0f6a5480a55d6a0c544ba0dc828c22fe3000072c6000000437d57fcf8295f63a70837f5cd4e5e77b7f2d851d27fd4de6eabb43e0799dc8d9fb7dc6c523ffbd74a6a40e4acb1ac693a27051f2ab779b8dbe800aeeda0426c7e7c0032028c955735557df78628a59d56f4400a83b29b6ddb55117669d9598c0f3598073f3a922a76beceff7e4fbfea5011db9020823b83abe54346c7af0a99fa077ffe70cac8b9e44023a1749eb1d0d572b7756e0d0fcd74035c7a1eb6eb4e1c8ef2629f5ecff4626746d6ea4a2215c3b9ee1dbb43f40256b5abcaaa8c27b25def02dbc05823e98a255e92c3c4f79bfcd0d91741380000cfeb73dec68ed56b1d3dfdf0cb8b71ad790000000d0500000000000000000000dd434a25e95d0ec29d3adaccf8400880031ecdfdb4dfbe440104be099ece7e4009c76c716d906fbc3c9b412e0478cfee4485f423c63f49db5a583c92eeeb647cebd4d7a93a17bcbb6bae5ff876375d4f18ca372104772a3a35ecedd97fc191d8f64d2b1d60c6d12911aada66c26aa4802c3514c3d92ec9f9f3262cb13f4a2575fbe943a6c40000000000000000000000000000000026b80c3899543223a6079ee96198b9a326da3be3098af415ca284b7467103c65a0867032f04384129cdc79b3978bc800990e8e29af8d763ef9b1f31befcad2ce5394601c7c4f5975e8bd07d8dcce3c7bebdc233ba3d45dc60f2f54393895650f154dcf83b84e16a29c743544a6091ec93e0d2fd5b4dc42913e1ba32277d5f4bb2142b46be48b41c717858cfefd4946bf19e617d51f964727bfd5cc5ba15370f6e1b39f1541eded0b15e4316a1e4623272beb249a0928c417720be14c898f397411c88a7bcf3df46ab3efe7cd5e160c2afd3cc945f75011a102d95ac7ad17a507000000c334ea35bae71e76e160cc2260bd028162917807ce89e11b5f261052ee0dde1800a2dc02af2b7bcf6f8af68249ce5370e593d9eafbefdb91fbdff9ee3307d4a1837963b2dc3f3698d90e7915b098f19392e792f05675f252f4e948184001b6494e906925a092483adc7e9c8f7a29d226943c100a92ae7f00619c36bceb9fb6dd7e55487d8485e498fdfc377fd3d266d21d46ab2f6b2ce22cd0aebba9b0ffbfe8ec3143c3734967c90b16ebbeeae1ce2baa0905aed6bf0f40c8a323f9235dc99698bd0b800067a901a79daada03cc77e7ad741e4feb0e37f0c85d13a33250d78cfa7daf529c5bea49cad7c3433e322d8dbdfc85ae7b5b544aacd5ae276cffe935d559bea88e1aa36b4e6c19e78457904297e77370e013b705a94548d47c609a93c45f4d7d24b20166d7f510f80d13138216e03995da047ccef9de49a90ced031235e3219ebd9d06c257a50497ec523364a42e2e81fc068fcbb9792b673893ff2c1e27ced4b77b0300fbf46a19600b802cba88b7d0a938d9e0e6cfe5d66b874cd004179e5b6025c0e1050fae1f70437ee7cbaa9ab2f8c06a551236278c474914c7cf8406f95351704fc428806c23d16847bde483d98321d7648496e065f120ed7ffc11c29a1145c09b5e48ccbdb66dfe4188952868da9c0ad91463ec7670bec7772deb4e2b56f411f586dd4285146d1a0686975c89d7caa234be3c6aee7697860385f99a4a918fe6efa78e3227d54fe9c9fde78e16db810abb601e15a231f9510c7607204ad685177659b844efeb1d448b692444375c49e2b482b32470fc2e15511bb71cffa87b8c7179f56366666b57a3e1e226a481b6db11367685750cdec47e3c76f84788dbe28aa4a39a196bde8aa2de215d49c552c70000000000000000dbb68e58b4c96972b8e9e06dde8762bf753ec8545cb623afdaa1e52fec9f21ee2454cb653ebc7577a56204c1f942a944e650c1d1820b7fac005ed19bf0d96c3d946478b31af45aeb262ab41cd9eacbad70fbeaa97f1aa9669fd3e25060281aede1e75795eeee3b6abd08ca490c2ce0531ed667898403ff2bb4f074352da58a3d649057fcdad446222212ef5dc67c8852953c9ebbd2b3807c9361046a375ecd599f6653ce8df9bc7e177e88b1f171df357cf5256041a620ca68b035ccd784f97930a1f363bfd224e9cd1263ff16e6d513c9d7c67158ec5502c17266cea90306808f50a87fb2aaa1b1954bfa3ba8a6df6fbe38bd7ad09cecf8ecbaf005e68bb476ed3d8ea0cf21a9da7c11eedf3454556b63fe1133bf415cfc1b459c8bfc54ca3bd54d15ee11971b119a28d34ae8d20350ba647d2ef813515f4614c7e8cb04059d2b79867c07ae780ea3d8c875ee3834d3cf37271e882554782fa58781a715dec10864761389cd8cb32350917d17b03d37ad4c0400000000000000a78bfa6aa624c498fd927ac1da3b0ddab0cabeb7436b52b59ff23a19b487e1bea3f418b6e3d21e6833edd299b39ccbeddb532d6df19246710b01ad6ed06b18fc4ca5e1e72232dfab2a6f606e4fa637bddddf4ab9f093815de2c1193cf5c014005b1854515f815637caca1a2bff030000b56de1b1927d359fc87abf4dcb23f89c4f8dc93b27e411d1d331153aa8692777ab7076efd7c057dff57c248ba01c52f7a182124ae0f623a0b942581faddacd8f18c812cbcd22a938b6b5df6f3cb0eb5d3aaf5acd944650a8fed42eb945293133a4bbc2a7c3ccac0a9055dbbe29b18c87ab4e3b86c3185650da3d9fc9e42228e449f066557462192cba2b2c2a3ad27ef0f719c1e5c99d506d11dca102c408842af65f17f1dd12fd1c35ee264a15fa041b22ca56d91477e8c5a96c7bb5a4db4caa8ac0e61ad8871aa5c3ce5c8a41b53841e1bf67e2bdcf7c3e830549dda33ae785eaff3c33b7c917fbfd747854f87f8a1b084bb91f0d00000000000000000000000000000000c39a4ab1b1f5f9fe629b3f067b64a755e1af70ca2afe9f6a6f3bc859d345064672eb09a4e94f82a820302651a3077313338cfcebb143567c563959f0de0442526c68c3eea5716c6477ba77f32e77aced7ef77fadfb06cd6860bedb7e3feeb169275e6016a17c7e4a9c26942d65a181caae11f5bba4230c11236f0049986c0edcf201305e7a58ea53c97806b929e7d1dfbbe35cf1b9bb7e2352cfbecb6ea18da0fdc5877c4afb9b7659a9853b313d73bf4f8f4ca26f3633f51cb64ca41e0916169867b4608d684fb618d1f3db858d765ca75bc4a75062523ce6c1f9ab1aa1c1b2d04712eafaf279fd3d594a23e9c5ba4b94425ad0e0dfe43330bc96b163b57b96653b1c3a86257e57586be52fd85e981936b1b0027e4de18cf6d7bf47ebe4dc9f3e8be776e3488b704c90b1ff1daec119b70b800a887eed7418bdfd9cfe6a4a1e6be430f321db5c5a56149427766e0c8262ecdd65e3f9ebd2b3eccf56e1fe831ac61b3b48c7ef798842eceb794a90d59c88b9e034d09b9faeb7acde447ed1cf8ff8adf53e14da1e70999b8423a711274849386a98698530fb0b6d517a8a879ca12a72dec308ec8304e5fd80fd11b20c25809a5a6cb168a0d895903e21f12c72a6a533608b7930be480c5f959d93821a9cb863c842db2db3046e80454f7e1169152f9d89a7cb4e2bdfa95661848540dfd983b96e79e84bae030bf1f4702cc51aaf262ec866ed993c15702aeab59c130c014782bca64c3c213d2d52a408db7668ea48ef544de7bb9d3d4b6d89cb3ab86b3e19b1e0534fc22ef4490000000000000000007235b0d11e8c1ef08fd8df205b5dbe5417c2b7556900ed5ef0ea898077ae62d4f7f2c31b1eb1c661c5f6192f7ec0d306fb665b0f3b8f26e01e57fc03b02df26fbdc97895ba9bf45585a39aeef9609d181fe06d50220739c0aac2556d81b1e54591068376f023eb4ba287938ab22ccffd5770eb3f8c7a9b1f72ab2a83ab778d47dc3e91f72dbff307f4ce02c5d4a83cb9a25accd10e08dc81344c1e60bdedaa056fc00e00"], &(0x7f0000000100)='GPL\x00'}, 0x48)

7m18.491453592s ago: executing program 1 (id=44):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x10, 0x78}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)

7m17.531380338s ago: executing program 1 (id=46):
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_setup(0x2225, &(0x7f00000006c0)={0x0, 0x0, 0x2, 0x0, 0xfffffffc}, 0x0, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
epoll_create1(0x80000)
open(&(0x7f00000000c0)='./bus\x00', 0x143fc2, 0x1c0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={r0, 0x0, 0x3})
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)

7m17.467496411s ago: executing program 1 (id=47):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x10}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1000, 0xfffffff7)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x111240, 0xa)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x4028, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
setxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='system.posix_acl_default\x00', &(0x7f0000000000)={{}, {}, [], {}, [], {0x10, 0x5}}, 0x24, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
chdir(&(0x7f0000000240)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)

7m16.79219446s ago: executing program 1 (id=51):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
close(r0)
io_setup(0x7, &(0x7f0000000280))
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$P9_RGETLOCK(r1, &(0x7f0000000040)=ANY=[], 0x200002e6)
fcntl$setpipe(r1, 0x407, 0x7000000)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

7m14.03771543s ago: executing program 1 (id=63):
r0 = socket(0x200000000000011, 0x2, 0xd)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'syz_tun\x00', <r2=>0x0})
bind$packet(r1, &(0x7f0000000080)={0x11, 0x800, r2, 0x1, 0x0, 0x6, @random="518440db9de1"}, 0x14)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r3=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, r3, 0x1, 0x0, 0x6, @multicast}, 0x23)
r4 = socket(0x200000000000011, 0x2, 0xd)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000080)={0x11, 0x800, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4)
syz_emit_ethernet(0xfed0, &(0x7f0000000180)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @multicast, @val={@void, {0x8100, 0x6, 0x1, 0x4}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x2, 0x78, 0x0, 0x2, 0x0, 0x11, 0x0, @multicast1, @empty}, {0x4e20, 0xfffc, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x2, "e5410e86db87a41f716be8e1fa0fe2fb143899778cc5c15c1337404bb397c0fc", "0c17d7b0eb591c2a7eb609eb8d2d9d15", {"28cbbe8b3bc8849d1e6124e7e5913283", "00802000003211817ada1e97297a54f5"}}}}}}}, 0x0)

7m13.543600209s ago: executing program 33 (id=63):
r0 = socket(0x200000000000011, 0x2, 0xd)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'syz_tun\x00', <r2=>0x0})
bind$packet(r1, &(0x7f0000000080)={0x11, 0x800, r2, 0x1, 0x0, 0x6, @random="518440db9de1"}, 0x14)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r3=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, r3, 0x1, 0x0, 0x6, @multicast}, 0x23)
r4 = socket(0x200000000000011, 0x2, 0xd)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000080)={0x11, 0x800, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4)
syz_emit_ethernet(0xfed0, &(0x7f0000000180)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @multicast, @val={@void, {0x8100, 0x6, 0x1, 0x4}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x2, 0x78, 0x0, 0x2, 0x0, 0x11, 0x0, @multicast1, @empty}, {0x4e20, 0xfffc, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x2, "e5410e86db87a41f716be8e1fa0fe2fb143899778cc5c15c1337404bb397c0fc", "0c17d7b0eb591c2a7eb609eb8d2d9d15", {"28cbbe8b3bc8849d1e6124e7e5913283", "00802000003211817ada1e97297a54f5"}}}}}}}, 0x0)

6m24.650874302s ago: executing program 6 (id=310):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000000040)=<r2=>0x0)
recvmsg$unix(r1, &(0x7f00000024c0)={0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f00000023c0)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xd8}, 0x20)
r3 = dup(0xffffffffffffffff)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r3, &(0x7f0000000180)={0x4, 0xffffffffffffffde, 0xfa00, {0xffffffffffffffff, 0x8000004}}, 0x39fab)
timer_settime(r2, 0x0, &(0x7f0000000100)={{}, {0x77359400}}, 0x0)
r4 = fcntl$dupfd(r1, 0x406, r1)
read$FUSE(r4, &(0x7f0000000300)={0x2020}, 0x2020)
recvmmsg$unix(r4, &(0x7f0000005280), 0x400018e, 0x10040, 0x0)

6m13.877379686s ago: executing program 6 (id=357):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x10, &(0x7f00000008c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000000000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x0, 0xe, 0x0, &(0x7f0000000080)="8b2494ebbe67be5cba4cd9e09ac9", 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

6m12.972227448s ago: executing program 6 (id=362):
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc, 0x2], [0x0, 0x4, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000)

6m12.60438685s ago: executing program 6 (id=368):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0xa2)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))

6m11.884610291s ago: executing program 6 (id=373):
syz_usb_connect(0x2, 0x2d, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000004700)={'team0\x00', <r4=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000100)={0x60, r3, 0x405, 0x70bd28, 0x25dfdbfe, {}, [{{0x8, 0x1, r4}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000480}, 0x44084)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000000)={'team0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r6, {}, {}, {0x0, 0x10}}}, 0x7b}, 0x1, 0xf0ffffffffffff, 0x0, 0x4084}, 0x0)

6m9.457529452s ago: executing program 6 (id=384):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x8001, 0xfffffff9, 0x57, 0x1bc4, 0x1, 0x5, 0x5, 0x400, 0x36}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x8, 0x6, 0x2, 0x101}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x24008010}, 0x20000000)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r6, {0xc, 0x7}, {0x0, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x24000010}, 0x4041080)

6m9.296261101s ago: executing program 34 (id=384):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x8001, 0xfffffff9, 0x57, 0x1bc4, 0x1, 0x5, 0x5, 0x400, 0x36}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x8, 0x6, 0x2, 0x101}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x24008010}, 0x20000000)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r6, {0xc, 0x7}, {0x0, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x24000010}, 0x4041080)

2m34.405728521s ago: executing program 7 (id=1293):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8}, 0x48)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0)
r1 = dup(r0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0xa, 0x9, 0x1, 0x2, 0x0, 0x70bd2a, 0x25dfdbfe}, 0x10}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r1, 0x2c93a000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
epoll_pwait2(r1, &(0x7f00000000c0)=[{}, {}, {}, {}], 0x4, &(0x7f0000000100)={0x0, 0x3938700}, &(0x7f0000000140)={[0x4]}, 0x8)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup\x00', 0x0, 0x2)
getdents(r3, 0xfffffffffffffffd, 0x58)
r4 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0xc70, 0xf003, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0xcf, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0xd76d, 0x0, 0x1, {0x22, 0x3}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x8, 0x38, 0x36}}}}}]}}]}}, 0x0)
syz_usb_control_io(r4, 0x0, 0x0)

2m33.276723336s ago: executing program 7 (id=1295):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0100"/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0100000004000708000000800000008800000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x8800, 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)

2m29.627898098s ago: executing program 7 (id=1306):
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, 0x0, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000001400)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x2c, 0xd, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
close(r0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$video(0x0, 0x101, 0xab02)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
recvfrom(r1, 0x0, 0x0, 0x40002062, 0x0, 0x0)

2m28.462787146s ago: executing program 7 (id=1309):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvmmsg$unix(r1, &(0x7f00000043c0)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000002c0)=""/240, 0xf0}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)

2m26.865013319s ago: executing program 7 (id=1328):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0e000000040000000400000003"], 0x50)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x9d)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x16, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0x6, 0x9, 0x0, 0x0, 0xffffffff}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0x50}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0x7c8}, {}, {}, {0x5, 0x0, 0xd, 0x0}, {0x18, 0x2, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x5, 0x1, 0x5, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2m23.800385347s ago: executing program 7 (id=1327):
r0 = socket$inet(0xa, 0x801, 0x84)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000080)=0xfd4badcd6aaa7a73)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001840)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="c7", 0x1}], 0x1, 0x0, 0x0, 0x8054}}], 0x1, 0x4000045)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x1}], 0x1)
r3 = accept4$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000001680)=[{{0x0, 0x0, &(0x7f0000003380)=[{&(0x7f0000000140)=""/120, 0x78}, {&(0x7f0000000040)=""/40, 0x28}, {&(0x7f0000003300)=""/107, 0x6b}], 0x3}}], 0x3fffffffffffed8, 0x2, 0x0)
writev(r3, &(0x7f00000000c0)=[{&(0x7f00000001c0)="1c", 0x1}], 0x1)

