last executing test programs:

14m34.929326511s ago: executing program 32 (id=1306):
socket$inet6(0xa, 0x2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000000)=ANY=[], 0x7f4}}, 0x40040)
r0 = io_uring_setup(0x3450, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002700)=""/4096, 0x1000}], 0x0, 0x113}, 0x20)

14m20.365419525s ago: executing program 33 (id=1517):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000140)=[{0x0, 0x0, 0x0}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)

12m30.255973501s ago: executing program 1 (id=3433):
r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10)
connect$llc(r0, &(0x7f0000000340)={0x1a, 0x320, 0x0, 0x0, 0x9, 0x6}, 0x10)
r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r1, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

12m30.246372677s ago: executing program 1 (id=3436):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
r1 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r1, 0x2, &(0x7f0000000100)={0x2}, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1}}, 0x80001}, 0x1c)

12m30.187234738s ago: executing program 1 (id=3438):
r0 = fsopen(&(0x7f0000000940)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x6)
fchdir(r1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1cb842, 0x4)
io_setup(0x20fe, &(0x7f0000000540)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000002680)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x1, r2, 0x0, 0x0, 0xa9}])

12m30.017612339s ago: executing program 1 (id=3445):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x51)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x80000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount(0x0, &(0x7f0000000380)='./file0/../file0\x00', 0x0, 0x80000, 0x0)

12m29.937111399s ago: executing program 1 (id=3449):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r2}, 0xc)

12m29.386898671s ago: executing program 1 (id=3461):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
lseek(r0, 0x0, 0x1)

12m29.333536777s ago: executing program 34 (id=3461):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
lseek(r0, 0x0, 0x1)

12m13.953382663s ago: executing program 5 (id=3624):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1a1)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='mqueue\x00', 0x200011, 0x0)
mq_open(&(0x7f00000000c0)='ns\xbf\x12\xe1\v\xc8E\xe0\x80r\x917kj\x9cL\xceZ\x99\xf8Q%#-\xd3\xd2\x13\xe8\xdc\xe1\xfd\xde\xef\xf2\xa7\xd2\xab\x97\xc2e\'\xfc\x10\x85\x03\x00\x00\x002\xb80\x10_\\KA\x97\xb7.[O\xd56\xec^F\xdfT\xda\x9817\"\xf5h\xc0\xf8\a\x9e\xce\xa9&\xffq\xebA\x98\x96~\x17|\xc9xR\\z\x9a\x8cRJ\x85\\u\xb2\\\xedB4\xb5z\xbb\xee\xbd\x96\x19\xd1\x98\xeb\xe8\xc1u\x8b\xf8hc\x81#\r\xe8\xf8%\xd9\x7f\r\x12M\x00', 0x40, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x44000, 0x0)

12m13.929497558s ago: executing program 5 (id=3627):
openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000000101010100000000000000000200000004000180180002801400018008000100b04c94a708000200ac1414aa140019800800010004000000080002"], 0x44}}, 0x4000)
bind$unix(0xffffffffffffffff, 0x0, 0x0)

12m13.791158315s ago: executing program 5 (id=3630):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x0)
r0 = landlock_create_ruleset(&(0x7f0000000140)={0x2000}, 0x10, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x80800, 0x12d)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x2000, r1}, 0x0)
landlock_restrict_self(r0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000180)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

12m13.790242507s ago: executing program 5 (id=3631):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x21d000, 0x0)
pivot_root(&(0x7f00000002c0)='./file0/../file0/../file0\x00', &(0x7f00000000c0)='./file0/../file0/../file0\x00')

12m13.720592574s ago: executing program 5 (id=3632):
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x4000, 0x3}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x9)
landlock_restrict_self(r0, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0)

12m13.38686247s ago: executing program 5 (id=3637):
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac95ab194f8b221697e7818049006ba", 0x11}], 0x1}}], 0x1, 0x24088000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xf, &(0x7f0000000200)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x14, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000007efff100004000", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c527d3d458dd4992861ac00", "f4bd000000801900", [0x8, 0xffffffff9673e35d]}})

12m13.341000517s ago: executing program 35 (id=3637):
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac95ab194f8b221697e7818049006ba", 0x11}], 0x1}}], 0x1, 0x24088000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xf, &(0x7f0000000200)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x14, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000007efff100004000", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c527d3d458dd4992861ac00", "f4bd000000801900", [0x8, 0xffffffff9673e35d]}})

10m18.97011143s ago: executing program 7 (id=5197):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffff9]}, 0x0, 0x8)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)
ioctl$SNDCTL_DSP_STEREO(r0, 0xc0045003, &(0x7f0000000100)=0x1)

10m17.988431363s ago: executing program 7 (id=5205):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xfffffffd, @empty}, 0x1c)
r1 = socket(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0xfffd, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)=@newqdisc={0x3c, 0x24, 0xd0f, 0x70bd2c, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffe0, 0xa}, {0x1, 0xe}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x55}, 0xc010)
shutdown(r0, 0x1)

10m17.891512585s ago: executing program 7 (id=5206):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x5, &(0x7f0000002480))
syz_clone3(&(0x7f000000dd80)={0x100000, 0x0, 0x0, 0x0, {0x13}, 0x0, 0x0, 0x0, 0x0}, 0x58)
pause()
syz_clone3(&(0x7f000000dd80)={0xa04400, 0x0, 0x0, 0x0, {0x12}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000001, 0x31, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)

10m17.023459499s ago: executing program 7 (id=5213):
socket(0x2b, 0x1, 0x1)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000000c0), 0x10)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYRES16=r0], 0x448}}, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="050000000808"], 0x80}}, 0x0)
sendmmsg$inet(r0, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)="050000007402b8f4191db62b", 0xc}, {&(0x7f0000000440)="9f336d70bf41f19e47e98b4015e3b0384d86a1ceb4e530554ebc8154bf392bcf9ce0b09f879bd7aaf9d086e3", 0x2c}], 0x2}}, {{0x0, 0x0, &(0x7f0000000100), 0x2}}], 0x40000000000003a, 0x0)

10m16.94406396s ago: executing program 7 (id=5214):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xb18094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000140)='./file1\x00')
r0 = open(&(0x7f0000000640)='.\x00', 0x0, 0xdd)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x1, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

10m16.943814711s ago: executing program 7 (id=5215):
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x709)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
close(0x3)

10m1.892631282s ago: executing program 36 (id=5215):
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x709)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
close(0x3)

9m55.721958892s ago: executing program 8 (id=5420):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x17a, 0x0)
epoll_pwait(r0, &(0x7f0000000140)=[{}], 0x1, 0x2d516fb6, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014})
unshare(0x2c020400)
pselect6(0x40, &(0x7f0000000000)={0xa, 0x80000001, 0x2, 0x10000000000006, 0x12, 0x8, 0x80000000, 0x8}, 0x0, 0x0, 0x0, 0x0)

9m54.721283774s ago: executing program 8 (id=5427):
timer_create(0x1, &(0x7f0000000000)={0x0, 0x21}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
creat(&(0x7f0000000080)='./file0\x00', 0x2b)
unlink(&(0x7f0000000040)='./file0\x00')
socketpair$unix(0x1, 0x2, 0x0, 0x0)

9m54.175979543s ago: executing program 8 (id=5435):
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000001540)={0x5c, 0x2, 0x6, 0x201, 0x0, 0x0, {0xc, 0x0, 0x9}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x5c}}, 0x0)

9m53.193855319s ago: executing program 8 (id=5440):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x1, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0xb)

9m53.129655684s ago: executing program 8 (id=5442):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000c00000009"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000280), 0x800084, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@bridge_getlink={0x20, 0x12, 0xc21, 0x70bd28, 0x25dfdbff, {0x7, 0x0, 0x0, 0x0, 0x6c480, 0x20000}}, 0x20}, 0x1, 0x0, 0x0, 0x841}, 0x0)

9m53.042351135s ago: executing program 8 (id=5444):
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x50, 0x0, 0x203, {0x7, 0x29, 0x6, 0x707000a1, 0xdcf, 0xdb, 0xb, 0x7fe, 0x0, 0x0, 0x100, 0x9b}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
unshare(0x22020600)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x8, 0x94, 0x7fff0000}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000004000000000100000100000000000000", @ANYRES32, @ANYBLOB="2300f2ff00000000dd0000000000", @ANYRES32=0x0], 0x50)
close_range(r0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3380, 0x1, 0x40024e}, 0x0, 0x0, &(0x7f0000000000))
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @hyper}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1f, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)

9m52.950170901s ago: executing program 37 (id=5444):
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x50, 0x0, 0x203, {0x7, 0x29, 0x6, 0x707000a1, 0xdcf, 0xdb, 0xb, 0x7fe, 0x0, 0x0, 0x100, 0x9b}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
unshare(0x22020600)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x8, 0x94, 0x7fff0000}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000004000000000100000100000000000000", @ANYRES32, @ANYBLOB="2300f2ff00000000dd0000000000", @ANYRES32=0x0], 0x50)
close_range(r0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3380, 0x1, 0x40024e}, 0x0, 0x0, &(0x7f0000000000))
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @hyper}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1f, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)

9m16.623942643s ago: executing program 9 (id=5861):
socket$inet6_udp(0xa, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r0 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r0, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x8, 0x1, 0xffffffffffffd2a1, 0x5, 0x3, 0x2, {0x0, 0x800000000000002, 0x20ff, 0x10000001, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x0, 0xf0b}}}}, 0xa0)
sendfile(r0, r0, &(0x7f0000000080), 0x7f03)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000040)={0x2, 0x3, 0x3}, 0x18, 0x0)
landlock_restrict_self(r1, 0x9)

9m16.511751671s ago: executing program 9 (id=5862):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000002140)={0x2020, 0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r1, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d80762ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0xffffffffffffffff, {0xffffffffffffffff, 0x2, 0x101, 0x0, 0x0, 0x10000000, {0x40, 0xd08, 0x0, 0x100, 0x0, 0x0, 0x7, 0x0, 0x122, 0x6000, 0x10000, 0x0, 0x0, 0x902}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r1, &(0x7f0000000440)={0x50, 0x0, r2, {0x7, 0x29, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x2, 0x0, 0x0, 0x0, 0x1}}, 0x50)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3)
ioctl$TIOCGPTPEER(r3, 0x40480923, 0x200000000005)
close_range(r0, 0xffffffffffffffff, 0x0)

9m16.057252849s ago: executing program 9 (id=5866):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e24, 0x2, @empty, 0xcac2d78a}}, 0x0, 0x0, 0x43, 0x0, "ee8b0e650926a96ecc136e7fb980e989db9e8bf9b93129488f651a8de213eb94cd46e19d9c65a018444a131f4da55a02ddbe2665dca1029607462029add09240005c6776267517308a3d40aa1c788df6"}, 0xd8)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, "6ae04425ace3f60c", "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "0f9dafb4", "ec3fff9afd96e6c0"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
ioctl$int_in(r0, 0x5421, &(0x7f0000000140)=0x1)
writev(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)
shutdown(r0, 0x1)

9m15.963045195s ago: executing program 9 (id=5867):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f42000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x28011, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

9m15.571568973s ago: executing program 9 (id=5869):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x6, 0x3, 0xc06a2f6, 0x1, 0x7}, 0x6, 0x0, 0xa, 0x4, 0x6, 0x8, 0x18, 0x9, 0x3, 0x4, {0x0, 0x2, 0x9, 0x800, 0x8704, 0x27000000}}}}]}, 0x78}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000022c0)=@newtfilter={0xe94, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r6, {0x5, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0xe60, 0x2, [@TCA_MATCHALL_ACT={0xe54, 0x2, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x2, 0x2, 0x8, 0x10000, 0x40}, 0x8, 0x5}, [{0x7, 0x8, 0x2, 0x5, 0x2, 0x203}, {0xff, 0x7, 0x101, 0x8, 0x400810, 0xffffffff}, {0x9, 0x8, 0xfff, 0x2, 0xffffffff, 0x40000b93}, {0x6, 0x4, 0x3, 0xfffffff3, 0x4, 0x6}, {0xd3d4, 0x2, 0x1, 0x6, 0x101, 0x10}, {0x9, 0x40, 0x6, 0x80000000, 0x6, 0x10001}, {0x4, 0x9, 0x100, 0xf9d8, 0x7, 0x2}, {0x5796, 0xffff, 0xd44b, 0x8, 0x1, 0x37a}, {0x6, 0x3, 0x1, 0x80000001, 0x3f, 0x10}, {0x4, 0x9e9c, 0x60, 0x7, 0x0, 0x1}, {0xffe00000, 0x1, 0x8000, 0x4, 0x3, 0x7}, {0x101, 0x9, 0x400, 0x3, 0x9, 0x3}, {0xce9, 0xfffffffb, 0x4, 0xae5e, 0x3ff, 0x2}, {0x3, 0x5, 0x6, 0x4, 0x197d, 0xfb56}, {0x2, 0xc58, 0xf3, 0x0, 0x6, 0x101}, {0x4, 0x5, 0x74d77b97, 0xfffffd8b, 0x0, 0x4}, {0x7fff, 0x5b, 0x6, 0x6, 0x2, 0xb5e}, {0x4c5be96a, 0x2, 0x2, 0x5, 0xd2a1, 0xbe47}, {0x6, 0x9, 0x9, 0x4, 0x3, 0x10000001}, {0x3, 0x8, 0x7, 0x4, 0x95, 0x3}, {0x6, 0x5, 0x2, 0x7fffffff, 0x8, 0x8}, {0x1, 0x71, 0x1, 0xcf55, 0x6, 0x9}, {0x7933, 0x6e20, 0x6, 0x81, 0x2, 0x8}, {0xff, 0x8001, 0xff, 0x10001, 0x5, 0x5}, {0x6, 0x5, 0x0, 0x6, 0xed, 0x5}, {0xce, 0xae, 0x4, 0x4, 0x10000, 0x800}, {0x200, 0x5, 0x6, 0x8, 0x9, 0x9}, {0x8, 0xdd8, 0x8, 0x8, 0x5}, {0x3, 0x3, 0xa, 0x6, 0x7, 0x9}, {0x9, 0x4, 0x9d42, 0x4, 0x1, 0xfffffffb}, {0x8c, 0x6b8, 0x6, 0x2, 0x2, 0xfffffffe}, {0xfff, 0x811, 0x9, 0x5, 0x4}, {0x1, 0x80000001, 0x400, 0x2, 0x0, 0x8001}, {0xfffffe01, 0x2, 0x8, 0x2, 0x8, 0x8}, {0x0, 0x22, 0x5, 0x3, 0x401, 0x5}, {0xa, 0x5, 0x101, 0x5, 0xfffffc01}, {0x4, 0x5, 0x0, 0x0, 0xdb, 0x3d04b554}, {0x5, 0x9, 0xfffffffa, 0x1, 0xfffffffc, 0x2}, {0x8, 0x7, 0x7, 0x99f, 0x9, 0x3}, {0x5, 0x252, 0x8000, 0xffff8001, 0xb, 0x900}, {0x4, 0x3, 0x3, 0x21, 0x7, 0x7}, {0xfffffffb, 0x8a1, 0x2, 0x7, 0x0, 0x4}, {0x0, 0x7fff, 0x2, 0xfffff399, 0x20000009, 0xe756}, {0xfff, 0xc, 0x4, 0x8, 0x2, 0xe}, {0x6, 0x4, 0x6, 0x1, 0x80, 0x980}, {0x23ae78a, 0xc, 0x4, 0x7, 0x200, 0x4}, {0x5, 0xe, 0x2, 0x9, 0x0, 0xf3}, {0x0, 0x9, 0x2, 0x4, 0x3, 0x5}, {0x8, 0x4, 0x5, 0xfffffffd, 0x400, 0x7f}, {0x9, 0x80, 0x6e6b, 0x6, 0x203}, {0x371cf7fc, 0x7, 0x2, 0x1ff, 0xfffffffa, 0x6a97}, {0xd1, 0x4, 0x4, 0x7, 0x5a, 0x9}, {0x8, 0x7f, 0x7fffffff, 0x7f, 0x2, 0x8}, {0x7ff, 0x1, 0x200, 0x2, 0x9, 0x400}, {0x6, 0x1ff, 0x100, 0x9, 0x7, 0x4}, {0x4, 0x6, 0xfe, 0x100, 0xc6}, {0x3, 0xfffffffd, 0xd, 0x6, 0xfffffffe, 0x1000}, {0x7, 0x2, 0x1, 0xd, 0xfffffffe, 0x3}, {0xfffffff9, 0x80000001, 0xe, 0x2, 0x200, 0x7}, {0x3, 0x0, 0xa820, 0x787e, 0x2, 0x2}, {0x8, 0x4, 0x5ae, 0x20000000, 0x8}, {0x5, 0x52, 0x8, 0x5, 0x10, 0x9}, {0x1, 0x7, 0x82, 0x280, 0x800, 0x6}, {0x10, 0x801, 0x0, 0x8, 0x3, 0xa}, {0xad, 0x8, 0x4, 0x5, 0x2, 0xfff}, {0x6, 0x6, 0x7fff, 0x0, 0xff, 0x7fffffff}, {0x8, 0x85e6, 0x3, 0x0, 0x4, 0xc}, {0x9, 0x78e3, 0x5, 0xbc27, 0x7, 0x887b}, {0x6, 0x7, 0x2, 0x9, 0x3}, {0x80000001, 0x0, 0x3, 0x1, 0x81, 0xba}, {0x10001, 0xfff, 0x7, 0x0, 0x9, 0xc29}, {0x100, 0x2, 0x9, 0x7, 0x84e1, 0x3ff}, {0xdc, 0x8, 0xe, 0x7, 0x9}, {0x7, 0x5, 0x1, 0x80, 0x6, 0xff}, {0xd5e, 0x5, 0x0, 0x100, 0x0, 0x10}, {0x200, 0x2, 0x8000, 0x0, 0x6b, 0x4}, {0x20000, 0x0, 0x9, 0x8, 0x100, 0x1000}, {0x4, 0x3ff, 0x0, 0x10000, 0x7, 0x7}, {0x6, 0x9, 0x1, 0x2001ff, 0x4, 0x1}, {0x4, 0xd38f, 0x6, 0x4, 0x170ddbc4, 0xe38}, {0x14a, 0x7, 0x0, 0x10001, 0x1, 0x2}, {0x9, 0x6, 0x1, 0x400, 0xffffffff, 0xfffffdfc}, {0x7, 0x6, 0x3906, 0xffffffff, 0x1705, 0x7}, {0x3, 0x3b10fe2d, 0x4004, 0x5, 0x3, 0xffff7fff}, {0x9430, 0xb, 0x6, 0x2, 0x9, 0x5}, {0xa, 0xb1fb, 0x6, 0x6, 0xf, 0x9}, {0x2a455dad, 0x5, 0x29, 0xfffffff9, 0x800, 0x7fff}, {0x3, 0x3, 0xee, 0x9, 0x6, 0x8}, {0x5ce, 0x3, 0x40, 0xb, 0x8, 0x99}, {0x2, 0x9, 0xf620, 0x7, 0xff, 0x8}, {0x101, 0x6, 0x80000000, 0x9, 0xfffff697, 0x8}, {0x6, 0x8, 0x7, 0x2, 0xa226, 0x9}, {0x8, 0x8, 0x3, 0xfffff246, 0xf, 0x2}, {0x3, 0xaf, 0x7ff, 0xe0, 0x0, 0x7cf}, {0x8, 0x7, 0x29af2cf0, 0x1, 0x6, 0x80000000}, {0x7fff, 0x9, 0x4b, 0xa4e}, {0xffffffff, 0x7, 0xa, 0x80000000, 0x0, 0x69}, {0x4, 0x9, 0x9, 0x4, 0x100, 0x5}, {0x6, 0x6, 0x2, 0x80000001, 0x6, 0x9}, {0x6, 0x401, 0x2, 0x2, 0x3, 0xb}, {0xe, 0x40, 0x3, 0xa, 0xffffffff, 0x1d1a}, {0xc0, 0x81, 0xb, 0x3, 0xea, 0x3}, {0xc, 0x2, 0x1, 0x7fffffff, 0x1, 0x2f4}, {0xf, 0x6, 0x9, 0x73e7, 0x1000, 0x20000004}, {0x6, 0x8000, 0x3ff, 0x8dcc, 0x4, 0x7ff}, {0x7, 0x12, 0x8, 0x8, 0x69, 0x9}, {0x7f, 0x7, 0x4, 0x0, 0x3, 0x2}, {0x9, 0x0, 0x7a, 0x5, 0x4, 0x7}, {0xb06, 0x7, 0x7ff, 0x400009, 0x0, 0x7bffffff}, {0x4, 0x7b, 0x3, 0x4, 0x0, 0xa7}, {0x81, 0x56c3, 0x1, 0xdda, 0x6, 0xb27d}, {0x4, 0x3, 0x401, 0xad, 0xcf5, 0xf8c}, {0x8, 0x1, 0x3, 0x40, 0x1, 0x4907}, {0x6, 0x4, 0x38, 0x4, 0x5, 0x6}, {0x7, 0x2, 0x1000f, 0x64, 0x1, 0x7}, {0x1, 0x2, 0x4010, 0xffffffad, 0x0, 0x751e}, {0xfff0, 0x2, 0x4, 0x3, 0x3, 0x5}, {0x5, 0x7, 0x400008, 0x1, 0x5, 0xfff}, {0x4fb, 0x0, 0x0, 0x7ff, 0x4, 0x5}, {0xf455, 0x3, 0x7fff, 0x59ed, 0xb4e9, 0xe4}, {0x7, 0x2, 0xe, 0x0, 0x3da78e9c, 0x8000}, {0x2, 0x0, 0x400, 0x765, 0x7d, 0x7}, {0x5, 0x7, 0x5, 0x8, 0x8, 0x5d7c}, {0x10, 0x3, 0x9, 0x5, 0x8, 0x2}, {0x6a, 0x9, 0x81, 0xffffffff, 0x4, 0x200}, {0x3, 0x8007, 0x3, 0x4a, 0x6, 0x1}, {0x0, 0x2, 0x7, 0x616, 0x5, 0x4}, {0x6, 0xb25b, 0x3, 0x0, 0x6, 0xb}], [{0x4, 0x1}, {0x5}, {0x4}, {}, {0x5, 0x1}, {0x5}, {0x0, 0x1}, {0x5, 0x1}, {0x6}, {0x0, 0x1}, {0x2}, {0x4}, {0x5}, {0x4, 0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x1}, {0x2}, {0x4}, {0x1}, {0x0, 0x1}, {0x5}, {0x5, 0x1}, {}, {0x2, 0x1}, {0x0, 0x1}, {}, {0x5}, {0x4}, {0x3, 0x1}, {}, {0x3, 0x1}, {0x1}, {}, {0x5}, {0x5, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {}, {0x3, 0x1}, {0x1, 0x1}, {0x4}, {}, {0x5}, {0x3}, {0xd}, {0x0, 0x338f50ad6d91f11}, {0x1, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x4}, {0x1}, {0x4}, {0x3}, {0x1, 0x1}, {0x4}, {0x5}, {0x1, 0x1}, {0x5, 0x1}, {}, {0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x4}, {0x4, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x3}, {0x1, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x4}, {0x4}, {0x4}, {0x3}, {0x0, 0x1}, {0x5, 0x1}, {0x2, 0x1}, {}, {0x1, 0x1}, {0x3}, {0x3, 0x1}, {0x5, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x1}, {0x6, 0x1}, {0x5}, {0x3}, {0x1, 0x1}, {0x1, 0x1}, {0x5}, {0x2, 0x1}, {0x0, 0x1}, {0x4, 0x1}, {0x3}, {0x5, 0x1}, {0x3}, {0x3}, {0x3}, {0x4}, {0x5, 0x1}, {0x3}, {0x0, 0x1}, {0x2, 0x1}, {0x3}, {0x5}, {0x2, 0x1}, {0x2, 0x1}, {0x3}, {0x3, 0x1}, {0x4}, {0x4}, {0x5}, {0x5, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x4}]}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0xe94}, 0x1, 0x0, 0x0, 0x10}, 0x0)

