last executing test programs:

11m29.943673196s ago: executing program 4 (id=2193):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xdef0, 0x8000000000000000}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000500)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r4 = syz_open_dev$sndpcmc(0x0, 0x1, 0x20080)
ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r4, 0xc0884123, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x30, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_TX_RATES={0x14, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x10, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_HE_LTF={0x5}]}]}]}, 0x30}}, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c)
getpeername$unix(r2, &(0x7f0000000300)=@abs, &(0x7f00000003c0)=0x6e)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0xe, 0x5, &(0x7f0000000780)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x79, 0x11, 0xb0}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @ldst={0x0, 0x0, 0x3, 0x6, 0x2, 0xffffffffffffffff, 0xffffffffffffffff}], {0x95, 0x0, 0x5a5}}, &(0x7f00000000c0)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = socket$qrtr(0x2a, 0x2, 0x0)
sendmsg$sock(r8, &(0x7f0000001540)={0x0, 0x0, 0x0}, 0x0)

11m28.675738604s ago: executing program 4 (id=2194):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_udplite(0x2, 0x2, 0x88)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000b8e9850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='task_rename\x00', r2}, 0x10)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='comm\x00')
write$P9_RREADDIR(r3, 0x0, 0x0)
sendmsg$IPSET_CMD_SAVE(0xffffffffffffffff, 0x0, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, 0x0, 0x2)
mount$fuse(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0xa6d214, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0x1)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
ioctl$TIOCSSOFTCAR(r4, 0x541a, &(0x7f00000000c0)=0xd)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b00"/11], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000009800000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r7 = openat$uhid(0xffffffffffffff9c, 0x0, 0x802, 0x0)
write$UHID_CREATE2(r7, &(0x7f0000000240)={0xb, {'syz0\x00', 'syz1\x00', 'syz0\x00', 0xab, 0x81, 0x0, 0x6, 0xebef, 0x7, "18da3e1aa7a1f222905909a01eb612bf580a6951a73ee98c8ef1546bea1bf0031d6e4b686f441922d76813542f1ceb04ccabc408e022efbd5d0f15056250bae1b0aa7ebfe1e3a31d5b9260d3368fec4ae0a173e89b845cdebc388e99c0f446081f40517b31c5bf8f4da7af9c060364dbd7097e782f8d09392039d8dbf19ea7eb0fcb41eac7896ea78f4262c097fcb5f3e50fd580cf46e16657b782b513d455b24565bea08c5c193aa5375d"}}, 0x1c3)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

11m24.325123437s ago: executing program 4 (id=2201):
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000004c0)="2b0d911f56551ad9ff000000000000", 0xf}, {&(0x7f0000001240)="1eac4d20f8509e2139d2842c8faedef008bcac1025cbc63d2bfe0c7bbe51c5bf73985d5106bf5b5e7e5761716e35b468ea79633c916c4a8026f9408d056b8977df67c0e6fd0b1b3da5de5d003382ac95eade5dadad870ce3749452d2c1c3651ffff244be3078fdbfeb97d093bba60131e733d91c4ad38e7b52aa7afa9cb8e2351bd3f8a7a2a0425b071f6790992b8c2a51d944b0161c5c97fcdc19c2ef7c66ccc23c77a28a34b216c429444343ea056f171399dc03d56a1131ba74d31fc1012d3deff0e43309fc9e3b88bec90a7680aa74ccd581e02eb436a0009fa62097513d0c9533256d81978fae39288edcb833739d2988ccf5a564bc00edd1ab0853b873cbab3ef227f11325d72dbe2f435351610d01d0f74e180df6eaa94651336e7713414e499586edd5693e587a186fcb68a973e823e61a072aaa4fb9e3a03ff4c17c9e343684255efba0d1b149b22c2d81f1ac5eaccaab01ab108178e97eb8a45d5d6cdeca0d6b9af9f88cfee58935be6902ac7c6915d60548367d164990b142d472b9b5700191b10f78fb36bcde646385dcf5cb7adf1ec70baef4061d2da93d2f5eefae1081374d58ab54532755c1b8bf303584296145e9aad2e3ccef93f30da9c102db5cfe346baba2fd3f157cb6e825e607365ff8c6187e216dc4072e582874ce63166405e21644015f99d5713165a377bfdc3143928e8469b4e312ce1f9dff83fe7c8d9fca791af2b46f1650e3937c9ab589d5f93fb578503aa64042c66571649844d93257489c1b658140e4c194c329a1a2c0117d123a45b213a118dd608bd6bdb2e0a6782f785321ff48eac4158ad9efb3737a6cfbb21d0dba732558493aa09dfa7fa41b4922e4e205a4792c9694661a18eff0d932d824f6987aa3dafa7ddc9b0acd70d43263c78dde88b7c665abbeec1cf1016ddc321f713cc3c149eeda6443b5b278eb3a05b08d510650b055d3193c4d5bbe084431cc40a626e81827d8bf2379435ada42a99569b35faa3af53f90f4dcf7a7d1c2e6fe4d7739b135981d40ba00de019909748640d554a159e552c6a7a7c77b213fad40dd785cc4ee983266b3377fbc7845a44992f82656b8240c169697599074348a4bac29423612e4c0ba89a66d08033b54b4d8f8704ab9470fe6316dc6ba610b7f3c1b0428607b13d2cfbed5c82d9214a1e97edaa27ed011d42800467fd54cddec7841f2aa513e7c8956842ea69b6b80208a4acbe9b678a9ab48a26df1cebd283f0d8e2956d8e8a4aad5b563ae75ddaf9b167d70b0e96f42a4f1c5bef1e777fedcb380707fc7ac87e249f322a01660687c04d1bbeeefeecadf86c3ef805d79964a862877cfbff40eb340f7065bc759013cbdcb25305ba6812a853b8d8e1960227826acb24311ed0e67f84565dd8858ca3be23409569e15ba75120c35dffdc8a4b7688d5d02fedf88434274b828fec979ea029405cd1e7cadc867ebdc98c4a523178715828c1a6361e60ff1f2968efc20d6888ac2a6f81e37cbc7f1e89f3421825cc278df26c8722e1672fc9672a8d0a60dded6f0765ac61f8a91acf0195abc177e56cc91a9c11ccf95d2a58de5494e66cfa1e758438ee4bb163ee059", 0x472}], 0x2}, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000440), 0x8, 0x2)
ioctl$vim2m_VIDIOC_EXPBUF(r5, 0xc0405668, &(0x7f00000004c0)={0x3, 0x2, 0x2})
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x59, 0x0, 'syz1\x00', 0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r4, 0x40405515, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e07002d0c"], 0xa)

11m22.383910064s ago: executing program 4 (id=2206):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], 0x0, 0x8, 0xb4, &(0x7f0000000140)=""/180, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x119)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
socketpair(0x25, 0x1, 0x0, &(0x7f0000000000))
setsockopt$inet6_int(r4, 0x29, 0x31, 0x0, 0x0)
bind$inet6(r4, &(0x7f0000f65000)={0xa, 0x4e21, 0x0, @loopback}, 0x1c)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000008c0)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073797a3100000000080041007369770014003300626f6e6430000000000000000000000022de0d40bc5baed08d57a2aa0bdce3"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
sendto$inet6(r4, 0x0, 0x0, 0x20000002, 0x0, 0x0)
ioctl$KVM_CAP_MAX_VCPU_ID(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000040)={0x80, 0x0, 0x8000000000000001})
ioctl$BTRFS_IOC_SCRUB(r3, 0xc400941b, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=@mpls_getnetconf={0x1c, 0x52, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@NETCONFA_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x100}, 0x20000800)

11m21.188076352s ago: executing program 4 (id=2209):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x70, 0x30, 0x9, 0x0, 0x0, {}, [{0x5c, 0x1, [@m_skbedit={0x58, 0x1, 0x0, 0x0, {{0xc}, {0x48, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x8}, @TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_PTYPE={0x6, 0xa}]}, {0x4}, {0xc, 0xa}, {0xc, 0x9, {0x3b}}}}]}]}, 0x70}}, 0x0)

11m17.581484676s ago: executing program 4 (id=2218):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCL_SELLOADLUT(0xffffffffffffffff, 0x541c, &(0x7f0000000080)={0x5, 0x7fff, 0x9, 0x8, 0xffffffffffffff81})
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}, [@printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000080)={'ipvlan0\x00', &(0x7f0000000000)=@ethtool_cmd={0x43, 0x6, 0x542e, 0x9, 0x8, 0x9, 0x0, 0xf1, 0x2, 0x31, 0xfffffabe, 0x2, 0x6, 0xfe, 0xdd, 0xfffffffe, [0x3, 0x7]}})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x14)

11m2.12323524s ago: executing program 32 (id=2218):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCL_SELLOADLUT(0xffffffffffffffff, 0x541c, &(0x7f0000000080)={0x5, 0x7fff, 0x9, 0x8, 0xffffffffffffff81})
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}, [@printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000080)={'ipvlan0\x00', &(0x7f0000000000)=@ethtool_cmd={0x43, 0x6, 0x542e, 0x9, 0x8, 0x9, 0x0, 0xf1, 0x2, 0x31, 0xfffffabe, 0x2, 0x6, 0xfe, 0xdd, 0xfffffffe, [0x3, 0x7]}})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x14)

14.222413108s ago: executing program 5 (id=4281):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040), 0x10)
r2 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080), 0x10)
sendmmsg(r2, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
close_range(r0, 0xffffffffffffffff, 0x0)

13.552855058s ago: executing program 5 (id=4285):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000003e00)={0x0, 0x0, 0x0}, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = fsopen(&(0x7f00000000c0)='gadgetfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x6, 0x0, 0x0, 0x0)

9.381342792s ago: executing program 5 (id=4294):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r0, 0x408c5333, &(0x7f0000000040)={0x10001, 0x7, 0x0, 'queue0\x00', 0x100000})

9.104794672s ago: executing program 5 (id=4297):
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000004c0)="2b0d911f56551ad9", 0x8}, {&(0x7f0000001240)="1eac4d20f8509e2139d2842c8faedef008bcac1025cbc63d2bfe0c7bbe51c5bf73985d5106bf5b5e7e5761716e35b468ea79633c916c4a8026f9408d056b8977df67c0e6fd0b1b3da5de5d003382ac95eade5dadad870ce3749452d2c1c3651ffff244be3078fdbfeb97d093bba60131e733d91c4ad38e7b52aa7afa9cb8e2351bd3f8a7a2a0425b071f6790992b8c2a51d944b0161c5c97fcdc19c2ef7c66ccc23c77a28a34b216c429444343ea056f171399dc03d56a1131ba74d31fc1012d3deff0e43309fc9e3b88bec90a7680aa74ccd581e02eb436a0009fa62097513d0c9533256d81978fae39288edcb833739d2988ccf5a564bc00edd1ab0853b873cbab3ef227f11325d72dbe2f435351610d01d0f74e180df6eaa94651336e7713414e499586edd5693e587a186fcb68a973e823e61a072aaa4fb9e3a03ff4c17c9e343684255efba0d1b149b22c2d81f1ac5eaccaab01ab108178e97eb8a45d5d6cdeca0d6b9af9f88cfee58935be6902ac7c6915d60548367d164990b142d472b9b5700191b10f78fb36bcde646385dcf5cb7adf1ec70baef4061d2da93d2f5eefae1081374d58ab54532755c1b8bf303584296145e9aad2e3ccef93f30da9c102db5cfe346baba2fd3f157cb6e825e607365ff8c6187e216dc4072e582874ce63166405e21644015f99d5713165a377bfdc3143928e8469b4e312ce1f9dff83fe7c8d9fca791af2b46f1650e3937c9ab589d5f93fb578503aa64042c66571649844d93257489c1b658140e4c194c329a1a2c0117d123a45b213a118dd608bd6bdb2e0a6782f785321ff48eac4158ad9efb3737a6cfbb21d0dba732558493aa09dfa7fa41b4922e4e205a4792c9694661a18eff0d932d824f6987aa3dafa7ddc9b0acd70d43263c78dde88b7c665abbeec1cf1016ddc321f713cc3c149eeda6443b5b278eb3a05b08d510650b055d3193c4d5bbe084431cc40a626e81827d8bf2379435ada42a99569b35faa3af53f90f4dcf7a7d1c2e6fe4d7739b135981d40ba00de019909748640d554a159e552c6a7a7c77b213fad40dd785cc4ee983266b3377fbc7845a44992f82656b8240c169697599074348a4bac29423612e4c0ba89a66d08033b54b4d8f8704ab9470fe6316dc6ba610b7f3c1b0428607b13d2cfbed5c82d9214a1e97edaa27ed011d42800467fd54cddec7841f2aa513e7c8956842ea69b6b80208a4acbe9b678a9ab48a26df1cebd283f0d8e2956d8e8a4aad5b563ae75ddaf9b167d70b0e96f42a4f1c5bef1e777fedcb380707fc7ac87e249f322a01660687c04d1bbeeefeecadf86c3ef805d79964a862877cfbff40eb340f7065bc759013cbdcb25305ba6812a853b8d8e1960227826acb24311ed0e67f84565dd8858ca3be23409569e15ba75120c35dffdc8a4b7688d5d02fedf88434274b828fec979ea029405cd1e7cadc867ebdc98c4a523178715828c1a6361e60ff1f2968efc20d6888ac2a6f81e37cbc7f1e89f3421825cc278df26c8722e1672fc9672a8d0a60dded6f0765ac61f8a91acf0195abc177e56cc91a9c11ccf95d2a58de5494e66cfa1e758438ee4bb163ee059", 0x472}], 0x2}, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40)
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000440), 0x8, 0x2)
ioctl$vim2m_VIDIOC_EXPBUF(r5, 0xc0405668, &(0x7f00000004c0)={0x3, 0x2, 0x2})
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x59, 0x0, 'syz1\x00', 0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r4, 0x40405515, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB], 0xa)

8.012234653s ago: executing program 5 (id=4302):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
setfsgid(0x0)
syz_open_dev$MSR(0x0, 0x9, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x2)

7.092546934s ago: executing program 2 (id=4305):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000a000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000080)={r2, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

5.392875805s ago: executing program 2 (id=4308):
syz_genetlink_get_family_id$ethtool(&(0x7f0000000a40), 0xffffffffffffffff)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, 0x0)
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, 0x0, 0x45, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x9)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000000200)='./file1\x00', 0xc000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r1, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000240)='./bus\x00', 0x0)
unlink(&(0x7f0000000280)='./file1\x00')
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r2, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400c000}, 0x2004c0a0)

5.312265856s ago: executing program 3 (id=4310):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000040)={0x3, r5, 0x80000001, 0xfa80, 0xb, 0x1fd, 0x1})
socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x670, 0x2e0, 0xd0, 0x2e0, 0xd0, 0xd0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x11}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@connmark={{0x30}}, @common=@inet=@socket1={{0x28}}]}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0x120, 0x148, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}}]}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0x138, 0x178, 0x0, {}, [@common=@dst={{0x48}}, @common=@dst={{0x48}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6d0)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r9 = syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES16=r9, @ANYRES8=r7], 0x2c}, 0x1, 0x40030000000000}, 0x0)
r10 = dup(r8)
write$6lowpan_enable(r10, 0x0, 0x0)
r11 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x17, 0xf, &(0x7f0000000780)=ANY=[@ANYBLOB, @ANYRES32=r11, @ANYBLOB="0000000000000000b702000014000000b703000000000000850000000f000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200000000000085000000ba000000b7000000000000009500000000000000"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

