last executing test programs:

30m15.892332531s ago: executing program 32 (id=50):
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
r0 = syz_open_dev$vim2m(&(0x7f0000000380), 0x7f, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0x0, 0x0, 0x59455247, 0x0, 0x0, [{}, {}, {}, {0x0, 0xffffffc0}, {}, {}, {}, {0x1}]}})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4044090)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000340)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x869db000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='\x00', 0x89901)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, 0x0, 0x0)
fanotify_init(0xc, 0x80000)
ioctl$SOUND_OLD_MIXER_INFO(0xffffffffffffffff, 0x80304d65, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x1c, &(0x7f0000000280)=[@in6={0xa, 0x4e20, 0x29f, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xffffffff}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r6=>0x0]}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000080)={r6, @in={{0x2, 0x4e21, @empty}}, 0x5, 0x2, 0x80000003, 0x4, 0xe2d8f2eb1d010935, 0x5, 0x9}, 0x9c)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f00000001c0)={r6, @in={{0x2, 0x4e20, @empty}}, 0xd5, 0x6, 0x17f, 0x4, 0x11, 0x1, 0x8}, &(0x7f0000000040)=0x9c)

30m15.687759666s ago: executing program 33 (id=51):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$UI_ABS_SETUP(r0, 0x401c5504, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000800)={'syz1\x00', {0x0, 0x10, 0x2}, 0xffffffff, [0x0, 0x0, 0x0, 0x40000, 0x1, 0x2, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffe, 0x0, 0xffffffff, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x296, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x6, 0x5f1, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x7, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0xfffffffe, 0x400, 0x0, 0x200, 0x0, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0xfffffffd, 0x0, 0x8, 0x0, 0x0, 0x7, 0x0, 0x4, 0x0, 0xffff], [0x8001, 0xfc, 0x0, 0xffffffff, 0x80, 0x0, 0x0, 0x12f, 0x0, 0x1, 0x4, 0x0, 0x0, 0x4, 0x9, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0xfffffffd, 0xffffffff, 0x0, 0x0, 0x9fa, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x6, 0x0, 0x0, 0xbda6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52c, 0x0, 0x5, 0x0, 0xfff, 0x3, 0x0, 0xfffffffe, 0x0, 0xe727, 0x8], [0x40000000, 0x0, 0x74e2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000002, 0x40, 0x0, 0x0, 0xbd, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x80000000, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x40, 0xcaa, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xf, 0x4]}, 0x45c)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='afs_file_error\x00', r1, 0x0, 0x4}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$UI_DEV_CREATE(r0, 0x5501)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(sm4)\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_KEY(r5, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)

29m44.401995553s ago: executing program 34 (id=117):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000000314230c2abd7000ff05df250900020073797a310000000008004100727865001400330073797a5f74756e"], 0x38}, 0x1, 0x0, 0x0, 0x48845}, 0x4000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000100)={<r2=>0xffffffffffffffff}, 0x13f, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r1, &(0x7f0000000180)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e25, 0x10001, @local, 0xb}, r2}}, 0x30)
write$RDMA_USER_CM_CMD_QUERY_ROUTE(r1, &(0x7f0000000040)={0x5, 0x10, 0xfa00, {&(0x7f00000004c0), r2, 0x2}}, 0x18)

27m2.909417564s ago: executing program 35 (id=241):
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x29a8c2, 0x0)
syz_usb_connect(0x2, 0x41, &(0x7f0000000400)={{0x12, 0x1, 0x250, 0x4, 0xcc, 0x3, 0x8, 0x9fb, 0x602e, 0xa99d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2f, 0x1, 0x5, 0xc0, 0x0, 0x8, [{{0x9, 0x4, 0x2, 0x5, 0x0, 0x81, 0xc7, 0x28, 0xd1, [@cdc_ncm={{0x5}, {0x5, 0x24, 0x0, 0x8}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x6, 0xb, 0x76}, {0x6, 0x24, 0x1a, 0x6, 0x11}}]}}]}}]}}, &(0x7f0000000c00)={0x0, 0x0, 0x1, 0x0, 0x1, [{0x0, 0x0}]})
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="3800000020000100ecc2000000000000020020000000000100000000140003006c6f00000000000000000000000000000800"], 0x38}, 0x1, 0x0, 0x0, 0x40008c4}, 0x8000)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0xfffffffc, 0x0, 'queue1\x00', 0x200000})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xbf5ce000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000018c0)=ANY=[@ANYBLOB="0a000000d2cf00003d36000002"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0x3, r5}, 0x38)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000380)={r5, &(0x7f0000001940), &(0x7f00000002c0)=""/187}, 0x20)

20m18.296476898s ago: executing program 36 (id=1364):
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = epoll_create1(0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r2, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0x142)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000000040)=0x1b32, 0x4)
sendto$inet(r2, &(0x7f0000000540)="fc", 0x1, 0x4040, 0x0, 0x0)
recvmmsg(r2, &(0x7f0000000140)=[{{0x0, 0x0, 0x0}, 0xde6c}], 0x1, 0x40012002, 0x0)
gettid()
syz_open_dev$sndpcmc(&(0x7f0000000040), 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000500)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x73)
r3 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
write(r3, 0x0, 0x0)
setsockopt$sock_int(r3, 0x1, 0x27, 0x0, 0x0)
clock_nanosleep(0x0, 0x0, &(0x7f0000000040), 0x0)
fcntl$addseals(r1, 0x409, 0x18)

16m1.632871799s ago: executing program 37 (id=2562):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
writev(r0, &(0x7f0000000300)=[{&(0x7f0000000000)="89e7ee2c7cdad9b4347380c988ca", 0xe}, {&(0x7f0000000540)="e54d0355749ad714170b1086bba9e5ace9", 0x11}], 0x2)

16m0.104727739s ago: executing program 38 (id=2570):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800002, 0xe)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x30, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x4}]}, 0x30}}, 0x0)

16m0.018268811s ago: executing program 39 (id=2568):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32=r2, @ANYBLOB="0000000a010000001800120008000100736974000c0002000800030036"], 0x38}}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000500)=@ipv6_newaddr={0x2c, 0x14, 0x9535393fea6295b5, 0x0, 0x20000, {0xa, 0x40, 0x0, 0x0, r4}, [@IFA_LOCAL={0x14, 0x2, @ipv4}]}, 0x2c}}, 0x0)

15m8.216771673s ago: executing program 40 (id=2691):
syz_clone(0x4000c100, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280), 0x0, 0xfffffffffffffffe)

13m46.270824474s ago: executing program 41 (id=2950):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_pid(r0, &(0x7f0000000180), 0x12)
r2 = openat$cgroup_procs(r1, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000380), 0x12)

13m21.947639046s ago: executing program 42 (id=3044):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
fstat(r0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setreuid(0x0, r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000280)={<r4=>0x0, <r5=>0x0}, &(0x7f00000013c0)=0xc)
sendmmsg$unix(r3, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001480)=[@cred={{0x1c, 0x1, 0x2, {r4, r5}}}], 0x20, 0x40044}}], 0x1, 0x4)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$sock_int(r2, 0x1, 0x10, &(0x7f00000002c0)=0x8001, 0x4)
write$binfmt_elf64(r3, &(0x7f0000000500)=ANY=[], 0x78)
splice(r2, 0x0, r6, 0x0, 0x39000, 0x0)

12m0.605999889s ago: executing program 43 (id=3549):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000004c0)={0x44, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x44}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000740)={0x40, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x8}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)

11m55.058138849s ago: executing program 3 (id=3619):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000cc0)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000f80)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0x40, 0x13, 0x6, @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000080)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x40, 0x19, 0x2, 'uP'}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000800)={0x44, &(0x7f0000000600)={0x40, 0x9, 0x2, "cdc0"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000a80)=ANY=[@ANYBLOB="00150100000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

11m52.276162698s ago: executing program 0 (id=3626):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0x13)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x80)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000240))

11m52.179091707s ago: executing program 0 (id=3627):
r0 = userfaultfd(0x80001)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, 0x0)
syz_open_dev$sg(&(0x7f0000002080), 0xfffffffffffffff7, 0x230400)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
syz_open_dev$vcsu(&(0x7f0000002140), 0x32, 0x2)
read$FUSE(r1, &(0x7f0000000040)={0x2020}, 0x2020)

11m52.112172747s ago: executing program 0 (id=3628):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e23, 0xdb, @empty}}, 0xffb, 0x203, 0xffff18b6, 0x6, 0x330, 0x7fffffff, 0xdb}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x85, &(0x7f0000000080)={0x0, @in6={{0xa, 0x4e24, 0x7f, @loopback, 0x8}}, 0x4, 0x6940}, 0x90)

11m51.96464605s ago: executing program 0 (id=3629):
prlimit64(0x0, 0xe, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_READY(r1, 0x9360, 0x800000000000001)

11m51.402753581s ago: executing program 0 (id=3632):
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100002aafee08f00a51678b75000001010902240001000000000904000002ff"], 0x0)

11m50.376455378s ago: executing program 0 (id=3634):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000300)=[@increfs], 0x0, 0x0, 0x0})

11m50.059928242s ago: executing program 44 (id=3634):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000300)=[@increfs], 0x0, 0x0, 0x0})

11m50.014318656s ago: executing program 3 (id=3636):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0x13)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x80)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000240))

11m49.852809999s ago: executing program 3 (id=3637):
r0 = userfaultfd(0x80001)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
syz_open_dev$sg(0x0, 0xfffffffffffffff7, 0x230400)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
syz_open_dev$vcsu(&(0x7f0000002140), 0x32, 0x2)
read$FUSE(r1, &(0x7f0000000040)={0x2020}, 0x2020)

11m48.828546014s ago: executing program 3 (id=3641):
sched_setscheduler(0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_READY(r1, 0x9360, 0x800000000000001)

11m48.672897659s ago: executing program 3 (id=3642):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0x13)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x80)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000200)={0xfff, 0x200400, 0xfbfffffd, 0x80000001, 0x91, "000f09000000839509000000680100008000", 0xa3fff9, 0x1fc})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000240))

11m45.924529458s ago: executing program 3 (id=3645):
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0x13)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000200)={0xfff, 0x200400, 0xfbfffffd, 0x80000001, 0x91, "000f09000000839509000000680100008000", 0xa3fff9, 0x1fc})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000240))

11m45.593704861s ago: executing program 45 (id=3645):
syz_open_dev$tty20(0xc, 0x4, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0x13)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000200)={0xfff, 0x200400, 0xfbfffffd, 0x80000001, 0x91, "000f09000000839509000000680100008000", 0xa3fff9, 0x1fc})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000240))

11m45.584628062s ago: executing program 7 (id=3647):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x400}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000000)

11m45.354103087s ago: executing program 7 (id=3648):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet6(r0, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e3d, 0x100, @private1, 0xffffffff}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="300000000000000001000000"], 0x30}, 0x4000010)

11m45.078559963s ago: executing program 7 (id=3649):
r0 = userfaultfd(0x80001)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
syz_open_dev$sg(0x0, 0xfffffffffffffff7, 0x230400)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
syz_open_dev$vcsu(&(0x7f0000002140), 0x32, 0x2)
read$FUSE(r1, &(0x7f0000000040)={0x2020}, 0x2020)

11m44.092663951s ago: executing program 7 (id=3650):
sched_setscheduler(0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_READY(r1, 0x9360, 0x800000000000001)

11m43.982311334s ago: executing program 7 (id=3651):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000107d1eb42d00000000000109022400010000002209040000010300020009210000000122040009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, &(0x7f0000000180)=ANY=[@ANYBLOB="0021ac"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)

11m37.606408419s ago: executing program 7 (id=3655):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00'})
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x0)

11m37.286583623s ago: executing program 46 (id=3655):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00'})
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x0)

7m24.036108597s ago: executing program 5 (id=3842):
fchdir(0xffffffffffffffff)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000100)={[{0x5, 0xc000, 0x4, 0x5, 0x0, 0x8, 0x3, 0xa, 0xb9, 0x1, 0xe, 0x5, 0x204}, {0x804, 0x1, 0x1, 0x45, 0x7, 0x2, 0x2, 0xff, 0x0, 0x4, 0x6, 0x7f, 0x20c}, {0x1, 0x3, 0x38, 0x3, 0x84, 0x7, 0x3, 0x50, 0x0, 0x70, 0x4, 0x5, 0x24ab}], 0xffffffff})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x40004, &(0x7f0000000240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x7000000}, {0x85, 0x0, 0x0, 0xc9}}}, &(0x7f0000000200)='syzkaller\x00', 0xb, 0x0, 0x0, 0x40f00, 0x28, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)

7m20.800602717s ago: executing program 5 (id=3847):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0x5b06, 0x0)

7m17.466756405s ago: executing program 5 (id=3856):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x40}, 0x1, 0x0, 0x0, 0x34041043}, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040), 0x13f, 0x4}}, 0x20)
r0 = syz_io_uring_setup(0x81f, &(0x7f0000000100)={0x0, 0x0, 0x3010, 0xffffffff, 0x34f}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000540)=<r2=>0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x30, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_NOP={0x0, 0x20})
io_uring_enter(r0, 0x47bc, 0x0, 0x21, 0x0, 0x0)

7m16.69391137s ago: executing program 5 (id=3857):
fchdir(0xffffffffffffffff)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000100)={[{0x5, 0xc000, 0x4, 0x5, 0x0, 0x8, 0x3, 0xa, 0xb9, 0x1, 0xe, 0x5, 0x204}, {0x804, 0x1, 0x1, 0x45, 0x7, 0x2, 0x2, 0xff, 0x0, 0x4, 0x6, 0x7f, 0x20c}, {0x1, 0x3, 0x38, 0x3, 0x84, 0x7, 0x3, 0x50, 0x0, 0x70, 0x4, 0x5, 0x24ab}], 0xffffffff})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x40004, &(0x7f0000000240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x7000000}, {0x85, 0x0, 0x0, 0xc9}}}, &(0x7f0000000200)='syzkaller\x00', 0xb, 0x0, 0x0, 0x40f00, 0x28, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)

7m14.047114955s ago: executing program 5 (id=3868):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_open_procfs$userns(0x0, &(0x7f0000000280))
setns(r0, 0x20000000)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000300)='./bus\x00', &(0x7f00000004c0), 0x2021084, &(0x7f0000000300)=ANY=[])
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000527000/0x1000)=nil)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x800, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x200088d5)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x2004000, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f00000001c0)='./file0\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x458002, 0x55)

7m11.296196204s ago: executing program 5 (id=3869):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$RTC_AIE_ON(r3, 0x7001)
ioctl$RTC_SET_TIME(r3, 0x4024700a, &(0x7f00000000c0)={0x32, 0x33, 0x16, 0xa, 0x4, 0x100, 0x0, 0x44, 0xffffffffffffffff})
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r5, 0x5421, &(0x7f0000000080)=0xfffffffffbfffffe)
connect$vsock_stream(r4, &(0x7f0000000000)={0x28, 0x0, 0x0, @host}, 0x10)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/12], 0x48)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r8 = dup(r7)
write$UHID_INPUT(r8, &(0x7f0000002080)={0x200f, {"1ae30a30ed0d09f91b5e070987f70e06d038e7ff7fc6e5539b0d3e0e8b089b3f363063030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c526db51b1b5b31070d0773090acd3b78130daa61d8e8040001000000b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19300305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f6709000000a141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a027d5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf050000008000000000f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b3f3f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7af1d0e54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c01008e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2f5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d21488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e1a63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e09d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a603336c00000077cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046ca5b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe6531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e6586df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59555e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0d8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb601203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f900000930dedf800", 0x1000}}, 0x1006)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000007c0)=ANY=[@ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000030000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

6m55.870341316s ago: executing program 47 (id=3869):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$RTC_AIE_ON(r3, 0x7001)
ioctl$RTC_SET_TIME(r3, 0x4024700a, &(0x7f00000000c0)={0x32, 0x33, 0x16, 0xa, 0x4, 0x100, 0x0, 0x44, 0xffffffffffffffff})
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r5, 0x5421, &(0x7f0000000080)=0xfffffffffbfffffe)
connect$vsock_stream(r4, &(0x7f0000000000)={0x28, 0x0, 0x0, @host}, 0x10)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/12], 0x48)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r8 = dup(r7)
write$UHID_INPUT(r8, &(0x7f0000002080)={0x200f, {"1ae30a30ed0d09f91b5e070987f70e06d038e7ff7fc6e5539b0d3e0e8b089b3f363063030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c526db51b1b5b31070d0773090acd3b78130daa61d8e8040001000000b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19300305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f6709000000a141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a027d5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf050000008000000000f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b3f3f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7af1d0e54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c01008e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2f5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d21488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e1a63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e09d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a603336c00000077cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046ca5b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe6531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e6586df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59555e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0d8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb601203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f900000930dedf800", 0x1000}}, 0x1006)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000007c0)=ANY=[@ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000030000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