2m8.745424853s ago: executing program 35 (id=1327):
r0 = socket$inet(0xa, 0x801, 0x84)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000080)=0xfd4badcd6aaa7a73)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001840)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="c7", 0x1}], 0x1, 0x0, 0x0, 0x8054}}], 0x1, 0x4000045)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x1}], 0x1)
r3 = accept4$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000001680)=[{{0x0, 0x0, &(0x7f0000003380)=[{&(0x7f0000000140)=""/120, 0x78}, {&(0x7f0000000040)=""/40, 0x28}, {&(0x7f0000003300)=""/107, 0x6b}], 0x3}}], 0x3fffffffffffed8, 0x2, 0x0)
writev(r3, &(0x7f00000000c0)=[{&(0x7f00000001c0)="1c", 0x1}], 0x1)

8.0713358s ago: executing program 5 (id=1809):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0xf6081, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
creat(&(0x7f00000000c0)='./file0\x00', 0x112)
mount$nfs4(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='tcp'])

7.194639271s ago: executing program 5 (id=1815):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x44}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newlink={0x44, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x400}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x44}, 0x1, 0x0, 0x0, 0x24000804}, 0x8000)

7.056660529s ago: executing program 4 (id=1816):
prctl$PR_MCE_KILL(0x34, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000044, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@nodioread_nolock}, {@bh}, {@minixdf}, {@data_err_ignore}, {@nouid32}, {@quota}, {@user_xattr}, {@nouid32}, {@dioread_nolock}]}, 0x1, 0x563, &(0x7f0000000a00)="$eJzs3d9rW+UbAPDnpM1+f7/rYAwVkcIunIyla+uPCV5sl6LDgd7P0J6V0XQZTTrWOnC7cDfeyBBEHIj3eu+VDP8B/4qBDoaMohfeVE560nZL02Rd1nTm84GzvW/OSd7z5Jzn7fvmnJAABtZo9k8h4uWI+CqJOBwRSb5uOPKVo6vbLT+6MZUtSaysfPxn0tguqzdfq/m8g3nlpYj49YuIk4XWdmuLS7PlSiWdz+tj9bmrY7XFpVOX58oz6Ux6ZWJy8sxbkxPvvvN2z2J948Lf33507/0zXx5f/uanB0fuJHE2DuXrNsbxDG5urIzGaP6eFOPsExuOr/7XizZ3haTfO8C2DOV5XoysDzgcQ3nWA/99n0fECjCgkg75vyfvKXZqf4Cd0hwHNOf2PZoHvzAenludALXGP7z62Ujsa8yNDiwnj82MsvnuSA/az9r4+Y+7d7Ilevc5BEBHN29FxOnh4db+L8n7v+073cU2T7ah/4Odc+/c6qimNf8La+Of2GT8c3CT3N2OzvlfeNCDZtrKxn/vtYk/NzKU1/7XGPMVk0uXK2nWt/0/Ik5EcW9WH9+ijTPL91fards4/suWrP3mWDDfjwfDex9/znS5Xn6WmDd6eCvilU3Hv8na8U82Of7Z+3GhyzaOpXdfa7euc/zP18oPEa9vevzXr2glW1+fHGucD2PNs6LVX7eP/dau/X7Hnx3/A1vHP5JsvF5be/o2vt/3T9pu3WPxR/fn/57kk0a5+enU9XK9Pj8esSf5sPXxifXnNuvN7bP4Txzfuv9bP/9/WXud/RHxaZfx3z7646v7uom/T8d/+qmO/9MX7n/w2Xft2u+u/3uzUTqRP9JN/9dhv4qx7bMZAAAAAAAAdq9CRByKpFBaKxcKpdLq/R1H40ChUq3VT16qLlyZjsZ3ZUeiWGhe6T684X6I8fx+2GZ94on6ZEQciYivh/Y36qWpamW638EDAAAAAAAAAAAAAAAAAADALnGwzff/M78P9XvvgOfOT37D4OqY/734pSdgV/L3HwaX/IfBJf9hcMl/GFzyHwaX/IfBJf9hcMl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KkL589ny8ryoxtTWX362uLCbPXaqem0NluaW5gqTVXnr5ZmqtWZSlqaqs51er1KtXp1fCIWro/V01p9rLa4dHGuunClfvHyXHkmvZgWdyQqAAAAAAAAAAAAAAAAAAAAeLHUFpdmy5VKOq+gsK3C8O7YDYUeF/rdMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAun8DAAD//0DeL9I=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x50, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
prctl$PR_MCE_KILL(0x21, 0x0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x10, 0xe, &(0x7f0000000400)=ANY=[@ANYBLOB="b702000003460200bfa30000000000001702000000feffff7a0a00fe14ffffff79a4f0ff00000000b7060000ff0800007e640200000000005502faff037202000404000001007d60a6040000001000006a0a58fe39000f00850000003f000000bc600000000000009500000000000000a81bbfa32d51a7d0679fd43041097666ab982de7b0efc5733ed236e4add6de094e0832aaa6912a8b2ce571c4580034fb000000e3a94bd24d2eb3860d808922433e3e0f242a46b3009a54f4077db0d4968a384b0559c7919b893d3b72cd6c832e986440ff0a7e8620cb231ccd00000000000000000000007777e2704653f620b2272c3c7fea60491073847c4b7bbaed91f33fb382d91ae8e18c9b6c9f0322ec5f1c7cc5869ff455896712198c4e2ddf8b86e714229527ca40b24cfd6a1f00e891728807982d90e116bba29bb70900000000000000c63ad2e7402f9cb424ac416e66af9ebbfea905d37cf226312cb81ec8439cea06e7fa5e5b3596301460142f83b464d9e57dfdb06dcf9101000100130033d649d2110cf2e1f4682c24a314447c5e0807f0b1766ebdecbd061772daa52a38539295d3fea7a7e669441e1ff04114dfa904fb43897f8d9c3c287acba716973eadf1bf9cd0a38edc345415c42d3d2dd3339d32a5796cbe8925efd0c81af69a3e97588878d7ce18b68bc37e061d33357d6a39d33c702576cc2a8891663e3776c7a37c5c962e12102f237bbf60c0a3bf07d55b3888418de2b2ad23d25395dd4ccddf247dd2c712e2e2eaf7d432e968122cc5dcaa7ba330963b7093a58a02dba114f75e1ffd5c2912b506bfb93122fc776aadec51a367658100000000000000b148a90000000000a2a283801ff218538cb12c72b56ffb6b7a062581ec749f5700000000009f1f5ab2e02739ccd50523d3360300005cbeaf95c7d797d6e094c4a3aee025bf43cebde7e7cdbae9b1698e19eb0e6d5244c1ffb0e97628a88a5e37032f1e8f6c893e514f2b3e1028cd404a1d8fe6569da0385e65e4d523166c4213abb8dae5b1409317f29572e788af92aedb0287f2816e301fc8a24dba6fca8b270d44fe65e7bd90a5fc16387bcb5e3df18d7d2a33c72cfda827b8926a6dc6bc19ce398cb8fe48b11b7f93e6fdfb040283c9627bd40909ee4307c4197b15797af17845fbc02846d2f8543f65594cb535a9598eb067b21111dbaa58b19a52f3f12880128d08eb477ad349ca214bc7f80000000000ffb52da89cff41552996e20a585c7d265bd749eeba040fa7111c84142757709d7c475fac2839beb833327db41c6b647c7ee9ad419a6c68dd5c2ce4fa23c280518fc6e54d1b055cae5492e8c4cdd314a49631a15de2bffc920dd74e670794acec7a9da17d809bf956f1af51cf3c0711792d3071dfdaec3c66053cdb00028f6fba8da8f53de39a5999e56fc26ae866674627c8a53d3fd245050060ed40782d1d98bf1e1f5dfd4d1fb399624c12732e300818b222ce029ce01055f941721226e3e5f05d2837240f8f6831b6ef2a02ec64aae1eea9cfac06d8b7042e8ebdc6cb0d4a140e1e631d06afc99d397c5b67b290344e347c953806b298f288884335f624378b3748a4a86bbd0a62127b2c28ce3737661b98bd45965b537ece7bd4e365ffd5567df4d02034c8d488a49c6fb1a0a02eaab2f271d3a14e44211e4ff602d146f72355972860bdd14719d65301964d022819b75696ce47534c9d989d69a445095ff8fbebd2c84635acc333f2aca4623cfe9f9e6c3f9fbb4374c08e1be5eec12c329a87d335fd7a52a4e4e7c2e57fa2f0df9500347b300f84230783cb665f3fa44f5d6fa987aa93c2619ef4977f9e4d38adec323778f3bc987533ffd85fe5417398a3001b394fccbd2faee83b5e2b8a2dd18cf067b619a82c4706531b3ef336a84e825c63b9bc7b98b4ad6a471692224adef86f4c9930169dfa133e22929d5a27e10bfb"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x3}, 0x8}, 0x94)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, 0x0)

6.478322103s ago: executing program 4 (id=1818):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000022c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1, 0x24, &(0x7f00000002c0)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x14}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0xa, 0x0, 0x2, 0xd55}, {0x3, 0x0, 0x3, 0xa, 0x9, 0xfff8}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r3}, {0x6, 0x0, 0xb, 0x9, 0x0, 0x3}, {0x46, 0x8, 0xfff0, 0x76}}, @printk={@lu, {0x3, 0x3, 0x3, 0x4, 0x9}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffe}}], {{0x7, 0x1, 0x7, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

6.454382254s ago: executing program 0 (id=1828):
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, <r0=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0xfffc}, 0x4000800)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000940)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r0}}, 0x24}}, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket(0x400000000010, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001a0000000c00018008000100", @ANYRES32=r4], 0x20}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)

6.436216366s ago: executing program 5 (id=1820):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
fcntl$dupfd(r1, 0x0, r1)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0xc, &(0x7f0000000480)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
r4 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r4, &(0x7f00000017c0)=[{{&(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000180)="e1", 0x1}], 0x1}}, {{&(0x7f0000000080)={0x2, 0x0, @private=0xa010102}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000100)="a7", 0x1}], 0x1}}, {{&(0x7f0000000400)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x30}}, 0x10, &(0x7f0000000b40)=[{&(0x7f0000000500)="b5", 0x1}], 0x1}}], 0x3, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f0000000340)={0x2, 0xfff, 0x1, 0x2, 0x100, 0x80, 0x8000, 0x7, r3}, 0x20)
write(0xffffffffffffffff, &(0x7f0000000040), 0x0)

6.169526251s ago: executing program 0 (id=1821):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setresuid(0x0, 0x0, 0x0)
add_key(&(0x7f00000003c0)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f0000000380)='i', 0x1, 0xfffffffffffffffe)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)

5.247822524s ago: executing program 4 (id=1823):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000026c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x10}]}}}]}]}], {0x14}}, 0x78}, 0x1, 0x0, 0x0, 0x4040050}, 0x8044)
r4 = accept(r1, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0x2400c840}, 0x0)
connect$unix(r4, &(0x7f0000000140)=@file={0x0, './file0\x00'}, 0x6e)

5.188016748s ago: executing program 5 (id=1824):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x2000c015}, 0x2404c8c0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xe, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sk_skb=0x5, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x2, 0x200008, 0x8, 0x1ffff}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r0], 0x4c}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x0, 0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r2, 0x40082102, &(0x7f00000002c0))
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
socket(0x10, 0x803, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f08000000480100100000000019002b000a0001000500000000000072080003000500000000", 0x39}], 0x1)

4.397747034s ago: executing program 5 (id=1825):
socket$nl_route(0x10, 0x3, 0x0)
io_uring_register$IORING_REGISTER_FILES2(0xffffffffffffffff, 0xd, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x80803, 0x83)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@private1, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xae}, {0x4}, {}, 0x0, 0x0, 0x1}, {{@in6=@mcast2, 0x0, 0x32}, 0x0, @in=@multicast1, 0x4000, 0x0, 0x0, 0x0, 0x9}}, 0xe8)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_buf(r1, 0x0, 0x8008000000010, &(0x7f0000005e40)="17000000020001000003d68c5ee17688a2003208020300ecff3f0200000300000a000000009afc5ad9485bbb6a880000d6c8db0000dba67e060180000a0000f10607bdff59100ac45761407a681f009cee4a5acb3da400001fb700674f19b44e09f9315033bf79ac2dff060115003901000000000000ea000000000000000009ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf", 0xab)
semget$private(0x0, 0x4000000009, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
pread64(r2, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000020900010073797a30000000004c000000090a0104000000000000dc6a58ed000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d08000640ffffff00080003400000000c2c0000000b0a01020000000000000000070000000900020073797a30000000000900010073797a30"], 0xc0}}, 0x0)

4.303480009s ago: executing program 4 (id=1827):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000004c0), 0x14000, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/vmstat\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f00000034c0)={0x2020, 0x0, 0x0, 0x0, <r4=>0x0}, 0xffffff05)
chown(&(0x7f0000000000)='./file0\x00', 0x0, r4)
setregid(r4, r4)
capset(&(0x7f0000000340)={0x20080522}, &(0x7f0000000380)={0x2, 0x2, 0x6ac, 0x1, 0x80000001, 0x1})
chown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

4.30303732s ago: executing program 0 (id=1829):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xffffffffffffff5b, 0xb67387bf2abb21f7}, {0x0, [0x0]}}, &(0x7f0000001f80)=""/226, 0x18, 0xff80, 0x2}, 0x20)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000001000/0x3000)=nil, 0x30000, 0x0, 0x11, r1, 0x0)
mremap(&(0x7f0000006000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f0000c00000/0x400000)=nil)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x19)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r2, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000280)=@base={0xa, 0x16, 0xb3, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_GET(r3, &(0x7f00000041c0)={0x0, 0x0, &(0x7f0000004180)={&(0x7f0000004140)={0x10, 0x3e8, 0x800, 0x70bd27, 0x25dfdbfb}, 0x10}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

4.30258695s ago: executing program 8 (id=1830):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_buf(r3, 0x6, 0x21, 0x0, &(0x7f0000000580))
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
request_key(&(0x7f0000000340)='user\x00', &(0x7f0000000380)={'syz', 0x3}, &(0x7f00000003c0)='q\xa9', 0x0)

4.201375035s ago: executing program 0 (id=1831):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), 0xffffffffffffffff)
r3 = socket$l2tp6(0xa, 0x2, 0x73)
r4 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r4, &(0x7f0000000040)={'#! ', '', [{0x20, '\xd9m\xf4\f00\xf4\xfa\t\t'}]}, 0xf)
close(r4)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x3c, r2, 0x923, 0x0, 0x0, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_FD={0x8, 0x17, @l2tp6=r3}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}]}, 0x3c}}, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000000c0)={'batadv_slave_1\x00', &(0x7f0000000040)=@ethtool_pauseparam={0x13, 0xfffffffd, 0xf5, 0xb0b}})
ioctl$SIOCX25SDTEFACILITIES(r0, 0x89eb, &(0x7f0000000000)={0x9, 0x9, 0x4, 0x6, 0x7, 0x3, 0xc, "ffbfd3928fb53131be033908979a61179f97309e", "9453715b3e75f01018f816a3ebc9322aaa532ac5"})

4.193337005s ago: executing program 5 (id=1832):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x0, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x258, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)

2.877725543s ago: executing program 8 (id=1833):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r4, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @private=0xa010102}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)

2.782348218s ago: executing program 0 (id=1834):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
socket$igmp6(0xa, 0x3, 0x2)
r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0xffffffff, 0xffdffffe}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0x47f4, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r5=>0xffffffffffffffff}, 0x80000)
creat(&(0x7f00000001c0)='./file0\x00', 0x102)
mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x94, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000980))
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000ec0000850000000500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0xfca804a0, 0x10, 0x10, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

2.657052495s ago: executing program 2 (id=1836):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000001c0)={'ipvlan1\x00', 0x400})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000780)={'pim6reg0\x00', 0x400})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000280)={'ipvlan1\x00', 0x400})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
ioctl$SIOCSIFHWADDR(r3, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})

2.656363175s ago: executing program 2 (id=1837):
setreuid(0x0, 0xee00)
chdir(0x0)
r0 = open(0x0, 0x1431c2, 0x0)
pwrite64(r0, 0x0, 0x0, 0x600000fff)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000"], 0x48)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000000c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xeb0}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@orlov}, {@nombcache}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@noquota}]}, 0x1, 0x440, &(0x7f0000000780)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0x8004587d, 0x0)
r1 = syz_io_uring_setup(0x2558, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)

2.601834319s ago: executing program 4 (id=1838):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0xfffffff8, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x4000)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000600)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdc01, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4044060}, 0x4890)
r4 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r4, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756", 0xe, 0x40, &(0x7f00000001c0)={0x11, 0x88a8, r3, 0x1, 0xd8, 0x6, @multicast}, 0x14)
bpf$MAP_CREATE(0x0, 0x0, 0x50)

2.594327269s ago: executing program 2 (id=1839):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$inet6(0xa, 0x3, 0x7)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x10, 0x701, 0x0, 0xffffffff, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x14\x00'}]}, 0x1c}}, 0x20008080)

