last executing test programs:

12m9.397018203s ago: executing program 1 (id=598):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r0, 0xc0405665, &(0x7f0000000040)={0x1bc8, 0x2, 0x7, 0x21, 0x8, 0x1, 0xa})
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r0, 0x80845663, &(0x7f00000004c0))
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, 0x0)
r2 = openat$cdrom(0xffffff9c, &(0x7f0000000140), 0x2800, 0x0)
ioctl$CDROMRESET(r2, 0x5312)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000180)={'pcl818\x00', [0x8001, 0xfe, 0x1, 0x0, 0x0, 0xcc7, 0x8, 0x1, 0x1, 0x33b6, 0x9, 0x5, 0x4000a, 0x2, 0x6, 0x6, 0x0, 0x9, 0x43, 0x40000003, 0x89, 0x9, 0xf27, 0x6, 0x800b, 0xa, 0x5, 0x6, 0x8, 0x10000, 0xfffffff4]})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000200)={0xc0, 0x0, 0x0, 0x80, 0x1000})
r4 = syz_open_dev$vcsn(&(0x7f0000000100), 0x7, 0x4000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffc}, [@call={0x85, 0x0, 0x0, 0xa0}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa687}, 0x94)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r4, 0x660c)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
ioctl$VIDIOC_QUERYBUF(r3, 0xc04c5609, &(0x7f0000000140)=@multiplanar_mmap={0x80, 0xc, 0x4, 0x20, 0x6, {0x77359400}, {0x1, 0xc, 0x7, 0x9, 0x8, 0xd, "c940da33"}, 0x11ce, 0x1, {&(0x7f0000000080)=[{0x7, 0xf71, {0x9961}, 0x3ff}, {0x1, 0x8, {0x9}, 0xfffffffa}]}, 0x1, 0x0, r4})
r6 = openat$iommufd(0xffffff9c, &(0x7f0000000240), 0x100, 0x0)
fsetxattr$security_ima(r6, &(0x7f0000000280), &(0x7f00000002c0)=@v1={0x2, "68853103f5728c7a456b78a3b0fe7c92"}, 0x11, 0x2)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000000300)={'wg2\x00', <r7=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@bloom_filter={0x1e, 0x7, 0xa, 0xaf5, 0x10, 0xffffffffffffffff, 0x5, '\x00', r7, r4, 0x2, 0x4, 0x5, 0x6}, 0x50)

12m9.186694727s ago: executing program 1 (id=600):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f00000009c0)=ANY=[@ANYBLOB="340000006800010900000000000000000000000000000000060003000000000014000200ffffffffffff"], 0x34}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000010c0)={0x2020, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x2020)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f0000000280)=r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020200600000000000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020642500000000002020207b1ae8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
syslog(0x9, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="0022f300"/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r6}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000004f000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000800b8fd6eca0000a50000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0x0, 0xe80, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x6}, 0x48)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000380)={r8, 0x58, &(0x7f0000000140)}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_STATS(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x5, 0x1, 0x101}, 0x14}}, 0x4040000)
sendmsg$IPSET_CMD_DESTROY(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d40)=ANY=[@ANYBLOB="280000000306010800000000000000000200000305000100070000000900020073797a32"], 0x28}, 0x1, 0x0, 0x0, 0x40004}, 0x40080d0)

12m8.056451107s ago: executing program 1 (id=606):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r0, &(0x7f0000001180)='hugetlb.2MB.rsvd.limit_in_bytes\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_NMI(r1, 0xae9a)
r2 = socket$inet_icmp(0x2, 0x2, 0x1)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r3, &(0x7f0000000b80)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001114013f27bd7000fcdbdf2508004a0002000000080003003f00000008004b0013000000080001"], 0x30}, 0x1, 0x0, 0x0, 0x4000004}, 0x80)
setsockopt$netlink_NETLINK_CAP_ACK(r3, 0x10e, 0xa, &(0x7f0000000140)=0x4, 0x4)
getsockopt$IPT_SO_GET_REVISION_TARGET(r2, 0x0, 0x43, 0x0, &(0x7f0000000080))
r4 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCSWINSZ(r4, 0x5414, &(0x7f0000000000)={0xfff, 0x5f91, 0x5, 0x7})
writev(r4, &(0x7f00000001c0), 0x1)
r5 = openat$dlm_monitor(0xffffff9c, &(0x7f00000000c0), 0x2c8042, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r5, 0x18, &(0x7f0000000100)={0xffffffffffffff81, r2, 0x10, {0x10, 0x200}, 0x5}, 0x1)

12m7.926730092s ago: executing program 1 (id=608):
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x2)
r0 = syz_open_dev$vcsa(&(0x7f0000000300), 0x1, 0x102)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040))
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async)
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r4, 0xc0189377, &(0x7f0000000100)={{0x1, 0x1, 0x18, r3, {0xb, 0x8}}, './file0\x00'}) (async)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r4, 0xc0189377, &(0x7f0000000100)={{0x1, 0x1, 0x18, r3, {0xb, 0x8}}, './file0\x00'})
socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_REG(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)={0x14, r2, 0x1, 0x8070bd27, 0x25dfdc00}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
r6 = dup(r1)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000000040)=@updsa={0x104, 0x1a, 0x1, 0x0, 0x0, {{@in6=@ipv4, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, 0x4d3, 0x3c}, @in6=@remote, {}, {}, {}, 0x0, 0x0, 0xa}, [@coaddr={0x14, 0xe, @in=@broadcast}]}, 0x104}}, 0x0) (async)
sendmsg$nl_xfrm(r7, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000000040)=@updsa={0x104, 0x1a, 0x1, 0x0, 0x0, {{@in6=@ipv4, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, 0x4d3, 0x3c}, @in6=@remote, {}, {}, {}, 0x0, 0x0, 0xa}, [@coaddr={0x14, 0xe, @in=@broadcast}]}, 0x104}}, 0x0)
r8 = openat$nmem0(0xffffff9c, &(0x7f0000000000), 0x800, 0x0)
r9 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r9) (async)
ptrace(0x10, r9)
ptrace$pokeuser(0x6, r9, 0x118, 0x137db)
ptrace$pokeuser(0x6, r9, 0x118, 0x6000003f)
futimesat(r8, &(0x7f0000000140)='./file0\x00', &(0x7f0000000200)={{}, {0x0, 0x2710}}) (async)
futimesat(r8, &(0x7f0000000140)='./file0\x00', &(0x7f0000000200)={{}, {0x0, 0x2710}})
ioctl$TCSETSW2(r6, 0x402c542c, &(0x7f0000000240)={0x8001, 0xffffffff, 0x9, 0x1, 0x0, "7802a21f6f528211e7e9cdb7d552cbe990e616", 0x9, 0x4}) (async)
ioctl$TCSETSW2(r6, 0x402c542c, &(0x7f0000000240)={0x8001, 0xffffffff, 0x9, 0x1, 0x0, "7802a21f6f528211e7e9cdb7d552cbe990e616", 0x9, 0x4})
write$UHID_INPUT(r6, &(0x7f0000002080)={0x200f, {"20e30a30ed0d09f91b5e070987f70e06d038e7ff7fc6e5539b0d3e0e8b089b3f363063030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c526db51b1b5b31070d0773090acd3b78130daa61d8e8040001000000b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19300305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f6709000000a141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a027d5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf050000008000000000f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b3f3f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7af1d0e54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c01008e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2f5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d21488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e1a63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e09d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a603336c00000077cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046ca5b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe6531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e6586df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59555e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0d8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb601203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f900000930dedf800", 0x1000}}, 0x1006)
write(r0, &(0x7f0000000040)="1c0000001a", 0x5)

12m7.74483027s ago: executing program 1 (id=612):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
recvmmsg(r0, &(0x7f0000001e00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0xa}], 0x1, 0x0, 0x0)
setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000000)=0x6, 0x4)
sendto$inet(r0, &(0x7f0000000040)='\f\x00', 0xffeb, 0x0, &(0x7f0000000340), 0x10)

12m7.536873283s ago: executing program 1 (id=614):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1, 0x4, 0xdd, 0xa, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa}, [@call={0x85, 0x0, 0x0, 0x11}]}, 0x0, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x22, 0x4, 0x7fe2, 0x1}, 0x50)

12m7.480767891s ago: executing program 32 (id=614):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1, 0x4, 0xdd, 0xa, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa}, [@call={0x85, 0x0, 0x0, 0x11}]}, 0x0, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x22, 0x4, 0x7fe2, 0x1}, 0x50)

11m52.220710127s ago: executing program 3 (id=725):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
madvise(&(0x7f0000ff8000/0x8000)=nil, 0x8000, 0x9)
r1 = socket(0x840000000002, 0x3, 0xff)
sendmmsg$inet(r1, 0x0, 0x0, 0x4004040)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, 0x0, 0x4040080)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap(&(0x7f0000400000/0x3000)=nil, 0x3000, 0x2000009, 0x4d032, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x672, 0x200)
ioctl$EVIOCGMTSLOTS(r4, 0x8040450a, &(0x7f0000000100)=""/218)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
madvise(&(0x7f0000400000/0x3000)=nil, 0x3000, 0xb)
r5 = syz_open_dev$dri(&(0x7f0000002580), 0x200, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r5, 0xc06864a2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, "427f4d0561864078b7f952fc7ebbfea1deee063e520cc38c6a002000"}})
read(0xffffffffffffffff, 0x0, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)

11m51.727248235s ago: executing program 3 (id=730):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000012c0), 0x8000, 0x0)
ioctl$RTC_PIE_OFF(r1, 0x7006)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$VIDIOC_S_AUDOUT(0xffffffffffffffff, 0x40345632, &(0x7f00000002c0)={0x0, "fbd78df8363b88d9c3a4cae9b29b529de5e20000000000001400", 0x3})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffffffffffcfe, &(0x7f00000000c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
setsockopt$X25_QBITINCL(r2, 0x106, 0x1, &(0x7f0000001500), 0x4)
r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x1)
r4 = socket(0x18, 0x3, 0x1)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
ioctl(r1, 0xffffffff, &(0x7f0000002080))
r5 = io_uring_setup(0x1d34, 0x0)
syz_io_uring_setup(0x49e, &(0x7f0000000380)={0x0, 0x388e, 0x400, 0x0, 0x8019d, 0x0, r5}, 0x0, &(0x7f0000000440))
sendmsg$TIPC_NL_NET_GET(r4, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)={0x1f0, 0x0, 0x22a, 0x70bd2a, 0x25dfdbfb, {}, [@TIPC_NLA_SOCK={0x60, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}, @TIPC_NLA_SOCK_CON={0x54, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0xcf26}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8001}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xfffffff9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2c}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x34c7fb27}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x8}]}]}, @TIPC_NLA_BEARER={0x74, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'ib', 0x3a, 'macvlan1\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0xfffff8af, @empty, 0x4f1}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}, 0x8}}}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xffff0000}]}, @TIPC_NLA_NODE={0xcc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x7}, @TIPC_NLA_NODE_ID={0xb5, 0x3, "95bdb858fda82909cd3a4fd7829a60301ce44a94c9cc2adb53b94183762de0868f8648b51885b78f50c906b9fe218f970115506dc7667000189a00e6ec27a5ad7ed313732ad95b93efdec387f9fa9defc528661b74a544b9a6e4d95f64caa6c58aa12457b3f19d1e2d0d82ddf73f71757762864beb0c867a02a86cdc7d459c6813ee8fd9a509c253a0236ba5997d8727da2bc6fd41d8af15332d4aa80f1ec1d5ee6bfd2d745e111106810760a460cf8e92"}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_BEARER={0x30, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xf, 0x1, @l2={'ib', 0x3a, 'ipvlan1\x00'}}, @TIPC_NLA_BEARER_NAME={0x13, 0x1, @l2={'eth', 0x3a, 'ip6erspan0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xffffff2a}]}, @TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}]}]}, 0x1f0}, 0x1, 0x0, 0x0, 0x20024800}, 0x20008010)
syz_open_dev$vim2m(&(0x7f0000000180), 0x0, 0x2)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x7, &(0x7f0000000040)=@framed={{0x18, 0x7}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00'}, 0x94)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00')
socket(0x23, 0x2, 0x1)

11m50.733276992s ago: executing program 3 (id=735):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0xffffa888}, 0x20000880)
r0 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000000), 0x2503, 0x0)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000000), 0x8)
open_tree(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x3, 0x13, &(0x7f0000000500)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0xe}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/179, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x12, 0x0, 0x0, 0xc89a08b881684f43, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000000002)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0xfffffff7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000e40)={0x0, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f00000000c0)='test_dummy_encryption', &(0x7f0000000180)='v1to_da_alloc', 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000e00)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, 0x0, 0x0)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @remote}, 0x10)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x4, @multicast2}, 0x10)
r7 = fsopen(&(0x7f0000000080)='adfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000140))

11m50.445747625s ago: executing program 3 (id=737):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f00000007c0)='./file0/file0\x00', 0x0, 0x1000, 0x0)
mount$bind(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000440)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10a5840, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', r1, &(0x7f0000000640)='./file0/file0\x00', 0x272)
stat(0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000200)=0x1, 0x12)

11m50.323864743s ago: executing program 3 (id=738):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
madvise(&(0x7f0000ff8000/0x8000)=nil, 0x8000, 0x9)
r1 = socket(0x840000000002, 0x3, 0xff)
sendmmsg$inet(r1, 0x0, 0x0, 0x4004040)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, 0x0, 0x4040080)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap(&(0x7f0000400000/0x3000)=nil, 0x3000, 0x2000009, 0x4d032, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x672, 0x200)
ioctl$EVIOCGMTSLOTS(r4, 0x8040450a, &(0x7f0000000100)=""/218)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
madvise(&(0x7f0000400000/0x3000)=nil, 0x3000, 0xb)
r5 = syz_open_dev$dri(&(0x7f0000002580), 0x200, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r5, 0xc06864a2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, "427f4d0561864078b7f952fc7ebbfea1deee063e520cc38c6a002000"}})
read(0xffffffffffffffff, 0x0, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)

11m50.073773145s ago: executing program 3 (id=739):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0xffffa888}, 0x20000880)
r0 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000000), 0x2503, 0x0)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000000), 0x8)
open_tree(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x3, 0x13, &(0x7f0000000500)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0xe}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/179, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x12, 0x0, 0x0, 0xc89a08b881684f43, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000000002)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0xfffffff7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000e40)={0x0, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f00000000c0)='test_dummy_encryption', &(0x7f0000000180)='v1to_da_alloc', 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000e00)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, 0x0, 0x0)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @remote}, 0x10)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x4, @multicast2}, 0x10)
r7 = fsopen(&(0x7f0000000080)='adfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1900000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="000000000000000000e800"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000140))

11m49.972568327s ago: executing program 33 (id=739):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0xffffa888}, 0x20000880)
r0 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000000), 0x2503, 0x0)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000000), 0x8)
open_tree(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x3, 0x13, &(0x7f0000000500)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0xe}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/179, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x12, 0x0, 0x0, 0xc89a08b881684f43, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000000002)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0xfffffff7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000e40)={0x0, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f00000000c0)='test_dummy_encryption', &(0x7f0000000180)='v1to_da_alloc', 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000e00)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, 0x0, 0x0)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @remote}, 0x10)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x4, @multicast2}, 0x10)
r7 = fsopen(&(0x7f0000000080)='adfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1900000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="000000000000000000e800"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000140))

8m56.175038125s ago: executing program 0 (id=1396):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='blkio.bfq.time_recursive\x00', 0x0, 0x0)
preadv2(r1, &(0x7f0000000500)=[{&(0x7f0000000100)=""/65, 0x41}], 0x1, 0x1, 0x0, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/power/pm_debug_messages', 0x48e80, 0x10)
r3 = dup(r2)
r4 = syz_io_uring_setup(0x1191, &(0x7f00000000c0)={0x0, 0x8d2dc, 0x0, 0xffffffff, 0x1fd}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000200)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r3, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r4, 0x47f5, 0x0, 0x0, 0x0, 0x0)

8m55.873791642s ago: executing program 0 (id=1398):
close(0xffffffffffffffff)
r0 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000003400), 0x42300, 0x0)
listen(0xffffffffffffffff, 0x8)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000003b40)=0x4000000)
close(0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
recvmsg$kcm(r2, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
unshare(0x200)
syz_80211_join_ibss(0x0, &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0)
io_setup(0x222, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000000540)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xc, 0xb9, &(0x7f0000000140)=""/185, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_clock_offset={{0x1c, 0x5}, {0x0, 0xc9, 0x81ad}}}, 0x8)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000580)={{0x7f, 0x45, 0x4c, 0x46, 0x60, 0x6, 0x0, 0xb, 0x100, 0x3, 0x3e, 0x9, 0x382, 0x34, 0x2b9, 0x6, 0xcbf4, 0x20, 0x3, 0x1ff, 0x9}, [{0x3, 0xb, 0xe4, 0xfffffffe, 0x4, 0xa5, 0x6f8a, 0x80000000}, {0x2, 0x1000, 0xfffffffb, 0x7, 0x9, 0xc, 0x4, 0x6}, {0x7, 0x4, 0x1, 0x1, 0x1, 0x0, 0x0, 0x74f00000}], "d7fc44ada7c138281c631c98eab99f490d11a83f88b9638a6ac80ee55534240e3730757b763344d2453d606378a65ee67d24d058b41c4a66696350c9f9f764338edb6d642b50e5f1a2f3b6492bfae22323a73c2a5015609c7010d89f7cf094dcf7f9fc984248a5bbc69856ec22723c1cbd4d9e8a98fd1010"}, 0x10c)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)

8m54.792247412s ago: executing program 0 (id=1401):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x18, 0x1414, 0x211, 0x0, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x18}}, 0x0)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000240), 0x88002, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000100)=0x15)
ioctl$SNDCTL_DSP_POST(r1, 0x5008, 0x0)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x80000b, 0x11, r1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x14, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8b1a, &(0x7f0000000000)={'wlan1\x00'})
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400))
r6 = syz_open_dev$I2C(&(0x7f0000000180), 0x0, 0x80)
ioctl$I2C_SMBUS(r6, 0x720, &(0x7f0000000340)={0x1, 0x4, 0x8, &(0x7f0000000200)={0x1d, "220bb02a29dd6dc0ecf204362257079906df52f8af6c6bc97855de47f59fd16073"}})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_BUCKETS_LOG={0x8, 0x8, 0xf}]}}, @TCA_RATE={0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

8m53.815881815s ago: executing program 0 (id=1406):
get_mempolicy(0x0, &(0x7f0000000080), 0x2, &(0x7f0000fff000/0x1000)=nil, 0x2)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000500), 0x0, 0x3}, 0x38)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$dsp(0xffffffffffffff9c, 0x0, 0x42, 0x0)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.kill\x00', 0x275a, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
ftruncate(r3, 0x8800000)
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
sendfile(r4, r3, 0x0, 0x558410e9)
dup(0xffffffffffffffff)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6d272b92ee54c7beef915d564c90c200", 0x18)
r5 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000980)="f78d9ca38fff48f3be52163448412ba883a3cc1373bd61b5dd8356885324c80398a8f4ab98a7cdfc6631e21eabc9c5812d967f70edeca5146345709586b59173992d80563b5258dca678b471968340f470fbe206009958dfe954054be897954ae5fe69f9271a8f690d7835040ccde8387febdd99a26b0aec1b7b173ae5bb14b55a4cbbfc61ac6af1ee0b4020da8c356487aa49bedb22dca7", 0x98}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f0000000b40)="e87067347cfd6127e6ef12ee3819271482a0975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a1040d6528d3f80b906d378e8c10bc0e92402c1452fa428042c19daf7dc12abc0095a755d5cff3d713d7e7437622403b751ab92df81eba29105f05d6d0a164cd2e52d30288490e7bd5a112bf46dc6f7642ba34b6ae82a84cafbfd2ad77263c40ecc6704617de1a87924a24cd6fb2b9f67fd7a3c2ee272d26f6643ae0bdf23d25caf9ec7d2f15fb90344837a409599be5adeb3309eb3794803e66dfec0a156e0717943af75c2800ae850a0f4c6545dbc352c3166c28a9a52c02a396fb803bd1d41adcb00000000000000", 0x109}, {&(0x7f0000000700)="09fd31710b22da6eb1838542aab2ebe6e1a644cd198b7ac8201936d52836584abc5f3e5e1839482b902f5e0541ad1e1189eca437ba7f72d72725f8cd5b30c4849cbb73aa4eca1856ed2d44c0094b66288a398f93a5ed2cd64155e4cecd0f", 0x5e}, {&(0x7f0000000a40)="786f73a865800479a1f8a3c208821cae12142702550414d672fb9e37ace58d920f9ae97530e76392c1350dd6fd7d9fefa99ee450d49c2b0983b261cc127fa5c61a03e6d9c324344a41b47a2283206cba71b222355f7870078233e3e1d6882adc7aea75af5af1c26519d359793f972503abfcfedc51d12f07daaf4958efbb9cdf0cf827b993aae23366aae177c8f85a44f7a5132b1b36c7a9a170dd5dee7035909217a3f6947687c388029ce3e437050a7fea39d1402937f256a0534e2f10db266cf9d8952cfc8570f294e1", 0xcb}, {&(0x7f0000000880)="cd58f4a25bd717079e0045dacda0e2426ee35fc8bb3e2f0ced6f7db9fecaaec3ea070ddfbabe33b98766d8cf654effd96e718c332f81998c50bb19e20ac790cfd52629921075b091ad49cbcff49b650a61c5d9766db749283da2366b1012cdf1840c0fb8096091d4de7c281ab75b1ca46b9970862bad209bbdc6f23b4a6b939086cdfe943cf333e9820b138ea2621181166f69e46855fc54817127c0b74615b95b4d400e99149a97163c56ee104fc715b8defc57a58876435348cad25448", 0xbe}], 0x6, &(0x7f0000000940)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10, 0x4000011}], 0x1, 0x40800)
ioctl$F2FS_IOC_DEFRAGMENT(r1, 0xc010f508, &(0x7f0000000340)={0x8, 0x10000})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa0, 0x30, 0x1, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_ct={0x40, 0x2, 0x0, 0x0, {{0x7}, {0x18, 0x2, 0x0, 0x1, [@TCA_CT_LABELS={0x14, 0x7, "5f02202410d775c3e4251319323277b0"}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)

