last executing test programs:

6m19.466463702s ago: executing program 2 (id=2627):
socket$qrtr(0x2a, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='block_bio_remap\x00', 0xffffffffffffffff, 0x0, 0x200000000}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x44004)
socket$kcm(0x10, 0x2, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
shutdown(r1, 0x2)

6m18.098733215s ago: executing program 2 (id=2631):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl(0xffffffffffffffff, 0x3, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000003, 0x50032, 0xffffffffffffffff, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
openat$comedi(0xffffffffffffff9c, 0x0, 0x400, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f00000064c0), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r1, 0x0, 0x0)

6m16.422134114s ago: executing program 2 (id=2634):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
read$FUSE(r0, &(0x7f00000000c0)={0x2020}, 0x2020)
write$FUSE_NOTIFY_RESEND(r0, 0x0, 0x0)
syz_emit_ethernet(0x42, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x458ac2, 0x0)
timerfd_create(0x8, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0xffff, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xc, 0x3, 0x0, 0x7, 0x0, 0x0, 0x0, 0xffffffffffffff20, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x10000000000100, 0xfffffffffffffffd, 0xfffffffffffffffd})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f000001b700)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x3d, "1a004e0078768000", 0x4, 0x2})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000022c0)={0x0, 0x0, &(0x7f0000002240)="d404c4763ff744f3b00258fb9efba232cb4708e56d9e6bc19a442498a40ff63d425d1e2fba13b1bb2627d324238feb97b96b98", &(0x7f0000002280), 0x5}, 0x38)
r3 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
preadv(r3, &(0x7f00000002c0)=[{0x0}], 0x1, 0x6, 0x9)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r2, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3ecc00000071000100"})
ioctl$TIOCSTI(r2, 0x5412, 0x0)
ioctl$TIOCSTI(r2, 0x5412, 0x0)
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, 0x0, 0x0, 0x200013, 0x0)

6m15.187262018s ago: executing program 2 (id=2637):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
open(0x0, 0x147842, 0x6)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getpgid(r1)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f00000001c0)='usrquota')
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f00000000c0)={0xc})
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r5, 0x3b82, &(0x7f0000000000)={0x18, r6, 0x1, 0x0, &(0x7f00000004c0)=[{0x81, 0xfffffffffffff801}]})
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_procfs(0x0, &(0x7f0000000040)='net/icmp6\x00')
ioctl$TIOCGSID(r7, 0x5429, &(0x7f0000000180))

6m13.627794924s ago: executing program 2 (id=2638):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x3e, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x1, 0x30, 0x0, 0x0, 0x80, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @dest_unreach={0x3, 0x7, 0x0, 0x0, 0x3, 0xc58, {0x5, 0x4, 0x0, 0x7, 0x0, 0x65, 0xe, 0x4e, 0x24, 0xc, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x44}}}}}}}, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r1, 0x0, 0xd2, &(0x7f0000000200)={@empty=0x20, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xfffffff7, 0x4, 0x40000006}, 0x3c)

6m9.591103716s ago: executing program 2 (id=2648):
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
gettid()
rt_sigtimedwait(&(0x7f0000000240)={[0xffffffffffffffff]}, 0x0, 0x0, 0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x15)
writev(r3, &(0x7f0000000280)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff0600000001ffa6004500000025", 0x1d}, {&(0x7f0000000580)="fa21bd2b5c40cc420740358ffc7f9f4b6e68fc8d1aa2597e7b484f301f11e3", 0x1f}], 0x2)
setsockopt$RXRPC_SECURITY_KEY(0xffffffffffffffff, 0x110, 0x1, &(0x7f0000000300)='GPL\x00', 0x4)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='affs\x00', 0xa08410, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000180)={0x0, 0x0, "a4cd91", 0x9})
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500003c0002800800050001000000140007000000000000000005000000000000000108000f", @ANYRESDEC], 0x74}}, 0x0)
bind$rxrpc(0xffffffffffffffff, &(0x7f0000000000)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e20, 0x3, @empty, 0xd}}, 0x24)
lsm_get_self_attr(0x64, 0x0, &(0x7f0000001280)=0x38, 0x0)

5m54.254613593s ago: executing program 32 (id=2648):
rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8)
gettid()
rt_sigtimedwait(&(0x7f0000000240)={[0xffffffffffffffff]}, 0x0, 0x0, 0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x15)
writev(r3, &(0x7f0000000280)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff0600000001ffa6004500000025", 0x1d}, {&(0x7f0000000580)="fa21bd2b5c40cc420740358ffc7f9f4b6e68fc8d1aa2597e7b484f301f11e3", 0x1f}], 0x2)
setsockopt$RXRPC_SECURITY_KEY(0xffffffffffffffff, 0x110, 0x1, &(0x7f0000000300)='GPL\x00', 0x4)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='affs\x00', 0xa08410, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000180)={0x0, 0x0, "a4cd91", 0x9})
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500003c0002800800050001000000140007000000000000000005000000000000000108000f", @ANYRESDEC], 0x74}}, 0x0)
bind$rxrpc(0xffffffffffffffff, &(0x7f0000000000)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e20, 0x3, @empty, 0xd}}, 0x24)
lsm_get_self_attr(0x64, 0x0, &(0x7f0000001280)=0x38, 0x0)

52.631794284s ago: executing program 1 (id=3270):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'veth1\x00'})
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={0x0}}, 0x0)

52.343439127s ago: executing program 1 (id=3272):
r0 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
poll(&(0x7f00000000c0)=[{r0, 0xe7d4c009da6c1985}], 0x1, 0x6)

52.133927105s ago: executing program 1 (id=3273):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001940)={0x9, 0x15, 0x0, 0x0, 0xc242, 0x0, 0x0, 0x41100, 0x11, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, 0x0, 0x804)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000864)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f0000000380))
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r5, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001400add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)

51.234676576s ago: executing program 1 (id=3277):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000a40)=[{{&(0x7f0000000240)={0xa, 0x4e24, 0x9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x6}, 0x1c, &(0x7f00000002c0)}}], 0x1, 0x40408d1)
shutdown(r0, 0x1)
setsockopt(r0, 0x84, 0x7f, &(0x7f00000001c0)="020000000980ffff", 0x8)

51.131087174s ago: executing program 1 (id=3278):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x90000001})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f00000001c0), 0x12)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000001, 0x31, 0xffffffffffffffff, 0x0)

50.28507427s ago: executing program 1 (id=3281):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}]}]}, 0x30}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x20, r3, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x48050}, 0x0)

37.900249604s ago: executing program 0 (id=3327):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x2003, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0xffed}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD_SELECTOR={0x5, 0xa, 0x3}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40014}, 0x0)

29.761163393s ago: executing program 0 (id=3349):
syz_usb_connect(0x0, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0)

26.646710152s ago: executing program 0 (id=3360):
syz_open_dev$sg(0x0, 0x0, 0x48e01)
pipe(0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)

24.902874378s ago: executing program 0 (id=3364):
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
timerfd_create(0x0, 0x0)
unshare(0x22020600)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000030000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0x3, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0xe}, 0x0, &(0x7f0000000300)={0x3ff, 0x7e7, 0x0, 0x9, 0x4, 0x0, 0x7fffffff, 0x3f8}, 0x0, 0x0)

24.675692216s ago: executing program 0 (id=3365):
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="791298000000000061138c0000000000bf2000000000000015000000080063033d030100000000009500003a000000006916000000000000bf6700000000000066060500fcff03006706000002000000760300000ee60060bf050000000000003c650000000000006507f9ff01000000070700004cdfffff1e75040000000000bf54000000000000070400000400f9ffad43010000000000d5000000000000000500000000000000950000000000000032410000000000000054bb12dc8c27df8ecfc7bdd2d17f2f1754558f22dd399703d6c4f6f3be0b369289aa6812b8e007e733a9a4f16d0a3e1282ee45a010fb94fe9de56c9d8a814261bdb94a05000000c6c60bf7a13ba1fcf1111ce4fc0d742a81762bab8395fa64810b5b40d893ea8fe0ffffff7f1b546cad3f1d5af65706fd4f68795cce6cf16ab689b555202da2e0ec2871a51445dc8da39e5b0ab71ca9b901627b562ed84b026002d4519af619e3cca4d69e0dee080006774a8f3e691700ec88158f02001b0000c81c8b297dff0445a13d0045fb3cda32a673a6bb55d8c80800dce431e56723888fb126a1403d2b63f16fb2ad9bc117aba7cbebe174aba210d739a018f9bbec63222d20cedbc4d03723f1c932b3a6aa57f1ad2e99e0e67a993716d20000009f0f53acbb40b401e3738270b3156268784f2af9e4bcf8b07a10d6735154be1602f9dd1d7d4301e00000000000460bcc5989ec85e3cbcb6bcfaf0000000000000000bc00f674629709e7e78f4ddc211bc3ebf0bd9d42ca019dd5d0861cd64722cf74686ebfbe2562671cd47840f81d2a8f8f9be3bcd19dc6840aa7afaab43176e65ec1118d50d1e80100008000000000887a5ad103649afa17690884f800031e03a6d1bb96589a7eab049b1bd47287cd31cc43ea0ffb567b40407d000000000000000000000000005f37d83f84e98a523d80bd0d0d703f37ca363f601ae899a56715a0a62a26a0f6a5480a55c22fe394ae0000000000000000000000000000437d57defb79ea000500000000000000000000f014a4a318ba48d35ae9f438000000000000db894b62a614cb1fdd46619c5d2200000000000700000000000000000000006dcd2f421400f69947e4f26e099c9e8369080663c909b7e7c87e3b5e8e5a6df77c8f7338cd5a85f211a41b5d529d4243e47d7ab0d5991756b59d363ba30b18fc2ff189a4e8db38ab97c6a125e2785619e84c6a2b50f0e3ff83ef5149aff43dc899fdebdc2c496e6bdd4dd4d21f06fe133f4444272c5f0839ad663100452a6c6b6421f7e89a33b339401eee2cd466ab2a93a1ee7fb8a9e455ba1c6e17b02a1cd7bf35d36cf5b2a0f063469ae0d0b9fc042b48e98626eb0f9754d8cbbefa3079fe63063047baff09e9aaf7600000fba9a88db9ebef86f7cb522a784bb6d37e5f802757a15c6735138b493db9df53440a63fc565a0b190a710ae1e6807cbeb415ac841e94b706974160a60a14e571274f333d23186143b95514c79b50994cb39cda343bda8f01cf8ec7cdfdace0289e83ce50a57d69bfecfaf69fe7ff5b0375a47d3eb57b41d8a0589b82a1cf1149ba3f21ea2b65433321eb1a6f04ecc713c2b26d27baa49e54c2babec86335b9f418b5a5eb997bc9dd65197124b9aa80fc4aa8defb986bf05c41b919886bb81ecd3d24cf9ecc7004000000000000002c70d32f5d55ef2a2cf7560cb2884f46a92b3c25550f73e407fc5d514b2b7a6b690e290e676266addb7d96e723dec9c418eec8c48dffb6f432b4d5fef16e4f0051ba7efc690022c3f62b37cb5682d8bfdfc637ad3bf089ef0117bcd395322fcfb8e8e0a6e2babceb5f289b1d991770681192bcd0b584c3497e455f30ab918a690514a87a7d8e1d5f169a4e680e9c390071d26f2e0e26fc062f2785f14c0404fe01fb4000000000000000577dcb1698a9021a36d73ed03651c1937b2c84046023a1a0a87b208e33ad2d7c2892b176877264e1d699b7401eb917b289f6f67060fda0fa44b54bd87517a2bf09dba7209e41db4288b61bda5960952c45e5c55f2cd68bf9c6ff33e46109584bf42e8696ef1876564fef6f24cbbed0db8ab7fda1ffcc8c9fd4ab2cbe8f8df8e5535b12a942a948eacdaf308d48932064cfc3329da74f6f3e4409d6764a29680e312bf1a0143180e6493c9201ea916e6c9b2566c558ad88d9f7c0aebf82f5807eecefa97ada9bbd9e478e5d7748ee188bc719ca7a73dce5b6758a767c4c6b7572ab25eb2d73986379d5685cb438fe7091d097cc8f33fc0f83dee76603d6580f1c8fc4c37efd305ccc5a25678180425718bb9344e60dda8dae2677bb602d29aa0810616a2fdbca7020d72291b592b84223e2522ee01f5bdaa0fc4eb8d71d948a2baccf3ea2aa79d4d9069d8c0000000000000000000000321cd67859b4567badee56f158406f08683bdc5ffe2dedc916000c71f922fa2dfead7535999436a4aeb908781893479319b8b55e00d90ae6f09f06be2a0fc0bc17bef53331208112a0132350c0c5dd4607547079acc9471300dea6ae01742dccdae69f932cef80bca1bfcb57b9c852cf8358a580044772a80f20de36f707385380155be8907029d039a1d1447fc06b7020221e0d439f3f47edcf12f913dc8b6389a540340ae37804728ea65352e630c2e90424d58d72fdc1b28403e1dc7aad238b81df3b2d4166d656c6a9c73554bdf4f7312a4c0271e0eb45b4a596b7fa928ac3683f09fdaca46226c1df2c6c866cb4412d17d3d52c38cf0f7bd3b0eea2d4e06d061bb1b7c8c52f37f4036932d00028abd4527f5649bd60df638596fd639d7b16860033754ab13419429e5e39f290751ab6bd9392aef5519cd8c16e1f1cb1f225cc84a1a62497c1e436142fe28048a2b4d133905814a1808bc5b3e45eaa9eaebd946bee806968aeeb5a9eed87eba3d25d0b412a1b4cf2d419a58b09fc275c4395a0bd332eb538321465043e5967dd22459d0f52190a37f93ab823431a81fa6f54de61637fd473e19a6f567fead100e7d8cac149b66ebe9973af846146c62065a64854ed21e8b6f6fbe78474b753915a42efcb7da8ad18bacff8d69e0af1ca1f8174530a21820738412b100b54ee9b4a0dc22d5fe1cadecaea73fbfad087b19ce53177488d230539c5174f572a539d9d7c42698aa82bccf030ad393f25c10baa17e919f647d0e31877b7a6c1d8d86583f884a0c1da07b9b6dced06cdeb0094aa635a82f233b5993926b8970a0840ba116a7d20a40efb3bd03c4bdf380a2510a0a1ea69811ded68943c71218b42783b38959753978f222e1396b9b36dee2ce205122a000577cab29f48bff4f88c417e6bf5fb430d925596f29aca8677ca5a113aeaa5e0252ca17244d6c76e78ff1bbd81a71c4dfc72431d7f1126f8bdbf4056ee0f58a1bf83d53b1de07489541182dc4ee0f573c25b6c15dad930bc7a770b5a4f407d7a879db7185f15f80100000000000000739cc97db66ec6b925955d9a591808947fdd8d484ad27353230a449fdf87fc46c73b852fec931cfb6718acf3315bf5e577d00beb77c5514bc05d576a81345a03ad7aae74c5d2b77d45718348aed4fcbcd1441ff31b8f038824a989a9446a4a69367b228b3d174230b7320fc4d3c03368db573816dd0c04e65d6f8ce48283e76abdddbb965e0b2568e93c9cc5494a55421793f562c50c53f876cbde93c5cc7a3099c99d9775af010ba093f8a13b771782a3cfb24fbde6ef763e20c613164ab014d1906c4e098f1431b6b2886a155c4bac2911d7ee6a646f5913205ebd175e68975b93c330e4f9131788026b3b7cd5b6452c9e17452ac70000000000000000000000c71185f72436640fd4294fc3da230f9065095be47d7a848df12316c3c8b184fe110b061987fd79cf7d83443e69d08e2e839ae4fbe26ef7764f4870ef3bd0ec12eb45f60ca10dbfe329271f0bc93b28798e982e0dd32fc14bd4313c63b2dbb568f33fb45acad2dc7f438ea162c0709c0bbe1ea13e1e47399286e8143f400d7adf5f69e455706626814ee49274667f47769293451fd49885a152b8d2cf18febc7993f4a93893c6c7b7e46a230359ef2443e6bb9f50bb0faa5eaafd3ed6d551600c46b58a29fd7ccbbb0616f0be27302b683eccd742791d97f4a1daa0447f004426fd09b67d926f51525da63987bc73af35b28277879089b89fff6edab2fa1caf660a46a1a9f09e2d095b1c4be95c7c33dc81857f580e36c0a78d94dd879ee18de4a6475858d2ded2e3427ae007cc6f8e5e99aa146667f71ad83f3ddcf5db2dc396d7da499b65cd98125f20c284fc84d6a70be1de44b49c82022225292199c75cc26beab98dce4c331ed722f01d0d6314a72416814a565f4d90a5f8a255810f23541082f4b06f451e4724cd882f4d589600000000005854ca490d7df9cc293547c9a51aecc7a92f417f6a4d327737f1b198252358832dbe43507844a0cc112af4ce457c173fa64174ffd5ab9501eeb85508ebb60e169c0736c5960f2fe08735d6a7aa7c1f4a6433e77d3e547bbe6cf5b5d93a491ab4bba1ea7a1e6f37618b1d74cff3630d85a210092211be1ec12a30891eef590b19cdde055d626818c64e1c56b8918f33441a64b54946571b7bc70fb065d3bb1647f6f989ab8159e6d1cfa6c0ec7329d7d2263ca22144bf17d8692f03b592bd0f610096094da096233984e95b9a8216a6e60a104ae0bb5f77ac70b4390ea2cb6f6c40c928fae489f447240a25fd0a5bd9d5b6cd2a98f8804862922c11229c4e45c765e4d3348af3d3aadd5cc24b39437f1ea2df0000000000000000000000000022b90d93a267f3af4e02606f0ce6c2ffc404b575a09d6e625f3248689005eb4a9c8df3c67e6b2b759cab3a7bedf1b927cd8ba6d13b3e7d7279515e3d6d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)

23.514693606s ago: executing program 0 (id=3367):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x21800, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
keyctl$dh_compute(0x17, 0x0, &(0x7f0000000480)=""/82, 0x52, 0x0)
socket(0x1d, 0x2, 0x6)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd000000"], 0x24}, 0x1, 0x0, 0x0, 0x100}, 0x4014)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x24}}, 0x0)
close(0x3)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_NEW_INTERFACE(r3, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000002f00)={&(0x7f0000000640)={0x38, 0x0, 0x1, 0x30bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan3\x00'}, @NL802154_ATTR_IFTYPE={0x8}, @NL802154_ATTR_IFTYPE={0x8}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x4048044}, 0x20004014)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r6, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @local}}, {0x14, 0x2, @in={0x2, 0x0, @multicast1}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x54, r6, 0x1, 0xfffffffe, 0x10000, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x0)

21.164322986s ago: executing program 5 (id=3370):
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='net/sockstat\x00')
socket$tipc(0x1e, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
landlock_restrict_self(0xffffffffffffffff, 0x0)
socket$unix(0x1, 0x2, 0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r4, &(0x7f0000003000)=@file={0x1}, 0x6e)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000160001f47efde4be701161000a0000", @ANYRESDEC=r5], 0x1c}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x70, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x34, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}, @NFTA_LIMIT_TYPE={0x8, 0x4, 0x1, 0x0, 0x1}]}}}]}, @NFT_MSG_NEWSETELEM={0x11c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0xf0, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}, {0xe0, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY_END={0xdc, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x44, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}]}, @NFTA_DATA_VALUE={0xf, 0x1, "106192e16441b7a8b46dd0"}, @NFTA_DATA_VALUE={0x75, 0x1, "6cd0184c0727bb7853c257efd92790ba6cc9bd22093dc493dafa20dc196d1366177a914ef3305ced6cf67d385fbbf5d6985737b71a4718fa0a145b6fb6a32264bafd03f5c9b35aeadd372446bb57082ea03152fb162d8c0c86e18b885483073391b3b6ad1a8471b0481dff311f53ad5da5"}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0xe, 0x84}}}, 0x1d4}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

20.141835522s ago: executing program 5 (id=3371):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x90000001})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f00000001c0), 0x12)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_buf(r7, 0x6, 0x1f, 0x0, &(0x7f0000000280))
unshare(0x64000600)

8.215398773s ago: executing program 33 (id=3367):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x21800, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
keyctl$dh_compute(0x17, 0x0, &(0x7f0000000480)=""/82, 0x52, 0x0)
socket(0x1d, 0x2, 0x6)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2400000001040102000000c9fd000000"], 0x24}, 0x1, 0x0, 0x0, 0x100}, 0x4014)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x24}}, 0x0)
close(0x3)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_NEW_INTERFACE(r3, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000002f00)={&(0x7f0000000640)={0x38, 0x0, 0x1, 0x30bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_IFNAME={0xa, 0x4, 'wpan3\x00'}, @NL802154_ATTR_IFTYPE={0x8}, @NL802154_ATTR_IFTYPE={0x8}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x4048044}, 0x20004014)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r6, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @local}}, {0x14, 0x2, @in={0x2, 0x0, @multicast1}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x54, r6, 0x1, 0xfffffffe, 0x10000, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x0)