9m15.283893529s ago: executing program 9 (id=5872):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r0, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x9, 0x9})
fcntl$lock(r0, 0x7, &(0x7f0000000140)={0x1, 0x1, 0x25, 0x5})
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
fcntl$lock(r0, 0x7, &(0x7f00000000c0)={0x1, 0x2, 0x8, 0x73e9})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)

9m15.183065106s ago: executing program 38 (id=5872):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r0, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x9, 0x9})
fcntl$lock(r0, 0x7, &(0x7f0000000140)={0x1, 0x1, 0x25, 0x5})
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
fcntl$lock(r0, 0x7, &(0x7f00000000c0)={0x1, 0x2, 0x8, 0x73e9})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)

8m0.625376676s ago: executing program 6 (id=6662):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
getpgid(0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000800)=@newtfilter={0x3c, 0x2c, 0xca7, 0x70bd25, 0x400000, {0x0, 0x0, 0x0, r5, {0x7, 0x4}, {}, {0x1, 0xfff1}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x5}}]}}]}, 0x3c}}, 0x20040054)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'})

8m0.574516471s ago: executing program 6 (id=6663):
pipe2$watch_queue(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1048001, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x2, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r5=>r4}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189378, &(0x7f0000000280)={{0x1, 0x1, 0x18, r5, {0x4}}, './file0\x00'})

8m0.574291069s ago: executing program 6 (id=6664):
sched_setaffinity(0x0, 0x0, 0x0)
getpid()
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, &(0x7f00000001c0)=0x80000000)
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x7, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x2, 0x9, 0xfffffffffffffffd, 0x2000000006, 0x2, 0x4, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x8, 0x80001, 0xffffffffffffffff, 0x2000000000000000, 0xb3, 0xf63], 0xeeee8000, 0x2839d1})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

8m0.375721688s ago: executing program 6 (id=6665):
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
mount$fuse(0x0, 0x0, 0x0, 0x100000, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x2, &(0x7f0000000400))
chdir(&(0x7f0000000180)='./file1\x00')
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r1, 0x0)
r2 = getpgid(r1)
setpgid(0x0, r2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x8000, 0x0)
setresuid(0x0, 0xee00, 0x0)
ioctl$AUTOFS_IOC_EXPIRE(r3, 0x810c9365, 0x0)

8m0.374716016s ago: executing program 6 (id=6667):
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000400)='ramfs\x00', 0x2800000, 0x0)
chdir(&(0x7f0000000000)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000000)='./bus\x00')
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000180), 0xb)
copy_file_range(r1, &(0x7f0000000080), r0, 0x0, 0xfffffffffffffff8, 0x0)

8m0.015779031s ago: executing program 6 (id=6668):
iopl(0x3)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x2)
writev(r2, &(0x7f0000000100)=[{&(0x7f00000000c0)="cd", 0x1}], 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)

7m59.907154285s ago: executing program 39 (id=6668):
iopl(0x3)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x2)
writev(r2, &(0x7f0000000100)=[{&(0x7f00000000c0)="cd", 0x1}], 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)

6.508493414s ago: executing program 3 (id=8962):
openat$sndseq(0xffffffffffffff9c, 0x0, 0x62181)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x20000000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a20000000000a03000000000000000000070000000900010073797a300000000050000000090a010400000000000000000700fffd08000a4000b6b8000900020073797a31000000000900010073797a300000000008000540000000071400"], 0x98}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
unshare(0x8040480)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff)
socket$inet6(0xa, 0x2, 0x0)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x14, r2, 0x701, 0x70bd2b, 0x0, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x20004074}, 0x0)
syz_genetlink_get_family_id$nbd(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x801, 0x0, 0x0, {0x1, 0x0, 0x7}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xfffffffe}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0xb}]}}}]}]}], {0x14}}, 0xd8}, 0x1, 0x0, 0x0, 0x2000c045}, 0x24000004)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, 0x0, 0x0, 0x240540c7, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
close(r4)

6.381133888s ago: executing program 3 (id=8964):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000e40)={'wlan0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)
madvise(&(0x7f0000f0f000/0x2000)=nil, 0x2000, 0x15)

5.174022012s ago: executing program 3 (id=8969):
mq_open(&(0x7f0000000100)='&\x00', 0x40, 0x100, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000001300), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0xc044)
syz_open_procfs(0x0, &(0x7f0000000240)='gid_map\x00')
openat$nvme_fabrics(0xffffff9c, &(0x7f0000000000), 0x80081, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
socket(0xa, 0x3, 0x3a)
socket$inet(0x2, 0x3, 0xd)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.669050102s ago: executing program 4 (id=8971):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
socket$packet(0x11, 0x3, 0x300)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, 0x0, 0x8000)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', <r6=>0x0})
sendto$packet(r0, &(0x7f00000002c0)="05032200d3fc140000004788031c09102c28", 0xfdef, 0x4, &(0x7f0000000140)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)

4.647200841s ago: executing program 3 (id=8972):
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB="85000000a800000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1100000004000000040000000010"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0c000000040000000400000009"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000024c0), &(0x7f0000001280), 0xffffffff, r4}, 0x38)

4.531165092s ago: executing program 4 (id=8973):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prctl$PR_SET_TIMERSLACK(0x1d, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x3)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
socket(0x1, 0x800, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c000000100005ff0400", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006261746164760000040002800800", @ANYRES32], 0x3c}}, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r3)
wait4(r3, &(0x7f0000000180), 0x20000000, &(0x7f0000000400))

4.291427902s ago: executing program 4 (id=8974):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_tables_targets\x00')
sendfile(r0, r0, &(0x7f0000000000)=0x2eb4, 0x2000007ff)
sendmsg$AUDIT_LIST_RULES(r0, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x10, 0x3f5, 0x2, 0x70bd2b, 0x25dfdbff, "", ["", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4080}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$BLKCRYPTOGENERATEKEY(0xffffffffffffffff, 0xc030128a, &(0x7f0000000240)={0x0})
bind$inet6(r1, 0x0, 0x0)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x0, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f00000000c0)={'pcl818\x00', [0x100, 0x4, 0x300, 0xc, 0xe, 0x5, 0x79, 0x3, 0x80008, 0x2, 0x2, 0x6c, 0x7, 0x1, 0x1, 0xfd, 0xfffffffb, 0x9, 0x3, 0x7fffffff, 0x89, 0xca9f, 0x0, 0x20001e58, 0xffffffff, 0xf39e, 0x6, 0x8, 0xa6b5, 0x0, 0xfffffff8]})
ioctl$COMEDI_DEVINFO(r2, 0x80b06401, 0x0)
sendto$inet6(r1, &(0x7f00000004c0)='\x00', 0x1, 0x0, 0x0, 0x0)
sendmmsg$sock(r1, &(0x7f0000005380)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="89", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000001c00)="bc", 0x1}], 0x1}}], 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x4000000000001, 0x0, 0x2, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000280)=0x2, 0x4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r4 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x186, 0x904)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r4, 0xc0045540, &(0x7f0000001280)=0x10001)

4.093177718s ago: executing program 4 (id=8975):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, 0x0, 0x0)
ioctl$NILFS_IOCTL_SET_SUINFO(r1, 0x40186e8d, &(0x7f0000000540)={0x0, 0x0, 0x20, 0xff, 0x10})
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000600)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="2f00000004000000000000", @ANYRES32, @ANYRES64=0x0], 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
r2 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r3, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x9}}]}}]}, 0x48}}, 0xc840)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000800)=@newtfilter={0x54, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x6}, {}, {0x7, 0x3}}, [@filter_kind_options=@f_u32={{0x8}, {0x28, 0x2, [@TCA_U32_SEL={0x24, 0x5, {0xd, 0x7, 0x1, 0x3d3f, 0x0, 0xfff, 0xb709, 0x58f, [{0x0, 0x20008000, 0x4, 0x1}]}}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4084}, 0x24040084)
recvmmsg$unix(r2, &(0x7f0000000580)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)=""/219, 0xdb}], 0x1}}], 0x1, 0x60, 0x0)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYRES32, @ANYRES32=0x0, @ANYBLOB="08000800010000000600060001000000"], 0x2c}, 0x1, 0x0, 0x0, 0x4004054}, 0x4000044)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[], 0xc3}, 0x1, 0x100000000000000, 0x0, 0x2000}, 0x40400c0)
r4 = socket(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f0000000000), 0x4000000000001f2, 0x0)

4.087808667s ago: executing program 0 (id=8983):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$cdrom(0xffffff9c, &(0x7f00000000c0), 0x101000, 0x0)
ioctl$CDROMREADMODE1(r3, 0x530d, &(0x7f0000000ac0)={0x5, 0x7, 0xb, 0x8, 0x7f})

3.718430689s ago: executing program 4 (id=8977):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002c40)=ANY=[@ANYBLOB="840100001900010028bd7000fbdbdf251d0109004d0012804f61ec2d73451836842bd81fca62fb2b"], 0x184}, 0x1, 0x0, 0x0, 0x5}, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x200000e, 0x6c2f2, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
lsetxattr$system_posix_acl(0x0, &(0x7f0000000840)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@nfs_export_on}]})

3.709578106s ago: executing program 3 (id=8978):
socket$tipc(0x1e, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee7, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x54, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}]}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x54}}, 0x0)

3.555831742s ago: executing program 2 (id=8979):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24000084)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x38, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x7}}]}, 0x38}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080)
r11 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)=@newqdisc={0x30, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r12, {0x4}, {0xffff, 0xffff}, {0xffff, 0x6}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4005c}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000640)=@newqdisc={0x3c, 0x28, 0x4ee4e6a52ff56541, 0x5001, 0xfffffdfb, {0x0, 0x0, 0x0, r6, {0x4}, {0xffff, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x2, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xcebc}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080)

3.498577552s ago: executing program 2 (id=8980):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000008c0), r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfd, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r3)
syz_genetlink_get_family_id$devlink(&(0x7f0000000900), r3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x14, 0x2e, 0x9, 0x70bd27, 0x0, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x42804}, 0x0)

2.560685595s ago: executing program 0 (id=8981):
syz_open_dev$video4linux(0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
getsockopt(0xffffffffffffffff, 0x200000000114, 0x2715, &(0x7f0000000580)=""/102393, &(0x7f0000000400)=0x18ff9)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x4c050)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000540)=@delpolicy={0x50, 0x14, 0x1, 0x0, 0x0, {{@in6=@empty, @in6=@local, 0x3, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, 0x8000000}}, 0x50}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r1, 0xc0bc5310, &(0x7f0000000200))
sendmmsg$unix(r2, &(0x7f000000bbc0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000001180)="dd9e4197", 0x4}], 0x1, &(0x7f00000003c0)=[@rights={{0x10, 0x1, 0x1, [r2]}}], 0x10, 0x20000041}}], 0x1, 0xc004)
recvmmsg(r3, &(0x7f0000001140)=[{{0x0, 0x0, 0x0}}], 0x700, 0x2, 0x0)

2.542819695s ago: executing program 2 (id=8982):
pipe(&(0x7f00000000c0))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0x4}]}, 0x8)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000001680)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="31fdffffffffffffff74098b2e5e55a1828636f60fc0cfdac56c75f1687f0c56287423f5eed69f117e766bdbad0c2171ad6227e1173ab6efa2fcb1c420a51a09", 0x40}], 0x1}}, {{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f00000006c0)="3256610ce79d5ba6661e963ebdd4a13f920a4a5faf894f3e6c96258f3f94db4db53f98f396", 0x25}, {&(0x7f0000000940)}, {&(0x7f00000009c0)="f1b453d8db1410b23dd0b89c359e63cb11ca65a15b83ad5708ebd6cb182ff0dba4428bf546b8d385a1ff806a0a46bfa89a101d24674764584bdc9c4c0c94f835029e79a57920aa428ecd9769f0949c0dab96e8b829c5ea536245428ba3000461e69a3967acc5", 0x66}], 0x3}}], 0x2, 0x2090)

2.143298437s ago: executing program 2 (id=8984):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller0\x00', @broadcast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x5, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x3, 0x7, 0x5, 0x5, 0xffffffff, 0x6}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x7ff, 0x100000000, 0x6eb, 0x5, 0x7, 0x2c0b}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x240080c1}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2e, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0x0, 0x1}, {0x3, 0xb}, {0xffe0, 0x6}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0x34}, 0x1, 0x0, 0x0, 0x2404c0f1}, 0x6008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

2.140144045s ago: executing program 0 (id=8992):
socket$inet6_icmp(0xa, 0x2, 0x3a)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x240, 0x0)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000003c0)={0xc})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x1, @remote}, 0xa, 0x0, 0x3}}, 0x26)
sendmmsg$inet(r3, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)}}], 0x1a000, 0x8040)

2.003913413s ago: executing program 2 (id=8985):
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x30, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {0x7, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x80005}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000)

1.959288792s ago: executing program 0 (id=8986):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000083667d1040206402d14e0102030109021b000100000000090400000190f19c00090584"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[], 0x50)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac2(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
r2 = syz_open_dev$I2C(&(0x7f0000000100), 0x2, 0x1)
ioctl$I2C_RDWR(r2, 0x707, &(0x7f0000000140)={&(0x7f00000000c0)=[{0x2416, 0x0, 0x0, 0x0}], 0x1})

1.328548756s ago: executing program 0 (id=8987):
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = getpgid(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0xb)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2fdfffffd}, 0xc)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="090000000600000004000000fc07"], 0x48)
openat$iommufd(0xffffff9c, &(0x7f00000000c0), 0x2500, 0x0)
bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000600), 0x0, 0x3ff, r4, 0x0, 0x100000000000000}, 0x38)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x102}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000014}, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xff, 0x7fff7ffc}]})
close_range(r6, 0xffffffffffffffff, 0x0)

1.324504847s ago: executing program 3 (id=8996):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000083667d1040206402d14e0102030109021b000100000000090400000190f19c00090584"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[], 0x50)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac2(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
r2 = syz_open_dev$I2C(&(0x7f0000000100), 0x2, 0x1)
ioctl$I2C_RDWR(r2, 0x707, &(0x7f0000000140)={&(0x7f00000000c0)=[{0x2416, 0x0, 0x0, 0x0}], 0x1})

356.516886ms ago: executing program 0 (id=8988):
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB="85000000a800000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1100000004000000040000000010"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0c000000040000000400000009"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000024c0), &(0x7f0000001280), 0xffffffff, r4}, 0x38)

356.243604ms ago: executing program 4 (id=8989):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x18, 0x30, 0x1, 0x0, 0x25dfdbff, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$cgroup_root(0xffffff9c, &(0x7f00000001c0)='./cgroup.net/syz0\x00', 0x200002, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000008c0)={0x2020}, 0x2020)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x2f)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x15, 0x1c, &(0x7f0000000000)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {0x7, 0x0, 0xb, 0x6, 0x0, 0x0, 0x5}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0x6, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x1, 0xa, 0x9, 0x9}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x6, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

0s ago: executing program 2 (id=8990):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r2 = open(&(0x7f0000000180)='./bus\x00', 0x189a7c, 0x113)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x4e142, 0x0)
pwritev2(r3, &(0x7f0000000680)=[{&(0x7f0000000200)="05", 0x6a000}], 0x1, 0x6000000, 0x0, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x37fffee, 0x4002011, r2, 0x40000000)

kernel console output (not intermixed with test programs):