2m13.156630357s ago: executing program 1 (id=4338):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x6ea, 0x7, 0x0, 0x5, 0x1, 0x4, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$kcm(0x10, 0x2, 0x4)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @rand_addr=0x64010101}, 0x10)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8004}, 0x0)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1b, 0x0, &(0x7f0000000240))
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000900)=ANY=[@ANYRES16=r0, @ANYBLOB="6542bfec82d5e6f8fcb1763bfc0423cdf25225dd9e55136eeadd477073845bd38c052ba7c16e5b17673c087c2c8677872c52e7fe5128898dbdc3a94583607ab8605c2f79d0dfc5548004a83e7c374d8d0181a72d38829a75803c5b08cec2e9cc35685d69197e764b619e00624c4799069d9d54d9a29c409a86fbc74de6989b7004b6089890e0a9ace3132cf5acb34d2fc295daa89211b561be4896ef51061c82e4789303dcd20d04988e6bbd33d47075a8eae2dc567ec64720966f873e4c8887f65462aaead7729e2ff20947dde42a8abfdb2670a21a52f07e660d5e4ece5eabcabc05d9dff886302c98efc6d955443e77a6e0ae351e1aeaeaef59c9caadb94fcc6c5efb98c37640232132ff3bdc709fae2789c139f7980a47ee56e4c00d11f9195c6df5ed75ad447661d373db9b2b466d76449f97fcba4c8bf0a8ccae4fd5d796a50e1d400dcec764002c0fc2c78e1316400bbb75c7d5025e4d45de515008d8183de632dd2fb8ba117da1c81eba35e437843fb33b143eb21abbe4b51625274a96519797aad7871a65a5770340c4492f27bfa0dce68382b41effdf2616dc05132edb25657729b7c9cb6b62f490ee9f9c79bc0e85cc1e110d2082f1cc7c2d6f5e18153f26f32642792bef45645ad2b98796bda2d4f4d5f2f80421af1652a5adaa4b262a1ddeead6a941ad8398185c081f37b0e9658b25cabc7c62498b74184c6fc74516b5b586bcaad1623827c247f3e6b619badaae4e8ec793e6ce9d2b9e40183f717197801f02bb7f23694c45e719fd5617e062b6b1ffdb63486fe7658917ba95b59eb70dff32c41ec74ebb4b93f2fcbe9f9d1fae066c199b13a2fecba967f356d62c8d915bc0d1b3d58942e2751efa2a3d1a8487f09da29859ed154c7a8ec2ea632c0022962ca6ee2238103c8ead549c7e4fe8bf336545de0feafa63bb7da98b573970bbabd803b9c73e5b5d646a0795d5095ee7129e3805277431b67abad405d6262704426a72ac20e43d1316340cfc6deee2c234c0c974f33d2cfdf543be3e9f5633b49e81d60c31175cc9a0d5704026cfbd2f944c95f2d89dd49f35deed98cab4c5389829624be81f7d5fe58df559aa216c347ccddd4040ea77734bcee93a18c3a5b120ecbdba9d2dab825528fff365e214b2d31081218d82b71ba493e3b95cf1c05a3ce12b74530f493daac78e607663d4d627e91db47790186804e2bf691d9a36e225468f3bcd12dddb3b48151ae09766852a6508bf09b94a4ff46e3857983308f9353513046ccdc9b078c0fb382e03c4fddce3b79696efe660116543f9ab9b90f58efbc9450a1facc1f1ce93ea9713ae3890ae3751ffa58fac653c82457b08e68da0cdb0b6a7ef93ecec5ff259458a613b42f5842e91d6fb633b60cb5d930498ba4a4f266eecf67ef147256b7ede7b3db73753a0d6eb572d38cfb4034b658b47e6e75d170054cc2ec23ed157a9a64f80e449a64ae53cb49baace44a60a99d0159376f6f9cd86a544492dd264a7ddecb87aa419f1df69b380512f0074251e83c0fe887c522fa5269a1324c3ca94a2c17de524f95e8ebdde84618a198fd3772c195a92d1ba7fed9f535f5ceb99d823f7498570edda76096b3d7c1b5388878c77188687e5e52c2856ff3269f1c55038fae9b9f911985c73543252c73356b0d7e610c330a1027fe4513a79520e23e397ca499662a896dce808ea5529e5256a1724a40af861610cda418804ca6067bf5f0090d72b436609a3bc3c0d7aae4a568546acf868e8e3a666a11289118ffd49ad7cc4cb1f8f2d3658e75a3a6ef1b1c2b74e37e8903a0c671447b592a2d749d955c37359851f633f748683a87d13d62ecfce54c34ebc536ac97ac8b2dfdb4014f87b924a533f6bec0ab3a33a8deb1004fd11a156fb7a2523f6c57c2126a0409bf5dbb2544a1e6f2acc7ac6d0f2115b954868f9160f874447ad3a3e69ef7f7339f5e46096286f12fb6a65139e2d4525b29cc9a869722ea777a4b5ed93a41b47ed69a02aeb96090773aee072a3c54caa2141f855259a2485ec6cbd92dc1a5694cc14acbc37ac4d56790ffdba3f5c1177417ecead6edcf1e364efc5e4259e3fff05017eaacf7001216bc625907c7302b800f367f9c50c3f47d2d66d6db5cd75e77859494389db1f7f7a954c0124ee5489a8e43d7252c7e8d5375504a94c0902db48d66686c796c78b0b0da3f31ace241cc4e13b51132635d50a2e08726f07706c1cb8310a96b8d2ebe441c5de0312aa38d4189035dc997aad57e389a4ea5ff869ee803ac8d8aa9c51117a24fe4cd52aeca5263cc199b2621ec4f7fa3c05a24abb02e5c94c43bd596c81fc49e50cad96890c090b77d68c213c98a1aeaf407092ed039f55434d83640d112a25061d93194165712a9fb368e938ac9a49f3966690e14de2bfde7a1ef9b242cbf01e1cf6a92a0cf82e064f0967cd4419635d172af6ea9b38c7531d5cb768edd02d41007926c68c7d190431b4552d4ac2c557f96e3852f0fadc20f2d7a59bbb2709c035e92326be5f6a0c742bdd9e64ccd0c65433123820732ed3d4fa5dc5bd403f5ad2312e6cf36d7b707f29f8d4654c96a8be7b36e47cc572127c578c3f79c76b15ec1d51c6f2626429727f9c795186544eef9310f3e650dd5c556cc6b0063e3dc312db10bb203db7235912b604655930b6a1231e0341699a9546b915a1934a7aa3ba1879788ad0398c9bff10c436fcc4fbc4e7edaa81889b55cb15f70e474b45e83c2b8197ea1440ac3fc8a88704d7a7462cbed3b43641237fead1d71305266019e5a8c22529b5dcd5ee026340607d095a0e9b69e220f058c42fbf1b6337a92c018b5d50a88764e131c54c032e0da2bec0e61bc0142f2da7059b3bbcc9dc2a35691d46185a94e95002bb175c910878b9e5da8b7df03a6a1ba1b9c28257ae62870f2366aa53b6ee209db0c6dec2b4832465f81131336e71174ae1804a649b8bdd121bc03336d7e3bf381fbc9e5f16e63420e36204ca203ca6ee0492ff160f9e87783c441cb9d823c32f233e41fd060be789cc14b7589187c47fba219dc211084c4b85c53fe3e57dbbaebb7c8f20d09bbde9ab2b859530bcdbd0446debf506fbdac70e6e20c2c312be78ee45c34ff1d1ef2f483494701825dd1856db19ba0229d6f31c56ab79db7203bd314def9b0a006365bc2f63c40bf2021f93486fe43ca9621607a42576eb2b672e5050fbb404e6586c721e4a5447dca82eb42959155932a8dc53ff5d26855acc5a6d84736863251dcbcfae28663d53c8cb21b4ca9f5cf897d6dc84b689e869716bab2090c67011bf9e3a1951458b7d413ef9672fcb92e1c524de1fd8bdb0877649ff36ae952761e3d78154132431b404b10fc4585a861fa66a0a0788c32a8a491a19e23163e3df64dcab4e7d3c2c06f7982a8103ff3d4565babafb80abc50cf844a8b3f6030fa7b10bc6bbaabca85790370548bb08e73cb1a907fdf178f795e54d4fe1e73c7b5a4aca5a1e620613a06e14e4b4f6c98d2e95010b58f0b5aecf49372a0ce07e1332df77173a5aece37508497647ee83e684a31e7e35a7ee95447f9d1fa40da5e001a526fef54ea6ff87803244485e43ff49ce9597f4b535698788e8f75db05eed0079d59a27b49467a9d9b72c4498788fc33f037492d4511b1929b6cd85f52a1c6652a5714566d67a402da12ac683c8709c134bfb8bc2d8aa6cae078afd963c6d50a2ac409e3308ea578c1284bb008abf5cca011e9aaea70d82b7c0c96c5560d2400581f587f7c32e462c02dd9b39dfc56aee874256a1332b4da3a75f0843b88262ab5eccec2eee1cdd57d9c5f317918eecbacccbfaf2819f6790aff4a3a7d1ef1b5d940b0cc812b59d83eae04ef8f6da03d3860f77d73a2ad6d0925226b2fcd575b86216c3b1813c724f0458c7cef187607d653d571e406a9e23c4c60667bf1fa36e4e4904cad8aa7014c40b0a9913a1bbc9b3951eb812b9bdff6f7808975015ef7917ca2c64ce5b479fdec41017b287c3f4952b45a18f076a660a041be0a278f229fb33d856df441e39bcfe3c6932d47f7c5a4a96bc5201e16f7ef1267a88aec908866945df09b5539b6331e412ef6f152cf5ac9dc4b862b7b2f997f72463afdd289aaf4600ecfbd54dd875940bb2586a16e105ac11e02ca0b1d7236d62a9f1850929a1949c2db16d8c9c0f8fd3d69a4887897ea4a9de769326561073883ff271c33c21df1e2336a4199f734cfd2ef09585679b94cff29cfeb89dcc11b2dbd53ee07fd58cb30440216ffa135625f0423b30735d976e768e35b7f7b74ecbdd99386b4321e713c798fad6280c820e4e"], 0x30}}, 0x40)
set_mempolicy(0x2, &(0x7f0000000080)=0x51e1, 0x3ff)
write$FUSE_NOTIFY_INVAL_INODE(0xffffffffffffffff, &(0x7f00000000c0)={0x28, 0x2, 0x0, {0x1, 0x5, 0x9}}, 0x28)
recvmmsg(0xffffffffffffffff, &(0x7f00000034c0), 0x0, 0x10720, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r2, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
socket$inet6(0xa, 0x3, 0x7)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="80400100000001000c002b8008456e00", @ANYRES32, @ANYBLOB="08001b0000000000"], 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

2m12.370217199s ago: executing program 1 (id=4340):
socket$nl_generic(0x10, 0x3, 0x10)
epoll_create1(0x0)
epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x90)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f0000000600)={0x11, 0xfffffffffffffffc, 0x0, 0x1, 0xfffffffffffffffe, 0x0, 0x7, 0x8}, 0x0, &(0x7f0000000680)={0x7fc, 0x81, 0x800000, 0x3, 0x7, 0xc3ad, 0x4}, 0x0, 0x0)

2m11.986373021s ago: executing program 1 (id=4343):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, 0x0})
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000140)={&(0x7f0000dec000/0x4000)=nil, 0x4000})

2m11.089485496s ago: executing program 1 (id=4344):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x200a})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000400)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f00000004c0)={@flat=@weak_binder={0x77622a85, 0xb, 0x3}, @fd={0x66642a85, 0x0, r1}, @flat=@binder={0x73622a85, 0x0, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000880)="4a8e464b3d4657499ea54e5c7d563ff8776074ae642a55558dbfd1df9462b1259816b613ea02f9c5a2a4cc3bf701b7f4fa887e4ce6d2045a432a7b060f115097ae0e0e07f3f3704a688c03fccef3e273"})

2m10.757097074s ago: executing program 1 (id=4346):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
bpf$PROG_LOAD(0x4, &(0x7f00000003c0)={0x3, 0x0, 0x0, &(0x7f0000000780)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x21, 0x2, 0xa)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r2, &(0x7f00000005c0)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x0, 0x5}}, 0x10, &(0x7f0000000480), 0x0, 0x0, 0x0, 0x800}, 0x4000840)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000600)={{{@in6=@remote, @in6=@remote, 0x4e21, 0x0, 0x4e21, 0x0, 0xa, 0xa0, 0x0, 0x33}, {0x5, 0x7, 0x100000000, 0x4, 0x1, 0x22, 0xffff, 0x5}, {0x6fcb9f2b, 0x5, 0x0, 0x2}, 0x25c, 0x6e6bbe, 0x0, 0x0, 0x3, 0x2}, {{@in=@remote, 0x4d6, 0x2b}, 0xa, @in=@empty, 0x3507, 0x4, 0x0, 0x7, 0x7ff, 0xffffff7f, 0x8000}}, 0xe4)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x100000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2m6.134162457s ago: executing program 1 (id=4349):
r0 = socket(0xa, 0x5, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_buf(r2, 0x6, 0x23, &(0x7f00000000c0)=""/32, &(0x7f0000000080)=0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = memfd_create(&(0x7f0000000380)='/dev/loop#\x00', 0x5)
fallocate(r5, 0x3, 0x0, 0x200000)
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmsg$can_j1939(0xffffffffffffffff, &(0x7f0000001540)={&(0x7f00000000c0)=@hci, 0x80, &(0x7f0000000280)=[{0x0}], 0x1, &(0x7f00000014c0)=""/115, 0x73}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001580)=ANY=[@ANYBLOB="600000000206030000000000b8791fa80000000014000780080012400000000005001500010000000500010006000000050005000200000005000400000000000900020073797a310000000012000300686173683a6e65742c706f727400000083afd5a770f1c0a9f196e22be8d4680c8a8736f42f9fe88213a864ea569a36778c24816f7e5bb61ef7870ef9ef2a00803f798308bf1e6b0340c85c68"], 0x60}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x84}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e22}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
syz_open_dev$sg(&(0x7f0000000080), 0x469, 0x40)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in6={0xa, 0x4e24, 0xf1, @loopback, 0x19f49a9}, @in6={0xa, 0x4e24, 0xb, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3a}}, 0x1}], 0x38)
sendmsg$inet_sctp(r0, &(0x7f00000000c0)={&(0x7f0000000000)=@in6={0xa, 0x4e24, 0xff, @loopback, 0x5}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000100)}], 0x1, &(0x7f00000002c0)=[@dstaddrv4={0x18, 0x84, 0x7, @local}], 0x18, 0x4855}, 0x24000052)
syz_emit_ethernet(0x6a, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000660000020190780a010102ac1414bb0b03907800090000405c003b00647b88405c0004ac1414bb7f00000144147d53ac1414aa00000002ff000001000080000044142483ac1e00010000212500000000000000060000"], 0x0)

1m50.736183792s ago: executing program 48 (id=4349):
r0 = socket(0xa, 0x5, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x4000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_buf(r2, 0x6, 0x23, &(0x7f00000000c0)=""/32, &(0x7f0000000080)=0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = memfd_create(&(0x7f0000000380)='/dev/loop#\x00', 0x5)
fallocate(r5, 0x3, 0x0, 0x200000)
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmsg$can_j1939(0xffffffffffffffff, &(0x7f0000001540)={&(0x7f00000000c0)=@hci, 0x80, &(0x7f0000000280)=[{0x0}], 0x1, &(0x7f00000014c0)=""/115, 0x73}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001580)=ANY=[@ANYBLOB="600000000206030000000000b8791fa80000000014000780080012400000000005001500010000000500010006000000050005000200000005000400000000000900020073797a310000000012000300686173683a6e65742c706f727400000083afd5a770f1c0a9f196e22be8d4680c8a8736f42f9fe88213a864ea569a36778c24816f7e5bb61ef7870ef9ef2a00803f798308bf1e6b0340c85c68"], 0x60}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x84}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e22}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
syz_open_dev$sg(&(0x7f0000000080), 0x469, 0x40)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in6={0xa, 0x4e24, 0xf1, @loopback, 0x19f49a9}, @in6={0xa, 0x4e24, 0xb, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3a}}, 0x1}], 0x38)
sendmsg$inet_sctp(r0, &(0x7f00000000c0)={&(0x7f0000000000)=@in6={0xa, 0x4e24, 0xff, @loopback, 0x5}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000100)}], 0x1, &(0x7f00000002c0)=[@dstaddrv4={0x18, 0x84, 0x7, @local}], 0x18, 0x4855}, 0x24000052)
syz_emit_ethernet(0x6a, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000660000020190780a010102ac1414bb0b03907800090000405c003b00647b88405c0004ac1414bb7f00000144147d53ac1414aa00000002ff000001000080000044142483ac1e00010000212500000000000000060000"], 0x0)

12.602267297s ago: executing program 8 (id=4624):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000001200)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x9, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x700, 0xfdef)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r1, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x20, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x10, 0x0, 0x0, 0x1, {[@timestamp={0x8, 0xa, 0x8, 0x5}]}}}}}}}}, 0x0)
ioctl$SNDCTL_TMR_TIMEBASE(0xffffffffffffffff, 0xc0045401, &(0x7f0000000280)=0x147)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$BINDER_GET_FROZEN_INFO(0xffffffffffffffff, 0xc00c620f, &(0x7f0000000100)={r0})
ptrace$ARCH_GET_GS(0x1e, r0, &(0x7f0000000040), 0x1004)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r4, 0x0, 0x33, &(0x7f0000000000)=0x80020000, 0x4)
listen(r4, 0x2)
bind$can_raw(r3, &(0x7f0000000000), 0x10)
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x84}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x70)

11.350572867s ago: executing program 8 (id=4628):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000ca"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x1c, 0x24, 0x101, 0x70bd22, 0xfffffffc, {0x8}, [@typed={0x8, 0x3, 0x0, 0x0, @binary='G\x00\x00\x00'}]}, 0x1c}}, 0x0)

10.453875844s ago: executing program 6 (id=4630):
socket$can_j1939(0x1d, 0x2, 0x7)
membarrier(0x2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e1f, @dev={0xac, 0x14, 0x14, 0x40}}, 0x10)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0x3d, &(0x7f0000000080)={0x1}, 0x8)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000000280), 0x0, 0x20000844)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x80202, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000020c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000000c0), 0x12)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000240)=0x3)
ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f0000000080)=0x7f)
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f00000000c0))
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8)
read$dsp(r3, &(0x7f00000001c0)=""/95, 0x2)

10.413293795s ago: executing program 4 (id=4631):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000002a00), 0x800, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pimreg\x00', 0x2})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCGIFMTU(r4, 0x8921, &(0x7f0000000380)={'dummy0\x00'})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x20, 0x4, 0x44, 0x0, 0x0, 0x1}, [@FRA_SRC={0x8, 0x2, @private=0xa010101}]}, 0x24}, 0x1, 0x0, 0x0, 0x40001}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000120021030000000000bc61682a0096"], 0x1c}], 0x1}, 0x0)
recvmmsg(r6, &(0x7f00000077c0)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000002040)=""/4096, 0x1000}], 0x0, 0x0, 0xfffffe2a}}, {{0x0, 0x0, 0x0}}], 0x400000000000059, 0x2040, 0x0)

10.243640697s ago: executing program 8 (id=4633):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0x7078, 0x0, 0xb, 0x284}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd, 0x0, 0x0})
io_uring_enter(r0, 0x3516, 0x0, 0x4, 0x0, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
dup(0xffffffffffffffff)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
unlink(0x0)
bind$inet6(r6, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

8.158124144s ago: executing program 9 (id=4639):
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000100)={{0x8000000, 0xd000, 0xa, 0x0, 0xa, 0xfc, 0x0, 0x0, 0xfc, 0xfe, 0x0, 0x1}, {0x0, 0x8000000, 0x3, 0x1, 0x40, 0x3, 0x4, 0x9, 0x0, 0x0, 0x0, 0x42}, {0xeeef0000, 0xeeef0000, 0x13, 0x8, 0x0, 0x0, 0xb, 0xf, 0x4, 0xe, 0x84, 0x3}, {0x100000, 0x0, 0x0, 0x0, 0x0, 0x3, 0xff}, {0x11000, 0xd000, 0x0, 0x0, 0x0, 0x80, 0x84, 0x0, 0x2, 0x0, 0x1a}, {0x100000, 0x8000000, 0xd, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0x0, 0x84}, {0x8080000, 0x80a0000, 0x4, 0xf0, 0x0, 0xfe, 0xfd, 0x0, 0x2}, {0x1, 0x0, 0xf, 0xf9, 0x0, 0x2, 0x0, 0xc, 0x0, 0x3, 0x0, 0x40}, {0x6000, 0x4}, {0x8080000, 0xfffe}, 0x0, 0x0, 0xdddd1000, 0x0, 0xb, 0x4001, 0x900, [0x5, 0x0, 0x0, 0x3fffffffffff]})
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="300000001900090000000000000000001c140000fe000001000000001400120002"], 0x30}}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f00000000c0))
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r4, 0x0, &(0x7f0000000640)={0x24, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x20, 0x80, 0x1c, {0x1, 0x7ff, 0x3af, 0x35c, 0x10, 0x8, 0x101, 0x1ff, 0xfff8, 0x401, 0x3ff, 0x8}}, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r5, 0x80015b12, 0x0)
ioctl$BINDER_FREEZE(0xffffffffffffffff, 0x400c620e, &(0x7f0000000180)={0x0, 0x1, 0x8})
sendmsg$IPSET_CMD_TEST(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x2400c8d5}, 0x4800)
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r7 = eventfd2(0x2, 0x0)
ioctl$KVM_IOEVENTFD(r6, 0x4040ae79, &(0x7f00000000c0)={0x7, 0x2, 0x2, r7, 0xb})
r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000b80)={[0x1000000000007, 0x6, 0xfffffffffffffffd, 0x2, 0x5, 0x0, 0x4002004c5, 0x1001, 0x1000, 0x0, 0x5, 0x0, 0x0, 0x2], 0x8080000, 0x1144})
ioctl$KVM_RUN(r8, 0xae80, 0x0)

7.860020751s ago: executing program 6 (id=4640):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000101c1b341b0000000000010902"], 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000080), 0x0, 0x800)
syz_open_procfs(0x0, &(0x7f0000000300)='task\x00')
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet(0xa, 0x801, 0x84)
socket$inet(0xa, 0x801, 0x84)
socket$inet(0xa, 0x801, 0x84)
socket$inet(0xa, 0x801, 0x84)
socket$inet(0xa, 0x801, 0x84)
socket$inet(0xa, 0x801, 0x84)
socket$netlink(0x10, 0x3, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

6.264368672s ago: executing program 6 (id=4644):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394f"], 0x0}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)
write$tun(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="000086dd0001110004000000a60c6eec00be004411"], 0xfdef)