7.277587104s ago: executing program 5 (id=3387):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x8, 0xffffffffd24b2432, 0x83, 0xffff, 0x0, 0x81, 0x0, 0x0, 0x80, 0x8001}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x78, 0x0, 0x80, {0xc, 0x3, 0x0, {0xfffffffffffffffd, 0x0, 0xfffffffffffffffc, 0x0, 0x8, 0xffffffff, 0xfffffffe, 0x0, 0x80000, 0x8000, 0x0, 0x0, r2, 0x1, 0x3}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000006340)="7c7a6a069306f2c5ddf91f36944f207a1bd11284b4445fa3507bbc5def2e6fec4bb7c6001eafe381e277221f30085acd5d0c251f7c60c23874c04db6aa516f773dd2e57e746d1a085193c8b7664fceb1fe764d87f4395c66e5d4eee443a555692ebe80f3a11b8be74963f1a18c1d0cd71dec65e609e065e14615d2e8b283e55b4aa8b485f81ce52443d61fac9f08cf34f2997c05a63f98f988cfcea9a5650b37dff5817e5033b3912c226bd9bf68b528dec710584242fbdcf7dd0d55e394d3742039e6960bb589fb9ba18ac8e9e82cdbd08e9b584d0a8224cae3e9dd91e25699549007dc0d99165a73cda1c99fc48f6bfdb900c60e4481222505c58cc1108fbaf317d361d1f2d78f6db6e14b283ca9f1927f4f8a0f6f52818be03c7b257aec57f06a0a4279131a2bb0a13b23ab188ea50a686abb2f7e4d0f7a166f358e4cb886b7fbdf51cd9a153410dcc4cc5db7e8e94cc9ba2371a328480ad20f51d7fa012f367a0a8f9c882c47b5f714f0e1b35f72b2261989513c1428d648aa8ab8c12c87dfea38d5be0d49097fce804c9cd2ac8f61b68579853129351e3bcdbdae3371d2b12a150d94b3097161c226c50a1d2c1f8b4c10a986e21dbbb854ad1d26d0ce5d950835d14664ee8f58c537f5256b761b4707fe8d46cc1658798d285310a1cff127b1280cab3f1f633569391d5a7cc08aa1d108b93c38df397d90bbb81753930934df7dcaf8f960dff660fe239aa15cf48872668cacf4d664dc0809fe9d780ab202c3a968abb56655267c907eb3343809b2407105a5c14d53a3b17a9a1552314d27e13daf48a2bb7b2c9fc15aba9ae1d6325c11fbe8432c067efa72878ca56c6463b6cf4d29646905422908a4a1f7741d0049febed4fc2b7cc27154031e50a0ab297826383935bef6a0f968db92128e8a940509b5368146bdcacc852b9d0b4ae9624635f9e69f3a7bc8e6f3340c7de46f49feb20a46f11aef464fa6696a60865bdd0c40b1c411c9661fa9f6393a33a7eb4afaef3eb1ab4634a42baeea780ac6c0c4fc8cf7a92cf0592f993ac85bdfd6c18ba4b7cf4c4438a8330413de8365b4a080234f59edefca0c5ce9697b20cc7b71d04438c00cf3d557bd03b5e1b86e167d2d6e09714135ef720667d0f2e7ca54da419d1bf6722eda31381059216009cd8c99ba1d7f9ebc1bc021457a195fa5be2f0727a84cf4cac5e080f22c836a4955d5ed06bee2eec0d39abc5f459ac43596fee3b341dfbd7ce6f4e57ea42e1e8d4f65880b8b77d2ee27dc1efe95ff1bacf5aa14933456b68645380d0f2ef6284b9946857456d64f4cb656998e99e3e286f596b31c69a69d0ee8444ed838ca2f0ead1be9538e4e927239d0e65a3f871dcad33881f69592eed93a9fafc934aefa67bb87d582d0ae4cfbb5c50325774bbc259a277749751228d3610f95fd56e9fbccb288eca1b14c8255b6996a59c91efbb08440ed91cdd53b0aab82600906904cee2a117a06157e24fa822e1cf4f9db4c2e8a5e842cfc503e578e69002fbae194b6bc7c8b69aac7359292109b712eb49d21946f5ea2745ab77ef59950dcfd926df2aef20e85f2a14554aabb417f15c725c73edd4853926ad6c525afa2c65de213cee799c18d1ced9424d10d7076fc5862579702a5f91031381f41cb8d9899ab514cfa1c8c51437df9710271d8cf69e8900921cba296703f1a7b5234500c1625884fea594d836a930b06142a6e577cd9c2a32cae65e712624abeeffc423a5d5ed7bd75fcb1a82ecec8acd0da9918a5c7c189f14f8cdf37062f93b87f9188501556060ffc6eac435cb1624f2af688316366e03cfb869eacf83d9d45fce910c3347f810b614c2e4291e70471ca2b574241c3f3d9740c6a45c7296a2f275acbde72e513ef4e5a1123a57c2eb1bd023af716c16a7747204338f60b6e3ac514af50b21952c21592aefb6149828a5183ba581d5ee8647f374645ff941bab67bef760ce353b456c4b51c5d3a0c5372b1773b944ad67a92937dd838e1b6f550a1dca975d6230e430bcc278afed54e0621008b2f850107b0244359e3747be5282630452d432e5df0fd160795effed150f9396a7da5a1e4dce0c8f62280ff2fbfaa813859a671208b4b9f05fe450729b0efad83a790acd688a90e5fee5550de4ddeac70ecd125ad076c4e2b68652e6ea520e2b6b339b4b9dc219d853e06b9aa79d022e53607213fc254e15ec3e6b776d2b562997e0fe52b98c58e1c0316b22a4219460053da87e7baff7dc1892c2de2f324dd1169b977f3a6698d0234c78de3e46ba5824f3e373f264e8d28fbb4cc108a41fdecd4b629d92b0a65f84366bf504eb5a894ba40c89f9df854dc469fa174ac85cb8d2adfdc099ca9848a1032b2e2f375bd1544dfb69e33492e1a4b921ad7ff17c4c7e357ff69f42d2301c302ee2ed313f0e9a20ebfe028a8737d6e38bf179940179cb779b70c2276264cb4f23249db7d5f179baa842b70f5b287cf74ce1ff6b70a56be8f2fe15aeadca229804923d28a793838bc605eaf5dcd362f757577ebdac54b09fd73326720d3522d002a41a3b5f2450f48286a5ea45836b5ee77fc415f47e0716049ec2610d607737fd5a73b066b4876f9d744f6b3486b088dd3bfc3d393a27c6c799ce078e2ee348257b5ec1ba9de76da2a67ca912dc2dd5afc70834ceecbb8bd41f6e790294cacd5891bef1b4e2124dcd6dffdedee8f16b3bddc030429dcb0f98e6fe0649cb14eed3293fa4933b2ab8c0ec0ff4dbbced1e32dceb317252e715b872b00478cbd7b0275b7394a0ccfe9887410b32f1ce9266b3b83470ec982cf908507d3ad0cc366bff3759388b624701b3e0dc0e7928386b155b50b42a8e352622516beeeddfb79866a2eb1d360802cd19d62fd171267a0fece5f54e315a8cd49c41072f2a7a0baab5aadae2c1ff28e285b642f8d3869321bd18b4aed107feaa12d055b179a8ab7b50e2796d287a196e280d527b526c45c8aa98696d88a02d923d06fedf51336c0695c218e70448073921971093ea44b5352e10ce6cec26d082b93f69958165bd986f56650a62224c2d9fd044bd8fefd33544c6bd141b4cc211a087fa57c09e195c8edffe559048db738d1395f5e2625dd7cd035b8c76aad6c238fb52a7c5ff0965fc7122a5899746ca88abd699d6078623722fff92726e18613519f2b1927504fd5cb7a38ffa373c3883022f0387953530834affb5f05e0f44c24caa75561b2b63994493ab857fdc30900586fed09298d846e5936869b43d81c4b91902028e57a8f2da16355ccb7a77d29ecc8e66015e979b2f3edc5b8d77c45348dea55c9ed6b7465acf899f4bc1a7edcae0b0daf69ff85c504eea1294620b6d3dbb004575044a5ae7c110010c2cf39827fbdab3b42ac35d147fc53bb5e7de6c47091dc80c14b8da494b2e913d1a52085e29af19edc4a417346c5a896a3851cb6132511e0627d190b77623c8a3bb6085eff22ede7127f7988a1d388fb70ea20d5c1b2424c5aa83532bc5162a5d177968b4a46583f2d4b92d04a5f19145221aeaf724d92ea1d4dfb53021b47585bbe5ce35f8d09a83e13fdb1de8e52dc646d41e810879ce9c830959c3ee93f11a16d030d141863244395e3f847505fe6d9594a34009fec9a743c033b9793335684cc5c3d0eb0ad094f40a60264b02cd88c583c850d99c5b9c6c5dcef467ca3ea38f2aa42f5657cd940aeb12960efa18d571e4f958b9cd90918e069a486d84f214617ce29c0f2c26bf84f12f5036f26a8de0c8359f572654bf5ee06d38f741c464976d95ae3fdda45c2ed2d08ef71d3590e82d235e0fa357c568158791a195d4a2d9615e1edc85be64cfd169f925ffc4f636f86783cf43624a77bdb9b172228097f02f391df00668dafbd9932298b23cfadfd1b8d14a25cb408a440f930f0813de73c1eb2eb4b3c802d718a672453d0038965c6dc98db96fb4e06f1fda72782d0839d4e8b477ebdb2c73510db44f643ec7dc4fcb837806853caa35cf622aff9d44381d3f7adae00650cbb6f0334ceca14ec982dfb5817d7fd49251c203b6463a09c14885f754603291ccf0a7ceaa57284ee751774fa5ad72f9f7a32fa542947af40601e98057895f2869d4ec2db0d73930962535fc9e12ba7e6777cb458592bee505b367012ebd27b256fa0fac1452cf3b28eab573549b7c7a13752ca0189768f738d5f8030fe999f7bdc466d67bb32937ae469f1a1e21fac2ae2ab92a0a260bf0e9ce20625e82f88d0ed4d13876aed768765d77433bb9137d92d622df502aef574de82fe28063128fe5a1787ced99734c2f3f221e80d3baefd367d01d950ee1bc981b4b5ff86b2a96ab78fa3c1201303cab473103d89bb185afc77dd2cb7ac1564045036fe9fcf85af5d73a7553bc45bf5e221564540982db2f81e612e7c1715d3498b8d7851c0160146d6eaae9e30c81dedfca8e7122fcb69b26b396629b723f1e1822b8d5d8f2ac583728a5ab40010f88aa42f37f2031a3e99d8d6661e63f86f65af521066ea6af89c89e1748521b8368cd03409e895a941025ee777653f55e66cd1a0cca21308666260c3b9a306ddadb322eb1d09f7b27fd570cd35b6ec88bb391e3ae4745e17fb4dd7aef1d75b4ebb91e6e7789b241566d7c0cc97a3a126ed50b0cb621e015414f62641afd85bad78470463f86d8287aa56d331911c23c4cae8e5dfea33f3789c03d61f51c590417b5ff9f1aa35ab6a15364296c5f9399216ce565210a4075ac5e43e916850774a127f9174d95b43d839e056b4a7d679bb8804951ca171c0b59f4d6f32c4fe8f908b9a1614591f5d1e1cf3348e02317ec4655c693417a4c4e7007a8db02faa1634f8eea9c9bbe5b149ce2279953a54884392dc7251dd38670fd59d9d1da5203340909d50f779e864339014bcb545d825cdcccedc558a1d01a2784b8f499ce9fa2ddb0dd1dc0b93d1b282a96cb4ecf152474dbc4b2853b30c8e5fcea85bdab949f5eb1e98d81c102c349f680230082db5aba9e20209c35b16598507d28211b49763b598a7e60519d5b28b67c027cb2657cf2ac7c7455291fcfe63f0b43afcd3afaea934da97c209d02e5b47a686c1c284aeee5d662fd9d9be7c576259d9f1a36fc0f7fe329a1da1dbe078381233940745fc28a56db98b1a8442325168158e3f0b3cbf8a368d19dd20cdfc1c4f3893a30a49223050159b0bb8b7c59ca705ae25453988d87ca6cdd2bd2fe37847ba67cbcf7a494925a8598b7b50a741c9ced10ea08e35c422b79265561a07f40ebb89bc46069a1c1ad95949fe757a76ff6b5386a043abc967c367a9d86b54d374e573540dfc1f6d396f398abe9735f523b778fd124ac1e1eb832a66dd4b1838a50e6a4eb1b95b8a60a94f067b24d1194976c539d5ec287a261bf25904575be3ff49e7411a8dc09739649828124c14fc2b89dad1f3f5725db2e45f5a447cd3e4bdf9e1e95c5ad7c76fcf0c1021cb6c32e6985e1d113030d534eecb0dff2554183ee18da2da5d21a8b994a81f05e0e6ae89b20bffb4be333d1956270da23e9905830921b1f3d615a56a20b11d45ccd1d22b910e33f475a92c31fa5b4675ddee18336d0ee7b75c07df2a9d4ad53d83142219a00aef15e1e9dace0f039d63a530fdf671a54aba3882dad0d439632af5576726c3aa095cc1a0a03063e8a6581b78bef501acc24b05a0150d8f683c90e8e5e283a49f898906dab926e544ead48cb9bf9a6e1bf140b5273443b8cb8166b2d8a5464a3e9d9f4246ac81ea91b33a0b399dde9f5efaf792bb04cfa028f40b7c92db2d9c33e16ef58b9263350879ea94e581a1187b2d1931b1cd7606a76bd8943b7c3098a33bdf476960af7bdf2854b1336e72feb603b8bb2242df0839d157843d369a50a615068ff5d99ecebe8dc19158a6c654e853cedf860a727bf8140c062f5d307fdcd150ad0af03d2c3a913b91047858ed6382d2d2d30f5c0bd419c2cd4047f225107ea8bf4a3a69384f16b5b5bb2655bdb750db4e975794592987df95f6a90374b0a08769b2c957faa16a21270196afba76b4527f01f0c5db7fa16e2da81fc49336e20bc3ee1ccbcb62255c84513d9ceb706f03c25000517070c03b7bce838e6b6cbc7f767959fbd62e11ab7ea6d760cff674a4296e6185eb348028b472290922160f3ea36c22c8375a016f505017c0a0e041dd8e52b4f19ccfc701109a19391a059d77db239d40a06d84a6f0ccd08aaad764e53ad1da19ee825a4d25ca7cd538289bffe135486ec1614e28b3682c7081a1b0a2c7272f4e36f6d0d9e68d84209126dc59312d48eed1c63c90efeadd472259392c28746abf394c5c6c97d3fb00b70a74c313a817ee1719c33f16d58f297fc7eacbca5803df115745079c5434e851ad6c1f0e8ba0bdbb66cbb6789b89a23526b476ad0f2cea0907e72702f93d37bdfe7b39fb9b33fb1111e58f5c45db8cc38afe4e03a318aa0690afb870a67aeda7da9640fdad1e1f551dd4757c69b4f523b616e502514a2e35495916f2e5ddab1ad9534644d99ec56e818caba173773aa5e45104deb869b23063eaea5542d3bc503a6948b83779aa46879443cad02477451b46429f1f67560c31d4377f96031ab94866a73be753c4ab91cc6576c3991c3423103ebae604e887c56cbacb9e95b8b46300b62e698a6456a0d175cf682eacabbe301e0b0ea34f963daed0dc6c1b75fa5e3870959913e69e61911d9ff646e9c6bab33fe566871027e861577c4d7fdfdf94ce7ac1a3f6d29daf28d660431a89c0b56c4b95090e2ca5df62c1e5c5dbf98f067751819d4c5914aa33883b7b521aab30d14e1cfae74fcf3ad4b2cf9448009d3223ad984e0c50f92d465573a6fc2894f8a5d4e855316738ecfd6a6c157d39b5c44d80a7cba944cf9f7a701899859821cf2bc248459f7a350fefba53c1481a7197f024f2eb74251455c06f4b82dfcf3ccf3e3b98b898fa1b16c310125e5e9fd4019acccbe91b4d842ddd52ee56f6d3112dec80159d6d3ef93bca70e7afcccb223361c39addbe3c429934cd0ae35f36a8f6309f08e36b27341db1f21fd8a148b239361b31a85f53bd1ad49fadace6c64d5f4363427fb2f268e8aec6d81cdb7f1252baa4652dc55881661114bf98cdf17190379591f0e22dc97e790f53f463bbb0ad0ead78ddf7dfe2e26052acc31cfe52b822afd5ec5c75957106cb5c368c09252ff3e4f624d90e599279fb985ecdb7d8880dfe05ac2d2da83e34e2b9b88f5dd60107a4509902fcddf4a36605e5c7a2606a4aea9fd4b5b24ca6b67d6945d133869cf9276d8c30b08c2a9f4bf03f4e0b956fd5f3c80b958ac5c41e4115b6708799c3102bd8b6c7fe17ff8c3f89c7437255faf69d1e16074086dd44d038bc0211ac74743169b462dbc085d77bf45eea72bf8348308bf48feea02d739a0fee9fbf71023ef8c6828da1aec8618cc2345ff663f88bc52a990e6b9591425435b0c7900ea4068f5aa6345e94254e259a71290fa23281658a6a165d1dee10dcb355518264824665ff2c5538de9ae4487782911f79e0bb09bc2c2d8e0d91b33cbec839075c9b38c848e9d2fad7368e96c1932042c3e85fd95b7d4500e6cae9e649082e9d5ca6f2cf91fc7ecaccc1049525d4325003424cacbd6eb5b8cc30b6893bd1ef46a8e7cbcc87dc2dda5c802ef1f8bb607c7457eb161254dc0feb60ed5ed0383fdb4db91d7e41d45c8eb80c1981e801ef05703f97f8710a2e00eb0559f854f700f946937b9e68c75ad6d0015d5d79be5423d0d846bc76f92ea7ebb0302b3d3c695c0aafa83b2bf029a444709cbf2cefbdcc7eaf3dd7a16f8ca8c861e883db10d433f7fec547be45e6829962e430bb3c93e8cdfb342c1cb7e53d8a6ea625d5574c4b4303f61c4338a658e652ab2bc0029c0a78a5114f495a439956909cf42128cb4348affbecb20b7fea98e22160e9a58e7666a00e7b37fbec4bd3860d66a39d1232a57e8cc50710c5c666f7efa98f16f9a02d843c94b0842a383945d06899998ff2fd01ffb58ab53ea89b2c93634c48d0420edb9791b8e451b35b534b8b2874c4859c684cd14afb5335a2555c75ad9df018635bb7131a7ef204ccecfed33a675fc51687e3f8818406fbf58e7b5fde1ca96153817e1b632e89a78d967eb6a34af1dac0d9ffa448b7b9bac27afc305a7b47febbe0a37036c18aef6852b1b2759d67479f9edb169e796d949844a1624b1e832a2eee9be36dc5866d6fde431cfcbd4e305d322c9dd07f83b5b361daaa74bfc9fbce8b447210c327468659ecbb0a5fc20d0cb79de7d1d70bf251c81d5f38711f3f4bd4752685b077058beb465711b1359d2a7d2f59216c5a807121bb97e7ccacc46526e4072f1d6de3b487d492fed0995e2273fa3bb115bd08d32d8e57eb2aa8f9d3b81babd1b8334c3a5e69422b75502ced3793d07b9bdf38e9d9fa1d2e48c7886dfc41985e8ffc49f09c4ba58ddc3b4cbf562b591f8939ced5d18214a77cc753075334a157373cc33cbc07a731cd6342492f5e05f78108e627bc88777203c76632bbe0120924c7a51bbfc9dc789a5695b7c95ef544935032fb81d499c454a2d78727875c20bc8a48a9f23cf6595c17c9cdaa8d04bab8ac567ebd3bbcdb40e11f1893fea3970f176f75f38d17d6ee1bd4ab76c660723a776bc72319199ab82c40ac4a9f4f475e8fd4643a4be8601cb5172e112c236c7c430078601bf183a59a03885e994c1116a9d4ef275790ff2417ffd85b43274fc57654466fa394958aeb11f343c3439604af13997011af70b67df1a9dfa4cdb751a2dc3e5bbf42f7b9ebc6dcebb2dbdc57d7a2cef7409dba307b7cf6eab148a924566341d035cabc877c68d0fbfaebdd39c16304b63a1bae376fb4650708bf5695dfd7ffc01f43f0021f622de0b116ea494454497337a0ec469963de7f9d2b1d6c5a7a0a7835777a78a2b9e16eec696446981d2fea550f011419b96f7b2018d027b87fc715521b0302bd7b5b3bc5f033346029eced73df07dd1bb1f91848376b40b9e9da7233e7832edcc7b54ef6fd320d19efce78d58ea7020fbbdf77612dc8a4f3281915ac9706f346e405b9f489f8f2e9a2decb8d18bec1e5f735a4ec69bba4dc5d36c9c1cc50b92fe67b2cdd53fa671c0cbe331abdf46787e7c9912b951aa20700dba6cf5a209fe5c9c61ef62a8e2e572ec774b2d0f42d570633fc44d44826e848d47a8f386a5704e0a3eaf1d06617181aeb166334ab55d5aedccb27abf19a42a480930e25465721336c70a2ea7799d21a3659124ac9503efc99c1b13ca2b9723e3e338055f9b3cef7502017ebbb09a64b06462db353a5c562101cb7fbf29e056deeb1ff0c7bc877210c941c87401ceae52bcecc83e87655069ab931bd813c1a87d67554f5d2cf435e6dd92a515c22f5d5a9a44ebc81e9c4849104343b80824005619312a9e349d996e366d381da42edad1a560bf5e31ecd049e92ceaf42954958600a7868599fe10e9b34587368d3044250c3d1a8ba6c8dcb6d318d4f9e71c2d33fc74cb57620a8343258d072f3aa767b4b178f3f66d5a713dae2426296c12edf9ee37636869e30df64cd3855fae20bc7602c1b7e6c8246ed4be71231a5ec7b5e7a9ebb08bf8667d8f2900ecdb0a0addc14a2328eebc448db13013e6a3c1a661065e5ac0a04b5171bd84c9d9d947a6c31257ed13a966530c5e20168c100117cf82b4c00ea3ad00ea65e1af89535b3f11a1418ddad33db8cec281543732d2ff4eab54b12cc95f7d872e75bc01bf6c580540b0e26413c6c2321ddfb0447bdb6acf05ddf2bb92534a3a5f37d6da882289f6fefc6a213cdfcf34902137fa3b982b2b4c27c611f08909a18405482f1e3a2bf3635d3e970457541da16e37bb3c422cceeb484bb64c78724431a543ecf4ca851914c1555e3b785ec87bba3769927f6c29f80e7ae8632bdb9acdddf7c3b5580740d9b2bfc25086c9566844136f3fac74f429121f86c378c68c20a194b0c98b1e92991954cbf60477e217a2e25297fc7b18972e40c531ec19e1eea193bbc8893392d8528c6a0375bcb4b082d20d5c47cb330bbb4b74b91ab55d4a0d3e1dee8182c581e8e70ac30108eeb7185c6ea3f786881ad124e1404651ee95cdb0fbb0d0f4a2b43c795ec1cd4e46234a88862d57903ce878b641004fb637341e5d6bf5163f1a3467b828f6eea96c3c2bb79503687867e11eec32dec452e0fdd2eaacfc0a477ee839ef049855da734d18212142dfe2a95ab9ad9bc4f98c3bfa34134c7e6c9f8669303314d4e8c1bc5475e8fcf418cbdb3246ebf393d911cdfee8f2550dc1593ece59ced81a4ffb2484f9c8ebed0aed8d418138445c4e96b209adcc4afd70f09901662daa2c8c557d6039768d97e6b9518f0de4ac2e0187ba08a4a9128d3e632fca102137338b5e568f12c7bd28db772c800fb5f4d4e683b201840731bb7c034235cd73313cde88891bbb31597bb537696e6c987302297f9717b8053779aed447d33ef9129e84d3031fa9b453bd5731fb010ffd19a9133e0ccbec2461cdd31ba294d68c60a8535b15584bab6e6d0ce6c1cef4755bd5f7d90f4debb40af1437a19a96ef9c0709692156152091c7efb58f2d39a65b96416dc09e8091ae08d9be5235a3c1ec062862baa1aab788f28e83ba4635cecc6671f2320f42b4f711e7d0fcad89d6727d3630da1ef35e32dee39eda665946abe6224f17f2acc29e62518fd51eb7f193d9bb16c38204069098c293fdce24c1c79229fd08622a4256b581cffce12e46c20248dc902753f0e3c91f9685b3d45f984620e262b3487d67d152f1c50de3fd2067a9d3debf715f346dd2f712c55545336a9036ba82bb06cfae59a48d083c3388f77790c9639fa0a9c33f4c66c7513042bffb765c2a4b3657dddf0ea094d8d79018f66c8ef8e9df980a89906275edf4a467a5db0a623976899f0efd167aab6ff385cdde59027a95a570277cb94ebce503906c28527e3114eb9ed739d0c2f4cf82786b35c0054718f47381ed8ce9b107e1f1019be5fc877166da667036f0c1b84e2b5118b5f4babc052d997e5f1e8c4cf45eb26430b74d9e1df3735b8d5df559903143d983e974bed6cc608c2580a991bdd3628ec676d348de8752cafa80c1661f162e35c25fc0ba0198423f83214fed800f9355ac8ea67951cfeeb3736b50c1e14d45d33aa25fc72c38702bd5dd217842e54114f4799c45ff1b7cec9729382ff7fc3ff80cbe1a13d03e19eecd7de676f6791fe34143ae30c97da9623907d974a37b65d0ef5d46b718d58541c6b1902814de71218ca7396ceb5fdacdc3cf4d110862402e7cc6254f1e44e28593fd443290262db75fd482ce1d305d6bf9fd3e5e0efbedac5a4d097650b111e6e9e1b2c66a23ac5bf27ed78d25d1a54c16ca4287126736c2f17ab73e683798c29d16481775ada8e20d94b00b6b29654b18f60e2853fdc7d3ba55d7df660db90288b6f440efd19f0478047b12c7b07ab2b1c9529597e6462d20612e6c3b6d1b1d11305f8ddc811860450504b7cbf9794edd0d07c25ab6307d74afdce958355eb919dcb1fcb8038c6dd5e774ee398dc8553a9ddeb551f", 0x2000, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x18}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
writev(r3, &(0x7f0000000200)=[{&(0x7f00000003c0)='n', 0xfdef}], 0x1)