.507202][   T87] vhci_hcd vhci_hcd.3: disconnect device
[  818.511543][T29183] 8021q: adding VLAN 0 to HW filter on device batadv0
[  818.563244][T29183] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  818.578983][T29183] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  818.599323][T29183] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  818.741286][   T34] usb 8-1: USB disconnect, device number 24
[  819.292339][T29199] Set syz1 is full, maxelem 65536 reached
[  820.739131][   T40] kauditd_printk_skb: 7 callbacks suppressed
[  820.739149][   T40] audit: type=1800 audit(2000000116.759:7636): pid=29234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.8260" name="bus" dev="ramfs" ino=106213 res=0 errno=0
[  820.854070][T29228] Set syz1 is full, maxelem 65536 reached
[  822.162706][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  822.485114][T29265] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  822.521336][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  822.769951][    C0] bridge0: port 1(vlan3) entered learning state
[  822.830026][   T29] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  823.269578][ T7729] vhci_hcd vhci_hcd.3: vhci_device speed not set
[  826.293437][T29309] netlink: 'syz.4.8281': attribute type 4 has an invalid length.
[  830.963527][T29378] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8302'.
[  830.999461][T29382] netlink: 'syz.2.8303': attribute type 4 has an invalid length.
[  831.389702][T29394] netlink: 'syz.0.8308': attribute type 1 has an invalid length.
[  831.438788][  T842] libceph: connect (1)[c::]:6789 error -101
[  831.441451][  T842] libceph: mon0 (1)[c::]:6789 connect error
[  831.451312][T29394] 8021q: adding VLAN 0 to HW filter on device bond41
[  831.528841][T29399] bond41: (slave veth49): Enslaving as an active interface with a down link
[  831.536543][T29394] bond41: (slave veth0_to_bond): Enslaving as an active interface with a down link
[  831.555750][T29387] ceph: No mds server is up or the cluster is laggy
[  831.604403][T29394] vlan3: entered allmulticast mode
[  831.606078][T29394] veth0_to_bond: entered allmulticast mode
[  831.608351][T29394] veth0_to_bond: entered promiscuous mode
[  831.610927][T29394] veth0_to_bond: left promiscuous mode
[  831.613024][T29394] veth0_to_bond: entered promiscuous mode
[  831.615061][T29394] bond41: (slave vlan3): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  831.622118][T29394] veth0_to_bond: left promiscuous mode
[  831.848032][T29409] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8310'.
[  833.371039][T29432] ntfs3(nullb0): Primary boot signature is not NTFS.
[  833.424977][T29432] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  834.356789][T29440] 8021q: adding VLAN 0 to HW filter on device bond0
[  834.380243][T29440] 8021q: adding VLAN 0 to HW filter on device team0
[  834.415043][T29440] 8021q: adding VLAN 0 to HW filter on device batadv0
[  834.491469][T29440] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  834.500232][T29440] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  834.654682][  T104] bond41: (slave veth0_to_bond): link status definitely up, 10000 Mbps full duplex
[  834.673777][  T104] bond41: (slave veth0_to_bond): making interface the new active one
[  834.693669][  T104] veth0_to_bond: entered promiscuous mode
[  834.708249][  T104] bond41: active interface up!
[  834.834363][T29451] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  835.127456][T29453] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8321'.
[  835.146652][T29453] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  835.149060][T29453] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  835.151833][T29453] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  835.154793][T29453] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  835.157126][T29453] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  835.159506][T29453] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  835.162105][T29453] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  835.164742][T29453] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  835.167273][T29453] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  835.378252][T29460] overlayfs: failed to clone upperpath
[  835.522859][   T40] audit: type=1804 audit(2000000008.719:7637): pid=29462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.8322" name="bus" dev="tmpfs" ino=12965 res=1 errno=0
[  836.781345][T29484] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8332'.
[  836.803981][T29486] /dev/nullb0: Can't lookup blockdev
[  836.821548][T29484] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8332'.
[  837.476557][   T46] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  837.486100][   T46] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  837.508021][   T46] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  837.517387][   T46] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  837.804654][T29508] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  837.848701][T29511] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8339'.
[  837.901301][T29515] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8336'.
[  838.809942][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  838.834219][T29526] overlayfs: failed to clone upperpath
[  838.866343][   T40] audit: type=1804 audit(2000000012.059:7638): pid=29526 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.8343" name="bus" dev="tmpfs" ino=12008 res=1 errno=0
[  839.812885][T29538] /dev/nullb0: Can't lookup blockdev
[  841.022778][   T40] audit: type=1326 audit(2000000014.219:7639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29551 comm="syz.2.8350" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f58fcc code=0x7ffc0000
[  841.035331][   T40] audit: type=1326 audit(2000000014.229:7640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29551 comm="syz.2.8350" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f58fcc code=0x7ffc0000
[  841.047383][   T40] audit: type=1326 audit(2000000014.229:7641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29551 comm="syz.2.8350" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f58fcc code=0x7ffc0000
[  841.066031][   T40] audit: type=1326 audit(2000000014.229:7642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29551 comm="syz.2.8350" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f58fcc code=0x7ffc0000
[  841.087932][   T40] audit: type=1326 audit(2000000014.229:7643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29551 comm="syz.2.8350" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f58fcc code=0x7ffc0000
[  841.094885][   T40] audit: type=1326 audit(2000000014.229:7644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29551 comm="syz.2.8350" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf7f58fcc code=0x7ffc0000
[  841.133911][   T40] audit: type=1326 audit(2000000014.229:7645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29551 comm="syz.2.8350" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f58fcc code=0x7ffc0000
[  841.145428][   T40] audit: type=1326 audit(2000000014.239:7646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29551 comm="syz.2.8350" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f58fcc code=0x7ffc0000
[  841.155038][   T40] audit: type=1326 audit(2000000014.239:7647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29551 comm="syz.2.8350" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f58fcc code=0x7ffc0000
[  841.164371][   T40] audit: type=1326 audit(2000000014.249:7648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29551 comm="syz.2.8350" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf7f58fcc code=0x7ffc0000
[  842.191742][T29562] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8352'.
[  842.261494][T29562] net_ratelimit: 6649 callbacks suppressed
[  842.261510][T29562] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  842.265813][T29562] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  842.268284][T29562] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  842.270617][T29562] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  842.272974][T29562] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  842.275265][T29562] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  842.277424][T29562] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  842.279605][T29562] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  842.281779][T29562] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  842.283897][T29562] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  843.053841][T29583] /dev/nullb0: Can't lookup blockdev
[  843.732788][T29592] fuse: fd is not a fuse device
[  843.944163][T29595] netlink: 'syz.4.8360': attribute type 1 has an invalid length.
[  843.978735][T29595] 8021q: adding VLAN 0 to HW filter on device bond0
[  844.031961][T29595] bond0: (slave gretap2): making interface the new active one
[  844.043327][T29595] bond0: (slave gretap2): Enslaving as an active interface with an up link
[  845.480996][T29619] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8368'.
[  846.174295][   T46] veth0_to_bond: left promiscuous mode
[  852.280367][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  852.280383][   T40] audit: type=1326 audit(2000000025.479:7655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29711 comm="syz.4.8389" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  852.301660][   T40] audit: type=1326 audit(2000000025.479:7656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29711 comm="syz.4.8389" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  852.319950][   T40] audit: type=1326 audit(2000000025.489:7657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29711 comm="syz.4.8389" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  852.335089][   T40] audit: type=1326 audit(2000000025.489:7658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29711 comm="syz.4.8389" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  852.343328][   T40] audit: type=1326 audit(2000000025.489:7659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29711 comm="syz.4.8389" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  852.358190][   T40] audit: type=1326 audit(2000000025.489:7660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29711 comm="syz.4.8389" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  852.384960][   T40] audit: type=1326 audit(2000000025.499:7661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29711 comm="syz.4.8389" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  852.397998][   T40] audit: type=1326 audit(2000000025.509:7662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29711 comm="syz.4.8389" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  852.408534][   T40] audit: type=1326 audit(2000000025.509:7663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29711 comm="syz.4.8389" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  852.419084][   T40] audit: type=1326 audit(2000000025.519:7664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29711 comm="syz.4.8389" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  852.549114][T29721] netlink: 'syz.3.8391': attribute type 1 has an invalid length.
[  852.702195][T29721] 8021q: adding VLAN 0 to HW filter on device bond14
[  852.849924][    C0] bridge0: port 1(vlan3) entered forwarding state
[  852.852739][    C0] bridge0: topology change detected, propagating
[  852.921089][T29725] bond14: (slave gretap3): making interface the new active one
[  852.933523][T29725] bond14: (slave gretap3): Enslaving as an active interface with an up link
[  856.489915][T15089] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[  856.641909][T15089] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  856.646170][T15089] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  856.653268][T15089] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  856.656710][T15089] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  856.660521][T15089] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  856.666739][T15089] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  856.669789][T15089] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  856.672764][T15089] usb 8-1: Product: syz
[  856.674274][T15089] usb 8-1: Manufacturer: syz
[  856.678680][T15089] cdc_wdm 8-1:1.0: skipping garbage
[  856.680953][T15089] cdc_wdm 8-1:1.0: skipping garbage
[  856.687503][T15089] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  856.689443][T15089] cdc_wdm 8-1:1.0: Unknown control protocol
[  856.700042][    C3] net_ratelimit: 3319 callbacks suppressed
[  856.700057][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  859.254075][ T7396] usb 8-1: USB disconnect, device number 25
[  859.577651][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  859.577664][   T40] audit: type=1804 audit(2000000032.769:7671): pid=29790 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.8408" name="/newroot/497/bus/bus" dev="overlay" ino=2795 res=1 errno=0
[  859.608201][   T40] audit: type=1804 audit(2000000032.799:7672): pid=29790 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.8408" name="/newroot/497/bus/bus" dev="overlay" ino=2795 res=1 errno=0
[  860.383698][T29793] /dev/nullb0: Can't lookup blockdev
[  860.506618][T29802] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8411'.
[  862.749135][   T40] audit: type=1804 audit(2000000035.939:7673): pid=29833 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.8422" name="/newroot/500/bus/bus" dev="overlay" ino=2820 res=1 errno=0
[  862.762029][   T40] audit: type=1804 audit(2000000035.949:7674): pid=29833 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.8422" name="/newroot/500/bus/bus" dev="overlay" ino=2820 res=1 errno=0
[  863.539264][T29837] /dev/nullb0: Can't lookup blockdev
[  864.658567][   T40] audit: type=1326 audit(2000000037.849:7675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29853 comm="syz.4.8436" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  864.673833][   T40] audit: type=1326 audit(2000000037.859:7676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29853 comm="syz.4.8436" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  864.694088][   T40] audit: type=1326 audit(2000000037.859:7677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29853 comm="syz.4.8436" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  864.714007][   T40] audit: type=1326 audit(2000000037.859:7678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29853 comm="syz.4.8436" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  864.727489][   T40] audit: type=1326 audit(2000000037.859:7679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29853 comm="syz.4.8436" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  864.744260][   T40] audit: type=1326 audit(2000000037.859:7680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29853 comm="syz.4.8436" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  864.760243][   T40] audit: type=1326 audit(2000000037.859:7681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29853 comm="syz.4.8436" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  864.776164][   T40] audit: type=1326 audit(2000000037.859:7682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29853 comm="syz.4.8436" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  864.785502][   T40] audit: type=1326 audit(2000000037.859:7683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29853 comm="syz.4.8436" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  864.793320][   T40] audit: type=1326 audit(2000000037.859:7684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29853 comm="syz.4.8436" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  865.219952][   T10] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[  865.371976][   T10] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  865.375451][   T10] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  865.380500][   T10] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  865.383824][   T10] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  865.387348][   T10] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  865.393115][   T10] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  865.396059][   T10] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  865.398677][   T10] usb 8-1: Product: syz
[  865.400145][   T10] usb 8-1: Manufacturer: syz
[  865.404212][   T10] cdc_wdm 8-1:1.0: skipping garbage
[  865.405943][   T10] cdc_wdm 8-1:1.0: skipping garbage
[  865.418384][   T10] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  865.421572][   T10] cdc_wdm 8-1:1.0: Unknown control protocol
[  866.096178][    C0] cdc_wdm 8-1:1.0: Unexpected error -71
[  866.096867][T15093] usb 8-1: USB disconnect, device number 26
[  866.099172][    C0] wdm_int_callback: 24 callbacks suppressed
[  866.099185][    C0] cdc_wdm 8-1:1.0: nonzero urb status received: -71
[  866.104291][    C0] wdm_int_callback: 24 callbacks suppressed
[  866.104302][    C0] cdc_wdm 8-1:1.0: wdm_int_callback - 0 bytes
[  866.108077][    C0] cdc_wdm 8-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  868.555394][T29890] bond21: entered allmulticast mode
[  868.557452][T29894] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8448'.
[  868.559416][T29889] bond21: left allmulticast mode
[  868.566043][T29894] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8448'.
[  868.882063][T29909] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8441'.
[  870.056949][T29933] 8021q: adding VLAN 0 to HW filter on device macvlan4
[  870.061542][T29933] team0: Device macvlan4 is up. Set it down before adding it as a team port
[  870.202777][T29937] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  870.280595][T29941] netlink: 'syz.3.8456': attribute type 1 has an invalid length.
[  870.298696][T29941] 8021q: adding VLAN 0 to HW filter on device bond15
[  870.519285][T29941] bond15: (slave veth27): Enslaving as an active interface with a down link
[  870.529119][T29947] netlink: 14 bytes leftover after parsing attributes in process `syz.3.8456'.
[  870.573625][T29948] x_tables: duplicate underflow at hook 1
[  871.176043][T29957] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8460'.
[  871.561150][   T40] kauditd_printk_skb: 34 callbacks suppressed
[  871.561162][   T40] audit: type=1326 audit(2000000044.759:7719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29962 comm="syz.0.8463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  871.581814][   T40] audit: type=1326 audit(2000000044.759:7720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29962 comm="syz.0.8463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  871.600472][   T40] audit: type=1326 audit(2000000044.759:7721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29962 comm="syz.0.8463" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706efcc code=0x7ffc0000
[  871.614197][   T40] audit: type=1326 audit(2000000044.759:7722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29962 comm="syz.0.8463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  871.629899][   T40] audit: type=1326 audit(2000000044.759:7723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29962 comm="syz.0.8463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  871.643373][   T40] audit: type=1326 audit(2000000044.759:7724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29962 comm="syz.0.8463" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf71a616b code=0x7ffc0000
[  871.659958][   T40] audit: type=1326 audit(2000000044.759:7725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29962 comm="syz.0.8463" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf71a616b code=0x7ffc0000
[  871.672444][   T40] audit: type=1326 audit(2000000044.759:7726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29962 comm="syz.0.8463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  871.690227][   T40] audit: type=1326 audit(2000000044.759:7727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29962 comm="syz.0.8463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706efcc code=0x7ffc0000
[  871.703836][   T40] audit: type=1326 audit(2000000044.759:7728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29962 comm="syz.0.8463" exe="/syz-executor" sig=0 arch=40000003 syscall=333 compat=1 ip=0xf706efcc code=0x7ffc0000
[  873.202334][T29979] netlink: 'syz.4.8467': attribute type 1 has an invalid length.
[  873.301098][T29981] bond14: (slave vxcan3): The slave device specified does not support setting the MAC address
[  873.321087][T29981] bond14: (slave vxcan3): Error -95 calling set_mac_address
[  873.361721][T29979] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8467'.
[  873.410727][T29979] bond14: (slave bridge9): Enslaving as an active interface with a down link
[  873.522107][T29982] netlink: 28 bytes leftover after parsing attributes in process `syz.4.8467'.
[  873.539358][T29982] 8021q: adding VLAN 0 to HW filter on device bond14
[  874.616092][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[  874.618833][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[  875.063636][T30014] netlink: 'syz.2.8478': attribute type 39 has an invalid length.
[  875.574958][T30030] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8484'.
[  876.867504][T30048] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  876.926439][T30048] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.025085][T30048] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.090319][T30048] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.192320][   T13] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  877.203895][   T13] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  877.213766][   T13] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  877.221956][   T13] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  878.104821][T30058] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  882.711497][   T40] kauditd_printk_skb: 16 callbacks suppressed
[  882.711507][   T40] audit: type=1326 audit(2000000055.909:7745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30110 comm="syz.4.8510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  882.730135][   T40] audit: type=1326 audit(2000000055.909:7746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30110 comm="syz.4.8510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  882.750383][   T40] audit: type=1326 audit(2000000055.929:7747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30110 comm="syz.4.8510" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  882.760265][   T40] audit: type=1326 audit(2000000055.929:7748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30110 comm="syz.4.8510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  882.771443][   T40] audit: type=1326 audit(2000000055.949:7749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30110 comm="syz.4.8510" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  882.789368][   T40] audit: type=1326 audit(2000000055.949:7750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30110 comm="syz.4.8510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  882.810472][   T40] audit: type=1326 audit(2000000055.949:7751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30110 comm="syz.4.8510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  882.829864][   T40] audit: type=1326 audit(2000000055.949:7752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30110 comm="syz.4.8510" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  882.840558][   T40] audit: type=1326 audit(2000000055.949:7753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30110 comm="syz.4.8510" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  882.849770][   T40] audit: type=1326 audit(2000000055.949:7754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30110 comm="syz.4.8510" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf70aefcc code=0x7ffc0000
[  883.336978][T30116] macsec0: entered promiscuous mode
[  883.338745][T30116] macsec0: entered allmulticast mode
[  883.752943][T30122] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8513'.
[  883.774156][T30122] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8513'.
[  884.312235][T30130] netlink: 'syz.4.8515': attribute type 1 has an invalid length.
[  884.326551][T30130] 8021q: adding VLAN 0 to HW filter on device bond15
[  884.453746][T30136] netlink: 14 bytes leftover after parsing attributes in process `syz.4.8515'.
[  884.473976][T30130] bond15: (slave veth25): Enslaving as an active interface with a down link
[  886.837540][T30165] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8524'.
[  886.849520][T30165] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8524'.