4.205685286s ago: executing program 3 (id=4313):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x9, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000ba000000270000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYBLOB="070000000000000007000000ffffffff"])

4.135804416s ago: executing program 5 (id=4315):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x88}, 0x0)
mkdir(0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000003c0)={0x0})
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r3 = openat$dsp(0xffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SOUND_MIXER_WRITE_RECSRC(r3, 0xc0044dff, &(0x7f00000000c0)=0x33)

4.041488717s ago: executing program 0 (id=4316):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c00000008001240000000000500050002000000050004000000000010000300686173683a69702c6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000000306010200000000000000000a0000010500010007000000090002007379"], 0x28}, 0x1, 0x0, 0x0, 0x4004810}, 0x840)
r6 = open(0x0, 0x0, 0x0)
mkdirat(r6, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r7 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
mkdirat(r7, &(0x7f0000000440)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', 0x0)
flock(0xffffffffffffffff, 0x5)
r8 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
renameat2(r8, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', r8, &(0x7f00000002c0)='./file0\x00', 0x0)
r9 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r6, 0x1)
renameat2(r9, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', r9, &(0x7f00000002c0)='./file0\x00', 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bc0900000000000035090100000000009500000000000000b7020000000000007b9af8ff00000000b5090b00000000007baaf0ff00000000bf8700000000000007080000fffdffffbca4000000000000a7040000f0ffffff740200001d00000018290000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000cf4900000000000056080000000000008500000000000000b7000000000800009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$TUNSETQUEUE(r0, 0x400454d9, 0x0)

3.909216057s ago: executing program 1 (id=4317):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0041}, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x20000800)

3.909003287s ago: executing program 3 (id=4318):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x4, 0x1, 0x301, 0x0, 0x0, {0x0, 0x0, 0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4884)
r1 = syz_io_uring_setup(0x4169, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000480), &(0x7f0000000040)=<r2=>0x0)
syz_io_uring_setup(0xa94, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x2, 0x0, 0x0, r1}, &(0x7f0000000340)=<r3=>0x0, &(0x7f00000005c0))
syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r1, 0x48e9, 0x0, 0x0, 0x0, 0x0)

3.706846737s ago: executing program 1 (id=4319):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYBLOB="05000104"], 0x9)

3.689523157s ago: executing program 3 (id=4320):
mkdir(&(0x7f0000002880)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000e280)={0x2020, 0x0, <r1=>0x0}, 0x2020)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
write$proc_mixer(0xffffffffffffffff, &(0x7f0000000280)=ANY=[], 0xf8)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x7, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={r3, &(0x7f0000000040), 0x0}, 0x20)
syz_fuse_handle_req(r0, &(0x7f000000c280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a", 0x2000, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}}}, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000380)={0x50, 0x0, r1, {0x7, 0x27, 0x0, 0x1001a}}, 0x50)
syz_fuse_handle_req(r0, 0x0, 0x0, 0x0)
rename(&(0x7f0000000100)='./file0/../file0/file0\x00', &(0x7f0000000140)='./file0/../file0/file0\x00')
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
umount2(&(0x7f0000000240)='./file0/../file0/../file0\x00', 0x3)

2.709158718s ago: executing program 2 (id=4321):
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, &(0x7f00000000c0)={0x14, 0x0, 0x0}, 0x0)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
memfd_create(0x0, 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$ax25(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x2, 0x0, 0x3, 0x0)
connect$qrtr(r0, &(0x7f0000000040), 0xc)

2.686018868s ago: executing program 0 (id=4322):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
r1 = socket(0x28, 0x5, 0x0)
listen(r1, 0x0)
r2 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r2, &(0x7f0000000080), 0x10)
sendmmsg(r2, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
close_range(r0, 0xffffffffffffffff, 0x0)

2.661053608s ago: executing program 1 (id=4323):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000040)={0x3, r5, 0x80000001, 0xfa80, 0xb, 0x1fd, 0x1})
socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x670, 0x2e0, 0xd0, 0x2e0, 0xd0, 0xd0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x11}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@connmark={{0x30}}, @common=@inet=@socket1={{0x28}}]}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0x120, 0x148, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}}]}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0x138, 0x178, 0x0, {}, [@common=@dst={{0x48}}, @common=@dst={{0x48}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6d0)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r9 = syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES16=r9, @ANYRES8=r7], 0x2c}, 0x1, 0x40030000000000}, 0x0)
r10 = dup(r8)
write$6lowpan_enable(r10, 0x0, 0x0)
r11 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x17, 0xf, &(0x7f0000000780)=ANY=[@ANYBLOB, @ANYRES32=r11, @ANYBLOB="0000000000000000b702000014000000b703000000000000850000000f000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200000000000085000000ba000000b7000000000000009500000000000000"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2.411920848s ago: executing program 0 (id=4324):
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000004c0)="2b0d911f56551ad9", 0x8}, {&(0x7f0000001240)="1eac4d20f8509e2139d2842c8faedef008bcac1025cbc63d2bfe0c7bbe51c5bf73985d5106bf5b5e7e5761716e35b468ea79633c916c4a8026f9408d056b8977df67c0e6fd0b1b3da5de5d003382ac95eade5dadad870ce3749452d2c1c3651ffff244be3078fdbfeb97d093bba60131e733d91c4ad38e7b52aa7afa9cb8e2351bd3f8a7a2a0425b071f6790992b8c2a51d944b0161c5c97fcdc19c2ef7c66ccc23c77a28a34b216c429444343ea056f171399dc03d56a1131ba74d31fc1012d3deff0e43309fc9e3b88bec90a7680aa74ccd581e02eb436a0009fa62097513d0c9533256d81978fae39288edcb833739d2988ccf5a564bc00edd1ab0853b873cbab3ef227f11325d72dbe2f435351610d01d0f74e180df6eaa94651336e7713414e499586edd5693e587a186fcb68a973e823e61a072aaa4fb9e3a03ff4c17c9e343684255efba0d1b149b22c2d81f1ac5eaccaab01ab108178e97eb8a45d5d6cdeca0d6b9af9f88cfee58935be6902ac7c6915d60548367d164990b142d472b9b5700191b10f78fb36bcde646385dcf5cb7adf1ec70baef4061d2da93d2f5eefae1081374d58ab54532755c1b8bf303584296145e9aad2e3ccef93f30da9c102db5cfe346baba2fd3f157cb6e825e607365ff8c6187e216dc4072e582874ce63166405e21644015f99d5713165a377bfdc3143928e8469b4e312ce1f9dff83fe7c8d9fca791af2b46f1650e3937c9ab589d5f93fb578503aa64042c66571649844d93257489c1b658140e4c194c329a1a2c0117d123a45b213a118dd608bd6bdb2e0a6782f785321ff48eac4158ad9efb3737a6cfbb21d0dba732558493aa09dfa7fa41b4922e4e205a4792c9694661a18eff0d932d824f6987aa3dafa7ddc9b0acd70d43263c78dde88b7c665abbeec1cf1016ddc321f713cc3c149eeda6443b5b278eb3a05b08d510650b055d3193c4d5bbe084431cc40a626e81827d8bf2379435ada42a99569b35faa3af53f90f4dcf7a7d1c2e6fe4d7739b135981d40ba00de019909748640d554a159e552c6a7a7c77b213fad40dd785cc4ee983266b3377fbc7845a44992f82656b8240c169697599074348a4bac29423612e4c0ba89a66d08033b54b4d8f8704ab9470fe6316dc6ba610b7f3c1b0428607b13d2cfbed5c82d9214a1e97edaa27ed011d42800467fd54cddec7841f2aa513e7c8956842ea69b6b80208a4acbe9b678a9ab48a26df1cebd283f0d8e2956d8e8a4aad5b563ae75ddaf9b167d70b0e96f42a4f1c5bef1e777fedcb380707fc7ac87e249f322a01660687c04d1bbeeefeecadf86c3ef805d79964a862877cfbff40eb340f7065bc759013cbdcb25305ba6812a853b8d8e1960227826acb24311ed0e67f84565dd8858ca3be23409569e15ba75120c35dffdc8a4b7688d5d02fedf88434274b828fec979ea029405cd1e7cadc867ebdc98c4a523178715828c1a6361e60ff1f2968efc20d6888ac2a6f81e37cbc7f1e89f3421825cc278df26c8722e1672fc9672a8d0a60dded6f0765ac61f8a91acf0195abc177e56cc91a9c11ccf95d2a58de5494e66cfa1e758438ee4bb163ee059", 0x472}], 0x2}, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40)
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000440), 0x8, 0x2)
ioctl$vim2m_VIDIOC_EXPBUF(r5, 0xc0405668, &(0x7f00000004c0)={0x3, 0x2, 0x2})
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x59, 0x0, 'syz1\x00', 0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r4, 0x40405515, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]})
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e07"], 0xa)

1.659516209s ago: executing program 1 (id=4325):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x1, &(0x7f0000000100)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000001380))
getdents(r1, &(0x7f0000002000)=""/4096, 0x1000)
socket$inet_mptcp(0x2, 0x1, 0x106)

716.90324ms ago: executing program 0 (id=4326):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000006080)=@newtfilter={0x7c, 0x2c, 0xd27, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0xf000, 0x7}, {}, {0x7}}, [@filter_kind_options=@f_fw={{0x7}, {0x20, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0xa, 0xfff2}}, @TCA_FW_INDEV={0x14, 0x3, 'macvlan1\x00'}]}}, @filter_kind_options=@f_bpf={{0x8}, {0x28, 0x2, [@TCA_BPF_FLAGS={0x8}, @TCA_BPF_CLASSID={0x8, 0x3, {0xffe0, 0xb}}, @TCA_BPF_OPS={{0x6}, {0x4}}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x4}]}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x20008020}, 0x0)

669.451569ms ago: executing program 3 (id=4327):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r1, 0x65, 0x2, 0x0, 0x0)
r2 = socket(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x401, 0x8001, 0x10400}, 0xa5, 0x10, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000700)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000009c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r7, {}, {0x10, 0xa}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0xf, 0xe75}}]}}]}, 0x48}}, 0x400c804)
sendto(r0, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0)

521.88008ms ago: executing program 2 (id=4328):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x700, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="3800000055002f03020000000000000007000000", @ANYRES32=r2, @ANYBLOB="200001"], 0x38}}, 0x0)

473.62671ms ago: executing program 1 (id=4329):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0041}, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x20000800)

429.16427ms ago: executing program 0 (id=4330):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x17, 0x4, &(0x7f00000001c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0x9f5}, [@call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f0000000140)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

355.75218ms ago: executing program 2 (id=4331):
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20008005, 0x0, 0x0)
ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000002c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000240)='./file0/file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
lstat(&(0x7f0000000580)='./bus/file0\x00', &(0x7f00000004c0))

296.99953ms ago: executing program 0 (id=4332):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000010"])

237.09285ms ago: executing program 1 (id=4333):
r0 = userfaultfd(0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(0xffffffffffffffff, 0x40505331, &(0x7f00000002c0)={{0x1, 0x6}, {0x5, 0xfd}, 0x4, 0x0, 0x3})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x25, 0x8, @void}, 0x10)
r5 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r6 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2)
ftruncate(r6, 0xffff)
fcntl$addseals(r6, 0x409, 0x7)
r7 = ioctl$UDMABUF_CREATE(r5, 0x40187542, &(0x7f0000000140)={r6, 0x0, 0x0, 0x4000})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x13, r7, 0x0)
r8 = bpf$ITER_CREATE(0x21, &(0x7f00000000c0)={r4}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x2f)
socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r8, 0x40405514, &(0x7f0000000080)={0x1, 0x1, 0x0, 0x3, 'syz0\x00', 0x2a2f019b})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff7000/0x4000)=nil, 0x2000})

41.11564ms ago: executing program 3 (id=4334):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x7, 0x100008b}, 0x0)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000380)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="760a00000000f8ecc7162aeae37900009500000000000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x9, &(0x7f0000000180)={@ifindex, 0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000180)={{}, 'syz1\x00', 0x14})
ioctl$UI_SET_LEDBIT(r3, 0x40045569, 0x0)
ioctl$UI_DEV_SETUP(r3, 0x5501, 0x0)
modify_ldt$write(0x1, 0x0, 0x0)
modify_ldt$read(0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0xe)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r0, 0x20, &(0x7f0000000300)={0x0, 0x0, <r4=>0x0, &(0x7f0000000500)=""/175, 0xaf}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[], 0x114}], 0x1, 0x0, 0x0, 0x8010}, 0x4011)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="04040a0000000000005467920034db81e7ab"], 0xd)

0s ago: executing program 2 (id=4335):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r3}, 0x18)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r4, 0xc01c64a3, &(0x7f0000000040)={0x3, r6, 0x80000001, 0xfa80, 0xb, 0x1fd, 0x1})
socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x670, 0x2e0, 0xd0, 0x2e0, 0xd0, 0xd0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x11}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@connmark={{0x30}}, @common=@inet=@socket1={{0x28}}]}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0x120, 0x148, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}}]}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0x138, 0x178, 0x0, {}, [@common=@dst={{0x48}}, @common=@dst={{0x48}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6d0)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r9 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r10 = syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES16=r10, @ANYRES8=r8], 0x2c}, 0x1, 0x40030000000000}, 0x0)
r11 = dup(r9)
write$6lowpan_enable(r11, 0x0, 0x0)
r12 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x17, 0xf, &(0x7f0000000780)=ANY=[@ANYBLOB, @ANYRES32=r12, @ANYBLOB="0000000000000000b702000014000000b703000000000000850000000f000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200000000000085000000ba000000b7000000000000009500000000000000"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

kernel console output (not intermixed with test programs):