8m53.485098437s ago: executing program 0 (id=1409):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb8, 0xb8, 0x2, [@enum={0x0, 0xa, 0x0, 0x6, 0x4, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, @func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{}, {}, {}, {}]}, @struct={0x0, 0x3, 0x0, 0x4, 0x0, 0x0, [{}, {}, {0x0, 0x1}]}]}}, 0x0, 0xd2}, 0x20)
r0 = fsopen(&(0x7f0000000040)='nfsd\x00', 0x1)
fsmount(r0, 0x0, 0x9)
r1 = syz_open_dev$midi(&(0x7f0000000000), 0x2, 0x0)
openat$mice(0xffffff9c, &(0x7f0000000080), 0x40)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r1, 0x810c5701, &(0x7f0000000180))

8m50.847476694s ago: executing program 0 (id=1418):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, &(0x7f0000000600)={<r3=>0x0, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x14}}}, [0xfffffffffffffff8, 0x6, 0x200, 0x24, 0x5, 0x80000000, 0x8, 0x6, 0x22e4762d, 0xdd, 0x1, 0x3, 0x0, 0x81, 0x200000000]}, &(0x7f0000000140)=0xfc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={r3, 0x38, &(0x7f0000000280)=[@in6={0xa, 0x4e21, 0x7ff, @local, 0xeb2}, @in6={0xa, 0x4e21, 0x7, @mcast1, 0x9}]}, &(0x7f0000000180)=0xc)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000080)=[{&(0x7f0000000340)="480000001400190d09034beafd0d36020a841a000000230f00000000a2bc5603ca00000f7f89004e00200000000101ff00c00e03000200000000000000000300005839c900910000", 0x48}], 0x1)
r5 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r5, 0x114, 0x8, &(0x7f0000000080)=0x1, 0x4) (fail_nth: 2)
ppoll(&(0x7f0000000240)=[{r1, 0x4002}], 0x1, 0x0, 0x0, 0x0)
syz_usb_disconnect(r0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_INFO(r6, 0x29, 0x4d, 0x0, &(0x7f0000000400))
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_int(r8, 0x6, 0x4, &(0x7f0000000340)=0x1, 0x4)
getsockopt$inet_tcp_int(r8, 0x6, 0x4, 0x0, &(0x7f0000002040))
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x110a, 0x2})
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f00000024c0)={0x8, 0x0, &(0x7f0000000080)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x100000000000000, &(0x7f0000000540)="80"})
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
r11 = accept4(r7, 0x0, 0x0, 0x800)
sendmmsg$alg(r11, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000002c0)="e8700e444d50a969ff17347cff6127e6ef12ee3819271469cf80abe97b4dc33a47d3a158da988456d30026b433186fdc822dbcc8fd9d546753cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0be0b788c6b8fccb6f9781cf8b72c319c14ff800914dc68f2adea01a6a3d5e1b922acd4c7617f23ecce198b3740ec3ebce20dbe0167e1bfb2edfab17ade1f0e15b37398a8234f80c96415fae42e208e6027649aac6adc93f13201bdb1d8ab7a38a39f65cde540cd7519c1c61b3ddb569533f27db07827600bf933daea29df29557fd7be9bb4aeada960568f02da8a2881f0000000000", 0xea}, {&(0x7f00000003c0)="ebe3a0e9ec796cfd1647e289f4e376fdba128280b372ade21d98c7cdb1a5219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4f", 0x4e}, {&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}], 0x3}], 0x1, 0x0)
recvmsg(r11, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/101, 0x65}], 0x2}, 0x0)

8m35.531531246s ago: executing program 34 (id=1418):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, &(0x7f0000000600)={<r3=>0x0, @in={{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x14}}}, [0xfffffffffffffff8, 0x6, 0x200, 0x24, 0x5, 0x80000000, 0x8, 0x6, 0x22e4762d, 0xdd, 0x1, 0x3, 0x0, 0x81, 0x200000000]}, &(0x7f0000000140)=0xfc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={r3, 0x38, &(0x7f0000000280)=[@in6={0xa, 0x4e21, 0x7ff, @local, 0xeb2}, @in6={0xa, 0x4e21, 0x7, @mcast1, 0x9}]}, &(0x7f0000000180)=0xc)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000080)=[{&(0x7f0000000340)="480000001400190d09034beafd0d36020a841a000000230f00000000a2bc5603ca00000f7f89004e00200000000101ff00c00e03000200000000000000000300005839c900910000", 0x48}], 0x1)
r5 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r5, 0x114, 0x8, &(0x7f0000000080)=0x1, 0x4) (fail_nth: 2)
ppoll(&(0x7f0000000240)=[{r1, 0x4002}], 0x1, 0x0, 0x0, 0x0)
syz_usb_disconnect(r0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_INFO(r6, 0x29, 0x4d, 0x0, &(0x7f0000000400))
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_int(r8, 0x6, 0x4, &(0x7f0000000340)=0x1, 0x4)
getsockopt$inet_tcp_int(r8, 0x6, 0x4, 0x0, &(0x7f0000002040))
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x110a, 0x2})
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f00000024c0)={0x8, 0x0, &(0x7f0000000080)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x100000000000000, &(0x7f0000000540)="80"})
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000000)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
r11 = accept4(r7, 0x0, 0x0, 0x800)
sendmmsg$alg(r11, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000002c0)="e8700e444d50a969ff17347cff6127e6ef12ee3819271469cf80abe97b4dc33a47d3a158da988456d30026b433186fdc822dbcc8fd9d546753cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0be0b788c6b8fccb6f9781cf8b72c319c14ff800914dc68f2adea01a6a3d5e1b922acd4c7617f23ecce198b3740ec3ebce20dbe0167e1bfb2edfab17ade1f0e15b37398a8234f80c96415fae42e208e6027649aac6adc93f13201bdb1d8ab7a38a39f65cde540cd7519c1c61b3ddb569533f27db07827600bf933daea29df29557fd7be9bb4aeada960568f02da8a2881f0000000000", 0xea}, {&(0x7f00000003c0)="ebe3a0e9ec796cfd1647e289f4e376fdba128280b372ade21d98c7cdb1a5219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4f", 0x4e}, {&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}], 0x3}], 0x1, 0x0)
recvmsg(r11, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/101, 0x65}], 0x2}, 0x0)

3.811433286s ago: executing program 2 (id=3597):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x2, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f00000003c0)={0x13, 0x10, 0xfa00, {0x0, r1, 0x3}}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000004c0)={'veth1_virt_wifi\x00', <r5=>0x0})
r6 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000800)={r4, r5, 0x25, 0x4, @val=@tcx}, 0x1c)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20080, 0x80e1}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f0000000480)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000680)={r6, r8, 0x4, r4}, 0x10)
close_range(r3, 0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x0)

3.739301145s ago: executing program 2 (id=3599):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000440)=@file={0x0, './file1\x00'}, 0x6e)
r2 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r2, 0x0, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r2, 0x114, 0x1, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r2, 0x0, 0x20000081)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
syz_open_pts(0xffffffffffffffff, 0x40100)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r3 = open(&(0x7f0000000580)='./bus\x00', 0x80242, 0x100)
chdir(&(0x7f0000000400)='./file1\x00')
write$FUSE_CREATE_OPEN(r3, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x0, 0x9, 0x20ff, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
sendfile(r3, r3, &(0x7f0000000080), 0x7f03)
r4 = open(&(0x7f0000000180)='./bus\x00', 0x189a7c, 0x113)
r5 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r5, &(0x7f00000003c0)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
recvmsg(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000004700)=""/4083, 0xff3}, {&(0x7f0000003700)=""/4074, 0xfea}, {0x0}, {&(0x7f00000001c0)=""/189, 0xbd}, {&(0x7f0000000280)=""/164, 0xa4}], 0x5}, 0x120)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x4e142, 0x0)
pwritev2(r6, &(0x7f0000000680)=[{&(0x7f0000000200)="05", 0x6a000}], 0x1, 0x6000000, 0x0, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x37fffee, 0x4002011, r4, 0x40000000)

2.815627574s ago: executing program 2 (id=3606):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000001c0), 0x159981)
r3 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f00000000c0)='xfrm0\x00', 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000100)=ANY=[], 0x2c}], 0x1}, 0x40)
sendmmsg$inet(r3, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x680e0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
tkill(0x0, 0xb)
utimensat(0xffffffffffffffff, &(0x7f00000003c0)='.\x00', 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

2.219481687s ago: executing program 4 (id=3609):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="6400000002060500000060000000000000000000120003006269746d61703a69702c6d616300000005000400000000000900020073797a3000000000180007800c000180e8ff014000000000080008000000001005000500020000000500010006"], 0x64}}, 0x0)

2.140222298s ago: executing program 4 (id=3610):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x1})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f00000001c0))
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000004c0)="e0"})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000480)={0x4c, 0x0, &(0x7f0000000200)=[@acquire, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x13, r3, 0xcbff9000)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000300)={0x44, 0x3000000, &(0x7f0000000500)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000900)={@fd={0x66642a85, 0x0, r3}, @fd={0x66642a85, 0x0, r0}, @flat=@weak_handle={0x77682a85, 0xa, 0x2}}, &(0x7f0000000000)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

2.140023847s ago: executing program 6 (id=3611):
r0 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0xbf9d5a5a4c2f3718)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000d00)=r2, 0x4)
sendmsg$inet(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000480)="5c00000012006bab9a3fe3d86e17aa0a8187bae53dca2b007ea23e163ec40028e82fccdc09da15fef6a608649e7531765f0ef82e3c0076a705259a3651f60a84c9f4d4938037e70e4509c5bb0c9246444351db86078475483687054c", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20000000)

2.026766252s ago: executing program 4 (id=3612):
openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x400, 0xfffffffb, 0xb6}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x47f6, 0x0, 0x4, 0x0, 0x0)

2.025822485s ago: executing program 6 (id=3613):
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
setsockopt$inet_sctp_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000040)={0x6, 0xa, 0x9, 0x2, 0x3, 0x10, 0x0, 0x7, 0x8, 0x88, 0x2, 0x9, 0x5, 0xb}, 0xe)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01030003000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB="4c00000010001ffffcfffffffdffffff00000000", @ANYRES32=0x0, @ANYBLOB="0002010000000000240012800b00010065727370616e000014000280050016000000000008000700ac1414bb08000a00", @ANYRES32=r3], 0x4c}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x4)
sendmsg$nl_route(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x7400, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r6}}, 0x24}}, 0x0)

1.914142239s ago: executing program 4 (id=3614):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x34, r1, 0x1, 0x0, 0x25dfdbfc, {}, [@ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x9}]}, 0x34}, 0x1, 0x0, 0x0, 0x8810}, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1ff, 0x80)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0106434, &(0x7f0000000140)={0x2, 0x0, 0x2})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x2000000000000013, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x6, 0xb9, &(0x7f0000000440)=""/185, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xd0, &(0x7f0000004680)=0x80, 0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000001140)=[{{&(0x7f0000000500)=@file={0x1, './file0/file0\x00'}, 0x6e, &(0x7f00000007c0)=[{&(0x7f0000000580)="7df510ca6242a291034b57e01bc0d8ca890f263394425cb873d7dd20dbf21dcba7455212ab3a8a91f94153a829430fdf476afc100531ee3d4ed8d4c21d3d94da87f71a71b15b038b61bce7742bf6c1b88fb2c3bf1dc3c3977f75d187ce0789bbd9831a200ba172c407ed9577f2ff787b07f6fa757cb5f089959abe9d5df239ff8d", 0x81}, {&(0x7f00000006c0)="1e298c7b5890a6270ad27a0236603461bc359a7d658f3bfdf0f6777f8b60417a2a011aee4727a23d4dedd02fd2b40b83b846fe8d0d8899ae0886eccfdab1731aaf5c08efe747dd6377073c9851b79a6b0bea04939e2512d88cca56ba4adffa6ae29bf7adf9448a30adc21f5c22e72190ff412d9a84b302c1abf1c07b336c3a81588e58d66ec470dc4b22df44141778b80f04c4d6bb7ac8e9abdd3e60edb50a2c054b1a9ba6a68570934d6a5f343cdd5e568ddd0dbc1596a8d75773e64c5a6152d4f7806c3f6dc6", 0xc7}, {&(0x7f0000000340)="be5f33c9be8230676d5379132fe420bf3e1c1ba4e6c2e9fd5aacedb04053d7c7383d430eef3142", 0x27}, {&(0x7f0000000640)="371ac3c08c14808693b94a7f61cd9c767a9440a49b", 0x15}], 0x4, &(0x7f0000000a00)=[@rights={{0x2c, 0x1, 0x1, [r2, r3, 0xffffffffffffffff, r3, r2, r2, r0, 0xffffffffffffffff]}}, @cred={{0x18, 0x1, 0x2, {r5}}}, @cred={{0x18, 0x1, 0x2, {r5, 0x0, 0xee01}}}, @rights={{0x14, 0x1, 0x1, [r2, r0]}}], 0x70, 0x4000180}}, {{&(0x7f0000000a80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000c40)=[{&(0x7f0000000b00)="5bded8f691f330f020ff005f139d0491722d0aee5ec012d2b5af63226d06b3b68cc8ce81a701705de2cab2097680177863", 0x31}, {&(0x7f0000000b40)="0845a9d9c71acb6578958f2ea992edbcef722eb9b50d25da839681832f6b66ca2d11b9a0c03145582ff2edbf99a8ccad761e683800391fd177b3faec1690a83cb16c84ef1f82fb8328e81a160d785ca16d528e7035ad027f74cb9c29741ac30f76e9651e46e72e0c7f4fbe85ea67cacff13694491187a62cb7fa50a81a1afa5578e024565f02d9ee69acbe3a8416db0934adc262b0f371a6965939efe5ef3a908e43418059aff72f0270555857d159b64391039290ea450604fddd4db5b7bb177111502d938e86a70f762cf5db391c42b411387dc4d5376ce266de75f6a610937da5ae7c4a197f55cc2326042acd", 0xee}], 0x2, &(0x7f0000000c80)=[@rights={{0x28, 0x1, 0x1, [r0, 0xffffffffffffffff, r7, r6, r7, r7, r7]}}, @rights={{0x14, 0x1, 0x1, [r3, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r2, r4, r2]}}, @rights={{0x24, 0x1, 0x1, [r0, r3, r6, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r2]}}, @rights={{0xc}}, @rights={{0x20, 0x1, 0x1, [r7, r6, r3, r6, r0]}}], 0xc4}}, {{&(0x7f0000000ec0)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000001000)=[{&(0x7f0000000f40)="96f27a44e59de1b659ad5259f7e1b5ca19e1d501d03ace0b2f28bab42a31442fb6ed87e4fe153c33081abf6a491128721de5f5aaddc38edc042c971f6477d7519095392c5b3d59272bcb", 0x4a}, {&(0x7f0000000fc0)="60bdd21fcb5cd267ddcc0d79b839a748ce3b910d2c453de5", 0x18}], 0x2, &(0x7f0000001080)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x18, 0x1, 0x2, {r5}}}, @cred={{0x18}}, @cred={{0x18}}, @cred={{0x18}}, @rights={{0x10, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x10, 0x1, 0x1, [0xffffffffffffffff]}}], 0x94, 0x20048810}}], 0x3, 0x0)
sched_setaffinity(r5, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r6, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
syz_io_uring_setup(0x283e, &(0x7f0000000940)={0x0, 0x95ba, 0x8000, 0x80003, 0xce}, &(0x7f0000000100), &(0x7f0000000380))
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r8, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r8, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x42}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f0000000040)='bic', 0xff3d)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r8, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r8, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r8, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r8, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
prctl$PR_GET_TSC(0x43, &(0x7f0000000040))

1.748469757s ago: executing program 2 (id=3615):
r0 = openat$dsp1(0xffffff9c, &(0x7f0000000140), 0x101002, 0x0)
io_setup(0x2, &(0x7f0000000600)=<r1=>0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=@newtaction={0x304, 0x30, 0x10, 0x70bd25, 0x0, {}, [{0x2f0, 0x1, [@m_bpf={0x78, 0x1e, 0x0, 0x0, {{0x8}, {0x1c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x3}, @TCA_ACT_BPF_OPS={0x4}]}, {0x36, 0x6, "70bd98ac3c9cbadf83e311da2c01d8d5a314ad49e662b9df7bf299e87f6799a1fff4a1d670920000000000000000a4261e82"}, {0xc}, {0xc, 0x8, {0x1, 0x7}}}}, @m_connmark={0x194, 0x0, 0x0, 0x0, {{0xd}, {0x90, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x7, 0x0, 0x1, 0x7, 0x8}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x11a198c2, 0x400, 0x0, 0x2, 0xf}, 0x8}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xd39c, 0x32, 0x2, 0x3, 0x8}, 0x6}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x1, 0x3, 0x2, 0x7, 0x10001}, 0x5}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x80, 0x4, 0x0, 0x200, 0xc3}, 0x86}}]}, {0xd8, 0x6, "00c023e20fe99ea45d585adc726b5f94c4e90b8dc4cd69fe70d60359648d6376530c7f5d106b7304f0ef29ad711401a5b7afca6fe41e2e4437c80be99eb24025eead8c11d6f1fe0d115b479cd17ba371c599a5061d3653fbe1cc41fc38e203e6db18a43869dd1194ac1f479d972f30820bd40f6fb0746885e2a712e7b956597c3cca7804a787b6b8a5e5fe43e4e62d9fc605b65cce8d22b69e091db06e039666a3a2e211c21efbf6c17fd4ad1174ec3de112fcffcec07986bd6dde22732d5f9aafcead5c838515b2878910066981273da4c8ec37"}, {0xc}, {0xc, 0x8, {0x3}}}}, @m_sample={0xe0, 0x1e, 0x0, 0x0, {{0xb}, {0x3c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x9}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x1}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x3}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x7}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x5}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8}]}, {0x7c, 0x6, "de42fec351a0be20d760c7f1d73a35b9fa0b0b66999aa8f4a6e51a933244dbca50078a0137274233f071cc42e641d85adf625cfa3c3a4d5d3a019f79d64af30b48fa8147e4fd77839967d73f1d464fcfc4320cd5154dad9964241f2c4a2cb6b82b03f7566743b23c500df4018fd41a9c16309bb4d0a18f47"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x304}, 0x1, 0x0, 0x0, 0x804}, 0x17f1f45bbc47bf8a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
socket$kcm(0x2, 0x5, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000340))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x1e, 0x4, &(0x7f0000000040)=ANY=[@ANYRES64=r1], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
r6 = socket$packet(0x11, 0x3, 0x300)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x700, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="30000000100001000000ce6bb9092919507f3400", @ANYRES32=0x0, @ANYRES32=r2, @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
recvmmsg(r6, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x0, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@empty, 0x2, 0x1, 0x0, 0x7}, 0x0)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r8, 0x800452d3, &(0x7f0000000100))
ioctl$SOUND_MIXER_READ_RECMASK(r0, 0x80044dfd, &(0x7f0000000180))

1.340302027s ago: executing program 5 (id=3619):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$binfmt(0xffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_elf64(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x9, 0xf, 0x0, 0x1, 0x6, 0x3, 0xc0fd22f7d4b434d6, 0x4, 0x24c, 0x40, 0x1e2, 0x3, 0x0, 0x38, 0x2, 0x81, 0x2, 0xff81}, [{0x2, 0x1, 0x101, 0x7, 0x8, 0x4, 0x4, 0x40}, {0x6, 0x4, 0x9, 0x7fffffff, 0x0, 0x3073, 0x5c, 0xda2}], "9e8707f96e6b08297c8d60edcfe8baf1afd5711dc681bef8f174c07ba6da9f5b9033076782de7f082af81c7c02634d3f485252d9946c310435850524a71f42a4a11fcad8f227759ea1ac41971b8cf60241dd25d3713f56b86c6bea5048b5b6d4223766e20b38e4fb8052d007a8527ca2c84c35932d348de1c7861609ba55fe021a020f2a6de3eb4ca201df9d3f6c53782626e0ed53f69b5670c34e8b163231f53a0d620f7a4a781fadc9eac37b1766f70e1f7683be7a6b19a9477fd554becd4f96a9400c475bcd7e7bb5650a7575351cf07bd69d635c7ce401312b8d50102a670c1dd7c6917283e303782fbdc4af6b7b29acaeec6451dbbd7fe108", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x9ab)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="3900000013000318680907070000000f0000ff3f3f000000170a001700000000040037000d00110001332564aa58b9a64411f6bbf44dc48f57", 0x39}], 0x1)