1.87893504s ago: executing program 8 (id=1840):
syz_open_dev$loop(&(0x7f00000000c0), 0x4, 0x28801)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x44, r2, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x4081}, 0x240c4880)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r5 = socket$kcm(0x10, 0x3, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)

1.110399805s ago: executing program 2 (id=1841):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setresuid(0x0, 0x0, 0x0)
add_key(&(0x7f00000003c0)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f0000000380)='i', 0x1, 0xfffffffffffffffe)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)

1.110234865s ago: executing program 4 (id=1842):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x6)
r3 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r3, &(0x7f0000000480)={0xa, 0xfffe, 0x3, @mcast1, 0x5}, 0x1c)
r4 = dup2(r3, r3)
sendmmsg$unix(r4, &(0x7f0000008380), 0x400000000000174, 0x4008890)

1.109369205s ago: executing program 0 (id=1851):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file1\x00', 0x4000, &(0x7f0000000480), 0x1, 0x3d0, &(0x7f00000004c0)="$eJzs3M1uG0UcAPD/br5I+mEjcUCFgyUQBAFxHQhQhEThyscFeAArSUuF21SNkWjJoSBOnDggbhz6Ahx4gKpCSEi8Ai+AKlUozQFuQWvvOm4cp7Fix2r6+0mjndkdZ/bv3axm1rsTwGOrEhHnI2IiIhYjopSvT/MUN9spq3d/c2N5a3NjOYnt7U/+SSLJ1xV/K8mXJ/LCfBqRfhfxzM3edtev3/ii3misXsvL1eblq9X16zdevXS5fnH14uqV2pvnarWlxbdqrw8t1p+ef+ncxPvnz/z8V+nO0vT0bLa/J/Nt3XEMSyUqne9kt6VhNzZm0+PeAQAADiTN+/6Trf5/KSZaubZSVDfGunMAAADAUGy/my8BAACAYywx9gcAAIBjrngO4P7mxnKRxvg4wpG7915ElHfebd7qxD8ZT+R1pkb4fmslIq6+kJSyFCN6DxkAoNudrP9zdq/+XxpPd9WbiWj1h2aH3H5lV7m3/5PeHXKTD8j6f+9ExFZP/y8tqpQn8tKpVldxKrlwqbF6NiJOR8R8TM1k5do+bXzw7y8f99uWxf97cup0kbL2s+VOjfTu5MyDn1mpN+uHibnbvW8izkzuFX/S6f8mETF3iDYmvr71dr9tD49/tLZvRby45/Hfmbkn2X9+omrrfKgWZ0Wv/7799aN+7Y87/uz4z+0ffznpnq9pffA2bn/+57P9tnWPfwY5/6eTT1v5Ylz2Vb3ZvFaLmE4+7F2/uPPZolzUz+Kff27v///i+pfkc1qdzK8Bg/r+h99eOUj8WcraL8aCRyGLf2Wg4z945o3bf3zWr/2Hx58d//YcYPP5moNc/w66g4f57gAAAOBRkbbuayTpQiefpgsL7fsdT8Vc2lhbb758Ye3LKyvt+x/lmEqLO12lrvuhtfbP6J3y4q7yaxHxZET8WJptlReW1xor4w4eAAAAHhMn+oz/M38f2VMIAAAAwMiVx70DAAAAwMgZ/wMAAMCxdph5/WRkZI5rZtxXJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfb/wEAAP//Wt22ag==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r3, 0x0, 0x482, &(0x7f0000001640)=""/139, &(0x7f0000000100)=0x8)

1.100234736s ago: executing program 8 (id=1843):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x49, &(0x7f0000000540)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0xffff}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x3, 0x7, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x3, 0xad1e, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x4, 0x8, 0x1, 0x9, 0x5, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000580)=@newqdisc={0x24, 0x29, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r7, {0xffff}, {0xffff, 0xffff}, {0x2, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x88dc}, 0x0)
socket$igmp(0x2, 0x3, 0x2)

1.062987708s ago: executing program 8 (id=1844):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pipe2$9p(0x0, 0x800)
write$P9_RXATTRWALK(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r1 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$read(0xb, r1, 0x0, 0x0)

530.784279ms ago: executing program 2 (id=1845):
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0xf8, 0x7fff0010}]})
r0 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$fuse(0x0, &(0x7f0000000440)='./file0\x00', 0x2040483, 0x0, 0x1, 0x0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000180)={0x50, 0x0, r2, {0x7, 0x29, 0x1000, 0xffffffff85000014, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800}}, 0x50)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x4b)
syz_fuse_handle_req(r1, &(0x7f00000042c0)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300", 0x2000, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r1, &(0x7f00000067c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00", 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="780000000000000002000000000000040000000000000000000000000000000004"], 0x0, 0x0, 0x0, 0x0})
getdents(r3, &(0x7f0000000700)=""/90, 0x20000)

309.727832ms ago: executing program 2 (id=1846):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x20, &(0x7f0000001140)=[@in={0x2, 0x4e24, @loopback}, @in={0x2, 0x4e21, @multicast1}]}, &(0x7f0000000180)=0x10)
getsockopt$bt_hci(r3, 0x84, 0x6d, &(0x7f0000000000)=""/4102, &(0x7f0000001040)=0x1006)

0s ago: executing program 8 (id=1847):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r4}, &(0x7f0000000280), &(0x7f0000000240)=r1}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r5, 0x4)
sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

kernel console output (not intermixed with test programs):