T14019] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  980.435368][T14052] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  980.893113][T14064] xt_CT: You must specify a L4 protocol and not use inversions on it
[  981.710023][T14073] siw: device registration error -23
[  985.449605][T14110] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  986.726267][T14120] xt_CT: You must specify a L4 protocol and not use inversions on it
[  990.497233][T14163] 9pnet_fd: Insufficient options for proto=fd
[  991.630330][T14174] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  991.742282][T14180] xt_CT: You must specify a L4 protocol and not use inversions on it
[  994.201599][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[  994.916892][T14212] fuse: Bad value for 'fd'
[  995.184969][T14217] 9pnet_fd: Insufficient options for proto=fd
[  996.997874][T14234] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  997.019409][T14221] ALSA: mixer_oss: invalid OSS volume ''
[  997.122948][T14240] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  998.817111][T14252] program syz.3.2680 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  998.827036][T14251] overlayfs: missing 'lowerdir'
[  999.063426][T14257] fuse: Bad value for 'fd'
[  999.527975][T14265] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1000.960995][T14276] 9pnet_fd: Insufficient options for proto=fd
[ 1001.973829][T14284] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2690'.
[ 1002.056509][T14283] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1002.801727][T14293] overlayfs: missing 'lowerdir'
[ 1002.826252][T14295] fuse: Bad value for 'fd'
[ 1005.309891][T14308] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1006.779348][T14319] 9pnet_fd: Insufficient options for proto=fd
[ 1007.909814][T14334] sp0: Synchronizing with TNC
[ 1008.073182][T14335] Invalid ELF header type: 0 != 1
[ 1008.708114][T14326] [U] �
[ 1008.953559][T14341] overlayfs: missing 'lowerdir'
[ 1008.974840][T14339] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1012.341530][T14376] 9pnet_fd: Insufficient options for proto=fd
[ 1013.459077][T14390] sp0: Synchronizing with TNC
[ 1013.625966][T14391] Invalid ELF header type: 0 != 1
[ 1014.252992][T14382] [U] �
[ 1014.995292][T14400] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1017.075209][T14420] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1019.084303][T14436] 9pnet_fd: Insufficient options for proto=fd
[ 1020.016580][ T4263] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[ 1020.025421][ T4263] Bluetooth: hci5: Injecting HCI hardware error event
[ 1020.034053][ T4264] Bluetooth: hci5: hardware error 0x00
[ 1020.122058][T14438] netlink: 'syz.3.2727': attribute type 1 has an invalid length.
[ 1021.196028][T14450] sp0: Synchronizing with TNC
[ 1021.260655][T14429] Invalid ELF header type: 0 != 1
[ 1021.465320][T14428] [U] �
[ 1021.801397][T14453] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1022.274224][ T4264] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[ 1022.610993][T14461] overlayfs: missing 'lowerdir'
[ 1023.087721][ T8372] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1024.431872][T14480] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1025.020762][T14485] 9pnet_fd: Insufficient options for proto=fd
[ 1025.702817][ T8372] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1025.944537][ T4265] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1025.955245][ T4265] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1026.006076][ T8372] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1026.047296][ T4263] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1026.055539][ T4263] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1026.063850][ T4263] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1026.071415][ T4263] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1026.153647][T14499] overlayfs: missing 'lowerdir'
[ 1026.283033][ T8372] team0: Port device netdevsim0 removed
[ 1026.343582][ T8372] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1026.709635][T14509] Invalid ELF header type: 0 != 1
[ 1026.861248][T14506] sp0: Synchronizing with TNC
[ 1026.890310][T14490] lo speed is unknown, defaulting to 1000
[ 1027.092551][T14501] [U] �
[ 1028.152986][ T4263] Bluetooth: hci1: command 0x0409 tx timeout
[ 1028.191165][T14490] lo speed is unknown, defaulting to 1000
[ 1029.506163][T14534] 9pnet_fd: Insufficient options for proto=fd
[ 1030.194104][ T4263] Bluetooth: hci1: command 0x041b tx timeout
[ 1030.961820][T14542] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1030.985662][T14542] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1030.988684][T14490] chnl_net:caif_netlink_parms(): no params data found
[ 1031.197740][T14551] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1032.275488][ T4264] Bluetooth: hci1: command 0x040f tx timeout
[ 1032.299510][T14558] sp0: Synchronizing with TNC
[ 1032.763439][T14552] [U] �
[ 1033.084507][T14490] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1033.091727][T14490] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1033.154093][T14490] device bridge_slave_0 entered promiscuous mode
[ 1033.199552][T14565] sp0: Synchronizing with TNC
[ 1033.221012][T14490] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1033.257121][T14569] Invalid ELF header type: 0 != 1
[ 1033.271485][T14490] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1033.325102][T14490] device bridge_slave_1 entered promiscuous mode
[ 1033.539678][T14559] [U] �
[ 1034.417033][ T4263] Bluetooth: hci1: command 0x0419 tx timeout
[ 1034.528354][T14579] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[ 1034.957192][T14490] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1035.336551][T14490] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1035.489252][T14490] team0: Port device team_slave_0 added
[ 1035.722722][T14490] team0: Port device team_slave_1 added
[ 1035.870253][T14590] 9pnet_fd: Insufficient options for proto=fd
[ 1036.614210][T14490] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1036.621197][T14490] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1036.784449][T14490] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1036.824653][ T8372] device hsr_slave_0 left promiscuous mode
[ 1036.846840][ T8372] device hsr_slave_1 left promiscuous mode
[ 1036.901119][ T8372] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1036.951926][ T8372] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1036.972336][ T8372] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1037.000772][ T8372] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1037.108208][ T8372] device bridge_slave_1 left promiscuous mode
[ 1037.218662][ T8372] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1037.380777][T14612] xt_TCPMSS: Only works on TCP SYN packets
[ 1037.633008][ T8372] device bridge_slave_0 left promiscuous mode
[ 1037.791078][ T8372] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1038.042482][ T8372] device veth1_macvtap left promiscuous mode
[ 1038.086607][ T8372] device veth0_macvtap left promiscuous mode
[ 1038.110809][ T8372] device veth1_vlan left promiscuous mode
[ 1038.124244][ T8372] device veth0_vlan left promiscuous mode
[ 1039.791435][T14633] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2770'.
[ 1039.901164][T14636] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1041.068259][T14643] 9pnet_fd: Insufficient options for proto=fd
[ 1041.529779][ T8372] team0 (unregistering): Port device bond1 removed
[ 1041.632341][ T8372] bond1 (unregistering): Released all slaves
[ 1042.597987][ T8372] team0 (unregistering): Port device team_slave_1 removed
[ 1042.666166][ T8372] team0 (unregistering): Port device team_slave_0 removed
[ 1042.713145][ T8372] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1042.768500][ T8372] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1043.203107][ T8372] bond0 (unregistering): Released all slaves
[ 1043.340519][T14490] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1043.347958][T14490] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1043.380719][T14490] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1043.541470][T14490] device hsr_slave_0 entered promiscuous mode
[ 1043.554656][T14490] device hsr_slave_1 entered promiscuous mode
[ 1044.446315][T14675] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2784'.
[ 1046.585256][T14490] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1046.652996][T14490] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1046.685565][T14490] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1046.708791][T14490] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1046.778426][T14719] loop9: detected capacity change from 0 to 6
[ 1046.806454][T14719] Dev loop9: unable to read RDB block 6
[ 1046.823597][T14719]  loop9: unable to read partition table
[ 1046.845495][T14719] loop9: partition table beyond EOD, truncated
[ 1046.863002][T14719] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[ 1046.863002][T14719] 
) failed (rc=-5)
[ 1046.937834][T14490] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1046.984528][ T6786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1047.000233][ T6786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1047.025170][T14490] 8021q: adding VLAN 0 to HW filter on device team0
[ 1047.052473][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1047.075171][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1047.091669][ T4373] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1047.092037][T14724] overlayfs: missing 'lowerdir'
[ 1047.098820][ T4373] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1047.128597][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1047.147192][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1047.172268][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1047.196806][ T4373] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1047.203917][ T4373] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1047.238458][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1047.259487][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1047.296398][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1047.320038][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1047.347466][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1047.385735][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1047.394786][T14729] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2795'.
[ 1047.477115][T14490] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1047.529734][T14490] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1047.571941][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1047.584509][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1047.646225][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1047.686094][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1047.712807][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1047.809542][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1048.786849][T14757] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1049.621544][ T4348] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1049.652206][ T4348] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1049.710692][T14490] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1049.865954][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1049.894765][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1050.401874][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1050.475205][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1050.657924][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1050.665806][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1050.773065][T14490] device veth0_vlan entered promiscuous mode
[ 1050.885140][T14490] device veth1_vlan entered promiscuous mode
[ 1051.312978][T14782] overlayfs: missing 'lowerdir'
[ 1051.332299][T14490] device veth0_macvtap entered promiscuous mode
[ 1051.350603][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1051.360077][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1051.631583][T14788] 9pnet_fd: Insufficient options for proto=fd
[ 1051.754070][T14789] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2805'.
[ 1052.000755][T14490] device veth1_macvtap entered promiscuous mode
[ 1052.053162][T14490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1052.125892][T14490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1052.172121][T14490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1052.265180][T14490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1052.293477][T14490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1052.349541][T14490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1052.360682][T14490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1052.371158][T14490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1052.382521][T14490] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1052.394331][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1052.402397][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1052.454790][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1052.473672][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1052.559854][T14490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1052.662361][T14490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1052.707261][T14490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1052.724084][T14490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1052.763713][T14490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1052.823095][T14490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1052.889547][T14490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1052.933356][T14490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1053.009841][T14490] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1053.073495][T14490] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1053.134208][T14490] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1053.145316][T14490] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1053.171989][T14490] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1053.235991][T14488] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1053.281104][T14488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1053.442023][T14488] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1053.489373][T14488] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1053.531641][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1053.552654][T14488] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1053.574083][T14488] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1053.610793][T14488] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1054.211278][T14840] overlayfs: missing 'workdir'
[ 1054.357075][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.798942][T14850] 9pnet_fd: Insufficient options for proto=fd
[ 1055.909955][T14862] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2818'.
[ 1057.286853][T14896] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[ 1058.280821][T14904] overlayfs: missing 'workdir'
[ 1058.693529][T14918] 9pnet_fd: Insufficient options for proto=fd
[ 1059.776040][T14930] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2831'.
[ 1060.400162][T14915] sp0: Synchronizing with TNC
[ 1060.497676][T14938] Invalid ELF header type: 0 != 1
[ 1060.654108][T14914] [U] �
[ 1062.854047][  T129] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[ 1063.514064][  T129] usb 6-1: device descriptor read/64, error -71
[ 1063.978314][  T129] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1064.016242][T14973] 9pnet_fd: Insufficient options for proto=fd
[ 1064.284117][  T129] usb 6-1: device descriptor read/64, error -71
[ 1064.455044][  T129] usb usb6-port1: attempt power cycle
[ 1065.074433][  T129] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1065.914055][  T129] usb 6-1: device not accepting address 6, error -71
[ 1066.159781][T14988] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2847'.
[ 1067.459663][T15008] sp0: Synchronizing with TNC
[ 1067.713577][T14997] [U] �
[ 1068.655724][T15017] 9pnet_fd: Insufficient options for proto=fd
[ 1069.460647][   T26] audit: type=1326 audit(1733909480.574:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15022 comm="syz.2.2856" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe04477ff19 code=0x0
[ 1070.610202][T15042] loop9: detected capacity change from 0 to 6
[ 1070.682634][T15042] Dev loop9: unable to read RDB block 6
[ 1070.692280][T15042]  loop9: unable to read partition table
[ 1070.735111][T15042] loop9: partition table beyond EOD, truncated
[ 1070.764645][T15042] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[ 1070.764645][T15042] 
) failed (rc=-5)
[ 1070.984099][T15047] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2862'.
[ 1071.076865][ T4313] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1071.947424][T15051] Falling back ldisc for ttyprintk.
[ 1072.687226][ T4313] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1073.944310][T15066] 9pnet_fd: Insufficient options for proto=fd
[ 1074.053983][ T4313] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1074.116340][ T4263] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1074.183759][ T4263] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1074.192507][ T4263] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1074.215555][ T4263] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1074.228217][ T4263] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1074.238224][ T4263] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1074.393438][ T4313] team0: Port device netdevsim0 removed
[ 1074.427307][ T4313] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1074.580962][T15068] lo speed is unknown, defaulting to 1000
[ 1075.015005][T15068] lo speed is unknown, defaulting to 1000
[ 1075.919881][T15068] chnl_net:caif_netlink_parms(): no params data found
[ 1076.405348][ T4264] Bluetooth: hci0: command 0x0409 tx timeout
[ 1077.545772][T15068] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1077.604154][T15068] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1077.649308][T15068] device bridge_slave_0 entered promiscuous mode
[ 1077.905204][T15068] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1078.560828][T15120] Falling back ldisc for ttyprintk.
[ 1078.632581][ T4264] Bluetooth: hci0: command 0x041b tx timeout
[ 1078.688154][T15068] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1078.739791][T15068] device bridge_slave_1 entered promiscuous mode
[ 1079.072457][T15128] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2876'.
[ 1079.595869][T15139] netlink: 212884 bytes leftover after parsing attributes in process `syz.5.2878'.
[ 1080.595206][T15068] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1080.674434][ T4264] Bluetooth: hci0: command 0x040f tx timeout
[ 1080.745374][T15147] 9pnet_fd: Insufficient options for proto=fd
[ 1081.392413][T15068] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1082.516062][T15068] team0: Port device team_slave_0 added
[ 1082.735606][T15068] team0: Port device team_slave_1 added
[ 1082.754495][ T4264] Bluetooth: hci0: command 0x0419 tx timeout
[ 1082.921440][ T4313] device hsr_slave_0 left promiscuous mode
[ 1082.928448][T15168] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1082.991253][ T4313] device hsr_slave_1 left promiscuous mode