6.931287769s ago: executing program 5 (id=3388):
syz_usb_connect(0x0, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000e395292024042c011e710102030109022d00010000"], 0x0)

6.06363512s ago: executing program 4 (id=3391):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
open(0x0, 0x147842, 0x6)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getpgid(r0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f00000001c0)='usrquota')
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_MAP(r3, 0x3b85, &(0x7f0000000200)={0x28, 0x5, r4, 0x0, &(0x7f0000000a40)="7f", 0x1, 0x4})
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r5, 0x3b82, &(0x7f0000000000)={0x18, r6, 0x1, 0x0, &(0x7f00000004c0)=[{0x81, 0xfffffffffffff801}]})
ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000380)={0x28, 0x6, r6, 0x0, &(0x7f00002c0000/0x4000)=nil, 0x4000, 0x10})
ioctl$IOMMU_IOAS_MAP(0xffffffffffffffff, 0x3b85, &(0x7f0000002080)={0x28, 0x3, r6, 0x0, &(0x7f0000002200)="10", 0x1, 0x7})
openat$dir(0xffffffffffffff9c, 0x0, 0x414400, 0x120)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r7)
r8 = syz_open_procfs(0x0, &(0x7f0000000040)='net/icmp6\x00')
pread64(r8, &(0x7f0000001240)=""/102384, 0x18ff0, 0x1000000000)
ioctl$TIOCGSID(r7, 0x5429, &(0x7f0000000180))

5.796181074s ago: executing program 3 (id=3392):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000005c0), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000600)={'wpan0\x00'})
sendmsg$IEEE802154_LLSEC_ADD_DEV(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000640)={0x14, r1, 0x615, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x801}, 0xc040)

5.030724416s ago: executing program 4 (id=3393):
r0 = socket(0x2, 0x5, 0xfffffffa)
setsockopt$inet6_int(r0, 0x29, 0x24, &(0x7f0000000000)=0x80002002, 0x4)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r2, <r3=>0xffffffffffffffff}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000004000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r4}, 0xc)
r5 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = syz_pidfd_open(r5, 0x0)
setns(r6, 0x24020000)
capset(&(0x7f00000020c0)={0x19980330}, &(0x7f0000000500)={0x0, 0x3, 0x647, 0x0, 0x40000})
mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f00000000c0)='sysfs\x00', 0x989, 0x0)

4.914760711s ago: executing program 3 (id=3394):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl(0xffffffffffffffff, 0x3, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{0x0}], 0x1)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000003, 0x50032, 0xffffffffffffffff, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
openat$comedi(0xffffffffffffff9c, 0x0, 0x400, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f00000064c0), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r1, 0x0, 0x0)

4.803406446s ago: executing program 4 (id=3395):
r0 = socket(0x10, 0x3, 0x0)
connect$netlink(r0, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bind$802154_raw(0xffffffffffffffff, 0x0, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0xc)
execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
socket$unix(0x1, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
chdir(&(0x7f00000001c0)='./bus\x00')
rmdir(&(0x7f0000000380)='./file0/../file0\x00')

4.769840766s ago: executing program 3 (id=3396):
r0 = fsopen(&(0x7f00000001c0)='tracefs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="940000000001050500000000000000000a0000003c0002802c00018014000300ff01000000000000000000000000000114000400ff0200000000000000000000000000010c00028005000100000000003c0001800c00028005000100000000002c00018014000300ff02000000040000000000000000000114000400000000f7000000000000ffffac1e00010800074000000001"], 0x94}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
r6 = fanotify_init(0xf00, 0x1000)
fanotify_mark(r6, 0x105, 0x5000003a, r5, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x42, 0x0)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x2)
readv(r6, &(0x7f0000000c40)=[{0x0}], 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x3, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000340)='syzkaller\x00'}, 0x90)
socket$nl_netfilter(0x10, 0x3, 0xc)
fsmount(r0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500003c0002800800050001000000140007000000000000000005000000000000000108000f"], 0x74}}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000540)=@filter={'filter\x00', 0xe, 0x4, 0x518, 0xffffffff, 0x308, 0x0, 0x238, 0xffffffff, 0xffffffff, 0x448, 0x448, 0x448, 0xffffffff, 0x4, &(0x7f0000000000), {[{{@uncond, 0x0, 0x210, 0x238, 0x0, {}, [@common=@srh={{0x30}, {0x3b, 0x2, 0x40, 0x12, 0xff, 0x100, 0x200}}, @common=@rt={{0x138}, {0xa, [0x4b, 0x1], 0x1, 0x8, 0x2, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private0, @ipv4={'\x00', '\xff\xff', @loopback}, @mcast1, @loopback, @mcast2, @private1, @dev={0xfe, 0x80, '\x00', 0x20}, @private1={0xfc, 0x1, '\x00', 0x1}, @private0, @private2={0xfc, 0x2, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2={0xfc, 0x2, '\x00', 0x1}], 0x4}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@ipv6={@dev={0xfe, 0x80, '\x00', 0xa}, @ipv4={'\x00', '\xff\xff', @multicast2}, [0xff000000, 0xff, 0xff, 0xffffffff], [0xff000000, 0xff, 0xffffffff, 0xff000000], 'veth0_to_hsr\x00', '\x00', {0xff}, {0xff}, 0x19, 0x9, 0x2, 0x38}, 0x0, 0xa8, 0xd0}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0x8000}}}, {{@uncond, 0x0, 0x118, 0x140, 0x0, {}, [@common=@ipv6header={{0x28}, {0x88, 0xae}}, @common=@dst={{0x48}, {0xfffffa2f, 0x4, 0x0, [0x8, 0x0, 0x53, 0x4, 0x7, 0x1, 0x4, 0x8, 0x2, 0x1, 0x3565, 0xc, 0x7, 0x5, 0x8, 0x5], 0x8}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x3}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x578)

1.86617642s ago: executing program 4 (id=3397):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0x4, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c00000007060103000000000000000000000400050001000700"], 0x1c}}, 0x0)
fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1022002, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000007c0)=ANY=[@ANYBLOB="5800000002060108000000bca3000000000000400500010006000000050005000200000005000400000000000900020073797a31000000000c000780080012400000000211000300686173683a69702c6d61"], 0x58}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000000906010200000000000000000200ffff200007800c00018008000140a2fd4ebc08000a400000000205000300020000000900020073797a310000000005000100"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)

1.774934628s ago: executing program 5 (id=3398):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001940)={0x9, 0x15, 0x0, 0x0, 0xc242, 0x0, 0x0, 0x41100, 0x11, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, 0x0, 0x804)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000864)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f0000000380))
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r5, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001400add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)

1.766057905s ago: executing program 3 (id=3399):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x3c, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
timerfd_create(0x0, 0x0)
unshare(0x22020600)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000030000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r3}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0x3, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0xe}, 0x0, &(0x7f0000000300)={0x3ff, 0x7e7, 0x0, 0x9, 0x4, 0x0, 0x7fffffff, 0x3f8}, 0x0, 0x0)

1.323221521s ago: executing program 3 (id=3400):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
ioctl$UDMABUF_CREATE_LIST(r0, 0x40087543, &(0x7f00000001c0)=ANY=[])
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x200002, 0x0)
fcntl$setlease(r1, 0x403, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x200, 0x0)

1.152916649s ago: executing program 4 (id=3401):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
open(0x0, 0x147842, 0x6)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getpgid(r1)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f00000001c0)='usrquota')
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_MAP(r4, 0x3b85, &(0x7f0000000200)={0x28, 0x5, r5, 0x0, &(0x7f0000000a40)="7f", 0x1, 0x4})
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r6, 0x3b82, &(0x7f0000000000)={0x18, r7, 0x1, 0x0, &(0x7f00000004c0)=[{0x81, 0xfffffffffffff801}]})
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000380)={0x28, 0x6, r7, 0x0, &(0x7f00002c0000/0x4000)=nil, 0x4000, 0x10})
ioctl$IOMMU_IOAS_MAP(0xffffffffffffffff, 0x3b85, &(0x7f0000002080)={0x28, 0x3, r7, 0x0, &(0x7f0000002200)="10", 0x1, 0x7})
openat$dir(0xffffffffffffff9c, 0x0, 0x414400, 0x120)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r8)
r9 = syz_open_procfs(0x0, &(0x7f0000000040)='net/icmp6\x00')
pread64(r9, &(0x7f0000001240)=""/102384, 0x18ff0, 0x1000000000)
ioctl$TIOCGSID(r8, 0x5429, &(0x7f0000000180))

103.015287ms ago: executing program 3 (id=3402):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0x60, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
syz_io_uring_setup(0x561a, &(0x7f0000000400)={0x0, 0xc890, 0x4000, 0x0, 0x301}, 0x0, 0x0)

19.990832ms ago: executing program 5 (id=3403):
syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
socket(0x2b, 0x80801, 0x1)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffd, 0x0, 0x8, 0x8146000000000000}, 0x0, &(0x7f0000000240)={0x1b, 0x3, 0x8000, 0x800, 0x1000000002, 0x2, 0x0, 0x6}, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x1000000, 0x0)

0s ago: executing program 4 (id=3404):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl(0xffffffffffffffff, 0x3, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000003, 0x50032, 0xffffffffffffffff, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
openat$comedi(0xffffffffffffff9c, 0x0, 0x400, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f00000064c0), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r1, 0x0, 0x0)

kernel console output (not intermixed with test programs):

 exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff40614f783 code=0x7ffc0000
[  593.507031][   T37] audit: type=1326 audit(1767133309.631:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10133 comm="syz.2.1200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff40614f783 code=0x7ffc0000
[  593.507143][   T37] audit: type=1326 audit(1767133309.631:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10133 comm="syz.2.1200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff40614f749 code=0x7ffc0000
[  593.519280][   T37] audit: type=1326 audit(1767133309.631:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10133 comm="syz.2.1200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff40614f749 code=0x7ffc0000
[  598.910265][T10182] fuse: Bad value for 'fd'
[  600.831198][T10166] Set syz1 is full, maxelem 65536 reached
[  606.340849][T10225] fuse: Unknown parameter '0x0000000000000004'
[  610.101184][T10264] 9pnet_fd: p9_fd_create_tcp (10264): problem connecting socket to 127.0.0.1
[  611.168073][T10284] fuse: Unknown parameter '0x0000000000000004'
[  612.669353][ T5961] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  612.824630][ T5961] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  612.824660][ T5961] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  612.824678][ T5961] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  612.824728][ T5961] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  612.829080][ T5961] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  612.829109][ T5961] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  612.829128][ T5961] usb 4-1: Product: syz
[  612.829142][ T5961] usb 4-1: Manufacturer: syz
[  612.919570][ T5961] cdc_wdm 4-1:1.0: skipping garbage
[  612.919590][ T5961] cdc_wdm 4-1:1.0: skipping garbage
[  612.930119][ T5961] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  612.930156][ T5961] cdc_wdm 4-1:1.0: Unknown control protocol
[  613.186315][ T5963] usb 4-1: USB disconnect, device number 8
[  614.317327][T10313] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1249'.
[  614.318942][T10313] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1249'.
[  615.179740][T10323] syz.4.1251 uses obsolete (PF_INET,SOCK_PACKET)
[  615.734919][T10334] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1255'.
[  615.742030][T10334] tipc: Started in network mode
[  615.742060][T10334] tipc: Node identity ac1414aa, cluster identity 4711
[  615.745817][T10334] tipc: Enabled bearer <udp:syz2>, priority 10
[  616.869469][ T5961] tipc: Node number set to 2886997162
[  620.477351][T10361] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1262'.
[  620.484828][T10361] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1262'.
[  622.621619][T10380] fuse: Unknown parameter '0x0000000000000004'
[  623.805063][T10392] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1270'.
[  623.823232][T10392] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  624.152835][T10394] fuse: Unknown parameter '0x0000000000000004'
[  624.510174][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[  624.510219][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[  627.927127][T10420] netlink: 'syz.4.1279': attribute type 2 has an invalid length.
[  627.927173][T10420] netlink: 'syz.4.1279': attribute type 1 has an invalid length.
[  627.933836][T10420] bridge0: port 1(bridge_slave_0) entered forwarding state
[  628.800115][ T5806] Bluetooth: hci0: unexpected event for opcode 0x0c13
[  629.268819][T10444] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1288'.
[  629.268835][T10444] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1288'.
[  631.019937][T10463] netlink: 'syz.2.1292': attribute type 2 has an invalid length.
[  631.019958][T10463] netlink: 'syz.2.1292': attribute type 1 has an invalid length.
[  631.020048][T10463] bridge0: port 1(bridge_slave_0) entered forwarding state
[  631.831424][T10476] fuse: Unknown parameter 'fd0x0000000000000004'
[  632.284263][T10483] NILFS (nullb0): couldn't find nilfs on the device
[  634.591270][T10504] 9pnet_fd: p9_fd_create_tcp (10504): problem connecting socket to 127.0.0.1
[  635.067386][T10508] netlink: 'syz.1.1306': attribute type 2 has an invalid length.
[  635.067432][T10508] netlink: 'syz.1.1306': attribute type 1 has an invalid length.
[  635.067974][T10508] bridge0: port 1(bridge_slave_0) entered forwarding state
[  637.321832][T10525] fuse: Unknown parameter 'fd0x0000000000000004'
[  638.672852][T10543] sctp: [Deprecated]: syz.2.1320 (pid 10543) Use of int in max_burst socket option.
[  638.672852][T10543] Use struct sctp_assoc_value instead
[  643.736717][T10580] fuse: Unknown parameter '0x0000000000000004'
[  646.363879][T10597] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1335'.
[  646.364938][T10597] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1335'.
[  650.166756][T10622] NILFS (nullb0): couldn't find nilfs on the device
[  653.860780][T10654] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1355'.
[  653.860803][T10654] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1355'.
[  653.861413][T10654] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1355'.
[  653.861429][T10654] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1355'.
[  654.350884][T10655] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1354'.
[  654.350918][T10655] netlink: 'syz.3.1354': attribute type 5 has an invalid length.
[  654.350931][T10655] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1354'.
[  654.361734][T10655] geneve2: entered promiscuous mode
[  654.361758][T10655] geneve2: entered allmulticast mode
[  654.449018][ T2135] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 256 - 0
[  654.449064][ T2135] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 256 - 0
[  654.449099][ T2135] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 256 - 0
[  654.449133][ T2135] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 256 - 0
[  654.759742][T10661] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1356'.
[  656.343170][T10678] overlayfs: failed to resolve './file1': -2
[  656.431103][T10681] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1365'.
[  656.432016][T10681] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1365'.
[  656.633930][T10685] binder: 10682:10685 ioctl 4018620d 0 returned -22
[  656.682648][T10689] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1367'.
[  658.503349][T10695] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  659.325978][T10719] __nla_validate_parse: 5 callbacks suppressed
[  659.325991][T10719] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1376'.
[  659.347073][T10719] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1376'.
[  659.872689][T10725] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1379'.
[  659.873130][T10725] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1379'.
[  662.582508][T10743] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048)
[  663.485166][T10745] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1385'.
[  663.685724][T10753] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1388'.
[  663.700497][T10753] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1388'.
[  663.945604][T10759] binder: 10756:10759 ioctl 4018620d 0 returned -22
[  665.207094][T10767] netlink: 'syz.1.1391': attribute type 2 has an invalid length.
[  665.207109][T10767] netlink: 'syz.1.1391': attribute type 1 has an invalid length.
[  665.207172][T10767] bridge0: port 1(bridge_slave_0) entered forwarding state
[  665.810320][T10775] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1392'.
[  665.810342][T10775] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1392'.
[  666.898221][T10788] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048)
[  670.670580][T10811] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1402'.
[  670.672356][T10811] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1402'.
[  671.107549][T10818] NILFS (nullb0): couldn't find nilfs on the device
[  672.373505][T10830] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048)
[  673.546601][T10837] netlink: 'syz.0.1404': attribute type 2 has an invalid length.
[  673.546620][T10837] netlink: 'syz.0.1404': attribute type 1 has an invalid length.
[  673.546740][T10837] bridge0: port 1(bridge_slave_0) entered forwarding state
[  676.185673][   T37] kauditd_printk_skb: 1 callbacks suppressed
[  676.185690][   T37] audit: type=1804 audit(1767133392.311:54): pid=10848 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.1411" name="file0" dev="tmpfs" ino=1596 res=1 errno=0
[  677.485066][   T37] audit: type=1326 audit(1767133393.611:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10850 comm="syz.4.1412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac196cf749 code=0x7ffc0000
[  677.487287][   T37] audit: type=1326 audit(1767133393.611:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10850 comm="syz.4.1412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac196cf749 code=0x7ffc0000
[  682.275155][T10901] netlink: 'syz.1.1423': attribute type 2 has an invalid length.
[  682.275177][T10901] netlink: 'syz.1.1423': attribute type 1 has an invalid length.
[  682.275264][T10901] bridge0: port 1(bridge_slave_0) entered forwarding state
[  685.861250][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[  685.861322][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[  688.758610][   T37] audit: type=1804 audit(1767133403.051:57): pid=10936 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.4.1429" name="file0" dev="tmpfs" ino=1838 res=1 errno=0
[  691.028194][T10962] netlink: 'syz.4.1437': attribute type 2 has an invalid length.
[  691.028217][T10962] netlink: 'syz.4.1437': attribute type 1 has an invalid length.
[  691.028318][T10962] bridge0: port 1(bridge_slave_0) entered forwarding state
[  699.153500][T11032] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1454'.
[  699.153551][T11032] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1454'.
[  699.173536][ T1509] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  699.173962][ T1509] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  699.174019][ T1509] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  699.174054][ T1509] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  699.176629][T11032] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1454'.
[  699.176671][T11032] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1454'.
[  699.182204][T11030] netlink: 'syz.0.1452': attribute type 2 has an invalid length.
[  699.182221][T11030] netlink: 'syz.0.1452': attribute type 1 has an invalid length.
[  699.182328][T11030] bridge0: port 1(bridge_slave_0) entered forwarding state
[  705.150052][   T37] audit: type=1804 audit(1767133421.191:58): pid=11075 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.1464" name="/newroot/284/file0" dev="tmpfs" ino=1575 res=1 errno=0
[  706.506108][T11081] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1466'.
[  706.575791][T11081] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  712.650552][T11154] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1484'.
[  712.655570][T11154] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  713.870666][T11175] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1490'.
[  713.915441][T11175] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  715.957840][T11185] overlayfs: failed to clone upperpath
[  722.977503][ T5806] Bluetooth: hci3: unexpected event for opcode 0x0c13
[  727.970628][T11314] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1532'.
[  727.970651][T11314] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1532'.
[  732.119372][T11341] tipc: Started in network mode
[  732.119404][T11341] tipc: Node identity ac1414aa, cluster identity 4711
[  732.122738][T11341] tipc: Enabled bearer <udp:syz2>, priority 10
[  732.245954][T11348] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1544'.
[  732.245977][T11348] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1544'.
[  734.601606][ T5988] tipc: Node number set to 2886997162
[  736.214417][T11382] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1555'.
[  736.214440][T11382] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1555'.
[  743.246319][T11454] tmpfs: Unknown parameter ''
[  743.252489][T11454] futex_wake_op: syz.2.1576 tries to shift op by 144; fix this program
[  747.550366][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[  747.550514][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[  753.796547][T11518] binder: 11516:11518 ioctl c0306201 0 returned -14
[  757.289876][   T37] audit: type=1804 audit(1767133472.431:59): pid=11549 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.4.1601" name="file0" dev="tmpfs" ino=2044 res=1 errno=0
[  757.503540][ T5806] Bluetooth: hci1: unexpected event for opcode 0x0c13
[  759.284168][T11572] tmpfs: Unknown parameter ''
[  759.285309][T11572] futex_wake_op: syz.1.1606 tries to shift op by 144; fix this program
[  760.888186][T11581] NILFS (nullb0): couldn't find nilfs on the device
[  763.898658][ T5806] Bluetooth: hci2: unexpected event for opcode 0x0c13
[  767.234440][   T37] audit: type=1804 audit(1767133482.211:60): pid=11614 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.4.1619" name="file0" dev="tmpfs" ino=2065 res=1 errno=0
[  773.097783][T11653] netlink: 'syz.3.1628': attribute type 7 has an invalid length.
[  777.241423][   T37] audit: type=1804 audit(1767133491.251:61): pid=11677 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.1632" name="/newroot/271/file0" dev="tmpfs" ino=1523 res=1 errno=0
[  781.130886][T11713] tmpfs: Unknown parameter ''
[  781.225503][T11713] futex_wake_op: syz.4.1640 tries to shift op by 144; fix this program
[  786.178509][T11740] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1650'.
[  786.178524][T11740] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1650'.
[  788.421578][   T37] audit: type=1804 audit(1767133503.751:62): pid=11752 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.1648" name="/newroot/325/file0" dev="tmpfs" ino=1792 res=1 errno=0
[  791.040339][T11785] futex_wake_op: syz.1.1661 tries to shift op by 144; fix this program
[  793.313529][T11803] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  794.660270][   T37] audit: type=1804 audit(1767133509.901:63): pid=11811 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.4.1667" name="file0" dev="tmpfs" ino=2130 res=1 errno=0
[  797.797413][ T5806] Bluetooth: hci1: unexpected event for opcode 0x0c13
[  799.507061][T11856] futex_wake_op: syz.0.1680 tries to shift op by 144; fix this program
[  803.040795][T11885] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  805.283302][T11895] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  807.266030][T11914] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1697'.
[  807.266044][T11914] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1697'.
[  807.287429][T11914] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1697'.
[  807.287444][T11914] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1697'.
[  808.751628][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[  808.751681][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[  810.211034][T11943] futex_wake_op: syz.1.1704 tries to shift op by 144; fix this program
[  816.266644][T11986] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1714'.
[  816.268906][T11986] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  819.607930][T12012] futex_wake_op: syz.0.1720 tries to shift op by 144; fix this program
[  820.038684][T12019] binder: 12017:12019 ioctl c0306201 0 returned -14
[  820.038997][T12019] binder: 12017:12019 ioctl c0306201 200000000540 returned -22
[  827.130146][ T5806] Bluetooth: hci0: unexpected event for opcode 0x0c13
[  829.961673][T12093] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1744'.
[  830.205631][T12093] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  830.606736][T12101] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1745'.
[  830.615117][T12101] tipc: Started in network mode
[  830.615145][T12101] tipc: Node identity ac1414aa, cluster identity 4711
[  830.617692][T12101] tipc: Enabled bearer <udp:syz2>, priority 10
[  831.806287][ T5988] tipc: Node number set to 2886997162
[  839.549389][T12147] /dev/nullb0: Can't open blockdev
[  841.248082][T12158] syzkaller0: entered promiscuous mode
[  841.248107][T12158] syzkaller0: entered allmulticast mode
[  842.741793][T12175] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1763'.
[  842.849740][T12178] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048)
[  843.959104][T12172] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  845.414449][T12195] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1766'.
[  845.426924][T12195] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  851.521730][T12231] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1775'.
[  851.657292][T12231] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  852.046776][T12236] sctp: [Deprecated]: syz.1.1777 (pid 12236) Use of int in maxseg socket option.
[  852.046776][T12236] Use struct sctp_assoc_value instead
[  858.196524][T12281] sctp: [Deprecated]: syz.0.1789 (pid 12281) Use of int in maxseg socket option.
[  858.196524][T12281] Use struct sctp_assoc_value instead
[  859.835971][T12288] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048)
[  859.880925][T12289] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1788'.
[  859.888123][T12289] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  870.443654][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[  870.443699][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[  871.739554][T12359] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1807'.
[  871.746704][T12359] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  871.844694][T12368] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048)
[  879.278566][T12411] overlayfs: failed to clone upperpath
[  884.279295][T12459] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  884.279444][T12459] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  884.279745][T12459] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  892.883394][   T37] audit: type=1804 audit(1767133608.221:64): pid=12534 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.1858" name="/newroot/374/file0" dev="tmpfs" ino=2064 res=1 errno=0
[  901.520542][T12588] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1876'.
[  901.520576][T12588] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1876'.
[  905.014558][   T37] audit: type=1804 audit(1767133620.901:65): pid=12610 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.4.1874" name="file0" dev="tmpfs" ino=2357 res=1 errno=0
[  912.083301][T12662] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1892'.
[  919.929682][   T37] audit: type=1326 audit(1767133636.001:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12691 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[  919.930518][   T37] audit: type=1326 audit(1767133636.061:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12691 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[  919.931945][   T37] audit: type=1326 audit(1767133636.061:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12691 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[  919.931993][   T37] audit: type=1326 audit(1767133636.061:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12691 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[  919.939294][   T37] audit: type=1326 audit(1767133636.061:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12691 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[  919.939344][   T37] audit: type=1326 audit(1767133636.061:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12691 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[  919.939381][   T37] audit: type=1326 audit(1767133636.061:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12691 comm="syz.1.1905" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[  922.641839][T12758] sctp: [Deprecated]: syz.4.1922 (pid 12758) Use of int in maxseg socket option.
[  922.641839][T12758] Use struct sctp_assoc_value instead
[  927.098998][T12797] binder: 12796:12797 ioctl c0306201 200000000600 returned -14
[  929.272185][T12814] sctp: [Deprecated]: syz.0.1936 (pid 12814) Use of int in maxseg socket option.
[  929.272185][T12814] Use struct sctp_assoc_value instead
[  931.669424][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[  931.669494][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[  933.034305][T12848] sctp: [Deprecated]: syz.3.1951 (pid 12848) Use of int in maxseg socket option.
[  933.034305][T12848] Use struct sctp_assoc_value instead
[  939.575273][T12899] sctp: [Deprecated]: syz.4.1964 (pid 12899) Use of int in maxseg socket option.
[  939.575273][T12899] Use struct sctp_assoc_value instead
[  949.460193][T12999] sctp: [Deprecated]: syz.3.1992 (pid 12999) Use of int in maxseg socket option.
[  949.460193][T12999] Use struct sctp_assoc_value instead
[  954.880585][T13055] dlm: non-version read from control device 36
[  954.927991][T13056] sctp: [Deprecated]: syz.0.2006 (pid 13056) Use of int in maxseg socket option.
[  954.927991][T13056] Use struct sctp_assoc_value instead
[  955.136011][T13058] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  955.136041][T13058] overlayfs: missing 'lowerdir'
[  955.444719][T13063] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2009'.
[  955.444879][T13063] netlink: 'syz.1.2009': attribute type 5 has an invalid length.
[  955.444917][T13063] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2009'.
[  955.493111][T13063] geneve2: entered promiscuous mode
[  955.493137][T13063] geneve2: entered allmulticast mode
[  955.631615][T11476] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  955.631937][T11476] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  955.631989][T11476] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  955.632023][T11476] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  957.032273][   T37] audit: type=1804 audit(1767133672.741:73): pid=13078 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.2011" name="/newroot/408/file0" dev="tmpfs" ino=2254 res=1 errno=0
[  960.740707][T13109] sctp: [Deprecated]: syz.3.2023 (pid 13109) Use of int in maxseg socket option.
[  960.740707][T13109] Use struct sctp_assoc_value instead
[  962.538702][T13126] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2026'.
[  962.538736][T13126] netlink: 'syz.0.2026': attribute type 5 has an invalid length.
[  962.538749][T13126] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2026'.
[  962.549167][T13126] geneve2: entered promiscuous mode
[  962.549192][T13126] geneve2: entered allmulticast mode
[  962.650910][ T1150] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  962.651753][ T1150] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  962.651845][ T1150] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  962.651982][ T1150] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  965.504424][   T37] audit: type=1804 audit(1767133681.481:74): pid=13161 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.2036" name="/newroot/381/file0" dev="tmpfs" ino=2110 res=1 errno=0
[  968.480196][T13190] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2045'.
[  968.480230][T13190] netlink: 'syz.0.2045': attribute type 5 has an invalid length.
[  968.480244][T13190] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2045'.
[  973.187624][T13252] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2064'.
[  973.187665][T13252] netlink: 'syz.0.2064': attribute type 5 has an invalid length.
[  973.187679][T13252] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2064'.
[  977.335868][T13299] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2082'.
[  977.335903][T13299] netlink: 'syz.0.2082': attribute type 5 has an invalid length.
[  977.335916][T13299] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2082'.
[  977.491107][T13306] overlayfs: failed to clone upperpath
[  977.661631][T13311] overlayfs: failed to clone upperpath
[  979.723763][T13341] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2097'.
[  979.723800][T13341] netlink: 'syz.0.2097': attribute type 5 has an invalid length.
[  979.723813][T13341] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2097'.
[  982.192561][   T37] audit: type=1326 audit(1767133698.181:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13383 comm="syz.0.2110" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fed6b1ef749 code=0x0
[  982.259125][T13391] sctp: [Deprecated]: syz.4.2112 (pid 13391) Use of int in maxseg socket option.
[  982.259125][T13391] Use struct sctp_assoc_value instead
[  983.839843][   T37] audit: type=1800 audit(1767133699.861:76): pid=13409 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.2118" name="nullb0" dev="tmpfs" ino=554 res=0 errno=0
[  985.418860][T13428] tmpfs: Unknown parameter ''
[  985.473880][T13428] futex_wake_op: syz.4.2122 tries to shift op by 144; fix this program
[  985.663754][T13440] sctp: [Deprecated]: syz.1.2128 (pid 13440) Use of int in maxseg socket option.
[  985.663754][T13440] Use struct sctp_assoc_value instead
[  990.034723][T13481] sctp: [Deprecated]: syz.4.2140 (pid 13481) Use of int in maxseg socket option.
[  990.034723][T13481] Use struct sctp_assoc_value instead
[  993.067810][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[  993.067881][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[  993.255592][T13519] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2149'.
[  993.287262][T13517] tmpfs: Unknown parameter ''
[  993.306676][T13513] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  993.317852][T13517] futex_wake_op: syz.3.2150 tries to shift op by 144; fix this program
[  997.873642][T13556] futex_wake_op: syz.1.2162 tries to shift op by 144; fix this program
[  999.010146][T13566] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2163'.
[  999.019969][T13565] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1001.341320][T13598] futex_wake_op: syz.2.2173 tries to shift op by 144; fix this program
[ 1001.989365][ T6004] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[ 1002.062333][T13609] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2177'.
[ 1002.090066][T13609] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1002.155554][ T6004] usb 3-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[ 1002.155585][ T6004] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1002.155604][ T6004] usb 3-1: Product: syz
[ 1002.155617][ T6004] usb 3-1: Manufacturer: syz
[ 1002.155629][ T6004] usb 3-1: SerialNumber: syz
[ 1002.170560][ T6004] usb 3-1: config 0 descriptor??
[ 1002.379641][ T6004] i2c-tiny-usb 3-1:0.0: version 6d.cc found at bus 003 address 007
[ 1002.619208][ T6004]  (null): failure reading functionality
[ 1002.647189][ T6004] i2c i2c-1: failure reading functionality
[ 1002.690537][ T6004] i2c i2c-1: connected i2c-tiny-usb device