1.227606551s ago: executing program 5 (id=3620):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r1, 0x0)
cachestat(r1, &(0x7f0000000040), &(0x7f000009de80), 0x0)
sendmsg$can_bcm(r1, &(0x7f00000002c0)={&(0x7f0000000040), 0x10, &(0x7f0000000080)={&(0x7f0000000240)={0x6, 0x1, 0xfffffffd, {0x77359400}, {}, {0x1, 0x0, 0x1, 0x1}, 0x1, @canfd={{0x2, 0x0, 0x1, 0x1}, 0x3f, 0x3, 0x0, 0x0, "363dbc33337877ae23cf5f28c4f4f8616c19b54f424e42b7e6ec0be8498fbfbe21875b0779177db557a1d60a2a8ff59cf689d39fbe0ae8e8d07ffe878ff90ecb"}}, 0x6c}, 0x1, 0x0, 0x0, 0x50}, 0x24000000)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}]}, @NFT_MSG_NEWSETELEM={0x94, 0xc, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x68, 0x3, 0x0, 0x1, [{0x64, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}, @NFTA_SET_ELEM_USERDATA={0x5c, 0x6, 0x1, 0x0, "0fcf20bb8e1e81bc8e8c8ce21ef6d87676d78721df95b6ea6da584bade566113aabbbd5d85c8409d6d1b3a74d8d9fd7f5f6883915099b7e57699438c7d3a0d95bd38b85267f88f8acd3190ba7997e5fb05012525608d60f1"}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0x118}}, 0x0)

1.15946812s ago: executing program 6 (id=3621):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x1000000, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xc4}}, 0x0)

1.09028781s ago: executing program 6 (id=3622):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$sndctrl(0x0, 0x1ff, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x38ff, &(0x7f0000000480)={0x0, 0x200003, 0x10100}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0})
io_uring_enter(r2, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r5 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
preadv(r5, &(0x7f0000000280)=[{&(0x7f0000000880)=""/220, 0xdc}], 0x1, 0xbffffffe, 0x10a2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)

1.090036199s ago: executing program 5 (id=3623):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$sndctrl(0x0, 0x1ff, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x38ff, &(0x7f0000000480)={0x0, 0x200003, 0x10100}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0})
io_uring_enter(r2, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r5 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
preadv(r5, &(0x7f0000000280)=[{&(0x7f0000000880)=""/220, 0xdc}], 0x1, 0xbffffffe, 0x10a2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)

898.949733ms ago: executing program 4 (id=3624):
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x6, 0x5, &(0x7f0000000b40)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000240)={r3, r5, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000001980)={@random="61fe71b72b5f", @link_local={0x17, 0x80, 0xc2, 0x2, 0x9}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "d23396", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x8001}}}}}}, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x15)
writev(r6, &(0x7f0000000280)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500", 0x1a}, {&(0x7f0000000580)="fa21bd2b5c40cc420740358ffc7f9f4b6e68fc8d1aa2597e7b484f301f11e35f22", 0x21}], 0x2)
r7 = socket$rxrpc(0x21, 0x2, 0xa)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0xffffffffffffff2b)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500003c0002800800", @ANYBLOB="96f0ba0c", @ANYRES32=r7], 0x74}}, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)={0x28, r11, 0x1, 0x0, 0x80000000, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'ipvlan0\x00'}}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x10800}, 0x4800)

612.734967ms ago: executing program 2 (id=3625):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x2, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f00000003c0)={0x13, 0x10, 0xfa00, {0x0, r1, 0x3}}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000004c0)={'veth1_virt_wifi\x00', <r5=>0x0})
r6 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000800)={r4, r5, 0x25, 0x4, @val=@tcx}, 0x1c)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20080, 0x80e1}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f0000000480)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000680)={r6, r8, 0x4, r4}, 0x10)
close_range(r3, 0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x0)

490.139246ms ago: executing program 6 (id=3626):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000200)={0x2, 0x3, 0x0, 0x2, 0x9, 0x0, 0x0, 0x4, [@sadb_address={0x3, 0x6}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x9, 0xfd}, @sadb_key={0x2, 0x8, 0x8, 0x0, '4'}]}, 0x48}, 0x1, 0x7}, 0x0)

489.738147ms ago: executing program 6 (id=3627):
creat(&(0x7f0000000080)='./bus\x00', 0x0)
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
ioctl$USBDEVFS_CLEAR_HALT(r0, 0x80045515, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x27)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8b35, &(0x7f0000000140)={'wlan1\x00', @random="0300000000eb"})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
request_key(0x0, 0x0, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback, 0x3}, 0x31)
sendmmsg$inet6(r5, &(0x7f0000002940), 0x40000000000017d, 0x811)
r6 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r6, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x53, 0x202, 0x1, 0xc})
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
socket$inet6_sctp(0xa, 0x1, 0x84)
mount(&(0x7f0000000240)=@filename='./bus\x00', &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000100)='trans=rdma,')
prctl$PR_GET_NAME(0x25, 0x0)
setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000002e40)=ANY=[@ANYBLOB="0002"], 0x18)

410.165602ms ago: executing program 2 (id=3628):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x8000, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000006cf6a036356505db1347d04be40efd14dcad756bd9c8797d2ebaff582592df198405c4354932d63f90e38ac5f0ac7109e7f8e70248b8e51cd9bc0381015ae2cce846e81cdd1b494e0179a9d90ce3f201be45c083bee394e8454a1d3b3366fd1408000000000000004316838fafd410258fdddde5d0826e70c2614eb4d5e9a00a95d23e9e49ecc1b676788248c3d1fe555d1b3c"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='contention_end\x00', r2}, 0x18)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r3, 0x5453, 0x0)
r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x8, 0x0)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000880)={"84ca18eaa852b1a3bb3e80fe4eee1e4efbe55b52637d7e57c6f18b1d38286e1e4f37d997fe32fe60b40690718c3efe462c935f0d40f1aeeffa2cf8101f28571b6dfc5560095636dd10ace18ee9c6b5b854d8d974d1c26b1a3b9900a365d717934bb0a489f0cebb1597f4e2bb5cfd0c5629f0a6a86e104c0b6c74dd41f07312910c778d23ee7e0c3a8c94ed8226925f0f05f288604684d76c58a0c09601ce1f11a06333743f6997026ef3edbcb9f3adc11f921bc91f7f9e8715fb886e1ff8544885de0da0b5fcd763e5539dd92ae1a27b5cda25329f8577cec548db45330209382208cd9e77998ccd3eb075cdf236c2166b13b7caf92272da52deb450f8544e3a4b95f3dead6c76ccd8943dff073a601d53b43d9394a9552ab9f78023b2b6b3db61d3d8ed662359066df8f0d398307ba15450c47bb2b97fd48f8e4a59c997b7d15d790978d3352ec552310bd219e72f997b04cc0d8c7afb392a36cc9b17fb5ab09647fc59984c2ee3a882d102cfe3bf29aeab03813d822cb9b1997876e0e603a099aed4dad75b83669b90dd808302b7c0bf5f88d020aa3d9beba2374670572ad0de5e4c78067e74f96a2baa3ec401520e7e4c2ff4cdb809b16d376fa622ebee5db6b8670ed68706e179b58de0aaaa3e43fb5d2a45582196aaf3aa232151aafbf7265d7c339a4f3b9d3f942aae8a4397db047abad9dfa7cd220a105e6d8faf25ff9312228b287db69b0f4f50b092f80e4336a2e327ba613f221e1fc859305b1b0b04c450952852653e200e6bd0293a1e1921b1292fa09dfba00cae70a01b590189f6a391fd4445abeea55e9c54d9f975227021d08b1861b8279edf51612e238cb36494ef745f3e1eb778ab341a8a36495695f29a60d717a4f5d534a00a2a3d020e61884201b33ce2e1c0420a05b5de2d3034f8bc14cc864b7d9394a1fda8db1e24bd14bf912656874e47cd30210c25107ea9b8d21d3b7198b0936acf0f15db949dbf22d51fc289cda1a550f3cba42e42184e5d61d61f2293735557f67d54bc3b4aba898119c3645c233ee02c4ab4b1b900e9aebdc2b772bb933d002a2b7ca954373e37eefa4377a93b16f8cd17613d714592afdc410ac705cb9798be70a8e64193214342992392c42475bbf9f33ad2d678e62af6f01b9f202a86fc549ed233724021ef50a0c82c6b3a51817c63d6dd706d9dae6e8b1fb61ffdcd59af94a92733c1b763007ef78e2d90bbdcde589b8f40e067a127841eb469d8aff8cee7d03d11ab2a6ddf0184301e11eec507393aa6df565e2503f5bb3210726f0b9bd49c6caf8ba93e709049fb4c9eaf9f66bae4d8749a2989214c0c2290b2841368481d67d5a6c6a6126b696a554132656c9ef3d4054349c2a312a1ef427f3b1ec6d3b2a8cfdbc722373932a2892f0333d879800b7cfaa94259a2c301ff48c575279da1de8198"})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000040)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x3, 0x1, 0x2, 0x8, 0x1ff, 0x1}, 0x20)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_TRANSLATE(r5, 0xc018ae85, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x8})
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x3000c041)
r6 = socket$kcm(0x10, 0x2, 0x4)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0xb56cea99d7d0f667]}}, 0x0, 0x34}, 0x28)
unshare(0x22020400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000080)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41000}, 0x94)
r8 = dup(r7)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x7}], 0x1c)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000180)={0xc, 0x0, <r9=>0x0})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r8, 0x3b82, &(0x7f00000001c0)={0x18, r9, 0x5, 0x0, &(0x7f0000000340)=[{0x1, 0xa4b}, {0x5}, {0x1, 0x9}, {0x5, 0x3c7}, {0xe63f, 0x8}]})
ioctl$PTP_PEROUT_REQUEST2(0xffffffffffffffff, 0xc4c03d12, 0x0)
iopl(0x3)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
sendmsg$kcm(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
recvmsg$kcm(r6, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x10000)

139.169945ms ago: executing program 5 (id=3629):
unshare(0x6a040000)
r0 = socket(0x10, 0x80002, 0x0)
sendmsg(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000040)="24000000180003041dfffd946f610500020100000005fe060c10880008000f00fff3c00e", 0x24}], 0x1}, 0x0)
openat$dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f0000000580)={&(0x7f00000017c0)={0x2, 0xfe80, @private=0xa010101}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x20000004}, 0x0)

90.137141ms ago: executing program 4 (id=3630):
r0 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r0, &(0x7f0000000000)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e24, @local}}, 0x24)
setsockopt$RXRPC_SECURITY_KEYRING(r0, 0x110, 0x2, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000100), 0x2, 0x1)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f00000001c0)={0x1, 0x24, 0x6, &(0x7f00000002c0)={0x14, "bac783f1b4b81a2c3feb05826d2a5ef5e6c6bfc92b387c5b9e89c9b4adb44366be"}})

368.199µs ago: executing program 5 (id=3631):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000080), 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, r0, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000000)={0x5, 0x4, 0x8009, 0x0, 0x9, 0xfffd})

0s ago: executing program 5 (id=3632):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x101, @mcast2}}}, 0x88)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYRES64, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713aceb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = fsopen(&(0x7f00000001c0)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f00000000c0)='test_dummy_encryption', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(&(0x7f0000000080)=@nullb, 0x0, &(0x7f00000000c0)='affs\x00', 0xa08410, 0x0)
r6 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'bond0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000840)=@newqdisc={0xb0, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r7, {}, {0xffff, 0xffff}, {0x2, 0x9}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x80, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x2, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x8001]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x1c, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}, {0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x2c2a1f44}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x7}]}}]}, 0xb0}}, 0x0)
io_uring_setup(0x3eb1, &(0x7f0000000080)={0x0, 0x4bde, 0xc00, 0x10, 0x147})
r9 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r9, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r9, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x4f27, 0x5, 0x10000, 0x4, 0x5, 0xcc7, 0x8, 0x7, 0xa, 0x100, 0x2, 0x1, 0x1, 0x1, 0x6, 0x101, 0x0, 0x1a449, 0x3, 0x40000003, 0x89, 0xcaa7, 0x0, 0x20001e58, 0xb, 0xe69, 0x3c, 0x8, 0x6, 0x0, 0xfffffff8]})
preadv(r9, &(0x7f0000001cc0)=[{&(0x7f0000000200)=""/130, 0x82}], 0x1, 0x0, 0x7f)

0s ago: executing program 4 (id=3633):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040))
chdir(&(0x7f0000000080)='./file0\x00')
setpgid(r0, r0)
setpgid(0x0, r0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r1, &(0x7f0000000040)=0x1f27, 0x12)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40100, 0x0)
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, r3}, './file0\x00'})

kernel console output (not intermixed with test programs):