[  888.544105][T30173] syz.2.8529 invoked oom-killer: gfp_mask=0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_COMP), order=0, oom_score_adj=0
[  888.552217][T30173] CPU: 0 UID: 0 PID: 30173 Comm: syz.2.8529 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  888.552248][T30173] Tainted: [L]=SOFTLOCKUP
[  888.552255][T30173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  888.552266][T30173] Call Trace:
[  888.552273][T30173]  <TASK>
[  888.552281][T30173]  dump_stack_lvl+0x100/0x190
[  888.552353][T30173]  dump_header+0xfb/0x606
[  888.552411][T30173]  oom_kill_process.cold+0xd/0x330
[  888.552434][T30173]  out_of_memory+0x1256/0x14f0
[  888.552502][T30173]  ? __pfx_out_of_memory+0x10/0x10
[  888.552537][T30173]  __alloc_frozen_pages_noprof+0x232d/0x2bc0
[  888.552657][T30173]  ? is_bpf_text_address+0x94/0x1a0
[  888.552713][T30173]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  888.552742][T30173]  ? __kernel_text_address+0xd/0x30
[  888.552791][T30173]  ? unwind_get_return_address+0x59/0xa0
[  888.552857][T30173]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  888.552911][T30173]  ? policy_nodemask+0xed/0x4f0
[  888.552936][T30173]  alloc_pages_mpol+0x1fb/0x540
[  888.552958][T30173]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  888.552979][T30173]  ? __lock_acquire+0x4a5/0x2630
[  888.553028][T30173]  alloc_pages_noprof+0x1a/0x160
[  888.553053][T30173]  pte_alloc_one+0x1c/0x3d0
[  888.553079][T30173]  __pte_alloc+0x6d/0x3e0
[  888.553101][T30173]  ? __pfx___pte_alloc+0x10/0x10
[  888.553122][T30173]  ? __vma_start_exclude_readers+0x238/0x810
[  888.553146][T30173]  ? walk_to_pmd+0x302/0x4c0
[  888.553171][T30173]  get_locked_pte+0xa1/0xc0
[  888.553196][T30173]  insert_page+0xcc/0x220
[  888.553220][T30173]  ? __pfx_insert_page+0x10/0x10
[  888.553259][T30173]  ? __pfx_down_read_trylock+0x10/0x10
[  888.553320][T30173]  vm_insert_page+0x2c0/0x400
[  888.553347][T30173]  kcov_mmap+0xca/0x130
[  888.553373][T30173]  __mmap_region+0x13e1/0x2da0
[  888.553406][T30173]  ? __pfx___mmap_region+0x10/0x10
[  888.553452][T30173]  ? mt_validate_nulls+0x1b3/0xa10
[  888.553555][T30173]  ? __lock_acquire+0x4a5/0x2630
[  888.553641][T30173]  mmap_region+0x527/0x620
[  888.553661][T30173]  ? __pfx_mmap_region+0x10/0x10
[  888.553679][T30173]  ? mm_get_unmapped_area_vmflags+0xd7/0x130
[  888.553702][T30173]  ? cap_mmap_addr+0x4b/0x120
[  888.553753][T30173]  ? bpf_lsm_mmap_addr+0x9/0x30
[  888.553795][T30173]  ? security_mmap_addr+0x71/0x1e0
[  888.553814][T30173]  ? __get_unmapped_area+0x255/0x3e0
[  888.553838][T30173]  do_mmap+0xc63/0x12f0
[  888.553866][T30173]  ? __pfx_do_mmap+0x10/0x10
[  888.553886][T30173]  ? __pfx_down_write_killable+0x10/0x10
[  888.553916][T30173]  vm_mmap_pgoff+0x29e/0x470
[  888.553938][T30173]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  888.553955][T30173]  ? __fget_files+0x215/0x3d0
[  888.554011][T30173]  ? __fget_files+0x21f/0x3d0
[  888.554034][T30173]  ksys_mmap_pgoff+0x3cb/0x610
[  888.554056][T30173]  ? exc_page_fault+0x6f/0xd0
[  888.554077][T30173]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  888.554100][T30173]  ? rcu_is_watching+0x12/0xc0
[  888.554127][T30173]  __do_fast_syscall_32+0xe7/0x950
[  888.554155][T30173]  do_fast_syscall_32+0x32/0x70
[  888.554179][T30173]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  888.554203][T30173] RIP: 0023:0xf7f58fcc
[  888.554219][T30173] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  888.554236][T30173] RSP: 002b:00000000ff9b55a0 EFLAGS: 00000246 ORIG_RAX: 00000000000000c0
[  888.554254][T30173] RAX: ffffffffffffffda RBX: 00000000f434a000 RCX: 0000000000400000
[  888.554266][T30173] RDX: 0000000000000003 RSI: 0000000000000011 RDI: 00000000000000de
[  888.554276][T30173] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  888.554287][T30173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  888.554297][T30173] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  888.554322][T30173]  </TASK>
[  888.554458][T30173] Mem-Info:
[  889.008100][T30173] active_anon:568 inactive_anon:10244 isolated_anon:0
[  889.008100][T30173]  active_file:1086 inactive_file:10136 isolated_file:0
[  889.008100][T30173]  unevictable:1768 dirty:4 writeback:0
[  889.008100][T30173]  slab_reclaimable:7497 slab_unreclaimable:96887
[  889.008100][T30173]  mapped:27624 shmem:10670 pagetables:1915
[  889.008100][T30173]  sec_pagetables:387 bounce:0
[  889.008100][T30173]  kernel_misc_reclaimable:0
[  889.008100][T30173]  free:25934 free_pcp:12 free_cma:0
[  889.060887][T30173] Node 0 active_anon:1500kB inactive_anon:3956kB active_file:2040kB inactive_file:6152kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:436kB dirty:24kB writeback:0kB shmem:8824kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8496kB pagetables:1372kB sec_pagetables:1204kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  889.080278][T30173] Node 1 active_anon:772kB inactive_anon:29436kB active_file:2304kB inactive_file:33936kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:110060kB dirty:0kB writeback:0kB shmem:26172kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:10284kB pagetables:6188kB sec_pagetables:344kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  889.200181][T30173] Node 0 DMA free:1644kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:32kB inactive_anon:760kB active_file:32kB inactive_file:16kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  889.258311][T30173] lowmem_reserve[]: 0 285 285 285 285
[  889.267886][T30173] Node 0 DMA32 free:18916kB boost:29452kB min:42544kB low:45816kB high:49088kB reserved_highatomic:0KB free_highatomic:0KB active_anon:404kB inactive_anon:1492kB active_file:728kB inactive_file:4112kB unevictable:3536kB writepending:0kB zspages:1792kB present:1032196kB managed:292680kB mlocked:0kB bounce:0kB free_pcp:432kB local_pcp:184kB free_cma:0kB
[  889.363468][T30178] 9pnet_virtio: no channels available for device ./file0
[  889.366795][T30173] lowmem_reserve[]: 0 0 0 0 0
[  889.368915][T30173] Node 1 DMA32 free:146272kB boost:12288kB min:59428kB low:71212kB high:82996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:6176kB inactive_anon:1512kB active_file:668kB inactive_file:12644kB unevictable:3536kB writepending:132kB zspages:5664kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:2328kB local_pcp:448kB free_cma:0kB
[  889.394221][T30173] lowmem_reserve[]: 0 0 0 0 0
[  889.396358][T30173] Node 0 DMA: 203*4kB (UM) 42*8kB (UM) 17*16kB (UM) 3*32kB (UM) 3*64kB (M) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 1708kB
[  889.403290][T30173] Node 0 DMA32: 765*4kB (UME) 246*8kB (UME) 154*16kB (UM) 78*32kB (UME) 47*64kB (UME) 21*128kB (UME) 7*256kB (UM) 3*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 19012kB
[  889.410694][T30173] Node 1 DMA32: 5076*4kB (UME) 5096*8kB (UME) 4690*16kB (UM) 256*32kB (UM) 17*64kB (UM) 1*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 145520kB
[  889.417332][T30173] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  889.421751][T30173] Node 0 hugepages_total=1 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  889.425687][T30173] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  889.429788][T30173] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  889.438030][T30173] 8381 total pagecache pages
[  889.440384][T30173] 1547 pages in swap cache
[  889.442358][T30173] Free swap  = 20584kB
[  889.444270][T30173] Total swap = 124996kB
[  889.446080][T30173] 524155 pages RAM
[  889.447768][T30173] 0 pages HighMem/MovableOnly
[  889.449775][T30173] 210092 pages reserved
[  889.452935][T30173] 0 pages cma reserved
[  889.454856][T30173] Unreclaimable slab info:
[  889.459567][T30173] Name                      Used          Total
[  889.463897][T30173] bio-184                    6KB          8KB
[  889.466660][T30173] pid_3                     18KB         55KB
[  889.469265][T30173] pid_2                     66KB         94KB
[  889.472342][T30173] bio-464                   17KB         31KB
[  889.475079][T30173] bio-528                   19KB         31KB
[  889.477766][T30173] bio-544                   19KB         31KB
[  889.480782][T30173] bio-552                   19KB         31KB
[  889.483428][T30173] afs_inode_cache          105KB        120KB
[  889.486068][T30173] zswap_entry              591KB        711KB
[  889.488788][T30173] AF_VSOCK                  72KB        183KB
[  889.491878][T30173] sw_flow_stats             30KB         36KB
[  889.494528][T30173] sw_flow                   70KB        122KB
[  889.497235][T30173] batadv_tt_change_cache          8KB         20KB
[  889.500519][T30173] batadv_tl_cache           24KB         32KB
[  889.503192][T30173] ceph_osd_request          25KB        159KB
[  889.505759][T30173] ceph_msg                  17KB         38KB
[  889.506825][T30187] netlink: 'syz.0.8531': attribute type 1 has an invalid length.
[  889.511353][T30173] IEEE-802.15.4-RAW         16KB         31KB
[  889.514220][T30173] p9_req_t                  31KB         55KB
[  889.516831][T30173] INET_SMC                  34KB         62KB
[  889.519695][T30173] SMC6                     109KB        187KB
[  889.522975][T30173] SMC                       68KB        218KB
[  889.525607][T30173] TIPC                      54KB        184KB
[  889.528185][T30173] rds_tcp_connection          9KB         31KB
[  889.531192][T30173] RDS                       53KB        185KB
[  889.534082][T30173] rds_connection            31KB         62KB
[  889.542719][T30173] SCTPv6                    85KB        210KB
[  889.547600][T30173] SCTP                      89KB        214KB
[  889.557229][T30173] sctp_chunk                17KB         62KB
[  889.562384][T30187] bond42: (slave vxcan7): The slave device specified does not support setting the MAC address
[  889.562436][T30173] sctp_bind_bucket          10KB         20KB
[  889.566220][T30187] bond42: (slave vxcan7): Error -95 calling set_mac_address
[  889.571547][T30173] PNPIPE                    50KB        123KB
[  889.578171][T30173] PHONET                    55KB        126KB
[  889.581252][T30173] L2TP/IPv6                 37KB        127KB
[  889.589941][T30173] L2TP/IP                   63KB        126KB
[  889.602961][T30173] KCM                       69KB        124KB
[  889.605937][T30173] kcm_mux                   68KB        126KB
[  889.610065][T30173] RXRPC                     74KB        224KB
[  889.610524][T30194] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8531'.
[  889.612537][T30173] rxrpc_call_jar           208KB        286KB
[  889.612555][T30173] can_gw                    14KB         16KB
[  889.612568][T30173] can_receiver              20KB         35KB
[  889.612582][T30173] net_bridge_fdb_entry        958KB        964KB
[  889.612595][T30173] nf-frags                  24KB         55KB
[  889.612613][T30173] xfrm6_tunnel_spi          22KB         24KB
[  889.612630][T30173] MPTCPv6                   89KB        255KB
[  889.612645][T30173] ip6-frags                 27KB         47KB
[  889.612659][T30173] fib6_node                149KB        180KB
[  889.612675][T30173] ip6_dst_cache            178KB        328KB
[  889.612687][T30173] mfc6_cache                 6KB          8KB
[  889.612700][T30173] PINGv6                    66KB        123KB
[  889.612712][T30173] RAWv6                    146KB        247KB
[  889.612725][T30173] UDPv6                    132KB        252KB
[  889.612737][T30173] tw_sock_TCPv6             28KB         47KB
[  889.612749][T30173] request_sock_TCPv6         10KB         15KB
[  889.612763][T30173] TCPv6                    172KB        273KB
[  889.612775][T30173] ip_vs_conn                13KB         16KB
[  889.612793][T30173] nf_conncount_tuple         12KB         23KB
[  889.612807][T30173] nf_conntrack              23KB         86KB
[  889.612819][T30173] fq_flow_cache             44KB         47KB
[  889.612860][T30173] wg_peer                  173KB        208KB
[  889.612873][T30173] allowedips_node           18KB         31KB
[  889.612892][T30173] t10_alua_lu_gp_cache          8KB         15KB
[  889.612909][T30173] scsi_sense_cache          60KB         60KB
[  889.612925][T30173] virtio_scsi_cmd           21KB         24KB
[  889.612940][T30173] bio-136                   44KB         68KB
[  889.612964][T30173] io_kiocb                   0KB         62KB
[  889.612979][T30173] bio-264                   20KB         23KB
[  889.612992][T30173] mqueue_inode_cache         89KB        247KB
[  889.613012][T30173] f2fs_bio_post_read_ctx         30KB         31KB
[  889.613082][T30173] jfs_mp                    14KB         15KB
[  889.613097][T30173] fuse_request              18KB         31KB
[  889.613123][T30173] cifs_small_rq             28KB         32KB
[  889.613136][T30173] cifs_request              67KB         67KB
[  889.613147][T30173] cifs_mpx_ids               8KB         15KB
[  889.613160][T30173] cifs_io_subrequest         42KB         47KB
[  889.613171][T30173] cifs_io_request          105KB        111KB
[  889.613195][T30173] nfs_commit_data           24KB         31KB
[  889.613207][T30173] nfs_write_data            38KB         63KB
[  889.613237][T30173] jbd2_inode                16KB         19KB
[  889.644087][T30194] bond42: (slave bridge22): Enslaving as an active interface with a down link
[  889.646626][T30173] ext4_system_zone           1KB          3KB
[  889.707841][T30173] ext4_io_end_vec            4KB         15KB
[  889.709907][T30173] kioctx                    32KB        191KB
[  889.712070][T30173] aio_kiocb                 10KB         46KB
[  889.714055][T30173] userfaultfd_ctx_cache         43KB        110KB
[  889.716066][T30173] fanotify_path_event         10KB         15KB
[  889.718080][T30173] fanotify_fid_event         23KB         31KB
[  889.720099][T30173] fanotify_mark             38KB         46KB
[  889.722097][T30173] dnotify_mark              41KB         46KB
[  889.724008][T30173] dnotify_struct             9KB         15KB
[  889.726058][T30173] fasync_cache              12KB         23KB
[  889.728047][T30173] zspage                   173KB        212KB
[  889.730098][T30173] zs_handle                210KB        292KB
[  889.732055][T30173] pid_namespace             40KB        108KB
[  889.734006][T30173] kvm_gmem_inode_cache         41KB         61KB
[  889.736205][T30173] kvm_async_pf              36KB         51KB
[  889.738208][T30173] kvm_vcpu                  62KB        250KB
[  889.740218][T30173] kvm_mmu_page_header         29KB         42KB
[  889.742220][T30173] pte_list_desc             11KB         31KB
[  889.744140][T30173] x86_emulator              40KB        221KB
[  889.746023][T30173] rpc_buffers               25KB         31KB
[  889.748002][T30173] rpc_tasks                  8KB         15KB
[  889.750041][T30173] UNIX-STREAM              102KB        255KB
[  889.752309][T30173] UNIX                     276KB        414KB
[  889.754498][T30173] ip4-frags                 17KB         31KB
[  889.757040][T30173] mfc_cache                 13KB         16KB
[  889.759592][T30173] MPTCP                    101KB        217KB
[  889.762307][T30173] request_sock_subflow_v4         11KB         15KB
[  889.765083][T30173] tcp_bind2_bucket          20KB         28KB
[  889.766132][T30187] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8531'.
[  889.767593][T30173] tcp_bind_bucket           16KB         32KB
[  889.773647][T30173] inet_peer                 14KB         16KB
[  889.775505][T30187] 8021q: adding VLAN 0 to HW filter on device bond42
[  889.775541][T30173] xfrm_dst                  24KB         47KB
[  889.779672][T30173] xfrm_state                42KB        255KB
[  889.782043][T30173] ip_fib_trie               34KB         40KB
[  889.784090][T30173] ip_fib_alias              94KB        126KB
[  889.786134][T30173] rtable                   302KB        304KB
[  889.788071][T30173] PING                      29KB         94KB
[  889.790136][T30173] RAW                       80KB        223KB
[  889.792072][T30173] UDP                      110KB        255KB
[  889.794040][T30173] tw_sock_TCP               27KB         47KB
[  889.795945][T30173] request_sock_TCP          41KB         61KB
[  889.797847][T30173] TCP                      331KB        412KB
[  889.800493][T30173] fs_bio_integrity           7KB          8KB
[  889.803053][T30173] hugetlbfs_inode_cache         19KB         94KB
[  889.805231][T30173] fscache_cookie_jar         34KB         61KB
[  889.807048][T30173] netfs_subrequest          45KB         78KB
[  889.809975][T30173] netfs_request            157KB        223KB
[  889.812337][T30173] bio-280                   21KB         23KB
[  889.814603][T30173] ep_head                    4KB         24KB
[  889.816904][T30173] eventpoll_pwq             15KB         35KB
[  889.819486][T30173] eventpoll_epi             60KB         94KB
[  889.821790][T30173] inotify_inode_mark         30KB         50KB
[  889.824114][T30173] sgpool-128                68KB        297KB
[  889.826125][T30173] sgpool-64                 76KB        255KB
[  889.828589][T30173] sgpool-32                 45KB        157KB
[  889.830805][T30173] sgpool-16                 50KB         62KB
[  889.833065][T30173] sgpool-8                  33KB         70KB
[  889.835008][T30173] bio_crypt_ctx              9KB         11KB
[  889.836908][T30173] bio_integrity_data          7KB          8KB
[  889.839125][T30173] request_queue            204KB        242KB
[  889.840892][T30173] blkdev_ioc                28KB         63KB
[  889.842875][T30173] bio-200                  103KB        116KB
[  889.844825][T30173] biovec-max               969KB       1024KB
[  889.846744][T30173] biovec-128                57KB        255KB
[  889.848636][T30173] biovec-64                 30KB        252KB
[  889.850627][T30173] biovec-16                 24KB         62KB
[  889.852481][T30173] mm_slot                    7KB         15KB
[  889.854421][T30173] ksm_mm_slot               13KB         16KB
[  889.856321][T30173] ksm_rmap_item              4KB          7KB
[  889.858256][T30173] user_namespace            39KB        123KB
[  889.860289][T30173] uid_cache                 25KB         46KB
[  889.862241][T30173] iommu_iova_magazine        991KB       1071KB
[  889.864216][T30173] iommu_iova               275KB        280KB
[  889.866160][T30173] dmaengine-unmap-256         26KB         30KB
[  889.868194][T30173] dmaengine-unmap-128         14KB         30KB
[  889.870260][T30173] dmaengine-unmap-16          7KB          8KB
[  889.872261][T30173] dmaengine-unmap-2          3KB          4KB
[  889.874198][T30173] QIPCRTR                   35KB        125KB
[  889.876110][T30173] audit_buffer               8KB         35KB
[  889.878037][T30173] skbuff_ext_cache           4KB         32KB
[  889.880042][T30173] skbuff_small_head       3265KB       3365KB
[  889.881957][T30173] skbuff_fclone_cache        288KB        296KB
[  889.883897][T30173] skbuff_head_cache       2716KB       2757KB
[  889.886105][T30173] configfs_dir_cache         28KB         32KB
[  889.888551][T30173] file_lease_cache          17KB         31KB
[  889.890590][T30173] file_lock_cache          724KB        760KB
[  889.892522][T30173] file_lock_ctx             41KB         51KB
[  889.894449][T30173] fsnotify_inode_mark_connector         19KB         47KB
[  889.896664][T30173] fsnotify_mark_connector         19KB         23KB
[  889.898732][T30173] posix_timers_cache         51KB         80KB
[  889.900739][T30173] taskstats                 50KB        127KB
[  889.902635][T30173] mem_cgroup_per_node        142KB        185KB
[  889.904729][T30173] mem_cgroup               158KB        216KB
[  889.906699][T30173] proc_dir_entry           987KB       1031KB
[  889.908690][T30173] pde_opener                 6KB         15KB
[  889.911039][T30173] seq_file                  14KB         63KB
[  889.913464][T30173] sigqueue                  13KB         35KB
[  889.915904][T30173] shmem_inode_cache       7276KB       7599KB
[  889.918309][T30173] kernfs_iattrs_cache         24KB         31KB
[  889.920864][T30173] kernfs_node_cache      51368KB      51374KB
[  889.923381][T30173] mnt_cache                 65KB         94KB
[  889.925813][T30173] bfilp                     26KB         47KB
[  889.928238][T30173] filp                     303KB        669KB
[  889.930779][T30173] names_cache              148KB        220KB
[  889.933211][T30173] net_namespace            135KB        261KB
[  889.935614][T30173] ima_iint_cache            28KB         63KB
[  889.938067][T30173] lsm_inode_cache         1623KB       1827KB
[  889.940564][T30173] lsm_file_cache           123KB        263KB
[  889.942995][T30173] key_jar                   28KB         78KB
[  889.945408][T30173] uts_namespace             53KB        108KB
[  889.947846][T30173] nsproxy                   12KB         35KB
[  889.950337][T30173] vm_area_struct          1044KB       1296KB
[  889.952795][T30173] fs_cache                  36KB         64KB
[  889.955218][T30173] files_cache              158KB        239KB
[  889.957635][T30173] signal_cache            1132KB       1879KB
[  889.959588][   T40] kauditd_printk_skb: 10 callbacks suppressed
[  889.959604][   T40] audit: type=1804 audit(2000000063.149:7765): pid=30200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.8534" name="/newroot/524/bus/bus" dev="overlay" ino=2954 res=1 errno=0
[  889.960108][T30173] sighand_cache           1443KB       2104KB
[  889.960120][T30173] task_struct             6114KB       6243KB
[  889.960136][T30173] cred                     189KB        344KB
[  889.960151][T30173] anon_vma_chain           383KB        480KB
[  889.960162][T30173] anon_vma                 387KB        519KB
[  889.984140][T30173] pid                      193KB        382KB
[  889.986618][T30173] Acpi-Operand             195KB        316KB
[  889.989031][T30173] Acpi-ParseExt             21KB         39KB
[  889.991567][T30173] Acpi-Parse                 6KB         15KB
[  889.994041][T30173] Acpi-State                 9KB         23KB
[  889.996448][T30173] Acpi-Namespace            35KB         48KB
[  889.998873][T30173] shared_policy_node         14KB         16KB
[  890.001405][T30173] numa_policy               11KB         16KB
[  890.003889][T30173] perf_event                32KB         62KB
[  890.006313][T30173] trace_event_file         540KB        540KB
[  890.008754][T30173] ftrace_event_field       1031KB       1031KB
[  890.011305][T30173] pool_workqueue          2424KB       2512KB
[  890.013730][T30173] task_group                49KB         94KB
[  890.016215][T30173] maple_node               713KB       1616KB
[  890.016420][   T40] audit: type=1804 audit(2000000063.209:7766): pid=30200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.8534" name="/newroot/524/bus/bus" dev="overlay" ino=2954 res=1 errno=0
[  890.018276][T30173] mm_struct                382KB        581KB
[  890.018297][T30173] vmap_area               1164KB       1251KB
[  890.029415][T30173] debug_objects_cache       5500KB      14168KB
[  890.031494][T30173] page->ptl                177KB        192KB
[  890.033428][T30173] kmalloc-cg-8k           7472KB       7552KB
[  890.035422][T30173] kmalloc-cg-4k          32272KB      32400KB
[  890.037671][T30173] kmalloc-cg-2k          21036KB      21432KB
[  890.039959][T30173] kmalloc-cg-1k           5352KB       5712KB
[  890.041913][T30173] kmalloc-cg-512          4292KB       4308KB
[  890.043874][T30173] kmalloc-cg-256           779KB        896KB
[  890.045814][T30173] kmalloc-cg-128           414KB        424KB
[  890.047800][T30173] kmalloc-cg-64             85KB        128KB
[  890.050050][T30173] kmalloc-cg-32             55KB        212KB
[  890.052421][T30173] kmalloc-cg-16              7KB         28KB
[  890.054869][T30173] kmalloc-cg-8              37KB         44KB
[  890.057241][T30173] kmalloc-cg-192            71KB        108KB
[  890.059280][T30173] kmalloc-cg-96             79KB         92KB
[  890.061323][T30173] kmalloc-8k              8208KB       8448KB
[  890.063647][T30173] kmalloc-4k             22696KB      22736KB
[  890.066070][T30173] kmalloc-2k             27948KB      28448KB
[  890.068271][T30173] kmalloc-1k             14268KB      14592KB
[  890.070827][T30173] kmalloc-512            16619KB      16744KB
[  890.073261][T30173] kmalloc-256             7080KB       9208KB
[  890.075888][T30173] kmalloc-128             2981KB       5600KB
[  890.078356][T30173] kmalloc-64              7831KB      13704KB
[  890.080888][T30173] kmalloc-32              4693KB       4920KB
[  890.083353][T30173] kmalloc-16               556KB        996KB
[  890.085818][T30173] kmalloc-8               1548KB       1564KB
[  890.087788][T30173] kmalloc-192             3029KB       3228KB