[ 1003.000676][T13623] i2c i2c-1: failure reading functionality
[ 1003.009050][ T6048] usb 3-1: USB disconnect, device number 7
[ 1004.067866][T13634] futex_wake_op: syz.4.2184 tries to shift op by 144; fix this program
[ 1004.562233][T13651] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2191'.
[ 1004.565849][T13651] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1005.961361][T13656] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2193'.
[ 1005.961739][T13656] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2193'.
[ 1025.928381][T13834] overlayfs: failed to resolve './file1': -2
[ 1034.935059][T13905] sctp: [Deprecated]: syz.3.2261 (pid 13905) Use of int in maxseg socket option.
[ 1034.935059][T13905] Use struct sctp_assoc_value instead
[ 1039.532714][T13948] sctp: [Deprecated]: syz.2.2275 (pid 13948) Use of int in maxseg socket option.
[ 1039.532714][T13948] Use struct sctp_assoc_value instead
[ 1053.745603][T14019] Set syz1 is full, maxelem 65536 reached
[ 1054.495504][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.495573][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.499957][T14078] overlayfs: failed to clone upperpath
[ 1055.393028][T14082] syz_tun: entered allmulticast mode
[ 1055.418660][T14080] syz_tun: left allmulticast mode
[ 1057.351452][T14107] tmpfs: Unknown parameter ''
[ 1057.429816][T14109] futex_wake_op: syz.0.2325 tries to shift op by 144; fix this program
[ 1068.895241][T14181] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2339'.
[ 1068.895277][T14181] netlink: 'syz.1.2339': attribute type 5 has an invalid length.
[ 1068.895291][T14181] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2339'.
[ 1070.790087][ T5806] Bluetooth: hci2: unexpected subevent 0x01 length: 12 < 18
[ 1072.506081][T14210] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1076.464022][T14249] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2361'.
[ 1076.464057][T14249] netlink: 'syz.3.2361': attribute type 5 has an invalid length.
[ 1076.464070][T14249] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2361'.
[ 1086.805070][T14335] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2381'.
[ 1086.805103][T14335] netlink: 'syz.1.2381': attribute type 5 has an invalid length.
[ 1086.805116][T14335] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2381'.
[ 1089.240143][T14353] tmpfs: Unknown parameter ''
[ 1089.296634][T14353] futex_wake_op: syz.2.2390 tries to shift op by 144; fix this program
[ 1090.399512][T14366] capability: warning: `syz.1.2394' uses deprecated v2 capabilities in a way that may be insecure
[ 1090.685615][T14372] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2395'.
[ 1094.136115][T14400] syz_tun: entered allmulticast mode
[ 1094.138744][T14397] syz_tun: left allmulticast mode
[ 1094.439597][T14412] futex_wake_op: syz.1.2410 tries to shift op by 144; fix this program
[ 1096.169980][T14432] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2404'.
[ 1096.170015][T14432] netlink: 'syz.0.2404': attribute type 5 has an invalid length.
[ 1096.170027][T14432] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2404'.
[ 1096.660289][T14442] syz_tun: entered allmulticast mode
[ 1096.663995][T14441] syz_tun: left allmulticast mode
[ 1100.517071][T14479] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1101.093531][T14493] syz_tun: entered allmulticast mode
[ 1101.097521][T14492] syz_tun: left allmulticast mode
[ 1106.043118][T14529] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1112.962638][T14600] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2453'.
[ 1114.221189][T14609] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048)
[ 1115.941735][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[ 1115.941777][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[ 1118.663433][T14655] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048)
[ 1119.661102][T14664] overlayfs: failed to resolve './file0': -2
[ 1120.559925][T14677] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2480'.
[ 1121.810383][T14683] serio: Serial port ptm0
[ 1122.341223][T14693] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2488'.
[ 1122.379764][T14693] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1122.407259][T14692] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1128.381085][T14765] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2505'.
[ 1141.200915][T14882] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2544'.
[ 1141.515551][T14888] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2549'.
[ 1143.955649][T14908] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2555'.
[ 1151.339390][ T5852] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[ 1151.489404][ T5852] usb 4-1: Using ep0 maxpacket: 8
[ 1151.492161][ T5852] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1151.494454][ T5852] usb 4-1: config 4 has an invalid interface number: 30 but max is 0
[ 1151.494486][ T5852] usb 4-1: config 4 has no interface number 0
[ 1151.494520][ T5852] usb 4-1: config 4 interface 30 has no altsetting 0
[ 1151.521682][T14975] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1151.534724][T14975] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1151.545028][T14975] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1151.554015][T14975] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1151.559639][T14975] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1151.570062][ T5852] usb 4-1: string descriptor 0 read error: -22
[ 1151.570213][ T5852] usb 4-1: New USB device found, idVendor=9022, idProduct=d484, bcdDevice=ff.88
[ 1151.570235][ T5852] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1151.700516][ T5852] dvb-usb: found a 'TeVii S482 (tuner 2)' in warm state.
[ 1151.700569][ T5852] dw2102: su3000_power_ctrl: 1, initialized 0
[ 1151.701321][ T5852] dvb-usb: bulk message failed: -22 (2/0)
[ 1151.747908][ T5852] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1151.780754][ T5852] dvbdev: DVB: registering new adapter (TeVii S482 (tuner 2))
[ 1151.780847][ T5852] usb 4-1: media controller created
[ 1151.781666][ T5852] dvb-usb: bulk message failed: -22 (6/0)
[ 1151.781683][ T5852] dw2102: i2c transfer failed.
[ 1151.781706][ T5852] dvb-usb: bulk message failed: -22 (6/0)
[ 1151.781719][ T5852] dw2102: i2c transfer failed.
[ 1151.781735][ T5852] dvb-usb: bulk message failed: -22 (6/0)
[ 1151.781748][ T5852] dw2102: i2c transfer failed.
[ 1151.781763][ T5852] dvb-usb: bulk message failed: -22 (6/0)
[ 1151.781776][ T5852] dw2102: i2c transfer failed.
[ 1151.781791][ T5852] dvb-usb: bulk message failed: -22 (6/0)
[ 1151.781804][ T5852] dw2102: i2c transfer failed.
[ 1151.781819][ T5852] dvb-usb: bulk message failed: -22 (6/0)
[ 1151.781832][ T5852] dw2102: i2c transfer failed.
[ 1151.781841][ T5852] dvb-usb: MAC address: 02:02:02:02:02:02
[ 1151.822384][   T37] audit: type=1326 audit(1767133867.951:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14976 comm="syz.0.2576" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fed6b1ef749 code=0x0
[ 1151.885375][T14967] dvb-usb: bulk message failed: -22 (4/0)
[ 1151.885397][T14967] dw2102: i2c transfer failed.
[ 1151.885406][T14967] dvb-usb: bulk message failed: -22 (3/0)
[ 1151.885418][T14967] dw2102: i2c transfer failed.
[ 1151.948060][ T5852] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1152.142838][ T5852] dvb-usb: bulk message failed: -22 (3/0)
[ 1152.142861][ T5852] dw2102: command 0x0e transfer failed.
[ 1152.142871][ T5852] dvb-usb: bulk message failed: -22 (3/0)
[ 1152.142884][ T5852] dw2102: command 0x0e transfer failed.
[ 1152.449601][ T5852] dvb-usb: bulk message failed: -22 (3/0)
[ 1152.449624][ T5852] dw2102: command 0x0e transfer failed.
[ 1152.449632][ T5852] dvb-usb: bulk message failed: -22 (3/0)
[ 1152.449645][ T5852] dw2102: command 0x0e transfer failed.
[ 1152.449652][ T5852] dvb-usb: bulk message failed: -22 (1/0)
[ 1152.449664][ T5852] dw2102: command 0x51 transfer failed.
[ 1152.449673][ T5852] dvb-usb: bulk message failed: -22 (5/0)
[ 1152.449685][ T5852] dw2102: i2c probe for address 0x68 failed.
[ 1152.449695][ T5852] dvb-usb: bulk message failed: -22 (5/0)
[ 1152.449707][ T5852] dw2102: i2c probe for address 0x69 failed.
[ 1152.449717][ T5852] dvb-usb: bulk message failed: -22 (5/0)
[ 1152.449729][ T5852] dw2102: i2c probe for address 0x6a failed.
[ 1152.449739][ T5852] dw2102: probing for demodulator failed. Is the external power switched on?
[ 1152.449748][ T5852] dvb-usb: no frontend was attached by 'TeVii S482 (tuner 2)'
[ 1152.649392][ T5852] rc_core: IR keymap rc-tt-1500 not found
[ 1152.649412][ T5852] Registered IR keymap rc-empty
[ 1152.652592][ T5852] rc rc0: TeVii S482 (tuner 2) as /devices/platform/dummy_hcd.3/usb4/4-1/rc/rc0
[ 1152.656001][ T5852] input: TeVii S482 (tuner 2) as /devices/platform/dummy_hcd.3/usb4/4-1/rc/rc0/input5
[ 1152.830406][ T5852] dvb-usb: schedule remote query interval to 250 msecs.
[ 1152.830435][ T5852] dw2102: su3000_power_ctrl: 0, initialized 1
[ 1152.830449][ T5852] dvb-usb: TeVii S482 (tuner 2) successfully initialized and connected.
[ 1152.851955][ T5852] usb 4-1: USB disconnect, device number 9
[ 1153.350461][ T5852] dvb-usb: TeVii S482 (tuner 2) successfully deinitialized and disconnected.
[ 1153.599363][T14975] Bluetooth: hci5: command tx timeout
[ 1154.018449][T11476] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1154.018485][T11476] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1154.018511][T11476] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1155.889864][T15007] syz_tun: entered allmulticast mode
[ 1155.959923][T15005] syz_tun: left allmulticast mode
[ 1155.968728][T14973] chnl_net:caif_netlink_parms(): no params data found
[ 1156.529314][T14975] Bluetooth: hci5: command tx timeout
[ 1157.237335][T11476] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1157.237370][T11476] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1157.237395][T11476] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1158.375570][T11476] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1158.375606][T11476] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1158.375632][T11476] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1158.439957][T14973] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1158.440156][T14973] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1158.440381][T14973] bridge_slave_0: entered allmulticast mode
[ 1158.444919][T14973] bridge_slave_0: entered promiscuous mode
[ 1158.573961][T14975] Bluetooth: hci5: command tx timeout
[ 1158.725514][T14973] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1158.725646][T14973] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1158.725877][T14973] bridge_slave_1: entered allmulticast mode
[ 1158.728499][T14973] bridge_slave_1: entered promiscuous mode
[ 1160.360178][T11476] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1160.360214][T11476] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1160.360240][T11476] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1161.214020][T14975] Bluetooth: hci5: command tx timeout
[ 1161.578726][T15073] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2598'.
[ 1161.770069][T15060] syz_tun: entered allmulticast mode
[ 1161.808608][T14973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1161.811624][T15060] syz_tun: left allmulticast mode
[ 1161.833456][T14973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1163.300256][T14973] team0: Port device team_slave_0 added
[ 1163.320485][T14973] team0: Port device team_slave_1 added
[ 1163.488003][T15089] tmpfs: Unknown parameter ''
[ 1163.492125][T15089] futex_wake_op: syz.0.2604 tries to shift op by 144; fix this program
[ 1163.731222][T15093] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2605'.
[ 1163.785201][T15091] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1163.788290][T14973] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1163.788306][T14973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1163.788331][T14973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1163.883883][T15100] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2606'.
[ 1164.803058][T14973] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1164.803075][T14973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1164.803101][T14973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1165.320276][T11476] bridge_slave_1: left allmulticast mode
[ 1165.320475][T11476] bridge_slave_1: left promiscuous mode
[ 1166.211215][T11476] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1166.419726][T11476] bridge_slave_0: left allmulticast mode
[ 1166.419756][T11476] bridge_slave_0: left promiscuous mode
[ 1166.423090][T11476] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1167.206101][T15121] 9pnet_fd: Insufficient options for proto=fd
[ 1168.285499][T15138] tmpfs: Unknown parameter ''
[ 1168.302981][T15138] futex_wake_op: syz.2.2617 tries to shift op by 144; fix this program
[ 1168.784363][T15142] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2618'.
[ 1173.190519][T11476] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1173.230827][T11476] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1173.251957][T11476] bond0 (unregistering): Released all slaves
[ 1173.382717][T15113] syz_tun: entered allmulticast mode
[ 1174.430341][T15113] syz_tun: left allmulticast mode
[ 1174.433689][T11476] tipc: Disabling bearer <udp:syz2>
[ 1174.439417][T11476] tipc: Left network mode
[ 1174.478412][T14973] hsr_slave_0: entered promiscuous mode
[ 1174.492341][T14973] hsr_slave_1: entered promiscuous mode
[ 1174.495040][T14973] debugfs: 'hsr0' already exists in 'hsr'
[ 1174.495067][T14973] Cannot create hsr debugfs directory
[ 1174.672127][T15178] tmpfs: Unknown parameter ''
[ 1174.677283][T15178] futex_wake_op: syz.0.2628 tries to shift op by 144; fix this program
[ 1177.390258][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.390330][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[ 1182.087548][T15237] syz_tun: entered allmulticast mode
[ 1182.844103][T15257] tmpfs: Unknown parameter ''
[ 1182.858065][T15257] futex_wake_op: syz.3.2644 tries to shift op by 144; fix this program
[ 1183.273746][T15237] syz_tun: left allmulticast mode
[ 1184.884901][T11476] hsr_slave_0: left promiscuous mode
[ 1185.105706][T11476] hsr_slave_1: left promiscuous mode
[ 1185.106721][T11476] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1185.106859][T11476] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1185.179111][T11476] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1185.179130][T11476] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1185.742375][T11476] veth1_macvtap: left promiscuous mode
[ 1185.742782][T11476] veth0_macvtap: left promiscuous mode
[ 1185.751211][T11476] veth1_vlan: left promiscuous mode
[ 1185.753674][T11476] veth0_vlan: left promiscuous mode
[ 1186.049737][T15278] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2648'.
[ 1186.049763][T15278] netlink: 'syz.2.2648': attribute type 5 has an invalid length.
[ 1186.049770][T15278] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2648'.
[ 1189.316587][T15307] tmpfs: Unknown parameter ''
[ 1189.322917][T15307] futex_wake_op: syz.0.2659 tries to shift op by 144; fix this program
[ 1195.513206][T15350] tmpfs: Unknown parameter ''
[ 1195.517984][T15350] futex_wake_op: syz.1.2672 tries to shift op by 144; fix this program
[ 1199.326073][ T5806] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1199.366389][ T5806] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1199.367691][ T5806] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1199.384976][ T5806] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1199.397817][ T5806] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1199.441974][T15385] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[ 1201.958089][T14975] Bluetooth: hci2: command tx timeout
[ 1203.448662][T11476] team0 (unregistering): Port device team_slave_1 removed
[ 1204.000512][T14975] Bluetooth: hci2: command tx timeout
[ 1204.982289][T11476] team0 (unregistering): Port device team_slave_0 removed
[ 1205.373007][T15431] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2691'.
[ 1205.761160][T15432] overlayfs: failed to clone upperpath
[ 1206.079416][T14975] Bluetooth: hci2: command tx timeout
[ 1208.239155][T14975] Bluetooth: hci2: command tx timeout
[ 1210.116400][T14975] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[ 1210.116439][T14975] CPU: 0 UID: 0 PID: 14975 Comm: kworker/u9:0 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1210.116455][T14975] Tainted: [L]=SOFTLOCKUP
[ 1210.116459][T14975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1210.116465][T14975] Workqueue: hci1 hci_rx_work
[ 1210.116486][T14975] Call Trace:
[ 1210.116493][T14975]  <TASK>
[ 1210.116498][T14975]  dump_stack_lvl+0xe8/0x150
[ 1210.116522][T14975]  sysfs_create_dir_ns+0x259/0x280
[ 1210.116539][T14975]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1210.116554][T14975]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1210.116570][T14975]  ? rt_spin_unlock+0x161/0x200
[ 1210.116585][T14975]  kobject_add_internal+0x6b1/0xcd0
[ 1210.116601][T14975]  kobject_add+0x155/0x220
[ 1210.116615][T14975]  ? __pfx_kobject_add+0x10/0x10
[ 1210.116629][T14975]  ? get_device_parent+0x370/0x3a0
[ 1210.116643][T14975]  device_add+0x408/0xb80
[ 1210.116656][T14975]  hci_conn_add_sysfs+0xd5/0x210
[ 1210.116673][T14975]  le_conn_complete_evt+0xf1d/0x1420
[ 1210.116691][T14975]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1210.116703][T14975]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1210.116714][T14975]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1210.116725][T14975]  ? skb_pull_data+0xfb/0x200
[ 1210.116742][T14975]  hci_le_conn_complete_evt+0x187/0x480
[ 1210.116758][T14975]  hci_event_packet+0x78f/0x1260
[ 1210.116776][T14975]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1210.116789][T14975]  ? __pfx_hci_event_packet+0x10/0x10
[ 1210.116803][T14975]  ? rt_spin_unlock+0x150/0x200
[ 1210.116822][T14975]  ? hci_send_to_monitor+0xe2/0x590
[ 1210.116838][T14975]  hci_rx_work+0x3ee/0x1060
[ 1210.116851][T14975]  ? process_scheduled_works+0x9ef/0x1770
[ 1210.116864][T14975]  process_scheduled_works+0xad1/0x1770
[ 1210.116895][T14975]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1210.116905][T14975]  ? do_raw_spin_lock+0x121/0x290
[ 1210.116925][T14975]  worker_thread+0x8a0/0xda0
[ 1210.116944][T14975]  ? __kthread_parkme+0x7b/0x200
[ 1210.116961][T14975]  kthread+0x711/0x8a0
[ 1210.116977][T14975]  ? __pfx_worker_thread+0x10/0x10
[ 1210.116988][T14975]  ? __pfx_kthread+0x10/0x10
[ 1210.117000][T14975]  ? rt_spin_unlock+0x150/0x200
[ 1210.117015][T14975]  ? rt_spin_unlock+0x161/0x200
[ 1210.117027][T14975]  ? __pfx_kthread+0x10/0x10
[ 1210.117041][T14975]  ret_from_fork+0x510/0xa50
[ 1210.117054][T14975]  ? __pfx_ret_from_fork+0x10/0x10
[ 1210.117064][T14975]  ? __switch_to+0xc9e/0x1480
[ 1210.117082][T14975]  ? __pfx_kthread+0x10/0x10
[ 1210.117096][T14975]  ret_from_fork_asm+0x1a/0x30
[ 1210.117120][T14975]  </TASK>
[ 1210.117137][T14975] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1210.117158][T14975] Bluetooth: hci1: failed to register connection device
[ 1210.406716][T15278] geneve2: entered promiscuous mode
[ 1210.406732][T15278] geneve2: entered allmulticast mode
[ 1210.448000][ T1158] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[ 1210.980765][ T1158] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[ 1211.149806][ T1158] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[ 1211.157340][ T1158] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[ 1211.596977][ T5806] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1211.606608][ T5806] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1211.608460][ T5806] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1211.610000][ T5806] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1211.620292][ T5806] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1215.225440][T14975] Bluetooth: hci3: command tx timeout
[ 1215.863267][T15489] sctp: [Deprecated]: syz.3.2705 (pid 15489) Use of int in maxseg socket option.
[ 1215.863267][T15489] Use struct sctp_assoc_value instead
[ 1216.860437][T11476] IPVS: stop unused estimator thread 0...
[ 1217.671510][T14975] Bluetooth: hci3: command tx timeout
[ 1219.227595][T15380] chnl_net:caif_netlink_parms(): no params data found
[ 1219.679359][T14975] Bluetooth: hci3: command tx timeout
[ 1220.023459][T15461] chnl_net:caif_netlink_parms(): no params data found
[ 1220.119763][T15380] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1220.119964][T15380] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1220.120202][T15380] bridge_slave_0: entered allmulticast mode
[ 1220.123230][T15380] bridge_slave_0: entered promiscuous mode
[ 1222.714501][T14975] Bluetooth: hci3: command tx timeout
[ 1224.431463][T15380] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1224.449541][T15380] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1224.449792][T15380] bridge_slave_1: entered allmulticast mode
[ 1224.459535][T15380] bridge_slave_1: entered promiscuous mode
[ 1228.087878][T11476] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1228.087912][T11476] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1230.464127][T15380] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1230.468397][T15380] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1231.646570][T11476] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1231.646608][T11476] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1232.206134][T15380] team0: Port device team_slave_0 added
[ 1232.572445][T11476] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1232.572468][T11476] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1233.384123][T15380] team0: Port device team_slave_1 added
[ 1233.384191][T15644] syz_tun: entered allmulticast mode
[ 1234.551615][T15461] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1234.551732][T15461] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1234.551882][T15461] bridge_slave_0: entered allmulticast mode
[ 1234.553326][T15461] bridge_slave_0: entered promiscuous mode
[ 1236.530096][T11476] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1236.530131][T11476] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1236.590273][T15461] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1236.590426][T15461] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1236.590750][T15461] bridge_slave_1: entered allmulticast mode
[ 1236.593545][T15461] bridge_slave_1: entered promiscuous mode
[ 1236.598167][T15380] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1236.598183][T15380] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1236.598209][T15380] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1236.770081][T15380] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1236.770099][T15380] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1236.770126][T15380] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1236.957989][T15461] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1236.968687][T15461] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1239.191965][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[ 1239.195544][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[ 1241.053467][T15461] team0: Port device team_slave_0 added
[ 1241.072890][T15380] hsr_slave_0: entered promiscuous mode
[ 1241.073829][T15380] hsr_slave_1: entered promiscuous mode
[ 1241.074397][T15380] debugfs: 'hsr0' already exists in 'hsr'
[ 1241.074415][T15380] Cannot create hsr debugfs directory
[ 1241.278464][T15461] team0: Port device team_slave_1 added
[ 1243.775609][T15461] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1243.775621][T15461] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1243.775636][T15461] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1243.840188][T15461] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1243.840199][T15461] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1243.840215][T15461] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1244.822854][T11476] bridge_slave_1: left allmulticast mode
[ 1244.822890][T11476] bridge_slave_1: left promiscuous mode
[ 1244.823050][T11476] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1244.885927][T11476] bridge_slave_0: left allmulticast mode
[ 1244.885947][T11476] bridge_slave_0: left promiscuous mode
[ 1244.886119][T11476] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1244.966366][T11476] bridge_slave_1: left allmulticast mode
[ 1244.966387][T11476] bridge_slave_1: left promiscuous mode
[ 1244.966531][T11476] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1245.064644][T11476] bridge_slave_0: left allmulticast mode
[ 1245.064665][T11476] bridge_slave_0: left promiscuous mode
[ 1245.067291][T11476] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1246.351054][T15762] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2766'.
[ 1246.638883][T11476] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1246.709949][T11476] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1246.751350][T11476] bond0 (unregistering): Released all slaves
[ 1248.780072][T11476] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1248.840047][T11476] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1248.886232][T11476] bond0 (unregistering): Released all slaves
[ 1249.066927][T15762] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1249.130043][T15461] hsr_slave_0: entered promiscuous mode
[ 1249.131461][T15461] hsr_slave_1: entered promiscuous mode
[ 1249.132095][T15461] debugfs: 'hsr0' already exists in 'hsr'
[ 1249.132112][T15461] Cannot create hsr debugfs directory
[ 1249.390742][T11476] tipc: Disabling bearer <udp:syz2>
[ 1249.397396][T11476] tipc: Left network mode
[ 1255.135790][T15808] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2777'.
[ 1257.369674][T11476] hsr_slave_0: left promiscuous mode
[ 1257.405749][T11476] hsr_slave_1: left promiscuous mode
[ 1257.407360][T11476] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1257.430223][T11476] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1257.630024][T11476] hsr_slave_0: left promiscuous mode
[ 1257.645569][T11476] hsr_slave_1: left promiscuous mode
[ 1257.656900][T11476] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1257.656928][T11476] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1257.719525][T11476] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1257.719553][T11476] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1258.856133][T11476] veth1_macvtap: left promiscuous mode
[ 1258.856241][T11476] veth0_macvtap: left promiscuous mode
[ 1258.856497][T11476] veth1_vlan: left promiscuous mode
[ 1258.856678][T11476] veth0_vlan: left promiscuous mode
[ 1260.903856][T15872] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2792'.
[ 1260.954904][ T5806] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1261.658228][ T5806] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1261.677268][ T5806] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1261.688267][ T5806] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1261.707651][ T5806] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1262.232657][T11476] team0 (unregistering): Port device team_slave_1 removed