6.175447308s ago: executing program 4 (id=4645):
r0 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x41, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r2)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x100, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="4c0000002000010000000000000000000a801400000000070700000014000200fc020000000000000000000000000001050016002c0000001400010020010000000000000000000000000001bdc0801da81fe6dab9723c3e5c66c33b43cbaf47"], 0x4c}}, 0x40000)
ioctl$PTP_EXTTS_REQUEST2(0xffffffffffffffff, 0xc0403d11, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r5, 0x0)
pipe(&(0x7f0000000800))
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0xea60, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="000000000100"], 0x48}}, 0x0)
sendmsg$can_bcm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='\a'], 0x48}}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000001c0)=@raw={'raw\x00', 0x8, 0x3, 0x2f4, 0x0, 0xffffffff, 0xffffffff, 0x108, 0xffffffff, 0x390, 0xffffffff, 0xffffffff, 0x390, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa4, 0x100}, @common=@inet=@HMARK={0x5c, 'HMARK\x00', 0x0, {@ipv6=@empty, [0x1fe, 0xff000000, 0xffffff00, 0xff], 0x4e21, 0x4e23, 0x4e22, 0x4e21, 0xd04, 0x7f, 0x0, 0x6, 0x8}}}, {{@ipv6={@remote, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0xffffffff], [0xffffff00], 'wg1\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x3, 0x0, 0x50}, 0x0, 0xfc, 0x12c, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'virt_wifi0\x00', {0x0, 0x0, 0x40004, 0x0, 0xffffffff, 0x7, 0x3ff, 0x98}, {0xfffffffffffffffe}}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x0, 0x0, 0x2}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24, '\x00', 0x7}}}}, 0x350)

5.174137161s ago: executing program 8 (id=4647):
socket$kcm(0x21, 0x2, 0xa)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r2, &(0x7f00000005c0)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x0, 0x5}}, 0x10, &(0x7f0000000480), 0x0, 0x0, 0x0, 0x800}, 0x4000840)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000600)={{{@in6=@remote, @in6=@remote, 0x4e21, 0x0, 0x4e21, 0x0, 0xa, 0xa0, 0x0, 0x33}, {0x5, 0x7, 0x100000000, 0x4, 0x1, 0x22, 0xffff, 0x5}, {0x6fcb9f2b, 0x5, 0x0, 0x2}, 0x25c, 0x6e6bbe, 0x0, 0x0, 0x3, 0x2}, {{@in=@remote, 0x4d6, 0x2b}, 0xa, @in=@empty, 0x3507, 0x4, 0x0, 0x7, 0x7ff, 0xffffff7f, 0x8000}}, 0xe4)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x100000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

5.149872236s ago: executing program 2 (id=4648):
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x88140, 0x111)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='vegas', 0x5)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x103080, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
modify_ldt$write2(0x11, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1}, 0x10)
ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f0000000180)={0x0, 0x40000105, 0x0, 0x0, 0xfffffffffffffdcc})
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
close(0x3)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000026c0)={0x6, 0xd, &(0x7f0000000100)=ANY=[@ANYRES64=r3, @ANYRES64=r3, @ANYRESHEX=r3], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x11, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x55, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r4, 0x5, 0xe, 0x0, &(0x7f0000000440)="6121eed4cd50bb2b01e841acde1a", 0x0, 0x29d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x60442, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
read$rfkill(r5, &(0x7f0000000040), 0x8)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x10008)
pipe2$9p(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r8 = dup(r7)
write$FUSE_BMAP(r8, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_GETXATTR(r8, &(0x7f00000004c0)={0x18}, 0x18)
write$FUSE_CREATE_OPEN(r8, &(0x7f00000005c0)={0xa0, 0x0, 0x0, {{0x1, 0x3, 0x1, 0x845, 0xfffffffa, 0x2c, {0x0, 0x7fffffff, 0x5, 0xa, 0x3, 0x8000000000000001, 0x4, 0x7, 0x101, 0x2000, 0x8e5, 0x0, 0x0, 0x7f, 0xffff}}, {0x0, 0x13}}}, 0xa0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x4000, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r8}})
r9 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r9, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)
read$FUSE(r9, &(0x7f0000000680)={0x2020}, 0x2020)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x5437, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

4.214443389s ago: executing program 2 (id=4649):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='system.posix_acl_default\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="020000000100000000000000040000000000000010000500fbffffff1f00000000000000"], 0x24, 0x0)
lgetxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='system.posix_acl_default\x00', 0x0, 0x0)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
accept4$rose(r1, 0x0, 0x0, 0x0)

4.173983642s ago: executing program 4 (id=4650):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r1, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYRES8=r0], 0x3c}}, 0x10)

3.92305605s ago: executing program 2 (id=4651):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000850000005000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='sys_exit\x00', r2}, 0x10)
sysfs$2(0x2, 0x4, &(0x7f0000000140)=""/145)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x90)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x18, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}, [@nested={0x4, 0xe}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0)
chdir(&(0x7f00000000c0)='./file1\x00')
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000400)={0xa})

3.874046159s ago: executing program 4 (id=4652):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000001200)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x9, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x700, 0xfdef)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r1, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x20, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x10, 0x0, 0x0, 0x1, {[@timestamp={0x8, 0xa, 0x8, 0x5}]}}}}}}}}, 0x0)
ioctl$SNDCTL_TMR_TIMEBASE(0xffffffffffffffff, 0xc0045401, &(0x7f0000000280)=0x147)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$BINDER_GET_FROZEN_INFO(0xffffffffffffffff, 0xc00c620f, &(0x7f0000000100)={r0})
ptrace$ARCH_GET_GS(0x1e, r0, &(0x7f0000000040), 0x1004)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r4, 0x0, 0x33, &(0x7f0000000000)=0x80020000, 0x4)
listen(r4, 0x2)
bind$can_raw(r3, &(0x7f0000000000), 0x10)
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x84}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x70)

1.930275131s ago: executing program 8 (id=4653):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001500)=@newqdisc={0x70, 0x24, 0xe0b, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x40, 0x2, {{0x1ff, 0x4, 0x0, 0x5, 0xfffffffd, 0x8}, [@TCA_NETEM_ECN={0x8, 0x7, 0x1}, @TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x80000001, 0x6, 0x8, 0xfffffffe, 0xd99d}}]}]}}}]}, 0x70}}, 0x0)
sendto$packet(r0, &(0x7f00000002c0)="44c33b69ebc9e05e9bdec0c286dd", 0x36, 0x830, &(0x7f0000000440)={0x11, 0x0, r3, 0x1, 0x2, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xe}}, 0x14)

1.857125998s ago: executing program 4 (id=4654):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000101c1b341b0000000000010902"], 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000080), 0x0, 0x800)
syz_open_procfs(0x0, &(0x7f0000000300)='task\x00')
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet(0xa, 0x801, 0x84)
socket$inet(0xa, 0x801, 0x84)
pipe2(&(0x7f0000000200), 0x84000)
socket$inet(0xa, 0x801, 0x84)
socket$inet(0xa, 0x801, 0x84)
socket$inet(0xa, 0x801, 0x84)
socket$netlink(0x10, 0x3, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

1.783883312s ago: executing program 6 (id=4655):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f00000001c0)={0x0, 'vlan0\x00', {0x1}, 0x2})
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x8040)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_open_dev$dri(0x0, 0xd21, 0x4000)
syz_open_dev$usbmon(0x0, 0x0, 0x0)
r2 = epoll_create(0x3)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, &(0x7f0000000080)={0x40000002})
write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000580)=ANY=[], 0x21e)
syz_open_dev$vbi(0x0, 0x0, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
sysfs$1(0x1, &(0x7f0000000000)='ocfs2\x00')
openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0)
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
gettid()
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r3, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x200001}, {{0x0, 0x0, 0x0}, 0x40}, {{0x0, 0x0, 0x0}, 0x409}, {{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000540)=""/130, 0x82}, {&(0x7f0000001a00)=""/4109, 0x100d}, {&(0x7f0000006080)=""/4085, 0xff5}, {&(0x7f0000000340)=""/113, 0x71}, {0x0}, {&(0x7f0000000100)=""/98, 0x62}, {&(0x7f00000003c0)=""/100, 0x64}, {&(0x7f00000006c0)=""/200, 0xc8}, {&(0x7f0000000440)=""/67, 0x43}], 0x9}, 0x4db}, {{0x0, 0x0, 0x0}, 0x8}], 0x5, 0x0, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000049c0)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000100000000000000fd0000008500000013000000850000000e0000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x88}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r6, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
timer_create(0x2, 0x0, 0x0)
sendfile(r5, r4, &(0x7f0000002080)=0x64, 0x21c)

1.640029954s ago: executing program 9 (id=4656):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000001080)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000001280)="57b985cf0100000074acefa4bf596b1a2c0a696f367f9b43b9f44922bbc74f25e2ce0f3a34979e51d6526813e3627b941b67d30dd0ac97df9023657420c9eb2dd2b39db50cd7157708721991f24a5a6a63776714a663a05fc10ef07501ca0852b9fc3647eb5ce173a6ab4b408fd41739320637fae73a72ff76e497eb397dbc90eadc380ee3ed45731693450bfdb78b20f936812923bfa959d7dcadcc5a81402d9ccdf92b3d19e4689f8eb1240121d9a844d40e09ad0fbd419b7274ead52952df15947d93ad227227c858d799c1299dfb1f5df29b88262de67b6077", 0xdb}], 0x1}}, {{0x0, 0x0, &(0x7f0000000d40)=[{&(0x7f0000000800)="f6b328c40d4cc969a0513b8ffd72381d4ef4a89954104d4a81db2fa3c0f906a33482e2821787ac54c0c62da54d1c77255c322358d0e272be2ccacf8f689f0115afd7305a1ce39e8b54734910fd9257fc4d3d2f910d5b9965f734", 0x5a}], 0x1}}], 0x2, 0xc0)

1.589328425s ago: executing program 9 (id=4657):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, 0x0)

1.496954506s ago: executing program 8 (id=4658):
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f00000008c0)={0x84, &(0x7f0000000400)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000440)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a000008048002000905811765"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000040)=ANY=[], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r2, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="120150028584d14045058080020001"], &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0})
syz_usb_disconnect(r1)

1.360415438s ago: executing program 2 (id=4659):
openat$kvm(0xffffff9c, &(0x7f0000000100), 0x41, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x100, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="4c0000002000010000000000000000000a801400000000070700000014000200fc020000000000000000000000000001050016002c0000001400010020010000000000000000000000000001bdc0801da81fe6dab9723c3e5c66c33b43cbaf47"], 0x4c}}, 0x40000)
ioctl$PTP_EXTTS_REQUEST2(0xffffffffffffffff, 0xc0403d11, 0x0)
socket$inet(0xa, 0x801, 0x84)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000050, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
pipe(&(0x7f0000000800))
socket$can_bcm(0x1d, 0x2, 0x2)
cachestat(r3, &(0x7f0000000040), 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000001c0)=@raw={'raw\x00', 0x8, 0x3, 0x2f4, 0x0, 0xffffffff, 0xffffffff, 0x108, 0xffffffff, 0x390, 0xffffffff, 0xffffffff, 0x390, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa4, 0x100}, @common=@inet=@HMARK={0x5c, 'HMARK\x00', 0x0, {@ipv6=@empty, [0x1fe, 0xff000000, 0xffffff00, 0xff], 0x4e21, 0x4e23, 0x4e22, 0x4e21, 0xd04, 0x7f, 0x0, 0x6, 0x8}}}, {{@ipv6={@remote, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0xffffffff], [0xffffff00], 'wg1\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x3, 0x0, 0x50}, 0x0, 0xfc, 0x12c, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'virt_wifi0\x00', {0x0, 0x0, 0x40004, 0x0, 0xffffffff, 0x7, 0x3ff, 0x98}, {0xfffffffffffffffe}}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x0, 0x0, 0x2}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24, '\x00', 0x7}}}}, 0x350)

1.25819327s ago: executing program 9 (id=4660):
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x88140, 0x111)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='vegas', 0x5)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x103080, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
modify_ldt$write2(0x11, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1}, 0x10)
ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f0000000180)={0x0, 0x40000105, 0x0, 0x0, 0xfffffffffffffdcc})
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
close(0x3)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000026c0)={0x6, 0xd, &(0x7f0000000100)=ANY=[@ANYRES64=r3, @ANYRES64=r3, @ANYRESHEX=r3], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x11, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x55, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r4, 0x5, 0xe, 0x0, &(0x7f0000000440)="6121eed4cd50bb2b01e841acde1a", 0x0, 0x29d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x60442, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
read$rfkill(r5, &(0x7f0000000040), 0x8)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x10008)
pipe2$9p(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r8 = dup(r7)
write$FUSE_BMAP(r8, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_GETXATTR(r8, &(0x7f00000004c0)={0x18}, 0x18)
write$FUSE_CREATE_OPEN(r8, &(0x7f00000005c0)={0xa0, 0x0, 0x0, {{0x1, 0x3, 0x1, 0x845, 0xfffffffa, 0x2c, {0x0, 0x7fffffff, 0x5, 0xa, 0x3, 0x8000000000000001, 0x4, 0x7, 0x101, 0x2000, 0x8e5, 0x0, 0x0, 0x7f, 0xffff}}, {0x0, 0x13}}}, 0xa0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x4000, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r8}})
r9 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r9, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)
read$FUSE(r9, &(0x7f0000000680)={0x2020}, 0x2020)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x5437, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

659.135705ms ago: executing program 6 (id=4661):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='system.posix_acl_default\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="020000000100000000000000040000000000000010000500fbffffff1f00000000000000"], 0x24, 0x0)
lgetxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='system.posix_acl_default\x00', 0x0, 0x0)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
accept4$rose(r1, 0x0, 0x0, 0x0)

628.219463ms ago: executing program 9 (id=4662):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r1, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYRES8=r0], 0x3c}}, 0x10)

545.963018ms ago: executing program 6 (id=4663):
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2b, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7b, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f00000010c0)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}}, 0x0, 0x0, 0x16, 0x0, "61a1ed8439cde8054f2ada6fcd5fe76b933e8bb0ac60081e33fa150835f751070073b4f5d80eb4881a5b98cb9f6d225d602392f8057f00000000000000fd27846feb525c2e8212000000006f00"}, 0xd8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xf, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x10000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mount(&(0x7f00000000c0)=@sr0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)='btrfs\x00', 0x208000, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), 0x0, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
write$cgroup_int(r4, &(0x7f0000000040)=0x1c9, 0x12)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBTYPE(r5, 0x4b48, 0x0)
syz_usb_connect(0x1, 0x3d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547e2db80000000000000002", 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

214.366091ms ago: executing program 9 (id=4664):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x2)
writev(r0, &(0x7f00000003c0)=[{0x0}], 0x1)

213.92461ms ago: executing program 4 (id=4665):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000001200)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x9, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x700, 0xfdef)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r1, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x20, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x10, 0x0, 0x0, 0x1, {[@timestamp={0x8, 0xa, 0x8, 0x5}]}}}}}}}}, 0x0)
ioctl$SNDCTL_TMR_TIMEBASE(0xffffffffffffffff, 0xc0045401, &(0x7f0000000280)=0x147)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$BINDER_GET_FROZEN_INFO(0xffffffffffffffff, 0xc00c620f, &(0x7f0000000100)={r0})
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r5, 0x0, 0x33, &(0x7f0000000000)=0x80020000, 0x4)
listen(r5, 0x2)
bind$can_raw(r4, &(0x7f0000000000), 0x10)
setsockopt$CAN_RAW_FILTER(r4, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x61, 0x11, 0x84}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x70)

130.396123ms ago: executing program 2 (id=4666):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)

0s ago: executing program 2 (id=4667):
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000025000a20000000000a01030000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000003740000001e0a01020000000000000000010000000900020073797a32000000003400038030000080090006400000000024000b802000018007000100637400001400028008000160ee00000000000040000000000900010073797a30"], 0xe4}}, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000200)=0x1, 0x12)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xe, 0x4, 0x4, 0xa, 0x4}, 0x3f)
mkdir(&(0x7f0000000000)='./cgroup/../file0/file0\x00', 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, 0x0, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000280), 0x0)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r4, 0x84, 0x78, &(0x7f0000000440), 0x4)
r5 = openat$cgroup_ro(r3, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r5, &(0x7f0000000100)=0x1, 0x12)
mkdir(0x0, 0x10)

kernel console output (not intermixed with test programs):