ocess `syz.2.77'.
[   78.102939][ T4652] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   78.764283][   T23] Bluetooth: hci2: command 0x041b tx timeout
[   78.773853][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   78.839063][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   78.897755][ T4583] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.933403][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   78.956109][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   78.981958][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   79.003030][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   79.022027][ T4388] device veth0_vlan entered promiscuous mode
[   79.037011][ T4583] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.090132][ T4388] device veth1_vlan entered promiscuous mode
[   79.112611][ T4583] team0: Port device team_slave_0 added
[   79.146435][ T4583] team0: Port device team_slave_1 added
[   79.209305][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   79.226936][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   79.261519][ T4583] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.274099][ T4583] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.360250][ T4583] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.393659][ T4388] device veth0_macvtap entered promiscuous mode
[   79.412199][ T4583] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.421555][ T4583] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   79.499219][ T4583] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.545757][ T4388] device veth1_macvtap entered promiscuous mode
[   79.605836][    T9] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.678665][ T4388] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.702908][ T4388] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.723987][ T4388] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.742921][ T4388] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.770669][ T4388] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.795297][ T4388] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.817526][ T4388] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.840886][ T4388] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.866859][ T4388] batman_adv: batadv0: Interface activated: batadv_slave_0
[   79.905494][    T9] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   79.947248][ T4583] device hsr_slave_0 entered promiscuous mode
[   79.971668][ T4583] device hsr_slave_1 entered promiscuous mode
[   79.997712][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   80.095548][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   80.150717][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   80.184660][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   80.252335][ T4388] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.289437][ T4388] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.322863][ T4388] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.346027][ T4388] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.365318][ T4388] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.391080][ T4388] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.401602][ T4388] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.418934][ T4388] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.458247][ T4388] batman_adv: batadv0: Interface activated: batadv_slave_1
[   80.487282][    T9] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.531120][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   80.541500][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   80.568489][ T4388] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.598261][ T4388] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   80.623688][ T4388] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   80.643711][ T4388] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   80.666109][ T4689] netlink: 8 bytes leftover after parsing attributes in process `syz.2.87'.
[   80.695255][    T9] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   80.785210][ T1324] Bluetooth: hci2: command 0x040f tx timeout
[   80.900244][ T4697] netlink: 12 bytes leftover after parsing attributes in process `syz.2.90'.
[   80.929340][ T4437] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.963400][ T4437] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.011920][ T4277] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.027370][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   81.043714][ T4277] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.093114][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   81.299796][ T4583] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   81.436230][ T4583] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   81.480654][ T4583] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   81.514360][ T4583] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   81.721413][ T4744] bridge0: port 3(syz_tun) entered blocking state
[   81.736717][ T4744] bridge0: port 3(syz_tun) entered disabled state
[   81.805727][ T4744] device syz_tun entered promiscuous mode
[   81.813024][ T4744] bridge0: port 3(syz_tun) entered blocking state
[   81.819931][ T4744] bridge0: port 3(syz_tun) entered forwarding state
[   81.867535][ T4746] bridge0: port 3(syz_tun) entered learning state
[   82.063386][ T4583] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.113074][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   82.133469][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   82.159666][ T4583] 8021q: adding VLAN 0 to HW filter on device team0
[   82.198077][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   82.233344][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   82.261935][ T4437] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.269114][ T4437] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.292102][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   82.352459][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   82.373271][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   82.409758][ T4277] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.416935][ T4277] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.460468][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   82.490319][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   82.563241][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   82.601436][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   82.646701][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   82.670242][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   82.686352][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   82.701217][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   82.717953][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   82.848253][    T9] device hsr_slave_0 left promiscuous mode
[   82.867374][    T9] device hsr_slave_1 left promiscuous mode
[   82.901878][   T23] Bluetooth: hci2: command 0x0419 tx timeout
[   82.941502][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   82.969674][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[   83.837502][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   83.848411][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[   83.856551][    T9] device bridge_slave_1 left promiscuous mode
[   83.862831][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.871869][    T9] device bridge_slave_0 left promiscuous mode
[   83.933513][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.035962][    T9] device veth1_macvtap left promiscuous mode
[   84.062842][    T9] device veth0_macvtap left promiscuous mode
[   84.111114][    T9] device veth1_vlan left promiscuous mode
[   84.151465][    T9] device veth0_vlan left promiscuous mode
[   84.198119][ T4793] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   84.562339][ T4801] netlink: 4 bytes leftover after parsing attributes in process `syz.0.110'.
[   84.611349][    T9] team0 (unregistering): Port device team_slave_1 removed
[   84.640445][    T9] team0 (unregistering): Port device team_slave_0 removed
[   84.663301][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   84.689449][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   84.814521][ T4803] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   84.838072][    T9] bond0 (unregistering): Released all slaves
[   84.898202][ T4583] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   84.913446][ T4583] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   84.924621][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   84.935211][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   85.804345][ T4813] blk_update_request: I/O error, dev loop5, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 0
[   85.822315][ T4813] EXT4-fs (loop5): unable to read superblock
[   85.934932][ T4787] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.943033][ T4787] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.208810][ T4787] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   86.237934][ T4787] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   86.492659][ T4787] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   86.501737][ T4787] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   86.511454][ T4787] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   86.520412][ T4787] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   88.134258][ T4852] loop5: detected capacity change from 0 to 8
[   88.170129][ T4850] Illegal XDP return value 18448552, expect packet loss!
[   88.313019][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   88.330999][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   88.339776][ T4852] SQUASHFS error: lzo decompression failed, data probably corrupt
[   88.484864][ T4852] SQUASHFS error: Failed to read block 0x91: -5
[   88.509891][ T4852] SQUASHFS error: Unable to read metadata cache entry [8f]
[   88.532326][ T4583] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.735341][ T4852] SQUASHFS error: Unable to read inode 0x11f
[   88.939308][ T4852] netlink: 'syz.5.122': attribute type 4 has an invalid length.
[   89.072776][ T4852] netlink: 'syz.5.122': attribute type 4 has an invalid length.
[   90.248099][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   90.383868][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   90.468515][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   90.530081][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   90.799328][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   90.922575][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   91.086565][ T4583] device veth0_vlan entered promiscuous mode
[   91.120612][ T4583] device veth1_vlan entered promiscuous mode
[   91.157179][ T4583] device veth0_macvtap entered promiscuous mode
[   91.167616][ T4583] device veth1_macvtap entered promiscuous mode
[   91.186225][ T4583] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.196956][ T4583] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.207492][ T4583] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.234863][ T4583] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.247634][ T4583] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.268597][ T4583] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.300570][ T4583] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.351815][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   91.375209][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   91.414797][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   91.444368][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   91.463241][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   91.489174][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   91.564287][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   91.610333][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   91.657716][ T4583] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.688656][ T4583] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.744120][ T4583] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.776473][ T4583] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.833800][ T4583] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.851392][ T4940] loop4: detected capacity change from 0 to 8
[   91.878898][ T4583] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.921387][ T4940] /dev/loop4: Can't open blockdev
[   91.934844][ T4583] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.978141][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   92.003074][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   92.047163][ T4583] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.092527][ T4583] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.130481][ T4583] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.158243][ T4583] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.194224][ T4945] netlink: 'syz.4.137': attribute type 4 has an invalid length.
[   92.258928][ T4940] netlink: 'syz.4.137': attribute type 4 has an invalid length.
[   92.528155][ T4453] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.552178][ T4453] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.585454][ T4453] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   92.600350][ T4452] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.668695][ T4452] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.691399][ T4453] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   94.254382][ T5007] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[   95.111591][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!!
[   95.268004][ T4979] ODEBUG: Out of memory. ODEBUG disabled
[   95.701106][ T5033] 9pnet: p9_errstr2errno: server reported unknown error 0x00000000
[   96.243646][ T4235] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   96.503787][ T4235] usb 5-1: Using ep0 maxpacket: 8
[   96.628984][ T4235] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   96.642695][ T4235] usb 5-1: config 0 has no interfaces?
[   96.658208][ T4235] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   96.679962][ T4235] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.716489][ T4235] usb 5-1: config 0 descriptor??
[   96.875218][    C0] bridge0: port 3(syz_tun) entered forwarding state
[   96.949405][ T5069] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.956853][ T5069] bridge0: port 1(bridge_slave_0) entered disabled state
[   97.032380][ T5060] loop5: detected capacity change from 0 to 32768
[   97.121375][ T5060] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.168 (5060)
[   97.318190][ T5060] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[   97.378128][ T5060] BTRFS info (device loop5): allowing degraded mounts
[   97.418562][ T5060] BTRFS info (device loop5): enabling auto defrag
[   97.456398][ T5060] BTRFS info (device loop5): using free space tree
[   97.513865][ T5060] BTRFS info (device loop5): has skinny extents
[   97.855512][ T5060] BTRFS info (device loop5): enabling ssd optimizations
[   97.936203][ T5069] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   98.010279][ T5069] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   98.610973][ T5069] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   98.631385][ T5069] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   98.645777][ T5069] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   98.656981][ T5069] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   98.740743][ T5048] sch_tbf: burst 3298 is lower than device lo mtu (11337746) !
[   98.789140][ T5108] usb 5-1: USB disconnect, device number 2
[   99.029582][ T5123] loop5: detected capacity change from 0 to 256
[   99.818426][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   99.888092][   T26] audit: type=1800 audit(1770868008.295:4): pid=5123 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.179" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop5" ino=1048620 res=0 errno=0
[  100.554199][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[  100.765772][   T26] audit: type=1326 audit(1770868009.175:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5146 comm="syz.4.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1cf57f79 code=0x7ffc0000
[  100.933714][   T26] audit: type=1326 audit(1770868009.175:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5146 comm="syz.4.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1cf57f79 code=0x7ffc0000
[  100.970604][ T5157] loop5: detected capacity change from 0 to 1024
[  101.089131][   T26] audit: type=1326 audit(1770868009.175:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5146 comm="syz.4.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1cf57f79 code=0x7ffc0000
[  101.903725][   T26] audit: type=1326 audit(1770868009.175:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5146 comm="syz.4.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1cf57f79 code=0x7ffc0000
[  102.013911][ T5171] batman_adv: batadv0: Removing interface: batadv_slave_1
[  102.136107][   T26] audit: type=1326 audit(1770868009.175:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5146 comm="syz.4.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f6c1cf1884e code=0x7ffc0000
[  102.158682][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[  102.178636][ T5171] bond1: (slave batadv_slave_1): Enslaving as a backup interface with a down link
[  102.196909][   T26] audit: type=1326 audit(1770868009.175:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5146 comm="syz.4.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1cf57f79 code=0x7ffc0000
[  102.233818][   T26] audit: type=1326 audit(1770868009.245:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5146 comm="syz.4.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c1cf57f79 code=0x7ffc0000
[  102.369788][   T26] audit: type=1326 audit(1770868009.245:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5146 comm="syz.4.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=316 compat=0 ip=0x7f6c1cf57f79 code=0x7ffc0000
[  102.413159][   T26] audit: type=1326 audit(1770868009.245:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5146 comm="syz.4.186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f6c1cf1884e code=0x7ffc0000
[  102.470831][ T5181] 8021q: adding VLAN 0 to HW filter on device bond1
[  103.348369][ T5195] netlink: 12 bytes leftover after parsing attributes in process `syz.6.198'.
[  103.468101][ T5195] netlink: 12 bytes leftover after parsing attributes in process `syz.6.198'.
[  103.714623][ T5213] netlink: 'syz.6.204': attribute type 12 has an invalid length.
[  103.793853][ T5213] netlink: 'syz.6.204': attribute type 5 has an invalid length.
[  103.801531][ T5213] netlink: 'syz.6.204': attribute type 2 has an invalid length.
[  103.866931][ T5213] netlink: 'syz.6.204': attribute type 7 has an invalid length.
[  103.878309][ T5213] netlink: 108 bytes leftover after parsing attributes in process `syz.6.204'.
[  104.304009][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[  104.313257][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[  104.322349][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #0a!!!
[  104.543856][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[  106.597205][ T5261] netlink: 'syz.0.216': attribute type 1 has an invalid length.
[  106.823656][ T5255] loop5: detected capacity change from 0 to 4096
[  106.945097][ T5270] lo speed is unknown, defaulting to 1000
[  106.952140][ T5270] lo speed is unknown, defaulting to 1000
[  106.968862][ T5270] lo speed is unknown, defaulting to 1000
[  106.994509][ T5270] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  107.026430][ T5270] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  107.470269][ T5270] lo speed is unknown, defaulting to 1000
[  107.477321][ T5270] lo speed is unknown, defaulting to 1000
[  107.484476][ T5270] lo speed is unknown, defaulting to 1000
[  107.491093][ T5270] lo speed is unknown, defaulting to 1000
[  107.497746][ T5270] lo speed is unknown, defaulting to 1000
[  107.647890][ T5255] NILFS (loop5): The specified checkpoint is not a snapshot (checkpoint number=1)
[  107.907505][ T5255] loop5: detected capacity change from 0 to 2048
[  107.971342][ T5255] UDF-fs: bad mount option "uid@" or missing value
[  108.331431][ T5304] kvm: emulating exchange as write
[  108.338224][ T5255] loop5: detected capacity change from 0 to 4096
[  108.403250][ T5255] ntfs3: Unknown parameter 'nfig configfs rw'
[  108.450575][ T5310] tipc: Failed to remove unknown binding: 66,0,0/0:1024946511/1024946513
[  108.506603][ T5310] tipc: Failed to remove unknown binding: 66,0,0/0:1024946511/1024946512
[  108.540526][ T5310] tipc: Failed to remove unknown binding: 66,0,0/0:1024946511/1024946513
[  108.550716][ T5310] tipc: Failed to remove unknown binding: 66,0,0/0:1024946511/1024946512
[  109.137620][ T5338] raw_sendmsg: syz.2.236 forgot to set AF_INET. Fix it!
[  109.204624][ T5341] mmap: syz.5.238 (5341) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  110.487292][ T5369] overlayfs: failed to clone upperpath
[  111.018434][ T5403] sch_fq: defrate 53322 ignored.
[  112.081660][ T5421] lo speed is unknown, defaulting to 1000
[  112.241789][ T5431] netlink: 4 bytes leftover after parsing attributes in process `syz.2.260'.
[  112.283749][ T5431] netlink: 12 bytes leftover after parsing attributes in process `syz.2.260'.
[  112.414239][ T4289] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  112.854543][ T4289] usb 6-1: config 0 has no interfaces?
[  113.053876][ T4289] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  113.086125][ T4289] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.102649][ T4289] usb 6-1: Product: syz
[  113.111613][ T4289] usb 6-1: Manufacturer: syz
[  113.120792][ T4289] usb 6-1: SerialNumber: syz
[  113.156844][ T4289] usb 6-1: config 0 descriptor??
[  113.432266][ T5466] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  113.487554][ T5469] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  113.717560][ T5421] device veth0_vlan left promiscuous mode
[  113.736493][ T5421] device veth0_vlan entered promiscuous mode
[  113.797188][ T5477] netlink: 'syz.2.269': attribute type 4 has an invalid length.
[  113.810292][ T4289] usb 6-1: USB disconnect, device number 2
[  113.894877][ T4235] lo speed is unknown, defaulting to 1000
[  115.436531][ T5421] syz.5.256 (5421) used greatest stack depth: 18544 bytes left
[  115.560093][ T5504] netlink: 20 bytes leftover after parsing attributes in process `syz.5.275'.
[  115.863697][ T4289] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  116.973746][ T4289] usb 5-1: Using ep0 maxpacket: 8
[  117.615708][ T4289] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  117.661364][ T4289] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.670711][ T4289] usb 5-1: Product: syz
[  117.675932][ T4289] usb 5-1: Manufacturer: syz
[  117.680611][ T4289] usb 5-1: SerialNumber: syz
[  117.727069][ T5560] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  118.843537][    C0] sched: RT throttling activated
[  118.844353][ T4289] usb 5-1: config 0 descriptor??
[  118.906501][ T5569] loop4: detected capacity change from 0 to 512
[  118.940926][ T4289] usb 5-1: can't set config #0, error -71