[ 1083.004279][ T4313] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1083.011706][ T4313] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1083.105328][ T4313] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1083.112766][ T4313] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1083.178592][ T4313] device bridge_slave_1 left promiscuous mode
[ 1083.197432][ T4313] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1083.218320][ T4313] device bridge_slave_0 left promiscuous mode
[ 1083.237286][ T4313] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1083.394823][ T4313] device veth1_macvtap left promiscuous mode
[ 1083.424479][ T8976] usb 1-1: new full-speed USB device number 20 using dummy_hcd
[ 1083.491720][ T4313] device veth0_macvtap left promiscuous mode
[ 1083.594001][ T4313] device veth1_vlan left promiscuous mode
[ 1083.636906][T15182] Invalid ELF header type: 0 != 1
[ 1083.681158][ T8976] usb 1-1: config 0 has too many interfaces: 125, using maximum allowed: 32
[ 1083.763231][ T8976] usb 1-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[ 1083.801110][ T4313] device veth0_vlan left promiscuous mode
[ 1083.912698][ T8976] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1083.999194][ T8976] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 125
[ 1084.012034][ T8976] usb 1-1: config 0 has no interface number 0
[ 1084.018590][T15180] Falling back ldisc for ttyprintk.
[ 1084.018717][ T8976] usb 1-1: too many endpoints for config 0 interface 88 altsetting 253: 68, using maximum allowed: 30
[ 1084.102249][ T8976] usb 1-1: config 0 interface 88 altsetting 253 has 0 endpoint descriptors, different from the interface descriptor's value: 68
[ 1084.116250][ T8976] usb 1-1: config 0 interface 88 has no altsetting 0
[ 1084.169047][T15186] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2889'.
[ 1084.186995][ T8976] usb 1-1: New USB device found, idVendor=1d7b, idProduct=0101, bcdDevice= 0.40
[ 1084.223240][ T8976] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1084.231421][ T8976] usb 1-1: Product: syz
[ 1084.235743][ T8976] usb 1-1: Manufacturer: syz
[ 1084.368620][ T8976] usb 1-1: SerialNumber: syz
[ 1084.381115][ T8976] usb 1-1: config 0 descriptor??
[ 1084.458839][T15191] 9pnet_fd: Insufficient options for proto=fd
[ 1085.235964][ T8976] usb 1-1: USB disconnect, device number 20
[ 1085.672438][ T4313] infiniband s: set down
[ 1087.116658][ T4264] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[ 1087.127496][ T4264] Bluetooth: hci1: Injecting HCI hardware error event
[ 1087.135965][ T4264] Bluetooth: hci1: hardware error 0x00
[ 1087.737202][T15211] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1087.949053][ T4313] team0 (unregistering): Port device team_slave_1 removed
[ 1088.021712][ T4313] team0 (unregistering): Port device team_slave_0 removed
[ 1088.123119][ T4313] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1088.190346][ T4313] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1088.208951][T15203] infiniband syz1: ib_query_port failed (-19)
[ 1088.549047][T15223] Invalid ELF header type: 0 != 1
[ 1088.957729][T15221] Falling back ldisc for ttyprintk.
[ 1089.257278][ T4264] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[ 1089.403437][T15230] 9pnet_fd: Insufficient options for proto=fd
[ 1089.950247][ T4313] bond0 (unregistering): Released all slaves
[ 1090.060697][ T4373] smc: removing ib device s
[ 1090.108099][T15226] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1090.560719][T12741] bond0 speed is unknown, defaulting to 1000
[ 1090.566965][ T9793] lo speed is unknown, defaulting to 1000
[ 1090.574731][T14730] lo speed is unknown, defaulting to 1000
[ 1090.580728][T15228] netlink: 'syz.3.2901': attribute type 10 has an invalid length.
[ 1090.662636][T15228] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1090.687397][T15068] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1090.702022][T15068] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1090.812807][T15237] netlink: 64 bytes leftover after parsing attributes in process `syz.5.2903'.
[ 1091.144830][T15068] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1091.214550][T15068] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1091.231719][T15068] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1091.733484][T15068] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1091.882326][T15251] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1092.019594][T15068] device hsr_slave_0 entered promiscuous mode
[ 1092.084737][T15068] device hsr_slave_1 entered promiscuous mode
[ 1092.091756][T15068] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1092.223991][T15068] Cannot create hsr debugfs directory
[ 1092.524511][T15266] program syz.1.2911 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1092.871275][T15255] ALSA: mixer_oss: invalid OSS volume ''
[ 1097.135353][T15306] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1097.156266][T15308] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2919'.
[ 1097.310507][T15068] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1097.363437][T15068] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1097.407435][T15068] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1097.438374][T15068] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1097.648137][T15068] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1097.687654][T14439] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1097.710588][T14439] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1097.748423][T15068] 8021q: adding VLAN 0 to HW filter on device team0
[ 1097.781735][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1097.797681][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1097.940369][T15304] ALSA: mixer_oss: invalid OSS volume ''
[ 1098.069233][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1098.076391][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1098.308162][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1098.376561][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1098.400485][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1098.441469][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1098.448649][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1098.484422][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1098.503531][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1098.513483][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1098.737891][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1098.919180][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1099.216845][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1099.243496][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1099.280335][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1099.668750][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1099.695827][T15331] netlink: 'syz.3.2928': attribute type 1 has an invalid length.
[ 1099.707469][T15331] netlink: 'syz.3.2928': attribute type 4 has an invalid length.
[ 1099.715918][T15331] netlink: 15334 bytes leftover after parsing attributes in process `syz.3.2928'.
[ 1099.730592][T15345] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2931'.
[ 1099.746563][T15068] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1099.785285][T15068] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1099.805667][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1099.826223][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1100.040500][T15352] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1101.438864][T14203] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1101.493011][T14203] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1101.527741][T15068] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1101.678031][T15068] device veth0_vlan entered promiscuous mode
[ 1101.720709][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1101.755611][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1101.812270][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1102.145147][T15389] program syz.0.2942 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1102.194544][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1102.565496][T15068] device veth1_vlan entered promiscuous mode
[ 1102.614376][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1102.638561][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1102.641952][T15393] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2943'.
[ 1102.731277][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1102.801564][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1102.816582][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1102.871803][T15068] device veth0_macvtap entered promiscuous mode
[ 1102.920206][T15068] device veth1_macvtap entered promiscuous mode
[ 1103.685999][T14439] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1103.700268][T14439] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1103.808926][T15068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1103.842371][T15068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1103.872958][T15068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1103.923965][T15068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1103.985422][T15068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1104.046566][T15068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1104.103141][T15068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1104.140458][T15068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1104.367440][T15068] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1104.406112][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1104.453188][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1104.501567][T15068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1104.545540][T15068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1104.556624][T15068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1104.585242][T15068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1104.600229][T15068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1104.612074][T15068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1104.627587][T15068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1104.639466][T15068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1104.656478][   T26] audit: type=1326 audit(1733909515.774:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15426 comm="syz.3.2950" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe315f7ff19 code=0x0
[ 1104.658573][T15068] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1104.698477][T15424] netlink: 'syz.1.2949': attribute type 5 has an invalid length.
[ 1104.712524][T15424] netlink: 'syz.1.2949': attribute type 17 has an invalid length.
[ 1104.723110][ T4528] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1104.739515][ T4528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1104.752012][T15068] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1104.767975][T15068] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1104.778448][T15068] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1104.791847][T15068] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1105.016302][ T4528] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1105.054012][ T4528] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1105.116287][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1105.147479][ T4443] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1105.187722][ T4443] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1105.226694][ T4348] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1106.104262][T15450] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2955'.
[ 1106.171916][T15454] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1106.489927][T15461] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2966'.
[ 1107.303585][ T5419] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1107.584412][ T4263] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1107.593761][ T4263] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1107.608093][ T4263] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1107.616180][ T4263] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1107.625305][ T4263] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1107.632520][ T4263] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1107.865770][ T5419] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1108.016178][ T5419] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1108.051478][T15490] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1108.501560][ T5419] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1109.035651][T15516] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1109.072379][ T5419] tipc: Left network mode
[ 1109.125512][T15480] chnl_net:caif_netlink_parms(): no params data found
[ 1109.379556][T15524] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2969'.
[ 1109.569790][T15480] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1109.672335][T15480] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1109.703645][T15480] device bridge_slave_0 entered promiscuous mode
[ 1109.714211][ T4264] Bluetooth: hci3: command 0x0409 tx timeout
[ 1109.805029][T15480] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1109.812199][T15480] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1110.144637][T15480] device bridge_slave_1 entered promiscuous mode
[ 1110.913846][T15480] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1110.931930][T15480] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1111.328064][T15480] team0: Port device team_slave_0 added
[ 1111.408917][T15480] team0: Port device team_slave_1 added
[ 1111.552155][T15480] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1111.591195][T15480] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1111.665500][T15480] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1111.789193][T15563] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1111.999486][ T4264] Bluetooth: hci3: command 0x041b tx timeout
[ 1112.140512][T15567] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1112.215710][T15480] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1112.240291][T15480] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1112.488232][T15480] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1112.500492][T15557] ALSA: mixer_oss: invalid OSS volume ''
[ 1112.740111][T15580] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2979'.
[ 1112.780157][ T5419] bond0: (slave wlan1): Releasing backup interface
[ 1112.903206][T15480] device hsr_slave_0 entered promiscuous mode
[ 1112.940201][T15480] device hsr_slave_1 entered promiscuous mode
[ 1112.994985][T15480] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1113.020246][T15480] Cannot create hsr debugfs directory
[ 1114.036632][ T4264] Bluetooth: hci3: command 0x040f tx timeout
[ 1114.619470][ T5419] device hsr_slave_0 left promiscuous mode
[ 1114.686154][ T5419] device hsr_slave_1 left promiscuous mode
[ 1114.700342][ T5419] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1114.710009][ T5419] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1114.726079][ T5419] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1114.733600][ T5419] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1114.750306][ T5419] device bridge_slave_1 left promiscuous mode
[ 1114.762390][ T5419] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1114.765182][T15612] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1114.779499][ T5419] device bridge_slave_0 left promiscuous mode
[ 1114.788669][ T5419] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1114.871428][ T5419] device veth1_macvtap left promiscuous mode
[ 1114.905029][ T5419] device veth0_macvtap left promiscuous mode
[ 1114.911162][ T5419] device veth1_vlan left promiscuous mode
[ 1114.942372][ T5419] device veth0_vlan left promiscuous mode
[ 1114.990091][T15616] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1115.797617][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.124346][ T4264] Bluetooth: hci3: command 0x0419 tx timeout
[ 1116.781253][T15633] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2993'.
[ 1117.123850][T15639] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1117.354228][T15646] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1119.308046][ T5419] team0 (unregistering): Port device team_slave_1 removed
[ 1119.376838][ T5419] team0 (unregistering): Port device team_slave_0 removed
[ 1119.425135][T15670] loop9: detected capacity change from 0 to 6
[ 1119.444224][T15670] Dev loop9: unable to read RDB block 6
[ 1119.451319][ T5419] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1119.464097][T15670]  loop9: unable to read partition table
[ 1119.469907][T15670] loop9: partition table beyond EOD, truncated
[ 1119.484048][T15670] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[ 1119.484048][T15670] 
) failed (rc=-5)
[ 1119.532656][ T5419] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1119.752720][T15674] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3007'.
[ 1120.026411][T15678] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1120.587452][T15684] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1121.536630][ T5419] bond0 (unregistering): Released all slaves
[ 1123.395457][T15707] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3017'.
[ 1123.505877][T15712] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1123.635593][T15718] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1124.114303][ T4263] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[ 1124.123009][ T4263] Bluetooth: hci0: Injecting HCI hardware error event
[ 1124.131889][ T4263] Bluetooth: hci0: hardware error 0x00
[ 1124.440288][T15737] netdevsim netdevsim2: Direct firmware load for /
[ 1124.440288][T15737]  failed with error -2
[ 1124.462172][T15737] netdevsim netdevsim2: Falling back to sysfs fallback for: /
[ 1124.462172][T15737] 
[ 1124.507250][T15480] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1124.548805][T15480] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1124.599567][T15480] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1125.062067][T15480] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1125.391544][T15480] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1125.448399][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1125.464650][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1125.486025][T15480] 8021q: adding VLAN 0 to HW filter on device team0
[ 1125.534283][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1125.571506][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1125.615202][ T5419] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1125.622318][ T5419] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1125.693490][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1125.730707][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1125.769656][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1125.817004][ T5419] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1125.824135][ T5419] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1125.868667][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1125.895873][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1126.001197][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1126.035787][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1126.058653][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1126.082019][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1126.090928][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1126.105487][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1126.125534][T15480] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1126.141546][T15480] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1126.153203][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1126.171859][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1126.181538][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1126.281272][ T4263] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 1126.347580][T15765] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3031'.