ffc0000
[ 1740.551610][   T38] audit: type=1326 audit(1759368203.037:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18785 comm="syz.1.4162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe5f72eec9 code=0x7ffc0000
[ 1740.552583][   T38] audit: type=1326 audit(1759368203.047:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18785 comm="syz.1.4162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe5f72eec9 code=0x7ffc0000
[ 1740.560509][   T38] audit: type=1326 audit(1759368203.047:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18785 comm="syz.1.4162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fbe5f72eec9 code=0x7ffc0000
[ 1740.560569][   T38] audit: type=1326 audit(1759368203.047:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18785 comm="syz.1.4162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe5f72eec9 code=0x7ffc0000
[ 1740.560619][   T38] audit: type=1326 audit(1759368203.047:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18785 comm="syz.1.4162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe5f72eec9 code=0x7ffc0000
[ 1740.560770][   T38] audit: type=1326 audit(1759368203.047:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18785 comm="syz.1.4162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbe5f72d710 code=0x7ffc0000
[ 1740.574869][   T38] audit: type=1326 audit(1759368203.057:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18785 comm="syz.1.4162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fbe5f7306f7 code=0x7ffc0000
[ 1740.879629][T18543] 8021q: adding VLAN 0 to HW filter on device team0
[ 1740.900712][ T4406] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1740.900945][ T4406] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1740.953109][ T4267] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1740.953386][ T4267] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1741.194957][T18025] Bluetooth: hci2: ACL packet for unknown connection handle 200
[ 1741.387052][T18794] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[ 1742.414034][T18812] __nla_validate_parse: 64 callbacks suppressed
[ 1742.414051][T18812] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4169'.
[ 1742.414507][T18812] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4169'.
[ 1742.414830][T18812] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4169'.
[ 1742.415163][T18812] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4169'.
[ 1742.415457][T18812] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4169'.
[ 1742.415727][T18812] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4169'.
[ 1742.416008][T18812] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4169'.
[ 1743.672299][T18812] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4169'.
[ 1743.673395][T18812] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4169'.
[ 1743.673720][T18812] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4169'.
[ 1745.357446][T18543] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1746.075978][   T38] kauditd_printk_skb: 11 callbacks suppressed
[ 1746.075997][   T38] audit: type=1326 audit(1759368208.567:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18828 comm="syz.8.4174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85c20eec9 code=0x7ffc0000
[ 1746.076059][   T38] audit: type=1326 audit(1759368208.567:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18828 comm="syz.8.4174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85c20eec9 code=0x7ffc0000
[ 1746.076105][   T38] audit: type=1326 audit(1759368208.567:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18828 comm="syz.8.4174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7fa85c20eec9 code=0x7ffc0000
[ 1746.076154][   T38] audit: type=1326 audit(1759368208.567:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18828 comm="syz.8.4174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85c20eec9 code=0x7ffc0000
[ 1746.076201][   T38] audit: type=1326 audit(1759368208.567:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18828 comm="syz.8.4174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85c20eec9 code=0x7ffc0000
[ 1746.076248][   T38] audit: type=1326 audit(1759368208.567:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18828 comm="syz.8.4174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fa85c20eec9 code=0x7ffc0000
[ 1746.076296][   T38] audit: type=1326 audit(1759368208.567:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18828 comm="syz.8.4174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85c20eec9 code=0x7ffc0000
[ 1746.078909][   T38] audit: type=1326 audit(1759368208.567:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18828 comm="syz.8.4174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa85c20d710 code=0x7ffc0000
[ 1746.078964][   T38] audit: type=1326 audit(1759368208.567:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18828 comm="syz.8.4174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fa85c2106f7 code=0x7ffc0000
[ 1746.079022][   T38] audit: type=1326 audit(1759368208.567:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18828 comm="syz.8.4174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa85c20eec9 code=0x7ffc0000
[ 1746.416338][T18834] input: syz1 as /devices/virtual/input/input90
[ 1746.440565][T18543] veth0_vlan: entered promiscuous mode
[ 1746.490843][T18543] veth1_vlan: entered promiscuous mode
[ 1746.622689][T18543] veth0_macvtap: entered promiscuous mode
[ 1746.641248][T18543] veth1_macvtap: entered promiscuous mode
[ 1746.694585][T18543] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1746.714963][T18543] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1746.761127][   T69] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1746.775624][   T69] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1746.776048][   T69] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1746.807385][   T69] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1748.028853][ T4267] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1748.028877][ T4267] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1748.750630][T18852] __nla_validate_parse: 64 callbacks suppressed
[ 1748.750652][T18852] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4183'.
[ 1748.751081][T18852] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4183'.
[ 1748.751384][T18852] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4183'.
[ 1748.751679][T18852] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4183'.
[ 1748.752019][T18852] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4183'.
[ 1748.752334][T18852] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4183'.
[ 1748.752664][T18852] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4183'.
[ 1748.752958][T18852] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4183'.
[ 1748.753214][T18852] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4183'.
[ 1748.753468][T18852] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4183'.
[ 1748.993168][ T1422] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1748.993192][ T1422] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1750.232626][T18862] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/nullb0": -EINTR
[ 1753.178585][ T5135] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1753.220746][ T5135] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1753.282190][ T5135] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1753.350135][ T5135] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1753.457020][ T5135] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1755.372109][ T5896] usb 10-1: new high-speed USB device number 27 using dummy_hcd
[ 1755.549901][ T5135] Bluetooth: hci4: command tx timeout
[ 1755.576730][ T5896] usb 10-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1755.576764][ T5896] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1755.576785][ T5896] usb 10-1: Product: syz
[ 1755.576801][ T5896] usb 10-1: Manufacturer: syz
[ 1755.576818][ T5896] usb 10-1: SerialNumber: syz
[ 1756.016405][ T5896] usb 10-1: config 0 descriptor??
[ 1756.746171][ T5896] usb 10-1: Firmware: major: 130, minor: 102, hardware type: HULUSB (4)
[ 1756.950087][ T5896] usb 10-1: failed to fetch extended address, random address set
[ 1757.647423][ T5135] Bluetooth: hci4: command tx timeout
[ 1758.896934][T18394] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1759.327631][ T5896] usb 10-1: USB disconnect, device number 27
[ 1759.594461][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1759.731564][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1759.976563][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1760.351235][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1760.485877][ T5135] Bluetooth: hci4: command tx timeout
[ 1761.488456][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1761.815039][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1762.422993][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1762.456005][T18394] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1762.578406][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1763.045742][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1763.296699][ T5135] Bluetooth: hci4: command tx timeout
[ 1763.386938][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1763.646481][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1763.698172][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1763.943336][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1764.013372][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1764.253588][T18943] workqueue: Failed to create a rescuer kthread for wq "xfs-inodegc/nullb0": -EINTR
[ 1765.691789][T18394] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1765.750761][ T5911] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[ 1765.889170][T18967] __nla_validate_parse: 64 callbacks suppressed
[ 1765.889197][T18967] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4205'.
[ 1765.998024][ T5911] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1765.998073][ T5911] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1765.998095][ T5911] usb 2-1: Product: syz
[ 1765.998112][ T5911] usb 2-1: Manufacturer: syz
[ 1765.998149][ T5911] usb 2-1: SerialNumber: syz
[ 1766.035396][ T5911] usb 2-1: config 0 descriptor??
[ 1766.447931][ T5911] usb 2-1: Firmware: major: 130, minor: 102, hardware type: HULUSB (4)
[ 1766.649727][ T5911] usb 2-1: failed to fetch extended address, random address set
[ 1767.075495][T18394] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1767.763413][T18889] chnl_net:caif_netlink_parms(): no params data found
[ 1767.770210][ T5911] usb 2-1: USB disconnect, device number 28
[ 1776.168778][T19001] warn_alloc: 1 callbacks suppressed
[ 1776.168795][T19001] syz.4.4214: vmalloc error: size 35651584, failed to allocated page array size 69632, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1776.168854][T19001] CPU: 1 UID: 0 PID: 19001 Comm: syz.4.4214 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1776.168873][T19001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1776.168884][T19001] Call Trace:
[ 1776.168891][T19001]  <TASK>
[ 1776.168899][T19001]  dump_stack_lvl+0x189/0x250
[ 1776.168922][T19001]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1776.168939][T19001]  ? __pfx__printk+0x10/0x10
[ 1776.168960][T19001]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1776.168983][T19001]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1776.169005][T19001]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 1776.169029][T19001]  warn_alloc+0x22e/0x3b0
[ 1776.169061][T19001]  ? __pfx_warn_alloc+0x10/0x10
[ 1776.169093][T19001]  ? __get_vm_area_node+0x2bc/0x350
[ 1776.169116][T19001]  ? hash_netport4_resize+0x235/0x1b70
[ 1776.169138][T19001]  __vmalloc_node_range_noprof+0x67e/0x12f0
[ 1776.169161][T19001]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1776.169200][T19001]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1776.169226][T19001]  ? rcu_is_watching+0x15/0xb0
[ 1776.169247][T19001]  __kvmalloc_node_noprof+0x2ff/0x500
[ 1776.169271][T19001]  ? hash_netport4_resize+0x235/0x1b70
[ 1776.169287][T19001]  ? hash_netport4_resize+0x235/0x1b70
[ 1776.169309][T19001]  hash_netport4_resize+0x235/0x1b70
[ 1776.169325][T19001]  ? hash_netport4_uadt+0xc9a/0xf30
[ 1776.169347][T19001]  ? __pfx_hash_netport4_add+0x10/0x10
[ 1776.169369][T19001]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1776.169402][T19001]  ? rt_write_unlock+0x191/0x230
[ 1776.169429][T19001]  call_ad+0x3c5/0x9c0
[ 1776.169457][T19001]  ? __pfx_call_ad+0x10/0x10
[ 1776.169490][T19001]  ? __nla_parse+0x40/0x60
[ 1776.169520][T19001]  ip_set_ad+0x797/0x940
[ 1776.169549][T19001]  ? __pfx_ip_set_ad+0x10/0x10
[ 1776.169569][T19001]  ? do_raw_spin_lock+0x121/0x290
[ 1776.169622][T19001]  nfnetlink_rcv_msg+0xb69/0x1150
[ 1776.169645][T19001]  ? nfnetlink_rcv_msg+0x212/0x1150
[ 1776.169681][T19001]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1776.169701][T19001]  ? kasan_save_free_info+0x46/0x50
[ 1776.169765][T19001]  netlink_rcv_skb+0x208/0x470
[ 1776.169790][T19001]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1776.169814][T19001]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1776.169847][T19001]  ? bpf_lsm_capable+0x9/0x20
[ 1776.169866][T19001]  ? security_capable+0x7e/0x2e0
[ 1776.169894][T19001]  nfnetlink_rcv+0x26a/0x2530
[ 1776.169918][T19001]  ? __dev_queue_xmit+0x1d3d/0x3b70
[ 1776.169945][T19001]  ? __dev_queue_xmit+0x26f/0x3b70
[ 1776.169974][T19001]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1776.169995][T19001]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1776.170025][T19001]  ? ref_tracker_free+0x61e/0x7c0
[ 1776.170050][T19001]  ? __asan_memcpy+0x40/0x70
[ 1776.170066][T19001]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1776.170103][T19001]  ? skb_clone+0x246/0x3a0
[ 1776.170124][T19001]  ? __netlink_deliver_tap+0x807/0x850
[ 1776.170149][T19001]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1776.170178][T19001]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1776.170209][T19001]  netlink_unicast+0x846/0xa10
[ 1776.170238][T19001]  ? __pfx_netlink_unicast+0x10/0x10
[ 1776.170262][T19001]  ? netlink_sendmsg+0x642/0xb30
[ 1776.170285][T19001]  ? skb_put+0x11b/0x210
[ 1776.170303][T19001]  netlink_sendmsg+0x805/0xb30
[ 1776.170335][T19001]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1776.170366][T19001]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1776.170391][T19001]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1776.170417][T19001]  __sock_sendmsg+0x21c/0x270
[ 1776.170442][T19001]  ____sys_sendmsg+0x508/0x820
[ 1776.170463][T19001]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1776.170488][T19001]  ? import_iovec+0x74/0xa0
[ 1776.170515][T19001]  ___sys_sendmsg+0x21f/0x2a0
[ 1776.170534][T19001]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1776.170587][T19001]  ? __fget_files+0x2a/0x420
[ 1776.170609][T19001]  ? __fget_files+0x3a6/0x420
[ 1776.170639][T19001]  __x64_sys_sendmsg+0x1a1/0x260
[ 1776.170659][T19001]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1776.170685][T19001]  ? rcu_is_watching+0x15/0xb0
[ 1776.170707][T19001]  ? do_syscall_64+0xbe/0x3b0
[ 1776.170727][T19001]  do_syscall_64+0xfa/0x3b0
[ 1776.170742][T19001]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1776.170758][T19001]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1776.170774][T19001]  ? clear_bhb_loop+0x60/0xb0
[ 1776.170794][T19001]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1776.170810][T19001] RIP: 0033:0x7f5a909beec9
[ 1776.170826][T19001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1776.170841][T19001] RSP: 002b:00007f5a8ebfd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1776.170857][T19001] RAX: ffffffffffffffda RBX: 00007f5a90c16090 RCX: 00007f5a909beec9
[ 1776.170870][T19001] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 0000000000000009
[ 1776.170881][T19001] RBP: 00007f5a90a41f91 R08: 0000000000000000 R09: 0000000000000000
[ 1776.170891][T19001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1776.170901][T19001] R13: 00007f5a90c16128 R14: 00007f5a90c16090 R15: 00007fff1c223628
[ 1776.170926][T19001]  </TASK>
[ 1776.170932][T19001] Mem-Info:
[ 1776.170940][T19001] active_anon:931 inactive_anon:8718 isolated_anon:0
[ 1776.170940][T19001]  active_file:25407 inactive_file:36717 isolated_file:0
[ 1776.170940][T19001]  unevictable:768 dirty:169 writeback:0
[ 1776.170940][T19001]  slab_reclaimable:12763 slab_unreclaimable:109591
[ 1776.170940][T19001]  mapped:34281 shmem:7013 pagetables:1089
[ 1776.170940][T19001]  sec_pagetables:0 bounce:0
[ 1776.170940][T19001]  kernel_misc_reclaimable:0
[ 1776.170940][T19001]  free:1298485 free_pcp:1527 free_cma:0
[ 1776.170984][T19001] Node 0 active_anon:3724kB inactive_anon:34872kB active_file:101424kB inactive_file:146868kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:137124kB dirty:676kB writeback:0kB shmem:26516kB kernel_stack:12440kB pagetables:4220kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1776.171021][T19001] Node 1 active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1776.171055][T19001] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1776.171099][T19001] lowmem_reserve[]: 0 2516 2517 2517 2517
[ 1776.171126][T19001] Node 0 DMA32 free:1270880kB boost:0kB min:3944kB low:6492kB high:9040kB reserved_highatomic:0KB free_highatomic:0KB active_anon:3720kB inactive_anon:34828kB active_file:99640kB inactive_file:146800kB unevictable:1536kB writepending:672kB present:3129332kB managed:2576456kB mlocked:0kB bounce:0kB free_pcp:5860kB local_pcp:3752kB free_cma:0kB
[ 1776.171173][T19001] lowmem_reserve[]: 0 0 1 1 1
[ 1776.171198][T19001] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:44kB active_file:1784kB inactive_file:68kB unevictable:0kB writepending:4kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1776.171243][T19001] lowmem_reserve[]: 0 0 0 0 0
[ 1776.171268][T19001] Node 1 Normal free:3907700kB boost:0kB min:6360kB low:10468kB high:14576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:248kB local_pcp:248kB free_cma:0kB
[ 1776.171313][T19001] lowmem_reserve[]: 0 0 0 0 0
[ 1776.171338][T19001] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1776.171428][T19001] Node 0 DMA32: 948*4kB (UM) 420*8kB (UME) 231*16kB (UME) 240*32kB (UME) 505*64kB (UME) 279*128kB (UME) 188*256kB (UME) 85*512kB (UME) 59*1024kB (UME) 24*2048kB (UME) 240*4096kB (M) = 1270816kB
[ 1776.171559][T19001] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1776.171634][T19001] Node 1 Normal: 139*4kB (UE) 43*8kB (UME) 39*16kB (UME) 208*32kB (UME) 88*64kB (UME) 31*128kB (UME) 17*256kB (UM) 7*512kB (UM) 3*1024kB (UM) 4*2048kB (UME) 945*4096kB (M) = 3907700kB
[ 1776.171753][T19001] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1776.171767][T19001] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[ 1776.171780][T19001] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1776.171793][T19001] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1776.171806][T19001] 69136 total pagecache pages
[ 1776.171812][T19001] 0 pages in swap cache
[ 1776.171818][T19001] Free swap  = 124996kB
[ 1776.171824][T19001] Total swap = 124996kB
[ 1776.171831][T19001] 2097051 pages RAM
[ 1776.171837][T19001] 0 pages HighMem/MovableOnly
[ 1776.171843][T19001] 420847 pages reserved
[ 1776.171848][T19001] 0 pages cma reserved
[ 1777.891436][T19016] workqueue: Failed to create a rescuer kthread for wq "xfs-conv/nullb0": -EINTR
[ 1778.480876][T19026] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4212'.
[ 1778.592107][T18264] usb 10-1: new high-speed USB device number 28 using dummy_hcd
[ 1778.949710][T18264] usb 10-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1778.949743][T18264] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1778.949764][T18264] usb 10-1: Product: syz
[ 1778.949781][T18264] usb 10-1: Manufacturer: syz
[ 1778.949796][T18264] usb 10-1: SerialNumber: syz
[ 1778.989082][T18264] usb 10-1: config 0 descriptor??
[ 1779.203766][T18889] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1779.203928][T18889] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1779.204199][T18889] bridge_slave_0: entered allmulticast mode
[ 1779.216970][T18889] bridge_slave_0: entered promiscuous mode
[ 1779.313694][T18889] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1779.313863][T18889] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1779.314142][T18889] bridge_slave_1: entered allmulticast mode
[ 1779.317230][T18889] bridge_slave_1: entered promiscuous mode
[ 1779.423566][T18264] usb 10-1: Firmware: major: 130, minor: 102, hardware type: HULUSB (4)
[ 1779.495827][T18394] bridge_slave_1: left allmulticast mode
[ 1779.495855][T18394] bridge_slave_1: left promiscuous mode
[ 1779.496066][T18394] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1779.958985][T18264] usb 10-1: failed to fetch extended address, random address set
[ 1779.972113][T18394] bridge_slave_0: left allmulticast mode
[ 1779.972144][T18394] bridge_slave_0: left promiscuous mode
[ 1779.972418][T18394] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1788.623110][T18394] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1788.715361][T18394] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1788.754468][T18394] bond0 (unregistering): Released all slaves
[ 1790.370181][T18889] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1792.567846][T18889] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1792.602433][T18264] usb 10-1: USB disconnect, device number 28
[ 1793.362110][T19059] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[ 1793.588992][T19059] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1793.589026][T19059] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1793.589049][T19059] usb 2-1: Product: syz
[ 1793.589065][T19059] usb 2-1: Manufacturer: syz
[ 1793.589080][T19059] usb 2-1: SerialNumber: syz
[ 1793.634238][T19059] usb 2-1: config 0 descriptor??
[ 1794.134024][T19059] usb 2-1: Firmware: major: 130, minor: 102, hardware type: HULUSB (4)
[ 1794.726542][T19059] usb 2-1: failed to fetch extended address, random address set
[ 1794.945621][T18889] team0: Port device team_slave_0 added
[ 1794.995592][T19059] usb 2-1: USB disconnect, device number 29
[ 1795.153324][T18889] team0: Port device team_slave_1 added
[ 1795.252130][T18264] usb 10-1: new high-speed USB device number 29 using dummy_hcd
[ 1795.589598][T18264] usb 10-1: Using ep0 maxpacket: 8
[ 1795.592653][T18264] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1795.592672][T18264] usb 10-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1795.592699][T18264] usb 10-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1795.592716][T18264] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1795.596517][T18264] usb 10-1: config 0 descriptor??
[ 1797.143798][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[ 1797.332178][T18394] hsr_slave_0: left promiscuous mode
[ 1797.426199][T18394] hsr_slave_1: left promiscuous mode
[ 1797.426925][T18394] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1797.426945][T18394] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1797.784647][T18394] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1797.784677][T18394] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1797.975411][T18394] veth1_macvtap: left promiscuous mode
[ 1797.975491][T18394] veth0_macvtap: left promiscuous mode
[ 1797.975668][T18394] veth1_vlan: left promiscuous mode
[ 1797.975809][T18394] veth0_vlan: left promiscuous mode
[ 1798.045434][T18264] usb 10-1: USB disconnect, device number 29
[ 1802.494678][T18394] team0 (unregistering): Port device team_slave_1 removed
[ 1802.735027][T18394] team0 (unregistering): Port device team_slave_0 removed
[ 1803.671130][   T12] Bluetooth: Error in BCSP hdr checksum
[ 1803.936271][ T1422] Bluetooth: Error in BCSP hdr checksum
[ 1804.204702][ T1422] Bluetooth: Error in BCSP hdr checksum
[ 1804.462546][ T1422] Bluetooth: Error in BCSP hdr checksum
[ 1804.752800][   T69] Bluetooth: Error in BCSP hdr checksum
[ 1805.032783][T16544] Bluetooth: Error in BCSP hdr checksum
[ 1805.305300][T16544] Bluetooth: Error in BCSP hdr checksum
[ 1805.462218][T18025] Bluetooth: hci0: command 0x1003 tx timeout
[ 1805.462242][ T5135] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1805.494994][T19127] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4244'.