[  118.947809][ T4289] usb 5-1: USB disconnect, device number 3
[  119.877319][ T5579] siw: device registration error -23
[  120.089662][ T5569] overlayfs: failed to resolve './file0': -2
[  120.132851][ T5582] overlayfs: failed to clone upperpath
[  120.562800][ T5593] loop4: detected capacity change from 0 to 128
[  121.064808][ T5566] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.149327][ T5566] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.363747][ T5570] netlink: 'syz.2.292': attribute type 16 has an invalid length.
[  121.371702][ T5570] netlink: 'syz.2.292': attribute type 17 has an invalid length.
[  121.407872][ T5570] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  121.422704][ T5570] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  121.462644][ T5570] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  121.476308][ T5570] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  121.508695][ T5570] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  121.547349][ T1324] lo speed is unknown, defaulting to 1000
[  123.682247][ T5650] netlink: 'syz.0.313': attribute type 1 has an invalid length.
[  123.931317][ T5652] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  124.031091][ T5652] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  124.121219][ T5652] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  124.222049][ T5652] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  124.278631][ T5652] bond2: (slave geneve2): making interface the new active one
[  124.334597][ T5652] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  124.450297][ T5652] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  124.542949][ T5653] netlink: 4 bytes leftover after parsing attributes in process `syz.0.313'.
[  124.615214][ T5653] bond2 (unregistering): (slave geneve2): Releasing active interface
[  124.639751][ T5653] netdevsim netdevsim0 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  124.661215][ T5653] netdevsim netdevsim0 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  124.679197][ T5653] netdevsim netdevsim0 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  124.703010][ T5653] netdevsim netdevsim0 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  124.743969][ T5653] bond2 (unregistering): Released all slaves
[  125.213269][ T5694] netlink: 182 bytes leftover after parsing attributes in process `syz.0.319'.
[  126.224762][ T5714] netlink: 24 bytes leftover after parsing attributes in process `syz.5.324'.
[  126.264955][ T5720] sock: sock_set_timeout: `syz.4.328' (pid 5720) tries to set negative timeout
[  126.367529][ T5734] netlink: 12 bytes leftover after parsing attributes in process `syz.0.325'.
[  126.561304][ T5742] loop5: detected capacity change from 0 to 256
[  129.752461][ T5774] loop4: detected capacity change from 0 to 8192
[  129.834883][ T5764] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  129.950037][ T5789] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  131.635615][ T5820] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input5
[  132.192270][ T5840] netlink: 4 bytes leftover after parsing attributes in process `syz.0.347'.
[  132.680424][ T4437] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  132.703967][ T4437] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  132.715814][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  132.722202][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  132.913146][ T5868] syz.5.353 uses obsolete (PF_INET,SOCK_PACKET)
[  136.313650][ T5955] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  136.358670][ T5956] netlink: 1319 bytes leftover after parsing attributes in process `syz.0.378'.
[  137.208130][ T4346] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  137.555232][ T5972] binder_alloc: 5971: binder_alloc_buf, no vma
[  137.740395][ T4346] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.773038][ T4346] usb 5-1: New USB device found, idVendor=056e, idProduct=00ff, bcdDevice= 0.00
[  137.809339][ T4346] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.830744][ T4346] usb 5-1: config 0 descriptor??
[  139.107421][ T4346] elecom 0003:056E:00FF.0001: item fetching failed at offset 0/3
[  139.148576][ T4346] elecom: probe of 0003:056E:00FF.0001 failed with error -22
[  139.209279][ T4346] usb 5-1: USB disconnect, device number 4
[  139.276567][ T6008] lo speed is unknown, defaulting to 1000
[  139.365018][ T6018] loop4: detected capacity change from 0 to 4096
[  139.406700][ T6018] /dev/loop4: Can't open blockdev
[  139.629599][ T6028] loop4: detected capacity change from 0 to 2048
[  139.755533][ T6008] chnl_net:caif_netlink_parms(): no params data found
[  139.943081][ T6008] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.974165][ T6008] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.982216][ T6008] device bridge_slave_0 entered promiscuous mode
[  139.991210][ T6008] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.998654][ T6008] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.006991][ T6008] device bridge_slave_1 entered promiscuous mode
[  140.049671][ T6008] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  140.061231][ T6008] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  140.089205][ T6008] team0: Port device team_slave_0 added
[  140.098279][ T6008] team0: Port device team_slave_1 added
[  140.118224][ T6008] batman_adv: batadv0: Adding interface: batadv_slave_0
[  140.127850][ T6008] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  140.212205][ T6008] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  140.251118][ T6008] batman_adv: batadv0: Adding interface: batadv_slave_1
[  140.275038][ T6008] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  140.371845][ T6008] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  140.580629][ T6057] loop4: detected capacity change from 0 to 512
[  141.037096][ T6008] device hsr_slave_0 entered promiscuous mode
[  141.052313][ T6008] device hsr_slave_1 entered promiscuous mode
[  141.072248][ T6008] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  141.081704][ T6008] Cannot create hsr debugfs directory
[  141.264224][   T21] Bluetooth: hci2: command 0x0409 tx timeout
[  141.337499][ T6008] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  141.388076][ T6008] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  141.407516][ T6008] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  141.430498][ T6008] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  141.625792][ T6008] 8021q: adding VLAN 0 to HW filter on device bond0
[  141.656292][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  141.677908][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  141.709370][ T6008] 8021q: adding VLAN 0 to HW filter on device team0
[  141.731601][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  141.749054][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  141.778554][ T4435] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.785770][ T4435] bridge0: port 1(bridge_slave_0) entered forwarding state
[  141.814479][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  141.851759][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  141.868427][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  141.888276][ T4435] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.895420][ T4435] bridge0: port 2(bridge_slave_1) entered forwarding state
[  141.926868][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  141.939772][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  141.969890][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  142.004851][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  142.042772][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  142.092182][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  142.104638][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  142.114654][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  142.127711][ T6008] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  142.139431][ T6008] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  142.232379][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  142.242759][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  142.268515][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  143.124452][ T4453] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  143.153867][ T4453] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  143.191723][ T6008] 8021q: adding VLAN 0 to HW filter on device batadv0
[  143.346913][ T1335] Bluetooth: hci2: command 0x041b tx timeout
[  144.273713][ T4236] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  144.527424][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  144.578034][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  145.267832][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  145.277236][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  145.302964][ T4236] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  145.314091][ T4236] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  145.315888][ T6008] device veth0_vlan entered promiscuous mode
[  145.324186][ T4236] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  145.343208][ T4236] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  145.351226][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  145.352713][ T4236] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.361502][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  145.429541][ T1324] Bluetooth: hci2: command 0x040f tx timeout
[  145.443249][ T6179] device veth0 entered promiscuous mode
[  145.461333][ T6008] device veth1_vlan entered promiscuous mode
[  145.502441][ T6008] device veth0_macvtap entered promiscuous mode
[  145.516248][ T4236] usb 5-1: config 0 descriptor??
[  145.543196][ T6008] device veth1_macvtap entered promiscuous mode
[  145.552235][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  145.560342][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  145.570674][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  145.579308][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  145.588413][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  145.597167][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  146.235441][ T6183] netlink: 4 bytes leftover after parsing attributes in process `syz.0.423'.
[  146.353875][ T4236] usbhid 5-1:0.0: can't add hid device: -71
[  146.359871][ T4236] usbhid: probe of 5-1:0.0 failed with error -71
[  146.384568][ T4236] usb 5-1: USB disconnect, device number 5
[  146.425853][ T6008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.450993][ T6008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.461785][ T6008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.478871][ T6008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.489067][ T6008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  146.505893][ T6008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.520488][ T6008] batman_adv: batadv0: Interface activated: batadv_slave_0
[  146.530607][ T6008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.541702][ T6008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.553484][ T6008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.564442][ T6008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.574559][ T6008] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.585700][ T6008] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.597066][ T6008] batman_adv: batadv0: Interface activated: batadv_slave_1
[  146.609872][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  146.624168][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  146.639857][ T6195] tipc: Failed to remove unknown binding: 66,0,0/0:4072389051/4072389053
[  146.641124][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  146.649740][ T6195] tipc: Failed to remove unknown binding: 66,0,0/0:4072389051/4072389052
[  146.671318][ T4437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  146.683686][ T6008] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  146.692401][ T6008] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  146.698800][ T6195] tipc: Failed to remove unknown binding: 66,0,0/0:4072389051/4072389053
[  146.707586][ T6008] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  146.718638][ T6008] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  146.730137][ T6195] tipc: Failed to remove unknown binding: 66,0,0/0:4072389051/4072389052
[  147.132254][ T4453] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.292683][ T4453] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.452418][ T4226] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  147.503661][   T21] Bluetooth: hci2: command 0x0419 tx timeout
[  147.665523][ T4435] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.673355][ T4435] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.715723][ T4453] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  147.831692][ T6213] tipc: Failed to remove unknown binding: 66,0,0/0:1894063504/1894063506
[  147.890386][ T6213] tipc: Failed to remove unknown binding: 66,0,0/0:1894063504/1894063505
[  147.946228][ T6213] tipc: Failed to remove unknown binding: 66,0,0/0:1894063504/1894063506
[  147.956185][ T6213] tipc: Failed to remove unknown binding: 66,0,0/0:1894063504/1894063505
[  151.024067][ T4452] Bluetooth: hci5: Frame reassembly failed (-84)
[  152.593355][ T6311] loop4: detected capacity change from 0 to 128
[  152.794581][ T6320] netlink: 12 bytes leftover after parsing attributes in process `syz.2.454'.
[  152.848452][ T6320] netlink: 'syz.2.454': attribute type 5 has an invalid length.
[  152.856466][ T6320] netlink: 4 bytes leftover after parsing attributes in process `syz.2.454'.
[  153.544488][ T4236] Bluetooth: hci5: command 0x1003 tx timeout
[  153.550782][ T4196] Bluetooth: hci5: sending frame failed (-49)
[  153.935178][ T6356] netlink: 12 bytes leftover after parsing attributes in process `syz.4.466'.
[  153.991847][ T6356] netlink: 'syz.4.466': attribute type 5 has an invalid length.
[  154.062246][ T6356] netlink: 4 bytes leftover after parsing attributes in process `syz.4.466'.
[  154.091466][ T6366] binder: 6365:6366 ioctl c0306201 200000000480 returned -14
[  155.823974][ T4235] Bluetooth: hci5: command 0x1001 tx timeout
[  155.830145][ T4196] Bluetooth: hci5: sending frame failed (-49)
[  157.931028][ T4236] Bluetooth: hci5: command 0x1009 tx timeout
[  157.953362][ T6445] netlink: 12 bytes leftover after parsing attributes in process `syz.7.488'.
[  159.804638][ T6470] loop4: detected capacity change from 0 to 16
[  159.874169][ T6470] /dev/loop4: Can't open blockdev
[  162.012121][ T6502] 9pnet: p9_client_clunk (6502): Trying to clunk with invalid fid
[  162.062259][ T6502] CPU: 0 PID: 6502 Comm: syz.4.504 Not tainted syzkaller #0
[  162.069592][ T6502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  162.079663][ T6502] Call Trace:
[  162.082961][ T6502]  <TASK>
[  162.085899][ T6502]  dump_stack_lvl+0x188/0x250
[  162.090616][ T6502]  ? __rwlock_init+0x140/0x140
[  162.095409][ T6502]  ? show_regs_print_info+0x20/0x20
[  162.100629][ T6502]  ? load_image+0x400/0x400
[  162.105184][ T6502]  ? v9fs_fid_find+0x2d1/0x320
[  162.109987][ T6502]  p9_client_clunk+0x2b3/0x380
[  162.114741][ T6502]  v9fs_statfs+0x1b7/0x380
[  162.119154][ T6502]  ? v9fs_drop_inode+0x130/0x130
[  162.124078][ T6502]  ? ovl_mount_dir+0x1f6/0x2b0
[  162.128828][ T6502]  ? kfree+0xef/0x2a0
[  162.132828][ T6502]  vfs_statfs+0x13d/0x2c0
[  162.137582][ T6502]  ovl_get_upper+0x1c0/0x600
[  162.142161][ T6502]  ? ovl_fill_super+0x2a30/0x2a30
[  162.147198][ T6502]  ovl_fill_super+0x160c/0x2a30
[  162.152065][ T6502]  ? ovl_mount+0x30/0x30
[  162.156302][ T6502]  ? sget+0x427/0x440
[  162.160273][ T6502]  ? free_anon_bdev+0x20/0x20
[  162.164976][ T6502]  ? ovl_mount+0x30/0x30
[  162.169212][ T6502]  mount_nodev+0x52/0xe0
[  162.173442][ T6502]  legacy_get_tree+0xe6/0x180
[  162.178102][ T6502]  ? virtio_fs_zero_page_range+0x120/0x120
[  162.183905][ T6502]  vfs_get_tree+0x88/0x270
[  162.188306][ T6502]  do_new_mount+0x24a/0xa40
[  162.192799][ T6502]  __se_sys_mount+0x2e3/0x3d0
[  162.197466][ T6502]  ? __x64_sys_mount+0xc0/0xc0
[  162.202219][ T6502]  ? lockdep_hardirqs_on+0x94/0x140
[  162.207401][ T6502]  ? __x64_sys_mount+0x1c/0xc0
[  162.212155][ T6502]  do_syscall_64+0x4c/0xa0
[  162.216562][ T6502]  ? clear_bhb_loop+0x30/0x80
[  162.221225][ T6502]  ? clear_bhb_loop+0x30/0x80
[  162.225884][ T6502]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  162.231775][ T6502] RIP: 0033:0x7f6c1cf57f79
[  162.236183][ T6502] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  162.255865][ T6502] RSP: 002b:00007f6c1b1b2028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  162.264362][ T6502] RAX: ffffffffffffffda RBX: 00007f6c1d1d1fa0 RCX: 00007f6c1cf57f79
[  162.272319][ T6502] RDX: 0000200000000b80 RSI: 0000200000000000 RDI: 0000000000000000
[  162.280308][ T6502] RBP: 00007f6c1cfee7e0 R08: 0000200000000680 R09: 0000000000000000
[  162.288276][ T6502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  162.296250][ T6502] R13: 00007f6c1d1d2038 R14: 00007f6c1d1d1fa0 R15: 00007ffc5c1a3c98
[  162.304233][ T6502]  </TASK>
[  162.542804][ T6512] loop5: detected capacity change from 0 to 4096
[  162.556072][ T6502] overlayfs: statfs failed on './file0'
[  162.798796][ T6512] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512)
[  164.375316][ T6538] MPTCP: addr_signal error, rm_addr=1
[  164.608216][ T6544] netlink: 20 bytes leftover after parsing attributes in process `syz.0.520'.
[  164.646188][ T6544] device ip6gre1 entered promiscuous mode
[  164.778425][ T6544] netlink: 'syz.0.520': attribute type 6 has an invalid length.
[  164.786383][ T6544] netlink: 72 bytes leftover after parsing attributes in process `syz.0.520'.
[  168.807091][ T6600] overlayfs: failed to clone upperpath
[  171.784993][ T6627] netlink: 16 bytes leftover after parsing attributes in process `syz.4.544'.
[  172.284349][ T6627] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  172.293689][ T6627] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  172.302403][ T6627] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  172.311179][ T6627] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  172.977871][ T6640] netlink: 20 bytes leftover after parsing attributes in process `syz.0.547'.
[  173.033760][ T6640] device ip6gre2 entered promiscuous mode
[  173.152108][   T26] kauditd_printk_skb: 27 callbacks suppressed
[  173.152122][   T26] audit: type=1326 audit(1770868081.555:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  173.188931][ T6647] loop7: detected capacity change from 0 to 128
[  173.190632][ T6643] netlink: 'syz.0.547': attribute type 6 has an invalid length.
[  173.206575][   T26] audit: type=1326 audit(1770868081.585:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  173.230697][ T6643] netlink: 72 bytes leftover after parsing attributes in process `syz.0.547'.
[  173.358797][ T6647] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  173.482823][   T26] audit: type=1326 audit(1770868081.595:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  173.866947][ T6647] ext4 filesystem being mounted at /24/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  173.955552][   T26] audit: type=1326 audit(1770868081.595:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  174.128254][   T26] audit: type=1326 audit(1770868081.595:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  174.662518][   T26] audit: type=1326 audit(1770868081.595:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8bcf6b684e code=0x7ffc0000
[  174.826463][   T26] audit: type=1326 audit(1770868081.595:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8bcf6b684e code=0x7ffc0000
[  175.176212][   T26] audit: type=1326 audit(1770868081.595:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  175.266832][   T26] audit: type=1326 audit(1770868081.595:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  175.314932][ T6647] fscrypt: Error allocating hmac(sha512): -2
[  175.333558][   T26] audit: type=1326 audit(1770868081.595:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6644 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  175.762389][ T5108] Bluetooth: hci4: command 0x0406 tx timeout
[  175.773961][ T5108] Bluetooth: hci1: command 0x0406 tx timeout
[  175.858609][ T5108] Bluetooth: hci3: command 0x0406 tx timeout
[  176.183871][ T5108] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  176.219569][ T6681] netlink: 24 bytes leftover after parsing attributes in process `syz.2.557'.
[  176.444684][ T6686] loop5: detected capacity change from 0 to 8
[  176.694821][ T5108] usb 5-1: New USB device found, idVendor=0c70, idProduct=f003, bcdDevice= 0.00
[  176.704279][ T6686] unable to read id index table
[  176.721526][ T5108] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.578037][ T6696] bridge0: port 3(syz_tun) entered disabled state
[  177.584845][ T6696] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.592495][ T6696] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.047727][ T5108] usb 5-1: config 0 descriptor??
[  178.345580][ T6707] netlink: 16 bytes leftover after parsing attributes in process `syz.5.560'.
[  178.599649][ T5108] usbhid 5-1:0.0: can't add hid device: -71
[  178.622883][ T5108] usbhid: probe of 5-1:0.0 failed with error -71
[  178.680402][ T5108] usb 5-1: USB disconnect, device number 6
[  178.720541][ T6713] bridge0: port 1(bridge_slave_0) entered disabled state
[  178.760213][ T6713] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.217983][ T6715] overlayfs: failed to clone upperpath
[  179.468931][ T6716] netlink: 'syz.5.569': attribute type 16 has an invalid length.
[  179.492768][ T6719] loop4: detected capacity change from 0 to 128
[  179.499888][ T6716] netlink: 'syz.5.569': attribute type 17 has an invalid length.
[  179.539722][ T6716] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  179.565099][ T6716] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  179.613133][ T6716] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  181.069314][ T6738] netlink: 12 bytes leftover after parsing attributes in process `syz.0.578'.
[  181.202258][ T6738] 8021q: adding VLAN 0 to HW filter on device bond2
[  181.212759][ T6741] device macvlan3 entered promiscuous mode
[  184.331127][ T6783] netlink: 4 bytes leftover after parsing attributes in process `syz.5.592'.
[  184.348967][ T6783] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  184.357942][ T6783] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  184.366867][ T6783] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  184.375726][ T6783] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  184.410834][ T6783] netlink: 4 bytes leftover after parsing attributes in process `syz.5.592'.
[  186.173112][ T1335] Bluetooth: hci0: command 0x0406 tx timeout
[  189.655747][ T6846] overlayfs: failed to clone upperpath
[  189.712846][ T6847] netlink: 'syz.4.612': attribute type 10 has an invalid length.
[  189.741415][ T6847] device bridge_slave_1 left promiscuous mode
[  189.758844][ T6847] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.804598][ T6847] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  191.892598][ T6871] overlayfs: failed to clone upperpath