: failed to get link speed/duplex
[  797.986487][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  798.106249][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  798.219093][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  798.353376][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  798.463870][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  798.574543][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  798.684551][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  798.955607][T17235] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  798.958905][T17235] IPv6: NLM_F_CREATE should be set when creating new route
[  799.578265][T17239] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3055'.
[  800.746785][T17250] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  801.678349][T17256] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3058'.
[  801.692060][T17256] syz.2.3058: vmalloc error: size 1379004416, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  801.698587][T17256] CPU: 3 UID: 0 PID: 17256 Comm: syz.2.3058 Not tainted syzkaller #0 PREEMPT(full) 
[  801.698615][T17256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  801.698630][T17256] Call Trace:
[  801.698638][T17256]  <TASK>
[  801.698647][T17256]  dump_stack_lvl+0x16c/0x1f0
[  801.698685][T17256]  warn_alloc+0x248/0x3a0
[  801.698713][T17256]  ? __pfx_warn_alloc+0x10/0x10
[  801.698742][T17256]  ? kasan_save_stack+0x42/0x60
[  801.698768][T17256]  ? kasan_save_stack+0x33/0x60
[  801.698797][T17256]  ? kasan_save_stack+0x42/0x60
[  801.698838][T17256]  ? kasan_save_stack+0x33/0x60
[  801.698884][T17256]  ? kasan_save_track+0x14/0x30
[  801.698919][T17256]  ? vb2_vmalloc_alloc+0x135/0x410
[  801.698945][T17256]  __vmalloc_node_range_noprof+0x12c2/0x16b0
[  801.698970][T17256]  ? __do_fast_syscall_32+0xe8/0x680
[  801.698991][T17256]  ? do_fast_syscall_32+0x32/0x80
[  801.699007][T17256]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  801.699041][T17256]  ? vb2_vmalloc_alloc+0x135/0x410
[  801.699071][T17256]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  801.699100][T17256]  ? vb2_vmalloc_alloc+0x135/0x410
[  801.699122][T17256]  vmalloc_user_noprof+0x9e/0xe0
[  801.699142][T17256]  ? vb2_vmalloc_alloc+0x135/0x410
[  801.699166][T17256]  vb2_vmalloc_alloc+0x135/0x410
[  801.699192][T17256]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  801.699214][T17256]  __vb2_queue_alloc+0x8c9/0x1280
[  801.699252][T17256]  vb2_core_create_bufs+0x559/0xab0
[  801.699278][T17256]  ? __pfx_vb2_core_create_bufs+0x10/0x10
[  801.699299][T17256]  ? __pfx___might_resched+0x10/0x10
[  801.699331][T17256]  ? __mutex_lock+0x27b/0x1ca0
[  801.699351][T17256]  ? __pfx_get_v4l2_format32+0x10/0x10
[  801.699379][T17256]  vb2_create_bufs+0x5e8/0x840
[  801.699403][T17256]  ? __pfx_vb2_create_bufs+0x10/0x10
[  801.699425][T17256]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  801.699456][T17256]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  801.699488][T17256]  v4l_create_bufs+0x151/0x260
[  801.699517][T17256]  __video_do_ioctl+0xb77/0xf00
[  801.699552][T17256]  ? __pfx___video_do_ioctl+0x10/0x10
[  801.699582][T17256]  ? video_usercopy+0x139/0x13e0
[  801.699616][T17256]  video_usercopy+0x47f/0x13e0
[  801.699647][T17256]  ? __pfx___video_do_ioctl+0x10/0x10
[  801.699676][T17256]  ? rcu_watching_snap_stopped_since+0x100/0x110
[  801.699707][T17256]  ? __pfx_video_usercopy+0x10/0x10
[  801.699745][T17256]  ? video_ioctl2+0x15/0x30
[  801.699773][T17256]  ? __sanitizer_cov_trace_pc+0x56/0x70
[  801.699804][T17256]  v4l2_ioctl+0x1bd/0x250
[  801.699829][T17256]  ? __ia32_compat_sys_openat+0x141/0x210
[  801.699862][T17256]  v4l2_compat_ioctl32+0x217/0x2e0
[  801.699898][T17256]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[  801.699924][T17256]  __ia32_compat_sys_ioctl+0x242/0x370
[  801.699958][T17256]  __do_fast_syscall_32+0xe8/0x680
[  801.699983][T17256]  do_fast_syscall_32+0x32/0x80
[  801.700003][T17256]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  801.700027][T17256] RIP: 0023:0xf7f15579
[  801.700044][T17256] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  801.700062][T17256] RSP: 002b:00000000f53c455c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  801.700082][T17256] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000c0f8565c
[  801.700095][T17256] RDX: 0000000080000440 RSI: 0000000000000000 RDI: 0000000000000000
[  801.700107][T17256] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  801.700118][T17256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  801.700130][T17256] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  801.700156][T17256]  </TASK>
[  801.700184][T17256] Mem-Info:
[  801.988872][T17256] active_anon:16948 inactive_anon:899 isolated_anon:0
[  801.988872][T17256]  active_file:6872 inactive_file:9135 isolated_file:0
[  801.988872][T17256]  unevictable:1768 dirty:346 writeback:0
[  801.988872][T17256]  slab_reclaimable:6218 slab_unreclaimable:71313
[  801.988872][T17256]  mapped:28205 shmem:16193 pagetables:1460
[  801.988872][T17256]  sec_pagetables:338 bounce:0
[  801.988872][T17256]  kernel_misc_reclaimable:0
[  801.988872][T17256]  free:37858 free_pcp:18837 free_cma:0
[  802.351018][T17256] Node 0 active_anon:2672kB inactive_anon:316kB active_file:144kB inactive_file:12kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:9548kB dirty:0kB writeback:0kB shmem:5600kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9632kB pagetables:2016kB sec_pagetables:1152kB all_unreclaimable? no Balloon:0kB
[  802.423691][T17256] Node 1 active_anon:57020kB inactive_anon:3280kB active_file:27344kB inactive_file:36532kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:96096kB dirty:64kB writeback:0kB shmem:53572kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4640kB pagetables:3880kB sec_pagetables:200kB all_unreclaimable? no Balloon:0kB
[  802.433357][T17256] Node 0 DMA free:2088kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:0kB writepending:0kB zspages:40kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:432kB local_pcp:228kB free_cma:0kB
[  802.445022][T17256] lowmem_reserve[]: 0 289 289 289 289
[  802.446875][T17256] Node 0 DMA32 free:20596kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:2048KB free_highatomic:1152KB active_anon:844kB inactive_anon:312kB active_file:144kB inactive_file:4kB unevictable:3536kB writepending:0kB zspages:792kB present:1032196kB managed:296804kB mlocked:0kB bounce:0kB free_pcp:6928kB local_pcp:2300kB free_cma:0kB
[  802.461074][T17256] lowmem_reserve[]: 0 0 0 0 0
[  802.462767][T17256] Node 1 DMA32 free:155892kB boost:45056kB min:92200kB low:103984kB high:115768kB reserved_highatomic:2048KB free_highatomic:396KB active_anon:53220kB inactive_anon:3280kB active_file:27344kB inactive_file:36532kB unevictable:3536kB writepending:44kB zspages:5068kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:55412kB local_pcp:11124kB free_cma:0kB
[  802.473959][T17256] lowmem_reserve[]: 0 0 0 0 0
[  802.523644][T17256] Node 0 DMA: 4*4kB (UM) 19*8kB (UM) 12*16kB (UM) 4*32kB (U) 5*64kB (UM) 2*128kB (M) 0*256kB 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2088kB
[  802.529879][T17256] Node 0 DMA32: 72*4kB (UMEH) 112*8kB (UEH) 63*16kB (UMEH) 161*32kB (UMEH) 73*64kB (UMEH) 27*128kB (UMEH) 2*256kB (H) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 16496kB
[  802.537501][T17256] Node 1 DMA32: 830*4kB (UEH) 1307*8kB (UMEH) 1349*16kB (UMEH) 123*32kB (UME) 98*64kB (UME) 138*128kB (UM) 101*256kB (UME) 43*512kB (UM) 30*1024kB (UM) 3*2048kB (UM) 1*4096kB (M) = 152064kB
[  802.545526][T17256] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  802.549661][T17256] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  802.553328][T17256] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  802.557675][T17256] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  802.561582][T17256] 32408 total pagecache pages
[  802.564996][T17256] 1328 pages in swap cache
[  802.567010][T17256] Free swap  = 98120kB
[  802.568805][T17256] Total swap = 124996kB
[  802.570652][T17256] 524155 pages RAM
[  802.572310][T17256] 0 pages HighMem/MovableOnly
[  802.574603][T17256] 209061 pages reserved
[  802.576430][T17256] 0 pages cma reserved
[  802.643640][ T1140] net_ratelimit: 32 callbacks suppressed
[  802.643655][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  802.736901][T17265] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  802.753688][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  802.863783][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  802.974235][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  803.123712][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  803.234352][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  803.354486][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  803.464485][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  803.584354][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  803.695672][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  805.381313][T17288] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  806.969058][T17318] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  807.048036][T17320] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3081'.
[  807.653940][   T12] net_ratelimit: 27 callbacks suppressed
[  807.653959][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  807.764481][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  807.884370][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  808.009457][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  808.143659][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  808.221429][   T40] audit: type=1804 audit(2000000391.059:781): pid=17325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.3082" name="/newroot/23/bus/bus" dev="overlay" ino=175 res=1 errno=0
[  808.411851][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  808.512013][   T40] audit: type=1804 audit(2000000391.059:782): pid=17325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.3082" name="/newroot/23/bus/bus" dev="overlay" ino=175 res=1 errno=0
[  808.520702][   T40] audit: type=1800 audit(2000000391.059:783): pid=17325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3082" name="bus" dev="overlay" ino=175 res=0 errno=0
[  808.526821][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  808.659053][ T5941] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  808.662589][ T5941] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  808.667257][ T5941] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  808.670081][ T5941] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  808.673303][ T5941] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  808.849769][ T8719] syz_tun (unregistering): left allmulticast mode
[  808.965446][T17337] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3086'.
[  808.968831][T17333] lo speed is unknown, defaulting to 1000
[  809.009972][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  809.205875][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  809.325191][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  809.446208][T17333] chnl_net:caif_netlink_parms(): no params data found
[  809.488690][T17333] bridge0: port 1(bridge_slave_0) entered blocking state
[  809.491051][T17333] bridge0: port 1(bridge_slave_0) entered disabled state
[  809.493361][T17333] bridge_slave_0: entered allmulticast mode
[  809.497222][T17333] bridge_slave_0: entered promiscuous mode
[  809.500291][T17333] bridge0: port 2(bridge_slave_1) entered blocking state
[  809.502585][T17333] bridge0: port 2(bridge_slave_1) entered disabled state
[  809.504950][T17333] bridge_slave_1: entered allmulticast mode
[  809.507659][T17333] bridge_slave_1: entered promiscuous mode
[  809.522758][T17333] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  809.527353][T17333] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  809.541840][T17333] team0: Port device team_slave_0 added
[  809.545035][T17333] team0: Port device team_slave_1 added
[  809.557826][T17333] batman_adv: batadv0: Adding interface: batadv_slave_0
[  809.560035][T17333] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  809.568058][T17333] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  809.572328][T17333] batman_adv: batadv0: Adding interface: batadv_slave_1
[  809.574935][T17333] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  809.582912][T17333] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  809.609936][T17333] hsr_slave_0: entered promiscuous mode
[  809.612247][T17333] hsr_slave_1: entered promiscuous mode
[  809.614495][T17333] debugfs: 'hsr0' already exists in 'hsr'
[  809.616339][T17333] Cannot create hsr debugfs directory
[  809.894570][T17333] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  809.981909][T17333] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  810.070681][T17333] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  810.147853][T17333] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  810.157337][T17359] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  810.282427][T17333] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  810.288980][T17333] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  810.293473][T17333] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  810.312210][T17333] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  810.362270][T17333] 8021q: adding VLAN 0 to HW filter on device bond0
[  810.374561][T17333] 8021q: adding VLAN 0 to HW filter on device team0
[  810.380108][ T1239] bridge0: port 1(bridge_slave_0) entered blocking state
[  810.382524][ T1239] bridge0: port 1(bridge_slave_0) entered forwarding state
[  810.389980][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state
[  810.392294][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  810.533825][T17333] 8021q: adding VLAN 0 to HW filter on device batadv0
[  810.729173][T17333] veth0_vlan: entered promiscuous mode
[  810.734540][T17333] veth1_vlan: entered promiscuous mode
[  810.754711][T17333] veth0_macvtap: entered promiscuous mode
[  810.762660][T17333] veth1_macvtap: entered promiscuous mode
[  810.773290][ T5941] Bluetooth: hci0: command tx timeout
[  810.791205][T17333] batman_adv: batadv0: Interface activated: batadv_slave_0
[  810.802038][T17333] batman_adv: batadv0: Interface activated: batadv_slave_1
[  810.958156][   T74] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  810.961107][   T74] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  810.971758][   T74] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  810.978873][   T74] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  811.010908][   T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  811.013363][   T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  811.034711][   T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  811.037284][   T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  811.079686][   T40] audit: type=1804 audit(2000000393.919:784): pid=17381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.3094" name="/newroot/413/bus/bus" dev="overlay" ino=2393 res=1 errno=0
[  811.095355][   T40] audit: type=1804 audit(2000000393.929:785): pid=17381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.3094" name="/newroot/413/bus/bus" dev="overlay" ino=2393 res=1 errno=0
[  811.103624][   T40] audit: type=1800 audit(2000000393.929:786): pid=17381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3094" name="bus" dev="overlay" ino=2393 res=0 errno=0
[  811.838989][   T40] audit: type=1804 audit(2000000394.679:787): pid=17401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3098" name="/newroot/166/bus/bus" dev="overlay" ino=989 res=1 errno=0
[  812.081943][   T40] audit: type=1804 audit(2000000394.679:788): pid=17401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.3098" name="/newroot/166/bus/bus" dev="overlay" ino=989 res=1 errno=0
[  812.089173][   T40] audit: type=1800 audit(2000000394.679:789): pid=17401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3098" name="bus" dev="overlay" ino=989 res=0 errno=0
[  812.764176][ T1139] net_ratelimit: 24 callbacks suppressed
[  812.764189][ T1139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  812.823795][ T5941] Bluetooth: hci0: command tx timeout
[  812.874206][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  812.915486][   T40] audit: type=1804 audit(2000000395.759:790): pid=17415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.3103" name="/newroot/415/bus/bus" dev="overlay" ino=2412 res=1 errno=0
[  812.984778][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  813.094012][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  813.210301][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  813.313711][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  813.316364][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  813.318894][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  813.437829][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  813.470324][T17419] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  813.554341][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  813.666925][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  813.689117][T17424] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3106'.
[  813.701121][T17428] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3109'.
[  813.796072][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  814.913591][ T5941] Bluetooth: hci0: command tx timeout
[  815.057586][   T40] kauditd_printk_skb: 2 callbacks suppressed
[  815.057598][   T40] audit: type=1804 audit(2000000397.899:793): pid=17448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.3113" name="/newroot/29/bus/bus" dev="overlay" ino=216 res=1 errno=0
[  815.076830][   T40] audit: type=1804 audit(2000000397.909:794): pid=17448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.3113" name="/newroot/29/bus/bus" dev="overlay" ino=216 res=1 errno=0
[  815.088585][   T40] audit: type=1800 audit(2000000397.909:795): pid=17448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3113" name="bus" dev="overlay" ino=216 res=0 errno=0
[  815.900729][   T40] audit: type=1804 audit(2000000398.739:796): pid=17462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3118" name="/newroot/173/bus/bus" dev="overlay" ino=1034 res=1 errno=0
[  815.984463][   T40] audit: type=1804 audit(2000000398.829:797): pid=17462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.3118" name="/newroot/173/bus/bus" dev="overlay" ino=1034 res=1 errno=0
[  816.017875][T17467] overlayfs: failed to resolve './file0': -2
[  816.123573][   T40] audit: type=1800 audit(2000000398.829:798): pid=17462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3118" name="bus" dev="overlay" ino=1034 res=0 errno=0
[  816.129830][   T40] audit: type=1804 audit(2000000398.909:799): pid=17466 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.3120" name="/newroot/419/bus/bus" dev="overlay" ino=2441 res=1 errno=0
[  816.143864][   T40] audit: type=1804 audit(2000000398.939:800): pid=17466 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.3120" name="/newroot/419/bus/bus" dev="overlay" ino=2441 res=1 errno=0
[  816.180009][   T40] audit: type=1800 audit(2000000398.939:801): pid=17466 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3120" name="bus" dev="overlay" ino=2441 res=0 errno=0
[  816.413644][   T40] audit: type=1804 audit(2000000398.989:802): pid=17463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.3119" name="/newroot/7/file1/bus" dev="tmpfs" ino=59 res=1 errno=0
[  816.636364][T17476] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  816.983574][ T5941] Bluetooth: hci0: command tx timeout
[  817.811620][T17486] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  818.070385][   T12] net_ratelimit: 28 callbacks suppressed
[  818.070405][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  818.253676][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  818.363868][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  818.474205][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  818.583673][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  818.693630][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  818.803711][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  818.923942][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  819.033667][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  819.163679][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  820.315840][T17508] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  820.798106][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  820.798125][   T40] audit: type=1804 audit(2000000403.599:806): pid=17513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.3133" name="/newroot/11/bus/bus" dev="overlay" ino=90 res=1 errno=0
[  820.829884][   T40] audit: type=1804 audit(2000000403.599:807): pid=17513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.3133" name="/newroot/11/bus/bus" dev="overlay" ino=90 res=1 errno=0
[  820.841469][   T40] audit: type=1800 audit(2000000403.599:808): pid=17513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3133" name="bus" dev="overlay" ino=90 res=0 errno=0
[  821.189622][T17521] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  823.103998][T17544] FAULT_INJECTION: forcing a failure.
[  823.103998][T17544] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  823.123637][T17544] CPU: 1 UID: 0 PID: 17544 Comm: syz.4.3144 Not tainted syzkaller #0 PREEMPT(full) 
[  823.123654][T17544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  823.123661][T17544] Call Trace:
[  823.123666][T17544]  <TASK>
[  823.123671][T17544]  dump_stack_lvl+0x16c/0x1f0
[  823.123701][T17544]  should_fail_ex+0x512/0x640
[  823.123718][T17544]  _copy_from_user+0x2e/0xd0
[  823.123732][T17544]  kstrtouint_from_user+0xd6/0x1d0
[  823.123748][T17544]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  823.123765][T17544]  ? __lock_acquire+0x436/0x2890
[  823.123782][T17544]  proc_fail_nth_write+0x83/0x220
[  823.123794][T17544]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  823.123809][T17544]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  823.123819][T17544]  vfs_write+0x2a0/0x11d0
[  823.123837][T17544]  ? __pfx___mutex_lock+0x10/0x10
[  823.123850][T17544]  ? __pfx_vfs_write+0x10/0x10
[  823.123865][T17544]  ? find_held_lock+0x2b/0x80
[  823.123884][T17544]  ? __fget_files+0x20e/0x3c0
[  823.123904][T17544]  ksys_write+0x12a/0x250
[  823.123920][T17544]  ? __pfx_ksys_write+0x10/0x10
[  823.123937][T17544]  ? do_user_addr_fault+0x843/0x1370
[  823.123954][T17544]  __do_fast_syscall_32+0xe8/0x680
[  823.123967][T17544]  do_fast_syscall_32+0x32/0x80
[  823.123978][T17544]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  823.123993][T17544] RIP: 0023:0xf7f91579
[  823.124002][T17544] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  823.124013][T17544] RSP: 002b:00000000f5486590 EFLAGS: 00000293 ORIG_RAX: 0000000000000004
[  823.124025][T17544] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5486620
[  823.124032][T17544] RDX: 0000000000000001 RSI: 00000000f7426ff4 RDI: 0000000000000000
[  823.124038][T17544] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  823.124045][T17544] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  823.124052][T17544] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  823.124066][T17544]  </TASK>
[  823.125776][ T4139] net_ratelimit: 22 callbacks suppressed
[  823.125792][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  823.701002][   T40] audit: type=1804 audit(2000000406.539:809): pid=17553 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.3146" name="/newroot/38/bus/bus" dev="overlay" ino=274 res=1 errno=0
[  823.723585][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  823.724730][   T40] audit: type=1804 audit(2000000406.569:810): pid=17553 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.3146" name="/newroot/38/bus/bus" dev="overlay" ino=274 res=1 errno=0
[  823.754127][   T40] audit: type=1800 audit(2000000406.569:811): pid=17553 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3146" name="bus" dev="overlay" ino=274 res=0 errno=0
[  823.833603][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  823.943632][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  824.053811][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  824.163733][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  824.285062][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  824.393440][T17569] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  824.394122][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  824.506326][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  824.623676][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  825.973457][T17596] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  825.975584][T17596] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  825.983923][T17596] vhci_hcd vhci_hcd.0: Device attached
[  826.143888][   T60] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[  826.204831][T17601] rdma_rxe: rxe_newlink: failed to add wg2
[  826.304078][   T60] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  826.304209][   T60] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  826.304300][   T60] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  826.340719][   T60] usb 10-1: config 0 descriptor??