[ 1805.562535][   T69] Bluetooth: Error in BCSP hdr checksum
[ 1805.834243][T16544] Bluetooth: Error in BCSP hdr checksum
[ 1805.901239][T18889] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1805.901257][T18889] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1805.901288][T18889] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1806.102748][   T69] Bluetooth: Error in BCSP hdr checksum
[ 1806.173181][T18889] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1806.173195][T18889] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1806.173216][T18889] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1806.779028][T18889] hsr_slave_0: entered promiscuous mode
[ 1806.780608][T18889] hsr_slave_1: entered promiscuous mode
[ 1806.781546][T18889] debugfs: 'hsr0' already exists in 'hsr'
[ 1806.781574][T18889] Cannot create hsr debugfs directory
[ 1806.896727][   T38] kauditd_printk_skb: 10 callbacks suppressed
[ 1806.896749][   T38] audit: type=1326 audit(1759368269.367:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19164 comm="syz.8.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85c20eec9 code=0x7ffc0000
[ 1806.896804][   T38] audit: type=1326 audit(1759368269.367:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19164 comm="syz.8.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85c20eec9 code=0x7ffc0000
[ 1806.896853][   T38] audit: type=1326 audit(1759368269.367:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19164 comm="syz.8.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7fa85c20eec9 code=0x7ffc0000
[ 1806.896904][   T38] audit: type=1326 audit(1759368269.367:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19164 comm="syz.8.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85c20eec9 code=0x7ffc0000
[ 1806.896963][   T38] audit: type=1326 audit(1759368269.367:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19164 comm="syz.8.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85c20eec9 code=0x7ffc0000
[ 1806.897016][   T38] audit: type=1326 audit(1759368269.367:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19164 comm="syz.8.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fa85c20eec9 code=0x7ffc0000
[ 1806.897064][   T38] audit: type=1326 audit(1759368269.367:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19164 comm="syz.8.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85c20eec9 code=0x7ffc0000
[ 1806.897114][   T38] audit: type=1326 audit(1759368269.367:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19164 comm="syz.8.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa85c20eec9 code=0x7ffc0000
[ 1806.897162][   T38] audit: type=1326 audit(1759368269.367:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19164 comm="syz.8.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa85c20d710 code=0x7ffc0000
[ 1806.897211][   T38] audit: type=1326 audit(1759368269.367:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19164 comm="syz.8.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fa85c2106f7 code=0x7ffc0000
[ 1808.043286][T18264] usb 10-1: new high-speed USB device number 30 using dummy_hcd
[ 1808.066012][T19176] overlayfs: failed to resolve './bus': -2
[ 1808.199858][T18264] usb 10-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1808.199893][T18264] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1808.199914][T18264] usb 10-1: Product: syz
[ 1808.199930][T18264] usb 10-1: Manufacturer: syz
[ 1808.199946][T18264] usb 10-1: SerialNumber: syz
[ 1808.262424][T18264] usb 10-1: config 0 descriptor??
[ 1808.475178][T19180] afs: Unknown parameter 'dynck'
[ 1808.491551][T19180] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4256'.
[ 1809.018813][T18264] usb 10-1: Firmware: major: 130, minor: 102, hardware type: HULUSB (4)
[ 1809.237884][T18264] usb 10-1: failed to fetch extended address, random address set
[ 1810.084834][T19194] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4259'.
[ 1810.085506][T19194] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4259'.
[ 1810.085744][T19194] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4259'.
[ 1810.085972][T19194] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4259'.
[ 1810.086211][T19194] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4259'.
[ 1810.086439][T19194] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4259'.
[ 1810.086692][T19194] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4259'.
[ 1810.086946][T19194] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4259'.
[ 1810.340619][T18264] usb 10-1: USB disconnect, device number 30
[ 1810.822834][   T69] Bluetooth: Error in BCSP hdr checksum
[ 1811.090078][ T1422] Bluetooth: Error in BCSP hdr checksum
[ 1811.213485][T19203] __nla_validate_parse: 103 callbacks suppressed
[ 1811.213508][T19203] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4263'.
[ 1811.214130][T19203] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4263'.
[ 1811.214384][T19203] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4263'.
[ 1811.214639][T19203] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4263'.
[ 1811.214878][T19203] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4263'.
[ 1811.215100][T19203] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4263'.
[ 1811.215339][T19203] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4263'.
[ 1811.215615][T19203] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4263'.
[ 1811.215896][T19203] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4263'.
[ 1811.216118][T19203] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4263'.
[ 1811.342444][ T4267] Bluetooth: Error in BCSP hdr checksum
[ 1811.602545][   T13] Bluetooth: Error in BCSP hdr checksum
[ 1811.859553][T16767] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1811.875690][T16767] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1811.877299][   T13] Bluetooth: Error in BCSP hdr checksum
[ 1811.891182][T16767] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1811.906116][T16767] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1811.906947][T16767] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1812.103382][   T38] kauditd_printk_skb: 11 callbacks suppressed
[ 1812.103404][   T38] audit: type=1326 audit(1759368274.597:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19213 comm="syz.4.4266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a909beec9 code=0x7ffc0000
[ 1812.104727][   T38] audit: type=1326 audit(1759368274.597:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19213 comm="syz.4.4266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7f5a909beec9 code=0x7ffc0000
[ 1812.104785][   T38] audit: type=1326 audit(1759368274.597:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19213 comm="syz.4.4266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a909beec9 code=0x7ffc0000
[ 1812.107783][   T38] audit: type=1326 audit(1759368274.597:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19213 comm="syz.4.4266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7f5a909beec9 code=0x7ffc0000
[ 1812.107840][   T38] audit: type=1326 audit(1759368274.597:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19213 comm="syz.4.4266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a909beec9 code=0x7ffc0000
[ 1812.107891][   T38] audit: type=1326 audit(1759368274.597:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19213 comm="syz.4.4266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5a909bd710 code=0x7ffc0000
[ 1812.107942][   T38] audit: type=1326 audit(1759368274.597:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19213 comm="syz.4.4266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f5a909c06f7 code=0x7ffc0000
[ 1812.107993][   T38] audit: type=1326 audit(1759368274.597:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19213 comm="syz.4.4266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5a909beec9 code=0x7ffc0000
[ 1812.108043][   T38] audit: type=1326 audit(1759368274.597:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19213 comm="syz.4.4266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f5a909c06f7 code=0x7ffc0000
[ 1812.108092][   T38] audit: type=1326 audit(1759368274.597:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19213 comm="syz.4.4266" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5a909bdb2a code=0x7ffc0000
[ 1812.122638][   T12] Bluetooth: Error in BCSP hdr checksum
[ 1813.295211][ T5135] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1813.339707][ T1422] Bluetooth: Error in BCSP hdr checksum
[ 1813.680867][T19221] netlink: zone id is out of range
[ 1813.681067][T19221] netlink: del zone limit has 8 unknown bytes
[ 1814.025186][T18025] Bluetooth: hci6: command tx timeout
[ 1816.112479][T18025] Bluetooth: hci6: command tx timeout
[ 1818.182383][T18025] Bluetooth: hci6: command tx timeout
[ 1818.234202][T19059] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[ 1818.382100][T19059] usb 2-1: Using ep0 maxpacket: 32
[ 1818.542187][T19059] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1818.542217][T19059] usb 2-1: config 0 has no interfaces?
[ 1818.656332][T19059] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1818.656367][T19059] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1818.656391][T19059] usb 2-1: Product: syz
[ 1818.656407][T19059] usb 2-1: Manufacturer: syz
[ 1818.656432][T19059] usb 2-1: SerialNumber: syz
[ 1818.724258][T19059] usb 2-1: config 0 descriptor??
[ 1818.940291][    T9] usb 2-1: USB disconnect, device number 30
[ 1818.964814][T18394] bridge_slave_1: left allmulticast mode
[ 1818.964846][T18394] bridge_slave_1: left promiscuous mode
[ 1818.997699][T18394] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1819.163590][T18394] bridge_slave_0: left allmulticast mode
[ 1819.163614][T18394] bridge_slave_0: left promiscuous mode
[ 1819.163816][T18394] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1819.432121][    T9] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[ 1819.565892][T18264] usb 10-1: new high-speed USB device number 31 using dummy_hcd
[ 1819.593453][    T9] usb 2-1: Using ep0 maxpacket: 32
[ 1819.596452][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1819.596483][    T9] usb 2-1: config 0 has no interfaces?
[ 1819.627084][    T9] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1819.627116][    T9] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1819.627139][    T9] usb 2-1: Product: syz
[ 1819.627155][    T9] usb 2-1: Manufacturer: syz
[ 1819.627171][    T9] usb 2-1: SerialNumber: syz
[ 1819.644394][    T9] usb 2-1: config 0 descriptor??
[ 1819.697298][T19278] overlayfs: failed to resolve './bus': -2
[ 1819.752060][T18264] usb 10-1: Using ep0 maxpacket: 32
[ 1819.754549][T18264] usb 10-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[ 1819.754580][T18264] usb 10-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1819.787936][T18394] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1819.800883][T18264] usb 10-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1819.800917][T18264] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1819.800940][T18264] usb 10-1: Product: syz
[ 1819.800957][T18264] usb 10-1: Manufacturer: syz
[ 1819.800973][T18264] usb 10-1: SerialNumber: syz
[ 1819.838845][T18264] usb 10-1: rejected 1 configuration due to insufficient available bus power
[ 1819.838875][T18264] usb 10-1: no configuration chosen from 1 choice
[ 1819.870405][T18394] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1819.884745][    T9] usb 2-1: USB disconnect, device number 31
[ 1819.907244][T18394] bond0 (unregistering): Released all slaves
[ 1819.932306][T19274] __nla_validate_parse: 137 callbacks suppressed
[ 1819.932331][T19274] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4284'.
[ 1819.932803][T19274] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4284'.
[ 1819.933140][T19274] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4284'.
[ 1819.933449][T19274] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4284'.
[ 1819.933727][T19274] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4284'.
[ 1819.933992][T19274] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4284'.
[ 1819.934460][T19274] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4284'.
[ 1819.934789][T19274] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4284'.
[ 1819.935090][T19274] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4284'.
[ 1819.935366][T19274] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4284'.
[ 1819.956311][T19210] chnl_net:caif_netlink_parms(): no params data found
[ 1820.272289][T18025] Bluetooth: hci6: command tx timeout
[ 1821.692165][T18394] hsr_slave_0: left promiscuous mode
[ 1821.754848][T18394] hsr_slave_1: left promiscuous mode
[ 1821.755902][T18394] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1821.803627][T18394] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1821.894672][T19300] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1821.894704][T19300] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[ 1821.894740][T19300] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1822.422078][T18264] usb 10-1: USB disconnect, device number 31
[ 1823.273059][T18394] team0 (unregistering): Port device team_slave_1 removed
[ 1823.382102][T18264] usb 10-1: new high-speed USB device number 32 using dummy_hcd
[ 1823.454876][T18394] team0 (unregistering): Port device team_slave_0 removed
[ 1823.736354][T18264] usb 10-1: Using ep0 maxpacket: 8
[ 1824.056768][T18264] usb 10-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1824.056804][T18264] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1824.071911][T18264] usb 10-1: config 0 descriptor??
[ 1824.296380][T18264] asix 10-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[ 1824.296685][T18264] asix 10-1:0.0: probe with driver asix failed with error -32
[ 1825.240964][T19306] __nla_validate_parse: 65 callbacks suppressed
[ 1825.240989][T19306] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4292'.
[ 1826.030471][   T45] usb 10-1: USB disconnect, device number 32
[ 1826.208101][T19210] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1826.208335][T19210] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1826.208562][T19210] bridge_slave_0: entered allmulticast mode
[ 1826.211614][T19210] bridge_slave_0: entered promiscuous mode
[ 1826.215903][T19210] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1826.216117][T19210] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1826.216321][T19210] bridge_slave_1: entered allmulticast mode
[ 1826.219220][T19210] bridge_slave_1: entered promiscuous mode
[ 1826.492135][T19324] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4297'.
[ 1826.492620][T19324] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4297'.
[ 1826.492971][T19324] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4297'.
[ 1826.493265][T19324] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4297'.
[ 1826.493559][T19324] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4297'.
[ 1826.493847][T19324] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4297'.
[ 1826.494128][T19324] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4297'.
[ 1826.494413][T19324] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4297'.
[ 1826.494701][T19324] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4297'.
[ 1826.682182][   T45] usb 10-1: new high-speed USB device number 33 using dummy_hcd
[ 1826.795529][T19210] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1826.800134][T19210] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1826.852086][   T45] usb 10-1: Using ep0 maxpacket: 32
[ 1826.879815][   T45] usb 10-1: config 0 has an invalid interface number: 12 but max is 0
[ 1826.879896][   T45] usb 10-1: config 0 has no interface number 0
[ 1826.879954][   T45] usb 10-1: config 0 interface 12 has no altsetting 0
[ 1826.888781][   T45] usb 10-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[ 1826.888820][   T45] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1826.888847][   T45] usb 10-1: Product: syz
[ 1826.888863][   T45] usb 10-1: Manufacturer: syz
[ 1826.888881][   T45] usb 10-1: SerialNumber: syz
[ 1826.907348][   T45] usb 10-1: config 0 descriptor??
[ 1826.952063][    T9] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[ 1827.102073][    T9] usb 5-1: Using ep0 maxpacket: 32
[ 1827.117941][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1827.117971][    T9] usb 5-1: config 0 has no interfaces?
[ 1827.168512][    T9] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1827.168545][    T9] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1827.168567][    T9] usb 5-1: Product: syz
[ 1827.168578][    T9] usb 5-1: Manufacturer: syz
[ 1827.168589][    T9] usb 5-1: SerialNumber: syz
[ 1827.214959][    T9] usb 5-1: config 0 descriptor??
[ 1827.517925][ T5809] usb 5-1: USB disconnect, device number 77
[ 1827.532705][T19210] team0: Port device team_slave_0 added
[ 1827.537768][T19210] team0: Port device team_slave_1 added
[ 1828.012205][ T5809] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[ 1828.064181][T19210] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1828.064198][T19210] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1828.064222][T19210] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1828.148475][T19210] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1828.148494][T19210] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1828.148531][T19210] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1828.202096][ T5809] usb 5-1: Using ep0 maxpacket: 32
[ 1828.205596][ T5809] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1828.205627][ T5809] usb 5-1: config 0 has no interfaces?
[ 1828.209944][ T5809] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1828.209971][ T5809] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1828.209986][ T5809] usb 5-1: Product: syz
[ 1828.209997][ T5809] usb 5-1: Manufacturer: syz
[ 1828.210247][ T5809] usb 5-1: SerialNumber: syz
[ 1828.345851][ T5809] usb 5-1: config 0 descriptor??
[ 1828.567075][ T5896] usb 5-1: USB disconnect, device number 78
[ 1828.668614][T19210] hsr_slave_0: entered promiscuous mode
[ 1828.673358][T19210] hsr_slave_1: entered promiscuous mode
[ 1828.674478][T19210] debugfs: 'hsr0' already exists in 'hsr'
[ 1828.674509][T19210] Cannot create hsr debugfs directory
[ 1828.715521][ T5809] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[ 1829.182142][ T5809] usb 2-1: Using ep0 maxpacket: 32
[ 1829.379842][ T5809] usb 2-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[ 1829.379876][ T5809] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1829.468268][ T5809] usb 2-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1829.468302][ T5809] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1829.468325][ T5809] usb 2-1: Product: syz
[ 1829.468340][ T5809] usb 2-1: Manufacturer: syz
[ 1829.468354][ T5809] usb 2-1: SerialNumber: syz
[ 1829.505404][   T45] f81534 10-1:0.12: f81534_get_register: reg: 1003 failed: -71
[ 1829.505472][   T45] f81534 10-1:0.12: f81534_find_config_idx: read failed: -71
[ 1829.505495][   T45] f81534 10-1:0.12: f81534_calc_num_ports: find idx failed: -71
[ 1829.505619][   T45] f81534 10-1:0.12: probe with driver f81534 failed with error -71
[ 1829.516705][ T5809] usb 2-1: rejected 1 configuration due to insufficient available bus power
[ 1829.516740][ T5809] usb 2-1: no configuration chosen from 1 choice
[ 1829.531600][   T45] usb 10-1: USB disconnect, device number 33
[ 1829.852132][ T5905] usb 9-1: new high-speed USB device number 42 using dummy_hcd
[ 1830.002212][ T5905] usb 9-1: Using ep0 maxpacket: 8
[ 1830.004776][ T5905] usb 9-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1830.004809][ T5905] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1830.047142][ T5905] usb 9-1: config 0 descriptor??
[ 1830.480699][ T5905] asix 9-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[ 1830.481000][ T5905] asix 9-1:0.0: probe with driver asix failed with error -32
[ 1831.458770][ T5905] usb 2-1: USB disconnect, device number 32
[ 1832.182899][T19362] __nla_validate_parse: 64 callbacks suppressed
[ 1832.182925][T19362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4309'.
[ 1832.186552][T19362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4309'.
[ 1832.186986][T19362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4309'.
[ 1832.187295][T19362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4309'.
[ 1832.187583][T19362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4309'.
[ 1832.187849][T19362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4309'.
[ 1832.188141][T19362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4309'.
[ 1832.188446][T19362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4309'.
[ 1832.188711][T19362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4309'.
[ 1832.188964][T19362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4309'.
[ 1832.672409][    T9] usb 9-1: USB disconnect, device number 42
[ 1832.948014][T19375] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1833.612233][   T45] usb 9-1: new high-speed USB device number 43 using dummy_hcd
[ 1833.988309][   T45] usb 9-1: device descriptor read/64, error -71
[ 1834.292178][   T45] usb 9-1: new high-speed USB device number 44 using dummy_hcd
[ 1834.439884][   T38] kauditd_printk_skb: 28 callbacks suppressed
[ 1834.439905][   T38] audit: type=1326 audit(1759368296.927:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19386 comm="syz.1.4316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe5f72eec9 code=0x7ffc0000
[ 1834.442380][   T45] usb 9-1: device descriptor read/64, error -71
[ 1834.448586][   T38] audit: type=1326 audit(1759368296.937:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19386 comm="syz.1.4316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe5f72eec9 code=0x7ffc0000
[ 1834.463921][   T38] audit: type=1326 audit(1759368296.937:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19386 comm="syz.1.4316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7fbe5f72eec9 code=0x7ffc0000
[ 1834.463991][   T38] audit: type=1326 audit(1759368296.957:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19386 comm="syz.1.4316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe5f72eec9 code=0x7ffc0000
[ 1834.464048][   T38] audit: type=1326 audit(1759368296.957:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19386 comm="syz.1.4316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe5f72eec9 code=0x7ffc0000
[ 1834.464109][   T38] audit: type=1326 audit(1759368296.957:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19386 comm="syz.1.4316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fbe5f72eec9 code=0x7ffc0000
[ 1834.464554][   T38] audit: type=1326 audit(1759368296.957:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19386 comm="syz.1.4316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe5f72eec9 code=0x7ffc0000
[ 1834.464612][   T38] audit: type=1326 audit(1759368296.957:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19386 comm="syz.1.4316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe5f72eec9 code=0x7ffc0000
[ 1834.465172][   T38] audit: type=1326 audit(1759368296.957:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19386 comm="syz.1.4316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbe5f72d710 code=0x7ffc0000
[ 1834.466267][   T38] audit: type=1326 audit(1759368296.957:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19386 comm="syz.1.4316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fbe5f7306f7 code=0x7ffc0000
[ 1834.564769][   T45] usb usb9-port1: attempt power cycle
[ 1835.272453][   T45] usb 9-1: new high-speed USB device number 45 using dummy_hcd
[ 1835.384768][   T45] usb 9-1: device descriptor read/8, error -71
[ 1835.652266][   T45] usb 9-1: new high-speed USB device number 46 using dummy_hcd
[ 1835.676046][   T45] usb 9-1: device descriptor read/8, error -71
[ 1836.239104][   T45] usb usb9-port1: unable to enumerate USB device
[ 1836.969843][T19210] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1838.656195][T19210] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1847.130168][T19210] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1847.235543][T19210] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1848.102344][T19059] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[ 1848.328620][T19210] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1848.442237][T19059] usb 2-1: Using ep0 maxpacket: 16