[  890.089933][T30173] kmalloc-96              2010KB       2844KB
[  890.092338][T30173] kmem_cache_node          214KB        220KB
[  890.094666][T30173] kmem_cache               178KB        218KB
[  890.096596][T30173] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0-1,global_oom,task_memcg=/syz2,task=syz.2.8529,pid=30173,uid=0
[  890.107576][T30173] Out of memory (oom_kill_allocating_task): Killed process 30173 (syz.2.8529) total-vm:121148kB, anon-rss:264kB, file-rss:34836kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:0
[  890.216387][T30203] syz.2.8535: page allocation failure: order:0, mode:0x340cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_THISNODE), nodemask=(null),cpuset=/,mems_allowed=0-1
[  890.236402][T30203] CPU: 2 UID: 0 PID: 30203 Comm: syz.2.8535 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  890.236437][T30203] Tainted: [L]=SOFTLOCKUP
[  890.236443][T30203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  890.236456][T30203] Call Trace:
[  890.236462][T30203]  <TASK>
[  890.236471][T30203]  dump_stack_lvl+0x100/0x190
[  890.236495][T30203]  warn_alloc.cold+0x95/0x1c1
[  890.236516][T30203]  ? __pfx_warn_alloc+0x10/0x10
[  890.236545][T30203]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[  890.236575][T30203]  ? _mutex_trylock_nest_lock+0x170/0x310
[  890.236610][T30203]  __alloc_frozen_pages_noprof+0xf25/0x2bc0
[  890.236650][T30203]  ? __lock_acquire+0x4a5/0x2630
[  890.236674][T30203]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  890.236703][T30203]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  890.236729][T30203]  ? do_raw_spin_lock+0x128/0x260
[  890.236767][T30203]  __folio_alloc_noprof+0x13/0x260
[  890.236797][T30203]  alloc_migration_target+0x1d7/0x6d0
[  890.236823][T30203]  migrate_pages_batch+0x5dc/0x45c0
[  890.236893][T30203]  ? __pfx_alloc_migration_target+0x10/0x10
[  890.236919][T30203]  ? page_table_check_set+0x477/0x920
[  890.236943][T30203]  ? __pfx_migrate_pages_batch+0x10/0x10
[  890.236964][T30203]  ? page_table_check_set+0x486/0x920
[  890.236987][T30203]  ? __page_table_check_ptes_set+0x1b5/0x4e0
[  890.237007][T30203]  ? find_held_lock+0x2b/0x80
[  890.237029][T30203]  ? rcu_read_unlock+0x2d/0xb0
[  890.237055][T30203]  ? rcu_read_unlock+0x2d/0xb0
[  890.237088][T30203]  migrate_pages_sync+0x12c/0x880
[  890.237111][T30203]  ? __pfx_alloc_migration_target+0x10/0x10
[  890.237140][T30203]  ? __pfx_migrate_pages_sync+0x10/0x10
[  890.237167][T30203]  ? __lock_acquire+0x4a5/0x2630
[  890.237183][T30203]  ? css_rstat_updated+0x1ce/0x5a0
[  890.237214][T30203]  migrate_pages+0x1aa5/0x2880
[  890.237239][T30203]  ? __pfx_alloc_migration_target+0x10/0x10
[  890.237271][T30203]  ? __pfx_migrate_pages+0x10/0x10
[  890.237299][T30203]  ? __lock_acquire+0x4a5/0x2630
[  890.237318][T30203]  ? mtree_load+0x32d/0xa90
[  890.237345][T30203]  move_pages_and_store_status+0xf1/0x230
[  890.237373][T30203]  ? __pfx_move_pages_and_store_status+0x10/0x10
[  890.237411][T30203]  kernel_move_pages+0xc47/0x13f0
[  890.237445][T30203]  ? __pfx_kernel_move_pages+0x10/0x10
[  890.237477][T30203]  ? xfd_validate_state+0x129/0x190
[  890.237573][T30203]  __ia32_sys_move_pages+0xdd/0x1b0
[  890.237599][T30203]  ? __do_fast_syscall_32+0x98/0x950
[  890.237624][T30203]  ? lockdep_hardirqs_on+0x78/0x100
[  890.237647][T30203]  __do_fast_syscall_32+0xe7/0x950
[  890.237676][T30203]  ? lockdep_hardirqs_on+0x78/0x100
[  890.237703][T30203]  do_fast_syscall_32+0x32/0x70
[  890.237728][T30203]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  890.237755][T30203] RIP: 0023:0xf7f58fcc
[  890.237772][T30203] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  890.237790][T30203] RSP: 002b:00000000f541650c EFLAGS: 00000292 ORIG_RAX: 000000000000013d
[  890.237809][T30203] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000000020a0
[  890.237821][T30203] RDX: 0000000080000040 RSI: 0000000080001180 RDI: 0000000080000000
[  890.237833][T30203] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  890.237843][T30203] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  890.237854][T30203] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  890.237881][T30203]  </TASK>
[  890.237889][T30203] Mem-Info:
[  890.375013][T30203] active_anon:7425 inactive_anon:249 isolated_anon:0
[  890.375013][T30203]  active_file:12071 inactive_file:3088 isolated_file:1
[  890.375013][T30203]  unevictable:1768 dirty:350 writeback:0
[  890.375013][T30203]  slab_reclaimable:7543 slab_unreclaimable:96819
[  890.375013][T30203]  mapped:26540 shmem:6977 pagetables:1861
[  890.375013][T30203]  sec_pagetables:387 bounce:0
[  890.375013][T30203]  kernel_misc_reclaimable:0
[  890.375013][T30203]  free:26077 free_pcp:581 free_cma:0
[  890.462917][T30203] Node 0 active_anon:100kB inactive_anon:68kB active_file:1492kB inactive_file:3012kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2624kB dirty:72kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8576kB pagetables:1356kB sec_pagetables:1204kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  890.509928][T30203] Node 1 active_anon:35888kB inactive_anon:6432kB active_file:49748kB inactive_file:5860kB unevictable:3536kB isolated(anon):0kB isolated(file):4kB mapped:119440kB dirty:1328kB writeback:0kB shmem:35572kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:10420kB pagetables:6188kB sec_pagetables:344kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  890.530263][T30203] Node 0 DMA free:2488kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:56kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  890.557169][T30203] lowmem_reserve[]: 0 285 285 285 285
[  890.559112][T30203] Node 0 DMA32 free:21820kB boost:29452kB min:42544kB low:45816kB high:49088kB reserved_highatomic:0KB free_highatomic:0KB active_anon:100kB inactive_anon:68kB active_file:1492kB inactive_file:2956kB unevictable:3536kB writepending:72kB zspages:928kB present:1032196kB managed:292680kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  890.577640][T30203] lowmem_reserve[]: 0 0 0 0 0
[  890.582072][T30203] Node 1 DMA32 free:70212kB boost:24576kB min:71716kB low:83500kB high:95284kB reserved_highatomic:0KB free_highatomic:0KB active_anon:8904kB inactive_anon:37876kB active_file:5932kB inactive_file:44796kB unevictable:3536kB writepending:1328kB zspages:5600kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:76kB local_pcp:16kB free_cma:0kB
[  890.611207][T30203] lowmem_reserve[]: 0 0 0 0 0
[  890.628750][T30203] Node 0 DMA: 207*4kB (UM) 49*8kB (UM) 20*16kB (UM) 4*32kB (UM) 3*64kB (M) 1*128kB (M) 0*256kB 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 2500kB
[  890.646833][T30203] Node 0 DMA32: 809*4kB (UME) 262*8kB (UME) 149*16kB (UM) 84*32kB (UME) 61*64kB (UME) 22*128kB (UME) 9*256kB (UM) 4*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 21476kB
[  890.673889][T30203] Node 1 DMA32: 148*4kB (UM) 466*8kB (UME) 4032*16kB (UM) 139*32kB (UM) 9*64kB (U) 1*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 73984kB
[  890.702799][T30203] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  890.717049][T30203] Node 0 hugepages_total=1 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  890.730416][T30203] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  890.733583][T30203] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  890.736500][T30203] 23563 total pagecache pages
[  890.738020][T30203] 1630 pages in swap cache
[  890.739433][T30203] Free swap  = 51960kB
[  890.751838][T30203] Total swap = 124996kB
[  890.753197][T30203] 524155 pages RAM
[  890.763944][T30203] 0 pages HighMem/MovableOnly
[  890.765479][T30203] 210092 pages reserved
[  890.772083][T30203] 0 pages cma reserved
[  892.966119][T23228] Bluetooth: hci2: unexpected event for opcode 0x040d
[  893.620313][   T40] audit: type=1326 audit(2000000066.819:7767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30236 comm="syz.4.8544" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70aefcc code=0x0
[  893.774859][T30242] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8545'.
[  894.140014][T30244] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8546'.
[  895.000615][T30264] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  897.128085][T30285] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8557'.
[  898.391566][T29499] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[  898.551793][T29499] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  898.556902][T29499] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  898.561565][T29499] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[  898.565768][T29499] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  898.570421][T29499] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  898.578489][T29499] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  898.583639][T29499] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  898.587295][T29499] usb 8-1: Product: syz
[  898.588723][T29499] usb 8-1: Manufacturer: syz
[  898.599308][T29499] cdc_wdm 8-1:1.0: skipping garbage
[  898.608331][T29499] cdc_wdm 8-1:1.0: skipping garbage
[  898.617939][T29499] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  898.621369][T29499] cdc_wdm 8-1:1.0: Unknown control protocol
[  899.331679][T30320] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  899.931411][T30331] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8568'.
[  901.625784][T30345] x_tables: duplicate underflow at hook 1
[  901.719440][T15092] usb 8-1: USB disconnect, device number 27
[  903.293952][T30365] overlayfs: failed to clone upperpath
[  904.965011][T30373] syz.4.8579: page allocation failure: order:4, mode:0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0-1
[  904.970695][T30373] CPU: 1 UID: 0 PID: 30373 Comm: syz.4.8579 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  904.970724][T30373] Tainted: [L]=SOFTLOCKUP
[  904.970730][T30373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  904.970742][T30373] Call Trace:
[  904.970750][T30373]  <TASK>
[  904.970758][T30373]  dump_stack_lvl+0x100/0x190
[  904.970780][T30373]  warn_alloc.cold+0x95/0x1c1
[  904.970802][T30373]  ? __pfx_warn_alloc+0x10/0x10
[  904.970839][T30373]  ? __pfx___might_resched+0x10/0x10
[  904.970866][T30373]  __alloc_frozen_pages_noprof+0xf25/0x2bc0
[  904.970902][T30373]  ? __lock_acquire+0x4a5/0x2630
[  904.970917][T30373]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  904.970947][T30373]  ? __lock_acquire+0x4a5/0x2630
[  904.970976][T30373]  ? find_held_lock+0x2b/0x80
[  904.970997][T30373]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  904.971020][T30373]  ? policy_nodemask+0xed/0x4f0
[  904.971043][T30373]  alloc_pages_mpol+0x1fb/0x540
[  904.971064][T30373]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  904.971083][T30373]  ? arch_stack_walk+0xa6/0xf0
[  904.971108][T30373]  ? wiphy_new_nm+0x701/0x21a0
[  904.971133][T30373]  ___kmalloc_large_node+0xe5/0x120
[  904.971152][T30373]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[  904.971175][T30373]  __kmalloc_large_node_noprof+0x1c/0x70
[  904.971198][T30373]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[  904.971221][T30373]  __kmalloc_noprof+0x5be/0x850
[  904.971250][T30373]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[  904.971269][T30373]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[  904.971291][T30373]  ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10
[  904.971317][T30373]  wiphy_new_nm+0x701/0x21a0
[  904.971344][T30373]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[  904.971366][T30373]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[  904.971387][T30373]  ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10
[  904.971412][T30373]  ieee80211_alloc_hw_nm+0x1afc/0x22e0
[  904.971436][T30373]  ? __local_bh_enable_ip+0x9e/0x120
[  904.971471][T30373]  mac80211_hwsim_new_radio+0x1de/0x5ae0
[  904.971500][T30373]  ? __asan_memset+0x23/0x50
[  904.971524][T30373]  ? __nla_validate_parse+0x1e7/0x28b0
[  904.971548][T30373]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  904.971573][T30373]  hwsim_new_radio_nl+0xc5f/0x1370
[  904.971590][T30373]  ? rcu_is_watching+0x12/0xc0
[  904.971612][T30373]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  904.971635][T30373]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0
[  904.971661][T30373]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0
[  904.971691][T30373]  genl_family_rcv_msg_doit+0x214/0x300
[  904.971719][T30373]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  904.971740][T30373]  ? genl_get_cmd+0x3e7/0x760
[  904.971767][T30373]  ? bpf_lsm_capable+0x9/0x10
[  904.971786][T30373]  ? security_capable+0x80/0x260
[  904.971812][T30373]  ? ns_capable+0xd2/0xf0
[  904.971834][T30373]  genl_rcv_msg+0x560/0x800
[  904.971857][T30373]  ? __pfx_genl_rcv_msg+0x10/0x10
[  904.971881][T30373]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  904.971901][T30373]  ? __lock_acquire+0x4a5/0x2630
[  904.971921][T30373]  netlink_rcv_skb+0x159/0x420
[  904.971942][T30373]  ? __pfx_genl_rcv_msg+0x10/0x10
[  904.971967][T30373]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  904.971995][T30373]  ? netlink_deliver_tap+0x1ae/0xcc0
[  904.972020][T30373]  genl_rcv+0x28/0x40
[  904.972041][T30373]  netlink_unicast+0x585/0x850
[  904.972066][T30373]  ? __pfx_netlink_unicast+0x10/0x10
[  904.972090][T30373]  netlink_sendmsg+0x8b0/0xda0
[  904.972114][T30373]  ? __pfx_netlink_sendmsg+0x10/0x10
[  904.972139][T30373]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  904.972169][T30373]  ____sys_sendmsg+0x9e1/0xb70
[  904.972189][T30373]  ? __pfx_netlink_sendmsg+0x10/0x10
[  904.972210][T30373]  ? __pfx_____sys_sendmsg+0x10/0x10
[  904.972226][T30373]  ? __pfx___futex_wait+0x10/0x10
[  904.972253][T30373]  ? __pfx_futex_wake_mark+0x10/0x10
[  904.972279][T30373]  ___sys_sendmsg+0x190/0x1e0
[  904.972304][T30373]  ? __pfx____sys_sendmsg+0x10/0x10
[  904.972334][T30373]  ? find_held_lock+0x2b/0x80
[  904.972371][T30373]  __sys_sendmsg+0x170/0x220
[  904.972389][T30373]  ? __pfx___sys_sendmsg+0x10/0x10
[  904.972417][T30373]  ? rcu_is_watching+0x12/0xc0
[  904.972440][T30373]  __do_fast_syscall_32+0xe7/0x950
[  904.972472][T30373]  do_fast_syscall_32+0x32/0x70
[  904.972496][T30373]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  904.972519][T30373] RIP: 0023:0xf70aefcc
[  904.972533][T30373] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  904.972546][T30373] RSP: 002b:00000000f547c50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  904.972563][T30373] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000100
[  904.972575][T30373] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  904.972585][T30373] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  904.972597][T30373] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  904.972608][T30373] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  904.972632][T30373]  </TASK>
[  904.972639][T30373] Mem-Info:
[  905.149747][T30373] active_anon:4408 inactive_anon:713 isolated_anon:0
[  905.149747][T30373]  active_file:8000 inactive_file:3755 isolated_file:0
[  905.149747][T30373]  unevictable:1768 dirty:61 writeback:0
[  905.149747][T30373]  slab_reclaimable:7560 slab_unreclaimable:98447
[  905.149747][T30373]  mapped:24806 shmem:4655 pagetables:1927
[  905.149747][T30373]  sec_pagetables:388 bounce:0
[  905.149747][T30373]  kernel_misc_reclaimable:0
[  905.149747][T30373]  free:28162 free_pcp:2330 free_cma:0
[  905.249591][T30373] Node 0 active_anon:96kB inactive_anon:48kB active_file:60kB inactive_file:20kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:88kB dirty:48kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8596kB pagetables:1356kB sec_pagetables:1204kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  905.260733][T30373] Node 1 active_anon:29060kB inactive_anon:2760kB active_file:32168kB inactive_file:14668kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:110704kB dirty:280kB writeback:0kB shmem:26500kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:10300kB pagetables:6336kB sec_pagetables:348kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  905.271868][T30373] Node 0 DMA free:2564kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:4kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  905.281946][T30373] lowmem_reserve[]: 0 285 285 285 285
[  905.284271][T30373] Node 0 DMA32 free:21680kB boost:29452kB min:42544kB low:45816kB high:49088kB reserved_highatomic:0KB free_highatomic:0KB active_anon:96kB inactive_anon:48kB active_file:20kB inactive_file:12kB unevictable:3536kB writepending:0kB zspages:1180kB present:1032196kB managed:292680kB mlocked:0kB bounce:0kB free_pcp:1676kB local_pcp:0kB free_cma:0kB
[  905.294777][T30373] lowmem_reserve[]: 0 0 0 0 0
[  905.296612][T30373] Node 1 DMA32 free:76844kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:29060kB inactive_anon:2760kB active_file:32168kB inactive_file:14668kB unevictable:3536kB writepending:280kB zspages:5788kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:8012kB local_pcp:852kB free_cma:0kB
[  905.307315][T30373] lowmem_reserve[]: 0 0 0 0 0
[  905.308839][T30373] Node 0 DMA: 207*4kB (UM) 47*8kB (UM) 19*16kB (UM) 3*32kB (M) 5*64kB (UM) 1*128kB (M) 0*256kB 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 2564kB
[  905.313616][T30373] Node 0 DMA32: 770*4kB (UME) 299*8kB (UME) 143*16kB (UME) 73*32kB (UME) 65*64kB (UME) 24*128kB (UME) 11*256kB (UM) 3*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 21680kB
[  905.318923][T30373] Node 1 DMA32: 123*4kB (UME) 1085*8kB (UM) 4447*16kB (UM) 5*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 80484kB
[  905.323650][T30373] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  905.326675][T30373] Node 0 hugepages_total=1 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  905.329667][T30373] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  905.335122][T30373] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  905.338416][T30373] 20739 total pagecache pages
[  905.340464][T30373] 1763 pages in swap cache
[  905.342558][T30373] Free swap  = 51476kB
[  905.344003][T30373] Total swap = 124996kB
[  905.345691][T30373] 524155 pages RAM
[  905.347847][T30373] 0 pages HighMem/MovableOnly
[  905.355002][T30373] 210092 pages reserved
[  905.357024][T30373] 0 pages cma reserved
[  908.300513][T30416] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  908.515696][T30427] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8600'.
[  908.992867][T30434] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  909.386106][T30442] netlink: 'syz.2.8606': attribute type 1 has an invalid length.
[  909.417981][T30442] 8021q: adding VLAN 0 to HW filter on device bond36
[  909.509693][T30442] bond36: entered allmulticast mode
[  909.531214][T30442] bond36: (slave ip6gretap1): making interface the new active one
[  909.534664][T30442] ip6gretap1: entered allmulticast mode
[  909.542057][T30442] bond36: (slave ip6gretap1): Enslaving as an active interface with an up link
[  909.977522][T30460] overlayfs: failed to clone upperpath
[  911.756586][T30483] netlink: 68 bytes leftover after parsing attributes in process `syz.2.8619'.
[  911.816471][T30487] netlink: 'syz.0.8620': attribute type 39 has an invalid length.
[  911.847686][T30479] 8021q: adding VLAN 0 to HW filter on device bond16
[  913.644549][T30521] netlink: 'syz.4.8630': attribute type 1 has an invalid length.
[  913.656264][T30521] 8021q: adding VLAN 0 to HW filter on device bond17
[  914.068248][T30532] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  914.097323][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  915.100132][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  916.480670][T30574] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8644'.
[  916.830718][   T10] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[  917.010304][   T10] usb 8-1: Using ep0 maxpacket: 16
[  917.041394][   T10] usb 8-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  917.044247][   T10] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  917.048863][   T10] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  917.073869][   T10] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  917.078042][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  917.087772][   T10] usb 8-1: Product: syz
[  917.089178][   T10] usb 8-1: Manufacturer: syz
[  917.093611][   T10] usb 8-1: SerialNumber: syz
[  917.130033][   T10] usb 8-1: 0:2 : does not exist
[  917.725017][T30587] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  919.945093][T30593] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8650'.
[  920.000482][  T842] usb 8-1: USB disconnect, device number 28
[  922.259677][   T40] audit: type=1326 audit(2000000095.449:7768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30639 comm="syz.3.8655" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[  922.269291][   T40] audit: type=1326 audit(2000000095.449:7769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30639 comm="syz.3.8655" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[  922.281079][   T40] audit: type=1326 audit(2000000095.459:7770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30639 comm="syz.3.8655" exe="/syz-executor" sig=0 arch=40000003 syscall=351 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[  922.296321][   T40] audit: type=1326 audit(2000000095.459:7771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30639 comm="syz.3.8655" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[  922.308160][   T40] audit: type=1326 audit(2000000095.459:7772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30639 comm="syz.3.8655" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[  922.320267][   T40] audit: type=1326 audit(2000000095.459:7773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30639 comm="syz.3.8655" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[  922.331996][   T40] audit: type=1326 audit(2000000095.459:7774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30639 comm="syz.3.8655" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[  922.342787][   T40] audit: type=1326 audit(2000000095.459:7775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30639 comm="syz.3.8655" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[  922.352982][   T40] audit: type=1326 audit(2000000095.469:7776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30639 comm="syz.3.8655" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[  922.361772][   T40] audit: type=1326 audit(2000000095.469:7777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30639 comm="syz.3.8655" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[  923.782897][T30657] netlink: 'syz.4.8667': attribute type 10 has an invalid length.
[  923.785717][T30657] netlink: 40 bytes leftover after parsing attributes in process `syz.4.8667'.
[  923.866938][T30666] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  924.080736][T30676] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8668'.
[  924.085205][T30676] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8668'.
[  924.090250][T30676] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8668'.
[  924.093368][T30676] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8668'.
[  924.096437][T30676] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8668'.
[  924.101865][T30676] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8668'.
[  924.107650][T30676] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8668'.
[  924.116988][T30676] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8668'.
[  924.125429][T30676] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8668'.
[  928.895101][T30711] overlayfs: failed to clone upperpath
[  928.955317][   T40] kauditd_printk_skb: 13 callbacks suppressed
[  928.955330][   T40] audit: type=1804 audit(2000000102.139:7791): pid=30711 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.8680" name="bus" dev="tmpfs" ino=12483 res=1 errno=0
[  930.558351][T30731] 9pnet_fd: p9_fd_create_unix (30731): address too long: ./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  930.930348][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  935.191685][T30762] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  935.374304][T30771] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8689'.
[  936.051741][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[  936.054448][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[  936.211048][T30784] overlayfs: failed to clone lowerpath
[  936.264329][T30788] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  936.406393][T30792] overlayfs: failed to clone upperpath
[  936.530164][T30796] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  936.639795][T30806] 8021q: adding VLAN 0 to HW filter on device 