[  826.493660][   T24] usb 42-1: SetAddress Request (18) to port 0
[  826.937561][   T60] usbhid 10-1:0.0: can't add hid device: -71
[  826.937861][   T60] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  826.944087][   T60] usb 10-1: USB disconnect, device number 20
[  826.970148][   T24] usb 42-1: new SuperSpeed USB device number 18 using vhci_hcd
[  827.083980][   T40] audit: type=1804 audit(2000000409.929:812): pid=17607 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.3160" name="/newroot/40/bus/bus" dev="overlay" ino=293 res=1 errno=0
[  827.094862][   T40] audit: type=1804 audit(2000000409.929:813): pid=17607 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.3160" name="/newroot/40/bus/bus" dev="overlay" ino=293 res=1 errno=0
[  827.095013][   T40] audit: type=1800 audit(2000000409.929:814): pid=17607 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3160" name="bus" dev="overlay" ino=293 res=0 errno=0
[  827.113565][T17597] vhci_hcd: connection reset by peer
[  827.127494][ T1144] vhci_hcd vhci_hcd.2: stop threads
[  827.127519][ T1144] vhci_hcd vhci_hcd.2: release socket
[  827.127583][ T1144] vhci_hcd vhci_hcd.2: disconnect device
[  827.400735][T17611] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  827.483611][   T60] usb 10-1: new high-speed USB device number 21 using dummy_hcd
[  827.633589][   T60] usb 10-1: Using ep0 maxpacket: 32
[  827.637386][   T60] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  827.641166][   T60] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  827.644925][   T60] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  827.658401][   T60] usb 10-1: config 0 descriptor??
[  827.664675][   T60] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  827.671885][   T60] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  828.067792][   T60] usb 10-1: USB disconnect, device number 21
[  828.075598][   T60] ldusb 10-1:0.0: LD USB Device #0 now disconnected
[  828.173653][ T4139] net_ratelimit: 26 callbacks suppressed
[  828.173666][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  828.283649][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  828.393605][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  828.503618][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  828.613667][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  828.723653][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  828.770372][   T40] audit: type=1804 audit(2000000411.609:815): pid=17622 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.3165" name="/newroot/16/bus/bus" dev="overlay" ino=125 res=1 errno=0
[  828.788968][   T40] audit: type=1804 audit(2000000411.629:816): pid=17622 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.3165" name="/newroot/16/bus/bus" dev="overlay" ino=125 res=1 errno=0
[  828.795941][   T40] audit: type=1800 audit(2000000411.639:817): pid=17622 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3165" name="bus" dev="overlay" ino=125 res=0 errno=0
[  828.848356][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  828.958701][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  829.067334][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  829.183625][ T7870] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  830.585580][T17655] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  832.030529][   T24] usb 42-1: device descriptor read/8, error -110
[  832.045904][T17676] FAULT_INJECTION: forcing a failure.
[  832.045904][T17676] name failslab, interval 1, probability 0, space 0, times 0
[  832.050925][T17676] CPU: 0 UID: 0 PID: 17676 Comm: syz.4.3184 Not tainted syzkaller #0 PREEMPT(full) 
[  832.050941][T17676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  832.050948][T17676] Call Trace:
[  832.050953][T17676]  <TASK>
[  832.050959][T17676]  dump_stack_lvl+0x16c/0x1f0
[  832.050982][T17676]  should_fail_ex+0x512/0x640
[  832.050998][T17676]  should_failslab+0xc2/0x120
[  832.051016][T17676]  __kmalloc_cache_noprof+0x80/0x800
[  832.051030][T17676]  ? sctp_add_bind_addr+0xae/0x3f0
[  832.051049][T17676]  ? sctp_add_bind_addr+0xae/0x3f0
[  832.051065][T17676]  sctp_add_bind_addr+0xae/0x3f0
[  832.051082][T17676]  sctp_copy_local_addr_list+0x349/0x550
[  832.051103][T17676]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  832.051123][T17676]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  832.051142][T17676]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  832.051161][T17676]  sctp_bind_addr_copy+0xe0/0x530
[  832.051181][T17676]  sctp_connect_new_asoc+0x1c9/0x770
[  832.051196][T17676]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  832.051213][T17676]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  832.051231][T17676]  sctp_sendmsg+0x157c/0x1e20
[  832.051248][T17676]  ? __pfx_sctp_sendmsg+0x10/0x10
[  832.051264][T17676]  ? __pfx___might_resched+0x10/0x10
[  832.051284][T17676]  ? aa_sk_perm+0x2f2/0xae0
[  832.051300][T17676]  ? __pfx_aa_sk_perm+0x10/0x10
[  832.051312][T17676]  ? __might_fault+0xe3/0x190
[  832.051329][T17676]  ? __pfx_sctp_sendmsg+0x10/0x10
[  832.051343][T17676]  inet_sendmsg+0x11c/0x140
[  832.051359][T17676]  __sys_sendto+0x43c/0x520
[  832.051374][T17676]  ? __pfx___sys_sendto+0x10/0x10
[  832.051400][T17676]  ? ksys_write+0x1ac/0x250
[  832.051416][T17676]  ? __pfx_ksys_write+0x10/0x10
[  832.051434][T17676]  __ia32_sys_sendto+0xdd/0x1b0
[  832.051448][T17676]  ? __do_fast_syscall_32+0x9a/0x680
[  832.051460][T17676]  ? lockdep_hardirqs_on+0x7c/0x110
[  832.051478][T17676]  __do_fast_syscall_32+0xe8/0x680
[  832.051490][T17676]  do_fast_syscall_32+0x32/0x80
[  832.051501][T17676]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  832.051516][T17676] RIP: 0023:0xf7f91579
[  832.051526][T17676] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  832.051537][T17676] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000171
[  832.051549][T17676] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[  832.051556][T17676] RDX: 0000000000000001 RSI: 000000000400c0d4 RDI: 0000000080000140
[  832.051563][T17676] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[  832.051569][T17676] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  832.051576][T17676] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  832.051590][T17676]  </TASK>
[  832.196606][T17685] FAULT_INJECTION: forcing a failure.
[  832.196606][T17685] name failslab, interval 1, probability 0, space 0, times 0
[  832.200413][T17686] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3187'.
[  832.201729][T17685] CPU: 0 UID: 0 PID: 17685 Comm: syz.4.3188 Not tainted syzkaller #0 PREEMPT(full) 
[  832.201744][T17685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  832.201751][T17685] Call Trace:
[  832.201756][T17685]  <TASK>
[  832.201761][T17685]  dump_stack_lvl+0x16c/0x1f0
[  832.201782][T17685]  should_fail_ex+0x512/0x640
[  832.201796][T17685]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  832.201812][T17685]  should_failslab+0xc2/0x120
[  832.201830][T17685]  kmem_cache_alloc_node_noprof+0x86/0x800
[  832.201849][T17685]  ? alloc_vmap_area+0x66f/0x2a50
[  832.201872][T17685]  ? __pfx___might_resched+0x10/0x10
[  832.201901][T17685]  ? alloc_vmap_area+0x66f/0x2a50
[  832.201923][T17685]  alloc_vmap_area+0x66f/0x2a50
[  832.201957][T17685]  ? __pfx_alloc_vmap_area+0x10/0x10
[  832.201988][T17685]  __get_vm_area_node+0x1ca/0x330
[  832.202019][T17685]  __vmalloc_node_range_noprof+0x247/0x16b0
[  832.202037][T17685]  ? bpf_prog_calc_tag+0x67/0x350
[  832.202058][T17685]  ? stack_depot_save_flags+0x29/0x9b0
[  832.202076][T17685]  ? kasan_save_track+0x14/0x30
[  832.202098][T17685]  ? __kasan_kmalloc+0xaa/0xb0
[  832.202119][T17685]  ? krealloc_node_align_noprof+0x2ea/0x3d0
[  832.202145][T17685]  ? kasan_save_stack+0x42/0x60
[  832.202167][T17685]  ? bpf_prog_calc_tag+0x67/0x350
[  832.202188][T17685]  ? __sys_bpf+0x3e72/0x4980
[  832.202202][T17685]  ? __ia32_sys_bpf+0x76/0xe0
[  832.202217][T17685]  ? __do_fast_syscall_32+0xe8/0x680
[  832.202237][T17685]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  832.202265][T17685]  ? bpf_prog_calc_tag+0x67/0x350
[  832.202285][T17685]  __vmalloc_node_noprof+0xad/0xf0
[  832.202302][T17685]  ? bpf_prog_calc_tag+0x67/0x350
[  832.202325][T17685]  bpf_prog_calc_tag+0x67/0x350
[  832.202346][T17685]  ? sort+0x97/0xd0
[  832.202366][T17685]  resolve_pseudo_ldimm64+0xd3/0x1a90
[  832.202389][T17685]  ? __pfx_resolve_pseudo_ldimm64+0x10/0x10
[  832.202408][T17685]  ? check_subprogs+0x514/0x820
[  832.202433][T17685]  bpf_check+0x711e/0xc820
[  832.202470][T17685]  ? __pfx_bpf_check+0x10/0x10
[  832.202500][T17685]  ? rcu_is_watching+0x12/0xc0
[  832.202523][T17685]  ? ktime_get_with_offset+0x26e/0x3b0
[  832.202542][T17685]  ? __asan_memset+0x23/0x50
[  832.202560][T17685]  ? lsm_blob_alloc+0x2b/0x90
[  832.202602][T17685]  ? bpf_lsm_bpf_prog_load+0x9/0x10
[  832.202631][T17685]  bpf_prog_load+0x114e/0x2cc0
[  832.202656][T17685]  ? _parse_integer_limit+0x17f/0x1d0
[  832.202701][T17685]  ? __pfx_bpf_prog_load+0x10/0x10
[  832.202726][T17685]  ? __lock_acquire+0x436/0x2890
[  832.202773][T17685]  __sys_bpf+0x3e72/0x4980
[  832.202792][T17685]  ? __pfx___sys_bpf+0x10/0x10
[  832.202808][T17685]  ? find_held_lock+0x2b/0x80
[  832.202834][T17685]  ? find_held_lock+0x2b/0x80
[  832.202867][T17685]  ? __mutex_unlock_slowpath+0x161/0x790
[  832.202901][T17685]  ? fput+0x70/0xf0
[  832.202917][T17685]  ? ksys_write+0x1ac/0x250
[  832.202940][T17685]  ? __pfx_ksys_write+0x10/0x10
[  832.202968][T17685]  __ia32_sys_bpf+0x76/0xe0
[  832.202984][T17685]  ? lockdep_hardirqs_on+0x7c/0x110
[  832.203010][T17685]  __do_fast_syscall_32+0xe8/0x680
[  832.203028][T17685]  do_fast_syscall_32+0x32/0x80
[  832.203044][T17685]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  832.203066][T17685] RIP: 0023:0xf7f91579
[  832.203080][T17685] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  832.203095][T17685] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  832.203113][T17685] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800000c0
[  832.203124][T17685] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  832.203134][T17685] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  832.203143][T17685] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  832.203153][T17685] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  832.203176][T17685]  </TASK>
[  832.203270][T17685] syz.4.3188: vmalloc error: size 152, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  832.357472][T17685] CPU: 0 UID: 0 PID: 17685 Comm: syz.4.3188 Not tainted syzkaller #0 PREEMPT(full) 
[  832.357487][T17685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  832.357507][T17685] Call Trace:
[  832.357511][T17685]  <TASK>
[  832.357516][T17685]  dump_stack_lvl+0x16c/0x1f0
[  832.357538][T17685]  warn_alloc+0x248/0x3a0
[  832.357553][T17685]  ? __pfx_warn_alloc+0x10/0x10
[  832.357567][T17685]  ? kfree+0x2f8/0x6e0
[  832.357579][T17685]  ? __get_vm_area_node+0x2cd/0x330
[  832.357601][T17685]  ? __get_vm_area_node+0x2cd/0x330
[  832.357617][T17685]  ? __get_vm_area_node+0x1dc/0x330
[  832.357634][T17685]  ? __get_vm_area_node+0x208/0x330
[  832.357654][T17685]  __vmalloc_node_range_noprof+0xbe0/0x16b0
[  832.357666][T17685]  ? kasan_save_track+0x14/0x30
[  832.357681][T17685]  ? __kasan_kmalloc+0xaa/0xb0
[  832.357695][T17685]  ? krealloc_node_align_noprof+0x2ea/0x3d0
[  832.357713][T17685]  ? kasan_save_stack+0x42/0x60
[  832.357728][T17685]  ? bpf_prog_calc_tag+0x67/0x350
[  832.357743][T17685]  ? __sys_bpf+0x3e72/0x4980
[  832.357752][T17685]  ? __ia32_sys_bpf+0x76/0xe0
[  832.357762][T17685]  ? __do_fast_syscall_32+0xe8/0x680
[  832.357775][T17685]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  832.357793][T17685]  ? bpf_prog_calc_tag+0x67/0x350
[  832.357807][T17685]  __vmalloc_node_noprof+0xad/0xf0
[  832.357818][T17685]  ? bpf_prog_calc_tag+0x67/0x350
[  832.357835][T17685]  bpf_prog_calc_tag+0x67/0x350
[  832.357861][T17685]  ? sort+0x97/0xd0
[  832.357880][T17685]  resolve_pseudo_ldimm64+0xd3/0x1a90
[  832.357901][T17685]  ? __pfx_resolve_pseudo_ldimm64+0x10/0x10
[  832.357917][T17685]  ? check_subprogs+0x514/0x820
[  832.357934][T17685]  bpf_check+0x711e/0xc820
[  832.357958][T17685]  ? __pfx_bpf_check+0x10/0x10
[  832.357978][T17685]  ? rcu_is_watching+0x12/0xc0
[  832.357994][T17685]  ? ktime_get_with_offset+0x26e/0x3b0
[  832.358006][T17685]  ? __asan_memset+0x23/0x50
[  832.358019][T17685]  ? lsm_blob_alloc+0x2b/0x90
[  832.358036][T17685]  ? bpf_lsm_bpf_prog_load+0x9/0x10
[  832.358054][T17685]  bpf_prog_load+0x114e/0x2cc0
[  832.358071][T17685]  ? _parse_integer_limit+0x17f/0x1d0
[  832.358090][T17685]  ? __pfx_bpf_prog_load+0x10/0x10
[  832.358107][T17685]  ? __lock_acquire+0x436/0x2890
[  832.358132][T17685]  __sys_bpf+0x3e72/0x4980
[  832.358145][T17685]  ? __pfx___sys_bpf+0x10/0x10
[  832.358155][T17685]  ? find_held_lock+0x2b/0x80
[  832.358172][T17685]  ? find_held_lock+0x2b/0x80
[  832.358190][T17685]  ? __mutex_unlock_slowpath+0x161/0x790
[  832.358210][T17685]  ? fput+0x70/0xf0
[  832.358221][T17685]  ? ksys_write+0x1ac/0x250
[  832.358237][T17685]  ? __pfx_ksys_write+0x10/0x10
[  832.358255][T17685]  __ia32_sys_bpf+0x76/0xe0
[  832.358266][T17685]  ? lockdep_hardirqs_on+0x7c/0x110
[  832.358284][T17685]  __do_fast_syscall_32+0xe8/0x680
[  832.358296][T17685]  do_fast_syscall_32+0x32/0x80
[  832.358307][T17685]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  832.358322][T17685] RIP: 0023:0xf7f91579
[  832.358332][T17685] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  832.358343][T17685] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  832.358354][T17685] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800000c0
[  832.358361][T17685] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000
[  832.358368][T17685] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  832.358374][T17685] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  832.358381][T17685] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  832.358395][T17685]  </TASK>
[  832.358411][T17685] Mem-Info:
[  832.424116][   T24] usb usb42-port1: attempt power cycle
[  832.459465][T17685] active_anon:3549 inactive_anon:1165 isolated_anon:0
[  832.459465][T17685]  active_file:3974 inactive_file:9636 isolated_file:0
[  832.459465][T17685]  unevictable:1768 dirty:233 writeback:0
[  832.459465][T17685]  slab_reclaimable:6243 slab_unreclaimable:73120
[  832.459465][T17685]  mapped:23829 shmem:3119 pagetables:1478
[  832.459465][T17685]  sec_pagetables:339 bounce:0
[  832.459465][T17685]  kernel_misc_reclaimable:0
[  832.459465][T17685]  free:63178 free_pcp:4368 free_cma:0
[  832.526459][ T5941] Bluetooth: hci4: SCO packet for unknown connection handle 200
[  832.583609][T17685] Node 0 active_anon:4572kB inactive_anon:8kB active_file:732kB inactive_file:16kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:7576kB dirty:0kB writeback:0kB shmem:3504kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9804kB pagetables:1980kB sec_pagetables:1152kB all_unreclaimable? yes Balloon:0kB
[  832.597728][T17685] Node 1 active_anon:16924kB inactive_anon:4652kB active_file:15164kB inactive_file:38528kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:87756kB dirty:936kB writeback:0kB shmem:8968kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB kernel_stack:4832kB pagetables:3764kB sec_pagetables:204kB all_unreclaimable? no Balloon:0kB
[  832.609154][T17685] Node 0 DMA free:2104kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:20kB inactive_anon:0kB active_file:304kB inactive_file:4kB unevictable:0kB writepending:0kB zspages:40kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB
[  832.619687][T17685] lowmem_reserve[]: 0 289 289 289 289
[  832.622174][T17685] Node 0 DMA32 free:15980kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:2048KB free_highatomic:1152KB active_anon:4552kB inactive_anon:8kB active_file:428kB inactive_file:12kB unevictable:3536kB writepending:0kB zspages:1048kB present:1032196kB managed:296804kB mlocked:0kB bounce:0kB free_pcp:2460kB local_pcp:152kB free_cma:0kB
[  832.637296][T17685] lowmem_reserve[]: 0 0 0 0 0
[  832.639597][T17685] Node 1 DMA32 free:233828kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB free_highatomic:432KB active_anon:16924kB inactive_anon:4652kB active_file:15164kB inactive_file:38528kB unevictable:3536kB writepending:936kB zspages:5020kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:9696kB local_pcp:4356kB free_cma:0kB
[  832.655769][T17685] lowmem_reserve[]: 0 0 0 0 0
[  832.658079][T17685] Node 0 DMA: 22*4kB (U) 16*8kB (UM) 10*16kB (UM) 4*32kB (UM) 5*64kB (UM) 2*128kB (M) 0*256kB 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2104kB
[  832.664680][T17685] Node 0 DMA32: 9*4kB (MEH) 26*8kB (MEH) 6*16kB (MEH) 220*32kB (UMEH) 59*64kB (UMEH) 27*128kB (UMEH) 3*256kB (MH) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 15892kB
[  832.671542][T17685] Node 1 DMA32: 1135*4kB (UMEH) 2607*8kB (UMEH) 2045*16kB (UMEH) 484*32kB (UME) 183*64kB (UME) 245*128kB (UME) 129*256kB (UME) 81*512kB (UM) 37*1024kB (UM) 0*2048kB 1*4096kB (M) = 233156kB
[  832.679951][T17685] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  832.684600][T17685] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  832.688922][T17685] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  832.693203][T17685] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  832.723613][T17685] 16634 total pagecache pages
[  832.725770][T17685] 1083 pages in swap cache
[  832.727450][T17685] Free swap  = 97204kB
[  832.728895][T17685] Total swap = 124996kB
[  832.730352][T17685] 524155 pages RAM
[  832.731738][T17685] 0 pages HighMem/MovableOnly
[  832.733413][T17685] 209061 pages reserved
[  832.753580][T17685] 0 pages cma reserved
[  832.817563][T17699] wireguard0: entered promiscuous mode
[  832.819556][T17699] wireguard0: entered allmulticast mode
[  832.915976][T17708] syzkaller0: entered promiscuous mode
[  832.917727][T17708] syzkaller0: entered allmulticast mode
[  833.025125][   T24] usb usb42-port1: unable to enumerate USB device
[  833.051514][T17710] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3195'.
[  833.055118][T17710] Unknown options in mask b7f2
[  833.147025][T17718] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3197'.
[  833.150043][T17713] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3197'.
[  833.204257][T17725] overlayfs: missing 'lowerdir'
[  833.272760][ T1239] net_ratelimit: 32 callbacks suppressed
[  833.272775][ T1239] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  833.331863][T17733] netlink: 'syz.5.3204': attribute type 1 has an invalid length.
[  833.334812][T17733] netlink: 228 bytes leftover after parsing attributes in process `syz.5.3204'.
[  833.337852][T17733] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3204'.
[  833.383705][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  833.423627][   T24] usb 11-1: new high-speed USB device number 19 using dummy_hcd
[  833.504011][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  833.547342][T17735] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(7)
[  833.549430][T17735] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  833.552197][T17735] vhci_hcd vhci_hcd.0: Device attached
[  833.557029][T17735] random: crng reseeded on system resumption
[  833.584844][   T24] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  833.588349][   T24] usb 11-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  833.591105][   T24] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  833.599098][   T24] usb 11-1: config 0 descriptor??
[  833.613589][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  833.723659][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  833.818312][T16882] usb 48-1: SetAddress Request (6) to port 0
[  833.820280][T16882] usb 48-1: new SuperSpeed USB device number 6 using vhci_hcd
[  833.832378][   T24] usbhid 11-1:0.0: can't add hid device: -71
[  833.834305][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  833.836528][   T24] usbhid 11-1:0.0: probe with driver usbhid failed with error -71
[  833.842123][   T24] usb 11-1: USB disconnect, device number 19
[  833.943667][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  834.053632][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  834.163586][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  834.196634][T17736] vhci_hcd: connection reset by peer
[  834.223790][   T12] vhci_hcd vhci_hcd.5: stop threads
[  834.225582][   T12] vhci_hcd vhci_hcd.5: release socket
[  834.229798][   T12] vhci_hcd vhci_hcd.5: disconnect device
[  834.258440][T17743] Bluetooth: MGMT ver 1.23
[  834.263716][   T60] usb 11-1: new high-speed USB device number 20 using dummy_hcd
[  834.264212][T11484] libceph: connect (1)[c::]:6789 error -113
[  834.269207][T11484] libceph: mon0 (1)[c::]:6789 connect error
[  834.283666][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  834.423959][   T60] usb 11-1: Using ep0 maxpacket: 32
[  834.427034][   T60] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  834.430813][   T60] usb 11-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  834.431293][T17743] ceph: No mds server is up or the cluster is laggy
[  834.434965][   T60] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  834.440826][   T60] usb 11-1: config 0 descriptor??
[  834.456941][   T60] ldusb 11-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  834.464341][   T60] ldusb 11-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  834.516676][T17748] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3206'.
[  835.235532][T17757] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3209'.
[  835.239089][T17754] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3209'.
[  835.419968][T17766] overlayfs: missing 'lowerdir'
[  835.759612][T17776] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  836.282070][   T24] usb 11-1: USB disconnect, device number 20
[  836.340904][   T24] ldusb 11-1:0.0: LD USB Device #0 now disconnected
[  837.001752][T17790] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3218'.
[  837.145967][T17792] bridge0: port 2(bridge_slave_1) entered disabled state
[  837.148583][T17792] bridge0: port 1(bridge_slave_0) entered disabled state
[  837.212691][T17792] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  837.219163][T17792] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  837.977078][ T4242] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  837.983099][T17799] __nla_validate_parse: 1 callbacks suppressed
[  837.983110][T17799] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3221'.
[  837.989642][ T4772] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  838.150244][ T4772] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  838.169862][ T4772] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  838.190409][T17803] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3222'.
[  838.194446][T17803] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3222'.
[  838.381962][   T12] net_ratelimit: 26 callbacks suppressed
[  838.382134][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  838.493639][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  838.603605][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  838.723706][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  838.778512][T17822] 9p: Bad value for 'rfdno'
[  838.833735][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  838.904504][T16882] usb 48-1: device descriptor read/8, error -110
[  838.953938][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  839.063972][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  839.173606][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  839.283598][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  839.324651][T16882] usb usb48-port1: attempt power cycle
[  839.344989][   T40] audit: type=1804 audit(2000000422.189:818): pid=17830 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.3230" name="/newroot/65/bus/bus" dev="overlay" ino=440 res=1 errno=0
[  839.360622][   T40] audit: type=1804 audit(2000000422.199:819): pid=17830 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.3230" name="/newroot/65/bus/bus" dev="overlay" ino=440 res=1 errno=0
[  839.375115][   T40] audit: type=1800 audit(2000000422.209:820): pid=17830 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3230" name="bus" dev="overlay" ino=440 res=0 errno=0
[  839.413822][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  839.737081][T17838] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3233'.
[  839.908718][T16882] usb usb48-port1: unable to enumerate USB device
[  840.040100][T17842] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  840.047057][T17842] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  840.095094][  T224] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  840.100211][  T224] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  840.104734][  T224] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  840.110217][  T224] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  840.365097][T17866] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3242'.
[  841.171894][T17878] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3246'.
[  841.672587][   T40] audit: type=1326 audit(2000000424.509:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17892 comm="syz.6.3253" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf700d579 code=0x0