[  191.968490][ T6871] overlayfs: failed to clone upperpath
[  191.973594][   T21] usb 8-1: new full-speed USB device number 2 using dummy_hcd
[  192.143468][ T6879] netlink: 'syz.7.622': attribute type 1 has an invalid length.
[  192.178464][ T6879] 8021q: adding VLAN 0 to HW filter on device bond1
[  192.204396][ T6879] bond1: (slave gretap1): making interface the new active one
[  192.213971][ T6879] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  192.222816][ T4453] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  192.433642][ T4346] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  192.448767][ T6898] netlink: 'syz.0.627': attribute type 1 has an invalid length.
[  193.238845][ T6898] bond3: (slave gretap1): making interface the new active one
[  193.247408][ T6898] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  193.270071][ T6898] bond3: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  193.473787][ T4346] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  193.493899][ T4346] usb 6-1: config 0 interface 0 has no altsetting 0
[  193.665637][ T4346] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  193.682426][ T4346] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  193.701194][ T4346] usb 6-1: Product: syz
[  193.705984][ T4346] usb 6-1: Manufacturer: syz
[  193.710906][ T4346] usb 6-1: SerialNumber: syz
[  193.734249][ T4346] usb 6-1: config 0 descriptor??
[  193.789055][ T4346] usb 6-1: selecting invalid altsetting 0
[  193.916571][   T23] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  194.003793][ T6881] netlink: 4 bytes leftover after parsing attributes in process `syz.5.623'.
[  194.026120][ T6881] device bridge_slave_1 left promiscuous mode
[  194.042587][ T6881] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.060665][ T6881] device bridge_slave_0 left promiscuous mode
[  194.067285][ T6881] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.073731][ T6908] loop7: detected capacity change from 0 to 32768
[  194.086952][ T6918] usb 6-1: selecting invalid altsetting 0
[  194.123421][ T6918] usb 6-1: 0:0: usb_set_interface failed (-22)
[  194.146458][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  194.152642][ T6908] gfs2: can't find protocol l
[  194.152845][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  194.250499][ T6880] usb 6-1: selecting invalid altsetting 0
[  194.262470][ T6880] usb 6-1: 0:0: usb_set_interface failed (-22)
[  194.274051][   T21] usb 6-1: USB disconnect, device number 3
[  194.481998][   T23] usb 5-1: New USB device found, idVendor=05ac, idProduct=b301, bcdDevice=e4.00
[  194.501414][   T23] usb 5-1: New USB device strings: Mfr=9, Product=2, SerialNumber=3
[  194.531606][   T23] usb 5-1: Product: syz
[  194.541972][   T23] usb 5-1: Manufacturer: syz
[  194.557111][   T23] usb 5-1: SerialNumber: syz
[  194.574140][   T23] usb 5-1: config 0 descriptor??
[  194.854676][ T6929] xt_hashlimit: size too large, truncated to 1048576
[  194.868226][ T6929] xt_hashlimit: invalid rate
[  194.868715][ T6914] syz.4.633 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  195.040937][ T4235] usb 5-1: USB disconnect, device number 7
[  195.680169][ T6942] netlink: 5 bytes leftover after parsing attributes in process `syz.2.642'.
[  196.524175][ T6948] netlink: 'syz.7.645': attribute type 21 has an invalid length.
[  196.533550][ T6948] netlink: 132 bytes leftover after parsing attributes in process `syz.7.645'.
[  196.557126][ T6948] netlink: 'syz.7.645': attribute type 1 has an invalid length.
[  196.565013][ T6948] netlink: 12 bytes leftover after parsing attributes in process `syz.7.645'.
[  196.582466][ T6948] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[  198.262016][ T6982] netlink: 4 bytes leftover after parsing attributes in process `syz.0.657'.
[  198.307700][ T6984] netlink: 4 bytes leftover after parsing attributes in process `syz.5.655'.
[  198.441494][ T6987] netlink: 4 bytes leftover after parsing attributes in process `syz.7.656'.
[  198.717955][ T7004] netlink: 'syz.2.664': attribute type 39 has an invalid length.
[  207.063764][ T7087] netlink: 'syz.5.691': attribute type 1 has an invalid length.
[  208.036608][ T7087] 8021q: adding VLAN 0 to HW filter on device bond2
[  208.240750][ T7103] fuse: Bad value for 'fd'
[  208.737644][ T7097] bond2: (slave gretap1): making interface the new active one
[  208.928117][ T7097] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  209.023627][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  209.112237][ T7117] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  209.164467][ T4289] wlan1: authenticate with 08:02:11:00:00:00
[  209.187641][ T7117] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  209.420772][ T4289] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  209.497132][ T7121] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  209.547590][ T4226] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[  209.566891][ T4226] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[  209.785115][ T4226] wlan1: authentication with 08:02:11:00:00:00 timed out
[  210.177778][ T7138] netlink: 4 bytes leftover after parsing attributes in process `syz.0.702'.
[  212.589487][ T7177] netlink: 'syz.0.714': attribute type 10 has an invalid length.
[  212.640583][ T7177] bridge0: port 3(syz_tun) entered blocking state
[  212.647247][ T7177] bridge0: port 3(syz_tun) entered forwarding state
[  212.654144][ T7177] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.661224][ T7177] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.668630][ T7177] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.676207][ T7177] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.687118][ T7183] fuse: Unknown parameter '4'
[  212.712410][ T7183] sctp: [Deprecated]: syz.7.717 (pid 7183) Use of int in max_burst socket option deprecated.
[  212.712410][ T7183] Use struct sctp_assoc_value instead
[  212.781833][ T7177] device bridge0 entered promiscuous mode
[  212.802503][ T7177] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  212.913338][ T7194] sctp: [Deprecated]: syz.7.718 (pid 7194) Use of int in max_burst socket option.
[  212.913338][ T7194] Use struct sctp_assoc_value instead
[  213.049396][ T7185] loop5: detected capacity change from 0 to 4096
[  213.803732][ T7185] netlink: 12 bytes leftover after parsing attributes in process `syz.5.716'.
[  216.087851][ T7243] netlink: 'syz.5.730': attribute type 27 has an invalid length.
[  216.121095][ T4435] device hsr_slave_0 left promiscuous mode
[  216.165077][ T4435] device hsr_slave_1 left promiscuous mode
[  216.190316][ T4435] batman_adv: batadv0: Removing interface: batadv_slave_0
[  216.220828][ T4435] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.234426][ T4435] device bridge_slave_1 left promiscuous mode
[  216.253816][ T4435] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.556206][ T4435] device bridge_slave_0 left promiscuous mode
[  216.735602][ T4435] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.927920][ T4435] team0 (unregistering): Port device team_slave_1 removed
[  217.985577][ T4435] team0 (unregistering): Port device team_slave_0 removed
[  218.059001][ T4435] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  218.096094][   T26] kauditd_printk_skb: 20 callbacks suppressed
[  218.096108][   T26] audit: type=1326 audit(1770868126.505:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7293 comm="syz.2.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  218.139683][ T4435] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  218.143350][   T26] audit: type=1326 audit(1770868126.505:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7293 comm="syz.2.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  218.179883][   T26] audit: type=1326 audit(1770868126.505:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7293 comm="syz.2.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  218.211347][   T26] audit: type=1326 audit(1770868126.565:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7293 comm="syz.2.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  218.310011][   T26] audit: type=1326 audit(1770868126.565:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7293 comm="syz.2.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  218.332256][    C1] vkms_vblank_simulate: vblank timer overrun
[  219.092838][   T21] Bluetooth: hci2: command 0x0405 tx timeout
[  219.204112][ T4435] bond0 (unregistering): Released all slaves
[  219.290554][ T7271] netlink: 40 bytes leftover after parsing attributes in process `syz.4.737'.
[  219.303803][ T7271] netlink: 40 bytes leftover after parsing attributes in process `syz.4.737'.
[  219.324674][ T7271] netlink: 40 bytes leftover after parsing attributes in process `syz.4.737'.
[  222.992241][ T7401] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  223.006745][ T7401] overlayfs: overlapping lowerdir path
[  223.281870][ T7407] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  223.877786][ T7407] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  224.173363][ T7407] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  224.502858][ T7407] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  225.035691][ T7407] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  225.071015][ T7431] device syzkaller0 entered promiscuous mode
[  225.096009][ T7407] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  225.173400][ T7407] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  225.783592][ T7407] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  226.319335][ T4346] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  226.824312][ T4346] usb 6-1: config 253 has an invalid interface number: 254 but max is 0
[  226.889177][ T4346] usb 6-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  227.162676][ T4346] usb 6-1: config 253 has no interface number 0
[  227.170872][ T4346] usb 6-1: config 253 interface 254 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  227.726345][ T7482] loop4: detected capacity change from 0 to 65536
[  227.743704][ T4346] usb 6-1: New USB device found, idVendor=abc1, idProduct=8371, bcdDevice=1d.1d
[  228.498421][ T4346] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.506971][ T4346] usb 6-1: Product: syz
[  228.511311][ T4346] usb 6-1: Manufacturer: syz
[  228.516415][ T4346] usb 6-1: SerialNumber: syz
[  228.624500][ T7482] /dev/loop4: Can't open blockdev
[  228.758397][ T7445] loop5: detected capacity change from 0 to 164
[  229.433890][   T26] audit: type=1400 audit(1770868137.835:76): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//&@\)//&" pid=7475 comm="syz.4.787"
[  229.564940][ T4346] rndis_host 6-1:253.254: skipping garbage
[  229.571344][ T4346] usb 6-1: bad CDC descriptors
[  229.622635][ T7509] netlink: 24 bytes leftover after parsing attributes in process `syz.0.798'.
[  229.736943][ T4346] usb 6-1: USB disconnect, device number 4
[  231.283454][ T7527] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  231.426232][ T7536] sch_tbf: burst 32855 is lower than device lo mtu (11337746) !
[  231.738292][ T7544] netlink: 'syz.5.802': attribute type 4 has an invalid length.
[  232.391514][ T7555] loop5: detected capacity change from 0 to 128
[  232.558676][ T7558] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  232.899644][ T7547] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.908308][ T7547] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.948294][ T7534] No such timeout policy "syz1"
[  233.358179][ T7547] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  233.424936][ T7547] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  233.752007][ T7547] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  233.761915][ T7547] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  233.771226][ T7547] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  233.780505][ T7547] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  233.868300][ T7574] sch_tbf: burst 2 is lower than device lo mtu (18) !
[  233.898555][ T7575] sch_tbf: burst 2 is lower than device lo mtu (18) !
[  233.908451][ T7575] sch_tbf: burst 2 is lower than device lo mtu (18) !
[  233.940623][ T7579] loop4: detected capacity change from 0 to 512
[  233.961054][ T7581] capability: warning: `syz.7.816' uses deprecated v2 capabilities in a way that may be insecure
[  234.011584][ T7581] netlink: 'syz.7.816': attribute type 3 has an invalid length.
[  234.070766][ T7579] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  234.110069][ T7579] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  234.144092][ T7579] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  234.183689][ T7579] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  234.212478][ T7579] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  234.221737][ T7579] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e118, mo2=0000]
[  234.229414][ T7602] IPVS: sync thread started: state = MASTER, mcast_ifn = bond_slave_0, syncid = 1, id = 0
[  234.240565][ T7579] EXT4-fs (loop4): too many log groups per flexible block group
[  234.258966][ T7579] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  234.273987][ T7579] EXT4-fs (loop4): mount failed
[  234.735907][ T7629] loop4: detected capacity change from 0 to 512
[  234.772232][ T7629] FAT-fs (loop4): Unrecognized mount option ";í)»cÖÖC€j|aFàôUKåYòåóAÝêN¬Ÿ±[>ÿ|Ó½
|±áÝ×ýB÷ù^ËU" or missing value
[  235.124957][ T7640] loop5: detected capacity change from 0 to 512
[  235.197225][ T7640] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  235.223449][ T7640] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  235.250695][   T23] kernel read not supported for file [userfaultfd] (pid: 23 comm: kworker/1:1)
[  235.271232][ T7640] EXT4-fs error (device loop5): xattr_find_entry:297: inode #15: comm syz.5.832: corrupted xattr entries
[  235.437354][ T7640] EXT4-fs (loop5): Remounting filesystem read-only
[  235.578141][ T7640] EXT4-fs (loop5): 1 truncate cleaned up
[  235.613642][ T7640] EXT4-fs (loop5): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x000000000000006c,lazytime,errors=remount-ro,nodiscard,. Quota mode: none.
[  237.859310][ T4314] lo speed is unknown, defaulting to 1000
[  237.961907][ T7707] netlink: 24 bytes leftover after parsing attributes in process `syz.5.846'.
[  238.865866][ T7723] netlink: 'syz.0.849': attribute type 4 has an invalid length.
[  238.918779][ T7723] netlink: 152 bytes leftover after parsing attributes in process `syz.0.849'.
[  239.076501][ T7723] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  239.841634][ T7730] loop4: detected capacity change from 0 to 1024
[  240.933440][ T4177] bio_check_ro: 2 callbacks suppressed
[  240.933454][ T4177] Trying to write to read-only block-device loop4
[  241.114436][ T4177] Trying to write to read-only block-device loop4
[  241.159591][ T4177] Trying to write to read-only block-device loop4
[  242.012429][ T7770] loop4: detected capacity change from 0 to 2048
[  244.161876][ T7788] Trying to write to read-only block-device loop4
[  248.717621][ T7854] netlink: 16 bytes leftover after parsing attributes in process `syz.5.885'.
[  251.564819][ T7904] xt_hashlimit: max too large, truncated to 1048576
[  251.617677][ T7904] xt_hashlimit: overflow, try lower: 0/0
[  253.244751][ T7919] netlink: 84 bytes leftover after parsing attributes in process `syz.5.898'.
[  253.948656][ T7927] netlink: 84 bytes leftover after parsing attributes in process `syz.5.898'.
[  254.179788][ T7925] device bridge4 entered promiscuous mode
[  254.251605][ T7925] bond1: (slave bridge4): making interface the new active one
[  254.298303][ T7946] netlink: 64 bytes leftover after parsing attributes in process `syz.0.903'.
[  254.321608][ T7925] bond1: (slave bridge4): Enslaving as an active interface with an up link
[  254.601775][ T7960] loop4: detected capacity change from 0 to 512
[  255.596540][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  255.602882][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  255.679355][ T7977] loop5: detected capacity change from 0 to 16
[  255.881435][ T7977] erofs: (device loop5): mounted with root inode @ nid 36.
[  258.551179][ T8018] netlink: 'syz.2.916': attribute type 1 has an invalid length.
[  258.680401][ T8018] netlink: 146340 bytes leftover after parsing attributes in process `syz.2.916'.
[  258.953736][ T4235] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  260.109796][ T4235] usb 6-1: unable to get BOS descriptor or descriptor too short
[  260.193687][ T4235] usb 6-1: config 63 has an invalid interface number: 66 but max is 0
[  260.204769][ T4235] usb 6-1: config 63 has an invalid descriptor of length 0, skipping remainder of the config
[  260.250305][ T4235] usb 6-1: config 63 has no interface number 0
[  260.303818][ T4235] usb 6-1: config 63 interface 66 has no altsetting 0
[  261.213864][ T4235] usb 6-1: New USB device found, idVendor=174f, idProduct=8a31, bcdDevice=39.f4
[  261.222948][ T4235] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.250052][ T4235] usb 6-1: Product: syz
[  261.528776][ T4235] usb 6-1: Manufacturer: syz
[  261.533411][ T4235] usb 6-1: SerialNumber: syz
[  261.533577][   T26] audit: type=1326 audit(3918351817.717:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8050 comm="syz.4.925" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6c1cf57f79 code=0x0
[  261.826096][ T8069] netlink: 'syz.5.928': attribute type 1 has an invalid length.
[  261.866138][ T4235] usb 6-1: USB disconnect, device number 5
[  262.020814][ T8069] device bond3 entered promiscuous mode
[  262.071277][ T8069] 8021q: adding VLAN 0 to HW filter on device bond3
[  262.205566][ T8073] bond3: (slave erspan2): making interface the new active one
[  262.213073][ T8073] device erspan2 entered promiscuous mode
[  262.285352][ T8073] bond3: (slave erspan2): Enslaving as an active interface with an up link
[  262.339259][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready
[  262.357951][ T8081] device vlan2 entered promiscuous mode
[  262.414769][ T8081] device bond0 entered promiscuous mode
[  262.457906][ T8081] device bond_slave_0 entered promiscuous mode
[  262.478653][ T8081] device bond_slave_1 entered promiscuous mode
[  262.504637][ T8081] device bridge_slave_1 entered promiscuous mode
[  262.567737][ T8078] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  262.783796][ T4289] Bluetooth: hci2: command 0x0406 tx timeout
[  262.825981][ T8112] netlink: 12 bytes leftover after parsing attributes in process `syz.4.936'.
[  263.158583][   T26] audit: type=1326 audit(3918351819.567:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.2.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  263.415925][   T26] audit: type=1326 audit(3918351819.627:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.2.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  263.508719][   T26] audit: type=1326 audit(3918351819.637:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.2.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  263.594667][   T26] audit: type=1326 audit(3918351819.657:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.2.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  263.643444][ T8128] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  263.681601][   T26] audit: type=1326 audit(3918351819.667:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.2.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  263.735782][   T26] audit: type=1326 audit(3918351819.697:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.2.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  263.799695][   T26] audit: type=1326 audit(3918351819.717:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8111 comm="syz.2.947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8bcf6f5f79 code=0x7ffc0000
[  263.917798][ T8142] overlayfs: failed to clone upperpath
[  267.335269][ T8256] team0: Port device team_slave_0 removed
[  267.393143][ T8260] 8021q: adding VLAN 0 to HW filter on device bond4
[  267.412770][ T8260] device macvlan0 entered promiscuous mode
[  267.420850][ T8260] device bond_slave_0 entered promiscuous mode
[  267.427341][ T8260] device bond_slave_1 entered promiscuous mode
[  267.437963][ T8260] device bond0 entered promiscuous mode
[  267.448412][ T8260] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  267.466547][ T8260] bond4: (slave macvlan0): Enslaving as an active interface with an up link
[  267.479519][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bond4: link becomes ready
[  267.539259][ T8270] netlink: 16 bytes leftover after parsing attributes in process `syz.4.972'.
[  267.640396][ T8276] netlink: 16 bytes leftover after parsing attributes in process `syz.0.973'.
[  267.740029][ T8288] binder_alloc: 8287: pid 8287 spamming oneway? 2 buffers allocated for a total size of 5120
[  267.790870][ T8291] 9p filesystem being mounted at /172/file0 supports timestamps until 2106-02-07 (0xffffffff)
[  268.789763][ T8301] netlink: 8 bytes leftover after parsing attributes in process `syz.5.984'.
[  269.019064][ T8315] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  269.026236][ T8315] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  269.063109][ T8315] vhci_hcd vhci_hcd.0: Device attached
[  269.884349][ T4346] usb 41-1: new low-speed USB device number 2 using vhci_hcd
[  269.891886][ T4314] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  270.432713][ T4314] usb 5-1: config 0 has no interfaces?
[  270.438731][ T1335] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  270.446515][ T4314] usb 5-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[  270.455806][ T4314] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.472351][ T4314] usb 5-1: config 0 descriptor??
[  270.843899][ T8316] usb 41-1: recv xbuf, 0
[  270.868338][  T144] vhci_hcd: stop threads
[  270.875021][  T144] vhci_hcd: release socket
[  271.118444][  T144] vhci_hcd: disconnect device
[  271.203826][ T4346] vhci_hcd: vhci_device speed not set
[  272.334026][ T4314] usb 5-1: USB disconnect, device number 8
[  272.358193][ T8366] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1002'.
[  272.439080][ T1335] usb 6-1: unable to read config index 0 descriptor/all
[  272.454003][ T1335] usb 6-1: can't read configurations, error -71
[  272.495713][ T8366] netlink: 'syz.2.1002': attribute type 5 has an invalid length.
[  273.200599][ T8366] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1002'.
[  275.338077][ T8394] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1008'.
[  275.583611][ T8396] xt_hashlimit: size too large, truncated to 1048576
[  275.613865][ T8396] xt_hashlimit: invalid rate
[  275.737792][ T8399] loop4: detected capacity change from 0 to 256
[  275.780336][ T8399] exfat: Deprecated parameter 'namecase'
[  275.802509][ T8405] loop5: detected capacity change from 0 to 512
[  275.816205][ T8399] exfat: Deprecated parameter 'namecase'
[  275.904290][ T8399] /dev/loop4: Can't open blockdev
[  275.956390][ T8405] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  275.978638][ T8405] ext4 filesystem being mounted at /146/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  277.324139][ T8434] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  278.831191][ T8452] loop4: detected capacity change from 0 to 64