[ 1848.473107][T19059] usb 2-1: config 0 has no interfaces?
[ 1848.473148][T19059] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1b34, bcdDevice= 0.00
[ 1848.473173][T19059] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1848.935228][T19059] usb 2-1: config 0 descriptor??
[ 1849.697359][T19210] 8021q: adding VLAN 0 to HW filter on device team0
[ 1849.900419][T19454] workqueue: Failed to create a rescuer kthread for wq "xfs-blockgc/nullb0": -EINTR
[ 1849.903638][T19460] afs: Unknown parameter 'dynck'
[ 1850.248665][ T5896] usb 2-1: USB disconnect, device number 33
[ 1850.494070][T18394] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1850.498434][T18394] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1850.572924][ T1422] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1850.577512][ T1422] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1851.292175][T19470] __nla_validate_parse: 101 callbacks suppressed
[ 1851.292198][T19470] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4337'.
[ 1851.295734][T19470] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4337'.
[ 1851.296086][T19470] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4337'.
[ 1851.296393][T19470] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4337'.
[ 1851.296672][T19470] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4337'.
[ 1851.296953][T19470] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4337'.
[ 1851.297229][T19470] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4337'.
[ 1851.297510][T19470] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4337'.
[ 1851.297776][T19470] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4337'.
[ 1851.298074][T19470] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4337'.
[ 1855.484268][T19501] afs: Unknown parameter 'dynck'
[ 1858.245237][T19503] fuse: Bad value for 'fd'
[ 1858.316724][T19210] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1858.840267][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[ 1858.871248][T19210] veth0_vlan: entered promiscuous mode
[ 1858.902719][T19210] veth1_vlan: entered promiscuous mode
[ 1858.914276][T19505] __nla_validate_parse: 137 callbacks suppressed
[ 1858.914297][T19505] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4348'.
[ 1858.914690][T19505] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4348'.
[ 1858.914991][T19505] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4348'.
[ 1858.915316][T19505] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4348'.
[ 1858.915622][T19505] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4348'.
[ 1858.915921][T19505] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4348'.
[ 1858.916207][T19505] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4348'.
[ 1858.916487][T19505] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4348'.
[ 1858.917576][T19505] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4348'.
[ 1858.917879][T19505] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4348'.
[ 1860.050880][T19516] workqueue: Failed to create a rescuer kthread for wq "xfs-reclaim/nullb0": -EINTR
[ 1860.491302][T19210] veth0_macvtap: entered promiscuous mode
[ 1860.517310][T19210] veth1_macvtap: entered promiscuous mode
[ 1860.621083][T19210] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1860.626722][T19533] binder_alloc: 19530: binder_alloc_buf, no vma
[ 1860.650191][T19210] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1860.676993][   T69] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1860.677724][   T69] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1860.677950][   T69] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1860.677984][   T69] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1865.890681][T19541] afs: Unknown parameter 'dynck'
[ 1866.687173][T18393] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1866.687198][T18393] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1866.898469][T19548] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1866.990552][ T1422] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1866.990576][ T1422] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1868.237828][T19554] o2cb: This node has not been configured.
[ 1868.237846][T19554] o2cb: Cluster check failed. Fix errors before retrying.
[ 1868.237876][T19554] (syz.2.3886,19554,0):user_dlm_register:674 ERROR: status = -22
[ 1868.237903][T19554] (syz.2.3886,19554,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[ 1869.645098][T19565] __nla_validate_parse: 139 callbacks suppressed
[ 1869.645116][T19565] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4363'.
[ 1869.645551][T19565] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4363'.
[ 1869.645850][T19565] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4363'.
[ 1869.646154][T19565] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4363'.
[ 1869.646426][T19565] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4363'.
[ 1869.646703][T19565] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4363'.
[ 1869.646984][T19565] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4363'.
[ 1869.647286][T19565] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4363'.
[ 1869.647541][T19565] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4363'.
[ 1869.647802][T19565] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4363'.
[ 1869.930864][T19572] binder_alloc: 19571: binder_alloc_buf, no vma
[ 1871.278288][T19584] overlayfs: missing 'lowerdir'
[ 1871.812055][T18264] usb 3-1: new low-speed USB device number 4 using dummy_hcd
[ 1872.118210][T19515] warn_alloc: 1 callbacks suppressed
[ 1872.118229][T19515] syz.1.4349: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1872.118286][T19515] CPU: 0 UID: 0 PID: 19515 Comm: syz.1.4349 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1872.118305][T19515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1872.118316][T19515] Call Trace:
[ 1872.118323][T19515]  <TASK>
[ 1872.118331][T19515]  dump_stack_lvl+0x189/0x250
[ 1872.118354][T19515]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1872.118371][T19515]  ? __pfx__printk+0x10/0x10
[ 1872.118392][T19515]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1872.118418][T19515]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1872.118442][T19515]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 1872.118465][T19515]  warn_alloc+0x22e/0x3b0
[ 1872.118498][T19515]  ? __pfx_warn_alloc+0x10/0x10
[ 1872.118530][T19515]  ? __get_vm_area_node+0x2bc/0x350
[ 1872.118553][T19515]  ? hash_netport4_resize+0x235/0x1b70
[ 1872.118575][T19515]  __vmalloc_node_range_noprof+0x67e/0x12f0
[ 1872.118598][T19515]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1872.118637][T19515]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1872.118664][T19515]  ? rcu_is_watching+0x15/0xb0
[ 1872.118685][T19515]  __kvmalloc_node_noprof+0x2ff/0x500
[ 1872.118709][T19515]  ? hash_netport4_resize+0x235/0x1b70
[ 1872.118727][T19515]  ? hash_netport4_resize+0x235/0x1b70
[ 1872.118749][T19515]  hash_netport4_resize+0x235/0x1b70
[ 1872.118773][T19515]  ? hash_netport4_uadt+0xc9a/0xf30
[ 1872.118794][T19515]  ? __pfx_hash_netport4_add+0x10/0x10
[ 1872.118817][T19515]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1872.118851][T19515]  ? rt_write_unlock+0x191/0x230
[ 1872.118877][T19515]  call_ad+0x3c5/0x9c0
[ 1872.118907][T19515]  ? __pfx_call_ad+0x10/0x10
[ 1872.118940][T19515]  ? __nla_parse+0x40/0x60
[ 1872.118960][T19515]  ip_set_ad+0x797/0x940
[ 1872.118990][T19515]  ? __pfx_ip_set_ad+0x10/0x10
[ 1872.119014][T19515]  ? do_raw_spin_lock+0x121/0x290
[ 1872.119069][T19515]  nfnetlink_rcv_msg+0xb69/0x1150
[ 1872.119094][T19515]  ? nfnetlink_rcv_msg+0x212/0x1150
[ 1872.119131][T19515]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1872.119151][T19515]  ? kasan_save_free_info+0x46/0x50
[ 1872.119217][T19515]  netlink_rcv_skb+0x208/0x470
[ 1872.119242][T19515]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1872.119267][T19515]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1872.119301][T19515]  ? bpf_lsm_capable+0x9/0x20
[ 1872.119322][T19515]  ? security_capable+0x7e/0x2e0
[ 1872.119351][T19515]  nfnetlink_rcv+0x26a/0x2530
[ 1872.119375][T19515]  ? __dev_queue_xmit+0x1d3d/0x3b70
[ 1872.119402][T19515]  ? __dev_queue_xmit+0x26f/0x3b70
[ 1872.119432][T19515]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1872.119453][T19515]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1872.119484][T19515]  ? ref_tracker_free+0x61e/0x7c0
[ 1872.119509][T19515]  ? __asan_memcpy+0x40/0x70
[ 1872.119525][T19515]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1872.119563][T19515]  ? skb_clone+0x246/0x3a0
[ 1872.119585][T19515]  ? __netlink_deliver_tap+0x807/0x850
[ 1872.119609][T19515]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1872.119639][T19515]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1872.119678][T19515]  netlink_unicast+0x846/0xa10
[ 1872.119707][T19515]  ? __pfx_netlink_unicast+0x10/0x10
[ 1872.119731][T19515]  ? netlink_sendmsg+0x642/0xb30
[ 1872.119755][T19515]  ? skb_put+0x11b/0x210
[ 1872.119774][T19515]  netlink_sendmsg+0x805/0xb30
[ 1872.119807][T19515]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1872.119845][T19515]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1872.119870][T19515]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1872.119896][T19515]  __sock_sendmsg+0x21c/0x270
[ 1872.119921][T19515]  ____sys_sendmsg+0x508/0x820
[ 1872.119943][T19515]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1872.119968][T19515]  ? import_iovec+0x74/0xa0
[ 1872.119991][T19515]  ___sys_sendmsg+0x21f/0x2a0
[ 1872.120014][T19515]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1872.120061][T19515]  ? __fget_files+0x2a/0x420
[ 1872.120083][T19515]  ? __fget_files+0x3a6/0x420
[ 1872.120114][T19515]  __x64_sys_sendmsg+0x1a1/0x260
[ 1872.120134][T19515]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1872.120161][T19515]  ? rcu_is_watching+0x15/0xb0
[ 1872.120183][T19515]  ? do_syscall_64+0xbe/0x3b0
[ 1872.120204][T19515]  do_syscall_64+0xfa/0x3b0
[ 1872.120219][T19515]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1872.120235][T19515]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1872.120251][T19515]  ? clear_bhb_loop+0x60/0xb0
[ 1872.120272][T19515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1872.120288][T19515] RIP: 0033:0x7fbe5f72eec9
[ 1872.120304][T19515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1872.120320][T19515] RSP: 002b:00007fbe5d94c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1872.120336][T19515] RAX: ffffffffffffffda RBX: 00007fbe5f986180 RCX: 00007fbe5f72eec9
[ 1872.120350][T19515] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 0000000000000009
[ 1872.120361][T19515] RBP: 00007fbe5f7b1f91 R08: 0000000000000000 R09: 0000000000000000
[ 1872.120372][T19515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1872.120381][T19515] R13: 00007fbe5f986218 R14: 00007fbe5f986180 R15: 00007fff65bf2e88
[ 1872.120407][T19515]  </TASK>
[ 1872.120414][T19515] Mem-Info:
[ 1872.120421][T19515] active_anon:467 inactive_anon:12461 isolated_anon:0
[ 1872.120421][T19515]  active_file:25443 inactive_file:36717 isolated_file:0
[ 1872.120421][T19515]  unevictable:768 dirty:146 writeback:0
[ 1872.120421][T19515]  slab_reclaimable:12769 slab_unreclaimable:109522
[ 1872.120421][T19515]  mapped:41206 shmem:10188 pagetables:1132
[ 1872.120421][T19515]  sec_pagetables:0 bounce:0
[ 1872.120421][T19515]  kernel_misc_reclaimable:0
[ 1872.120421][T19515]  free:1295498 free_pcp:2412 free_cma:0
[ 1872.120465][T19515] Node 0 active_anon:1868kB inactive_anon:49844kB active_file:101568kB inactive_file:146868kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:164824kB dirty:584kB writeback:0kB shmem:39216kB kernel_stack:12716kB pagetables:4392kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1872.120502][T19515] Node 1 active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1872.120536][T19515] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1872.120583][T19515] lowmem_reserve[]: 0 2516 2517 2517 2517
[ 1872.120610][T19515] Node 0 DMA32 free:1258688kB boost:0kB min:3944kB low:6492kB high:9040kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1864kB inactive_anon:49800kB active_file:99784kB inactive_file:146800kB unevictable:1536kB writepending:584kB present:3129332kB managed:2576456kB mlocked:0kB bounce:0kB free_pcp:9648kB local_pcp:2180kB free_cma:0kB
[ 1872.120657][T19515] lowmem_reserve[]: 0 0 1 1 1
[ 1872.120682][T19515] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:44kB active_file:1784kB inactive_file:68kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1872.120726][T19515] lowmem_reserve[]: 0 0 0 0 0
[ 1872.120750][T19515] Node 1 Normal free:3907944kB boost:0kB min:6360kB low:10468kB high:14576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1872.120798][T19515] lowmem_reserve[]: 0 0 0 0 0
[ 1872.120831][T19515] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1872.120921][T19515] Node 0 DMA32: 2*4kB (UE) 602*8kB (UME) 455*16kB (UME) 268*32kB (UE) 245*64kB (UME) 297*128kB (UME) 192*256kB (UME) 87*512kB (UME) 59*1024kB (UME) 25*2048kB (UME) 239*4096kB (M) = 1258632kB
[ 1872.121047][T19515] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1872.808592][T19515] Node 1 Normal: 200*4kB (UE) 43*8kB (UME) 39*16kB (UME) 208*32kB (UME) 88*64kB (UME) 31*128kB (UME) 17*256kB (UM) 7*512kB (UM) 3*1024kB (UM) 4*2048kB (UME) 945*4096kB (M) = 3907944kB
[ 1872.808795][T19515] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1872.808935][T19515] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[ 1872.808955][T19515] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1872.808978][T19515] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1872.808999][T19515] 72346 total pagecache pages
[ 1872.809009][T19515] 1 pages in swap cache
[ 1872.809019][T19515] Free swap  = 124992kB
[ 1872.809029][T19515] Total swap = 124996kB
[ 1872.809040][T19515] 2097051 pages RAM
[ 1872.809049][T19515] 0 pages HighMem/MovableOnly
[ 1872.809057][T19515] 420847 pages reserved
[ 1872.809067][T19515] 0 pages cma reserved
[ 1874.362631][ T5809] usb 9-1: new high-speed USB device number 47 using dummy_hcd
[ 1874.564198][ T5809] usb 9-1: Using ep0 maxpacket: 32
[ 1874.567742][ T5809] usb 9-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[ 1874.567803][ T5809] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[ 1874.567895][ T5809] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1874.567921][ T5809] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1874.622518][ T5809] usb 9-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1874.622550][ T5809] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1874.622573][ T5809] usb 9-1: Product: syz
[ 1874.622588][ T5809] usb 9-1: Manufacturer: syz
[ 1874.622604][ T5809] usb 9-1: SerialNumber: syz
[ 1874.667722][ T5809] usb 9-1: config 0 descriptor??
[ 1874.959751][T19059] usb 9-1: USB disconnect, device number 47
[ 1875.353574][T19615] binder_alloc: 19614: binder_alloc_buf, no vma
[ 1875.755809][ T5135] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1875.763183][ T5135] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1875.777501][ T5135] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1875.778888][ T5135] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1875.803520][ T5135] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1875.890229][T18264] usb 3-1: device descriptor read/all, error -71
[ 1875.972285][ T5809] usb 9-1: new high-speed USB device number 48 using dummy_hcd
[ 1876.162094][ T5809] usb 9-1: Using ep0 maxpacket: 32
[ 1876.164833][ T5809] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1876.168041][ T5809] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1876.168071][ T5809] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1876.168093][ T5809] usb 9-1: Product: syz
[ 1876.168109][ T5809] usb 9-1: Manufacturer: syz
[ 1876.168124][ T5809] usb 9-1: SerialNumber: syz
[ 1876.172846][T19629] overlayfs: missing 'lowerdir'
[ 1876.179034][ T5809] usb 9-1: config 0 descriptor??
[ 1876.183535][ T5809] hub 9-1:0.0: bad descriptor, ignoring hub
[ 1876.183583][ T5809] hub 9-1:0.0: probe with driver hub failed with error -5
[ 1876.533642][T19059] usb 9-1: USB disconnect, device number 48
[ 1877.042739][T19059] usb 9-1: new high-speed USB device number 49 using dummy_hcd
[ 1877.119229][T19641] __nla_validate_parse: 143 callbacks suppressed
[ 1877.119275][T19641] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4386'.
[ 1877.622169][T19059] usb 9-1: Using ep0 maxpacket: 32
[ 1877.912016][T18025] Bluetooth: hci0: command tx timeout
[ 1877.949625][T19059] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1877.977883][T19059] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1877.977921][T19059] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1877.977948][T19059] usb 9-1: Product: syz
[ 1877.977966][T19059] usb 9-1: Manufacturer: syz
[ 1877.977984][T19059] usb 9-1: SerialNumber: syz
[ 1878.205182][T19059] usb 9-1: config 0 descriptor??
[ 1878.255456][T19059] hub 9-1:0.0: bad descriptor, ignoring hub
[ 1878.255499][T19059] hub 9-1:0.0: probe with driver hub failed with error -5
[ 1878.452943][T19059] usb 9-1: USB disconnect, device number 49
[ 1878.668468][ T4386] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1879.952313][T18025] Bluetooth: hci0: command tx timeout
[ 1880.138639][ T4386] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1880.253129][T19650] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4387'.
[ 1880.253563][T19650] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4387'.
[ 1880.253873][T19650] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4387'.
[ 1880.254170][T19650] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4387'.
[ 1880.254467][T19650] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4387'.
[ 1880.254732][T19650] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4387'.
[ 1880.255008][T19650] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4387'.
[ 1880.255290][T19650] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4387'.
[ 1880.255545][T19650] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4387'.
[ 1880.806086][ T4386] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1880.832299][ T5905] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[ 1880.982327][ T5905] usb 5-1: Using ep0 maxpacket: 32
[ 1880.988304][ T5905] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[ 1880.988374][ T5905] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[ 1880.988405][ T5905] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1880.988429][ T5905] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1881.043316][ T5905] usb 5-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1881.043351][ T5905] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1881.043377][ T5905] usb 5-1: Product: syz
[ 1881.043393][ T5905] usb 5-1: Manufacturer: syz
[ 1881.043409][ T5905] usb 5-1: SerialNumber: syz
[ 1881.088844][ T5905] usb 5-1: config 0 descriptor??
[ 1881.428911][T19059] usb 5-1: USB disconnect, device number 79
[ 1881.477063][ T4386] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1883.224919][T19618] chnl_net:caif_netlink_parms(): no params data found
[ 1883.972328][ T4386] bridge_slave_1: left allmulticast mode
[ 1883.972362][ T4386] bridge_slave_1: left promiscuous mode
[ 1883.972637][ T4386] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1884.557823][ T4386] bridge_slave_0: left allmulticast mode
[ 1884.557849][ T4386] bridge_slave_0: left promiscuous mode
[ 1884.558034][ T4386] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1886.062216][ T5911] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[ 1886.282064][ T5911] usb 3-1: Using ep0 maxpacket: 32
[ 1886.980141][ T5911] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[ 1886.980205][ T5911] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[ 1886.980236][ T5911] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1886.980262][ T5911] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1887.481342][ T5911] usb 3-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[ 1887.481366][ T5911] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1887.481381][ T5911] usb 3-1: Product: syz
[ 1887.481392][ T5911] usb 3-1: Manufacturer: syz
[ 1887.481403][ T5911] usb 3-1: SerialNumber: syz
[ 1887.560965][ T5911] usb 3-1: config 0 descriptor??
[ 1887.879129][ T5905] usb 3-1: USB disconnect, device number 6
[ 1889.622778][ T4386] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1889.685294][ T4386] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1889.705721][ T4386] bond0 (unregistering): Released all slaves
[ 1890.036709][T19719] __nla_validate_parse: 66 callbacks suppressed
[ 1890.036733][T19719] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4404'.
[ 1890.222711][T19618] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1890.222891][T19618] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1890.223151][T19618] bridge_slave_0: entered allmulticast mode
[ 1890.281679][T19618] bridge_slave_0: entered promiscuous mode
[ 1891.006441][T19618] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1891.006558][T19618] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1891.006733][T19618] bridge_slave_1: entered allmulticast mode
[ 1891.009019][T19618] bridge_slave_1: entered promiscuous mode
[ 1893.637689][T19770] Bluetooth: MGMT ver 1.23
[ 1893.693690][T19618] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1893.878975][T19618] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1894.902779][T19618] team0: Port device team_slave_0 added
[ 1894.914707][T19618] team0: Port device team_slave_1 added
[ 1895.440147][ T4386] hsr_slave_0: left promiscuous mode
[ 1895.542119][ T4386] hsr_slave_1: left promiscuous mode
[ 1895.543152][ T4386] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1895.543180][ T4386] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1895.813246][ T4386] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1895.813278][ T4386] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1895.957698][ T4386] veth1_macvtap: left promiscuous mode
[ 1895.957818][ T4386] veth0_macvtap: left promiscuous mode
[ 1895.958110][ T4386] veth1_vlan: left promiscuous mode
[ 1895.958300][ T4386] veth0_vlan: left promiscuous mode
[ 1897.281851][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1897.355616][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1897.429475][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1897.554604][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1897.623415][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1897.707265][T19811] o2cb: This node has not been configured.
[ 1897.707282][T19811] o2cb: Cluster check failed. Fix errors before retrying.
[ 1897.707311][T19811] (syz.2.4431,19811,1):user_dlm_register:674 ERROR: status = -22
[ 1897.707337][T19811] (syz.2.4431,19811,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[ 1897.747673][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1897.858436][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1897.923989][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1897.990667][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1898.044630][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1898.105255][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1898.177058][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1898.237152][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1898.309289][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1898.366101][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1898.421542][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1898.465094][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1898.522268][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1898.584118][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1898.649638][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1898.703823][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1898.759533][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1898.878754][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1898.932071][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1898.985550][ T4386] team0 (unregistering): Port device team_slave_1 removed