[  842.685802][T17911] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3260'.
[  842.905413][T17923] dlm: no local IP address has been set
[  842.907401][T17923] dlm: cannot start dlm midcomms -107
[  843.483072][  T224] net_ratelimit: 34 callbacks suppressed
[  843.483119][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  843.611409][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  843.723606][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  843.834050][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  843.916955][   T40] audit: type=1326 audit(2000000426.759:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17945 comm="syz.2.3269" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x0
[  843.946080][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  844.064213][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  844.173951][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  844.283754][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  844.289871][T17958] 9p: Bad value for 'rfdno'
[  844.324569][T17950] /dev/sr0: Can't open blockdev
[  844.393581][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  844.444693][T17957] /dev/sr0: Can't open blockdev
[  844.503786][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  844.696776][T17972] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  844.699136][T17972] IPv6: NLM_F_CREATE should be set when creating new route
[  846.206050][T18002] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3286'.
[  846.252993][T18004] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3287'.
[  847.802721][T18008] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  847.985160][T18033] fuse: Bad value for 'user_id'
[  847.986812][T18033] fuse: Bad value for 'user_id'
[  848.158707][T18041] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3304'.
[  848.236754][T18049] netlink: 'syz.6.3306': attribute type 10 has an invalid length.
[  848.241220][T18049] team0: Port device netdevsim0 added
[  848.249101][T18049] netlink: 'syz.6.3306': attribute type 10 has an invalid length.
[  848.351202][T18049] team0: Port device netdevsim0 removed
[  848.358825][T18049] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  848.470691][T18060] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  848.494257][   T12] net_ratelimit: 33 callbacks suppressed
[  848.494406][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  848.683701][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  848.793615][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  848.903706][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  849.016106][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  849.146716][ T7870] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  849.254361][ T7870] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  849.279574][T18066] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3310'.
[  849.385191][ T7870] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  849.526865][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  849.635537][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  849.743415][T18077] ubi: mtd0 is already attached to ubi31
[  850.547513][T18100] netlink: 'syz.2.3320': attribute type 1 has an invalid length.
[  850.550916][T18100] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3320'.
[  850.603706][T18101] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3320'.
[  851.134798][T18105] FAULT_INJECTION: forcing a failure.
[  851.134798][T18105] name failslab, interval 1, probability 0, space 0, times 0
[  851.138694][T18105] CPU: 0 UID: 0 PID: 18105 Comm: syz.6.3323 Not tainted syzkaller #0 PREEMPT(full) 
[  851.138710][T18105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  851.138718][T18105] Call Trace:
[  851.138722][T18105]  <TASK>
[  851.138727][T18105]  dump_stack_lvl+0x16c/0x1f0
[  851.138767][T18105]  should_fail_ex+0x512/0x640
[  851.138787][T18105]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  851.138804][T18105]  should_failslab+0xc2/0x120
[  851.138823][T18105]  kmem_cache_alloc_node_noprof+0x86/0x800
[  851.138837][T18105]  ? __alloc_skb+0x156/0x410
[  851.138853][T18105]  ? __alloc_skb+0x156/0x410
[  851.138865][T18105]  __alloc_skb+0x156/0x410
[  851.138877][T18105]  ? __alloc_skb+0x35d/0x410
[  851.138890][T18105]  ? __pfx___alloc_skb+0x10/0x10
[  851.138903][T18105]  ? genl_rcv_msg+0x4a0/0x800
[  851.138914][T18105]  ? genl_rcv_msg+0x4bb/0x800
[  851.138928][T18105]  netlink_ack+0x15d/0xb80
[  851.138950][T18105]  netlink_rcv_skb+0x332/0x420
[  851.138967][T18105]  ? __pfx_genl_rcv_msg+0x10/0x10
[  851.138979][T18105]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  851.139001][T18105]  ? netlink_deliver_tap+0x1ae/0xd30
[  851.139019][T18105]  genl_rcv+0x28/0x40
[  851.139029][T18105]  netlink_unicast+0x5aa/0x870
[  851.139048][T18105]  ? __pfx_netlink_unicast+0x10/0x10
[  851.139065][T18105]  ? __pfx___might_resched+0x10/0x10
[  851.139085][T18105]  netlink_sendmsg+0x8c8/0xdd0
[  851.139105][T18105]  ? __pfx_netlink_sendmsg+0x10/0x10
[  851.139123][T18105]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  851.139146][T18105]  ____sys_sendmsg+0xa5d/0xc30
[  851.139158][T18105]  ? __pfx_____sys_sendmsg+0x10/0x10
[  851.139169][T18105]  ? get_compat_msghdr+0x11a/0x170
[  851.139190][T18105]  ___sys_sendmsg+0x134/0x1d0
[  851.139206][T18105]  ? __pfx____sys_sendmsg+0x10/0x10
[  851.139227][T18105]  ? find_held_lock+0x2b/0x80
[  851.139250][T18105]  __sys_sendmsg+0x16d/0x220
[  851.139266][T18105]  ? __pfx___sys_sendmsg+0x10/0x10
[  851.139290][T18105]  __do_fast_syscall_32+0xe8/0x680
[  851.139303][T18105]  do_fast_syscall_32+0x32/0x80
[  851.139314][T18105]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  851.139328][T18105] RIP: 0023:0xf700d579
[  851.139338][T18105] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  851.139349][T18105] RSP: 002b:00000000f53fd55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  851.139360][T18105] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001540
[  851.139368][T18105] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  851.139374][T18105] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  851.139380][T18105] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  851.139387][T18105] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  851.139400][T18105]  </TASK>
[  851.237547][T18109] macvtap0: entered allmulticast mode
[  851.239585][T18109] veth0_macvtap: entered allmulticast mode
[  851.345906][T18124] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3331'.
[  852.813610][   T60] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  853.255248][   T60] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  853.259860][   T60] usb 9-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  853.263974][   T60] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  853.274100][   T60] usb 9-1: config 0 descriptor??
[  853.338644][T18161] 9pnet_fd: Insufficient options for proto=fd
[  853.487931][   T60] usbhid 9-1:0.0: can't add hid device: -71
[  853.493676][   T60] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  853.512342][   T60] usb 9-1: USB disconnect, device number 4
[  853.564490][ T4242] net_ratelimit: 32 callbacks suppressed
[  853.564508][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  853.673626][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  853.783989][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  853.894024][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  853.933623][ T6008] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  854.004143][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  854.083684][ T6008] usb 9-1: Using ep0 maxpacket: 32
[  854.088541][ T6008] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  854.092974][ T6008] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  854.097939][ T6008] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  854.105790][ T6008] usb 9-1: config 0 descriptor??
[  854.111248][ T6008] ldusb 9-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  854.117189][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  854.117336][ T6008] ldusb 9-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  854.237129][ T7870] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  854.241218][   T40] audit: type=1804 audit(2000000437.079:823): pid=18168 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3343" name="/newroot/216/bus/bus" dev="overlay" ino=1289 res=1 errno=0
[  854.254369][   T40] audit: type=1804 audit(2000000437.099:824): pid=18168 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.3343" name="/newroot/216/bus/bus" dev="overlay" ino=1289 res=1 errno=0
[  854.268977][   T40] audit: type=1800 audit(2000000437.099:825): pid=18168 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3343" name="bus" dev="overlay" ino=1289 res=0 errno=0
[  854.343763][ T7870] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  854.463936][ T1239] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  854.512449][T16241] usb 9-1: USB disconnect, device number 5
[  854.520498][T16241] ldusb 9-1:0.0: LD USB Device #0 now disconnected
[  854.573685][ T7870] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  854.805988][T18173] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3345'.
[  855.094878][T18181] 9p: Bad value for 'rfdno'
[  855.152882][T18189] netlink: 'syz.6.3351': attribute type 1 has an invalid length.
[  855.176543][T18189] 8021q: adding VLAN 0 to HW filter on device bond1
[  855.187986][T18189] bond1: (slave geneve2): making interface the new active one
[  855.191477][T18189] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  855.194697][  T224] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  855.197606][  T224] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  855.200372][  T224] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  855.203172][  T224] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  855.394040][   T40] audit: type=1804 audit(2000000438.229:826): pid=18204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3355" name="/newroot/219/bus/bus" dev="overlay" ino=1316 res=1 errno=0
[  855.403183][   T40] audit: type=1804 audit(2000000438.229:827): pid=18204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.3355" name="/newroot/219/bus/bus" dev="overlay" ino=1316 res=1 errno=0
[  855.420428][   T40] audit: type=1800 audit(2000000438.229:828): pid=18204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3355" name="bus" dev="overlay" ino=1316 res=0 errno=0
[  855.673592][T16241] usb 11-1: new high-speed USB device number 21 using dummy_hcd
[  855.844250][T16241] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  855.847769][T16241] usb 11-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  855.850646][T16241] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  855.859617][T16241] usb 11-1: config 0 descriptor??
[  856.068954][T16241] usbhid 11-1:0.0: can't add hid device: -71
[  856.071048][T16241] usbhid 11-1:0.0: probe with driver usbhid failed with error -71
[  856.080616][T16241] usb 11-1: USB disconnect, device number 21
[  856.523912][T16241] usb 11-1: new high-speed USB device number 22 using dummy_hcd
[  856.673558][T16241] usb 11-1: Using ep0 maxpacket: 32
[  856.676694][T16241] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  856.680244][T16241] usb 11-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  856.683171][T16241] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  856.687248][T16241] usb 11-1: config 0 descriptor??
[  856.694969][T16241] ldusb 11-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  856.700923][T16241] ldusb 11-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  856.889351][T18223] 8021q: adding VLAN 0 to HW filter on device bond0
[  856.892390][T18223] 8021q: adding VLAN 0 to HW filter on device team0
[  856.969184][T18223] ieee802154 phy1 wpan1: encryption failed: -22
[  857.101460][T16241] usb 11-1: USB disconnect, device number 22
[  857.111589][T16241] ldusb 11-1:0.0: LD USB Device #0 now disconnected
[  857.793251][   T40] audit: type=1804 audit(2000000440.629:829): pid=18240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.3366" name="/newroot/66/bus/bus" dev="overlay" ino=400 res=1 errno=0
[  857.800242][   T40] audit: type=1804 audit(2000000440.639:830): pid=18240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.3366" name="/newroot/66/bus/bus" dev="overlay" ino=400 res=1 errno=0
[  857.807239][   T40] audit: type=1800 audit(2000000440.639:831): pid=18240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3366" name="bus" dev="overlay" ino=400 res=0 errno=0
[  858.003592][ T6008] usb 11-1: new high-speed USB device number 23 using dummy_hcd
[  858.120240][T18244] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3369'.
[  858.163595][ T6008] usb 11-1: Using ep0 maxpacket: 8
[  858.166864][ T6008] usb 11-1: config index 0 descriptor too short (expected 301, got 45)
[  858.169640][ T6008] usb 11-1: config 16 has too many interfaces: 127, using maximum allowed: 32
[  858.172743][ T6008] usb 11-1: config 16 has 1 interface, different from the descriptor's value: 127
[  858.176743][ T6008] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  858.180331][ T6008] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  858.184112][ T6008] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  858.187358][ T6008] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  858.191557][ T6008] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  858.194812][ T6008] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  858.405917][ T6008] usb 11-1: usb_control_msg returned -32
[  858.407807][ T6008] usbtmc 11-1:16.0: can't read capabilities
[  858.545745][T18249] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3370'.
[  858.634412][T18254] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3371'.
[  858.637578][T18251] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3371'.
[  858.673691][   T12] net_ratelimit: 25 callbacks suppressed
[  858.673705][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  858.793678][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  858.808881][T18255] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3367'.
[  858.863884][T16241] usb 10-1: new high-speed USB device number 22 using dummy_hcd
[  858.904177][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  859.024430][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  859.054738][T16241] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  859.058319][T16241] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  859.062970][T16241] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  859.068102][T16241] usb 10-1: config 0 descriptor??
[  859.143700][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  859.253758][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  859.278119][T16241] usbhid 10-1:0.0: can't add hid device: -71
[  859.280251][T16241] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  859.284167][T16241] usb 10-1: USB disconnect, device number 22
[  859.363582][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  859.473680][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  859.478881][T18253] usbtmc 11-1:16.0: send_request_dev_dep_msg_in returned -90
[  859.583621][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  859.693707][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  859.811919][T18273] 9p: Bad value for 'rfdno'
[  860.052313][T18285] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3376'.
[  861.169768][T16241] usb 11-1: USB disconnect, device number 23
[  861.498722][T18316] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  862.368969][T18328] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  862.513591][T16241] usb 11-1: new high-speed USB device number 24 using dummy_hcd
[  863.210493][T16241] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  863.214722][T16241] usb 11-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  863.218359][T16241] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  863.222998][T16241] usb 11-1: config 0 descriptor??
[  863.290689][T18330] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3387'.
[  863.328940][T18334] FAULT_INJECTION: forcing a failure.
[  863.328940][T18334] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  863.333272][T18334] CPU: 3 UID: 0 PID: 18334 Comm: syz.5.3389 Not tainted syzkaller #0 PREEMPT(full) 
[  863.333288][T18334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  863.333295][T18334] Call Trace:
[  863.333300][T18334]  <TASK>
[  863.333305][T18334]  dump_stack_lvl+0x16c/0x1f0
[  863.333328][T18334]  should_fail_ex+0x512/0x640
[  863.333344][T18334]  _copy_to_user+0x32/0xd0
[  863.333359][T18334]  snd_ctl_ioctl+0xe2f/0x13e0
[  863.333391][T18334]  ? __pfx_snd_ctl_ioctl+0x10/0x10
[  863.333409][T18334]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  863.333428][T18334]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  863.333446][T18334]  ? do_vfs_ioctl+0x128/0x14f0
[  863.333462][T18334]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  863.333478][T18334]  snd_ctl_ioctl_compat+0x708/0xc70
[  863.333496][T18334]  ? __pfx_snd_ctl_ioctl_compat+0x10/0x10
[  863.333513][T18334]  ? find_held_lock+0x2b/0x80
[  863.333528][T18334]  ? hook_file_ioctl_common+0x144/0x410
[  863.333545][T18334]  ? __fget_files+0x20e/0x3c0
[  863.333560][T18334]  ? __fput_deferred+0x420/0x480
[  863.333574][T18334]  ? __pfx_snd_ctl_ioctl_compat+0x10/0x10
[  863.333592][T18334]  __ia32_compat_sys_ioctl+0x242/0x370
[  863.333608][T18334]  __do_fast_syscall_32+0xe8/0x680
[  863.333621][T18334]  do_fast_syscall_32+0x32/0x80
[  863.333632][T18334]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  863.333654][T18334] RIP: 0023:0xf70ad579
[  863.333663][T18334] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  863.333674][T18334] RSP: 002b:00000000f549d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  863.333685][T18334] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000081785501
[  863.333692][T18334] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  863.333699][T18334] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  863.333705][T18334] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  863.333712][T18334] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  863.333726][T18334]  </TASK>
[  863.469724][T16241] usbhid 11-1:0.0: can't add hid device: -71
[  863.474798][T16241] usbhid 11-1:0.0: probe with driver usbhid failed with error -71
[  863.516228][T16241] usb 11-1: USB disconnect, device number 24
[  863.744638][ T1239] net_ratelimit: 24 callbacks suppressed
[  863.744747][ T1239] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  863.855708][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  863.967708][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  864.076397][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  864.185802][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  864.293664][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  864.404441][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  864.418180][T11484] libceph: connect (1)[c::]:6789 error -113
[  864.421869][T11484] libceph: mon0 (1)[c::]:6789 connect error
[  864.472918][T18350] ceph: No mds server is up or the cluster is laggy
[  864.585450][T18353] 8021q: adding VLAN 0 to HW filter on device bond0
[  864.588630][T18353] 8021q: adding VLAN 0 to HW filter on device team0
[  864.597381][T18353] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  864.816922][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  864.903438][T18357] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3393'.
[  864.958817][T18357] 8021q: adding VLAN 0 to HW filter on device bond0
[  864.969951][T18357] 8021q: adding VLAN 0 to HW filter on device team0
[  864.992905][T18357] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  865.327189][T18373] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3399'.
[  865.494250][T18376] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3395'.
[  865.519028][T18376] bridge0: port 3(netdevsim0) entered blocking state
[  865.522177][T18376] bridge0: port 3(netdevsim0) entered disabled state
[  865.532113][T18376] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  865.561076][T18376] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  865.963052][T18378] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3408'.
[  866.423937][ T6027] usb 10-1: new high-speed USB device number 23 using dummy_hcd
[  866.624537][ T6027] usb 10-1: Using ep0 maxpacket: 8
[  866.636962][ T6027] usb 10-1: config index 0 descriptor too short (expected 301, got 45)
[  866.640921][ T6027] usb 10-1: config 16 has too many interfaces: 127, using maximum allowed: 32
[  866.644704][ T6027] usb 10-1: config 16 has 1 interface, different from the descriptor's value: 127
[  866.648829][ T6027] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  866.653581][ T6027] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  866.657296][ T6027] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  866.661400][ T6027] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  866.667160][ T6027] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  866.670418][ T6027] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  866.943845][ T6027] usb 10-1: usb_control_msg returned -32
[  866.945834][ T6027] usbtmc 10-1:16.0: can't read capabilities
[  867.062863][T18392] /dev/sg0: Can't lookup blockdev
[  867.540763][T18399] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3400'.
[  867.730732][ T5941] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  867.736344][ T5941] Bluetooth: hci0: Injecting HCI hardware error event
[  867.745246][ T5941] Bluetooth: hci0: hardware error 0x00
[  867.763693][   T40] audit: type=1326 audit(2000000450.459:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18395 comm="syz.4.3405" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f91579 code=0x7ffc0000
[  867.782732][T18398] pim6reg: entered allmulticast mode
[  867.819240][   T40] audit: type=1326 audit(2000000450.459:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18395 comm="syz.4.3405" exe="/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf7f91579 code=0x7ffc0000
[  867.873248][   T40] audit: type=1326 audit(2000000450.469:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18395 comm="syz.4.3405" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f91579 code=0x7ffc0000
[  867.955887][   T40] audit: type=1326 audit(2000000450.469:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18395 comm="syz.4.3405" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f91579 code=0x7ffc0000
[  867.984079][   T40] audit: type=1326 audit(2000000450.469:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18395 comm="syz.4.3405" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f91579 code=0x7ffc0000
[  867.994321][T18406] mkiss: ax0: crc mode is auto.
[  868.003929][   T40] audit: type=1326 audit(2000000450.469:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18395 comm="syz.4.3405" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f91579 code=0x7ffc0000
[  868.023628][   T40] audit: type=1326 audit(2000000450.469:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18395 comm="syz.4.3405" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f91579 code=0x7ffc0000
[  868.030455][   T40] audit: type=1326 audit(2000000450.469:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18395 comm="syz.4.3405" exe="/syz-executor" sig=0 arch=40000003 syscall=14 compat=1 ip=0xf7f91579 code=0x7ffc0000
[  868.037922][   T40] audit: type=1326 audit(2000000450.469:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18395 comm="syz.4.3405" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f91579 code=0x7ffc0000
[  868.044048][T18395] pim6reg: left allmulticast mode
[  868.045041][   T40] audit: type=1326 audit(2000000450.479:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18395 comm="syz.4.3405" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f91579 code=0x7ffc0000
[  868.062465][T18408] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3407'.
[  868.355932][T18425] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3411'.
[  868.836917][T13733] net_ratelimit: 31 callbacks suppressed
[  868.836932][T13733] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  868.955408][T13733] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  869.063679][T13733] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  869.240225][T18435] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  869.243063][T18435] IPv6: NLM_F_CREATE should be set when creating new route
[  869.246678][T13733] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  869.306845][T18439] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3413'.
[  869.310958][T18438] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3413'.
[  869.320377][   T60] usb 10-1: USB disconnect, device number 23
[  869.364260][ T1239] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  869.474149][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  869.584077][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  869.863770][ T5941] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  869.925989][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  870.007886][T18455] hpfs: hpfs_map_sector(): read error