[  278.838898][ T8450] netlink: 'syz.2.1030': attribute type 21 has an invalid length.
[  278.862922][ T8450] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1030'.
[  278.893775][ T8450] netlink: 'syz.2.1030': attribute type 1 has an invalid length.
[  278.901855][ T8450] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1030'.
[  278.913729][ T8457] bridge: RTM_NEWNEIGH with unconfigured vlan 1 on bridge_slave_0
[  279.884069][ T8476] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1038'.
[  279.973385][ T8486] loop5: detected capacity change from 0 to 512
[  280.051831][ T8486] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  283.691865][ T8529] netlink: 'syz.7.1053': attribute type 10 has an invalid length.
[  283.815947][ T8529] 8021q: adding VLAN 0 to HW filter on device bond0
[  284.825419][ T8529] team0: Port device bond0 added
[  286.028712][ T8562] netlink: 'syz.7.1064': attribute type 10 has an invalid length.
[  286.092067][ T8562] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  286.268722][ T8572] batman_adv: batadv0: Removing interface: batadv_slave_0
[  287.161925][ T8587] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1059'.
[  290.610516][ T8608] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1076'.
[  290.645599][ T8609] loop4: detected capacity change from 0 to 1024
[  293.640197][ T8642] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1085'.
[  293.705252][ T8642] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1085'.
[  294.766845][ T8657] loop5: detected capacity change from 0 to 512
[  295.069537][ T8657] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,,errors=continue. Quota mode: writeback.
[  295.083725][ T8657] ext4 filesystem being mounted at /162/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  295.973048][ T8657] syz.5.1092 (8657) used greatest stack depth: 17624 bytes left
[  302.133700][ T8745] loop5: detected capacity change from 0 to 2048
[  302.187854][ T8745] EXT4-fs (loop5): mounted filesystem without journal. Opts: barrier=0x0000000000000000,resuid=0x0000000000000000,auto_da_alloc=0x000000000000ffff,usrjquota=,,errors=continue. Quota mode: none.
[  302.238693][ T8745] EXT4-fs error (device loop5): ext4_find_extent:929: inode #2: comm syz.5.1115: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  303.419851][ T8774] loop4: detected capacity change from 0 to 256
[  305.445674][ T8799] Malformed UNC in devname
[  305.445674][ T8799] 
[  305.446026][ T8799] CIFS: VFS: Malformed UNC in devname
[  307.669949][ T8826] loop4: detected capacity change from 0 to 512
[  308.073816][ T8828] loop5: detected capacity change from 0 to 65536
[  308.525811][ T8828] XFS (loop5): Mounting V5 Filesystem
[  308.928075][ T8828] XFS (loop5): Ending clean mount
[  309.245932][   T26] audit: type=1400 audit(3918351865.662:85): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name="#(%#{//&@\)//&" pid=8827 comm="syz.5.1141"
[  309.422180][ T4388] XFS (loop5): Unmounting Filesystem
[  309.558862][ T8857] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1149'.
[  309.572091][ T8857] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  309.581005][ T8857] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  309.589788][ T8857] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  309.598541][ T8857] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  309.618095][ T8857] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1149'.
[  309.990042][ T8865] Cannot find del_set index 4 as target
[  313.361619][ T8895] tipc: Failed to remove unknown binding: 66,0,0/0:3150595189/3150595190
[  313.373218][ T8895] tipc: Failed to remove unknown binding: 66,0,0/0:3150595189/3150595190
[  313.516285][ T8905] bridge0: port 3(syz_tun) entered disabled state
[  313.568007][ T8905] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.575407][ T8905] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.592439][ T8905] device bond_slave_0 left promiscuous mode
[  313.599330][ T8905] device bond_slave_1 left promiscuous mode
[  314.015334][ T8905] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  314.067467][ T8905] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  317.102115][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  317.111418][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  317.846333][ T8905] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.856217][ T8905] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.866051][ T8905] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.875273][ T8905] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  318.489922][ T8905] device ip6gre1 left promiscuous mode
[  318.633688][ T8905] device ip6gre2 left promiscuous mode
[  318.651047][ T8905] device macvlan3 left promiscuous mode
[  318.732385][ T8965] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  318.792456][ T8965] batman_adv: batadv0: Removing interface: batadv_slave_0
[  322.350035][ T9005] block device autoloading is deprecated and will be removed.
[  327.733575][ T9043] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  327.747453][ T9043] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.882167][ T9043] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  327.899199][ T9043] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.984007][ T9043] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  328.009514][ T9043] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.119275][ T9043] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  328.142179][ T9043] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.601958][ T9043] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  330.656552][ T9043] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  330.670810][ T9043] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  330.679665][ T9043] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  330.740677][ T9043] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  330.764176][ T9043] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  330.777547][ T9043] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  330.786103][ T9043] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  335.560135][   T26] audit: type=1804 audit(3918351891.972:86): pid=9137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1228" name="bus" dev="ramfs" ino=47013 res=1 errno=0
[  335.650813][   T26] audit: type=1804 audit(3918351892.012:87): pid=9137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1228" name="bus" dev="ramfs" ino=47013 res=1 errno=0
[  335.840534][ T9148] loop5: detected capacity change from 0 to 1024
[  335.936794][ T9148] EXT4-fs (loop5): Ignoring removed orlov option
[  335.943175][ T9148] EXT4-fs (loop5): bad geometry: block count 6422528 exceeds size of device (512 blocks)
[  342.583697][ T9216] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1252'.
[  344.320351][ T9248] netlink: 'syz.7.1263': attribute type 1 has an invalid length.
[  344.411073][ T9248] device bond2 entered promiscuous mode
[  344.421093][ T9248] 8021q: adding VLAN 0 to HW filter on device bond2
[  344.469433][ T9254] bond2: (slave erspan1): making interface the new active one
[  344.474489][ T9255] pit: kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[  344.478260][ T9254] device erspan1 entered promiscuous mode
[  344.573334][ T9254] bond2: (slave erspan1): Enslaving as an active interface with an up link
[  344.591181][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  344.623796][ T9255] pit: kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  344.633358][ T9255] pit: kvm: requested 13409 ns i8254 timer period limited to 200000 ns
[  344.691772][ T9255] pit: kvm: requested 53638 ns i8254 timer period limited to 200000 ns
[  344.701774][ T9255] pit: kvm: requested 41904 ns i8254 timer period limited to 200000 ns
[  348.085333][ T9302] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1279'.
[  348.107018][   T26] audit: type=1804 audit(3918351904.522:88): pid=9305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1280" name="bus" dev="ramfs" ino=48386 res=1 errno=0
[  348.186363][   T26] audit: type=1804 audit(3918351904.532:89): pid=9305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1280" name="bus" dev="ramfs" ino=48386 res=1 errno=0
[  350.840869][ T9370] netlink: 'syz.5.1289': attribute type 39 has an invalid length.
[  353.136283][ T9387] loop4: detected capacity change from 0 to 128
[  358.708209][ T9446] loop4: detected capacity change from 0 to 128
[  363.341083][ T9488] loop5: detected capacity change from 0 to 8192
[  363.491695][ T9488]  loop5: p1 p2
[  363.504616][ T9488] loop5: partition table partially beyond EOD, truncated
[  364.800421][ T9488] loop5: p1 start 16777216 is beyond EOD, truncated
[  364.839557][ T9509] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1331'.
[  364.858142][ T9488] loop5: p2 size 515840 extends beyond EOD, truncated
[  365.405574][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[  366.411403][ T9527] binder: BINDER_SET_CONTEXT_MGR already set
[  366.426055][ T9527] binder: 9526:9527 ioctl 4018620d 200000004a80 returned -16
[  366.566125][ T9534] xt_l2tp: missing protocol rule (udp|l2tpip)
[  368.114232][ T9562] loop5: detected capacity change from 0 to 128
[  370.487068][ T9591] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1355'.
[  371.076025][ T9597] binder: 9590:9597 ioctl 0 0 returned -22
[  373.858016][ T9613] loop5: detected capacity change from 0 to 2048
[  375.367528][ T9613] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  375.621818][ T9633] device syzkaller0 entered promiscuous mode
[  375.896498][ T9635] device syzkaller0 entered promiscuous mode
[  377.455227][ T9656] netlink: 'syz.2.1373': attribute type 1 has an invalid length.
[  377.543182][ T9656] 8021q: adding VLAN 0 to HW filter on device bond2
[  378.104862][ T9663] bond2: (slave geneve2): making interface the new active one
[  378.114924][ T9663] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  378.141973][ T4453] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  378.465996][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  378.472323][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  379.470993][ T9706] lo speed is unknown, defaulting to 1000
[  379.606492][ T9709] loop5: detected capacity change from 0 to 128
[  379.661649][ T9709] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  379.734309][ T9720] xt_NFQUEUE: number of queues (8) out of range (got 65537)
[  379.988003][ T9709] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  380.163343][ T9709] ext2 filesystem being mounted at /221/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  380.345640][ T9706] chnl_net:caif_netlink_parms(): no params data found
[  380.510616][ T9706] bridge0: port 1(bridge_slave_0) entered blocking state
[  380.546338][ T9706] bridge0: port 1(bridge_slave_0) entered disabled state
[  380.559775][ T9706] device bridge_slave_0 entered promiscuous mode
[  380.578671][ T9706] bridge0: port 2(bridge_slave_1) entered blocking state
[  380.586375][ T9706] bridge0: port 2(bridge_slave_1) entered disabled state
[  380.599536][ T9706] device bridge_slave_1 entered promiscuous mode
[  380.804929][ T9706] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  380.829596][ T9706] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  381.009613][ T9706] team0: Port device team_slave_0 added
[  381.087577][ T9706] team0: Port device team_slave_1 added
[  381.119305][ T9731] overlayfs: failed to clone upperpath
[  381.138294][ T9739] netlink: 'syz.0.1391': attribute type 1 has an invalid length.
[  381.278062][ T9739] 8021q: adding VLAN 0 to HW filter on device bond4
[  381.472488][ T9741] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  381.493528][ T9741] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  381.502277][ T9741] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  381.503808][ T4289] Bluetooth: hci5: command 0x0409 tx timeout
[  381.537879][ T9748] loop5: detected capacity change from 0 to 512
[  381.557027][ T9741] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  381.565954][ T9748] EXT4-fs (loop5): Ignoring removed bh option
[  381.586164][ T9741] bond4: (slave geneve3): making interface the new active one
[  381.610922][ T9741] bond4: (slave geneve3): Enslaving as an active interface with an up link
[  381.643935][ T9748] EXT4-fs (loop5): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback.
[  381.708165][ T9748] ext4 filesystem being mounted at /222/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  381.737386][ T9706] batman_adv: batadv0: Adding interface: batadv_slave_0
[  381.756013][ T9706] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  381.871112][ T9706] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  381.908700][ T9706] batman_adv: batadv0: Adding interface: batadv_slave_1
[  381.925743][ T9706] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  381.963539][ T9706] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  381.994930][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): bond4: link becomes ready
[  382.119304][ T9706] device hsr_slave_0 entered promiscuous mode
[  382.134651][ T9706] device hsr_slave_1 entered promiscuous mode
[  382.209740][ T9761] netlink: 'syz.0.1397': attribute type 10 has an invalid length.
[  383.764099][ T4235] Bluetooth: hci5: command 0x041b tx timeout
[  384.312901][ T9706] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  384.424162][ T9706] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  384.454916][ T9706] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  384.613050][ T9706] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  385.657823][ T9807] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1403'.
[  385.703848][ T9706] 8021q: adding VLAN 0 to HW filter on device bond0
[  385.845660][ T4289] Bluetooth: hci5: command 0x040f tx timeout
[  385.938790][ T9706] 8021q: adding VLAN 0 to HW filter on device team0
[  385.975605][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  385.999667][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  386.063896][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  386.074079][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  386.082586][ T4435] bridge0: port 1(bridge_slave_0) entered blocking state
[  386.089735][ T4435] bridge0: port 1(bridge_slave_0) entered forwarding state
[  386.147631][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  386.722686][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  387.009112][ T4435] bridge0: port 2(bridge_slave_1) entered blocking state
[  387.016300][ T4435] bridge0: port 2(bridge_slave_1) entered forwarding state
[  387.024270][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  387.033106][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  387.198405][ T9843] loop5: detected capacity change from 0 to 512
[  387.233923][ T9831] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1409'.
[  387.234703][ T9843] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  387.251319][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  387.279277][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  387.308908][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  387.328187][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  387.338466][ T9843] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  387.338756][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  387.355522][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  387.364087][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  387.366574][ T9843] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a04ec0a8, mo2=0002]
[  387.372615][ T4435] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  387.396546][ T9843] System zones: 0-3, 34-34
[  387.401258][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  387.422848][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  387.430698][ T9843] EXT4-fs (loop5): orphan cleanup on readonly fs
[  387.430718][ T9843] EXT4-fs error (device loop5): ext4_orphan_get:1426: comm syz.5.1411: bad orphan inode 1039
[  387.442797][ T9843] EXT4-fs (loop5): Remounting filesystem read-only
[  387.454793][ T9843] EXT4-fs (loop5): mounted filesystem without journal. Opts: debug,errors=remount-ro,quota,barrier,minixdf,sb=0x0000000000000009,. Quota mode: writeback.
[  387.479772][ T9706] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  388.213315][ T4271] Bluetooth: hci5: command 0x0419 tx timeout
[  389.130757][ T9878] netlink: 'syz.4.1417': attribute type 1 has an invalid length.
[  389.234647][ T9878] 8021q: adding VLAN 0 to HW filter on device bond2
[  389.325006][ T4438] bond2: (slave erspan1): Releasing active interface
[  389.368429][ T4438] device erspan1 left promiscuous mode
[  390.003108][ T9886] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  390.013770][ T9886] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  390.022547][ T9886] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  390.033310][ T9886] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  390.045296][ T9886] bond2: (slave geneve2): making interface the new active one
[  390.055150][ T9886] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  390.067964][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  390.175237][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  390.182725][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  390.214288][ T4438] bond1: (slave gretap1): Releasing active interface
[  390.241282][ T9706] 8021q: adding VLAN 0 to HW filter on device batadv0
[  390.259686][ T9914] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  390.269984][ T9914] batman_adv: batadv0: Removing interface: batadv_slave_1
[  390.340065][ T9921] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  390.408275][ T9923] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1425'.
[  390.575303][ T4438] bond0: (slave wlan1): Releasing backup interface
[  392.332052][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  392.489887][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  392.682991][ T9961] tipc: Started in network mode
[  392.688472][ T9961] tipc: Node identity 4, cluster identity 4711
[  392.696358][ T9961] tipc: Node number set to 4
[  393.352152][ T9963] 9p filesystem being mounted at /348/file0 supports timestamps until 2106-02-07 (0xffffffff)
[  393.379957][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  393.397469][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  393.418906][ T9706] device veth0_vlan entered promiscuous mode
[  393.433120][ T4438] device hsr_slave_0 left promiscuous mode
[  393.465620][ T4438] device hsr_slave_1 left promiscuous mode
[  393.483232][ T4438] batman_adv: batadv0: Removing interface: batadv_slave_0
[  393.491460][ T4438] batman_adv: batadv0: Removing interface: batadv_slave_1
[  393.520164][ T4438] device bridge_slave_1 left promiscuous mode
[  393.528043][ T4438] bridge0: port 2(bridge_slave_1) entered disabled state
[  393.550841][ T4438] device bridge_slave_0 left promiscuous mode
[  393.557356][ T4438] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.589871][ T4438] bond2 (unregistering): Released all slaves
[  393.604348][ T4438] bond1 (unregistering): Released all slaves
[  393.752824][ T4438] team0 (unregistering): Port device team_slave_1 removed
[  393.772238][ T4438] team0 (unregistering): Port device team_slave_0 removed
[  393.783780][ T4438] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  393.809321][ T4438] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  393.853673][ T5108] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  393.862878][ T4438] team0 (unregistering): Port device bond0 removed
[  393.883875][ T4438] bond0 (unregistering): Released all slaves
[  393.957110][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  393.970779][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  393.983185][ T9975] IPv6: NLM_F_CREATE should be specified when creating new route
[  394.003760][ T9982] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1439'.
[  394.036650][ T9706] device veth1_vlan entered promiscuous mode
[  394.078174][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  394.088273][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  394.114939][ T9706] device veth0_macvtap entered promiscuous mode
[  394.152680][ T9706] device veth1_macvtap entered promiscuous mode
[  394.168486][ T9999] 9pnet: p9_errstr2errno: server reported unknown error 0x000000000000
[  394.206977][ T9706] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  394.235980][ T9706] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.293762][ T5108] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  394.319141][ T5108] usb 6-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x4B, skipping
[  394.356780][ T5108] usb 6-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xD9, skipping
[  394.389786][ T5108] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  394.416576][ T9706] batman_adv: batadv0: Interface activated: batadv_slave_0
[  394.428482][ T9706] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.439372][ T9706] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.451563][ T9706] batman_adv: batadv0: Interface activated: batadv_slave_1
[  394.479281][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  394.497728][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  394.509999][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  394.597799][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  394.707773][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  394.832668][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  395.158556][ T9706] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  395.168464][ T5108] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.ff
[  395.193255][ T5108] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  395.207977][ T9706] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  395.225343][ T5108] usb 6-1: Manufacturer: syz
[  395.230343][ T9706] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  395.266874][ T5108] usb 6-1: config 0 descriptor??
[  395.268673][ T9706] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  395.286998][T10026] tipc: Started in network mode
[  395.300676][T10026] tipc: Node identity 4, cluster identity 4711
[  395.307336][ T9974] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  395.315643][T10026] tipc: Node number set to 4
[  395.437519][ T9835] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  395.451407][ T9835] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  396.486238][ T9835] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  396.530236][ T4314] usb 6-1: USB disconnect, device number 8
[  396.784264][ T9835] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  397.097710][ T9835] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  397.648675][ T9835] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  397.917974][T10050] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  397.951782][T10050] batman_adv: batadv0: Removing interface: batadv_slave_0
[  397.972746][T10050] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  398.021267][T10050] batman_adv: batadv0: Removing interface: batadv_slave_1
[  398.586955][T10065] binder: 10064:10065 ioctl c0306201 2000000003c0 returned -14
[  400.759453][T10084] tipc: Started in network mode