[ 1126.416788][T15769] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1126.781335][T15480] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1127.016711][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1127.086700][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1127.112712][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1127.188475][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1127.811767][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1127.831913][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1127.851689][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1127.890259][ T5419] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1127.906817][T15480] device veth0_vlan entered promiscuous mode
[ 1127.945818][T15480] device veth1_vlan entered promiscuous mode
[ 1128.036884][ T9630] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1128.056473][T15811] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1128.095337][ T9630] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1128.125953][T15480] device veth0_macvtap entered promiscuous mode
[ 1128.165730][T15480] device veth1_macvtap entered promiscuous mode
[ 1128.296977][T15480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1128.319337][T15480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1128.332682][T15480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1128.343457][T15480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1128.353773][T15480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1128.364478][T15480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1128.383690][T15480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1128.404290][T15480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1128.435389][T15480] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1128.449744][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1128.458743][T15820] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1128.489518][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1128.550598][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1128.559818][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1128.570938][T15480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1128.581713][T15480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1128.592600][T15480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1128.612182][T15480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1128.623762][T15480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1128.637939][T15480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1128.648286][T15480] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1128.668223][T15480] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1128.694250][T15480] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1128.729841][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1128.742216][ T4373] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1128.795542][T15480] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1128.817925][T15827] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3045'.
[ 1128.827453][T15480] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1128.856627][T15480] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1128.883552][T15480] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1129.312814][ T4443] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1129.444766][T15829] ALSA: mixer_oss: invalid OSS volume ''
[ 1129.462488][ T4443] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1129.516909][ T9630] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1129.537425][ T4373] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1129.552572][ T4373] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1129.602539][T14203] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1131.731987][T15857] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1132.264011][T12741] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[ 1132.480613][T12741] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1132.513858][T12741] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1132.561858][T12741] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1132.642494][T12741] usb 2-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00
[ 1132.683707][T12741] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1132.730622][T12741] usb 2-1: config 0 descriptor??
[ 1132.857847][ T4313] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1132.973353][ T4264] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1132.984869][ T4264] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1133.005275][ T4264] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1133.013829][ T4264] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1133.022559][ T4264] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1133.034323][ T4264] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1133.065581][T12741] usbhid 2-1:0.0: can't add hid device: -71
[ 1133.071598][T12741] usbhid: probe of 2-1:0.0 failed with error -71
[ 1133.095650][T12741] usb 2-1: USB disconnect, device number 12
[ 1133.146603][ T4313] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1133.189200][T15877] loop9: detected capacity change from 0 to 6
[ 1133.214133][T15877] Dev loop9: unable to read RDB block 6
[ 1133.219761][T15877]  loop9: unable to read partition table
[ 1133.249915][T15877] loop9: partition table beyond EOD, truncated
[ 1133.258671][T15877] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[ 1133.258671][T15877] 
) failed (rc=-5)
[ 1133.337865][ T4313] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1133.749155][ T4313] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1134.785919][T15889] atomic_op ffff88807bf39198 conn xmit_atomic 0000000000000000
[ 1135.244084][ T4263] Bluetooth: hci2: command 0x0409 tx timeout
[ 1136.270816][ T4313] tipc: Left network mode
[ 1136.573532][T15910] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1136.745603][T15874] chnl_net:caif_netlink_parms(): no params data found
[ 1137.269009][T15874] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1137.279661][T15874] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1137.311756][T15874] device bridge_slave_0 entered promiscuous mode
[ 1137.314113][ T4264] Bluetooth: hci2: command 0x041b tx timeout
[ 1137.869861][T15874] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1137.885236][T15874] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1137.911376][T15874] device bridge_slave_1 entered promiscuous mode
[ 1138.103130][T15874] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1138.311237][T15874] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1140.138019][ T4264] Bluetooth: hci2: command 0x040f tx timeout
[ 1140.487258][T15874] team0: Port device team_slave_0 added
[ 1140.533377][T15874] team0: Port device team_slave_1 added
[ 1140.688976][T15969] syz.3.3083[15969] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1140.689115][T15969] syz.3.3083[15969] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1140.705728][T15874] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1140.725837][T15874] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1140.726069][T15971] loop9: detected capacity change from 0 to 6
[ 1140.766843][T15874] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1140.779637][T15971] Dev loop9: unable to read RDB block 6
[ 1140.785723][T15874] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1140.791735][T15971]  loop9: unable to read partition table
[ 1140.795250][T15874] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1140.837582][T15971] loop9: partition table beyond EOD, truncated
[ 1140.843878][T15874] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1140.864037][T15971] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[ 1140.864037][T15971] 
) failed (rc=-5)
[ 1141.372767][T15874] device hsr_slave_0 entered promiscuous mode
[ 1141.399900][T15874] device hsr_slave_1 entered promiscuous mode
[ 1141.430293][T15874] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1141.567219][T15874] Cannot create hsr debugfs directory
[ 1142.194616][ T4264] Bluetooth: hci2: command 0x0419 tx timeout
[ 1142.433157][ T4313] device hsr_slave_0 left promiscuous mode
[ 1142.458983][ T4313] device hsr_slave_1 left promiscuous mode
[ 1142.472152][ T4313] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1142.499139][ T4313] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1142.544264][ T4313] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1142.680853][ T4313] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1143.108172][ T4313] device bridge_slave_1 left promiscuous mode
[ 1143.133747][ T4313] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1143.187142][ T4313] device bridge_slave_0 left promiscuous mode
[ 1143.213159][ T4313] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1143.363003][ T4313] device veth1_macvtap left promiscuous mode
[ 1143.402870][ T4313] device veth0_macvtap left promiscuous mode
[ 1143.428792][ T4313] device veth1_vlan left promiscuous mode
[ 1143.462844][ T4313] device veth0_vlan left promiscuous mode
[ 1144.205678][T16024] loop9: detected capacity change from 0 to 6
[ 1144.213421][T16024] Dev loop9: unable to read RDB block 6
[ 1144.226301][T16024]  loop9: unable to read partition table
[ 1144.232156][T16024] loop9: partition table beyond EOD, truncated
[ 1144.242191][T16024] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[ 1144.242191][T16024] 
) failed (rc=-5)
[ 1144.637869][ T4313] team0 (unregistering): Port device team_slave_1 removed
[ 1144.676648][ T4313] team0 (unregistering): Port device team_slave_0 removed
[ 1144.716561][ T4313] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1144.760510][ T4313] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1145.173314][ T4313] bond0 (unregistering): Released all slaves
[ 1145.586208][T16044] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1148.001248][T16070] ALSA: mixer_oss: invalid OSS volume ''
[ 1148.350635][T15874] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1148.371294][T15874] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1148.391416][T16090] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1148.414634][T15874] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1148.461212][T15874] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1148.821407][T15874] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1148.901064][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1148.917817][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1149.701687][ T4264] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[ 1149.710814][ T4264] Bluetooth: hci3: Injecting HCI hardware error event
[ 1149.719819][ T4263] Bluetooth: hci3: hardware error 0x00
[ 1149.726424][T15874] 8021q: adding VLAN 0 to HW filter on device team0
[ 1149.754913][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1149.770477][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1149.789297][ T4349] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1149.796453][ T4349] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1149.844331][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1149.862694][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1149.903758][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1149.973091][ T4349] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1149.980254][ T4349] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1149.989108][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1150.000066][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1150.022852][T14203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1150.045118][   T26] audit: type=1326 audit(1733909561.164:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16112 comm="syz.2.3121" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd05d37ff19 code=0x0
[ 1150.063535][T14203] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1150.143416][T14203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1150.274854][T14203] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1150.309355][T15874] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1150.384168][T15874] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1150.406025][T14203] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1150.415090][T14203] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1150.428770][T14203] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1150.465075][T14203] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1150.494205][T14203] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1150.509356][T16123] ALSA: mixer_oss: invalid OSS volume ''
[ 1150.515513][T14203] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1150.618441][T16131] device pim6reg1 entered promiscuous mode
[ 1151.278247][T15874] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1151.313626][T15874] device veth0_vlan entered promiscuous mode
[ 1151.794631][ T4263] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[ 1152.032893][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1152.070786][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1152.093789][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1152.102617][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1152.111955][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1152.120394][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1152.147157][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1152.162850][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1152.196577][T15874] device veth1_vlan entered promiscuous mode
[ 1152.451095][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1152.742134][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1152.764483][T15874] device veth0_macvtap entered promiscuous mode
[ 1152.794316][T15874] device veth1_macvtap entered promiscuous mode
[ 1153.063507][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1153.170253][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1153.305665][T15874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1153.342552][T15874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1153.353186][T15874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1153.376752][T15874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1153.393585][T15874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1153.405989][T15874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1153.416340][T15874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1153.427153][T15874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1153.438924][T15874] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1153.463447][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1153.473305][ T7740] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1153.514432][T15874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1153.553580][T15874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1153.582479][T15874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1153.674115][T15874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1153.924573][T15874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1154.214030][T15874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1154.235231][T15874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1154.436578][T15874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1154.456436][T16190] Driver unsupported XDP return value 0 on prog  (id 734) dev N/A, expect packet loss!
[ 1154.469648][   T26] audit: type=1326 audit(1733909565.584:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16189 comm="syz.3.3137" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9f51b7ff19 code=0x0
[ 1154.492104][T15874] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1154.533621][ T4528] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1154.547013][ T4528] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1154.687761][T15874] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1154.709540][T15874] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1154.812834][T15874] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1154.822459][T15874] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1155.738081][T16186] ALSA: mixer_oss: invalid OSS volume ''
[ 1155.783391][ T4349] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1155.814234][ T4349] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1155.836719][ T4528] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1155.856975][ T4528] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1155.889232][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1156.054831][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1156.236136][T16219] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1157.321656][   T26] audit: type=1326 audit(1733909568.434:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16256 comm="syz.3.3151" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9f51b7ff19 code=0x0
[ 1158.485107][T16263] ALSA: mixer_oss: invalid OSS volume ''
[ 1158.565583][T16280] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1162.424672][T16329] ALSA: mixer_oss: invalid OSS volume ''
[ 1162.652020][T16346] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1163.981000][T16380] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1164.502103][T16389] device pim6reg1 entered promiscuous mode
[ 1165.365834][T16411] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1168.334589][T16451] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1168.818473][T16467] sp0: Synchronizing with TNC
[ 1168.908932][T16468] Invalid ELF header type: 0 != 1
[ 1169.469997][T16461] [U] �
[ 1169.719424][T16472] device pim6reg1 entered promiscuous mode
[ 1172.411254][T16495] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1172.829236][T16507] sp0: Synchronizing with TNC
[ 1172.919368][T16508] Invalid ELF header type: 0 != 1
[ 1173.374576][T16499] [U] �
[ 1175.107965][T16531] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1175.541019][T16539] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1175.603465][T16542] device veth1_macvtap left promiscuous mode
[ 1175.623854][T16542] device macsec0 entered promiscuous mode
[ 1176.310657][T16553] sp0: Synchronizing with TNC
[ 1176.459561][T16554] Invalid ELF header type: 0 != 1
[ 1176.784488][T16543] [U] �
[ 1178.474872][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[ 1178.674968][T16565] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1178.842151][T16571] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1180.692486][T16601] sp0: Synchronizing with TNC
[ 1180.788875][T16602] Invalid ELF header type: 0 != 1
[ 1181.281470][T16596] [U] �
[ 1181.597093][T16608] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1181.859802][T16615] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1182.836705][T16633] sp0: Synchronizing with TNC
[ 1182.944568][T16634] Invalid ELF header type: 0 != 1
[ 1183.369108][T16627] [U] �
[ 1184.844555][T16646] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1185.429140][T16658] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1186.089346][ T4263] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 1186.120687][ T4263] Bluetooth: hci2: Injecting HCI hardware error event
[ 1186.182251][ T4264] Bluetooth: hci2: hardware error 0x00
[ 1186.961318][T16675] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1187.443064][T16687] sp0: Synchronizing with TNC
[ 1187.597567][T16688] Invalid ELF header type: 0 != 1
[ 1187.867539][T16676] [U] �
[ 1188.693401][T16697] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1188.944341][ T4264] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1189.195008][T16717] Invalid ELF header type: 0 != 1
[ 1189.264634][T16714] sp0: Synchronizing with TNC
[ 1189.449258][T16698] [U] �
[ 1189.761336][T16724] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1191.694254][T16732] 9pnet_fd: Insufficient options for proto=fd
[ 1192.657130][T16745] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1192.824139][   T26] audit: type=1326 audit(1733909603.914:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16747 comm="syz.0.3307" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f60ddb7ff19 code=0x0
[ 1193.004180][T16760] sp0: Synchronizing with TNC
[ 1193.187336][T16761] Invalid ELF header type: 0 != 1
[ 1193.579086][T16748] [U] �
[ 1193.611527][T16763] fuse: Bad value for 'user_id'
[ 1195.704253][T16777] 9pnet_fd: Insufficient options for proto=fd
[ 1196.750944][T16795] fuse: Bad value for 'user_id'
[ 1196.857138][T16792] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1196.902668][   T26] audit: type=1326 audit(1733909608.014:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16790 comm="syz.3.3323" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9f51b7ff19 code=0x0
[ 1198.577881][T16820] 9pnet_fd: Insufficient options for proto=fd
[ 1200.407387][T16835] fuse: Bad value for 'user_id'
[ 1200.467306][T16837] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1200.644232][   T26] audit: type=1326 audit(1733909611.754:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16841 comm="syz.5.3340" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0c0b17ff19 code=0x0
[ 1202.056485][T16869] sp0: Synchronizing with TNC
[ 1202.069601][T16869] Invalid ELF header type: 0 != 1
[ 1202.681216][T16860] [U] �
[ 1203.846849][T16891] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3353'.
[ 1204.933219][   T26] audit: type=1326 audit(1733909616.044:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16900 comm="syz.1.3357" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f633417ff19 code=0x0
[ 1205.708232][T16917] 9pnet_fd: Insufficient options for proto=fd
[ 1206.376338][T16924] sp0: Synchronizing with TNC
[ 1206.389094][T16924] Invalid ELF header type: 0 != 1
[ 1206.872468][T16929] fuse: Bad value for 'fd'
[ 1206.883094][T16919] [U] �
[ 1208.060979][T16941] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3370'.
[ 1208.562521][   T26] audit: type=1326 audit(1733909619.674:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16952 comm="syz.2.3374" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd05d37ff19 code=0x0
[ 1209.016979][T16963] 9pnet_fd: Insufficient options for proto=fd
[ 1209.772527][T16966] fuse: Bad value for 'fd'
[ 1210.150093][T16981] sp0: Synchronizing with TNC
[ 1210.163582][T16981] Invalid ELF header type: 0 != 1
[ 1210.723789][T16969] [U] �
[ 1210.934730][   T26] audit: type=1326 audit(1733909622.054:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16987 comm="syz.1.3388" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f633417ff19 code=0x0
[ 1211.246551][T17002] device pim6reg1 entered promiscuous mode
[ 1211.383322][T17004] 9pnet_fd: Insufficient options for proto=fd
[ 1212.164414][T17010] fuse: Bad value for 'fd'
[ 1212.791913][T17026] sp0: Synchronizing with TNC
[ 1212.806388][T17026] Invalid ELF header type: 0 != 1
[ 1213.307494][T17018] [U] �
[ 1213.444743][T17014] ALSA: mixer_oss: invalid OSS volume ''
[ 1214.744707][T17036] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3400'.
[ 1215.221921][T12475] libceph: connect (1)[c::]:6789 error -101
[ 1215.229929][T12475] libceph: mon0 (1)[c::]:6789 connect error
[ 1215.244845][   T26] audit: type=1326 audit(1733909626.364:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17046 comm="syz.5.3405" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0c0b17ff19 code=0x0
[ 1215.431411][T17036] ceph: No mds server is up or the cluster is laggy
[ 1215.597851][T17054] fuse: Bad value for 'fd'
[ 1216.028107][T17061] sp0: Synchronizing with TNC
[ 1216.036881][T17061] Invalid ELF header type: 0 != 1
[ 1216.124142][  T129] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[ 1216.474237][  T129] usb 2-1: Using ep0 maxpacket: 16
[ 1216.491844][  T129] usb 2-1: config 0 has too many interfaces: 255, using maximum allowed: 32
[ 1216.502830][  T129] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1216.514754][  T129] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 255
[ 1216.632777][T17059] [U] �
[ 1216.715367][  T129] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1216.732096][T17065] ALSA: mixer_oss: invalid OSS volume ''
[ 1216.820507][  T129] usb 2-1: New USB device found, idVendor=056a, idProduct=00d0, bcdDevice= 0.00
[ 1216.854699][  T129] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1216.876865][T17071] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1216.904334][  T129] usb 2-1: config 0 descriptor??
[ 1216.932535][  T129] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1218.336704][T17095] fuse: Bad value for 'fd'
[ 1218.435046][   T26] audit: type=1326 audit(1733909629.554:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17097 comm="syz.5.3421" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0c0b17ff19 code=0x0
[ 1218.913190][T17110] sp0: Synchronizing with TNC
[ 1218.920204][T17110] Invalid ELF header type: 0 != 1
[ 1219.357442][  T129] usb 2-1: USB disconnect, device number 13
[ 1219.415231][T17113] ALSA: mixer_oss: invalid OSS volume ''
[ 1219.558108][T17108] [U] �
[ 1220.453245][T17130] fuse: Invalid rootmode
[ 1220.981091][T17144] sctp: [Deprecated]: syz.2.3435 (pid 17144) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1220.981091][T17144] Use struct sctp_sack_info instead
[ 1221.003978][T17144] Bluetooth: MGMT ver 1.22
[ 1222.002631][   T26] audit: type=1326 audit(1733909633.114:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17153 comm="syz.0.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddb7ff19 code=0x7ffc0000
[ 1223.476821][ T4273] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[ 1223.674396][   T26] audit: type=1326 audit(1733909633.154:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17153 comm="syz.0.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7f60ddb7ff19 code=0x7ffc0000
[ 1223.756772][   T26] audit: type=1326 audit(1733909633.154:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17153 comm="syz.0.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddb7ff19 code=0x7ffc0000
[ 1223.870502][   T26] audit: type=1326 audit(1733909633.154:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17153 comm="syz.0.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddb7ff19 code=0x7ffc0000
[ 1223.910379][T17167] sp0: Synchronizing with TNC
[ 1223.916557][T17167] Invalid ELF header type: 0 != 1
[ 1224.025121][   T26] audit: type=1326 audit(1733909633.154:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17153 comm="syz.0.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60ddb7ff19 code=0x7ffc0000
[ 1224.401536][   T26] audit: type=1326 audit(1733909633.154:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17153 comm="syz.0.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddb7ff19 code=0x7ffc0000
[ 1224.467500][   T26] audit: type=1326 audit(1733909633.154:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17153 comm="syz.0.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddb7ff19 code=0x7ffc0000
[ 1224.490866][   T26] audit: type=1326 audit(1733909633.154:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17153 comm="syz.0.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f60ddb7ff19 code=0x7ffc0000
[ 1224.513332][   T26] audit: type=1326 audit(1733909633.154:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17153 comm="syz.0.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddb7ff19 code=0x7ffc0000
[ 1224.560260][T17163] [U] �
[ 1224.583730][   T26] audit: type=1326 audit(1733909633.154:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17153 comm="syz.0.3440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f60ddb7ff19 code=0x7ffc0000
[ 1224.804445][T17175] fuse: Invalid rootmode
[ 1224.958802][T16918] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[ 1225.556690][T16918] usb 3-1: Using ep0 maxpacket: 16
[ 1225.634346][T16918] usb 3-1: config 0 has an invalid interface number: 214 but max is 0
[ 1225.642786][T16918] usb 3-1: config 0 has no interface number 0
[ 1225.740839][T16918] usb 3-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[ 1225.752429][ T4273] usb 2-1: device descriptor read/all, error -71
[ 1225.818525][T16918] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1225.826962][T16918] usb 3-1: Product: syz
[ 1225.831151][T16918] usb 3-1: Manufacturer: syz
[ 1225.859447][T16918] usb 3-1: SerialNumber: syz
[ 1225.869135][T16918] usb 3-1: config 0 descriptor??
[ 1226.378864][T17206] sp0: Synchronizing with TNC
[ 1226.385678][T17206] Invalid ELF header type: 0 != 1
[ 1226.527571][T15911] usb 3-1: USB disconnect, device number 19
[ 1226.977084][T17202] [U] �
[ 1227.130703][T17216] fuse: Invalid rootmode
[ 1228.184053][ T4273] usb 4-1: new full-speed USB device number 12 using dummy_hcd
[ 1228.577067][ T4273] usb 4-1: config index 0 descriptor too short (expected 31, got 27)
[ 1228.588904][ T4273] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1228.599139][ T4273] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= b.72
[ 1228.946049][ T4273] usb 4-1: New USB device strings: Mfr=28, Product=37, SerialNumber=3
[ 1228.954332][ T4273] usb 4-1: Product: syz
[ 1228.958514][ T4273] usb 4-1: Manufacturer: syz
[ 1228.963149][ T4273] usb 4-1: SerialNumber: syz
[ 1228.999489][T17253] fuse: Bad value for 'rootmode'
[ 1229.434021][T17256] netlink: 52 bytes leftover after parsing attributes in process `syz.1.3472'.
[ 1229.629392][T17245] sp0: Synchronizing with TNC
[ 1229.637068][T17245] Invalid ELF header type: 0 != 1
[ 1229.743762][T17244] [U] �
[ 1229.821422][ T4273] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 12 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[ 1230.001419][T12475] libceph: connect (1)[c::]:6789 error -101
[ 1230.014093][T12475] libceph: mon0 (1)[c::]:6789 connect error
[ 1230.082357][T12475] usb 4-1: USB disconnect, device number 12
[ 1230.258138][T17228] usblp0: removed
[ 1230.300987][T17255] ceph: No mds server is up or the cluster is laggy
[ 1230.754725][T17288] fuse: Bad value for 'rootmode'
[ 1231.140181][T17298] sctp: [Deprecated]: syz.0.3485 (pid 17298) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1231.140181][T17298] Use struct sctp_sack_info instead
[ 1231.896283][T17306] sp0: Synchronizing with TNC
[ 1231.902880][T17306] Invalid ELF header type: 0 != 1
[ 1232.451681][T17300] [U] �
[ 1234.629029][T17337] fuse: Bad value for 'rootmode'
[ 1235.973161][T17348] netlink: 332 bytes leftover after parsing attributes in process `syz.2.3501'.
[ 1236.063496][T17354] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1236.154186][T17348] netlink: 'syz.2.3501': attribute type 9 has an invalid length.
[ 1236.210919][T17359] 9pnet_fd: Insufficient options for proto=fd
[ 1236.323492][T17348] netlink: 108 bytes leftover after parsing attributes in process `syz.2.3501'.
[ 1236.355806][T17348] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3501'.
[ 1236.580087][T17369] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1236.612029][T17370] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1237.263691][T17377] kernel profiling enabled (shift: 17)
[ 1237.289202][T17379] fuse: Unknown parameter 'use00000000000000000000'
[ 1237.562098][T17382] device geneve2 entered promiscuous mode
[ 1239.116086][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.377046][T17392] loop9: detected capacity change from 0 to 6
[ 1239.392456][T17392] Dev loop9: unable to read RDB block 6
[ 1239.411619][T17392]  loop9: unable to read partition table
[ 1239.419374][T17392] loop9: partition table beyond EOD, truncated
[ 1239.445610][T17392] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[ 1239.445610][T17392] 
) failed (rc=-5)
[ 1241.124140][T12475] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[ 1241.146546][T17422] fuse: Unknown parameter 'use00000000000000000000'
[ 1241.282985][T17427] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3523'.
[ 1241.400960][T12475] usb 2-1: Using ep0 maxpacket: 8
[ 1241.454479][T12475] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1241.598786][T12475] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1241.614636][T12475] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1241.624965][T12475] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1241.638272][T12475] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1241.648582][T12475] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1242.327256][T12475] usb 2-1: GET_CAPABILITIES returned 0
[ 1242.335806][T12475] usbtmc 2-1:16.0: can't read capabilities
[ 1242.538520][T15203] usb 2-1: USB disconnect, device number 16
[ 1242.618181][T17443] kvm: emulating exchange as write
[ 1245.154621][T17479] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3539'.
[ 1248.519054][T17515] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1249.358558][T17520] tipc: Started in network mode
[ 1249.363918][T17520] tipc: Node identity fe800000000000000000000000000013, cluster identity 4711
[ 1249.384117][T17520] tipc: Enabled bearer <udp:syz0>, priority 10
[ 1250.496555][T12759] tipc: Node number set to 4269801491
[ 1251.221288][T17530] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3556'.
[ 1257.831285][T17614] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[ 1260.863218][T17645] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1261.998593][T17658] overlayfs: missing 'lowerdir'
[ 1265.353439][T17681] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1268.328873][T17712] netlink: 1296 bytes leftover after parsing attributes in process `syz.1.3604'.
[ 1268.480868][T17720] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1272.795534][T17748] xt_ecn: cannot match TCP bits for non-tcp packets
[ 1272.845956][T17750] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3615'.
[ 1275.390695][T17767] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1276.867277][T17788] overlayfs: missing 'lowerdir'
[ 1279.018237][   T26] kauditd_printk_skb: 37 callbacks suppressed
[ 1279.018253][   T26] audit: type=1326 audit(1733909690.134:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17793 comm="syz.3.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f51b7ff19 code=0x7ffc0000
[ 1279.088958][   T26] audit: type=1326 audit(1733909690.174:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17793 comm="syz.3.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9f51b7ff19 code=0x7ffc0000
[ 1279.128600][   T26] audit: type=1326 audit(1733909690.174:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17793 comm="syz.3.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f51b7ff19 code=0x7ffc0000
[ 1279.233763][   T26] audit: type=1326 audit(1733909690.174:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17793 comm="syz.3.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f9f51b7ff19 code=0x7ffc0000
[ 1279.531583][   T26] audit: type=1326 audit(1733909690.174:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17793 comm="syz.3.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f51b7ff19 code=0x7ffc0000
[ 1279.561511][   T26] audit: type=1326 audit(1733909690.174:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17793 comm="syz.3.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f9f51b7ff19 code=0x7ffc0000
[ 1282.110762][   T26] audit: type=1326 audit(1733909690.174:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17793 comm="syz.3.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f51b7ff19 code=0x7ffc0000
[ 1282.133791][   T26] audit: type=1326 audit(1733909690.174:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17793 comm="syz.3.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f9f51b7ff19 code=0x7ffc0000
[ 1282.156141][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1282.235768][   T26] audit: type=1326 audit(1733909690.174:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17793 comm="syz.3.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f51b7ff19 code=0x7ffc0000
[ 1282.258097][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1282.264509][   T26] audit: type=1326 audit(1733909690.174:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17793 comm="syz.3.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=446 compat=0 ip=0x7f9f51b7ff19 code=0x7ffc0000
[ 1283.142334][T17815] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1283.564056][T17822] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[ 1283.590253][T17822] CIFS mount error: No usable UNC path provided in device string!
[ 1283.590253][T17822] 
[ 1283.600621][T17822] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1289.744563][T17871] overlayfs: missing 'lowerdir'
[ 1292.297906][T14730] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[ 1292.752243][T17880] delete_channel: no stack
[ 1292.835652][T14730] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1292.873635][T14730] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1292.941812][T14730] usb 2-1: config 0 descriptor??
[ 1293.214420][T17902] overlayfs: failed to resolve './file1': -2
[ 1293.916702][T14730] usb 2-1: Cannot read MAC address
[ 1293.921995][T14730] MOSCHIP usb-ethernet driver: probe of 2-1:0.0 failed with error -71
[ 1293.956202][T14730] usb 2-1: USB disconnect, device number 17
[ 1294.468952][T17916] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1294.962072][T17918] overlayfs: missing 'lowerdir'
[ 1296.284114][T15911] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[ 1296.504034][T15911] usb 3-1: Using ep0 maxpacket: 32
[ 1296.521853][T15911] usb 3-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[ 1296.531266][T15911] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1296.601960][T15911] usb 3-1: config 0 descriptor??
[ 1296.641863][T15911] usb 3-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state
[ 1296.680723][T15911] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1296.787717][T15911] dvbdev: DVB: registering new adapter (HCW 126xxx)
[ 1296.801674][T15911] usb 3-1: media controller created
[ 1296.916031][T15911] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1297.006435][T15911] usb 3-1: selecting invalid altsetting 1
[ 1297.012810][T15911] set interface failed
[ 1297.015424][T15911] usb 3-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[ 1297.026822][T15911] error writing reg: 0xff, val: 0x00