[  870.043665][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  870.153767][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  870.168777][T18453] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  870.395371][T12160] libceph: connect (1)[c::]:6789 error -101
[  870.397670][T12160] libceph: mon0 (1)[c::]:6789 connect error
[  870.566103][T18475] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3421'.
[  870.646098][T18471] 8021q: adding VLAN 0 to HW filter on device bond0
[  870.649306][T18471] 8021q: adding VLAN 0 to HW filter on device team0
[  870.664729][T11484] libceph: connect (1)[c::]:6789 error -101
[  870.667391][T11484] libceph: mon0 (1)[c::]:6789 connect error
[  870.803257][T18486] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3423'.
[  870.808455][T18485] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3423'.
[  870.870668][T18453] ceph: No mds server is up or the cluster is laggy
[  871.123683][ T6027] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  871.177869][T16241] libceph: connect (1)[c::]:6789 error -113
[  871.180836][T16241] libceph: mon0 (1)[c::]:6789 connect error
[  871.224489][T18497] ceph: No mds server is up or the cluster is laggy
[  871.275136][ T6027] usb 9-1: Using ep0 maxpacket: 8
[  871.278039][ T6027] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  871.280675][ T6027] usb 9-1: config 16 has too many interfaces: 127, using maximum allowed: 32
[  871.283431][ T6027] usb 9-1: config 16 has 1 interface, different from the descriptor's value: 127
[  871.286960][ T6027] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  871.290004][ T6027] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  871.293092][ T6027] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  871.297402][ T6027] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  871.301609][ T6027] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  871.304898][ T6027] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  871.492176][   T74] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  871.498985][   T74] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  871.504283][   T74] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  871.512541][   T74] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  871.670834][ T6027] usb 9-1: usb_control_msg returned -32
[  871.672627][ T6027] usbtmc 9-1:16.0: can't read capabilities
[  871.800263][T18512] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  871.802541][T18512] IPv6: NLM_F_CREATE should be set when creating new route
[  872.094359][T18513] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3424'.
[  872.653623][ T6027] usb 10-1: new high-speed USB device number 24 using dummy_hcd
[  872.805799][ T6027] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  872.809947][ T6027] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  872.813127][ T6027] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  872.825042][ T6027] usb 10-1: config 0 descriptor??
[  873.088222][T18518] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  873.091538][T18518] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  873.280180][T18533] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  873.329334][T18518] usbtmc 9-1:16.0: send_request_dev_dep_msg_in returned -90
[  873.334324][ T6027] usbhid 10-1:0.0: can't add hid device: -71
[  873.337581][ T6027] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  873.348154][ T6027] usb 10-1: USB disconnect, device number 24
[  873.963870][ T4772] net_ratelimit: 33 callbacks suppressed
[  873.963883][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  874.024906][T12160] usb 9-1: USB disconnect, device number 6
[  874.091532][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  874.203678][ T1239] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  874.313598][ T1239] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  874.424402][ T1239] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  874.534238][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  874.655037][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  874.755970][ T1416] ieee802154 phy1 wpan1: encryption failed: -22
[  874.765180][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  874.873652][ T1239] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  874.983688][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  875.065434][T18577] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  875.213660][ T5953] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  875.375243][ T5953] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  875.378769][ T5953] usb 9-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  875.381954][ T5953] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  875.386627][ T5953] usb 9-1: config 0 descriptor??
[  875.592476][T18576] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  875.596687][T18576] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  875.801528][ T5953] usbhid 9-1:0.0: can't add hid device: -71
[  875.803605][ T5953] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  875.807858][ T5953] usb 9-1: USB disconnect, device number 7
[  876.091785][   T40] kauditd_printk_skb: 44 callbacks suppressed
[  876.091798][   T40] audit: type=1804 audit(2000000458.929:886): pid=18582 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.3445" name="/newroot/86/bus/bus" dev="overlay" ino=512 res=1 errno=0
[  876.100480][   T40] audit: type=1804 audit(2000000458.939:887): pid=18581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.3445" name="/newroot/86/bus/bus" dev="overlay" ino=512 res=1 errno=0
[  876.107058][   T40] audit: type=1800 audit(2000000458.939:888): pid=18581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3445" name="bus" dev="overlay" ino=512 res=0 errno=0
[  876.183603][T18404] Bluetooth: hci3: command 0x1003 tx timeout
[  876.188571][ T5941] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  876.864148][T18596] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  877.002774][T18595] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3447'.
[  877.076062][T18595] bridge0: port 1(netdevsim0) entered blocking state
[  877.083603][T18595] bridge0: port 1(netdevsim0) entered disabled state
[  877.087313][T18595] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  877.129141][T18595] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  878.480128][T18608] veth0_macvtap: left allmulticast mode
[  878.817923][T18620] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  878.820968][T18620] IPv6: NLM_F_CREATE should be set when creating new route
[  879.043651][ T1140] net_ratelimit: 24 callbacks suppressed
[  879.043672][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  879.153643][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  879.263633][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  879.373584][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  879.483631][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  879.593684][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  879.703688][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  879.813745][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  880.024365][ T1239] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  880.143868][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  881.380827][T18641] lo speed is unknown, defaulting to 1000
[  881.382691][T18641] lo speed is unknown, defaulting to 1000
[  881.384891][T18641] lo speed is unknown, defaulting to 1000
[  881.391301][T18641] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  881.403371][T18641] lo speed is unknown, defaulting to 1000
[  881.406225][T18641] lo speed is unknown, defaulting to 1000
[  881.409008][T18641] lo speed is unknown, defaulting to 1000
[  881.411583][T18641] lo speed is unknown, defaulting to 1000
[  881.414221][T18641] lo speed is unknown, defaulting to 1000
[  881.416780][T18641] lo speed is unknown, defaulting to 1000
[  881.943872][T18654] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3463'.
[  881.956380][T18656] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3467'.
[  882.219885][T12160] libceph: connect (1)[c::]:6789 error -113
[  882.221891][T12160] libceph: mon0 (1)[c::]:6789 connect error
[  882.253466][T18658] ceph: No mds server is up or the cluster is laggy
[  882.290475][T12160] lo speed is unknown, defaulting to 1000
[  882.500966][T18666] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  884.013689][   T24] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  884.075124][  T224] net_ratelimit: 34 callbacks suppressed
[  884.075142][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  884.185518][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  884.189463][   T24] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  884.193042][   T24] usb 9-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  884.196317][   T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  884.203755][   T24] usb 9-1: config 0 descriptor??
[  884.306045][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  884.416145][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  884.420289][T18670] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  884.423438][T18670] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  884.528219][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  884.630585][   T24] usbhid 9-1:0.0: can't add hid device: -71
[  884.632567][   T24] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  884.644141][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  884.647986][   T24] usb 9-1: USB disconnect, device number 8
[  884.753799][ T1239] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  884.817514][T18688] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3475'.
[  884.820954][T18688] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3475'.
[  884.886543][ T1239] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  884.998643][T18692] input: syz0 as /devices/virtual/input/input22
[  885.004833][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  885.113599][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  885.530379][T18706] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  885.810292][T18692] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  885.813085][T18692] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  885.816538][T18692] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  885.818652][T18692] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  885.821719][T18692] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  886.627760][T18713] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3481'.
[  886.910922][T18713] 8021q: adding VLAN 0 to HW filter on device bond0
[  886.914230][T18713] 8021q: adding VLAN 0 to HW filter on device team0
[  886.969035][T18707] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3480'.
[  886.997879][T18707] 8021q: adding VLAN 0 to HW filter on device bond0
[  887.005041][T18707] 8021q: adding VLAN 0 to HW filter on device team0
[  887.153721][ T5941] Bluetooth: hci4: command 0x0406 tx timeout
[  887.873687][ T5941] Bluetooth: hci2: command 0x0c1a tx timeout
[  888.077920][T18741] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3488'.
[  888.080815][T18740] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3488'.
[  888.954442][T18748] netlink: 44 bytes leftover after parsing attributes in process `syz.6.3490'.
[  889.112962][ T5953] lo speed is unknown, defaulting to 1000
[  889.115055][ T5953] syz0: Port: 1 Link DOWN
[  889.159020][T18757] overlayfs: failed to resolve './file1': -2
[  889.173967][  T224] net_ratelimit: 34 callbacks suppressed
[  889.173980][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  889.223616][ T5941] Bluetooth: hci4: command 0x0406 tx timeout
[  889.284265][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  889.365399][   T40] audit: type=1804 audit(2000000472.209:889): pid=18755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.3492" name="/newroot/523/bus/bus" dev="tmpfs" ino=2987 res=1 errno=0
[  889.394675][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  889.505550][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  889.623804][T13733] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  889.744169][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  889.864001][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  889.943707][ T5941] Bluetooth: hci2: command 0x0c1a tx timeout
[  889.973748][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  890.093842][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  890.213709][T13733] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  892.023699][ T5941] Bluetooth: hci2: command 0x0c1a tx timeout
[  892.768426][T18783] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3499'.
[  893.674372][T18798] FAULT_INJECTION: forcing a failure.
[  893.674372][T18798] name failslab, interval 1, probability 0, space 0, times 0
[  893.679808][T18798] CPU: 1 UID: 0 PID: 18798 Comm: syz.5.3503 Not tainted syzkaller #0 PREEMPT(full) 
[  893.679824][T18798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  893.679832][T18798] Call Trace:
[  893.679836][T18798]  <TASK>
[  893.679841][T18798]  dump_stack_lvl+0x16c/0x1f0
[  893.679864][T18798]  should_fail_ex+0x512/0x640
[  893.679878][T18798]  ? __kmalloc_cache_noprof+0x5f/0x800
[  893.679893][T18798]  should_failslab+0xc2/0x120
[  893.679911][T18798]  __kmalloc_cache_noprof+0x80/0x800
[  893.679924][T18798]  ? udf_init_fs_context+0x47/0x830
[  893.679940][T18798]  ? udf_init_fs_context+0x47/0x830
[  893.679952][T18798]  udf_init_fs_context+0x47/0x830
[  893.679965][T18798]  ? __pfx_udf_init_fs_context+0x10/0x10
[  893.679978][T18798]  alloc_fs_context+0x629/0xf50
[  893.679993][T18798]  path_mount+0xe21/0x23a0
[  893.680005][T18798]  ? rcu_is_watching+0x12/0xc0
[  893.680023][T18798]  ? __pfx_path_mount+0x10/0x10
[  893.680035][T18798]  ? kmem_cache_free+0x2d8/0x770
[  893.680050][T18798]  ? putname+0xf5/0x1a0
[  893.680062][T18798]  ? putname+0xf5/0x1a0
[  893.680074][T18798]  ? __ia32_sys_mount+0x291/0x310
[  893.680085][T18798]  __ia32_sys_mount+0x291/0x310
[  893.680096][T18798]  ? __pfx___ia32_sys_mount+0x10/0x10
[  893.680108][T18798]  ? do_user_addr_fault+0x843/0x1370
[  893.680125][T18798]  __do_fast_syscall_32+0xe8/0x680
[  893.680138][T18798]  do_fast_syscall_32+0x32/0x80
[  893.680149][T18798]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  893.680164][T18798] RIP: 0023:0xf70ad579
[  893.680173][T18798] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  893.680184][T18798] RSP: 002b:00000000f549d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000015
[  893.680195][T18798] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000080004a00
[  893.680202][T18798] RDX: 0000000080000040 RSI: 000000000100080f RDI: 0000000000000000
[  893.680209][T18798] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  893.680215][T18798] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  893.680222][T18798] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  893.680235][T18798]  </TASK>
[  894.169373][T18827] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  894.171722][T18827] IPv6: NLM_F_CREATE should be set when creating new route
[  894.194324][ T7870] net_ratelimit: 32 callbacks suppressed
[  894.194336][ T7870] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  894.240475][T18830] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3514'.
[  894.303623][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  894.413665][ T7870] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  894.524806][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  894.633625][ T7870] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  894.744388][ T7870] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  894.864121][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  894.984302][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  895.093930][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  895.203812][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  896.495589][T18842] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  897.096680][T18846] FAULT_INJECTION: forcing a failure.
[  897.096680][T18846] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  897.145903][T18846] CPU: 1 UID: 0 PID: 18846 Comm: syz.5.3517 Not tainted syzkaller #0 PREEMPT(full) 
[  897.145930][T18846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  897.145938][T18846] Call Trace:
[  897.145943][T18846]  <TASK>
[  897.145948][T18846]  dump_stack_lvl+0x16c/0x1f0
[  897.145970][T18846]  should_fail_ex+0x512/0x640
[  897.145986][T18846]  _copy_from_user+0x2e/0xd0
[  897.146020][T18846]  copy_from_buffer+0x7f/0xc0
[  897.146048][T18846]  copy_uabi_to_xstate+0x26d/0x670
[  897.146073][T18846]  ? __pfx_copy_uabi_to_xstate+0x10/0x10
[  897.146094][T18846]  ? __fpu_restore_sig+0xa8a/0x1370
[  897.146111][T18846]  ? rcu_is_watching+0x12/0xc0
[  897.146126][T18846]  ? x86_task_fpu+0x5f/0x90
[  897.146141][T18846]  __fpu_restore_sig+0x10a6/0x1370
[  897.146160][T18846]  ? __pfx___fpu_restore_sig+0x10/0x10
[  897.146179][T18846]  ? finish_task_switch.isra.0+0x207/0xbd0
[  897.146200][T18846]  ? __might_fault+0xe3/0x190
[  897.146213][T18846]  ? __might_fault+0x13b/0x190
[  897.146228][T18846]  fpu__restore_sig+0x151/0x190
[  897.146246][T18846]  ia32_restore_sigcontext+0x44a/0x630
[  897.146258][T18846]  ? __pfx_ia32_restore_sigcontext+0x10/0x10
[  897.146274][T18846]  ? rcu_is_watching+0x12/0xc0
[  897.146293][T18846]  ? _raw_spin_unlock_irq+0x23/0x50
[  897.146309][T18846]  ? lockdep_hardirqs_on+0x7c/0x110
[  897.146329][T18846]  __do_compat_sys_rt_sigreturn+0x18c/0x270
[  897.146342][T18846]  ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10
[  897.146355][T18846]  ? trace_irq_enable.constprop.0+0x2f/0x110
[  897.146376][T18846]  do_int80_emulation+0x104/0x480
[  897.146388][T18846]  asm_int80_emulation+0x1a/0x20
[  897.146400][T18846] RIP: 0023:0xf70ad577
[  897.146409][T18846] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 <cd> 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00
[  897.146420][T18846] RSP: 002b:00000000f545b55c EFLAGS: 00000296
[  897.146429][T18846] RAX: 0000000000000139 RBX: 0000000000000006 RCX: 0000000000000000
[  897.146436][T18846] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000016
[  897.146443][T18846] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  897.146449][T18846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  897.146456][T18846] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  897.146470][T18846]  </TASK>
[  897.728840][T18850] overlayfs: failed to resolve './file1': -2
[  897.772101][   T40] audit: type=1804 audit(2000000480.609:890): pid=18850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.3518" name="/newroot/134/bus/bus" dev="tmpfs" ino=806 res=1 errno=0
[  897.968745][T18862] 9p: Bad value for 'source'
[  898.066812][T18868] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3524'.
[  898.675750][T18882] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  898.678796][T18882] IPv6: NLM_F_CREATE should be set when creating new route
[  899.299034][ T1144] net_ratelimit: 33 callbacks suppressed
[  899.299047][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  899.413739][T13733] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  899.524157][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  899.634392][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  899.747158][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  899.861627][ T1144] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  899.974773][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  900.218365][T18900] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3534'.
[  900.228751][ T1239] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  900.321545][T18906] comedi comedi4: bad chanlist[1]=0x000000a0 chan=160 range length=2
[  900.334561][ T7870] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  900.453609][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  900.530214][T18915] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3536'.
[  900.533181][T18912] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3536'.
[  900.553750][T16241] usb 11-1: new high-speed USB device number 25 using dummy_hcd
[  900.752494][T16241] usb 11-1: config index 0 descriptor too short (expected 28277, got 36)
[  900.755545][T16241] usb 11-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  900.760079][T16241] usb 11-1: config 0 has no interfaces?
[  900.763588][T16241] usb 11-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  900.768592][T16241] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  900.781332][T16241] usb 11-1: config 0 descriptor??
[  900.941770][T18926] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  900.944246][T18926] IPv6: NLM_F_CREATE should be set when creating new route
[  901.401312][T18914] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3537'.
[  901.473991][T18914] 8021q: adding VLAN 0 to HW filter on device bond0
[  901.478105][T18914] 8021q: adding VLAN 0 to HW filter on device team0
[  901.487557][T12160] lo speed is unknown, defaulting to 1000
[  901.490125][T12160] syz0: Port: 1 Link ACTIVE
[  901.516457][T18914] syz.4.3537: page allocation failure: order:10, mode:0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0-1
[  901.533762][T18914] CPU: 1 UID: 0 PID: 18914 Comm: syz.4.3537 Not tainted syzkaller #0 PREEMPT(full) 
[  901.533783][T18914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  901.533791][T18914] Call Trace:
[  901.533796][T18914]  <TASK>
[  901.533803][T18914]  dump_stack_lvl+0x16c/0x1f0
[  901.533838][T18914]  warn_alloc+0x248/0x3a0
[  901.533858][T18914]  ? __pfx_warn_alloc+0x10/0x10
[  901.533872][T18914]  ? psi_memstall_leave+0x1e6/0x2d0
[  901.533894][T18914]  ? __alloc_pages_direct_compact+0x466/0x580
[  901.533909][T18914]  ? __pfx___alloc_pages_direct_compact+0x10/0x10
[  901.533923][T18914]  ? psi_memstall_leave+0x1e1/0x2d0
[  901.533943][T18914]  ? psi_memstall_leave+0x1e6/0x2d0
[  901.533990][T18914]  __alloc_frozen_pages_noprof+0xe9b/0x2430
[  901.534013][T18914]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  901.534034][T18914]  ? find_held_lock+0x2b/0x80
[  901.534050][T18914]  ? aa_file_perm+0x29e/0x1560
[  901.534069][T18914]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  901.534089][T18914]  ? policy_nodemask+0xea/0x4e0
[  901.534109][T18914]  alloc_pages_mpol+0x1fb/0x550
[  901.534128][T18914]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  901.534156][T18914]  ? stack_trace_save+0x8e/0xc0
[  901.534175][T18914]  ? __pfx_stack_trace_save+0x10/0x10
[  901.534195][T18914]  ___kmalloc_large_node+0x10c/0x150
[  901.534208][T18914]  __kmalloc_large_node_noprof+0x1c/0x70
[  901.534221][T18914]  __kmalloc_noprof.cold+0xc/0x62
[  901.534238][T18914]  ? common_file_perm+0x1b1/0x500
[  901.534251][T18914]  ? qrtr_tun_write_iter+0xc1/0x1b0
[  901.534268][T18914]  ? qrtr_tun_write_iter+0xc1/0x1b0
[  901.534281][T18914]  qrtr_tun_write_iter+0xc1/0x1b0
[  901.534303][T18914]  aio_write+0x3b9/0x910
[  901.534323][T18914]  ? __pfx_aio_write+0x10/0x10
[  901.534342][T18914]  ? __lock_acquire+0x436/0x2890
[  901.534362][T18914]  ? __might_fault+0xe3/0x190
[  901.534376][T18914]  ? __might_fault+0x13b/0x190
[  901.534393][T18914]  ? io_submit_one+0x1243/0x1e70
[  901.534405][T18914]  io_submit_one+0x1243/0x1e70
[  901.534420][T18914]  ? __lock_acquire+0x436/0x2890
[  901.534434][T18914]  ? __pfx_io_submit_one+0x10/0x10
[  901.534454][T18914]  ? __might_fault+0xe3/0x190
[  901.534466][T18914]  ? __might_fault+0x13b/0x190
[  901.534482][T18914]  ? __ia32_compat_sys_io_submit+0x1ad/0x3c0
[  901.534494][T18914]  __ia32_compat_sys_io_submit+0x1ad/0x3c0
[  901.534508][T18914]  ? __pfx___ia32_compat_sys_io_submit+0x10/0x10
[  901.534526][T18914]  ? rcu_is_watching+0x12/0xc0
[  901.534543][T18914]  __do_fast_syscall_32+0xe8/0x680
[  901.534557][T18914]  do_fast_syscall_32+0x32/0x80
[  901.534568][T18914]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  901.534583][T18914] RIP: 0023:0xf7f91579
[  901.534592][T18914] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  901.534603][T18914] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 00000000000000f8
[  901.534615][T18914] RAX: ffffffffffffffda RBX: 00000000f742f000 RCX: 00000000000000e7
[  901.534622][T18914] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000
[  901.534629][T18914] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  901.534635][T18914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  901.534642][T18914] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  901.534656][T18914]  </TASK>
[  901.534681][T18914] Mem-Info:
[  901.651831][T18914] active_anon:3153 inactive_anon:4827 isolated_anon:0
[  901.651831][T18914]  active_file:643 inactive_file:11220 isolated_file:0
[  901.651831][T18914]  unevictable:1769 dirty:90 writeback:0
[  901.651831][T18914]  slab_reclaimable:6272 slab_unreclaimable:72968
[  901.651831][T18914]  mapped:30544 shmem:7510 pagetables:1486
[  901.651831][T18914]  sec_pagetables:339 bounce:0
[  901.651831][T18914]  kernel_misc_reclaimable:0
[  901.651831][T18914]  free:66408 free_pcp:267 free_cma:0
[  901.667968][T18914] Node 0 active_anon:4kB inactive_anon:1572kB active_file:32kB inactive_file:1044kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:7504kB dirty:0kB writeback:0kB shmem:3944kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9660kB pagetables:1856kB sec_pagetables:1152kB all_unreclaimable? no Balloon:0kB