[ 1262.420010][T11476] team0 (unregistering): Port device team_slave_0 removed
[ 1263.761649][T14975] Bluetooth: hci5: command tx timeout
[ 1265.041221][T11476] team0 (unregistering): Port device team_slave_1 removed
[ 1265.241499][T11476] team0 (unregistering): Port device team_slave_0 removed
[ 1265.851473][T14975] Bluetooth: hci5: command tx timeout
[ 1267.856794][T15857] syz_tun: entered allmulticast mode
[ 1267.919608][T14975] Bluetooth: hci5: command tx timeout
[ 1270.155165][T14975] Bluetooth: hci5: command tx timeout
[ 1274.528211][ T5806] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1274.550621][ T5806] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1274.552058][ T5806] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1274.553821][ T5806] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1274.554731][ T5806] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1274.640162][T15862] chnl_net:caif_netlink_parms(): no params data found
[ 1275.509386][   T37] audit: type=1326 audit(1767133991.636:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15917 comm="syz.1.2802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1275.509436][   T37] audit: type=1326 audit(1767133991.636:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15917 comm="syz.1.2802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1275.509460][   T37] audit: type=1326 audit(1767133991.636:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15917 comm="syz.1.2802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1275.509481][   T37] audit: type=1326 audit(1767133991.636:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15917 comm="syz.1.2802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1275.509503][   T37] audit: type=1326 audit(1767133991.636:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15917 comm="syz.1.2802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1275.509524][   T37] audit: type=1326 audit(1767133991.636:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15917 comm="syz.1.2802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1276.640151][ T5806] Bluetooth: hci6: command tx timeout
[ 1278.545139][T15862] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1278.547073][T15862] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1278.547312][T15862] bridge_slave_0: entered allmulticast mode
[ 1278.586337][T15862] bridge_slave_0: entered promiscuous mode
[ 1278.611186][T15862] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1278.611347][T15862] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1278.611567][T15862] bridge_slave_1: entered allmulticast mode
[ 1278.614073][T15862] bridge_slave_1: entered promiscuous mode
[ 1278.739451][ T5806] Bluetooth: hci6: command tx timeout
[ 1281.053357][ T5806] Bluetooth: hci6: command tx timeout
[ 1281.170784][T15862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1281.177484][T15862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1282.525644][T15862] team0: Port device team_slave_0 added
[ 1282.603166][T15862] team0: Port device team_slave_1 added
[ 1283.236436][ T5806] Bluetooth: hci6: command tx timeout
[ 1286.964240][   T37] audit: type=1326 audit(1767134003.096:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16034 comm="syz.1.2823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1286.964289][   T37] audit: type=1326 audit(1767134003.096:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16034 comm="syz.1.2823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1286.964327][   T37] audit: type=1326 audit(1767134003.096:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16034 comm="syz.1.2823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1286.964364][   T37] audit: type=1326 audit(1767134003.096:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16034 comm="syz.1.2823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1286.964402][   T37] audit: type=1326 audit(1767134003.096:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16034 comm="syz.1.2823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1286.964442][   T37] audit: type=1326 audit(1767134003.096:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16034 comm="syz.1.2823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1287.014627][T15862] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1287.014643][T15862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1287.014670][T15862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1287.193929][T15862] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1287.193948][T15862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1287.193971][T15862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1288.571642][T15921] chnl_net:caif_netlink_parms(): no params data found
[ 1290.185083][T15862] hsr_slave_0: entered promiscuous mode
[ 1290.195944][T15862] hsr_slave_1: entered promiscuous mode
[ 1290.196704][T15862] debugfs: 'hsr0' already exists in 'hsr'
[ 1290.196721][T15862] Cannot create hsr debugfs directory
[ 1295.828888][   T37] audit: type=1326 audit(1767134011.946:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16090 comm="syz.0.2839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed6b1ef749 code=0x7ffc0000
[ 1295.828940][   T37] audit: type=1326 audit(1767134011.946:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16090 comm="syz.0.2839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fed6b1ef749 code=0x7ffc0000
[ 1295.828979][   T37] audit: type=1326 audit(1767134011.946:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16090 comm="syz.0.2839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed6b1ef749 code=0x7ffc0000
[ 1295.829169][   T37] audit: type=1326 audit(1767134011.956:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16090 comm="syz.0.2839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fed6b1ef749 code=0x7ffc0000
[ 1295.829408][   T37] audit: type=1326 audit(1767134011.956:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16090 comm="syz.0.2839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed6b1ef749 code=0x7ffc0000
[ 1295.829452][   T37] audit: type=1326 audit(1767134011.956:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16090 comm="syz.0.2839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed6b1ef749 code=0x7ffc0000
[ 1298.158935][T15921] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1298.159163][T15921] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1298.185802][T15921] bridge_slave_0: entered allmulticast mode
[ 1298.203144][T15921] bridge_slave_0: entered promiscuous mode
[ 1298.244633][T15921] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1298.244753][T15921] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1298.244979][T15921] bridge_slave_1: entered allmulticast mode
[ 1298.279699][T15921] bridge_slave_1: entered promiscuous mode
[ 1299.820393][T15921] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1300.082784][T15921] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1300.250454][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.250496][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.873719][T15921] team0: Port device team_slave_0 added
[ 1301.144811][T15921] team0: Port device team_slave_1 added
[ 1303.148409][T11476] bridge_slave_1: left allmulticast mode
[ 1303.148429][T11476] bridge_slave_1: left promiscuous mode
[ 1303.148612][T11476] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1303.951333][T11476] bridge_slave_0: left allmulticast mode
[ 1303.951363][T11476] bridge_slave_0: left promiscuous mode
[ 1303.951617][T11476] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1304.201785][T11476] bridge_slave_1: left allmulticast mode
[ 1304.201806][T11476] bridge_slave_1: left promiscuous mode
[ 1304.201954][T11476] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1305.082424][T11476] bridge_slave_0: left allmulticast mode
[ 1305.082446][T11476] bridge_slave_0: left promiscuous mode
[ 1305.082604][T11476] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1305.303170][   T37] audit: type=1326 audit(1767134021.396:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16151 comm="syz.3.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20b70f749 code=0x7ffc0000
[ 1305.303315][   T37] audit: type=1326 audit(1767134021.436:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16151 comm="syz.3.2855" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20b70f749 code=0x7ffc0000
[ 1308.600355][T11476] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1308.985730][T11476] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1309.271440][T11476] bond0 (unregistering): Released all slaves
[ 1309.529873][T11476] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1309.632132][T11476] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1309.875416][T11476] bond0 (unregistering): Released all slaves
[ 1310.170630][T15921] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1310.170647][T15921] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1310.170675][T15921] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1310.772142][T15921] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1310.772159][T15921] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1310.772186][T15921] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1310.989702][T16192] futex_wake_op: syz.1.2862 tries to shift op by 144; fix this program
[ 1311.995005][T15921] hsr_slave_0: entered promiscuous mode
[ 1311.995763][T15921] hsr_slave_1: entered promiscuous mode
[ 1311.996293][T15921] debugfs: 'hsr0' already exists in 'hsr'
[ 1311.996307][T15921] Cannot create hsr debugfs directory
[ 1312.159449][T11476] hsr_slave_0: left promiscuous mode
[ 1312.199752][   T37] audit: type=1326 audit(1767134028.326:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16197 comm="syz.3.2865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20b70f749 code=0x7ffc0000
[ 1312.199803][   T37] audit: type=1326 audit(1767134028.326:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16197 comm="syz.3.2865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc20b70f749 code=0x7ffc0000
[ 1312.219429][   T37] audit: type=1326 audit(1767134028.326:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16197 comm="syz.3.2865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20b70f749 code=0x7ffc0000
[ 1312.219474][   T37] audit: type=1326 audit(1767134028.326:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16197 comm="syz.3.2865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc20b70f749 code=0x7ffc0000
[ 1312.219516][   T37] audit: type=1326 audit(1767134028.336:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16197 comm="syz.3.2865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20b70f749 code=0x7ffc0000
[ 1312.219556][   T37] audit: type=1326 audit(1767134028.336:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16197 comm="syz.3.2865" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20b70f749 code=0x7ffc0000
[ 1312.245065][T11476] hsr_slave_1: left promiscuous mode
[ 1312.263171][T11476] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1312.416811][T11476] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1312.747380][T11476] hsr_slave_0: left promiscuous mode
[ 1312.799331][T11476] hsr_slave_1: left promiscuous mode
[ 1312.800332][T11476] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1312.868776][T11476] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1313.577178][T16224] sctp: [Deprecated]: syz.1.2869 (pid 16224) Use of int in maxseg socket option.
[ 1313.577178][T16224] Use struct sctp_assoc_value instead
[ 1315.139855][T11476] team0 (unregistering): Port device team_slave_1 removed
[ 1315.250002][T11476] team0 (unregistering): Port device team_slave_0 removed
[ 1317.230815][T11476] team0 (unregistering): Port device team_slave_1 removed
[ 1317.410245][T11476] team0 (unregistering): Port device team_slave_0 removed
[ 1318.296230][   T37] audit: type=1326 audit(1767134034.426:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16255 comm="syz.0.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed6b1ef749 code=0x7ffc0000
[ 1318.296545][   T37] audit: type=1326 audit(1767134034.426:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16255 comm="syz.0.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed6b1ef749 code=0x7ffc0000
[ 1318.297220][   T37] audit: type=1326 audit(1767134034.426:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16255 comm="syz.0.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fed6b1ef749 code=0x7ffc0000
[ 1318.297267][   T37] audit: type=1326 audit(1767134034.426:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16255 comm="syz.0.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed6b1ef749 code=0x7ffc0000
[ 1318.302437][   T37] audit: type=1326 audit(1767134034.426:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16255 comm="syz.0.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed6b1ef749 code=0x7ffc0000
[ 1318.302494][   T37] audit: type=1326 audit(1767134034.436:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16255 comm="syz.0.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fed6b1ef749 code=0x7ffc0000
[ 1318.302538][   T37] audit: type=1326 audit(1767134034.436:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16255 comm="syz.0.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed6b1ef749 code=0x7ffc0000
[ 1318.302580][   T37] audit: type=1326 audit(1767134034.436:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16255 comm="syz.0.2878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fed6b1ef749 code=0x7ffc0000
[ 1319.886234][T16273] sctp: [Deprecated]: syz.3.2881 (pid 16273) Use of int in maxseg socket option.
[ 1319.886234][T16273] Use struct sctp_assoc_value instead
[ 1321.870092][T14975] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1321.873057][T14975] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1321.874694][T14975] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1321.875810][T14975] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1321.903590][T14975] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1322.163907][T16295] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2884'.
[ 1322.519793][T16295] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1324.008267][T14975] Bluetooth: hci2: command tx timeout
[ 1324.082717][T15921] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1324.927620][T15921] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1325.099136][T15921] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1325.171288][T15921] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1325.821563][T16289] chnl_net:caif_netlink_parms(): no params data found
[ 1325.828254][T16331] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1325.828288][T16331] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1325.838046][T11476] bridge_slave_1: left allmulticast mode
[ 1325.838073][T11476] bridge_slave_1: left promiscuous mode
[ 1325.838347][T11476] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1325.910392][T11476] bridge_slave_0: left allmulticast mode
[ 1325.910413][T11476] bridge_slave_0: left promiscuous mode
[ 1325.910600][T11476] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1326.079362][T14975] Bluetooth: hci2: command tx timeout
[ 1327.632287][T11476] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1328.334860][T14975] Bluetooth: hci2: command tx timeout
[ 1328.926637][T11476] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1329.088990][   T37] audit: type=1326 audit(1767134045.216:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16340 comm="syz.3.2892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20b70f749 code=0x7ffc0000
[ 1329.128758][   T37] audit: type=1326 audit(1767134045.256:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16340 comm="syz.3.2892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc20b70f749 code=0x7ffc0000
[ 1329.129055][   T37] audit: type=1326 audit(1767134045.256:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16340 comm="syz.3.2892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20b70f749 code=0x7ffc0000
[ 1329.138438][   T37] audit: type=1326 audit(1767134045.266:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16340 comm="syz.3.2892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20b70f749 code=0x7ffc0000
[ 1329.257932][   T37] audit: type=1326 audit(1767134045.386:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16340 comm="syz.3.2892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc20b70f749 code=0x7ffc0000
[ 1329.292701][   T37] audit: type=1326 audit(1767134045.426:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16340 comm="syz.3.2892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20b70f749 code=0x7ffc0000
[ 1329.297176][   T37] audit: type=1326 audit(1767134045.426:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16340 comm="syz.3.2892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20b70f749 code=0x7ffc0000
[ 1329.326829][T11476] bond0 (unregistering): Released all slaves
[ 1330.216851][T11476] hsr_slave_0: left promiscuous mode
[ 1330.295717][T11476] hsr_slave_1: left promiscuous mode
[ 1330.296376][T11476] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1330.349907][T11476] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1330.399402][T14975] Bluetooth: hci2: command tx timeout
[ 1331.069105][T16372] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1331.069164][T16372] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1333.447802][ T5806] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1333.464349][ T5806] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1333.465812][ T5806] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1333.468515][ T5806] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1333.475867][ T5806] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1333.497107][T11476] team0 (unregistering): Port device team_slave_1 removed
[ 1333.750100][T11476] team0 (unregistering): Port device team_slave_0 removed
[ 1334.606065][T16406] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1334.606122][T16406] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1335.727173][ T5806] Bluetooth: hci3: command tx timeout
[ 1336.231642][   T37] audit: type=1326 audit(1767134052.356:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16403 comm="syz.1.2909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1336.231679][   T37] audit: type=1326 audit(1767134052.356:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16403 comm="syz.1.2909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1336.231703][   T37] audit: type=1326 audit(1767134052.356:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16403 comm="syz.1.2909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1336.231725][   T37] audit: type=1326 audit(1767134052.356:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16403 comm="syz.1.2909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1336.231747][   T37] audit: type=1326 audit(1767134052.356:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16403 comm="syz.1.2909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1336.231769][   T37] audit: type=1326 audit(1767134052.356:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16403 comm="syz.1.2909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1336.231791][   T37] audit: type=1326 audit(1767134052.356:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16403 comm="syz.1.2909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1336.231812][   T37] audit: type=1326 audit(1767134052.356:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16403 comm="syz.1.2909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d1650f749 code=0x7ffc0000
[ 1337.759394][ T5806] Bluetooth: hci3: command tx timeout
[ 1338.533020][T16289] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1338.533251][T16289] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1338.533481][T16289] bridge_slave_0: entered allmulticast mode
[ 1338.569667][T16289] bridge_slave_0: entered promiscuous mode
[ 1338.719058][T16289] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1338.720264][T16289] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1338.720489][T16289] bridge_slave_1: entered allmulticast mode
[ 1338.725479][T16289] bridge_slave_1: entered promiscuous mode
[ 1340.375902][T16289] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1340.429496][ T5806] Bluetooth: hci3: command tx timeout
[ 1340.484842][T16289] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1340.855928][T16471] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2923'.
[ 1342.121194][T16289] team0: Port device team_slave_0 added
[ 1342.482088][ T5806] Bluetooth: hci3: command tx timeout
[ 1342.953937][T16289] team0: Port device team_slave_1 added
[ 1343.003624][T16491] overlayfs: failed to clone upperpath
[ 1344.515989][T16289] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1344.516000][T16289] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1344.516028][T16289] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1344.863604][T16515] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2934'.
[ 1346.123427][T16289] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1346.123443][T16289] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1346.123471][T16289] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1346.780660][T16534] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2937'.
[ 1346.983530][T16534] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1347.779539][T16289] hsr_slave_0: entered promiscuous mode
[ 1347.780893][T16289] hsr_slave_1: entered promiscuous mode
[ 1347.781591][T16289] debugfs: 'hsr0' already exists in 'hsr'
[ 1347.781608][T16289] Cannot create hsr debugfs directory
[ 1347.785354][T16391] chnl_net:caif_netlink_parms(): no params data found
[ 1352.514640][T16587] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2951'.
[ 1352.637652][T16587] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1353.102728][T16391] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1353.102954][T16391] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1353.103181][T16391] bridge_slave_0: entered allmulticast mode
[ 1353.105707][T16391] bridge_slave_0: entered promiscuous mode
[ 1353.146397][T16391] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1353.146555][T16391] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1353.146782][T16391] bridge_slave_1: entered allmulticast mode
[ 1353.149175][T16391] bridge_slave_1: entered promiscuous mode
[ 1353.904874][T16391] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1354.184414][T16391] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1354.458836][T11476] bridge_slave_1: left allmulticast mode
[ 1354.458873][T11476] bridge_slave_1: left promiscuous mode
[ 1354.459107][T11476] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1354.701055][T11476] bridge_slave_0: left allmulticast mode
[ 1354.701091][T11476] bridge_slave_0: left promiscuous mode
[ 1354.701356][T11476] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1358.172209][T16639] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2962'.
[ 1358.760183][T11476] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1358.840050][T11476] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1358.886247][T11476] bond0 (unregistering): Released all slaves
[ 1359.107527][T16639] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1359.172327][T16391] team0: Port device team_slave_0 added
[ 1359.323308][T16391] team0: Port device team_slave_1 added
[ 1360.749434][T11476] hsr_slave_0: left promiscuous mode
[ 1360.791591][T11476] hsr_slave_1: left promiscuous mode
[ 1360.792744][T11476] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1360.823698][T11476] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1361.685335][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.685405][ T1317] ieee802154 phy1 wpan1: encryption failed: -22
[ 1364.025041][T11476] team0 (unregistering): Port device team_slave_1 removed
[ 1365.829897][T11476] team0 (unregistering): Port device team_slave_0 removed
[ 1366.576393][T16391] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1366.576405][T16391] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1366.576420][T16391] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1366.620247][T16391] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1366.620264][T16391] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1366.620290][T16391] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1366.860292][T16289] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1367.065318][T16289] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1367.146824][T16391] hsr_slave_0: entered promiscuous mode
[ 1367.155517][T16391] hsr_slave_1: entered promiscuous mode
[ 1367.157058][T16391] debugfs: 'hsr0' already exists in 'hsr'
[ 1367.157082][T16391] Cannot create hsr debugfs directory
[ 1367.186854][T16289] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1367.243839][T16289] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1368.839356][ T5806] Bluetooth: hci4: command 0x0406 tx timeout
[ 1370.881517][ T5806] Bluetooth: hci4: command 0x0406 tx timeout
[ 1371.987888][T16289] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1372.141586][T16289] 8021q: adding VLAN 0 to HW filter on device team0
[ 1372.342714][T11476] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1372.342854][T11476] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1372.681932][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1372.682071][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1373.454024][T16391] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1373.531748][T16391] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1373.575104][T16391] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1373.639373][T16391] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1373.748542][T16289] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1374.932672][T16391] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1375.120422][ T5806] Bluetooth: hci4: command 0x0406 tx timeout
[ 1375.435202][T16391] 8021q: adding VLAN 0 to HW filter on device team0
[ 1376.146904][T11616] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1376.147052][T11616] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1376.225211][ T6073] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1376.225337][ T6073] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1376.313641][T16826] input: syz0 as /devices/virtual/input/input6
[ 1376.803437][T16838] can0: slcan on ttyS3.
[ 1376.895789][T16289] veth0_vlan: entered promiscuous mode
[ 1376.932171][T14975] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[ 1376.932200][T14975] CPU: 1 UID: 0 PID: 14975 Comm: kworker/u9:0 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1376.932227][T14975] Tainted: [L]=SOFTLOCKUP