[ 1297.095400][T15911] dvb_usb_mxl111sf: probe of 3-1:0.0 failed with error -22
[ 1297.116384][T15911] usb 3-1: USB disconnect, device number 20
[ 1299.096176][T17960] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1300.500598][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.902849][T10928] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 0
[ 1302.515533][T18000] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1302.622797][T18005] overlayfs: missing 'lowerdir'
[ 1302.914043][ T4264] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1304.184823][T18041] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1304.718500][T18046] ntfs3: nbd0: try to read out of volume at offset 0x0
[ 1308.090033][T18042] delete_channel: no stack
[ 1310.385792][T18064] device syzkaller1 entered promiscuous mode
[ 1311.205857][T18085] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1315.111909][T18130] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1316.036566][T18146] fuse: Unknown parameter '0x0000000000000004'
[ 1316.137464][T18145] hub 2-0:1.0: USB hub found
[ 1316.143750][T18145] hub 2-0:1.0: 1 port detected
[ 1317.792729][T18177] fuse: Unknown parameter 'fd0x0000000000000004'
[ 1320.252805][T18204] binder: 18199:18204 ioctl 4018620d 0 returned -22
[ 1320.266713][T18204] binder: 18199:18204 ioctl c0306201 0 returned -14
[ 1321.350787][T18221] fuse: Unknown parameter 'fd0x0000000000000004'
[ 1325.909374][T18267] fuse: Unknown parameter 'fd0x0000000000000004'
[ 1328.050491][T18300] sp0: Synchronizing with TNC
[ 1328.055545][ T4297] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[ 1328.162232][T18300] Invalid ELF header type: 0 != 1
[ 1328.236436][T18305] binder: 18298:18305 ioctl 4018620d 0 returned -22
[ 1328.257749][T18305] binder: 18298:18305 ioctl c0306201 0 returned -14
[ 1328.840009][T18289] [U] �
[ 1328.924184][ T4297] usb 2-1: Using ep0 maxpacket: 8
[ 1328.936060][ T4297] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[ 1328.973948][ T4297] usb 2-1: config 0 has no interface number 0
[ 1329.003961][ T4297] usb 2-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0x80, skipping
[ 1329.074066][ T4297] usb 2-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0xAB, skipping
[ 1329.128543][ T4297] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1329.160490][ T4297] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1329.182590][ T4297] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1329.201763][ T4297] usb 2-1: config 0 descriptor??
[ 1329.229278][T18312] netlink: 308 bytes leftover after parsing attributes in process `syz.0.3787'.
[ 1329.269640][ T4297] ldusb 2-1:0.55: Interrupt in endpoint not found
[ 1329.418095][ T4297] usb 2-1: USB disconnect, device number 18
[ 1332.939057][T18373] sp0: Synchronizing with TNC
[ 1332.981751][T18373] Invalid ELF header type: 0 != 1
[ 1333.290042][T18367] [U] �
[ 1333.965081][T18382] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3811'.
[ 1335.521575][T18412] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3818'.
[ 1336.598852][T18433] syz.2.3820[18433] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1336.598953][T18433] syz.2.3820[18433] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1338.659327][T18461] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3834'.
[ 1340.041680][T18482] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1343.465400][T18516] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3852'.
[ 1343.715542][T18528] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1345.233943][ T8976] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1345.545643][ T8976] usb 6-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[ 1345.563907][ T8976] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1345.586152][ T8976] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1345.603904][ T8976] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1345.612090][ T8976] usb 6-1: SerialNumber: syz
[ 1345.690580][T18564] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3866'.
[ 1346.779618][T18575] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1347.815471][ T8976] usb 6-1: skipping empty audio interface (v1)
[ 1347.889008][ T8976] snd-usb-audio: probe of 6-1:1.0 failed with error -22
[ 1347.934633][ T8976] usb 6-1: USB disconnect, device number 8
[ 1348.214777][T18065] udevd[18065]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1348.242442][T18597] netlink: 'syz.2.3875': attribute type 15 has an invalid length.
[ 1348.303891][T18603] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3879'.
[ 1348.863042][T18606] lo speed is unknown, defaulting to 1000
[ 1348.886210][T18606] lo speed is unknown, defaulting to 1000
[ 1348.897866][T18606] lo speed is unknown, defaulting to 1000
[ 1349.238643][T18606] infiniband s
z1: set active
[ 1349.243362][T18606] infiniband s
z1: added lo
[ 1349.306090][   T27] lo speed is unknown, defaulting to 1000
[ 1349.337050][T18606] RDS/IB: s
z1: added
[ 1349.341141][T18606] smc: adding ib device s
z1 with port count 1
[ 1349.347406][T18606] smc:    ib device s
z1 port 1 has pnetid 
[ 1349.426487][T18613] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1350.137539][T18606] lo speed is unknown, defaulting to 1000
[ 1350.192860][ T8976] lo speed is unknown, defaulting to 1000
[ 1350.276119][T18606] lo speed is unknown, defaulting to 1000
[ 1350.371477][T18606] lo speed is unknown, defaulting to 1000
[ 1350.450890][T18606] lo speed is unknown, defaulting to 1000
[ 1350.506545][T18606] lo speed is unknown, defaulting to 1000
[ 1350.564576][T18606] lo speed is unknown, defaulting to 1000
[ 1350.621631][T18606] lo speed is unknown, defaulting to 1000
[ 1350.705508][T18617] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1351.919188][T18622] Bluetooth: MGMT ver 1.22
[ 1353.271164][T12475] usb 3-1: new full-speed USB device number 21 using dummy_hcd
[ 1353.483851][T18649] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1354.424927][T12475] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1354.496806][T12475] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xBE, skipping
[ 1354.556804][T12475] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1354.639822][T12475] usb 3-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[ 1354.696336][T12475] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[ 1354.774022][T12475] usb 3-1: Product: syz
[ 1354.778221][T12475] usb 3-1: Manufacturer: syz
[ 1354.782842][T12475] usb 3-1: SerialNumber: syz
[ 1354.829361][T12475] usb 3-1: config 0 descriptor??
[ 1354.849470][T18638] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1354.972062][T12475] radio-si470x 3-1:0.0: could not find interrupt in endpoint
[ 1355.017550][T12475] radio-si470x: probe of 3-1:0.0 failed with error -5
[ 1355.045385][T12475] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1355.404447][ T4297] usb 3-1: USB disconnect, device number 21
[ 1356.906697][T18676] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1357.891058][T18690] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1358.067685][T18691] overlayfs: unrecognized mount option "hash" or missing value
[ 1358.630033][   T26] kauditd_printk_skb: 3 callbacks suppressed
[ 1358.630351][   T26] audit: type=1326 audit(1733909769.374:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18683 comm="syz.1.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633417ff19 code=0x7ffc0000
[ 1359.094752][   T26] audit: type=1326 audit(1733909769.374:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18683 comm="syz.1.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633417ff19 code=0x7ffc0000
[ 1359.199330][   T26] audit: type=1326 audit(1733909769.474:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18683 comm="syz.1.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f633417ff19 code=0x7ffc0000
[ 1359.313678][   T26] audit: type=1326 audit(1733909769.474:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18683 comm="syz.1.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633417ff19 code=0x7ffc0000
[ 1359.336036][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1359.353175][   T26] audit: type=1326 audit(1733909769.474:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18683 comm="syz.1.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633417ff19 code=0x7ffc0000
[ 1359.432617][   T26] audit: type=1326 audit(1733909769.564:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18683 comm="syz.1.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f633417ff19 code=0x7ffc0000
[ 1359.548056][   T26] audit: type=1326 audit(1733909769.564:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18683 comm="syz.1.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633417ff19 code=0x7ffc0000
[ 1359.570500][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1359.847935][   T26] audit: type=1326 audit(1733909769.564:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18683 comm="syz.1.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633417ff19 code=0x7ffc0000
[ 1359.870265][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1360.500392][   T26] audit: type=1326 audit(1733909769.574:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18683 comm="syz.1.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f633417ff19 code=0x7ffc0000
[ 1360.587876][   T26] audit: type=1326 audit(1733909769.574:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18683 comm="syz.1.3906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633417ff19 code=0x7ffc0000
[ 1360.738348][T18728] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1360.834110][T15203] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[ 1360.938757][T18738] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1361.620324][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[ 1361.724110][T15203] usb 6-1: Using ep0 maxpacket: 32
[ 1361.735502][T15203] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1361.758743][T15203] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1361.779567][T15203] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[ 1361.806364][T15203] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1361.977401][T15203] usb 6-1: config 0 descriptor??
[ 1362.404490][T15203] koneplus 0003:1E7D:2D51.0004: unknown main item tag 0x0
[ 1362.415960][T15203] koneplus 0003:1E7D:2D51.0004: unknown main item tag 0x0
[ 1362.429333][T15203] koneplus 0003:1E7D:2D51.0004: unknown main item tag 0x0
[ 1362.438034][T15203] koneplus 0003:1E7D:2D51.0004: unknown main item tag 0x0
[ 1362.445991][T15203] koneplus 0003:1E7D:2D51.0004: unknown main item tag 0x0
[ 1362.455576][T15203] koneplus 0003:1E7D:2D51.0004: unknown main item tag 0x0
[ 1362.468739][T15203] koneplus 0003:1E7D:2D51.0004: unknown main item tag 0x0
[ 1362.485791][T15203] koneplus 0003:1E7D:2D51.0004: hidraw0: USB HID v74.2b Device [HID 1e7d:2d51] on usb-dummy_hcd.5-1/input0
[ 1362.607204][   T27] usb 6-1: USB disconnect, device number 9
[ 1362.793766][T18769] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1364.093944][T18790] sp0: Synchronizing with TNC
[ 1364.100637][T18790] Invalid ELF header type: 0 != 1
[ 1364.209049][T18771] [U] �
[ 1364.300424][T18782] rdma_rxe: rxe_register_device failed with error -23
[ 1364.492103][T18782] rdma_rxe: failed to add lo
[ 1365.308135][T18794] Invalid option length (1048372) for dns_resolver key
[ 1366.732182][T18823] netlink: 'syz.5.3946': attribute type 10 has an invalid length.
[ 1370.684653][T18875] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1371.854168][T15203] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[ 1371.958798][T18892] sp0: Synchronizing with TNC
[ 1371.982608][T18892] Invalid ELF header type: 0 != 1
[ 1372.043961][T15203] usb 4-1: Using ep0 maxpacket: 8
[ 1372.050631][T15203] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1372.160008][T15203] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1372.329489][T18876] [U] �
[ 1372.350409][T15203] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1372.656880][T15203] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1372.724154][T15203] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1372.774666][T15203] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1372.993026][T15203] usb 4-1: GET_CAPABILITIES returned 0
[ 1372.998780][T15203] usbtmc 4-1:16.0: can't read capabilities
[ 1373.202611][   T27] usb 4-1: USB disconnect, device number 13
[ 1376.125799][T18939] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1376.137425][T18934] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1380.930271][T17573] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[ 1381.166054][T18992] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1381.229322][T17573] usb 6-1: Using ep0 maxpacket: 16
[ 1381.240404][T17573] usb 6-1: config 0 interface 0 altsetting 199 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1381.269837][T17573] usb 6-1: config 0 interface 0 altsetting 199 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1381.287124][T17573] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1381.293785][T17573] usb 6-1: New USB device found, idVendor=056a, idProduct=030e, bcdDevice= 0.00
[ 1381.324869][T17573] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1381.352383][T17573] usb 6-1: config 0 descriptor??
[ 1381.824580][T17573] wacom 0003:056A:030E.0005: unknown main item tag 0x0
[ 1381.988992][T17573] wacom 0003:056A:030E.0005: Unknown device_type for 'HID 056a:030e'. Assuming pen.
[ 1382.003645][T17573] wacom 0003:056A:030E.0005: hidraw0: USB HID v0.00 Device [HID 056a:030e] on usb-dummy_hcd.5-1/input0
[ 1382.032331][T17573] input: Wacom Intuos S Pen as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:056A:030E.0005/input/input12
[ 1382.144527][T17573] usb 6-1: USB disconnect, device number 10
[ 1382.314362][   T27] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[ 1382.432699][T19011] sp0: Synchronizing with TNC
[ 1382.686945][   T27] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[ 1382.727712][   T27] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1383.572520][T19011] Invalid ELF header type: 0 != 1
[ 1383.834429][   T27] usb 2-1: config 0 descriptor??
[ 1383.887095][   T27] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[ 1384.056917][T18990] [U] �
[ 1384.150729][   T27] gp8psk: usb in 128 operation failed.
[ 1384.377472][   T27] gp8psk: usb in 146 operation failed.
[ 1384.385923][   T27] gp8psk: failed to get FW version
[ 1384.396898][   T27] gp8psk: FPGA Version = 183
[ 1384.440442][T19033] bridge0: port 3(erspan0) entered blocking state
[ 1384.449989][T19033] bridge0: port 3(erspan0) entered disabled state
[ 1384.467162][T19033] device erspan0 entered promiscuous mode
[ 1384.482557][T19033] bridge0: port 3(erspan0) entered blocking state
[ 1384.489715][T19033] bridge0: port 3(erspan0) entered forwarding state
[ 1384.614807][   T27] gp8psk: usb in 138 operation failed.
[ 1384.624816][   T27] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1384.638067][   T27] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver)
[ 1384.654313][   T27] usb 2-1: media controller created
[ 1384.841220][   T27] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1384.910751][   T27] gp8psk_fe: Frontend attached
[ 1384.916529][   T27] usb 2-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[ 1384.933232][   T27] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[ 1385.193058][   T27] gp8psk: usb in 138 operation failed.
[ 1385.212832][   T27] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected.
[ 1385.232803][T19043] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1385.253109][   T27] gp8psk: found Genpix USB device pID = 203 (hex)
[ 1385.279714][   T27] usb 2-1: USB disconnect, device number 19
[ 1385.422403][   T27] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected.
[ 1387.076713][T19073] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1387.913761][   T26] kauditd_printk_skb: 4 callbacks suppressed
[ 1387.913775][   T26] audit: type=1804 audit(1733909799.024:128): pid=19085 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.4020" name="/newroot/260/bus/bus" dev="overlay" ino=1443 res=1 errno=0
[ 1389.659699][T19115] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1389.685196][T14730] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 1389.781610][T19118] tmpfs: Bad value for 'mpol'
[ 1390.737170][T14730] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1390.763918][T14730] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1390.871650][T14730] usb 4-1: config 0 descriptor??
[ 1390.882252][T14730] cp210x 4-1:0.0: cp210x converter detected
[ 1391.182055][T19133] nvme_fabrics: unknown parameter or missing value '�0�)fzH��$' in ctrl creation request
[ 1391.828057][T14730] cp210x 4-1:0.0: failed to get vendor val 0x0010 size 3: -32
[ 1391.844164][T19134] tty tty20: ldisc open failed (-12), clearing slot 19
[ 1391.919713][T14730] usb 4-1: cp210x converter now attached to ttyUSB0
[ 1392.046314][T14730] usb 4-1: USB disconnect, device number 14
[ 1392.089312][T14730] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1392.126843][T14730] cp210x 4-1:0.0: device disconnected
[ 1392.278938][T19144] erofs: (device nbd0): erofs_read_superblock: cannot find valid erofs superblock
[ 1392.360341][T19142] sp0: Synchronizing with TNC
[ 1392.446544][T19146] Invalid ELF header type: 0 != 1
[ 1392.616839][T19112] [U] �
[ 1392.712373][T19154] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1396.580574][T19205] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1397.829629][T19214] syz.5.4058 (19214) used greatest stack depth: 17496 bytes left
[ 1399.479945][T19243] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1399.553205][T19247] sp0: Synchronizing with TNC
[ 1399.565480][T19247] Invalid ELF header type: 0 != 1
[ 1400.120150][T19236] [U] �
[ 1400.384722][   T26] audit: type=1326 audit(1733909811.504:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19248 comm="syz.3.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f51b7ff19 code=0x7fc00000
[ 1400.493998][   T26] audit: type=1326 audit(1733909811.524:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19248 comm="syz.3.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f9f51b7ff19 code=0x7fc00000
[ 1400.659278][   T26] audit: type=1326 audit(1733909811.524:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19248 comm="syz.3.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f51b7ff19 code=0x7fc00000
[ 1401.428945][   T26] audit: type=1326 audit(1733909811.524:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19248 comm="syz.3.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f51b7ff19 code=0x7fc00000
[ 1402.072486][   T26] audit: type=1326 audit(1733909811.524:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19248 comm="syz.3.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f51b7ff19 code=0x7fc00000
[ 1402.385817][   T26] audit: type=1326 audit(1733909811.524:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19248 comm="syz.3.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f51b7ff19 code=0x7fc00000
[ 1402.502624][   T26] audit: type=1326 audit(1733909811.524:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19248 comm="syz.3.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f51b7ff19 code=0x7fc00000
[ 1402.641535][   T26] audit: type=1326 audit(1733909811.524:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19248 comm="syz.3.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f51b7ff19 code=0x7fc00000