[ 1899.023522][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1899.083368][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1899.139820][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1899.191635][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1899.255852][ T4386] team0 (unregistering): Port device team_slave_0 removed
[ 1899.287690][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1899.391673][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1899.451187][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1899.519697][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1899.571554][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1899.638379][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1899.690932][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1899.759369][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1899.803311][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1899.853444][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1899.902037][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1899.960355][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1900.007344][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1900.068263][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1900.113814][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1900.172512][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1900.235399][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1900.290340][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1900.332440][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1900.398627][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1900.449976][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1900.504249][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1900.556982][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1900.605851][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1900.663312][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1900.727649][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1900.774139][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1900.870405][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1900.932549][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1901.000459][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1901.043351][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1901.155368][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1901.204019][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1901.256515][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1901.305141][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1901.357202][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1901.525414][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1901.569422][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1901.674336][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1901.739924][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1901.795303][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1901.870697][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1901.938850][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1902.082836][T19802] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4426'.
[ 1902.265806][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1902.369214][T19618] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1902.369232][T19618] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1902.369257][T19618] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1902.376594][T19618] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1902.376624][T19618] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1902.376649][T19618] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1903.061613][T19618] hsr_slave_0: entered promiscuous mode
[ 1903.100703][T19618] hsr_slave_1: entered promiscuous mode
[ 1903.101635][T19618] debugfs: 'hsr0' already exists in 'hsr'
[ 1903.101664][T19618] Cannot create hsr debugfs directory
[ 1904.226718][T19839] snd_dummy snd_dummy.0: control 1:1:3:syz1:9 is already present
[ 1905.893688][T19839] netlink: 44 bytes leftover after parsing attributes in process `syz.9.4438'.
[ 1906.663266][T19863] o2cb: This node has not been configured.
[ 1906.663283][T19863] o2cb: Cluster check failed. Fix errors before retrying.
[ 1906.663312][T19863] (syz.2.4444,19863,0):user_dlm_register:674 ERROR: status = -22
[ 1906.663338][T19863] (syz.2.4444,19863,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[ 1909.180347][T19877] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4447'.
[ 1909.828868][T19883] overlayfs: failed to decode file handle (len=6, type=248, flags=0, err=-22)
[ 1911.549966][   T45] usb 9-1: new high-speed USB device number 50 using dummy_hcd
[ 1912.895926][   T45] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1912.895958][   T45] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1912.895980][   T45] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1912.896036][   T45] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1912.901397][   T45] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1912.901430][   T45] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1912.901452][   T45] usb 9-1: Product: syz
[ 1912.901469][   T45] usb 9-1: Manufacturer: syz
[ 1912.985137][   T45] cdc_wdm 9-1:1.0: skipping garbage
[ 1912.985160][   T45] cdc_wdm 9-1:1.0: skipping garbage
[ 1912.987847][   T45] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[ 1912.987867][   T45] cdc_wdm 9-1:1.0: Unknown control protocol
[ 1913.222891][ T5905] usb 9-1: USB disconnect, device number 50
[ 1913.679806][T19618] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1914.760735][T19919] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4458'.
[ 1914.772055][ T5905] usb 9-1: new high-speed USB device number 51 using dummy_hcd
[ 1914.897035][   T38] kauditd_printk_skb: 11 callbacks suppressed
[ 1914.897061][   T38] audit: type=1326 audit(1759368377.387:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19923 comm="syz.8.4460" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa85c20eec9 code=0x0
[ 1915.962990][T19929] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4459'.
[ 1916.206772][T19618] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1916.325273][T19618] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1916.325754][T19933] overlayfs: failed to decode file handle (len=6, type=248, flags=0, err=-22)
[ 1916.730298][T19618] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1917.830219][T19956] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4468'.
[ 1918.087800][T19961] overlayfs: failed to decode file handle (len=6, type=248, flags=0, err=-22)
[ 1918.137893][T19618] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1918.207304][T19618] 8021q: adding VLAN 0 to HW filter on device team0
[ 1918.257840][ T4267] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1918.258069][ T4267] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1918.286292][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1918.286455][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1919.269383][T19966] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4470'.
[ 1919.897400][ T9797] usb 9-1: new high-speed USB device number 52 using dummy_hcd
[ 1919.969494][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[ 1920.084244][ T9797] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1920.084276][ T9797] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1920.084297][ T9797] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1920.084351][ T9797] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1920.095118][ T9797] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1920.095241][ T9797] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1920.095268][ T9797] usb 9-1: Product: syz
[ 1920.095286][ T9797] usb 9-1: Manufacturer: syz
[ 1920.115861][ T9797] cdc_wdm 9-1:1.0: skipping garbage
[ 1920.115887][ T9797] cdc_wdm 9-1:1.0: skipping garbage
[ 1920.118758][ T9797] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[ 1920.118780][ T9797] cdc_wdm 9-1:1.0: Unknown control protocol
[ 1920.411541][ T5905] usb 9-1: USB disconnect, device number 52
[ 1920.852066][ T5911] usb 9-1: new high-speed USB device number 53 using dummy_hcd
[ 1920.956987][T19618] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1921.006743][ T5911] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1921.006776][ T5911] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1921.006798][ T5911] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1921.006873][ T5911] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1921.010840][ T5911] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1921.010932][ T5911] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1921.010958][ T5911] usb 9-1: Product: syz
[ 1921.010974][ T5911] usb 9-1: Manufacturer: syz
[ 1921.054655][ T5911] cdc_wdm 9-1:1.0: skipping garbage
[ 1921.054682][ T5911] cdc_wdm 9-1:1.0: skipping garbage
[ 1921.072331][ T5911] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[ 1921.072357][ T5911] cdc_wdm 9-1:1.0: Unknown control protocol
[ 1921.622329][T20003] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1921.682180][   T45] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[ 1921.739398][T20006] overlayfs: failed to decode file handle (len=6, type=248, flags=0, err=-22)
[ 1921.799637][T20002] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1921.800098][T20002] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1921.830126][T19618] veth0_vlan: entered promiscuous mode
[ 1921.842388][   T45] usb 3-1: Using ep0 maxpacket: 16
[ 1921.846701][T19618] veth1_vlan: entered promiscuous mode
[ 1921.863600][   T45] usb 3-1: config 0 has no interfaces?
[ 1921.863639][   T45] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1b34, bcdDevice= 0.00
[ 1921.863665][   T45] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1921.870021][   T45] usb 3-1: config 0 descriptor??
[ 1921.892187][ T5911] usb 10-1: new high-speed USB device number 34 using dummy_hcd
[ 1921.950631][T19618] veth0_macvtap: entered promiscuous mode
[ 1921.965000][T20008] 9pnet_fd: Insufficient options for proto=fd
[ 1921.971403][T19618] veth1_macvtap: entered promiscuous mode
[ 1922.002463][T19618] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1922.025036][ T5911] usb 10-1: device descriptor read/64, error -71
[ 1922.029304][T19618] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1922.057874][ T4386] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1922.058173][ T4386] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1922.059363][T18393] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1922.059411][T18393] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1922.174272][ T5905] usb 3-1: USB disconnect, device number 7
[ 1922.263807][ T5911] usb 10-1: new high-speed USB device number 35 using dummy_hcd
[ 1922.402072][ T5911] usb 10-1: device descriptor read/64, error -71
[ 1922.625296][ T5911] usb usb10-port1: attempt power cycle
[ 1923.164589][T13451] usb 9-1: USB disconnect, device number 53
[ 1923.579094][   T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1923.579126][   T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1923.588628][T20014] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4484'.
[ 1923.590119][T20014] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4484'.
[ 1923.590407][T20014] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4484'.
[ 1923.590714][T20014] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4484'.
[ 1923.590970][T20014] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4484'.
[ 1923.591221][T20014] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4484'.
[ 1923.591494][T20014] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4484'.
[ 1923.591775][T20014] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4484'.
[ 1923.592113][T20014] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4484'.
[ 1923.592388][T20014] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4484'.
[ 1923.845287][ T5911] usb 10-1: new high-speed USB device number 36 using dummy_hcd
[ 1923.864651][ T5911] usb 10-1: device descriptor read/8, error -71
[ 1924.015895][T18394] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1924.015931][T18394] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1924.044386][  T989] usb 9-1: new high-speed USB device number 54 using dummy_hcd
[ 1924.114648][ T5911] usb 10-1: new high-speed USB device number 37 using dummy_hcd
[ 1924.135814][ T5911] usb 10-1: device descriptor read/8, error -71
[ 1924.672047][ T5911] usb usb10-port1: unable to enumerate USB device
[ 1924.692954][  T989] usb 9-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1924.692988][  T989] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1924.693012][  T989] usb 9-1: Product: syz
[ 1924.693028][  T989] usb 9-1: Manufacturer: syz
[ 1924.693045][  T989] usb 9-1: SerialNumber: syz
[ 1924.756896][  T989] usb 9-1: config 0 descriptor??
[ 1925.208918][  T989] usb 9-1: Firmware: major: 130, minor: 102, hardware type: HULUSB (4)
[ 1925.410172][  T989] usb 9-1: failed to fetch extended address, random address set
[ 1925.568257][T20043] overlayfs: failed to decode file handle (len=6, type=248, flags=0, err=-22)
[ 1925.783521][T20047] 9pnet_fd: Insufficient options for proto=fd
[ 1925.937160][  T989] usb 9-1: USB disconnect, device number 54
[ 1926.545179][T20059] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1926.982210][   T45] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[ 1927.191586][   T45] usb 7-1: device descriptor read/64, error -71
[ 1927.422150][   T45] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[ 1928.073042][   T45] usb 7-1: device descriptor read/64, error -71
[ 1928.612700][   T45] usb usb7-port1: attempt power cycle
[ 1928.944648][T20074] __nla_validate_parse: 28 callbacks suppressed
[ 1928.944671][T20074] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4500'.
[ 1929.002546][   T45] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[ 1930.137083][   T45] usb 7-1: device descriptor read/8, error -71
[ 1930.662059][T18025] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[ 1930.662392][T18025] Bluetooth: hci3: Injecting HCI hardware error event
[ 1930.666619][T18025] Bluetooth: hci3: hardware error 0x00
[ 1931.348461][   T38] audit: type=1326 audit(1759368393.837:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20085 comm="syz.6.4504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb19022eec9 code=0x7ffc0000
[ 1931.360390][   T38] audit: type=1326 audit(1759368393.847:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20085 comm="syz.6.4504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb19022eec9 code=0x7ffc0000
[ 1931.360461][   T38] audit: type=1326 audit(1759368393.847:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20085 comm="syz.6.4504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7fb19022eec9 code=0x7ffc0000
[ 1931.364618][   T38] audit: type=1326 audit(1759368393.847:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20085 comm="syz.6.4504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb19022eec9 code=0x7ffc0000
[ 1931.366578][   T38] audit: type=1326 audit(1759368393.857:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20085 comm="syz.6.4504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb19022eec9 code=0x7ffc0000
[ 1931.366915][   T38] audit: type=1326 audit(1759368393.857:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20085 comm="syz.6.4504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fb19022eec9 code=0x7ffc0000
[ 1931.369922][   T38] audit: type=1326 audit(1759368393.857:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20085 comm="syz.6.4504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb19022eec9 code=0x7ffc0000
[ 1931.373558][   T38] audit: type=1326 audit(1759368393.867:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20085 comm="syz.6.4504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb19022eec9 code=0x7ffc0000
[ 1931.373906][   T38] audit: type=1326 audit(1759368393.867:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20085 comm="syz.6.4504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb19022d710 code=0x7ffc0000
[ 1931.377460][   T38] audit: type=1326 audit(1759368393.867:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20085 comm="syz.6.4504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fb1902306f7 code=0x7ffc0000
[ 1931.577954][T20077] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1931.647491][T20077] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1932.522064][ T5809] usb 10-1: new low-speed USB device number 38 using dummy_hcd
[ 1932.808824][ T5809] usb 10-1: config 0 has an invalid interface number: 55 but max is 0
[ 1932.808857][ T5809] usb 10-1: config 0 has no interface number 0
[ 1932.808905][ T5809] usb 10-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1932.808931][ T5809] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1932.808960][ T5809] usb 10-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1932.808987][ T5809] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1932.809015][ T5809] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1932.809042][ T5809] usb 10-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1932.809087][ T5809] usb 10-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1932.809111][ T5809] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1933.862368][T18025] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[ 1933.947103][ T5809] usb 10-1: config 0 descriptor??
[ 1934.007595][T20094] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1934.007745][T20094] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1934.033535][ T5809] ldusb 10-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1934.713927][T20077] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1934.791817][T20077] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1935.523203][T18264] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[ 1935.732245][T18264] usb 3-1: Using ep0 maxpacket: 32
[ 1935.747541][T18264] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1935.747573][T18264] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 0
[ 1935.754698][T18264] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1935.754728][T18264] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1935.754752][T18264] usb 3-1: Product: syz
[ 1935.754767][T18264] usb 3-1: Manufacturer: syz
[ 1935.754784][T18264] usb 3-1: SerialNumber: syz
[ 1935.807920][T18264] usb 3-1: config 0 descriptor??
[ 1935.819325][T18264] hub 3-1:0.0: bad descriptor, ignoring hub
[ 1935.819366][T18264] hub 3-1:0.0: probe with driver hub failed with error -5
[ 1936.165349][T18264] usb 3-1: USB disconnect, device number 8
[ 1936.482740][ T5809] usb 10-1: USB disconnect, device number 38
[ 1936.512409][T18264] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[ 1936.513814][ T5809] ldusb 10-1:0.55: LD USB Device #0 now disconnected
[ 1936.668179][T18264] usb 3-1: Using ep0 maxpacket: 32
[ 1936.681200][T18264] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1936.681234][T18264] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 0
[ 1936.706990][T18264] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1936.707024][T18264] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1936.707047][T18264] usb 3-1: Product: syz
[ 1936.707063][T18264] usb 3-1: Manufacturer: syz
[ 1936.707080][T18264] usb 3-1: SerialNumber: syz
[ 1936.744475][T18264] usb 3-1: config 0 descriptor??
[ 1936.759515][T18264] hub 3-1:0.0: bad descriptor, ignoring hub
[ 1936.759559][T18264] hub 3-1:0.0: probe with driver hub failed with error -5
[ 1936.916159][ T4386] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1936.918365][T20116] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1936.936841][T20116] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1936.986372][T20120] tipc: Started in network mode
[ 1936.986407][T20120] tipc: Node identity 6644dc76224f, cluster identity 4711
[ 1936.986667][T20120] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1936.996628][T20121] syzkaller0: entered promiscuous mode
[ 1936.996663][T20121] syzkaller0: entered allmulticast mode
[ 1937.016708][ T4386] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1937.026711][ T4386] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1937.026779][ T4386] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1937.051576][T20118] tipc: Resetting bearer <eth:syzkaller0>
[ 1937.072500][ T5905] usb 3-1: USB disconnect, device number 9
[ 1937.099204][T20117] tipc: Resetting bearer <eth:syzkaller0>
[ 1937.395451][T18025] Bluetooth: hci6: command 0x0406 tx timeout
[ 1937.630092][T20144] 9pnet_virtio: no channels available for device syz
[ 1938.146435][T16543] tipc: Node number set to 1141628022
[ 1938.389862][T20117] tipc: Disabling bearer <eth:syzkaller0>
[ 1939.331761][T20175] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1940.022159][ T5911] usb 10-1: new high-speed USB device number 39 using dummy_hcd
[ 1940.092004][ T5809] usb 7-1: new low-speed USB device number 25 using dummy_hcd
[ 1940.160134][ T5911] usb 10-1: device descriptor read/64, error -71
[ 1940.309296][ T5809] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[ 1940.309331][ T5809] usb 7-1: config 0 has no interface number 0
[ 1940.309372][ T5809] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1940.309389][ T5809] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1940.309409][ T5809] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1940.309427][ T5809] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1940.309446][ T5809] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1940.309465][ T5809] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1940.309497][ T5809] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1940.309514][ T5809] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1940.482132][ T5911] usb 10-1: new high-speed USB device number 40 using dummy_hcd
[ 1940.612145][ T5911] usb 10-1: device descriptor read/64, error -71
[ 1940.637094][ T5809] usb 7-1: config 0 descriptor??
[ 1940.641680][T20178] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1940.647436][T20178] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1940.722677][ T5911] usb usb10-port1: attempt power cycle
[ 1940.781134][ T5809] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1940.966981][T20183] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4528'.
[ 1940.967346][T20183] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4528'.
[ 1940.967513][T20183] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4528'.
[ 1940.967668][T20183] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4528'.
[ 1940.967815][T20183] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4528'.
[ 1940.967975][T20183] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4528'.
[ 1940.968143][T20183] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4528'.
[ 1940.968330][T20183] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4528'.
[ 1940.968497][T20183] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4528'.
[ 1940.968661][T20183] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4528'.
[ 1941.125074][ T5911] usb 10-1: new high-speed USB device number 41 using dummy_hcd
[ 1941.142814][ T5911] usb 10-1: device descriptor read/8, error -71
[ 1941.382067][ T5911] usb 10-1: new high-speed USB device number 42 using dummy_hcd
[ 1941.403018][ T5911] usb 10-1: device descriptor read/8, error -71
[ 1941.512684][ T5911] usb usb10-port1: unable to enumerate USB device
[ 1944.162919][  T989] usb 7-1: USB disconnect, device number 25
[ 1944.169500][  T989] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[ 1944.285628][T20199] overlayfs: missing 'workdir'
[ 1948.360788][T20231] 9pnet_fd: Insufficient options for proto=fd
[ 1951.362532][   T57] Bluetooth: Error in BCSP hdr checksum
[ 1952.738986][   T38] kauditd_printk_skb: 10 callbacks suppressed
[ 1952.739007][   T38] audit: type=1326 audit(1759368415.227:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20276 comm="syz.6.4560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb190225d67 code=0x7ffc0000