[  400.792729][T10084] tipc: Node identity 4, cluster identity 4711
[  400.835911][T10084] tipc: Node number set to 4
[  400.846737][T10087] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1459'.
[  400.949054][T10087] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1459'.
[  400.972002][T10090] overlayfs: failed to clone upperpath
[  405.292227][T10137] xt_policy: output policy not valid in PREROUTING and INPUT
[  406.668931][T10150] Invalid option length (1047662) for dns_resolver key
[  408.337084][T10165] tipc: Started in network mode
[  408.342094][T10165] tipc: Node identity 4, cluster identity 4711
[  408.355841][T10165] tipc: Node number set to 4
[  418.406191][T10279] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  418.511674][T10279] netlink: 16 bytes leftover after parsing attributes in process `syz.8.1498'.
[  420.148784][T10296] syz.4.1504 sent an empty control message without MSG_MORE.
[  420.946328][T10290] device ip6gre1 entered promiscuous mode
[  421.026238][   T26] audit: type=1326 audit(3918351977.442:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.5.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f51bd2afd97 code=0x7ffc0000
[  421.100138][   T26] audit: type=1326 audit(3918351977.442:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.5.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f51bd257399 code=0x7ffc0000
[  423.921358][T10323] fuse: Bad value for 'fd'
[  424.357255][   T26] audit: type=1326 audit(3918351977.442:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.5.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51bd2b5f79 code=0x7ffc0000
[  424.495605][T10339] team0: Device bond0 failed to register rx_handler
[  424.507058][   T26] audit: type=1326 audit(3918351977.442:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.5.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51bd2b5f79 code=0x7ffc0000
[  424.628869][T10343] netlink: 'syz.4.1514': attribute type 16 has an invalid length.
[  424.683902][   T26] audit: type=1326 audit(3918351977.462:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.5.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f51bd2afd97 code=0x7ffc0000
[  426.473664][T10343] netlink: 'syz.4.1514': attribute type 17 has an invalid length.
[  426.538831][   T26] audit: type=1326 audit(3918351977.462:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.5.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f51bd257399 code=0x7ffc0000
[  426.582455][   T26] audit: type=1326 audit(3918351977.462:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.5.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f51bd2b5f79 code=0x7ffc0000
[  426.769960][   T26] audit: type=1326 audit(3918351977.462:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.5.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51bd2b5f79 code=0x7ffc0000
[  426.989427][   T26] audit: type=1326 audit(3918351977.462:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.5.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51bd2b5f79 code=0x7ffc0000
[  427.014275][   T26] audit: type=1326 audit(3918351977.472:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.5.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f51bd2afd97 code=0x7ffc0000
[  427.563470][   T26] audit: type=1326 audit(3918351977.472:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.5.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f51bd257399 code=0x7ffc0000
[  427.663662][   T26] audit: type=1326 audit(3918351977.472:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.5.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51bd2b5f79 code=0x7ffc0000
[  427.910550][   T26] audit: type=1326 audit(3918351977.472:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.5.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f51bd2afd97 code=0x7ffc0000
[  429.343237][   T26] audit: type=1326 audit(3918351977.472:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.5.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f51bd257399 code=0x7ffc0000
[  429.600963][   T26] audit: type=1326 audit(3918351977.472:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10308 comm="syz.5.1508" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51bd2b5f79 code=0x7ffc0000
[  431.614020][T10454] netlink: 'syz.0.1542': attribute type 11 has an invalid length.
[  434.473104][T10474] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1547'.
[  440.089550][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  440.253946][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  440.406793][T10530] device syz_tun left promiscuous mode
[  440.432998][T10530] bridge0: port 3(syz_tun) entered disabled state
[  440.433547][T10525] netlink: 'syz.2.1560': attribute type 11 has an invalid length.
[  440.443337][T10532] loop5: detected capacity change from 0 to 512
[  440.509145][T10530] bond0: (slave bridge0): Releasing backup interface
[  440.531026][T10532] EXT4-fs (loop5): Invalid commit interval 134217735, must be smaller than 21474836
[  440.545797][T10530] device bridge_slave_0 left promiscuous mode
[  440.571721][T10530] bridge0: port 1(bridge_slave_0) entered disabled state
[  440.612166][T10530] device bridge_slave_1 left promiscuous mode
[  440.682838][T10530] bridge0: port 2(bridge_slave_1) entered disabled state
[  440.723103][T10530] bond0: (slave bond_slave_0): Releasing backup interface
[  440.772021][T10530] bond0: (slave bond_slave_1): Releasing backup interface
[  440.846141][T10530] team0: Port device team_slave_0 removed
[  440.900307][T10530] team0: Port device team_slave_1 removed
[  440.917055][T10530] batman_adv: batadv0: Removing interface: batadv_slave_0
[  440.944700][T10530] batman_adv: batadv0: Removing interface: batadv_slave_1
[  440.974108][T10530] bond1: (slave macvlan2): Releasing active interface
[  440.995654][T10530] bond3: (slave gretap1): Releasing active interface
[  441.016330][T10530] bond4: (slave geneve3): Releasing active interface
[  441.056340][T10530] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  441.085222][T10530] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  441.116629][T10530] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  441.130086][T10559] loop5: detected capacity change from 0 to 256
[  441.132933][T10530] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  441.162677][T10559] exfat: Deprecated parameter 'utf8'
[  441.215452][T10534] team0: Mode changed to "loadbalance"
[  441.266239][T10536] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1562'.
[  441.288794][T10559] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  441.342236][T10559] exfat filesystem being mounted at /256/file0 supports timestamps until 2107-12-31 (0x10391447f)
[  441.561027][T10549] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1564'.
[  443.812981][T10587] trusted_key: encrypted_key: master key parameter 'šÙ|™{E' is invalid
[  445.050955][T10598] netlink: 'syz.5.1582': attribute type 11 has an invalid length.
[  445.999819][T10606] loop5: detected capacity change from 0 to 512
[  446.084826][T10606] FAT-fs (loop5): Unrecognized mount option "/dev/comedi5" or missing value
[  446.162522][T10608] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  446.162522][T10608] The task syz.5.1584 (10608) triggered the difference, watch for misbehavior.
[  449.271897][T10675] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1598'.
[  451.698889][T10713] netdevsim netdevsim4 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  451.707549][T10713] netdevsim netdevsim4 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  451.715975][T10713] netdevsim netdevsim4 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  451.724359][T10713] netdevsim netdevsim4 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  451.882780][T10713] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  451.907283][T10713] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  451.935954][T10713] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  451.953429][T10713] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  452.800204][T10753] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1615'.
[  452.899454][T10763] tmpfs: Bad value for 'uid'
[  452.985541][T10765] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1618'.
[  454.529380][T10768] bridge2: port 1(veth1) entered blocking state
[  454.536213][T10768] bridge2: port 1(veth1) entered disabled state
[  454.545880][T10778] sctp: [Deprecated]: syz.5.1620 (pid 10778) Use of struct sctp_assoc_value in delayed_ack socket option.
[  454.545880][T10778] Use struct sctp_sack_info instead
[  454.553213][T10768] device veth1 entered promiscuous mode
[  454.604710][T10769] bridge2: port 2(veth3) entered blocking state
[  454.624161][T10769] bridge2: port 2(veth3) entered disabled state
[  454.641716][T10769] device veth3 entered promiscuous mode
[  457.233348][T10806] overlayfs: failed to clone upperpath
[  461.272143][T10879] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1647'.
[  461.341652][T10884] netlink: zone id is out of range
[  461.380473][T10884] netlink: zone id is out of range
[  461.402258][T10884] netlink: zone id is out of range
[  461.442496][T10884] netlink: zone id is out of range
[  461.447806][T10884] netlink: zone id is out of range
[  461.453143][T10884] netlink: zone id is out of range
[  461.459474][T10884] netlink: zone id is out of range
[  461.470320][T10884] netlink: zone id is out of range
[  461.480853][T10884] netlink: zone id is out of range
[  461.980498][T10884] netlink: zone id is out of range
[  466.948198][T10987] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1674'.
[  467.046600][T10987] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1674'.
[  467.144063][T10996] netlink: 'syz.8.1678': attribute type 1 has an invalid length.
[  468.008230][T10996] bond1: (slave gretap1): making interface the new active one
[  468.049682][T10996] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  470.793272][T11065] loop5: detected capacity change from 0 to 512
[  471.503313][T11065] EXT4-fs (loop5): Ignoring removed bh option
[  471.855581][T11065] EXT4-fs (loop5): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback.
[  471.912852][T11065] ext4 filesystem being mounted at /283/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  472.074685][T11065] EXT4-fs error (device loop5): ext4_resize_begin:61: comm syz.5.1695: resize_inode disabled but reserved GDT blocks non-zero
[  472.155026][T11065] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.1695: iget: bad i_size value: 2533274857506816
[  472.161719][   T26] kauditd_printk_skb: 31 callbacks suppressed
[  472.161733][   T26] audit: type=1326 audit(3918352028.572:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11083 comm="syz.4.1701" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6c1cf57f79 code=0x0
[  472.507793][T11065] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.1695: iget: bad i_size value: 2533274857506816
[  472.702755][T11065] EXT4-fs error (device loop5): ext4_lookup:1858: inode #12: comm syz.5.1695: iget: bad i_size value: 2533274857506816
[  472.819317][T11095] net_ratelimit: 23 callbacks suppressed
[  472.819336][T11095] netlink: zone id is out of range
[  472.847042][T11095] netlink: zone id is out of range
[  472.854414][T11095] netlink: zone id is out of range
[  472.859989][T11095] netlink: zone id is out of range
[  472.865559][T11095] netlink: zone id is out of range
[  472.871067][T11095] netlink: zone id is out of range
[  472.880718][T11095] netlink: zone id is out of range
[  472.890679][T11095] netlink: zone id is out of range
[  472.898038][T11095] netlink: zone id is out of range
[  472.906947][T11095] netlink: zone id is out of range
[  474.680922][T11127] loop5: detected capacity change from 0 to 4096
[  474.702208][T11134] overlayfs: failed to clone upperpath
[  475.949351][T11141] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  478.970763][T11150] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  478.979629][T11150] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  478.988414][T11150] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  478.997214][T11150] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  479.025781][T11150] bond0: (slave vxlan0): Enslaving as an active interface with an up link
[  479.627726][T11181] 8021q: adding VLAN 0 to HW filter on device bond0
[  479.639238][T11181] team0: Port device bond0 added
[  480.976078][T11181] netlink: 'syz.8.1730': attribute type 16 has an invalid length.
[  481.017200][T11181] netlink: 'syz.8.1730': attribute type 17 has an invalid length.
[  481.033763][T11181] team0: Failed to send port change of device bond0 via netlink (err -105)
[  481.053057][T11181] bridge0: port 1(bridge_slave_0) entered disabled state
[  481.068451][T11181] bridge0: port 2(bridge_slave_1) entered disabled state
[  481.079993][T11181] team0: Failed to send port change of device team_slave_0 via netlink (err -105)
[  481.099492][T11181] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[  481.949578][T11212] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1738'.
[  482.116102][T11212] bridge1: port 1(veth3) entered blocking state
[  482.200948][T11212] bridge1: port 1(veth3) entered disabled state
[  482.208644][T11212] device veth3 entered promiscuous mode
[  482.735464][T11218] bridge1: port 2(veth5) entered blocking state
[  482.751353][T11218] bridge1: port 2(veth5) entered disabled state
[  482.758864][T11218] device veth5 entered promiscuous mode
[  483.425356][T11247] netlink: 'syz.0.1750': attribute type 16 has an invalid length.
[  483.465221][T11247] netlink: 'syz.0.1750': attribute type 17 has an invalid length.
[  491.945017][T11341] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1778'.
[  491.961145][T11341] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1778'.
[  492.076896][T11343] 8021q: adding VLAN 0 to HW filter on device bond0
[  492.099759][T11343] team0: Port device bond0 added
[  492.118627][T11351] netlink: 'syz.2.1777': attribute type 16 has an invalid length.
[  492.143935][T11351] netlink: 'syz.2.1777': attribute type 17 has an invalid length.
[  492.298699][T11351] team0: Failed to send port change of device bond0 via netlink (err -105)
[  493.171538][T11365] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1795'.
[  493.198975][T11365] bridge6: port 1(veth5) entered blocking state
[  493.205574][T11365] bridge6: port 1(veth5) entered disabled state
[  493.212890][T11365] device veth5 entered promiscuous mode
[  493.669550][T11365] bridge6: port 2(veth7) entered blocking state
[  493.838426][T11365] bridge6: port 2(veth7) entered disabled state
[  494.153282][T11365] device veth7 entered promiscuous mode
[  494.989846][T11381] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  495.171010][T11381] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  496.769764][T11438] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1806'.
[  497.386798][T11439] gfs2: gfs2 mount does not exist
[  498.392426][T11438] device hsr_slave_0 left promiscuous mode
[  498.408175][T11421] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1802'.
[  498.431470][T11421] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  498.439987][T11421] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  498.448240][T11421] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  498.456664][T11421] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  499.882597][T11464] netlink: 'syz.5.1815': attribute type 1 has an invalid length.
[  500.539357][T11464] 8021q: adding VLAN 0 to HW filter on device bond5
[  500.551494][T11466] device macvlan1 entered promiscuous mode
[  500.618665][T11472] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1817'.
[  501.578861][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  501.606149][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  501.848978][T11490] netlink: 'syz.8.1822': attribute type 1 has an invalid length.
[  501.975339][T11490] 8021q: adding VLAN 0 to HW filter on device bond2
[  501.999521][T11493] 8021q: adding VLAN 0 to HW filter on device bond2
[  502.007852][T11493] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  502.019613][T11493] bond2: (slave vxcan3): Error -22 calling dev_set_mtu
[  502.035011][T11498] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  502.043028][T11498] IPv6: NLM_F_CREATE should be set when creating new route
[  502.122406][T11497] device gretap2 entered promiscuous mode
[  502.147483][T11497] bond2: (slave gretap2): making interface the new active one
[  502.235156][T11497] bond2: (slave gretap2): Enslaving as an active interface with an up link
[  502.380040][T11500] device sit0 entered promiscuous mode
[  502.530514][T11500] netlink: 'syz.5.1824': attribute type 1 has an invalid length.
[  502.618235][T11500] netlink: 1 bytes leftover after parsing attributes in process `syz.5.1824'.
[  503.922006][T10303] Bluetooth: hci5: command 0x0406 tx timeout
[  504.111120][T11512] 9p filesystem being mounted at /339/file0 supports timestamps until 2106-02-07 (0xffffffff)
[  504.536518][T11540] tipc: Started in network mode
[  504.541568][T11540] tipc: Node identity ac14140f, cluster identity 4711
[  504.554751][T11540] tipc: New replicast peer: 10.1.1.2
[  504.561556][T11540] tipc: Enabled bearer <udp:syz2>, priority 10
[  505.183542][   T26] audit: type=1326 audit(3918352061.592:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11526 comm="syz.0.1834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe58321f79 code=0x7fc00000
[  505.568936][T10303] tipc: Node number set to 2886997007
[  505.780199][T11549] netlink: 'syz.8.1840': attribute type 10 has an invalid length.
[  505.885861][T11549] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  507.069761][T11571] BUG: sleeping function called from invalid context at net/core/sock.c:3291
[  507.079335][T11571] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 11571, name: syz.5.1832
[  507.088534][T11571] 7 locks held by syz.5.1832/11571:
[  507.093765][T11571]  #0: ffffffff8d4462e8 (sock_diag_mutex){+.+.}-{3:3}, at: sock_diag_rcv+0x17/0x40
[  507.103109][T11571]  #1: ffffffff8d4461a8 (sock_diag_table_mutex){+.+.}-{3:3}, at: sock_diag_rcv_msg+0x14a/0x3e0
[  507.113554][T11571]  #2: ffff888060a2c698 (nlk_cb_mutex-SOCK_DIAG){+.+.}-{3:3}, at: __netlink_dump_start+0x11f/0x700
[  507.124327][T11571]  #3: ffffffff8d520188 (inet_diag_table_mutex){+.+.}-{3:3}, at: __inet_diag_dump+0x181/0x380
[  507.134641][T11571]  #4: ffffffff8c31eaa0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30
[  507.144084][T11571]  #5: ffffc900018afe88 (&h->lhash2[i].lock){+.+.}-{2:2}, at: mptcp_diag_dump+0x917/0x12b0
[  507.154140][T11571]  #6: ffff8880772d5d20 (msk_lock-AF_INET){+.+.}-{0:0}, at: inet_sk_diag_fill+0xf5e/0x1ca0
[  507.164187][T11571] Preemption disabled at:
[  507.164196][T11571] [<0000000000000000>] 0x0
[  507.172900][T11571] CPU: 1 PID: 11571 Comm: syz.5.1832 Not tainted syzkaller #0
[  507.180369][T11571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  507.190415][T11571] Call Trace:
[  507.193704][T11571]  <TASK>
[  507.196636][T11571]  dump_stack_lvl+0x188/0x250
[  507.201302][T11571]  ? show_regs_print_info+0x20/0x20
[  507.206571][T11571]  ? load_image+0x400/0x400
[  507.211063][T11571]  ? __local_bh_enable_ip+0x136/0x1c0
[  507.216423][T11571]  ___might_sleep+0x493/0x610
[  507.221087][T11571]  ? __might_sleep+0xf0/0xf0
[  507.225662][T11571]  ? nla_put+0x130/0x1e0
[  507.229898][T11571]  ? read_lock_is_recursive+0x10/0x10
[  507.235256][T11571]  ? sock_diag_put_meminfo+0xc6/0x120
[  507.240627][T11571]  ? sock_diag_save_cookie+0xc0/0xc0
[  507.245891][T11571]  ? rcu_preempt_deferred_qs_irqrestore+0x88b/0xc30
[  507.252459][T11571]  __lock_sock_fast+0x2f/0xe0
[  507.257124][T11571]  ? inet_sk_diag_fill+0xf5e/0x1ca0
[  507.262306][T11571]  mptcp_diag_get_info+0x1fe/0x9e0
[  507.267408][T11571]  inet_sk_diag_fill+0xf5e/0x1ca0
[  507.272421][T11571]  ? inet_diag_msg_attrs_fill+0x930/0x930
[  507.278127][T11571]  ? do_raw_spin_lock+0x128/0x2f0
[  507.283136][T11571]  ? __rwlock_init+0x140/0x140
[  507.287884][T11571]  ? inet_diag_bc_sk+0x18b/0x1120
[  507.292906][T11571]  mptcp_diag_dump+0xce6/0x12b0
[  507.297745][T11571]  ? mptcp_token_join_cookie_init_state+0x460/0x460
[  507.304318][T11571]  __inet_diag_dump+0x1f6/0x380
[  507.309157][T11571]  inet_diag_dump_compat+0x17e/0x220
[  507.314423][T11571]  ? inet_diag_dump_start_compat+0x20/0x20
[  507.320216][T11571]  ? __alloc_skb+0x473/0x750
[  507.324794][T11571]  netlink_dump+0x694/0xcf0
[  507.329288][T11571]  ? netlink_lookup+0x1d0/0x1d0
[  507.334123][T11571]  ? __inet_diag_dump_start+0x805/0x970
[  507.339656][T11571]  __netlink_dump_start+0x523/0x700
[  507.344839][T11571]  inet_diag_rcv_msg_compat+0x207/0x420
[  507.350370][T11571]  ? inet_diag_unregister+0xb0/0xb0
[  507.355550][T11571]  ? __mutex_trylock_common+0x155/0x260
[  507.361077][T11571]  ? mutex_lock_io_nested+0x60/0x60
[  507.366259][T11571]  ? __inet_diag_dump+0x380/0x380
[  507.371274][T11571]  ? inet_diag_dump_start_compat+0x20/0x20
[  507.377058][T11571]  ? inet_diag_dump+0x50/0x50
[  507.381725][T11571]  ? inet_diag_unregister+0xb0/0xb0
[  507.386911][T11571]  sock_diag_rcv_msg+0x164/0x3e0
[  507.391828][T11571]  netlink_rcv_skb+0x1f5/0x440
[  507.396583][T11571]  ? sock_diag_bind+0xa0/0xa0
[  507.401253][T11571]  ? netlink_ack+0xb50/0xb50
[  507.405833][T11571]  ? __lock_acquire+0x7d10/0x7d10
[  507.410847][T11571]  sock_diag_rcv+0x26/0x40
[  507.415246][T11571]  netlink_unicast+0x774/0x920
[  507.419997][T11571]  netlink_sendmsg+0x8ba/0xbe0
[  507.424746][T11571]  ? netlink_getsockopt+0x570/0x570
[  507.429924][T11571]  ? aa_sock_msg_perm+0x94/0x150
[  507.434842][T11571]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  507.440106][T11571]  ? security_socket_sendmsg+0x7c/0xa0
[  507.445544][T11571]  ? netlink_getsockopt+0x570/0x570
[  507.450720][T11571]  ____sys_sendmsg+0x5b7/0x8f0
[  507.455475][T11571]  ? __sys_sendmsg_sock+0x30/0x30
[  507.460485][T11571]  ? import_iovec+0x6f/0xa0
[  507.464974][T11571]  ___sys_sendmsg+0x236/0x2e0
[  507.469636][T11571]  ? __sys_sendmsg+0x2a0/0x2a0
[  507.474385][T11571]  ? percpu_counter_add_batch+0x13b/0x160
[  507.480098][T11571]  __se_sys_sendmsg+0x1af/0x290
[  507.484936][T11571]  ? __x64_sys_sendmsg+0x80/0x80
[  507.490054][T11571]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  507.496037][T11571]  ? lockdep_hardirqs_on+0x94/0x140
[  507.501262][T11571]  do_syscall_64+0x4c/0xa0
[  507.505673][T11571]  ? clear_bhb_loop+0x30/0x80
[  507.510333][T11571]  ? clear_bhb_loop+0x30/0x80
[  507.514988][T11571]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  507.520860][T11571] RIP: 0033:0x7f51bd2b5f79
[  507.525257][T11571] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  507.544843][T11571] RSP: 002b:00007f51bb4ce028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  507.553238][T11571] RAX: ffffffffffffffda RBX: 00007f51bd530180 RCX: 00007f51bd2b5f79
[  507.561188][T11571] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  507.569140][T11571] RBP: 00007f51bd34c7e0 R08: 0000000000000000 R09: 0000000000000000
[  507.577103][T11571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  507.585067][T11571] R13: 00007f51bd530218 R14: 00007f51bd530180 R15: 00007ffde6e2b2a8
[  507.593032][T11571]  </TASK>