[  936.645665][T30806] 8021q: adding VLAN 0 to HW filter on device team0
[  936.656437][T30806] 8021q: adding VLAN 0 to HW filter on device batadv0
[  936.723787][T30806] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  936.728366][T30806] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  936.741355][T30806] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  936.825429][T30817] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8706'.
[  936.879438][T30817] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8706'.
[  937.138200][T30832] syz.3.8719: page allocation failure: order:6, mode:0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0-1
[  937.147007][T30832] CPU: 2 UID: 0 PID: 30832 Comm: syz.3.8719 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  937.147039][T30832] Tainted: [L]=SOFTLOCKUP
[  937.147046][T30832] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  937.147055][T30832] Call Trace:
[  937.147061][T30832]  <TASK>
[  937.147068][T30832]  dump_stack_lvl+0x100/0x190
[  937.147094][T30832]  warn_alloc.cold+0x95/0x1c1
[  937.147117][T30832]  ? __pfx_warn_alloc+0x10/0x10
[  937.147157][T30832]  ? __pfx___might_resched+0x10/0x10
[  937.147192][T30832]  __alloc_frozen_pages_noprof+0xf25/0x2bc0
[  937.147244][T30832]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  937.147279][T30832]  ? __lock_acquire+0x4a5/0x2630
[  937.147295][T30832]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  937.147379][T30832]  ? lock_acquire+0x1b1/0x370
[  937.147398][T30832]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  937.147422][T30832]  ? policy_nodemask+0xed/0x4f0
[  937.147446][T30832]  alloc_pages_mpol+0x1fb/0x540
[  937.147469][T30832]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  937.147488][T30832]  ? stack_depot_save_flags+0x27/0x9d0
[  937.147509][T30832]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  937.147534][T30832]  ? vb2_core_allocated_buffers_storage+0x184/0x220
[  937.147554][T30832]  ___kmalloc_large_node+0xe5/0x120
[  937.147576][T30832]  ? __vb2_perform_fileio+0x91e/0x1380
[  937.147598][T30832]  __kmalloc_large_node_noprof+0x1c/0x70
[  937.147624][T30832]  __kmalloc_noprof+0x5be/0x850
[  937.147654][T30832]  vb2_core_allocated_buffers_storage+0x184/0x220
[  937.147675][T30832]  vb2_core_reqbufs+0x382/0xf30
[  937.147702][T30832]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  937.147737][T30832]  __vb2_init_fileio+0x32d/0x1000
[  937.147757][T30832]  ? aa_file_perm+0x7f3/0x14d0
[  937.147784][T30832]  __vb2_perform_fileio+0x91e/0x1380
[  937.147813][T30832]  ? __pfx___vb2_perform_fileio+0x10/0x10
[  937.147833][T30832]  ? __pfx___might_resched+0x10/0x10
[  937.147853][T30832]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  937.147875][T30832]  ? import_ubuf+0x1b6/0x220
[  937.147904][T30832]  vb2_fop_read+0x211/0x520
[  937.147928][T30832]  v4l2_read+0x229/0x2c0
[  937.147956][T30832]  ? __pfx_v4l2_read+0x10/0x10
[  937.147983][T30832]  vfs_readv+0x5d8/0x8d0
[  937.148008][T30832]  ? __pfx_vfs_readv+0x10/0x10
[  937.148045][T30832]  ? __fget_files+0x21f/0x3d0
[  937.148074][T30832]  ? do_preadv+0x1ac/0x270
[  937.148092][T30832]  do_preadv+0x1ac/0x270
[  937.148113][T30832]  ? __pfx_do_preadv+0x10/0x10
[  937.148131][T30832]  ? rcu_is_watching+0x12/0xc0
[  937.148158][T30832]  __do_fast_syscall_32+0xe7/0x950
[  937.148187][T30832]  ? lockdep_hardirqs_on+0x78/0x100
[  937.148212][T30832]  do_fast_syscall_32+0x32/0x70
[  937.148236][T30832]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  937.148279][T30832] RIP: 0023:0xf7f55fcc
[  937.148298][T30832] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  937.148317][T30832] RSP: 002b:00000000f53f550c EFLAGS: 00000292 ORIG_RAX: 000000000000014d
[  937.148337][T30832] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000680
[  937.148351][T30832] RDX: 0000000000000001 RSI: 0000000080000001 RDI: 0000000000000003
[  937.148362][T30832] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  937.148373][T30832] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  937.148385][T30832] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  937.148413][T30832]  </TASK>
[  937.311323][T30832] Mem-Info:
[  937.314782][T30832] active_anon:4156 inactive_anon:1247 isolated_anon:0
[  937.314782][T30832]  active_file:3676 inactive_file:9506 isolated_file:0
[  937.314782][T30832]  unevictable:1768 dirty:290 writeback:0
[  937.314782][T30832]  slab_reclaimable:7581 slab_unreclaimable:96386
[  937.314782][T30832]  mapped:24576 shmem:4646 pagetables:1945
[  937.314782][T30832]  sec_pagetables:388 bounce:0
[  937.314782][T30832]  kernel_misc_reclaimable:0
[  937.314782][T30832]  free:26207 free_pcp:3650 free_cma:0
[  937.334747][T30832] Node 0 active_anon:16kB inactive_anon:124kB active_file:32kB inactive_file:32kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:80kB dirty:4kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8672kB pagetables:1356kB sec_pagetables:1204kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  937.352323][T30832] Node 1 active_anon:16708kB inactive_anon:4864kB active_file:14672kB inactive_file:37992kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:98724kB dirty:1156kB writeback:0kB shmem:15048kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:10360kB pagetables:6424kB sec_pagetables:348kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  937.368456][T30832] Node 0 DMA free:2736kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  937.383741][T30832] lowmem_reserve[]: 0 285 285 285 285
[  937.390080][T30832] Node 0 DMA32 free:24960kB boost:29452kB min:42544kB low:45816kB high:49088kB reserved_highatomic:2048KB free_highatomic:208KB active_anon:16kB inactive_anon:124kB active_file:28kB inactive_file:32kB unevictable:3536kB writepending:4kB zspages:1044kB present:1032196kB managed:292680kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  937.417670][T30832] lowmem_reserve[]: 0 0 0 0 0
[  937.425660][T30832] Node 1 DMA32 free:76040kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16708kB inactive_anon:4864kB active_file:14672kB inactive_file:37992kB unevictable:3536kB writepending:1156kB zspages:5628kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:15400kB local_pcp:1228kB free_cma:0kB
[  937.439510][T30832] lowmem_reserve[]: 0 0 0 0 0
[  937.441971][T30832] Node 0 DMA: 206*4kB (UM) 45*8kB (UM) 19*16kB (UM) 7*32kB (UM) 6*64kB (UM) 1*128kB (M) 0*256kB 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 2736kB
[  937.448275][T30832] Node 0 DMA32: 860*4kB (UMEH) 464*8kB (UMEH) 183*16kB (UMEH) 133*32kB (UME) 54*64kB (UMEH) 20*128kB (ME) 8*256kB (UM) 5*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 24960kB
[  937.458529][T30832] Node 1 DMA32: 154*4kB (M) 454*8kB (UM) 4333*16kB (UME) 67*32kB (U) 2*64kB (U) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 75848kB
[  937.464653][T30832] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  937.467817][T30832] Node 0 hugepages_total=1 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  937.471442][T30832] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  937.475158][T30832] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  937.478894][T30832] 19494 total pagecache pages
[  937.482437][T30832] 1662 pages in swap cache
[  937.484191][T30832] Free swap  = 51396kB
[  937.486024][T30832] Total swap = 124996kB
[  937.487631][T30832] 524155 pages RAM
[  937.488960][T30832] 0 pages HighMem/MovableOnly
[  937.490932][T30832] 210092 pages reserved
[  937.492864][T30832] 0 pages cma reserved
[  939.045964][T30861] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  939.219546][T30865] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  939.226185][T30865] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  943.497187][T30881] overlayfs: failed to clone upperpath
[  943.996773][T30895] netlink: 'syz.0.8730': attribute type 1 has an invalid length.
[  944.017959][T30895] bond43: entered promiscuous mode
[  944.020694][T30895] 8021q: adding VLAN 0 to HW filter on device bond43
[  944.109542][T30895] ipvlan0: entered allmulticast mode
[  944.111847][T30895] bond43: entered allmulticast mode
[  944.129430][T30895] ipvlan1: entered allmulticast mode
[  944.160136][T30895] bond43: (slave bridge23): making interface the new active one
[  944.163446][T30895] bridge23: entered promiscuous mode
[  944.165856][T30895] bridge23: entered allmulticast mode
[  944.170691][T30895] bond43: (slave bridge23): Enslaving as an active interface with an up link
[  944.801234][T30906] futex_wake_op: syz.2.8734 tries to shift op by 144; fix this program
[  944.941087][T30911] fuse: fd is not a fuse device
[  947.438729][T30932] bridge4: entered allmulticast mode
[  948.023252][ T6532] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[  948.251216][ T6532] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  948.258192][ T6532] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  948.263893][ T6532] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  948.267955][ T6532] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  948.275222][ T6532] usb 8-1: config 0 descriptor??
[  949.083834][ T6532] keytouch 0003:0926:3333.0022: fixing up Keytouch IEC report descriptor
[  949.103826][ T6532] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:0926:3333.0022/input/input46
[  949.338600][ T6532] keytouch 0003:0926:3333.0022: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  949.402422][  T842] usb 8-1: USB disconnect, device number 29
[  949.725170][T30976] fido_id[30976]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb8/report_descriptor': No such file or directory
[  950.507701][T30986] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8759'.
[  952.315988][T31014] overlayfs: failed to clone upperpath
[  952.925725][T31022] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8769'.
[  953.501806][T31028] netlink: 36 bytes leftover after parsing attributes in process `syz.4.8771'.
[  955.316908][T31043] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8775'.
[  955.651224][T29499] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[  955.810443][T29499] usb 8-1: Using ep0 maxpacket: 16
[  955.814028][T31057] fuse: fd is not a fuse device
[  955.829385][T29499] usb 8-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  955.835673][T29499] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  955.845744][T29499] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  955.857625][T29499] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  955.866367][T29499] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  955.876633][T29499] usb 8-1: Product: syz
[  955.881197][T29499] usb 8-1: Manufacturer: syz
[  955.884462][T29499] usb 8-1: SerialNumber: syz
[  955.911421][T29499] usb 8-1: 0:2 : does not exist
[  956.368376][T31070] overlayfs: failed to clone upperpath
[  956.685531][T31079] bridge23: entered allmulticast mode
[  956.805961][T31083] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8788'.
[  956.887208][T31078] bridge23: left allmulticast mode
[  957.840710][T31103] 8021q: adding VLAN 0 to HW filter on device bond44
[  958.300596][T29499] usb 8-1: USB disconnect, device number 30
[  959.024060][T31121] vxlan0: left promiscuous mode
[  959.026488][T31121] veth19: left allmulticast mode
[  959.028864][T31121] gretap1: left promiscuous mode
[  959.032920][T31121] veth21: left allmulticast mode
[  959.035411][T31121] vlan2: left promiscuous mode
[  959.037337][T31121] bond13: left promiscuous mode
[  959.039305][T31121] bridge8: left promiscuous mode
[  959.041612][T31121] vlan2: left allmulticast mode
[  959.043687][T31121] bond13: left allmulticast mode
[  959.045683][T31121] bridge8: left allmulticast mode
[  959.072861][T31131] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8801'.
[  959.311708][T31144] overlayfs: failed to clone upperpath
[  959.317225][T31144] overlayfs: failed to clone upperpath
[  962.901663][T31161] 8021q: adding VLAN 0 to HW filter on device bond37
[  963.714937][T31179] xt_CT: You must specify a L4 protocol and not use inversions on it
[  964.125527][   T40] audit: type=1800 audit(2000000137.319:7792): pid=31191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.8819" name="nullb0" dev="tmpfs" ino=3435 res=0 errno=0
[  965.842440][T31210] macsec1: entered promiscuous mode
[  965.849866][T31210] macsec1: entered allmulticast mode
[  970.521590][ T5826] IPVS: starting estimator thread 0...
[  970.620612][T31247] IPVS: using max 29 ests per chain, 69600 per kthread
[  970.928732][T31252] ptrace attach of ""[31253] was attempted by "/syz-executor exec"[31252]
[  971.839395][T31264] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  971.844523][T31264] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  971.850841][T31264] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  973.761024][T15092] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[  973.909970][T15092] usb 8-1: Using ep0 maxpacket: 8
[  973.914819][T15092] usb 8-1: config index 0 descriptor too short (expected 301, got 45)
[  973.918618][T15092] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  973.923287][T15092] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  973.927562][T15092] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  973.932636][T15092] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  973.938270][T15092] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  973.942536][T15092] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  974.167745][T15092] usb 8-1: usb_control_msg returned -32
[  974.171009][T15092] usbtmc 8-1:16.0: can't read capabilities
[  974.501007][T13299] usb 8-1: USB disconnect, device number 31
[  974.502226][T31276] usbtmc 8-1:16.0: usb_control_msg returned -71
[  974.887898][T31290] tmpfs: Bad value for 'nr_blocks'
[  975.800919][T31304] 8021q: adding VLAN 0 to HW filter on device bond16
[  977.123344][T31133] libceph: connect (1)[c::]:6789 error -101
[  977.125857][T31133] libceph: mon0 (1)[c::]:6789 connect error
[  977.174393][T31329] ceph: No mds server is up or the cluster is laggy
[  978.571925][T31350] 8021q: adding VLAN 0 to HW filter on device bond17
[  979.173900][T31358] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8863'.
[  981.004151][T31398] 8021q: adding VLAN 0 to HW filter on device bond38
[  983.960745][T13299] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[  984.155179][T13299] usb 8-1: Using ep0 maxpacket: 32
[  984.164391][T13299] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  984.170635][T13299] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  984.176176][T13299] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  984.186360][T13299] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  984.197621][T13299] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  984.206140][T13299] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  984.221424][T13299] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  984.231642][T13299] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  984.258195][T13299] usb 8-1: config 0 descriptor??
[  984.496851][T13299] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 32 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  984.734633][ T5826] usb 8-1: USB disconnect, device number 32
[  984.739754][ T5826] usblp0: removed
[  987.095930][T31480] vlan0: entered promiscuous mode
[  987.098208][T31480] hsr0: entered promiscuous mode
[  987.101260][T31480] vlan0: entered allmulticast mode
[  987.103640][T31480] hsr0: entered allmulticast mode
[  987.105307][T31480] hsr_slave_0: entered allmulticast mode
[  987.107660][T31480] hsr_slave_1: entered allmulticast mode
[  987.131062][T31480] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8899'.
[  987.177621][T31480] hsr_slave_1 (unregistering): left promiscuous mode
[  988.626855][T31490] Invalid source name
[  988.628540][T31490] UBIFS error (pid: 31490): cannot open "./file0", error -22
[  989.263284][   T40] audit: type=1326 audit(2000000162.459:7793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31495 comm="syz.2.8903" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f58fcc code=0x0
[  990.407563][T31510] syz.0.8907: page allocation failure: order:4, mode:0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0-1
[  990.414607][T31510] CPU: 3 UID: 0 PID: 31510 Comm: syz.0.8907 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  990.414655][T31510] Tainted: [L]=SOFTLOCKUP
[  990.414664][T31510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  990.414675][T31510] Call Trace:
[  990.414682][T31510]  <TASK>
[  990.414691][T31510]  dump_stack_lvl+0x100/0x190
[  990.414719][T31510]  warn_alloc.cold+0x95/0x1c1
[  990.414744][T31510]  ? __pfx_warn_alloc+0x10/0x10
[  990.414787][T31510]  ? __pfx___might_resched+0x10/0x10
[  990.414831][T31510]  __alloc_frozen_pages_noprof+0xf25/0x2bc0
[  990.414881][T31510]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  990.414912][T31510]  ? find_held_lock+0x2b/0x80