[  901.680622][T18914] Node 1 active_anon:12708kB inactive_anon:17736kB active_file:2540kB inactive_file:35636kB unevictable:3540kB isolated(anon):0kB isolated(file):0kB mapped:114672kB dirty:360kB writeback:0kB shmem:26096kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5036kB pagetables:4088kB sec_pagetables:204kB all_unreclaimable? no Balloon:0kB
[  901.691245][T18914] Node 0 DMA free:2324kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:28kB inactive_anon:0kB active_file:32kB inactive_file:84kB unevictable:0kB writepending:0kB zspages:40kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  901.806488][T18914] lowmem_reserve[]: 0 289 289 289 289
[  901.808284][T18914] Node 0 DMA32 free:17552kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:2048KB free_highatomic:1168KB active_anon:3724kB inactive_anon:1548kB active_file:0kB inactive_file:932kB unevictable:3536kB writepending:0kB zspages:928kB present:1032196kB managed:296804kB mlocked:0kB bounce:0kB free_pcp:2240kB local_pcp:1976kB free_cma:0kB
[  901.831266][T18914] lowmem_reserve[]: 0 0 0 0 0
[  901.832912][T18914] Node 1 DMA32 free:242784kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB free_highatomic:496KB active_anon:21456kB inactive_anon:16404kB active_file:2504kB inactive_file:30300kB unevictable:3540kB writepending:380kB zspages:5056kB present:1048432kB managed:948212kB mlocked:4kB bounce:0kB free_pcp:4404kB local_pcp:396kB free_cma:0kB
[  901.843245][T18914] lowmem_reserve[]: 0 0 0 0 0
[  901.844902][T18914] Node 0 DMA: 29*4kB (UM) 17*8kB (UM) 8*16kB (U) 6*32kB (U) 4*64kB (UM) 1*128kB (M) 0*256kB 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 1980kB
[  901.849886][T18914] Node 0 DMA32: 142*4kB (UMEH) 80*8kB (UMEH) 78*16kB (UMEH) 237*32kB (UMEH) 60*64kB (UMEH) 18*128kB (UMEH) 5*256kB (UMH) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17464kB
[  901.855577][T18914] Node 1 DMA32: 814*4kB (UMEH) 2377*8kB (UMEH) 1687*16kB (UMEH) 544*32kB (UME) 357*64kB (UME) 213*128kB (UME) 140*256kB (UM) 76*512kB (UM) 36*1024kB (UM) 7*2048kB (UM) 0*4096kB = 242736kB
[  901.862810][T18914] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  901.867334][T18914] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  901.870323][T18914] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  901.873304][T18914] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  901.876851][T18914] 20035 total pagecache pages
[  901.878406][T18914] 1240 pages in swap cache
[  901.879864][T18914] Free swap  = 96820kB
[  901.881153][T18914] Total swap = 124996kB
[  901.882608][T18914] 524155 pages RAM
[  901.884166][T18914] 0 pages HighMem/MovableOnly
[  901.885903][T18914] 209061 pages reserved
[  901.887312][T18914] 0 pages cma reserved
[  903.476230][T16241] usb 11-1: USB disconnect, device number 25
[  903.682311][T18959] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3551'.
[  904.054543][T18969] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  904.355195][ T1239] net_ratelimit: 30 callbacks suppressed
[  904.355208][ T1239] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  904.463662][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  904.576607][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  904.697484][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  904.763754][T16241] usb 10-1: new high-speed USB device number 25 using dummy_hcd
[  904.813983][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  904.923668][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  904.986693][T16241] usb 10-1: Using ep0 maxpacket: 32
[  904.989779][T16241] usb 10-1: no configurations
[  904.991836][T16241] usb 10-1: can't read configurations, error -22
[  905.075024][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  905.142096][   T40] audit: type=1804 audit(2000000487.979:891): pid=18976 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.3555" name="/newroot/540/file1/bus" dev="tmpfs" ino=3088 res=1 errno=0
[  905.183699][ T7870] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  905.293637][ T1239] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  905.363543][T16241] usb 10-1: new high-speed USB device number 26 using dummy_hcd
[  905.403642][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  905.523609][T16241] usb 10-1: Using ep0 maxpacket: 32
[  905.526036][T16241] usb 10-1: no configurations
[  905.528201][T16241] usb 10-1: can't read configurations, error -22
[  905.531263][T16241] usb usb10-port1: attempt power cycle
[  905.913781][T16241] usb 10-1: new high-speed USB device number 27 using dummy_hcd
[  905.947111][T16241] usb 10-1: Using ep0 maxpacket: 32
[  905.952620][T16241] usb 10-1: no configurations
[  905.955419][T16241] usb 10-1: can't read configurations, error -22
[  906.154326][T16241] usb 10-1: new high-speed USB device number 28 using dummy_hcd
[  906.187189][T16241] usb 10-1: Using ep0 maxpacket: 32
[  906.495994][T16241] usb 10-1: no configurations
[  906.497544][T16241] usb 10-1: can't read configurations, error -22
[  906.499683][T16241] usb usb10-port1: unable to enumerate USB device
[  906.679614][T11484] libceph: connect (1)[c::]:6789 error -113
[  906.684900][T11484] libceph: mon0 (1)[c::]:6789 connect error
[  906.724918][T18996] ceph: No mds server is up or the cluster is laggy
[  907.254934][T19009] /dev/sr0: Can't open blockdev
[  907.799186][T19020] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  907.801883][T19020] IPv6: NLM_F_CREATE should be set when creating new route
[  908.634792][T19022] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3565'.
[  909.135156][T19025] lo speed is unknown, defaulting to 1000
[  909.137619][T19025] lo speed is unknown, defaulting to 1000
[  909.232748][T19025] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3571'.
[  909.257644][T19030] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3572'.
[  909.261663][T19028] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3572'.
[  909.378961][T19036] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3574'.
[  909.413676][ T4139] net_ratelimit: 33 callbacks suppressed
[  909.416112][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  909.523734][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  909.983712][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  910.019371][T19043] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3577'.
[  910.133752][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  910.253663][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  910.373800][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  910.493644][  T224] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  910.615174][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  910.724218][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  910.822457][T19060] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  910.856873][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  911.781444][T19064] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3584'.
[  912.241153][T19081] netlink: 44 bytes leftover after parsing attributes in process `syz.5.3589'.
[  913.003324][ T5953] IPVS: starting estimator thread 0...
[  913.063687][   T60] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  913.103672][T19094] IPVS: using max 26 ests per chain, 62400 per kthread
[  913.152897][T19097] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3593'.
[  913.158637][T19096] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3593'.
[  913.243642][   T60] usb 9-1: Using ep0 maxpacket: 8
[  913.256907][   T60] usb 9-1: config 0 has an invalid interface number: 55 but max is 0
[  913.260333][   T60] usb 9-1: config 0 has no interface number 0
[  913.263009][   T60] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  913.273624][   T60] usb 9-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  913.278398][   T60] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  913.282349][   T60] usb 9-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  913.293057][T19099] lo speed is unknown, defaulting to 1000
[  913.295653][   T60] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  913.297948][T19100] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3594'.
[  913.299469][   T60] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  913.311092][T19099] lo speed is unknown, defaulting to 1000
[  913.394877][   T60] usb 9-1: config 0 descriptor??
[  913.465348][   T60] ldusb 9-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  913.798791][T11484] usb 9-1: USB disconnect, device number 9
[  913.798890][    C1] ldusb 9-1:0.55: usb_submit_urb failed (-19)
[  913.825975][T19089] ldusb: No device or device unplugged -19
[  913.829595][T11484] ldusb 9-1:0.55: LD USB Device #0 now disconnected
[  914.071059][   T40] audit: type=1804 audit(2000000496.899:892): pid=19118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3599" name="/newroot/289/bus/bus" dev="tmpfs" ino=1691 res=1 errno=0
[  914.414379][T19128] __nla_validate_parse: 2 callbacks suppressed
[  914.414397][T19128] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3600'.
[  914.663281][T19128] 8021q: adding VLAN 0 to HW filter on device bond0
[  914.708058][T19128] 8021q: adding VLAN 0 to HW filter on device team0
[  914.730460][T19128] net_ratelimit: 30 callbacks suppressed
[  914.730466][T19128] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  914.755276][ T1239] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  914.863678][ T7870] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  914.877476][   T40] audit: type=1804 audit(2000000497.719:893): pid=19137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.3605" name="/newroot/118/bus/bus" dev="tmpfs" ino=691 res=1 errno=0
[  914.989338][ T7870] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  915.093658][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  915.203638][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  915.223250][T19144] lo speed is unknown, defaulting to 1000
[  915.225992][T19144] lo speed is unknown, defaulting to 1000
[  915.313758][   T74] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  915.453645][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  915.528728][T19159] netlink: 60 bytes leftover after parsing attributes in process `syz.6.3611'.
[  915.531757][T19157] netlink: 60 bytes leftover after parsing attributes in process `syz.6.3611'.
[  915.563602][ T7870] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  915.604843][T19164] netlink: 'syz.6.3613': attribute type 1 has an invalid length.
[  915.622576][T19164] bond2: entered promiscuous mode
[  915.625050][T19164] bond2: entered allmulticast mode
[  915.627049][T19164] 8021q: adding VLAN 0 to HW filter on device bond2
[  915.645985][T19164] erspan1: entered allmulticast mode
[  915.649374][T19164] bond2: (slave erspan1): making interface the new active one
[  915.651863][T19164] erspan1: entered promiscuous mode
[  915.664522][T19164] bond2: (slave erspan1): Enslaving as an active interface with an up link
[  915.743619][ T7870] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  915.774338][T19164] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3613'.
[  915.956003][T19164] bond2 (unregistering): (slave erspan1): Releasing active interface
[  915.959235][T19164] erspan1: left promiscuous mode
[  915.963003][T19164] bond2 (unregistering): Released all slaves
[  916.006290][T19177] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3617'.
[  916.113890][T19180] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3615'.
[  916.217060][T19182] netlink: 'syz.5.3619': attribute type 17 has an invalid length.
[  916.219669][T19182] netlink: 5 bytes leftover after parsing attributes in process `syz.5.3619'.
[  916.257619][T19180] 8021q: adding VLAN 0 to HW filter on device bond0
[  916.282490][T19180] 8021q: adding VLAN 0 to HW filter on device team0
[  916.295959][T19182] veth0_macvtap: entered allmulticast mode
[  916.764702][T19199] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3624'.
[  916.767593][T19199] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3624'.
[  916.774813][T19199] geneve2: entered promiscuous mode
[  916.776782][T19199] geneve2: entered allmulticast mode
[  916.781109][ T7870] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  916.785716][T19199] tipc: Started in network mode
[  916.787539][T19199] tipc: Node identity aaaaaaaaaa3, cluster identity 4711
[  916.790831][T19199] tipc: Enabled bearer <eth:ipvlan0>, priority 10
[  916.798753][ T4772] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  916.802999][ T4772] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  916.807449][ T4772] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  917.167035][   T40] audit: type=1326 audit(2000000500.009:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19207 comm="syz.2.3628" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f15579 code=0x0
[  917.468393][T19212] lo speed is unknown, defaulting to 1000
[  917.470995][T19212] lo speed is unknown, defaulting to 1000
[  918.071612][T19224] 
[  918.072431][T19224] ======================================================
[  918.074686][T19224] WARNING: possible circular locking dependency detected
[  918.077017][T19224] syzkaller #0 Not tainted
[  918.079006][T19224] ------------------------------------------------------
[  918.081662][T19224] syz.4.3633/19224 is trying to acquire lock:
[  918.083604][T19224] ffff88804ca47148 (&sbi->pipe_mutex){+.+.}-{4:4}, at: autofs_notify_daemon+0x4a6/0xd60
[  918.086692][T19224] 
[  918.086692][T19224] but task is already holding lock:
[  918.088272][ T5931] tipc: Node number set to 10136234
[  918.088991][T19224] ffff88806e13d488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570
[  918.094174][T19224] 
[  918.094174][T19224] which lock already depends on the new lock.
[  918.094174][T19224] 
[  918.097857][T19224] 
[  918.097857][T19224] the existing dependency chain (in reverse order) is:
[  918.101087][T19224] 
[  918.101087][T19224] -> #3 (&of->mutex){+.+.}-{4:4}:
[  918.103727][T19224]        __mutex_lock+0x1aa/0x1ca0
[  918.105584][T19224]        kernfs_seq_start+0x4f/0x2a0
[  918.107572][T19224]        seq_read_iter+0x2c1/0x12d0
[  918.109463][T19224]        kernfs_fop_read_iter+0x46c/0x610
[  918.111559][T19224]        copy_splice_read+0x618/0xc20
[  918.113600][T19224]        do_splice_read+0x285/0x370
[  918.115525][T19224]        splice_direct_to_actor+0x2a1/0xa30
[  918.117705][T19224]        do_splice_direct+0x174/0x240
[  918.119757][T19224]        do_sendfile+0xb06/0xe50
[  918.121569][T19224]        __ia32_compat_sys_sendfile+0x1e5/0x220
[  918.123840][T19224]        __do_fast_syscall_32+0xe8/0x680
[  918.125902][T19224]        do_fast_syscall_32+0x32/0x80
[  918.127855][T19224]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  918.130335][T19224] 
[  918.130335][T19224] -> #2 (&p->lock){+.+.}-{4:4}:
[  918.132814][T19224]        __mutex_lock+0x1aa/0x1ca0
[  918.134694][T19224]        seq_read_iter+0xe1/0x12d0
[  918.136546][T19224]        kernfs_fop_read_iter+0x46c/0x610
[  918.138609][T19224]        copy_splice_read+0x618/0xc20
[  918.140659][T19224]        do_splice_read+0x285/0x370
[  918.142640][T19224]        splice_file_to_pipe+0x109/0x120
[  918.144699][T19224]        do_sendfile+0x400/0xe50
[  918.146515][T19224]        __ia32_sys_sendfile64+0x1d7/0x220
[  918.148605][T19224]        __do_fast_syscall_32+0xe8/0x680
[  918.150668][T19224]        do_fast_syscall_32+0x32/0x80
[  918.152594][T19224]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  918.155151][T19224] 
[  918.155151][T19224] -> #1 (&pipe->mutex){+.+.}-{4:4}:
[  918.157857][T19224]        __mutex_lock+0x1aa/0x1ca0
[  918.159730][T19224]        anon_pipe_write+0x15d/0x1bd0
[  918.161759][T19224]        __kernel_write_iter+0x720/0xb10
[  918.163841][T19224]        __kernel_write+0xf5/0x140
[  918.165782][T19224]        autofs_notify_daemon+0x4db/0xd60
[  918.167850][T19224]        autofs_wait+0x10f3/0x1ac0
[  918.169715][T19224]        autofs_mount_wait+0x132/0x3c0
[  918.171720][T19224]        autofs_d_automount+0x4b2/0x960
[  918.173764][T19224]        __traverse_mounts+0x1b9/0x830
[  918.175784][T19224]        step_into_slowpath+0x772/0xf50
[  918.177835][T19224]        path_openat+0x10db/0x3140
[  918.179704][T19224]        do_filp_open+0x20b/0x470
[  918.181556][T19224]        do_sys_openat2+0x121/0x290
[  918.183460][T19224]        __ia32_compat_sys_openat+0x16d/0x210
[  918.185726][T19224]        __do_fast_syscall_32+0xe8/0x680
[  918.187770][T19224]        do_fast_syscall_32+0x32/0x80
[  918.189712][T19224]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  918.192460][T19224] 
[  918.192460][T19224] -> #0 (&sbi->pipe_mutex){+.+.}-{4:4}:
[  918.195525][T19224]        __lock_acquire+0x1669/0x2890
[  918.197520][T19224]        lock_acquire+0x179/0x330
[  918.199343][T19224]        __mutex_lock+0x1aa/0x1ca0
[  918.201236][T19224]        autofs_notify_daemon+0x4a6/0xd60
[  918.203234][T19224]        autofs_wait+0x10f3/0x1ac0
[  918.204884][T19224]        autofs_mount_wait+0x132/0x3c0
[  918.206605][T19224]        autofs_d_automount+0x4b2/0x960
[  918.208342][T19224]        __traverse_mounts+0x1b9/0x830
[  918.210116][T19224]        step_into_slowpath+0x772/0xf50
[  918.211854][T19224]        path_lookupat+0x627/0xc40
[  918.213540][T19224]        filename_lookup+0x224/0x5f0
[  918.215419][T19224]        kern_path+0x35/0x50
[  918.216938][T19224]        lookup_bdev+0xd8/0x280
[  918.218570][T19224]        resume_store+0x1d6/0x490
[  918.220261][T19224]        kobj_attr_store+0x58/0x80
[  918.221918][T19224]        sysfs_kf_write+0xf2/0x150
[  918.223547][T19224]        kernfs_fop_write_iter+0x3af/0x570
[  918.225299][T19224]        vfs_write+0x7d3/0x11d0
[  918.226855][T19224]        ksys_write+0x12a/0x250
[  918.228398][T19224]        __do_fast_syscall_32+0xe8/0x680
[  918.230177][T19224]        do_fast_syscall_32+0x32/0x80
[  918.231856][T19224]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  918.234028][T19224] 
[  918.234028][T19224] other info that might help us debug this:
[  918.234028][T19224] 
[  918.237415][T19224] Chain exists of:
[  918.237415][T19224]   &sbi->pipe_mutex --> &p->lock --> &of->mutex
[  918.237415][T19224] 
[  918.241778][T19224]  Possible unsafe locking scenario:
[  918.241778][T19224] 
[  918.244249][T19224]        CPU0                    CPU1
[  918.245997][T19224]        ----                    ----
[  918.247974][T19224]   lock(&of->mutex);
[  918.249335][T19224]                                lock(&p->lock);
[  918.251386][T19224]                                lock(&of->mutex);
[  918.253469][T19224]   lock(&sbi->pipe_mutex);
[  918.254961][T19224] 
[  918.254961][T19224]  *** DEADLOCK ***
[  918.254961][T19224] 
[  918.257802][T19224] 4 locks held by syz.4.3633/19224:
[  918.259756][T19224]  #0: ffff888027868478 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370
[  918.262811][T19224]  #1: ffff888045842420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  918.265620][T19224]  #2: ffff88806e13d488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570
[  918.268677][T19224]  #3: ffff888040e990f8 (kn->active#71){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570
[  918.271823][T19224] 
[  918.271823][T19224] stack backtrace:
[  918.273476][T19224] CPU: 3 UID: 0 PID: 19224 Comm: syz.4.3633 Not tainted syzkaller #0 PREEMPT(full) 
[  918.273492][T19224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  918.273500][T19224] Call Trace:
[  918.273506][T19224]  <TASK>
[  918.273512][T19224]  dump_stack_lvl+0x116/0x1f0
[  918.273534][T19224]  print_circular_bug+0x275/0x340
[  918.273554][T19224]  check_noncircular+0x146/0x160
[  918.273575][T19224]  __lock_acquire+0x1669/0x2890
[  918.273589][T19224]  lock_acquire+0x179/0x330
[  918.273599][T19224]  ? autofs_notify_daemon+0x4a6/0xd60
[  918.273614][T19224]  ? __pfx___might_resched+0x10/0x10
[  918.273630][T19224]  ? __lock_acquire+0x12c2/0x2890
[  918.273641][T19224]  __mutex_lock+0x1aa/0x1ca0
[  918.273653][T19224]  ? autofs_notify_daemon+0x4a6/0xd60
[  918.273677][T19224]  ? __kernel_text_address+0xd/0x40
[  918.273690][T19224]  ? find_held_lock+0x2b/0x80
[  918.273704][T19224]  ? autofs_notify_daemon+0x4a6/0xd60
[  918.273716][T19224]  ? autofs_notify_daemon+0x45a/0xd60
[  918.273731][T19224]  ? __pfx___mutex_lock+0x10/0x10
[  918.273742][T19224]  ? __mutex_unlock_slowpath+0x161/0x790
[  918.273755][T19224]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  918.273767][T19224]  ? from_kgid_munged+0xab/0x130
[  918.273786][T19224]  ? autofs_notify_daemon+0x4a6/0xd60
[  918.273798][T19224]  autofs_notify_daemon+0x4a6/0xd60
[  918.273837][T19224]  ? __pfx_autofs_notify_daemon+0x10/0x10
[  918.273852][T19224]  ? kernfs_fop_write_iter+0x3af/0x570
[  918.273868][T19224]  ? vfs_write+0x7d3/0x11d0
[  918.273883][T19224]  ? ksys_write+0x12a/0x250
[  918.273904][T19224]  ? lockdep_init_map_type+0x5c/0x270
[  918.273915][T19224]  ? lockdep_init_map_type+0x5c/0x270
[  918.273927][T19224]  autofs_wait+0x10f3/0x1ac0
[  918.273940][T19224]  ? __pfx_autofs_wait+0x10/0x10
[  918.273952][T19224]  ? __pfx_path_check_mount+0x10/0x10
[  918.273967][T19224]  ? find_held_lock+0x2b/0x80
[  918.273981][T19224]  ? path_has_submounts+0xcf/0x120
[  918.273997][T19224]  ? do_raw_spin_unlock+0x172/0x230
[  918.274010][T19224]  ? find_held_lock+0x2b/0x80
[  918.274024][T19224]  autofs_mount_wait+0x132/0x3c0
[  918.274039][T19224]  autofs_d_automount+0x4b2/0x960
[  918.274054][T19224]  __traverse_mounts+0x1b9/0x830
[  918.274071][T19224]  step_into_slowpath+0x772/0xf50
[  918.274086][T19224]  ? __up_read+0x2d1/0x700
[  918.274101][T19224]  ? __pfx_step_into_slowpath+0x10/0x10
[  918.274115][T19224]  ? lookup_slow+0x50/0x70
[  918.274131][T19224]  path_lookupat+0x627/0xc40
[  918.274152][T19224]  filename_lookup+0x224/0x5f0
[  918.274168][T19224]  ? __pfx_filename_lookup+0x10/0x10
[  918.274189][T19224]  ? getname_kernel+0x52/0x370
[  918.274200][T19224]  ? __asan_memcpy+0x3c/0x60
[  918.274216][T19224]  kern_path+0x35/0x50
[  918.274230][T19224]  lookup_bdev+0xd8/0x280
[  918.274242][T19224]  ? __pfx_lookup_bdev+0x10/0x10
[  918.274264][T19224]  ? __asan_memcpy+0x3c/0x60
[  918.274280][T19224]  resume_store+0x1d6/0x490
[  918.274294][T19224]  ? __pfx_resume_store+0x10/0x10
[  918.274310][T19224]  ? find_held_lock+0x2b/0x80
[  918.274325][T19224]  ? __pfx_resume_store+0x10/0x10
[  918.274340][T19224]  kobj_attr_store+0x58/0x80
[  918.274352][T19224]  ? __pfx_kobj_attr_store+0x10/0x10
[  918.274363][T19224]  sysfs_kf_write+0xf2/0x150
[  918.274375][T19224]  kernfs_fop_write_iter+0x3af/0x570
[  918.274392][T19224]  ? __pfx_sysfs_kf_write+0x10/0x10
[  918.274403][T19224]  vfs_write+0x7d3/0x11d0
[  918.274422][T19224]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  918.274440][T19224]  ? __pfx_vfs_write+0x10/0x10
[  918.274458][T19224]  ? find_held_lock+0x2b/0x80
[  918.274475][T19224]  ksys_write+0x12a/0x250
[  918.274491][T19224]  ? __pfx_ksys_write+0x10/0x10
[  918.274508][T19224]  __do_fast_syscall_32+0xe8/0x680
[  918.274521][T19224]  do_fast_syscall_32+0x32/0x80
[  918.274532][T19224]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  918.274550][T19224] RIP: 0023:0xf7f91579
[  918.274562][T19224] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  918.274572][T19224] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  918.274583][T19224] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040
[  918.274590][T19224] RDX: 0000000000000012 RSI: 0000000000000000 RDI: 0000000000000000
[  918.274597][T19224] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  918.274603][T19224] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  918.274610][T19224] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  918.274619][T19224]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  918.492255][T19224] PM: Image not found (code -6)
[  919.733665][ T1140] net_ratelimit: 30 callbacks suppressed
[  919.733678][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  919.843723][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  919.953684][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  920.063730][ T4242] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  920.173633][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  920.283740][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  920.393714][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  920.503721][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  920.613731][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  920.723694][   T12] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  924.823869][ T1140] net_ratelimit: 36 callbacks suppressed
[  924.823887][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  924.933686][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  925.043682][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  925.153702][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  925.263735][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  925.373656][ T4139] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  925.483711][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  925.593717][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  925.704446][ T1140] bond2: (slave ip6gretap1): failed to get link speed/duplex
[  925.813673][ T4772] bond2: (slave ip6gretap1): failed to get link speed/duplex