[ 1376.932235][T14975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1376.932248][T14975] Workqueue: hci1 hci_rx_work
[ 1376.932270][T14975] Call Trace:
[ 1376.932278][T14975]  <TASK>
[ 1376.932288][T14975]  dump_stack_lvl+0xe8/0x150
[ 1376.932317][T14975]  sysfs_create_dir_ns+0x259/0x280
[ 1376.932344][T14975]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1376.932371][T14975]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1376.932402][T14975]  ? rt_spin_unlock+0x161/0x200
[ 1376.932426][T14975]  kobject_add_internal+0x6b1/0xcd0
[ 1376.932453][T14975]  kobject_add+0x155/0x220
[ 1376.932477][T14975]  ? __pfx_kobject_add+0x10/0x10
[ 1376.932504][T14975]  ? get_device_parent+0x370/0x3a0
[ 1376.932527][T14975]  device_add+0x408/0xb80
[ 1376.932550][T14975]  hci_conn_add_sysfs+0xd5/0x210
[ 1376.932580][T14975]  le_conn_complete_evt+0xf1d/0x1420
[ 1376.932613][T14975]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1376.932635][T14975]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1376.932654][T14975]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1376.932673][T14975]  ? skb_pull_data+0xfb/0x200
[ 1376.932700][T14975]  hci_le_conn_complete_evt+0x187/0x480
[ 1376.932725][T14975]  hci_event_packet+0x78f/0x1260
[ 1376.932752][T14975]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1376.932782][T14975]  ? __pfx_hci_event_packet+0x10/0x10
[ 1376.932807][T14975]  ? rt_spin_unlock+0x150/0x200
[ 1376.932836][T14975]  ? hci_send_to_monitor+0xe2/0x590
[ 1376.932861][T14975]  hci_rx_work+0x3ee/0x1060
[ 1376.932883][T14975]  ? process_scheduled_works+0x9ef/0x1770
[ 1376.932905][T14975]  process_scheduled_works+0xad1/0x1770
[ 1376.932949][T14975]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1376.932967][T14975]  ? do_raw_spin_lock+0x121/0x290
[ 1376.933001][T14975]  worker_thread+0x8a0/0xda0
[ 1376.933033][T14975]  ? __kthread_parkme+0x7b/0x200
[ 1376.933063][T14975]  kthread+0x711/0x8a0
[ 1376.933090][T14975]  ? __pfx_worker_thread+0x10/0x10
[ 1376.933111][T14975]  ? __pfx_kthread+0x10/0x10
[ 1376.933134][T14975]  ? rt_spin_unlock+0x150/0x200
[ 1376.933162][T14975]  ? rt_spin_unlock+0x161/0x200
[ 1376.933184][T14975]  ? __pfx_kthread+0x10/0x10
[ 1376.933209][T14975]  ret_from_fork+0x510/0xa50
[ 1376.933232][T14975]  ? __pfx_ret_from_fork+0x10/0x10
[ 1376.933250][T14975]  ? __switch_to+0xc9e/0x1480
[ 1376.933281][T14975]  ? __pfx_kthread+0x10/0x10
[ 1376.933307][T14975]  ret_from_fork_asm+0x1a/0x30
[ 1376.933352][T14975]  </TASK>
[ 1376.935869][T14975] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1376.935979][T14975] Bluetooth: hci1: failed to register connection device
[ 1377.164632][T16289] veth1_vlan: entered promiscuous mode
[ 1377.202321][ T5804] Bluetooth: hci4: command 0x0406 tx timeout
[ 1377.467282][T16289] veth0_macvtap: entered promiscuous mode
[ 1377.491003][T16289] veth1_macvtap: entered promiscuous mode
[ 1377.576423][T16289] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1377.736961][T16289] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1377.776918][T16837] can0 (unregistered): slcan off ttyS3.
[ 1377.782987][  T805] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1377.793342][  T805] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1377.799185][  T805] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1377.826458][  T805] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1377.982304][T16391] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1378.966045][T14975] Bluetooth: hci1: command 0x0406 tx timeout
[ 1379.882255][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1379.882274][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1380.095766][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1380.095787][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1381.039425][T14975] Bluetooth: hci1: command 0x0406 tx timeout
[ 1381.322570][T16391] veth0_vlan: entered promiscuous mode
[ 1381.358038][T16391] veth1_vlan: entered promiscuous mode
[ 1382.502371][T16391] veth0_macvtap: entered promiscuous mode
[ 1382.513746][T16391] veth1_macvtap: entered promiscuous mode
[ 1382.895532][T16391] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1384.187043][T16391] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1385.107450][ T1509] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1385.152635][ T3570] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1385.226764][ T3570] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1385.226815][ T3570] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1385.285330][T14975] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1385.298258][T14975] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1385.312792][T14975] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1385.328276][T14975] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1385.332681][T14975] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1386.761897][ T6073] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1386.761920][ T6073] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1387.109381][ T5899] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1387.289336][ T5899] usb 4-1: Using ep0 maxpacket: 32
[ 1387.291278][ T5899] usb 4-1: config 4 has an invalid interface number: 128 but max is 0
[ 1387.291295][ T5899] usb 4-1: config 4 has no interface number 0
[ 1387.291329][ T5899] usb 4-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1387.291345][ T5899] usb 4-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1387.291366][ T5899] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1387.291378][ T5899] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1387.364642][ T5899] hub 4-1:4.128: USB hub found
[ 1387.424937][T11616] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1387.424957][T11616] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1387.439452][ T5806] Bluetooth: hci5: command tx timeout
[ 1387.548959][ T5899] hub 4-1:4.128: 2 ports detected
[ 1387.549000][ T5899] hub 4-1:4.128: Using single TT (err -22)
[ 1387.799541][ T5899] hub 4-1:4.128: hub_hub_status failed (err = -71)
[ 1387.799569][ T5899] hub 4-1:4.128: config failed, can't get hub status (err -71)
[ 1387.862766][ T5899] usb 4-1: USB disconnect, device number 10
[ 1389.158554][ T6073] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1389.524613][ T5806] Bluetooth: hci5: command tx timeout
[ 1392.299960][ T5806] Bluetooth: hci5: command tx timeout
[ 1393.192369][T17001] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3025'.
[ 1393.192808][T17001] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3025'.
[ 1394.154931][ T6073] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1394.336007][T17001] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1394.340468][ T5806] Bluetooth: hci5: command tx timeout
[ 1395.896077][ T6073] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1396.216011][T17028] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3032'.
[ 1398.952945][ T6073] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1399.158517][T16936] chnl_net:caif_netlink_parms(): no params data found
[ 1408.010626][T16936] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1408.010755][T16936] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1408.010994][T16936] bridge_slave_0: entered allmulticast mode
[ 1408.024627][T16936] bridge_slave_0: entered promiscuous mode
[ 1408.144406][T16936] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1408.146385][T16936] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1408.146617][T16936] bridge_slave_1: entered allmulticast mode
[ 1408.189068][T16936] bridge_slave_1: entered promiscuous mode
[ 1411.288635][T16936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1411.302339][T16936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1411.869783][ T6073] bridge_slave_1: left allmulticast mode
[ 1411.869812][ T6073] bridge_slave_1: left promiscuous mode
[ 1411.870057][ T6073] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1411.970948][ T6073] bridge_slave_0: left allmulticast mode
[ 1411.970977][ T6073] bridge_slave_0: left promiscuous mode
[ 1411.971368][ T6073] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1419.080071][ T6073] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1419.120156][ T6073] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1419.150779][ T6073] bond0 (unregistering): Released all slaves
[ 1419.875191][T16936] team0: Port device team_slave_0 added
[ 1421.537090][T17214] Driver unsupported XDP return value 0 on prog  (id 570) dev N/A, expect packet loss!
[ 1422.788023][T16936] team0: Port device team_slave_1 added
[ 1423.125448][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[ 1427.928753][T16936] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1427.928775][T16936] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1427.928803][T16936] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1428.486477][T16936] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1428.486494][T16936] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1428.486518][T16936] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1430.610291][ T6073] hsr_slave_0: left promiscuous mode
[ 1430.660995][ T6073] hsr_slave_1: left promiscuous mode
[ 1430.908410][ T6073] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1430.909010][ T6073] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1431.073444][ T6073] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1431.073472][ T6073] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1432.736088][ T6073] veth1_macvtap: left promiscuous mode
[ 1432.736198][ T6073] veth0_macvtap: left promiscuous mode
[ 1432.736488][ T6073] veth1_vlan: left promiscuous mode
[ 1432.736672][ T6073] veth0_vlan: left promiscuous mode
[ 1441.881729][T17307] Set syz1 is full, maxelem 65536 reached
[ 1445.195606][   T37] audit: type=1326 audit(1767134161.326:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17373 comm="syz.4.3133" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3c823df749 code=0x0
[ 1445.356740][T14975] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1445.361214][T14975] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1445.362919][T14975] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1445.365687][T14975] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1445.366375][T14975] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1446.988275][T17411] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3138'.
[ 1448.953322][ T5806] Bluetooth: hci2: command tx timeout
[ 1449.361062][T17424] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3142'.
[ 1450.962270][ T5806] Bluetooth: hci2: command tx timeout
[ 1453.160667][ T5806] Bluetooth: hci2: command tx timeout
[ 1454.549853][ T6073] team0 (unregistering): Port device team_slave_1 removed
[ 1455.659421][ T5806] Bluetooth: hci2: command tx timeout
[ 1455.742115][ T6073] team0 (unregistering): Port device team_slave_0 removed
[ 1456.225238][ T5806] Bluetooth: hci3: command 0x0406 tx timeout
[ 1463.209659][T17500] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3161'.
[ 1463.705876][T17391] chnl_net:caif_netlink_parms(): no params data found
[ 1464.864128][T17525] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3167'.
[ 1467.777449][T17391] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1467.778159][T17391] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1467.778402][T17391] bridge_slave_0: entered allmulticast mode
[ 1467.817911][T17391] bridge_slave_0: entered promiscuous mode
[ 1468.866190][T17391] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1468.891375][T17391] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1468.954883][T17391] bridge_slave_1: entered allmulticast mode
[ 1469.030746][T17391] bridge_slave_1: entered promiscuous mode
[ 1469.705475][ T1158] bridge_slave_1: left allmulticast mode
[ 1469.705504][ T1158] bridge_slave_1: left promiscuous mode
[ 1469.705742][ T1158] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1469.860684][ T1158] bridge_slave_0: left allmulticast mode
[ 1469.860715][ T1158] bridge_slave_0: left promiscuous mode
[ 1469.860992][ T1158] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1471.591673][ T1158] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1473.150297][ T1158] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1473.220947][ T1158] bond0 (unregistering): Released all slaves
[ 1473.249601][T17600] lo: entered allmulticast mode
[ 1473.250188][T17600] tunl0: entered allmulticast mode
[ 1473.250587][T17600] gre0: entered allmulticast mode
[ 1473.250959][T17600] gretap0: entered allmulticast mode
[ 1473.251328][T17600] erspan0: entered allmulticast mode
[ 1473.251683][T17600] ip_vti0: entered allmulticast mode
[ 1473.252085][T17600] ip6_vti0: entered allmulticast mode
[ 1473.252439][T17600] sit0: entered allmulticast mode
[ 1473.252923][T17600] ip6tnl0: entered allmulticast mode
[ 1473.253367][T17600] ip6gre0: entered allmulticast mode
[ 1473.254141][T17600] ip6gretap0: entered allmulticast mode
[ 1473.254503][T17600] bridge0: entered allmulticast mode
[ 1473.254889][T17600] vcan0: entered allmulticast mode
[ 1473.255299][T17600] bond0: entered allmulticast mode
[ 1473.255307][T17600] bond_slave_0: entered allmulticast mode
[ 1473.255317][T17600] bond_slave_1: entered allmulticast mode
[ 1473.255895][T17600] team0: entered allmulticast mode
[ 1473.255904][T17600] team_slave_0: entered allmulticast mode
[ 1473.255913][T17600] team_slave_1: entered allmulticast mode
[ 1473.256496][T17600] dummy0: entered allmulticast mode
[ 1473.256901][T17600] nlmon0: entered allmulticast mode
[ 1473.257423][T17600] caif0: entered allmulticast mode
[ 1473.257530][T17600] batadv0: entered allmulticast mode
[ 1473.258115][T17600] vxcan0: entered allmulticast mode
[ 1473.258531][T17600] vxcan1: entered allmulticast mode
[ 1473.259046][T17600] veth0: entered allmulticast mode
[ 1473.259732][T17600] veth1: entered allmulticast mode
[ 1473.260498][T17600] wg0: entered allmulticast mode
[ 1473.261204][T17600] wg1: entered allmulticast mode
[ 1473.261943][T17600] wg2: entered allmulticast mode
[ 1473.262637][T17600] veth0_to_bridge: entered allmulticast mode
[ 1473.264064][T17600] veth1_to_bridge: entered allmulticast mode
[ 1473.265095][T17600] veth0_to_bond: entered allmulticast mode
[ 1473.265871][T17600] veth1_to_bond: entered allmulticast mode
[ 1473.266655][T17600] veth0_to_team: entered allmulticast mode
[ 1473.268355][T17600] veth1_to_team: entered allmulticast mode
[ 1473.269512][T17600] veth0_to_batadv: entered allmulticast mode
[ 1473.269933][T17600] batadv_slave_0: entered allmulticast mode
[ 1473.270335][T17600] veth1_to_batadv: entered allmulticast mode
[ 1473.270722][T17600] batadv_slave_1: entered allmulticast mode
[ 1473.271124][T17600] xfrm0: entered allmulticast mode
[ 1473.271528][T17600] veth0_to_hsr: entered allmulticast mode
[ 1473.271928][T17600] hsr_slave_0: entered allmulticast mode
[ 1473.272306][T17600] veth1_to_hsr: entered allmulticast mode
[ 1473.272699][T17600] hsr_slave_1: entered allmulticast mode
[ 1473.273091][T17600] hsr0: entered allmulticast mode
[ 1473.273622][T17600] veth1_virt_wifi: entered allmulticast mode
[ 1473.274082][T17600] veth0_virt_wifi: entered allmulticast mode
[ 1473.274475][T17600] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[ 1473.274570][T17600] veth1_vlan: entered allmulticast mode
[ 1473.274979][T17600] veth0_vlan: entered allmulticast mode
[ 1473.275526][T17600] vlan0: entered allmulticast mode
[ 1473.275931][T17600] vlan1: entered allmulticast mode
[ 1473.276325][T17600] macvlan0: entered allmulticast mode
[ 1473.276731][T17600] macvlan1: entered allmulticast mode
[ 1473.277131][T17600] ipvlan0: entered allmulticast mode
[ 1473.277233][T17600] ipvlan1: entered allmulticast mode
[ 1473.277329][T17600] veth1_macvtap: entered allmulticast mode
[ 1473.277868][T17600] veth0_macvtap: entered allmulticast mode
[ 1473.278278][T17600] macvtap0: entered allmulticast mode
[ 1473.278683][T17600] macsec0: entered allmulticast mode
[ 1473.279055][T17600] geneve0: entered allmulticast mode
[ 1473.279614][T17600] geneve1: entered allmulticast mode
[ 1473.280020][T17600] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[ 1473.280479][T17600] netdevsim netdevsim1 netdevsim1: entered allmulticast mode
[ 1473.280888][T17600] netdevsim netdevsim1 netdevsim2: entered allmulticast mode
[ 1473.281300][T17600] netdevsim netdevsim1 netdevsim3: entered allmulticast mode
[ 1473.281731][T17600] mac80211_hwsim hwsim8 wlan0: entered allmulticast mode
[ 1473.282159][T17600] mac80211_hwsim hwsim10 wlan1: entered allmulticast mode
[ 1473.282829][T17600] mac80211_hwsim hwsim10 pimreg: entered allmulticast mode
[ 1473.282939][T17600] bridge1: entered allmulticast mode
[ 1473.287367][T17391] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1473.740211][T17391] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1476.579946][ T1158] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1476.921590][ T1158] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1480.550278][ T1158] team0 (unregistering): Port device team_slave_1 removed
[ 1480.862194][ T1158] team0 (unregistering): Port device team_slave_0 removed
[ 1483.477285][T17698] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3206'.
[ 1484.031440][T17391] team0: Port device team_slave_0 added
[ 1484.115244][T17391] team0: Port device team_slave_1 added
[ 1484.612520][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.915118][T17391] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1484.915135][T17391] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1484.915161][T17391] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1484.917415][T17391] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1484.917430][T17391] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1484.917455][T17391] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1486.365221][T17391] hsr_slave_0: entered promiscuous mode
[ 1486.376490][T17391] hsr_slave_1: entered promiscuous mode
[ 1486.385895][T17391] debugfs: 'hsr0' already exists in 'hsr'
[ 1486.385925][T17391] Cannot create hsr debugfs directory
[ 1489.734164][T14975] Bluetooth: Wrong link type (-57)
[ 1494.468410][T17855] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3246'.
[ 1495.340401][T17859] Bluetooth: MGMT ver 1.23
[ 1495.840987][T17391] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1496.208276][T17391] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1496.550220][T17391] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1496.748077][T17391] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1497.398970][T17391] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1497.444573][T17391] 8021q: adding VLAN 0 to HW filter on device team0
[ 1497.468053][ T1158] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1497.468259][ T1158] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1497.509367][T14267] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 1497.515892][ T1459] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1497.516044][ T1459] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1497.669403][T14267] usb 4-1: Using ep0 maxpacket: 32
[ 1497.676516][T14267] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1497.676567][T14267] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1497.676591][T14267] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1497.701306][T14267] usb 4-1: config 0 descriptor??
[ 1497.721384][T14267] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1497.925489][T17917] input: syz0 as /devices/virtual/input/input9
[ 1498.664544][T17391] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1500.332000][T16646] usb 4-1: USB disconnect, device number 11
[ 1500.494791][T17391] veth0_vlan: entered promiscuous mode
[ 1500.541525][T17391] veth1_vlan: entered promiscuous mode
[ 1500.697511][T17391] veth0_macvtap: entered promiscuous mode
[ 1500.712142][T17391] veth1_macvtap: entered promiscuous mode
[ 1500.762612][T17391] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1500.854068][T17391] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1500.892621][  T990] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1500.913606][  T990] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1500.915910][  T990] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1500.940371][  T990] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1501.861560][T17039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1501.861582][T17039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1501.988863][ T3584] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1501.988885][ T3584] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1502.989435][T14267] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[ 1503.149398][T14267] usb 4-1: Using ep0 maxpacket: 32
[ 1503.154661][T14267] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1503.154689][T14267] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1503.154701][T14267] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1503.169555][T14267] usb 4-1: config 0 descriptor??
[ 1503.214350][T14267] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1503.453229][ T5806] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1503.523758][ T5806] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1503.549554][ T5806] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1503.560295][ T5806] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1503.561004][ T5806] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1505.599831][T14975] Bluetooth: hci5: command tx timeout
[ 1505.779821][ T5899] usb 4-1: USB disconnect, device number 12
[ 1507.086294][  T990] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1507.086328][  T990] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1507.570666][T13744] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 1507.679445][T14975] Bluetooth: hci5: command tx timeout
[ 1507.953163][T13744] usb 5-1: Using ep0 maxpacket: 32
[ 1508.169698][T13744] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[ 1508.169728][T13744] usb 5-1: config 0 has no interface number 0
[ 1508.169781][T13744] usb 5-1: config 0 interface 184 has no altsetting 0
[ 1508.548840][T13744] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1508.548905][T13744] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1508.548957][T13744] usb 5-1: Product: syz
[ 1508.548971][T13744] usb 5-1: Manufacturer: syz
[ 1508.549024][T13744] usb 5-1: SerialNumber: syz
[ 1508.689032][T13744] usb 5-1: config 0 descriptor??
[ 1508.889723][T13744] smsc75xx v1.0.0
[ 1509.759539][T14975] Bluetooth: hci5: command tx timeout
[ 1510.087207][T13744] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[ 1510.087237][T13744] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1510.114262][T13744] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1510.114293][T13744] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[ 1510.114311][T13744] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[ 1510.114328][T13744] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[ 1510.114839][T13744] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71
[ 1510.134247][  T990] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1510.134283][  T990] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1510.220113][T13744] usb 5-1: USB disconnect, device number 2
[ 1510.734647][  T990] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1510.734683][  T990] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1510.804123][T18014] chnl_net:caif_netlink_parms(): no params data found
[ 1511.082531][  T990] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1511.082553][  T990] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[ 1511.846235][T14975] Bluetooth: hci5: command tx timeout
[ 1512.735327][T18014] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1512.735513][T18014] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1512.735694][T18014] bridge_slave_0: entered allmulticast mode
[ 1512.771306][T18014] bridge_slave_0: entered promiscuous mode
[ 1512.784299][T18014] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1512.787796][T18014] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1512.788039][T18014] bridge_slave_1: entered allmulticast mode
[ 1512.818872][T18014] bridge_slave_1: entered promiscuous mode
[ 1512.945929][T18115] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3315'.
[ 1513.163476][  T990] bridge_slave_1: left promiscuous mode
[ 1513.163711][  T990] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1513.497097][  T990] bridge_slave_0: left promiscuous mode
[ 1513.497347][  T990] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1514.085658][T18126] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3318'.
[ 1518.519378][ T6004] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[ 1518.779388][ T6004] usb 5-1: Using ep0 maxpacket: 32
[ 1518.785230][ T6004] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1518.785262][ T6004] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1518.785285][ T6004] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1518.785297][ T6004] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1518.788928][ T6004] usb 5-1: config 0 descriptor??
[ 1519.876041][ T6004] usbhid 5-1:0.0: can't add hid device: -71
[ 1519.876117][ T6004] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1519.887480][ T6004] usb 5-1: USB disconnect, device number 3
[ 1522.455091][T18209] Process accounting resumed
[ 1522.630196][  T990] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1522.639458][T14267] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[ 1522.701414][  T990] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1522.747383][  T990] bond0 (unregistering): Released all slaves
[ 1522.809334][T14267] usb 4-1: Using ep0 maxpacket: 32
[ 1522.814271][T18014] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1522.819883][T14267] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1522.819912][T14267] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1522.819949][T14267] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1522.819971][T14267] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1522.825104][T14267] usb 4-1: config 0 descriptor??
[ 1523.046021][T18014] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1523.046284][  T990] tipc: Disabling bearer <udp:syz2>
[ 1523.046584][  T990] tipc: Left network mode
[ 1523.238245][T14267] usbhid 4-1:0.0: can't add hid device: -71
[ 1523.238364][T14267] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1523.273425][T14267] usb 4-1: USB disconnect, device number 13
[ 1523.680187][T18227] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3351'.
[ 1525.460660][T18014] team0: Port device team_slave_0 added
[ 1525.460798][T18227] tipc: Started in network mode
[ 1525.460824][T18227] tipc: Node identity ac1414aa, cluster identity 4711
[ 1525.515320][T18227] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1525.558353][T18014] team0: Port device team_slave_1 added