[  990.414941][T31510]  ? bpf_ksym_find+0x124/0x1c0
[  990.414978][T31510]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  990.415010][T31510]  ? __kernel_text_address+0xd/0x30
[  990.415031][T31510]  ? unwind_get_return_address+0x59/0xa0
[  990.415058][T31510]  ? arch_stack_walk+0xa6/0xf0
[  990.415099][T31510]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  990.415129][T31510]  ? policy_nodemask+0xed/0x4f0
[  990.415169][T31510]  alloc_pages_mpol+0x1fb/0x540
[  990.415194][T31510]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  990.415215][T31510]  ? stack_depot_save_flags+0x27/0x9d0
[  990.415239][T31510]  ? arch_stack_walk+0xa6/0xf0
[  990.415267][T31510]  ? wiphy_new_nm+0x701/0x21a0
[  990.415321][T31510]  ___kmalloc_large_node+0xe5/0x120
[  990.415351][T31510]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[  990.415378][T31510]  __kmalloc_large_node_noprof+0x1c/0x70
[  990.415402][T31510]  ? netlink_sendmsg+0x8b0/0xda0
[  990.415428][T31510]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[  990.415455][T31510]  __kmalloc_noprof+0x5be/0x850
[  990.415495][T31510]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[  990.415524][T31510]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[  990.415565][T31510]  ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10
[  990.415594][T31510]  wiphy_new_nm+0x701/0x21a0
[  990.415640][T31510]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[  990.415666][T31510]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[  990.415692][T31510]  ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10
[  990.415719][T31510]  ieee80211_alloc_hw_nm+0x1afc/0x22e0
[  990.415745][T31510]  ? __local_bh_enable_ip+0x9e/0x120
[  990.415775][T31510]  mac80211_hwsim_new_radio+0x1de/0x5ae0
[  990.415820][T31510]  ? rcu_is_watching+0x12/0xc0
[  990.415845][T31510]  ? trace_kmalloc+0xe3/0x110
[  990.415881][T31510]  ? __kasan_kmalloc+0xaa/0xb0
[  990.415905][T31510]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  990.415931][T31510]  ? __asan_memcpy+0x3c/0x60
[  990.415965][T31510]  hwsim_new_radio_nl+0xc5f/0x1370
[  990.415987][T31510]  ? rcu_is_watching+0x12/0xc0
[  990.416012][T31510]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  990.416059][T31510]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0
[  990.416091][T31510]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0
[  990.416128][T31510]  genl_family_rcv_msg_doit+0x214/0x300
[  990.416161][T31510]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  990.416188][T31510]  ? genl_get_cmd+0x3e7/0x760
[  990.416220][T31510]  ? bpf_lsm_capable+0x9/0x10
[  990.416243][T31510]  ? security_capable+0x80/0x260
[  990.416273][T31510]  ? ns_capable+0xd2/0xf0
[  990.416298][T31510]  genl_rcv_msg+0x560/0x800
[  990.416325][T31510]  ? __pfx_genl_rcv_msg+0x10/0x10
[  990.416353][T31510]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  990.416382][T31510]  netlink_rcv_skb+0x159/0x420
[  990.416408][T31510]  ? __pfx_genl_rcv_msg+0x10/0x10
[  990.416437][T31510]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  990.416479][T31510]  ? netlink_deliver_tap+0x1ae/0xcc0
[  990.416507][T31510]  genl_rcv+0x28/0x40
[  990.416532][T31510]  netlink_unicast+0x585/0x850
[  990.416562][T31510]  ? __pfx_netlink_unicast+0x10/0x10
[  990.416596][T31510]  netlink_sendmsg+0x8b0/0xda0
[  990.416628][T31510]  ? __pfx_netlink_sendmsg+0x10/0x10
[  990.416659][T31510]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  990.416692][T31510]  ____sys_sendmsg+0x9e1/0xb70
[  990.416716][T31510]  ? __pfx_netlink_sendmsg+0x10/0x10
[  990.416743][T31510]  ? __pfx_____sys_sendmsg+0x10/0x10
[  990.416766][T31510]  ? __pfx___futex_wait+0x10/0x10
[  990.416799][T31510]  ? __pfx_futex_wake_mark+0x10/0x10
[  990.416829][T31510]  ___sys_sendmsg+0x190/0x1e0
[  990.416857][T31510]  ? __pfx____sys_sendmsg+0x10/0x10
[  990.416897][T31510]  ? find_held_lock+0x2b/0x80
[  990.416940][T31510]  __sys_sendmsg+0x170/0x220
[  990.416962][T31510]  ? __pfx___sys_sendmsg+0x10/0x10
[  990.416994][T31510]  ? rcu_is_watching+0x12/0xc0
[  990.417021][T31510]  __do_fast_syscall_32+0xe7/0x950
[  990.417047][T31510]  ? lockdep_hardirqs_on+0x78/0x100
[  990.417072][T31510]  do_fast_syscall_32+0x32/0x70
[  990.417099][T31510]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  990.417125][T31510] RIP: 0023:0xf706efcc
[  990.417143][T31510] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  990.417162][T31510] RSP: 002b:00000000f543c50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[  990.417182][T31510] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000100
[  990.417195][T31510] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  990.417206][T31510] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  990.417217][T31510] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  990.417229][T31510] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  990.417260][T31510]  </TASK>
[  990.417973][T31510] Mem-Info:
[  990.607997][T31510] active_anon:3479 inactive_anon:1847 isolated_anon:0
[  990.607997][T31510]  active_file:4607 inactive_file:5224 isolated_file:0
[  990.607997][T31510]  unevictable:1768 dirty:266 writeback:0
[  990.607997][T31510]  slab_reclaimable:7566 slab_unreclaimable:97349
[  990.607997][T31510]  mapped:26797 shmem:4653 pagetables:2031
[  990.607997][T31510]  sec_pagetables:392 bounce:0
[  990.607997][T31510]  kernel_misc_reclaimable:0
[  990.607997][T31510]  free:30346 free_pcp:1309 free_cma:0
[  990.626411][T31510] Node 0 active_anon:92kB inactive_anon:100kB active_file:4332kB inactive_file:904kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:248kB dirty:28kB writeback:0kB shmem:3540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8660kB pagetables:1356kB sec_pagetables:1208kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  990.640561][T31510] Node 1 active_anon:13824kB inactive_anon:7288kB active_file:15796kB inactive_file:19992kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:107240kB dirty:1036kB writeback:0kB shmem:15072kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:10780kB pagetables:6768kB sec_pagetables:360kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  990.653095][T31510] Node 0 DMA free:2132kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:772kB inactive_file:4kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  990.662873][T31510] lowmem_reserve[]: 0 285 285 285 285
[  990.664722][T31510] Node 0 DMA32 free:21428kB boost:29452kB min:42544kB low:45816kB high:49088kB reserved_highatomic:0KB free_highatomic:0KB active_anon:92kB inactive_anon:100kB active_file:3560kB inactive_file:900kB unevictable:3536kB writepending:28kB zspages:896kB present:1032196kB managed:292680kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  990.674881][T31510] lowmem_reserve[]: 0 0 0 0 0
[  990.676518][T31510] Node 1 DMA32 free:96468kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:13824kB inactive_anon:7288kB active_file:17696kB inactive_file:19992kB unevictable:3536kB writepending:1036kB zspages:5584kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:3588kB local_pcp:848kB free_cma:0kB
[  990.687062][T31510] lowmem_reserve[]: 0 0 0 0 0
[  990.688688][T31510] Node 0 DMA: 201*4kB (U) 40*8kB (UM) 15*16kB (UM) 8*32kB (UM) 2*64kB (U) 1*128kB (M) 1*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2132kB
[  990.693530][T31510] Node 0 DMA32: 273*4kB (UM) 416*8kB (UME) 153*16kB (UME) 107*32kB (UME) 62*64kB (UME) 26*128kB (UME) 9*256kB (UM) 3*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 21428kB
[  990.702489][T31510] Node 1 DMA32: 2064*4kB (U) 2276*8kB (UE) 4310*16kB (UE) 30*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 96384kB
[  990.707341][T31510] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  990.710947][T31510] Node 0 hugepages_total=1 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  990.714206][T31510] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  990.717325][T31510] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  990.720501][T31510] 17504 total pagecache pages
[  990.722153][T31510] 1870 pages in swap cache
[  990.723689][T31510] Free swap  = 50588kB
[  990.725352][T31510] Total swap = 124996kB
[  990.728790][T31510] 524155 pages RAM
[  990.730383][T31510] 0 pages HighMem/MovableOnly
[  990.732072][T31510] 210092 pages reserved
[  990.733587][T31510] 0 pages cma reserved
[  994.216363][T31542] fuse: fd is not a fuse device
[  994.245700][T31540] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8917'.
[  994.253120][T31540] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8917'.
[  994.258419][T31540] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8917'.
[  997.497397][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[  997.500829][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[  999.605888][T31574] fuse: fd is not a fuse device
[ 1001.251013][T31594] mac80211_hwsim hwsim34 syzkaller0: left promiscuous mode
[ 1001.253574][T31594] bond0: left promiscuous mode
[ 1001.255564][T31594] bridge9: left promiscuous mode
[ 1001.257417][T31594] gretap2: left promiscuous mode
[ 1001.259235][T31594] bond12: left promiscuous mode
[ 1001.261808][T31594] bridge10: left promiscuous mode
[ 1001.269154][T31594] macsec1: left promiscuous mode
[ 1001.276576][T31594] vlan0: left promiscuous mode
[ 1001.302595][T31594] hsr0: left promiscuous mode
[ 1001.337340][T31596] netlink: 'syz.4.8937': attribute type 1 has an invalid length.
[ 1001.348148][T31596] netlink: 'syz.4.8937': attribute type 1 has an invalid length.
[ 1001.820132][ T7396] usb 8-1: new high-speed USB device number 33 using dummy_hcd
[ 1001.974052][ T7396] usb 8-1: Using ep0 maxpacket: 32
[ 1001.977898][ T7396] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1001.997322][ T7396] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1002.003340][ T7396] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1002.010978][ T7396] usb 8-1: Product: syz
[ 1002.013855][ T7396] usb 8-1: Manufacturer: syz
[ 1002.017706][ T7396] usb 8-1: SerialNumber: syz
[ 1002.031239][ T7396] usb 8-1: config 0 descriptor??
[ 1002.035710][T31606] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1002.390451][ T7396] usb 8-1: USB disconnect, device number 33
[ 1004.530641][  T842] usb 8-1: new high-speed USB device number 34 using dummy_hcd
[ 1004.702145][  T842] usb 8-1: Using ep0 maxpacket: 32
[ 1004.709623][  T842] usb 8-1: New USB device found, idVendor=2304, idProduct=0222, bcdDevice=77.3f
[ 1004.716222][  T842] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1004.719649][  T842] usb 8-1: Product: syz
[ 1004.721912][  T842] usb 8-1: Manufacturer: syz
[ 1004.725100][  T842] usb 8-1: SerialNumber: syz
[ 1004.823156][  T842] usb 8-1: config 0 descriptor??
[ 1004.838327][  T842] dvb-usb: found a 'Pinnacle 450e DVB-S USB2.0' in warm state.
[ 1004.855703][  T842] dvb-usb: bulk message failed: -22 (4/0)
[ 1004.864182][  T842] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1004.877228][  T842] dvb-usb: bulk message failed: -22 (5/0)
[ 1004.879679][  T842] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1004.889216][  T842] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1004.895815][  T842] dvbdev: DVB: registering new adapter (Pinnacle 450e DVB-S USB2.0)
[ 1004.901490][  T842] usb 8-1: media controller created
[ 1004.940488][  T842] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1004.952875][  T842] usb 8-1: selecting invalid altsetting 3
[ 1004.954733][  T842] ttusb2: set interface to alts=3 failed
[ 1005.073344][  T842] DVB: Unable to find symbol tda10086_attach()
[ 1005.080778][  T842] dvb-usb: no frontend was attached by 'Pinnacle 450e DVB-S USB2.0'
[ 1005.095764][  T842] dvb-usb: bulk message failed: -22 (4/0)
[ 1005.100708][  T842] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1005.102269][T31654] dvb-usb: bulk message failed: -22 (7/0)
[ 1005.117878][  T842] dvb-usb: bulk message failed: -22 (5/0)
[ 1005.131076][  T842] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1005.131855][T31654] ttusb2: there might have been an error during control message transfer. (rlen = 56, was 0)
[ 1005.137733][  T842] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully initialized and connected.
[ 1005.138894][T31654] ttusb2: i2c transfer failed.
[ 1005.155860][  T842] usb 8-1: USB disconnect, device number 34
[ 1005.258765][  T842] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully deinitialized and disconnected.
[ 1005.646934][T31676] SQUASHFS error: Failed to read block 0x0: -5
[ 1008.176502][T31703] mac80211_hwsim hwsim34 syzkaller0: entered promiscuous mode
[ 1009.576292][   T40] audit: type=1326 audit(2000000182.769:7794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31732 comm="syz.3.8969" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[ 1009.585961][T31727] erspan0: entered promiscuous mode
[ 1009.587832][T31727] erspan0: entered allmulticast mode
[ 1009.593826][   T40] audit: type=1326 audit(2000000182.769:7795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31732 comm="syz.3.8969" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[ 1009.602646][   T40] audit: type=1326 audit(2000000182.769:7796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31732 comm="syz.3.8969" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[ 1009.611900][   T40] audit: type=1326 audit(2000000182.769:7797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31732 comm="syz.3.8969" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[ 1009.620547][   T40] audit: type=1326 audit(2000000182.769:7798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31732 comm="syz.3.8969" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[ 1009.629280][   T40] audit: type=1326 audit(2000000182.769:7799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31732 comm="syz.3.8969" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[ 1009.638024][   T40] audit: type=1326 audit(2000000182.769:7800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31732 comm="syz.3.8969" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[ 1009.646843][   T40] audit: type=1326 audit(2000000182.779:7801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31732 comm="syz.3.8969" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[ 1009.923236][   T40] audit: type=1326 audit(2000000183.109:7802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31732 comm="syz.3.8969" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[ 1009.931410][   T40] audit: type=1326 audit(2000000183.109:7803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31732 comm="syz.3.8969" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f55fcc code=0x7ffc0000
[ 1010.167776][T31743] netlink: 28 bytes leftover after parsing attributes in process `syz.4.8973'.
[ 1011.009964][T31755] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1011.682191][T31770] syz.2.8980: page allocation failure: order:4, mode:0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1011.693776][T31770] CPU: 0 UID: 0 PID: 31770 Comm: syz.2.8980 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1011.693796][T31770] Tainted: [L]=SOFTLOCKUP
[ 1011.693800][T31770] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1011.693807][T31770] Call Trace:
[ 1011.693812][T31770]  <TASK>
[ 1011.693817][T31770]  dump_stack_lvl+0x100/0x190
[ 1011.693834][T31770]  warn_alloc.cold+0x95/0x1c1
[ 1011.693847][T31770]  ? __pfx_warn_alloc+0x10/0x10
[ 1011.693878][T31770]  ? __pfx___might_resched+0x10/0x10
[ 1011.693895][T31770]  __alloc_frozen_pages_noprof+0xf25/0x2bc0
[ 1011.693920][T31770]  ? __lock_acquire+0x4a5/0x2630
[ 1011.693932][T31770]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1011.693952][T31770]  ? __lock_acquire+0x4a5/0x2630
[ 1011.693970][T31770]  ? find_held_lock+0x2b/0x80
[ 1011.693985][T31770]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1011.694004][T31770]  ? policy_nodemask+0xed/0x4f0
[ 1011.694019][T31770]  alloc_pages_mpol+0x1fb/0x540
[ 1011.694033][T31770]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1011.694046][T31770]  ? arch_stack_walk+0xa6/0xf0
[ 1011.694063][T31770]  ? wiphy_new_nm+0x701/0x21a0
[ 1011.694081][T31770]  ___kmalloc_large_node+0xe5/0x120
[ 1011.694097][T31770]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[ 1011.694113][T31770]  __kmalloc_large_node_noprof+0x1c/0x70
[ 1011.694129][T31770]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[ 1011.694144][T31770]  __kmalloc_noprof+0x5be/0x850
[ 1011.694164][T31770]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[ 1011.694180][T31770]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[ 1011.694195][T31770]  ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10
[ 1011.694213][T31770]  wiphy_new_nm+0x701/0x21a0
[ 1011.694231][T31770]  ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10
[ 1011.694248][T31770]  ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10