[ 1402.663945][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1402.878794][   T26] audit: type=1326 audit(1733909811.524:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19248 comm="syz.3.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f51b7ff19 code=0x7fc00000
[ 1402.907140][   T26] audit: type=1326 audit(1733909811.524:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19248 comm="syz.3.4072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f51b7ff19 code=0x7fc00000
[ 1403.620844][T19298] sp0: Synchronizing with TNC
[ 1403.627636][T19298] Invalid ELF header type: 0 != 1
[ 1403.784000][T19287] [U] �
[ 1407.261592][T19338] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4099'.
[ 1409.920583][T19353] sp0: Synchronizing with TNC
[ 1409.931864][T19353] Invalid ELF header type: 0 != 1
[ 1410.083316][T19345] [U] �
[ 1414.159343][T19395] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4115'.
[ 1415.494921][T19412] sp0: Synchronizing with TNC
[ 1415.539792][T19412] Invalid ELF header type: 0 != 1
[ 1415.962627][T19413] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1416.570178][T19404] [U] �
[ 1417.532832][T10928] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1419.555423][ T4265] Bluetooth: hci4: command 0x1003 tx timeout
[ 1419.562127][ T4264] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1420.044221][T19452] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1420.829669][T19460] mmap: syz.1.4137 (19460) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 1421.609840][T19465] sp0: Synchronizing with TNC
[ 1421.621636][T19462] Invalid ELF header type: 0 != 1
[ 1421.764194][T19450] [U] �
[ 1423.031289][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.099049][T19485] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4143'.
[ 1423.122960][T19485] sp0: Synchronizing with TNC
[ 1423.501606][T19493] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1426.094541][T19508] sp0: Synchronizing with TNC
[ 1426.101184][T19508] Invalid ELF header type: 0 != 1
[ 1426.210221][T19503] [U] �
[ 1426.780089][T12759] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[ 1426.842002][T19531] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1428.234067][T12759] usb 6-1: Using ep0 maxpacket: 16
[ 1428.262593][T12759] usb 6-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=a7.38
[ 1428.274329][T12759] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1428.284394][T12759] usb 6-1: Product: syz
[ 1428.289203][T12759] usb 6-1: Manufacturer: syz
[ 1428.295422][T12759] usb 6-1: SerialNumber: syz
[ 1428.335810][T12759] usb 6-1: config 0 descriptor??
[ 1428.401146][T12759] usb 6-1: selecting invalid altsetting 1
[ 1428.500097][T12759] snd-usb-audio: probe of 6-1:0.0 failed with error -22
[ 1428.550057][T18065] udevd[18065]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1428.583423][T12759] usb 6-1: USB disconnect, device number 11
[ 1429.054055][T17573] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 1429.284120][T17573] usb 2-1: Using ep0 maxpacket: 32
[ 1429.297395][T17573] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[ 1429.572051][T17573] usb 2-1: config 0 has no interface number 0
[ 1429.582291][T17573] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1429.591738][T17573] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1429.600873][T17573] usb 2-1: Product: syz
[ 1429.615529][T17573] usb 2-1: Manufacturer: syz
[ 1429.620171][T17573] usb 2-1: SerialNumber: syz
[ 1429.647154][T17573] usb 2-1: config 0 descriptor??
[ 1429.673600][T17573] smsc95xx v2.0.0
[ 1430.058651][T19570] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1430.970142][T17573] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1431.011520][T17573] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1431.022542][T19572] sp0: Synchronizing with TNC
[ 1431.041256][T19572] Invalid ELF header type: 0 != 1
[ 1431.209213][T19543] [U] �
[ 1431.734337][T17573] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1431.912847][T17573] smsc95xx: probe of 2-1:0.67 failed with error -71
[ 1432.077322][T17573] usb 2-1: USB disconnect, device number 20
[ 1432.159964][T19588] netlink: 'syz.2.4176': attribute type 21 has an invalid length.
[ 1432.179310][T19588] netlink: 'syz.2.4176': attribute type 6 has an invalid length.
[ 1432.213967][T19588] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4176'.
[ 1432.463981][T12759] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[ 1432.749453][T12759] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1432.785050][T12759] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1432.865369][T12759] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1432.951416][T12759] usb 4-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00
[ 1432.990574][T12759] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1433.040442][T12759] usb 4-1: config 0 descriptor??
[ 1433.484044][T12759] hid-alps 0003:044E:120B.0006: bogus close delimiter
[ 1433.496288][T12759] hid-alps 0003:044E:120B.0006: item 0 1 2 10 parsing failed
[ 1433.529429][T12759] hid-alps 0003:044E:120B.0006: parse failed
[ 1433.563895][T12759] hid-alps: probe of 0003:044E:120B.0006 failed with error -22
[ 1433.686537][T12759] usb 4-1: USB disconnect, device number 15
[ 1433.770560][T19614] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[ 1434.260998][T19621] Bluetooth: MGMT ver 1.22
[ 1436.000254][T19631] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING
[ 1436.033879][  T129] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[ 1436.244263][  T129] usb 3-1: Using ep0 maxpacket: 16
[ 1436.296644][  T129] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1436.358335][  T129] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1437.140003][  T129] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1437.154158][  T129] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1437.164025][  T129] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1437.193882][  T129] usb 3-1: config 0 descriptor??
[ 1437.630065][  T129] microsoft 0003:045E:07DA.0007: unknown main item tag 0x2
[ 1437.643919][  T129] microsoft 0003:045E:07DA.0007: unknown main item tag 0x0
[ 1437.651210][  T129] microsoft 0003:045E:07DA.0007: nested delimiters
[ 1437.703830][  T129] microsoft 0003:045E:07DA.0007: item 0 1 2 10 parsing failed
[ 1437.711928][  T129] microsoft 0003:045E:07DA.0007: parse failed
[ 1437.743882][  T129] microsoft: probe of 0003:045E:07DA.0007 failed with error -22
[ 1437.833518][  T129] usb 3-1: USB disconnect, device number 22
[ 1438.111396][T19666] sp0: Synchronizing with TNC
[ 1438.158661][T19666] Invalid ELF header type: 0 != 1
[ 1438.302087][T19654] [U] �
[ 1439.606043][T19680] xt_CT: No such helper "pptp"
[ 1439.731268][T19689] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1440.521964][T19695] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1441.785933][T19711] Cannot find add_set index 3 as target
[ 1443.643961][ T8976] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[ 1443.863923][ T8976] usb 3-1: Using ep0 maxpacket: 32
[ 1443.893184][ T8976] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1444.121454][ T8976] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1445.493996][ T8976] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1445.714757][ T8976] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1446.076435][ T8976] usb 3-1: config 0 descriptor??
[ 1446.509145][T19733] device vlan0 entered promiscuous mode
[ 1446.599199][T19733] team0: Port device vlan0 added
[ 1446.842122][ T8976] usbhid 3-1:0.0: can't add hid device: -71
[ 1446.871467][ T8976] usbhid: probe of 3-1:0.0 failed with error -71
[ 1446.914254][ T8976] usb 3-1: USB disconnect, device number 23
[ 1447.230428][T19749] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1448.269238][T19759] overlayfs: unrecognized mount option "verity=require" or missing value
[ 1448.633796][T19760] ax25_connect(): syz.3.4228 uses autobind, please contact jreuter@yaina.de
[ 1448.710807][T19762] loop2: detected capacity change from 0 to 7
[ 1448.740740][T19762] Dev loop2: unable to read RDB block 7
[ 1448.761435][T19762]  loop2: unable to read partition table
[ 1448.794034][T19762] loop2: partition table beyond EOD, truncated
[ 1448.803701][T19762] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[ 1449.621688][T19769] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING
[ 1451.235864][T19785] sp0: Synchronizing with TNC
[ 1451.598560][T19796] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1452.540122][T19785] Invalid ELF header type: 0 != 1
[ 1452.879560][T19754] [U] �
[ 1453.206720][T19808] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1454.669186][T19821] lo speed is unknown, defaulting to 1000
[ 1456.047408][T19829] syz.3.4245[19829] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1456.047509][T19829] syz.3.4245[19829] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1458.936386][T19849] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1459.860934][T19869] lo speed is unknown, defaulting to 1000
[ 1460.130044][T19881] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1461.152057][T19888] sp0: Synchronizing with TNC
[ 1461.159007][T19888] Invalid ELF header type: 0 != 1
[ 1461.271435][T19862] [U] �
[ 1461.888127][T19731] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[ 1462.265588][T19731] usb 4-1: Using ep0 maxpacket: 8
[ 1463.179446][T19731] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[ 1463.215870][T19731] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1464.382316][T19731] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1464.393435][T19731] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1464.404605][T19731] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1464.418331][T19731] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1464.445864][T19731] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1466.823171][T19731] usb 4-1: can't set config #16, error -71
[ 1466.852356][T19731] usb 4-1: USB disconnect, device number 16
[ 1470.733712][T19955] UBIFS error (pid: 19955): cannot open "(null)", error -22
[ 1470.935700][T19953] netlink: 'syz.3.4289': attribute type 4 has an invalid length.
[ 1470.951132][T19953] netlink: 17 bytes leftover after parsing attributes in process `syz.3.4289'.
[ 1471.555247][T19973] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1471.655580][T19976] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1475.730642][T20010] overlayfs: failed to resolve './file0': -2
[ 1475.835281][T20018] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1475.885832][T20021] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1478.145404][T20054] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1479.634526][T20059] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1480.026434][T20069] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[ 1481.229830][T20081] page:ffffea00013a7c40 refcount:4 mapcount:1 mapping:ffff88807e2f1658 index:0x0 pfn:0x4e9f1
[ 1481.241470][T20081] memcg:ffff8880540c4000
[ 1481.245729][T20081] aops:shmem_aops ino:732
[ 1481.250083][T20081] flags: 0xfff60000080015(locked|uptodate|lru|swapbacked|node=0|zone=1|lastcpupid=0x7ff)
[ 1481.259922][T20081] raw: 00fff60000080015 ffffea0001fb21c8 ffffea000144ed88 ffff88807e2f1658
[ 1481.268511][T20081] raw: 0000000000000000 0000000000000000 0000000400000000 ffff8880540c4000
[ 1481.277094][T20081] page dumped because: VM_BUG_ON_FOLIO(folio_mapped(folio))
[ 1481.284392][T20081] page_owner tracks the page as allocated
[ 1481.291668][T20081] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 20085, tgid 20081 (syz.1.4333), ts 1480621192191, free_ts 1480531885491
[ 1481.309734][T20081]  post_alloc_hook+0x18d/0x1b0
[ 1481.314533][T20081]  get_page_from_freelist+0x3731/0x38d0
[ 1481.320071][T20081]  __alloc_pages+0x28d/0x770
[ 1481.324654][T20081]  __folio_alloc+0xf/0x30
[ 1481.328973][T20081]  vma_alloc_folio+0x486/0x990
[ 1481.333730][T20081]  shmem_alloc_and_acct_folio+0x5a8/0xd50
[ 1481.339449][T20081]  shmem_get_folio_gfp+0x13f0/0x3470
[ 1481.344737][T20081]  shmem_read_mapping_page_gfp+0x113/0x3a0
[ 1481.350532][T20081]  udmabuf_create+0x85e/0x1060
[ 1481.355283][T20081]  udmabuf_ioctl+0x300/0x4e0
[ 1481.359859][T20081]  __se_sys_ioctl+0xf1/0x160
[ 1481.364457][T20081]  do_syscall_64+0x3b/0xb0
[ 1481.368953][T20081]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1481.374841][T20081] page last free stack trace:
[ 1481.379518][T20081]  free_unref_page_prepare+0xf63/0x1120
[ 1481.385055][T20081]  free_unref_page_list+0x663/0x900
[ 1481.390240][T20081]  release_pages+0x2836/0x2b40
[ 1481.394995][T20081]  tlb_flush_mmu+0xfc/0x210
[ 1481.399484][T20081]  unmap_page_range+0x217c/0x2740
[ 1481.404511][T20081]  unmap_vmas+0x48b/0x640
[ 1481.408828][T20081]  exit_mmap+0x249/0x980
[ 1481.413053][T20081]  __mmput+0x115/0x3c0
[ 1481.417105][T20081]  exit_mm+0x226/0x300
[ 1481.421167][T20081]  do_exit+0x9f6/0x26a0
[ 1481.425314][T20081]  do_group_exit+0x202/0x2b0
[ 1481.429898][T20081]  get_signal+0x16f7/0x17d0
[ 1481.434399][T20081]  arch_do_signal_or_restart+0xb0/0x1a10
[ 1481.440020][T20081]  exit_to_user_mode_loop+0x6a/0x100
[ 1481.445288][T20081]  exit_to_user_mode_prepare+0xb1/0x140
[ 1481.450821][T20081]  syscall_exit_to_user_mode+0x60/0x270
[ 1481.456438][T20081] ------------[ cut here ]------------
[ 1481.461884][T20081] kernel BUG at mm/filemap.c:153!
[ 1481.466917][T20081] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 1481.472973][T20081] CPU: 1 PID: 20081 Comm: syz.1.4333 Not tainted 6.1.119-syzkaller #0
[ 1481.481108][T20081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1481.491156][T20081] RIP: 0010:filemap_unaccount_folio+0x5c2/0xa60
[ 1481.497398][T20081] Code: 07 38 c1 0f 8c 21 fe ff ff 48 89 ef e8 07 23 2b 00 e9 14 fe ff ff e8 0d 9a d3 ff 4c 89 ef 48 c7 c6 e0 fe 14 8b e8 5e 5b 13 00 <0f> 0b e8 f7 99 d3 ff 4c 89 ef 48 c7 c6 60 04 15 8b e8 48 5b 13 00
[ 1481.516998][T20081] RSP: 0018:ffffc9000eae7578 EFLAGS: 00010046
[ 1481.523054][T20081] RAX: da026cdd92278c00 RBX: ffff88807e2f1658 RCX: ffffc9000eae7303
[ 1481.531010][T20081] RDX: 0000000000000002 RSI: ffffffff8b0c1340 RDI: ffffffff8b5e6200
[ 1481.538966][T20081] RBP: ffffc9000eae7718 R08: dffffc0000000000 R09: fffffbfff1d35ef6
[ 1481.546923][T20081] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88807e2f1658
[ 1481.554880][T20081] R13: ffffea00013a7c40 R14: ffffea00013a7c40 R15: ffffea00013a7c40
[ 1481.562838][T20081] FS:  0000555585e28500(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[ 1481.571753][T20081] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1481.578318][T20081] CR2: 000000110c29aa81 CR3: 0000000046e19000 CR4: 00000000003506e0
[ 1481.586278][T20081] Call Trace:
[ 1481.589550][T20081]  <TASK>
[ 1481.592468][T20081]  ? __die_body+0x5e/0xa0
[ 1481.596791][T20081]  ? die+0x83/0xb0
[ 1481.600501][T20081]  ? do_trap+0x11e/0x350
[ 1481.604739][T20081]  ? filemap_unaccount_folio+0x5c2/0xa60
[ 1481.610359][T20081]  ? filemap_unaccount_folio+0x5c2/0xa60
[ 1481.615981][T20081]  ? do_error_trap+0x13d/0x1e0
[ 1481.620729][T20081]  ? filemap_unaccount_folio+0x5c2/0xa60
[ 1481.626355][T20081]  ? do_int3+0x30/0x30
[ 1481.630411][T20081]  ? report_bug+0x3c9/0x500
[ 1481.634912][T20081]  ? handle_invalid_op+0x2c/0x40
[ 1481.639834][T20081]  ? filemap_unaccount_folio+0x5c2/0xa60
[ 1481.645477][T20081]  ? exc_invalid_op+0x2f/0x40
[ 1481.650164][T20081]  ? asm_exc_invalid_op+0x16/0x20
[ 1481.655190][T20081]  ? filemap_unaccount_folio+0x5c2/0xa60
[ 1481.660821][T20081]  ? filemap_unaccount_folio+0x5c2/0xa60
[ 1481.666459][T20081]  __filemap_remove_folio+0xc7/0xaa0
[ 1481.671749][T20081]  ? __rwlock_init+0x140/0x140
[ 1481.676506][T20081]  ? __bpf_trace_file_check_and_advance_wb_err+0x30/0x30
[ 1481.683520][T20081]  ? _raw_spin_lock_irq+0xdb/0x110
[ 1481.688707][T20081]  ? _raw_spin_lock_irqsave+0x120/0x120
[ 1481.694245][T20081]  ? find_get_entries+0x710/0x710
[ 1481.699259][T20081]  filemap_remove_folio+0x105/0x2e0
[ 1481.704492][T20081]  truncate_inode_folio+0x59/0x70
[ 1481.709520][T20081]  shmem_undo_range+0x570/0x2390
[ 1481.714454][T20081]  ? shmem_truncate_range+0xb0/0xb0
[ 1481.719653][T20081]  shmem_evict_inode+0x265/0xa60
[ 1481.724583][T20081]  ? inode_wait_for_writeback+0x21f/0x280
[ 1481.730294][T20081]  ? shmem_free_in_core_inode+0xb0/0xb0
[ 1481.735831][T20081]  ? bit_waitqueue+0x30/0x30
[ 1481.740496][T20081]  ? do_raw_spin_unlock+0x137/0x8a0
[ 1481.745689][T20081]  ? shmem_free_in_core_inode+0xb0/0xb0
[ 1481.751218][T20081]  evict+0x529/0x930
[ 1481.755105][T20081]  ? proc_nr_inodes+0x310/0x310
[ 1481.759948][T20081]  ? _raw_spin_unlock+0x24/0x40
[ 1481.764788][T20081]  ? iput+0x73f/0x980
[ 1481.768759][T20081]  __dentry_kill+0x436/0x650
[ 1481.773369][T20081]  dentry_kill+0xbb/0x290
[ 1481.777707][T20081]  ? dput+0x37/0x1d0
[ 1481.781592][T20081]  dput+0xfb/0x1d0
[ 1481.785310][T20081]  __fput+0x62e/0x8d0
[ 1481.789290][T20081]  task_work_run+0x246/0x300
[ 1481.793874][T20081]  ? task_work_cancel+0x2e0/0x2e0
[ 1481.798894][T20081]  ? exit_to_user_mode_loop+0x39/0x100
[ 1481.804343][T20081]  exit_to_user_mode_loop+0xde/0x100
[ 1481.809621][T20081]  exit_to_user_mode_prepare+0xb1/0x140
[ 1481.815163][T20081]  syscall_exit_to_user_mode+0x60/0x270
[ 1481.820699][T20081]  do_syscall_64+0x47/0xb0
[ 1481.825106][T20081]  ? clear_bhb_loop+0x45/0xa0
[ 1481.829772][T20081]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1481.835842][T20081] RIP: 0033:0x7f633417ff19
[ 1481.840262][T20081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1481.859879][T20081] RSP: 002b:00007ffc67e63c08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1481.868301][T20081] RAX: 0000000000000000 RBX: 00007f6334347ba0 RCX: 00007f633417ff19
[ 1481.876266][T20081] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1481.884408][T20081] RBP: 00007f6334347ba0 R08: 00000000000001f4 R09: 00007ffc67e63eef
[ 1481.892381][T20081] R10: 00007f6334347ac0 R11: 0000000000000246 R12: 00000000001699b8
[ 1481.900348][T20081] R13: 00007f6334346160 R14: 0000000000000032 R15: ffffffffffffffff
[ 1481.908316][T20081]  </TASK>
[ 1481.911325][T20081] Modules linked in:
[ 1481.915223][T20081] ---[ end trace 0000000000000000 ]---
[ 1481.920673][T20081] RIP: 0010:filemap_unaccount_folio+0x5c2/0xa60
[ 1481.926917][T20081] Code: 07 38 c1 0f 8c 21 fe ff ff 48 89 ef e8 07 23 2b 00 e9 14 fe ff ff e8 0d 9a d3 ff 4c 89 ef 48 c7 c6 e0 fe 14 8b e8 5e 5b 13 00 <0f> 0b e8 f7 99 d3 ff 4c 89 ef 48 c7 c6 60 04 15 8b e8 48 5b 13 00
[ 1481.946510][T20081] RSP: 0018:ffffc9000eae7578 EFLAGS: 00010046
[ 1481.952561][T20081] RAX: da026cdd92278c00 RBX: ffff88807e2f1658 RCX: ffffc9000eae7303
[ 1481.960519][T20081] RDX: 0000000000000002 RSI: ffffffff8b0c1340 RDI: ffffffff8b5e6200
[ 1481.968477][T20081] RBP: ffffc9000eae7718 R08: dffffc0000000000 R09: fffffbfff1d35ef6
[ 1481.976433][T20081] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88807e2f1658
[ 1481.984390][T20081] R13: ffffea00013a7c40 R14: ffffea00013a7c40 R15: ffffea00013a7c40
[ 1481.992350][T20081] FS:  0000555585e28500(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[ 1482.001263][T20081] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1482.007842][T20081] CR2: 000000110c29aa81 CR3: 0000000046e19000 CR4: 00000000003506e0
[ 1482.015808][T20081] Kernel panic - not syncing: Fatal exception
[ 1482.022097][T20081] Kernel Offset: disabled
[ 1482.026403][T20081] Rebooting in 86400 seconds..