[ 1527.291000][T14267] tipc: Node number set to 2886997162
[ 1527.347002][T18014] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1527.347018][T18014] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1527.347043][T18014] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1527.398792][T18014] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1527.398818][T18014] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1527.398842][T18014] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1528.007351][T18264] kvm: requested 128228 ns i8254 timer period limited to 200000 ns
[ 1528.019124][  T990] hsr_slave_0: left promiscuous mode
[ 1528.031365][T18264] kvm: requested 81295 ns i8254 timer period limited to 200000 ns
[ 1528.031613][T18264] kvm: requested 89676 ns i8254 timer period limited to 200000 ns
[ 1528.031849][T18264] kvm: requested 2514 ns i8254 timer period limited to 200000 ns
[ 1528.032083][T18264] kvm: requested 14247 ns i8254 timer period limited to 200000 ns
[ 1528.032391][T18264] kvm: requested 15923 ns i8254 timer period limited to 200000 ns
[ 1528.032701][T18264] kvm: requested 99733 ns i8254 timer period limited to 200000 ns
[ 1528.033245][T18264] kvm: requested 191923 ns i8254 timer period limited to 200000 ns
[ 1528.033410][T18264] kvm: requested 180190 ns i8254 timer period limited to 200000 ns
[ 1528.037727][T18264] kvm: requested 134933 ns i8254 timer period limited to 200000 ns
[ 1528.123525][  T990] hsr_slave_1: left promiscuous mode
[ 1528.124511][  T990] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1528.124534][  T990] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1528.165387][  T990] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1528.165415][  T990] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1529.251688][  T990] veth1_macvtap: left promiscuous mode
[ 1529.251796][  T990] veth0_macvtap: left promiscuous mode
[ 1529.252058][  T990] veth1_vlan: left promiscuous mode
[ 1529.252234][  T990] veth0_vlan: left promiscuous mode
[ 1530.708902][T18285] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3367'.
[ 1531.319406][T16878] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[ 1531.500153][T16878] usb 5-1: Using ep0 maxpacket: 32
[ 1531.507727][T16878] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1531.508043][T16878] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1531.582280][T16878] usb 5-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=71.1e
[ 1531.582309][T16878] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1531.582328][T16878] usb 5-1: Product: syz
[ 1531.582342][T16878] usb 5-1: Manufacturer: syz
[ 1531.582355][T16878] usb 5-1: SerialNumber: syz
[ 1531.639523][T16878] usb 5-1: config 0 descriptor??
[ 1531.940081][T17012] usb 5-1: USB disconnect, device number 4
[ 1537.609878][  T990] team0 (unregistering): Port device team_slave_1 removed
[ 1538.650130][  T990] team0 (unregistering): Port device team_slave_0 removed
[ 1538.686383][T17012] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 1538.859497][T17012] usb 4-1: Using ep0 maxpacket: 32
[ 1538.861835][T17012] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1538.861866][T17012] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1538.861901][T17012] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1538.861923][T17012] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1538.899508][T17012] usb 4-1: config 0 descriptor??
[ 1539.338618][T17012] usbhid 4-1:0.0: can't add hid device: -71
[ 1539.338700][T17012] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1539.357913][T17012] usb 4-1: USB disconnect, device number 14
[ 1544.098020][T18285] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1545.099317][T18014] hsr_slave_0: entered promiscuous mode
[ 1545.105423][T18014] hsr_slave_1: entered promiscuous mode
[ 1545.106367][T18014] debugfs: 'hsr0' already exists in 'hsr'
[ 1545.106390][T18014] Cannot create hsr debugfs directory
[ 1545.176990][ T5806] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1545.233139][ T5806] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1545.250913][ T5806] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1545.252616][ T5806] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1545.253492][ T5806] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1546.028666][ T1317] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.391032][ T8732] syz_tun (unregistering): left allmulticast mode
[ 1547.854534][ T5806] Bluetooth: hci1: command tx timeout
[ 1548.024153][T18395] capability: warning: `syz.4.3393' uses 32-bit capabilities (legacy support in use)
[ 1550.255643][ T5806] Bluetooth: hci1: command tx timeout
[ 1552.881311][ T5806] Bluetooth: hci1: command tx timeout
[ 1657.999254][    C1] rcu: INFO: rcu_preempt self-detected stall on CPU
[ 1657.999282][    C1] rcu: 	1-...!: (10501 ticks this GP) idle=5d5c/1/0x4000000000000000 softirq=0/0 fqs=0 rcuc=10502 jiffies(starved)
[ 1657.999309][    C1] rcu: 	(t=10501 jiffies g=60537 q=135 ncpus=2)
[ 1657.999321][    C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 10500 jiffies! g60537 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[ 1657.999339][    C1] rcu: 	Possible timer handling issue on cpu=1 timer-softirq=52049
[ 1657.999348][    C1] rcu: rcu_preempt kthread starved for 10501 jiffies! g60537 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1
[ 1657.999366][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1657.999374][    C1] rcu: RCU grace-period kthread stack dump:
[ 1657.999381][    C1] task:rcu_preempt     state:I stack:27096 pid:18    tgid:18    ppid:2      task_flags:0x208040 flags:0x00080000
[ 1657.999430][    C1] Call Trace:
[ 1657.999437][    C1]  <TASK>
[ 1657.999449][    C1]  __schedule+0x145f/0x5070
[ 1657.999481][    C1]  ? __lock_acquire+0x6b6/0x2cf0
[ 1657.999522][    C1]  ? __pfx___schedule+0x10/0x10
[ 1657.999551][    C1]  ? schedule+0x91/0x360
[ 1657.999575][    C1]  schedule+0x165/0x360
[ 1657.999598][    C1]  schedule_timeout+0x12b/0x270
[ 1657.999620][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[ 1657.999642][    C1]  ? __pfx_process_timeout+0x10/0x10
[ 1657.999663][    C1]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1657.999679][    C1]  ? prepare_to_swait_event+0x341/0x380
[ 1657.999702][    C1]  rcu_gp_fqs_loop+0x301/0x1540
[ 1657.999735][    C1]  ? rcu_gp_init+0x11da/0x1650
[ 1657.999760][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1657.999779][    C1]  ? _raw_spin_unlock_irq+0x2e/0x50
[ 1657.999799][    C1]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1657.999818][    C1]  rcu_gp_kthread+0x99/0x390
[ 1657.999841][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1657.999862][    C1]  ? __kthread_parkme+0x7b/0x200
[ 1657.999881][    C1]  ? __kthread_parkme+0x1a1/0x200
[ 1657.999904][    C1]  kthread+0x711/0x8a0
[ 1657.999927][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1657.999947][    C1]  ? __pfx_kthread+0x10/0x10
[ 1657.999966][    C1]  ? rt_spin_unlock+0x150/0x200
[ 1657.999990][    C1]  ? rt_spin_unlock+0x161/0x200
[ 1658.000008][    C1]  ? __pfx_kthread+0x10/0x10
[ 1658.000028][    C1]  ret_from_fork+0x510/0xa50
[ 1658.000048][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1658.000063][    C1]  ? __switch_to+0xc9e/0x1480
[ 1658.000088][    C1]  ? __pfx_kthread+0x10/0x10
[ 1658.000109][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1658.000144][    C1]  </TASK>
[ 1658.000180][    C1] Sending NMI from CPU 1 to CPUs 0:
[ 1658.000213][    C0] NMI backtrace for cpu 0
[ 1658.000235][    C0] CPU: 0 UID: 0 PID: 17391 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1658.000265][    C0] Tainted: [L]=SOFTLOCKUP
[ 1658.000271][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1658.000282][    C0] RIP: 0010:mm_get_cid+0xab/0x130
[ 1658.000303][    C0] Code: 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 49 c7 c5 c8 84 01 8d 49 c1 ed 03 bd 00 00 00 80 eb 07 44 89 f0 f7 d8 71 d4 f3 90 <43> 0f b6 44 25 00 84 c0 75 41 44 8b 3d 6c 8b 6f 0b 48 89 df 4c 89
[ 1658.000319][    C0] RSP: 0018:ffffc9000516f968 EFLAGS: 00000887
[ 1658.000335][    C0] RAX: 0000000080000000 RBX: ffff888038e14bd0 RCX: 1ffff110032e467c
[ 1658.000349][    C0] RDX: 0000000000000002 RSI: 0000000000000002 RDI: ffff888038e14bd0
[ 1658.000360][    C0] RBP: 0000000080000000 R08: 0000000000000000 R09: 0000000000000000
[ 1658.000372][    C0] R10: dffffc0000000000 R11: ffffed10071c294b R12: dffffc0000000000
[ 1658.000385][    C0] R13: 1ffffffff1a03099 R14: 0000000080000000 R15: 0000000000000002
[ 1658.000398][    C0] FS:  000055555f0ba500(0000) GS:ffff888126cef000(0000) knlGS:0000000000000000
[ 1658.000414][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1658.000426][    C0] CR2: 0000001b2f521ff8 CR3: 0000000026ad8000 CR4: 00000000003526f0
[ 1658.000443][    C0] Call Trace:
[ 1658.000449][    C0]  <TASK>
[ 1658.000459][    C0]  __schedule+0x212a/0x5070
[ 1658.000511][    C0]  ? __lock_acquire+0x6b6/0x2cf0
[ 1658.000568][    C0]  ? do_raw_spin_unlock+0x122/0x240
[ 1658.000620][    C0]  ? __pfx___schedule+0x10/0x10
[ 1658.000682][    C0]  ? schedule+0x91/0x360
[ 1658.000721][    C0]  schedule+0x165/0x360
[ 1658.000745][    C0]  do_nanosleep+0x20f/0x650
[ 1658.000770][    C0]  ? do_nanosleep+0x8a/0x650
[ 1658.000795][    C0]  ? __pfx_do_nanosleep+0x10/0x10
[ 1658.000819][    C0]  ? __hrtimer_setup+0x184/0x200
[ 1658.000835][    C0]  ? __pfx_hrtimer_wakeup+0x10/0x10
[ 1658.000855][    C0]  hrtimer_nanosleep+0x1f7/0x410
[ 1658.000874][    C0]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[ 1658.000893][    C0]  ? __pfx_hrtimer_wakeup+0x10/0x10
[ 1658.000911][    C0]  ? __pfx_get_timespec64+0x10/0x10
[ 1658.000940][    C0]  __se_sys_clock_nanosleep+0x339/0x390
[ 1658.000965][    C0]  ? __pfx___se_sys_clock_nanosleep+0x10/0x10
[ 1658.000989][    C0]  do_syscall_64+0xec/0xf80
[ 1658.001005][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1658.001022][    C0]  ? trace_irq_disable+0x37/0x100
[ 1658.001039][    C0]  ? clear_bhb_loop+0x60/0xb0
[ 1658.001058][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1658.001076][    C0] RIP: 0033:0x7ffaf2272005
[ 1658.001095][    C0] Code: Unable to access opcode bytes at 0x7ffaf2271fdb.
[ 1658.001105][    C0] RSP: 002b:00007fff1fc7ef30 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 1658.001123][    C0] RAX: ffffffffffffffda RBX: 000000000000004a RCX: 00007ffaf2272005
[ 1658.001135][    C0] RDX: 00007fff1fc7ef70 RSI: 0000000000000000 RDI: 0000000000000000
[ 1658.001147][    C0] RBP: 00007fff1fc7efdc R08: 0000000000000000 R09: 0000000000000000
[ 1658.001158][    C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000001388
[ 1658.001169][    C0] R13: 00000000000927c0 R14: 000000000017b180 R15: 00007fff1fc7f030
[ 1658.001191][    C0]  </TASK>
[ 1658.001211][    C1] CPU: 1 UID: 0 PID: 18446 Comm: syz.4.3404 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1658.001252][    C1] Tainted: [L]=SOFTLOCKUP
[ 1658.001263][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1658.001280][    C1] RIP: 0010:smp_call_function_many_cond+0xe77/0x1250
[ 1658.001318][    C1] Code: 45 8b 2c 24 44 89 ee 83 e6 01 31 ff e8 22 9c 0b 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 5d 97 0b 00 eb 38 f3 90 <42> 0f b6 04 2b 84 c0 75 11 41 f7 04 24 01 00 00 00 74 1e e8 41 97
[ 1658.001342][    C1] RSP: 0018:ffffc900052bf9e0 EFLAGS: 00000246
[ 1658.001366][    C1] RAX: ffffffff81b414ef RBX: 1ffff11017108b21 RCX: 0000000000080000
[ 1658.001389][    C1] RDX: ffffc900145fa000 RSI: 000000000007ffff RDI: 0000000000080000
[ 1658.001409][    C1] RBP: ffffc900052bfb20 R08: 0000000000000000 R09: 0000000000000000
[ 1658.001429][    C1] R10: dffffc0000000000 R11: fffffbfff1db668f R12: ffff8880b8845908
[ 1658.001452][    C1] R13: dffffc0000000000 R14: ffff8880b893c8c0 R15: 0000000000000000
[ 1658.001474][    C1] FS:  00007f3c806466c0(0000) GS:ffff888126def000(0000) knlGS:0000000000000000
[ 1658.001500][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1658.001521][    C1] CR2: 00007f3c8262b1d0 CR3: 0000000032816000 CR4: 00000000003526f0
[ 1658.001545][    C1] Call Trace:
[ 1658.001551][    C1]  <TASK>
[ 1658.001562][    C1]  ? __pfx_do_sync_core+0x10/0x10
[ 1658.001589][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 1658.001609][    C1]  ? __schedule+0x3a0d/0x5070
[ 1658.001630][    C1]  ? __pfx___text_poke+0x10/0x10
[ 1658.001653][    C1]  ? __pfx_do_sync_core+0x10/0x10
[ 1658.001672][    C1]  on_each_cpu_cond_mask+0x3f/0x80
[ 1658.001692][    C1]  smp_text_poke_batch_finish+0x5f9/0x1130
[ 1658.001718][    C1]  ? lock_acquire+0x107/0x340
[ 1658.001744][    C1]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[ 1658.001766][    C1]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1658.001781][    C1]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1658.001795][    C1]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1658.001812][    C1]  ? arch_jump_label_transform_apply+0x17/0x30
[ 1658.001831][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[ 1658.001846][    C1]  static_key_enable_cpuslocked+0x128/0x240
[ 1658.001866][    C1]  static_key_enable+0x1a/0x20
[ 1658.001882][    C1]  sched_core_get+0xaf/0x170
[ 1658.001900][    C1]  sched_core_alloc_cookie+0x71/0xa0
[ 1658.001915][    C1]  ? sched_core_share_pid+0xd1/0x7b0
[ 1658.001929][    C1]  sched_core_share_pid+0x312/0x7b0
[ 1658.001949][    C1]  ? cap_task_prctl+0x1de/0xaa0
[ 1658.001972][    C1]  ? __pfx_sched_core_share_pid+0x10/0x10
[ 1658.001987][    C1]  ? static_key_count+0x41/0x70
[ 1658.002002][    C1]  ? security_task_prctl+0x163/0x190
[ 1658.002023][    C1]  __se_sys_prctl+0x223/0x1830
[ 1658.002047][    C1]  ? __pfx___se_sys_prctl+0x10/0x10
[ 1658.002074][    C1]  ? __x64_sys_prctl+0x20/0xc0
[ 1658.002097][    C1]  do_syscall_64+0xec/0xf80
[ 1658.002111][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1658.002126][    C1]  ? trace_irq_disable+0x37/0x100
[ 1658.002141][    C1]  ? clear_bhb_loop+0x60/0xb0
[ 1658.002159][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1658.002174][    C1] RIP: 0033:0x7f3c823df749
[ 1658.002188][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1658.002201][    C1] RSP: 002b:00007f3c80646038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[ 1658.002216][    C1] RAX: ffffffffffffffda RBX: 00007f3c82635fa0 RCX: 00007f3c823df749
[ 1658.002228][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000003e
[ 1658.002238][    C1] RBP: 00007f3c82463f91 R08: 0000000000000000 R09: 0000000000000000
[ 1658.002248][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 1658.002257][    C1] R13: 00007f3c82636038 R14: 00007f3c82635fa0 R15: 00007ffeebb9bd78
[ 1658.002283][    C1]  </TASK>
[ 1806.390002][    C1] watchdog: BUG: soft lockup - CPU#1 stuck for 246s! [syz.4.3404:18446]
[ 1806.390040][    C1] Modules linked in:
[ 1806.390052][    C1] irq event stamp: 51518
[ 1806.390059][    C1] hardirqs last  enabled at (51517): [<ffffffff8ad19e0d>] irqentry_exit+0x5dd/0x660
[ 1806.390086][    C1] hardirqs last disabled at (51518): [<ffffffff8ad1879e>] sysvec_apic_timer_interrupt+0xe/0xc0
[ 1806.390112][    C1] softirqs last  enabled at (0): [<ffffffff8182c155>] copy_process+0x915/0x3960
[ 1806.390134][    C1] softirqs last disabled at (0): [<0000000000000000>] 0x0
[ 1806.390166][    C1] CPU: 1 UID: 0 PID: 18446 Comm: syz.4.3404 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1806.390209][    C1] Tainted: [L]=SOFTLOCKUP
[ 1806.390215][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1806.390226][    C1] RIP: 0010:smp_call_function_many_cond+0xe7c/0x1250
[ 1806.390247][    C1] Code: 89 ee 83 e6 01 31 ff e8 22 9c 0b 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 5d 97 0b 00 eb 38 f3 90 42 0f b6 04 2b <84> c0 75 11 41 f7 04 24 01 00 00 00 74 1e e8 41 97 0b 00 eb e4 44
[ 1806.390262][    C1] RSP: 0018:ffffc900052bf9e0 EFLAGS: 00000246
[ 1806.390275][    C1] RAX: 0000000000000000 RBX: 1ffff11017108b21 RCX: 0000000000080000
[ 1806.390286][    C1] RDX: ffffc900145fa000 RSI: 000000000007ffff RDI: 0000000000080000
[ 1806.390297][    C1] RBP: ffffc900052bfb20 R08: 0000000000000000 R09: 0000000000000000
[ 1806.390308][    C1] R10: dffffc0000000000 R11: fffffbfff1db668f R12: ffff8880b8845908
[ 1806.390320][    C1] R13: dffffc0000000000 R14: ffff8880b893c8c0 R15: 0000000000000000
[ 1806.390332][    C1] FS:  00007f3c806466c0(0000) GS:ffff888126def000(0000) knlGS:0000000000000000
[ 1806.390346][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1806.390357][    C1] CR2: 00007f3c8262b1d0 CR3: 0000000032816000 CR4: 00000000003526f0
[ 1806.390372][    C1] Call Trace:
[ 1806.390383][    C1]  <TASK>
[ 1806.390397][    C1]  ? __pfx_do_sync_core+0x10/0x10
[ 1806.390425][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 1806.390444][    C1]  ? __schedule+0x3a0d/0x5070
[ 1806.390465][    C1]  ? __pfx___text_poke+0x10/0x10
[ 1806.390488][    C1]  ? __pfx_do_sync_core+0x10/0x10
[ 1806.390507][    C1]  on_each_cpu_cond_mask+0x3f/0x80
[ 1806.390528][    C1]  smp_text_poke_batch_finish+0x5f9/0x1130
[ 1806.390549][    C1]  ? lock_acquire+0x107/0x340
[ 1806.390575][    C1]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[ 1806.390598][    C1]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1806.390615][    C1]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1806.390629][    C1]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1806.390645][    C1]  ? arch_jump_label_transform_apply+0x17/0x30
[ 1806.390664][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[ 1806.390679][    C1]  static_key_enable_cpuslocked+0x128/0x240
[ 1806.390700][    C1]  static_key_enable+0x1a/0x20
[ 1806.390716][    C1]  sched_core_get+0xaf/0x170
[ 1806.390734][    C1]  sched_core_alloc_cookie+0x71/0xa0
[ 1806.390749][    C1]  ? sched_core_share_pid+0xd1/0x7b0
[ 1806.390764][    C1]  sched_core_share_pid+0x312/0x7b0
[ 1806.390784][    C1]  ? cap_task_prctl+0x1de/0xaa0
[ 1806.390806][    C1]  ? __pfx_sched_core_share_pid+0x10/0x10
[ 1806.390835][    C1]  ? static_key_count+0x41/0x70
[ 1806.390850][    C1]  ? security_task_prctl+0x163/0x190
[ 1806.390871][    C1]  __se_sys_prctl+0x223/0x1830
[ 1806.390896][    C1]  ? __pfx___se_sys_prctl+0x10/0x10
[ 1806.390922][    C1]  ? __x64_sys_prctl+0x20/0xc0
[ 1806.390945][    C1]  do_syscall_64+0xec/0xf80
[ 1806.390961][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1806.390976][    C1]  ? trace_irq_disable+0x37/0x100
[ 1806.390992][    C1]  ? clear_bhb_loop+0x60/0xb0
[ 1806.391010][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1806.391025][    C1] RIP: 0033:0x7f3c823df749
[ 1806.391041][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1806.391055][    C1] RSP: 002b:00007f3c80646038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[ 1806.391071][    C1] RAX: ffffffffffffffda RBX: 00007f3c82635fa0 RCX: 00007f3c823df749
[ 1806.391083][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000003e
[ 1806.391092][    C1] RBP: 00007f3c82463f91 R08: 0000000000000000 R09: 0000000000000000
[ 1806.391102][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 1806.391112][    C1] R13: 00007f3c82636038 R14: 00007f3c82635fa0 R15: 00007ffeebb9bd78
[ 1806.391138][    C1]  </TASK>
[ 1806.391145][    C1] Sending NMI from CPU 1 to CPUs 0:
[ 1806.391174][    C0] NMI backtrace for cpu 0
[ 1806.391189][    C0] CPU: 0 UID: 0 PID: 17391 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1806.391213][    C0] Tainted: [L]=SOFTLOCKUP
[ 1806.391220][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1806.391230][    C0] RIP: 0010:_find_first_zero_bit+0x62/0xb0
[ 1806.391251][    C0] Code: 49 8b 06 48 83 f8 ff 74 2b 45 31 ed 48 f7 d0 f3 48 0f bc c0 4c 01 e8 48 39 d8 48 0f 43 c3 eb 05 31 db 48 89 d8 5b 41 5c 41 5d <41> 5e 41 5f e9 15 ee 58 06 cc 49 83 c6 08 45 31 ed 4d 89 f7 eb 11
[ 1806.391266][    C0] RSP: 0018:ffffc9000516f950 EFLAGS: 00000046
[ 1806.391280][    C0] RAX: 0000000000000002 RBX: ffff888038e14bd0 RCX: 1ffff110032e467c
[ 1806.391293][    C0] RDX: 0000000000000002 RSI: 0000000000000002 RDI: ffff888038e14bd0
[ 1806.391305][    C0] RBP: 0000000080000000 R08: 0000000000000000 R09: 0000000000000000
[ 1806.391316][    C0] R10: dffffc0000000000 R11: ffffed10071c294b R12: dffffc0000000000
[ 1806.391330][    C0] R13: 1ffffffff1a03099 R14: ffff888038e14bd0 R15: 0000000000000002
[ 1806.391343][    C0] FS:  000055555f0ba500(0000) GS:ffff888126cef000(0000) knlGS:0000000000000000
[ 1806.391358][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1806.391370][    C0] CR2: 0000001b2f521ff8 CR3: 0000000026ad8000 CR4: 00000000003526f0
[ 1806.391386][    C0] Call Trace:
[ 1806.391393][    C0]  <TASK>
[ 1806.391401][    C0]  mm_get_cid+0xc7/0x130
[ 1806.391445][    C0]  __schedule+0x212a/0x5070
[ 1806.391497][    C0]  ? __lock_acquire+0x6b6/0x2cf0
[ 1806.391555][    C0]  ? do_raw_spin_unlock+0x122/0x240
[ 1806.391607][    C0]  ? __pfx___schedule+0x10/0x10
[ 1806.391670][    C0]  ? schedule+0x91/0x360
[ 1806.391724][    C0]  schedule+0x165/0x360
[ 1806.391776][    C0]  do_nanosleep+0x20f/0x650
[ 1806.391827][    C0]  ? do_nanosleep+0x8a/0x650
[ 1806.391852][    C0]  ? __pfx_do_nanosleep+0x10/0x10
[ 1806.391876][    C0]  ? __hrtimer_setup+0x184/0x200
[ 1806.391892][    C0]  ? __pfx_hrtimer_wakeup+0x10/0x10
[ 1806.391912][    C0]  hrtimer_nanosleep+0x1f7/0x410
[ 1806.391931][    C0]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[ 1806.391950][    C0]  ? __pfx_hrtimer_wakeup+0x10/0x10
[ 1806.391975][    C0]  ? __pfx_get_timespec64+0x10/0x10
[ 1806.392003][    C0]  __se_sys_clock_nanosleep+0x339/0x390
[ 1806.392024][    C0]  ? __pfx___se_sys_clock_nanosleep+0x10/0x10
[ 1806.392047][    C0]  do_syscall_64+0xec/0xf80
[ 1806.392063][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1806.392079][    C0]  ? trace_irq_disable+0x37/0x100
[ 1806.392096][    C0]  ? clear_bhb_loop+0x60/0xb0
[ 1806.392115][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1806.392131][    C0] RIP: 0033:0x7ffaf2272005
[ 1806.392144][    C0] Code: Unable to access opcode bytes at 0x7ffaf2271fdb.
[ 1806.392153][    C0] RSP: 002b:00007fff1fc7ef30 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 1806.392171][    C0] RAX: ffffffffffffffda RBX: 000000000000004a RCX: 00007ffaf2272005
[ 1806.392184][    C0] RDX: 00007fff1fc7ef70 RSI: 0000000000000000 RDI: 0000000000000000
[ 1806.392195][    C0] RBP: 00007fff1fc7efdc R08: 0000000000000000 R09: 0000000000000000
[ 1806.392206][    C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000001388
[ 1806.392217][    C0] R13: 00000000000927c0 R14: 000000000017b180 R15: 00007fff1fc7f030
[ 1806.392239][    C0]  </TASK>
[ 1806.393175][    C1] Kernel panic - not syncing: softlockup: hung tasks
[ 1806.393191][    C1] CPU: 1 UID: 0 PID: 18446 Comm: syz.4.3404 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1806.393219][    C1] Tainted: [L]=SOFTLOCKUP
[ 1806.393225][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1806.393234][    C1] Call Trace:
[ 1806.393241][    C1]  <IRQ>
[ 1806.393247][    C1]  vpanic+0x1e0/0x670
[ 1806.393271][    C1]  panic+0xb9/0xc0
[ 1806.393290][    C1]  ? __pfx_panic+0x10/0x10
[ 1806.393308][    C1]  ? printk_trigger_flush+0x111/0x170
[ 1806.393338][    C1]  watchdog_timer_fn+0x75f/0x760
[ 1806.393360][    C1]  ? __pfx_watchdog_timer_fn+0x10/0x10
[ 1806.393378][    C1]  __hrtimer_run_queues+0x4f6/0xd00
[ 1806.393408][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1806.393422][    C1]  ? read_tsc+0x9/0x20
[ 1806.393443][    C1]  hrtimer_interrupt+0x45d/0xa90
[ 1806.393479][    C1]  __sysvec_apic_timer_interrupt+0x102/0x3e0
[ 1806.393501][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[ 1806.393523][    C1]  </IRQ>
[ 1806.393529][    C1]  <TASK>
[ 1806.393535][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1806.393551][    C1] RIP: 0010:smp_call_function_many_cond+0xe7c/0x1250
[ 1806.393571][    C1] Code: 89 ee 83 e6 01 31 ff e8 22 9c 0b 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 5d 97 0b 00 eb 38 f3 90 42 0f b6 04 2b <84> c0 75 11 41 f7 04 24 01 00 00 00 74 1e e8 41 97 0b 00 eb e4 44
[ 1806.393584][    C1] RSP: 0018:ffffc900052bf9e0 EFLAGS: 00000246
[ 1806.393597][    C1] RAX: 0000000000000000 RBX: 1ffff11017108b21 RCX: 0000000000080000
[ 1806.393608][    C1] RDX: ffffc900145fa000 RSI: 000000000007ffff RDI: 0000000000080000
[ 1806.393619][    C1] RBP: ffffc900052bfb20 R08: 0000000000000000 R09: 0000000000000000
[ 1806.393630][    C1] R10: dffffc0000000000 R11: fffffbfff1db668f R12: ffff8880b8845908
[ 1806.393643][    C1] R13: dffffc0000000000 R14: ffff8880b893c8c0 R15: 0000000000000000
[ 1806.393672][    C1]  ? __pfx_do_sync_core+0x10/0x10
[ 1806.393704][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 1806.393724][    C1]  ? __schedule+0x3a0d/0x5070
[ 1806.393745][    C1]  ? __pfx___text_poke+0x10/0x10
[ 1806.393767][    C1]  ? __pfx_do_sync_core+0x10/0x10
[ 1806.393787][    C1]  on_each_cpu_cond_mask+0x3f/0x80
[ 1806.393807][    C1]  smp_text_poke_batch_finish+0x5f9/0x1130
[ 1806.393827][    C1]  ? lock_acquire+0x107/0x340
[ 1806.393853][    C1]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[ 1806.393875][    C1]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1806.393891][    C1]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1806.393905][    C1]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1806.393922][    C1]  ? arch_jump_label_transform_apply+0x17/0x30
[ 1806.393940][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[ 1806.393955][    C1]  static_key_enable_cpuslocked+0x128/0x240
[ 1806.393975][    C1]  static_key_enable+0x1a/0x20
[ 1806.393991][    C1]  sched_core_get+0xaf/0x170
[ 1806.394008][    C1]  sched_core_alloc_cookie+0x71/0xa0
[ 1806.394023][    C1]  ? sched_core_share_pid+0xd1/0x7b0
[ 1806.394037][    C1]  sched_core_share_pid+0x312/0x7b0
[ 1806.394057][    C1]  ? cap_task_prctl+0x1de/0xaa0
[ 1806.394078][    C1]  ? __pfx_sched_core_share_pid+0x10/0x10
[ 1806.394094][    C1]  ? static_key_count+0x41/0x70
[ 1806.394109][    C1]  ? security_task_prctl+0x163/0x190
[ 1806.394129][    C1]  __se_sys_prctl+0x223/0x1830
[ 1806.394153][    C1]  ? __pfx___se_sys_prctl+0x10/0x10
[ 1806.394179][    C1]  ? __x64_sys_prctl+0x20/0xc0
[ 1806.394212][    C1]  do_syscall_64+0xec/0xf80
[ 1806.394227][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1806.394241][    C1]  ? trace_irq_disable+0x37/0x100
[ 1806.394257][    C1]  ? clear_bhb_loop+0x60/0xb0
[ 1806.394275][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1806.394290][    C1] RIP: 0033:0x7f3c823df749
[ 1806.394302][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1806.394316][    C1] RSP: 002b:00007f3c80646038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[ 1806.394331][    C1] RAX: ffffffffffffffda RBX: 00007f3c82635fa0 RCX: 00007f3c823df749
[ 1806.394343][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000003e
[ 1806.394353][    C1] RBP: 00007f3c82463f91 R08: 0000000000000000 R09: 0000000000000000
[ 1806.394364][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 1806.394373][    C1] R13: 00007f3c82636038 R14: 00007f3c82635fa0 R15: 00007ffeebb9bd78
[ 1806.394399][    C1]  </TASK>
[ 1807.503243][    C1] Shutting down cpus with NMI
[ 1807.503661][    C1] Kernel Offset: disabled