[ 1011.694263][T31770]  ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10
[ 1011.694280][T31770]  ieee80211_alloc_hw_nm+0x1afc/0x22e0
[ 1011.694295][T31770]  ? __local_bh_enable_ip+0x9e/0x120
[ 1011.694313][T31770]  mac80211_hwsim_new_radio+0x1de/0x5ae0
[ 1011.694332][T31770]  ? __asan_memset+0x23/0x50
[ 1011.694349][T31770]  ? __nla_validate_parse+0x1e7/0x28b0
[ 1011.694365][T31770]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1011.694381][T31770]  hwsim_new_radio_nl+0xc5f/0x1370
[ 1011.694392][T31770]  ? rcu_is_watching+0x12/0xc0
[ 1011.694407][T31770]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1011.694422][T31770]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0
[ 1011.694441][T31770]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0
[ 1011.694461][T31770]  genl_family_rcv_msg_doit+0x214/0x300
[ 1011.694480][T31770]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1011.694496][T31770]  ? genl_get_cmd+0x3e7/0x760
[ 1011.694515][T31770]  ? bpf_lsm_capable+0x9/0x10
[ 1011.694528][T31770]  ? security_capable+0x80/0x260
[ 1011.694545][T31770]  ? ns_capable+0xd2/0xf0
[ 1011.694560][T31770]  genl_rcv_msg+0x560/0x800
[ 1011.694578][T31770]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1011.694595][T31770]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1011.694611][T31770]  netlink_rcv_skb+0x159/0x420
[ 1011.694626][T31770]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1011.694643][T31770]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1011.694663][T31770]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1011.694679][T31770]  genl_rcv+0x28/0x40
[ 1011.694693][T31770]  netlink_unicast+0x585/0x850
[ 1011.694710][T31770]  ? __pfx_netlink_unicast+0x10/0x10
[ 1011.694729][T31770]  netlink_sendmsg+0x8b0/0xda0
[ 1011.694746][T31770]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1011.694762][T31770]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1011.694781][T31770]  ____sys_sendmsg+0x9e1/0xb70
[ 1011.694806][T31770]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1011.694825][T31770]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1011.694842][T31770]  ? try_to_wake_up+0x5f6/0x1900
[ 1011.694861][T31770]  ___sys_sendmsg+0x190/0x1e0
[ 1011.694881][T31770]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1011.694896][T31770]  ? futex_private_hash_put+0x107/0x1c0
[ 1011.694922][T31770]  ? find_held_lock+0x2b/0x80
[ 1011.694946][T31770]  __sys_sendmsg+0x170/0x220
[ 1011.694957][T31770]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1011.694975][T31770]  ? rcu_is_watching+0x12/0xc0
[ 1011.694990][T31770]  __do_fast_syscall_32+0xe7/0x950
[ 1011.695007][T31770]  do_fast_syscall_32+0x32/0x70
[ 1011.695022][T31770]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1011.695037][T31770] RIP: 0023:0xf7f58fcc
[ 1011.695047][T31770] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[ 1011.695058][T31770] RSP: 002b:00000000f53f550c EFLAGS: 00000292 ORIG_RAX: 0000000000000172
[ 1011.695069][T31770] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000100
[ 1011.695076][T31770] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1011.695083][T31770] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1011.695089][T31770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1011.695095][T31770] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1011.695110][T31770]  </TASK>
[ 1011.699704][T31770] Mem-Info:
[ 1011.894722][T31770] active_anon:4224 inactive_anon:4976 isolated_anon:0
[ 1011.894722][T31770]  active_file:1615 inactive_file:8991 isolated_file:0
[ 1011.894722][T31770]  unevictable:1768 dirty:67 writeback:0
[ 1011.894722][T31770]  slab_reclaimable:7600 slab_unreclaimable:97665
[ 1011.894722][T31770]  mapped:28994 shmem:8858 pagetables:1974
[ 1011.894722][T31770]  sec_pagetables:392 bounce:0
[ 1011.894722][T31770]  kernel_misc_reclaimable:0
[ 1011.894722][T31770]  free:21011 free_pcp:2505 free_cma:0
[ 1011.917160][T31770] Node 0 active_anon:2116kB inactive_anon:5360kB active_file:4268kB inactive_file:6560kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2336kB dirty:28kB writeback:0kB shmem:10804kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8704kB pagetables:1372kB sec_pagetables:1208kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[ 1011.931626][T31770] Node 1 active_anon:15348kB inactive_anon:14084kB active_file:2292kB inactive_file:29304kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:113740kB dirty:240kB writeback:0kB shmem:24828kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:10776kB pagetables:6524kB sec_pagetables:360kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[ 1011.946090][T31770] Node 0 DMA free:1604kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:1288kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1011.959068][T31770] lowmem_reserve[]: 0 285 285 285 285
[ 1011.961782][T31770] Node 0 DMA32 free:8600kB boost:29452kB min:42544kB low:45816kB high:49088kB reserved_highatomic:0KB free_highatomic:0KB active_anon:2112kB inactive_anon:5360kB active_file:4268kB inactive_file:5272kB unevictable:3536kB writepending:28kB zspages:852kB present:1032196kB managed:292680kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[ 1011.980631][T31770] lowmem_reserve[]: 0 0 0 0 0
[ 1011.982896][T31770] Node 1 DMA32 free:70768kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16016kB inactive_anon:13644kB active_file:4292kB inactive_file:29104kB unevictable:3536kB writepending:240kB zspages:5840kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:10764kB local_pcp:644kB free_cma:0kB
[ 1011.996761][T31770] lowmem_reserve[]: 0 0 0 0 0
[ 1011.998995][T31770] Node 0 DMA: 176*4kB (U) 40*8kB (UM) 15*16kB (UM) 7*32kB (U) 2*64kB (U) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 1616kB
[ 1012.005181][T31770] Node 0 DMA32: 50*4kB (U) 97*8kB (UME) 115*16kB (UME) 68*32kB (UME) 20*64kB (UME) 8*128kB (UE) 1*256kB (U) 2*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 8576kB
[ 1012.012122][T31770] Node 1 DMA32: 5*4kB (U) 1856*8kB (U) 3479*16kB (U) 8*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 70788kB
[ 1012.018027][T31770] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1012.022279][T31770] Node 0 hugepages_total=1 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1012.026338][T31770] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1012.030469][T31770] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[ 1012.034564][T31770] 21452 total pagecache pages
[ 1012.036736][T31770] 1732 pages in swap cache
[ 1012.038752][T31770] Free swap  = 49976kB
[ 1012.040669][T31770] Total swap = 124996kB
[ 1012.042608][T31770] 524155 pages RAM
[ 1012.044354][T31770] 0 pages HighMem/MovableOnly
[ 1012.046573][T31770] 210092 pages reserved
[ 1012.048475][T31770] 0 pages cma reserved
[ 1012.529196][T31769] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1012.539895][T31769] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[ 1012.543518][T31769] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1012.595976][T31778] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1013.598447][T31794] erspan0: left promiscuous mode
[ 1013.627347][T31794] bond0: left promiscuous mode
[ 1013.688566][T31794] bond36: left promiscuous mode
[ 1013.693096][T31794] bridge20: left promiscuous mode
[ 1013.707727][T31794] bond37: left promiscuous mode
[ 1013.718808][T31794] bond38: left promiscuous mode
[ 1013.724092][T31794] bridge21: left promiscuous mode
[ 1013.747210][T31794] bond39: left promiscuous mode
[ 1013.752480][  T842] usb 8-1: new high-speed USB device number 35 using dummy_hcd
[ 1013.768196][T31794] macsec0: left promiscuous mode
[ 1013.778132][T31794] bond43: left promiscuous mode
[ 1013.784663][T31794] bridge23: left promiscuous mode
[ 1013.919992][  T842] usb 8-1: Using ep0 maxpacket: 16
[ 1013.924472][  T842] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1013.930274][  T842] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1013.933264][  T842] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1013.937197][  T842] usb 8-1: Product: syz
[ 1013.938578][  T842] usb 8-1: Manufacturer: syz
[ 1013.942080][  T842] usb 8-1: SerialNumber: syz
[ 1013.945830][  T842] usb 8-1: config 0 descriptor??
[ 1013.953558][  T842] em28xx 8-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1013.957865][  T842] em28xx 8-1:0.0: DVB interface 0 found: bulk
[ 1014.695591][  T842] em28xx 8-1:0.0: unknown em28xx chip ID (0)
[ 1014.944583][T31807] overlayfs: failed to clone upperpath
[ 1015.137289][  T842] em28xx 8-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 1015.145234][  T842] em28xx 8-1:0.0: board has no eeprom
[ 1015.230613][  T842] em28xx 8-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[ 1015.235242][  T842] em28xx 8-1:0.0: dvb set to bulk mode.
[ 1015.239089][T15092] em28xx 8-1:0.0: Binding DVB extension
[ 1015.249612][  T842] usb 8-1: USB disconnect, device number 35
[ 1015.258368][  T842] em28xx 8-1:0.0: Disconnecting em28xx
[ 1015.352540][T15092] ------------[ cut here ]------------
[ 1015.354896][T15092] !PageLargeKmalloc(page)
[ 1015.354908][T15092] WARNING: mm/slub.c:6471 at free_large_kmalloc+0xbf/0x100, CPU#2: kworker/2:7/15092
[ 1015.360792][T15092] Modules linked in:
[ 1015.365822][T15092] CPU: 2 UID: 0 PID: 15092 Comm: kworker/2:7 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1015.370950][T15092] Tainted: [L]=SOFTLOCKUP
[ 1015.372788][T15092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1015.376454][T15092] Workqueue: events request_module_async
[ 1015.378959][T15092] RIP: 0010:free_large_kmalloc+0xbf/0x100
[ 1015.381748][T15092] Code: 28 90 0f 0b 90 80 3d 1d a6 57 0e 00 0f 84 87 e1 bb fe 48 8b 74 24 28 48 89 ef e8 ec fe 0b 00 b8 00 f0 ff ff 45 31 ed eb 9d 90 <0f> 0b 90 48 83 c4 08 48 89 df 48 c7 c6 89 57 f0 8d 5b 5d 41 5c 41
[ 1015.389461][T15092] RSP: 0000:ffffc90003527810 EFLAGS: 00010293
[ 1015.392465][T15092] RAX: 00000000000000f0 RBX: ffffea0001c39c00 RCX: 000000000000002e
[ 1015.395835][T15092] RDX: 0000000000000000 RSI: ffff888070e70000 RDI: ffffea0001c39c00
[ 1015.399131][T15092] RBP: ffff888070e70000 R08: 0000000000000005 R09: 0000000000000000
[ 1015.402585][T15092] R10: ffffffffffffffff R11: dffffc0000000000 R12: ffff8880544f9e98
[ 1015.405977][T15092] R13: ffff888059b02c00 R14: dffffc0000000000 R15: ffffed100a89f3d5
[ 1015.408935][T15092] FS:  0000000000000000(0000) GS:ffff888097380000(0000) knlGS:0000000000000000
[ 1015.412745][T15092] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1015.415575][T15092] CR2: 000000008011b018 CR3: 000000007099f000 CR4: 0000000000352ef0
[ 1015.418623][T15092] Call Trace:
[ 1015.419662][T15092]  <TASK>
[ 1015.420988][T15092]  usb_free_urb.part.0+0xf8/0x110
[ 1015.422830][T15092]  usb_free_urb+0x1f/0x30
[ 1015.424681][T15092]  em28xx_uninit_usb_xfer+0xf3/0x360
[ 1015.426534][T15092]  em28xx_alloc_urbs+0xb43/0xf60
[ 1015.428491][T15092]  ? kasan_save_track+0x14/0x30
[ 1015.430654][T15092]  ? __pfx_em28xx_dvb_init+0x10/0x10
[ 1015.432831][T15092]  em28xx_dvb_init.cold+0x1f2/0x7391
[ 1015.434874][T15092]  ? lock_acquire+0x1b1/0x370
[ 1015.436859][T15092]  ? __pfx_em28xx_dvb_init+0x10/0x10
[ 1015.438685][T15092]  ? rcu_is_watching+0x12/0xc0
[ 1015.440463][T15092]  ? trace_contention_end+0x122/0x170
[ 1015.442821][T15092]  ? __mutex_lock+0x26d/0x1b10
[ 1015.444983][T15092]  ? em28xx_init_extension+0x2f/0x200
[ 1015.447071][T15092]  ? register_lock_class+0x40/0x560
[ 1015.448974][T15092]  ? do_raw_spin_lock+0x128/0x260
[ 1015.450915][T15092]  ? em28xx_audio_init+0x132/0x1a0
[ 1015.452973][T15092]  ? __pfx___mutex_lock+0x10/0x10
[ 1015.455088][T15092]  ? em28xx_v4l2_init+0x89/0xb0
[ 1015.457149][T15092]  ? __pfx_em28xx_audio_init+0x10/0x10
[ 1015.458951][T15092]  ? __pfx_em28xx_dvb_init+0x10/0x10
[ 1015.461101][T15092]  em28xx_init_extension+0x13a/0x200
[ 1015.463299][T15092]  request_module_async+0x61/0x80
[ 1015.465407][T15092]  process_one_work+0xa0e/0x1980
[ 1015.467309][T15092]  ? __pfx_process_one_work+0x10/0x10
[ 1015.469456][T15092]  ? __pfx_request_module_async+0x10/0x10
[ 1015.471771][T15092]  worker_thread+0x5ef/0xe50
[ 1015.473664][T15092]  ? kthread+0x13a/0x450
[ 1015.475407][T15092]  ? __pfx_worker_thread+0x10/0x10
[ 1015.477559][T15092]  kthread+0x370/0x450
[ 1015.478886][T15092]  ? __pfx_kthread+0x10/0x10
[ 1015.480773][T15092]  ret_from_fork+0x72b/0xd50
[ 1015.482825][T15092]  ? __pfx_ret_from_fork+0x10/0x10
[ 1015.484506][T15092]  ? __switch_to+0x800/0x1100
[ 1015.486465][T15092]  ? __pfx_kthread+0x10/0x10
[ 1015.488445][T15092]  ret_from_fork_asm+0x1a/0x30
[ 1015.490533][T15092]  </TASK>
[ 1015.491902][T15092] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1015.494555][T15092] CPU: 2 UID: 0 PID: 15092 Comm: kworker/2:7 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1015.498608][T15092] Tainted: [L]=SOFTLOCKUP
[ 1015.500405][T15092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 1015.504124][T15092] Workqueue: events request_module_async
[ 1015.506224][T15092] Call Trace:
[ 1015.507465][T15092]  <TASK>
[ 1015.508739][T15092]  dump_stack_lvl+0x100/0x190
[ 1015.510729][T15092]  vpanic+0x552/0x970
[ 1015.512298][T15092]  ? __pfx_vpanic+0x10/0x10
[ 1015.514097][T15092]  panic+0xd1/0xe0
[ 1015.515375][T15092]  ? __pfx_panic+0x10/0x10
[ 1015.517052][T15092]  ? check_panic_on_warn+0x1f/0x90
[ 1015.519110][T15092]  check_panic_on_warn.cold+0x19/0x34
[ 1015.521248][T15092]  ? free_large_kmalloc+0xbf/0x100
[ 1015.523351][T15092]  __warn.cold+0x191/0x328
[ 1015.525154][T15092]  __report_bug+0x296/0x3d0
[ 1015.526756][T15092]  ? free_large_kmalloc+0xbf/0x100
[ 1015.528667][T15092]  ? __pfx___report_bug+0x10/0x10
[ 1015.530395][T15092]  ? lock_acquire+0x1b1/0x370
[ 1015.531964][T15092]  ? find_held_lock+0x2b/0x80
[ 1015.533938][T15092]  ? __free_one_page+0x109/0x1090
[ 1015.535806][T15092]  ? __free_one_page+0x109/0x1090
[ 1015.537521][T15092]  ? free_large_kmalloc+0xbf/0x100
[ 1015.539545][T15092]  report_bug+0xb2/0x220
[ 1015.541344][T15092]  ? free_large_kmalloc+0xbf/0x100
[ 1015.543204][T15092]  handle_bug+0x16a/0x2a0
[ 1015.544929][T15092]  exc_invalid_op+0x17/0x50
[ 1015.546716][T15092]  asm_exc_invalid_op+0x1a/0x20
[ 1015.548308][T15092] RIP: 0010:free_large_kmalloc+0xbf/0x100
[ 1015.550700][T15092] Code: 28 90 0f 0b 90 80 3d 1d a6 57 0e 00 0f 84 87 e1 bb fe 48 8b 74 24 28 48 89 ef e8 ec fe 0b 00 b8 00 f0 ff ff 45 31 ed eb 9d 90 <0f> 0b 90 48 83 c4 08 48 89 df 48 c7 c6 89 57 f0 8d 5b 5d 41 5c 41
[ 1015.557834][T15092] RSP: 0000:ffffc90003527810 EFLAGS: 00010293
[ 1015.560116][T15092] RAX: 00000000000000f0 RBX: ffffea0001c39c00 RCX: 000000000000002e
[ 1015.563005][T15092] RDX: 0000000000000000 RSI: ffff888070e70000 RDI: ffffea0001c39c00
[ 1015.565923][T15092] RBP: ffff888070e70000 R08: 0000000000000005 R09: 0000000000000000
[ 1015.568894][T15092] R10: ffffffffffffffff R11: dffffc0000000000 R12: ffff8880544f9e98
[ 1015.571809][T15092] R13: ffff888059b02c00 R14: dffffc0000000000 R15: ffffed100a89f3d5
[ 1015.574718][T15092]  usb_free_urb.part.0+0xf8/0x110
[ 1015.576598][T15092]  usb_free_urb+0x1f/0x30
[ 1015.578206][T15092]  em28xx_uninit_usb_xfer+0xf3/0x360
[ 1015.580177][T15092]  em28xx_alloc_urbs+0xb43/0xf60
[ 1015.582012][T15092]  ? kasan_save_track+0x14/0x30
[ 1015.583819][T15092]  ? __pfx_em28xx_dvb_init+0x10/0x10
[ 1015.585783][T15092]  em28xx_dvb_init.cold+0x1f2/0x7391
[ 1015.587740][T15092]  ? lock_acquire+0x1b1/0x370
[ 1015.589486][T15092]  ? __pfx_em28xx_dvb_init+0x10/0x10
[ 1015.591441][T15092]  ? rcu_is_watching+0x12/0xc0
[ 1015.593228][T15092]  ? trace_contention_end+0x122/0x170
[ 1015.595212][T15092]  ? __mutex_lock+0x26d/0x1b10
[ 1015.596995][T15092]  ? em28xx_init_extension+0x2f/0x200
[ 1015.598972][T15092]  ? register_lock_class+0x40/0x560
[ 1015.600930][T15092]  ? do_raw_spin_lock+0x128/0x260
[ 1015.602796][T15092]  ? em28xx_audio_init+0x132/0x1a0
[ 1015.604713][T15092]  ? __pfx___mutex_lock+0x10/0x10
[ 1015.606596][T15092]  ? em28xx_v4l2_init+0x89/0xb0
[ 1015.608432][T15092]  ? __pfx_em28xx_audio_init+0x10/0x10
[ 1015.610447][T15092]  ? __pfx_em28xx_dvb_init+0x10/0x10
[ 1015.612429][T15092]  em28xx_init_extension+0x13a/0x200
[ 1015.614370][T15092]  request_module_async+0x61/0x80
[ 1015.616240][T15092]  process_one_work+0xa0e/0x1980
[ 1015.618093][T15092]  ? __pfx_process_one_work+0x10/0x10
[ 1015.620121][T15092]  ? __pfx_request_module_async+0x10/0x10
[ 1015.622222][T15092]  worker_thread+0x5ef/0xe50
[ 1015.623960][T15092]  ? kthread+0x13a/0x450
[ 1015.625541][T15092]  ? __pfx_worker_thread+0x10/0x10
[ 1015.627438][T15092]  kthread+0x370/0x450
[ 1015.628979][T15092]  ? __pfx_kthread+0x10/0x10
[ 1015.630704][T15092]  ret_from_fork+0x72b/0xd50
[ 1015.632439][T15092]  ? __pfx_ret_from_fork+0x10/0x10
[ 1015.634335][T15092]  ? __switch_to+0x800/0x1100
[ 1015.636107][T15092]  ? __pfx_kthread+0x10/0x10
[ 1015.637823][T15092]  ret_from_fork_asm+0x1a/0x30
[ 1015.639626][T15092]  </TASK>
[ 1015.641541][T15092] Kernel Offset: disabled
[ 1015.642925][T15092] Rebooting in 86400 seconds..