[ 1952.740878][   T38] audit: type=1326 audit(1759368415.227:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20276 comm="syz.6.4560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb1901caf79 code=0x7ffc0000
[ 1952.740937][   T38] audit: type=1326 audit(1759368415.227:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20276 comm="syz.6.4560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb19022eec9 code=0x7ffc0000
[ 1952.741667][   T38] audit: type=1326 audit(1759368415.227:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20276 comm="syz.6.4560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb190225d67 code=0x7ffc0000
[ 1952.741722][   T38] audit: type=1326 audit(1759368415.227:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20276 comm="syz.6.4560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb1901caf79 code=0x7ffc0000
[ 1952.783247][   T38] audit: type=1326 audit(1759368415.227:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20276 comm="syz.6.4560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb190225d67 code=0x7ffc0000
[ 1952.783310][   T38] audit: type=1326 audit(1759368415.277:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20276 comm="syz.6.4560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb1901caf79 code=0x7ffc0000
[ 1952.813079][   T38] audit: type=1326 audit(1759368415.307:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20276 comm="syz.6.4560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb190225d67 code=0x7ffc0000
[ 1952.813147][   T38] audit: type=1326 audit(1759368415.307:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20276 comm="syz.6.4560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb1901caf79 code=0x7ffc0000
[ 1952.813836][   T38] audit: type=1326 audit(1759368415.307:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20276 comm="syz.6.4560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb190225d67 code=0x7ffc0000
[ 1953.142023][ T5135] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1953.142050][T18025] Bluetooth: hci4: command 0x1003 tx timeout
[ 1953.542715][  T989] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[ 1953.692102][  T989] usb 5-1: Using ep0 maxpacket: 32
[ 1953.695894][  T989] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1953.715673][  T989] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1953.715712][  T989] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1953.715738][  T989] usb 5-1: Product: syz
[ 1953.715756][  T989] usb 5-1: Manufacturer: syz
[ 1953.715774][  T989] usb 5-1: SerialNumber: syz
[ 1953.735483][  T989] usb 5-1: config 0 descriptor??
[ 1953.736464][T20288] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1953.745535][  T989] hub 5-1:0.0: bad descriptor, ignoring hub
[ 1953.745581][  T989] hub 5-1:0.0: probe with driver hub failed with error -5
[ 1953.834743][T20296] afs: Unknown parameter 'dynck'
[ 1953.835563][T20296] __nla_validate_parse: 28 callbacks suppressed
[ 1953.835576][T20296] netlink: 24 bytes leftover after parsing attributes in process `syz.9.4568'.
[ 1954.153858][  T989] usb 5-1: USB disconnect, device number 80
[ 1954.792779][  T989] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[ 1955.085472][  T989] usb 5-1: Using ep0 maxpacket: 32
[ 1955.161139][  T989] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1955.167935][  T989] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1955.167967][  T989] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1955.167992][  T989] usb 5-1: Product: syz
[ 1955.168008][  T989] usb 5-1: Manufacturer: syz
[ 1955.168025][  T989] usb 5-1: SerialNumber: syz
[ 1955.217225][  T989] usb 5-1: config 0 descriptor??
[ 1955.219166][T20288] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1955.236403][  T989] hub 5-1:0.0: bad descriptor, ignoring hub
[ 1955.236447][  T989] hub 5-1:0.0: probe with driver hub failed with error -5
[ 1955.532449][  T989] usb 5-1: USB disconnect, device number 81
[ 1956.742302][ T5911] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[ 1956.924480][ T5911] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1956.924503][ T5911] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1956.924517][ T5911] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1956.924554][ T5911] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1956.926402][ T5911] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1956.926423][ T5911] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1956.926438][ T5911] usb 5-1: Product: syz
[ 1956.926449][ T5911] usb 5-1: Manufacturer: syz
[ 1957.010087][ T5911] cdc_wdm 5-1:1.0: skipping garbage
[ 1957.010109][ T5911] cdc_wdm 5-1:1.0: skipping garbage
[ 1957.025465][ T5911] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[ 1957.025490][ T5911] cdc_wdm 5-1:1.0: Unknown control protocol
[ 1957.218446][ T5911] usb 5-1: USB disconnect, device number 82
[ 1957.692226][ T5911] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[ 1957.845797][ T5911] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1957.845831][ T5911] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1957.845852][ T5911] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1957.845912][ T5911] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1957.894074][ T5911] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1957.894109][ T5911] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1957.894133][ T5911] usb 5-1: Product: syz
[ 1957.894150][ T5911] usb 5-1: Manufacturer: syz
[ 1957.944399][ T5911] cdc_wdm 5-1:1.0: skipping garbage
[ 1957.944415][ T5911] cdc_wdm 5-1:1.0: skipping garbage
[ 1957.966838][ T5911] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[ 1957.966861][ T5911] cdc_wdm 5-1:1.0: Unknown control protocol
[ 1958.023197][T20326] tipc: Started in network mode
[ 1958.023230][T20326] tipc: Node identity 467a8dc50262, cluster identity 4711
[ 1958.023442][T20326] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1958.024402][T20326] syzkaller0: entered promiscuous mode
[ 1958.024425][T20326] syzkaller0: entered allmulticast mode
[ 1958.186698][T20327] tipc: Resetting bearer <eth:syzkaller0>
[ 1958.232476][T20325] tipc: Resetting bearer <eth:syzkaller0>
[ 1958.428639][T20325] tipc: Disabling bearer <eth:syzkaller0>
[ 1958.776120][T20331] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1958.779176][T20331] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1959.462317][ T5135] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1959.960081][T20343] block nbd6: shutting down sockets
[ 1959.992282][T18264] usb 5-1: USB disconnect, device number 83
[ 1960.420861][T20358] tipc: Started in network mode
[ 1960.420904][T20358] tipc: Node identity 9629e1b62268, cluster identity 4711
[ 1960.421189][T20358] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1960.444100][T20358] syzkaller0: entered promiscuous mode
[ 1960.444130][T20358] syzkaller0: entered allmulticast mode
[ 1960.687903][T20361] tipc: Resetting bearer <eth:syzkaller0>
[ 1960.807277][T20357] tipc: Resetting bearer <eth:syzkaller0>
[ 1960.919054][T20357] tipc: Disabling bearer <eth:syzkaller0>
[ 1961.318627][T20371] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4586'.
[ 1961.319035][T20371] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4586'.
[ 1961.319228][T20371] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4586'.
[ 1961.319413][T20371] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4586'.
[ 1961.319597][T20371] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4586'.
[ 1961.319776][T20371] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4586'.
[ 1961.319972][T20371] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4586'.
[ 1961.320187][T20371] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4586'.
[ 1961.320396][T20371] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4586'.
[ 1961.320576][T20371] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4586'.
[ 1963.570345][T20383] 9pnet_fd: Insufficient options for proto=fd
[ 1963.782179][T18025] Bluetooth: hci4: command 0x1003 tx timeout
[ 1963.782884][ T5135] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1967.633055][ T5135] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1969.516972][T18264] usb 3-1: new low-speed USB device number 10 using dummy_hcd
[ 1969.672671][T18264] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[ 1969.672702][T18264] usb 3-1: config 0 has no interface number 0
[ 1969.672755][T18264] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1969.672780][T18264] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1969.672808][T18264] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1969.672836][T18264] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1969.672864][T18264] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1969.672892][T18264] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1969.672937][T18264] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1969.672960][T18264] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1969.794001][T18264] usb 3-1: config 0 descriptor??
[ 1969.795441][T20443] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1969.795735][T20443] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1969.825077][T18264] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1970.172778][T20454] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1973.002772][ T9797] usb 3-1: USB disconnect, device number 10
[ 1973.015290][ T9797] ldusb 3-1:0.55: LD USB Device #0 now disconnected
[ 1973.691384][T20473] 9pnet_virtio: no channels available for device syz
[ 1974.902183][ T5135] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1976.524300][T20503] __nla_validate_parse: 65 callbacks suppressed
[ 1976.524324][T20503] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4631'.
[ 1976.526307][T20503] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4631'.
[ 1976.526594][T20503] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4631'.
[ 1976.526829][T20503] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4631'.
[ 1976.527053][T20503] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4631'.
[ 1976.532283][T20503] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4631'.
[ 1976.534878][T20503] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4631'.
[ 1976.535220][T20503] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4631'.
[ 1976.535471][T20503] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4631'.
[ 1976.537926][T20503] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4631'.
[ 1977.003691][  T989] usb 10-1: new high-speed USB device number 43 using dummy_hcd
[ 1977.142666][ T9797] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[ 1977.162389][  T989] usb 10-1: Using ep0 maxpacket: 8
[ 1977.169398][  T989] usb 10-1: config index 0 descriptor too short (expected 301, got 45)
[ 1977.169442][  T989] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1977.169459][  T989] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1977.169477][  T989] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1977.169495][  T989] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1977.169526][  T989] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1977.169543][  T989] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1977.342079][ T9797] usb 7-1: Using ep0 maxpacket: 16
[ 1977.344767][ T9797] usb 7-1: config 0 has no interfaces?
[ 1977.344795][ T9797] usb 7-1: New USB device found, idVendor=1b1c, idProduct=1b34, bcdDevice= 0.00
[ 1977.344813][ T9797] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1977.387056][ T9797] usb 7-1: config 0 descriptor??
[ 1977.457925][  T989] usb 10-1: usb_control_msg returned -32
[ 1977.457962][  T989] usbtmc 10-1:16.0: can't read capabilities
[ 1977.667685][ T9797] usb 7-1: USB disconnect, device number 26
[ 1977.752072][  T989] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[ 1977.922850][  T989] usb 3-1: Using ep0 maxpacket: 32
[ 1977.926004][  T989] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1977.928361][  T989] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1977.928383][  T989] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1977.928399][  T989] usb 3-1: Product: syz
[ 1977.928409][  T989] usb 3-1: Manufacturer: syz
[ 1977.928420][  T989] usb 3-1: SerialNumber: syz
[ 1977.984124][  T989] usb 3-1: config 0 descriptor??
[ 1977.985113][T20513] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[ 1978.007029][  T989] hub 3-1:0.0: bad descriptor, ignoring hub
[ 1978.007072][  T989] hub 3-1:0.0: probe with driver hub failed with error -5
[ 1978.392506][T13451] usb 3-1: USB disconnect, device number 11
[ 1979.171824][T20526] fuse: Bad value for 'fd'
[ 1980.278931][ T5911] usb 10-1: USB disconnect, device number 43
[ 1980.332502][   T38] kauditd_printk_skb: 263 callbacks suppressed
[ 1980.332523][   T38] audit: type=1326 audit(1759368442.827:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20533 comm="syz.2.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb2fdeec9 code=0x7ffc0000
[ 1980.332573][   T38] audit: type=1326 audit(1759368442.827:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20533 comm="syz.2.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb2fdeec9 code=0x7ffc0000
[ 1980.339737][   T38] audit: type=1326 audit(1759368442.827:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20533 comm="syz.2.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7f4cb2fdeec9 code=0x7ffc0000
[ 1980.339794][   T38] audit: type=1326 audit(1759368442.827:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20533 comm="syz.2.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb2fdeec9 code=0x7ffc0000
[ 1980.339844][   T38] audit: type=1326 audit(1759368442.827:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20533 comm="syz.2.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb2fdeec9 code=0x7ffc0000
[ 1980.340401][   T38] audit: type=1326 audit(1759368442.827:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20533 comm="syz.2.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7f4cb2fdeec9 code=0x7ffc0000
[ 1980.340545][   T38] audit: type=1326 audit(1759368442.827:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20533 comm="syz.2.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb2fdeec9 code=0x7ffc0000
[ 1980.340594][   T38] audit: type=1326 audit(1759368442.827:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20533 comm="syz.2.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4cb2fdeec9 code=0x7ffc0000
[ 1980.343660][   T38] audit: type=1326 audit(1759368442.827:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20533 comm="syz.2.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4cb2fdd710 code=0x7ffc0000
[ 1980.343728][   T38] audit: type=1326 audit(1759368442.837:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20533 comm="syz.2.4649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f4cb2fe06f7 code=0x7ffc0000
[ 1981.392960][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[ 1982.600180][T20546] __nla_validate_parse: 29 callbacks suppressed
[ 1982.600205][T20546] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4653'.
[ 1982.902142][ T5809] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[ 1983.056474][ T5809] usb 5-1: Using ep0 maxpacket: 16
[ 1983.058931][ T5809] usb 5-1: config 0 has no interfaces?
[ 1983.058970][ T5809] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1b34, bcdDevice= 0.00
[ 1983.058995][ T5809] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1983.068945][ T5809] usb 5-1: config 0 descriptor??
[ 1983.380728][  T989] usb 9-1: new high-speed USB device number 55 using dummy_hcd
[ 1983.563234][  T989] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1983.563266][  T989] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1983.563286][  T989] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1983.563341][  T989] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1983.565835][  T989] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1983.565865][  T989] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1983.565888][  T989] usb 9-1: Product: syz
[ 1983.565904][  T989] usb 9-1: Manufacturer: syz
[ 1983.570202][ T5809] usb 5-1: USB disconnect, device number 84
[ 1983.711203][  T989] cdc_wdm 9-1:1.0: skipping garbage
[ 1983.711225][  T989] cdc_wdm 9-1:1.0: skipping garbage
[ 1983.733618][  T989] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[ 1983.733642][  T989] cdc_wdm 9-1:1.0: Unknown control protocol
[ 1983.776094][T20553] syz.6.4655 (20553): drop_caches: 2
[ 1983.932831][ T5809] usb 9-1: USB disconnect, device number 55
[ 1984.429972][T20585] 9pnet_virtio: no channels available for device syz
[ 1984.543001][T20587] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4667'.
[ 1984.675901][T20588] ------------[ cut here ]------------
[ 1984.675924][T20588] WARNING: CPU: 0 PID: 20588 at ./include/linux/seqlock.h:221 cgroup_freeze+0x80a/0xf90
[ 1984.675983][T20588] Modules linked in:
[ 1984.676009][T20588] CPU: 0 UID: 0 PID: 20588 Comm: syz.2.4667 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1984.676035][T20588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1984.676050][T20588] RIP: 0010:cgroup_freeze+0x80a/0xf90
[ 1984.676081][T20588] Code: 90 e9 9e fb ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c e7 f9 ff ff 4c 89 f7 e8 e1 43 67 00 e9 da f9 ff ff e8 17 68 06 00 90 <0f> 0b 90 e9 10 fc ff ff 44 89 f9 80 e1 07 38 c1 48 8b 0c 24 0f 8c
[ 1984.676102][T20588] RSP: 0018:ffffc90004f4f8e0 EFLAGS: 00010287
[ 1984.676122][T20588] RAX: ffffffff81b6c6b9 RBX: 0000000000000000 RCX: 0000000000080000
[ 1984.676138][T20588] RDX: ffffc9000f88b000 RSI: 00000000000000a8 RDI: 00000000000000a9
[ 1984.676153][T20588] RBP: ffffc90004f4fa70 R08: 0000000000000000 R09: 0000000000000000
[ 1984.676168][T20588] R10: dffffc0000000000 R11: fffffbfff1d6d2c7 R12: dffffc0000000000
[ 1984.676186][T20588] R13: 0000000000000000 R14: 0000000000000001 R15: ffff8880328c0791
[ 1984.676200][T20588] FS:  00007f4cb121d6c0(0000) GS:ffff888127017000(0000) knlGS:0000000000000000
[ 1984.676220][T20588] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1984.676235][T20588] CR2: 00007f5a8ebfdd58 CR3: 000000003d7ac000 CR4: 00000000003526f0
[ 1984.676255][T20588] Call Trace:
[ 1984.676264][T20588]  <TASK>
[ 1984.676282][T20588]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1984.676383][T20588]  ? __pfx_cgroup_freeze+0x10/0x10
[ 1984.676414][T20588]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1984.676437][T20588]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1984.676458][T20588]  ? try_to_take_rt_mutex+0x7fd/0xac0
[ 1984.676502][T20588]  ? mutex_lock_nested+0x154/0x1d0
[ 1984.676529][T20588]  ? cgroup_kn_lock_live+0x13c/0x230
[ 1984.676575][T20588]  cgroup_freeze_write+0x156/0x1c0
[ 1984.676602][T20588]  ? __pfx_cgroup_freeze_write+0x10/0x10
[ 1984.676625][T20588]  ? kernfs_root+0x1c/0x230
[ 1984.676646][T20588]  ? kernfs_root+0x1c/0x230
[ 1984.676671][T20588]  ? kernfs_root+0x1ea/0x230
[ 1984.676692][T20588]  ? __pfx_cgroup_freeze_write+0x10/0x10
[ 1984.676716][T20588]  cgroup_file_write+0x39e/0x740
[ 1984.676757][T20588]  ? __pfx_cgroup_file_write+0x10/0x10
[ 1984.676808][T20588]  ? __pfx_cgroup_file_write+0x10/0x10
[ 1984.676838][T20588]  kernfs_fop_write_iter+0x3ad/0x540
[ 1984.676878][T20588]  vfs_write+0x5d2/0xb40
[ 1984.676913][T20588]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1984.676952][T20588]  ? __pfx_vfs_write+0x10/0x10
[ 1984.676977][T20588]  ? try_to_take_rt_mutex+0x7fd/0xac0
[ 1984.677019][T20588]  ? mutex_lock_nested+0x154/0x1d0
[ 1984.677048][T20588]  ? fdget_pos+0x253/0x320
[ 1984.677093][T20588]  ksys_write+0x14b/0x260
[ 1984.677123][T20588]  ? __pfx_ksys_write+0x10/0x10
[ 1984.677148][T20588]  ? rcu_is_watching+0x15/0xb0
[ 1984.677181][T20588]  ? do_syscall_64+0xbe/0x3b0
[ 1984.677211][T20588]  do_syscall_64+0xfa/0x3b0
[ 1984.677233][T20588]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1984.677255][T20588]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1984.677279][T20588]  ? clear_bhb_loop+0x60/0xb0
[ 1984.677309][T20588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1984.677332][T20588] RIP: 0033:0x7f4cb2fdeec9
[ 1984.677353][T20588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1984.677372][T20588] RSP: 002b:00007f4cb121d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1984.677396][T20588] RAX: ffffffffffffffda RBX: 00007f4cb3236090 RCX: 00007f4cb2fdeec9
[ 1984.677414][T20588] RDX: 0000000000000012 RSI: 0000200000000100 RDI: 0000000000000007
[ 1984.677429][T20588] RBP: 00007f4cb3061f91 R08: 0000000000000000 R09: 0000000000000000
[ 1984.677445][T20588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1984.677459][T20588] R13: 00007f4cb3236128 R14: 00007f4cb3236090 R15: 00007fff5efd06d8
[ 1984.677497][T20588]  </TASK>
[ 1984.677515][T20588] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1984.677533][T20588] CPU: 0 UID: 0 PID: 20588 Comm: syz.2.4667 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1984.677559][T20588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1984.677572][T20588] Call Trace:
[ 1984.677582][T20588]  <TASK>
[ 1984.677593][T20588]  dump_stack_lvl+0x99/0x250
[ 1984.677616][T20588]  ? __asan_memcpy+0x40/0x70
[ 1984.677641][T20588]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1984.677663][T20588]  ? __pfx__printk+0x10/0x10
[ 1984.677708][T20588]  vpanic+0x281/0x750
[ 1984.677742][T20588]  ? __pfx__printk+0x10/0x10
[ 1984.677770][T20588]  ? __pfx_vpanic+0x10/0x10
[ 1984.677794][T20588]  ? is_bpf_text_address+0x26/0x2b0
[ 1984.677834][T20588]  panic+0xb9/0xc0
[ 1984.677857][T20588]  ? __pfx_panic+0x10/0x10
[ 1984.677900][T20588]  __warn+0x31b/0x4b0
[ 1984.677922][T20588]  ? cgroup_freeze+0x80a/0xf90
[ 1984.677965][T20588]  ? cgroup_freeze+0x80a/0xf90
[ 1984.677995][T20588]  report_bug+0x2be/0x4f0
[ 1984.678053][T20588]  ? cgroup_freeze+0x80a/0xf90
[ 1984.678085][T20588]  ? cgroup_freeze+0x80a/0xf90
[ 1984.678116][T20588]  ? cgroup_freeze+0x80c/0xf90
[ 1984.678147][T20588]  handle_bug+0x84/0x160
[ 1984.678175][T20588]  exc_invalid_op+0x1a/0x50
[ 1984.678201][T20588]  asm_exc_invalid_op+0x1a/0x20
[ 1984.678222][T20588] RIP: 0010:cgroup_freeze+0x80a/0xf90
[ 1984.678253][T20588] Code: 90 e9 9e fb ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c e7 f9 ff ff 4c 89 f7 e8 e1 43 67 00 e9 da f9 ff ff e8 17 68 06 00 90 <0f> 0b 90 e9 10 fc ff ff 44 89 f9 80 e1 07 38 c1 48 8b 0c 24 0f 8c
[ 1984.678273][T20588] RSP: 0018:ffffc90004f4f8e0 EFLAGS: 00010287
[ 1984.678293][T20588] RAX: ffffffff81b6c6b9 RBX: 0000000000000000 RCX: 0000000000080000
[ 1984.678309][T20588] RDX: ffffc9000f88b000 RSI: 00000000000000a8 RDI: 00000000000000a9
[ 1984.678325][T20588] RBP: ffffc90004f4fa70 R08: 0000000000000000 R09: 0000000000000000
[ 1984.678340][T20588] R10: dffffc0000000000 R11: fffffbfff1d6d2c7 R12: dffffc0000000000
[ 1984.678357][T20588] R13: 0000000000000000 R14: 0000000000000001 R15: ffff8880328c0791
[ 1984.678383][T20588]  ? cgroup_freeze+0x809/0xf90
[ 1984.678429][T20588]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1984.678456][T20588]  ? __pfx_cgroup_freeze+0x10/0x10
[ 1984.678485][T20588]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1984.678512][T20588]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1984.678532][T20588]  ? try_to_take_rt_mutex+0x7fd/0xac0
[ 1984.678575][T20588]  ? mutex_lock_nested+0x154/0x1d0
[ 1984.678603][T20588]  ? cgroup_kn_lock_live+0x13c/0x230
[ 1984.678650][T20588]  cgroup_freeze_write+0x156/0x1c0
[ 1984.678678][T20588]  ? __pfx_cgroup_freeze_write+0x10/0x10
[ 1984.678700][T20588]  ? kernfs_root+0x1c/0x230
[ 1984.678722][T20588]  ? kernfs_root+0x1c/0x230
[ 1984.678745][T20588]  ? kernfs_root+0x1ea/0x230
[ 1984.678767][T20588]  ? __pfx_cgroup_freeze_write+0x10/0x10
[ 1984.678793][T20588]  cgroup_file_write+0x39e/0x740
[ 1984.678834][T20588]  ? __pfx_cgroup_file_write+0x10/0x10
[ 1984.678885][T20588]  ? __pfx_cgroup_file_write+0x10/0x10
[ 1984.678916][T20588]  kernfs_fop_write_iter+0x3ad/0x540
[ 1984.678961][T20588]  vfs_write+0x5d2/0xb40
[ 1984.678995][T20588]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1984.679028][T20588]  ? __pfx_vfs_write+0x10/0x10
[ 1984.679052][T20588]  ? try_to_take_rt_mutex+0x7fd/0xac0
[ 1984.679093][T20588]  ? mutex_lock_nested+0x154/0x1d0
[ 1984.679122][T20588]  ? fdget_pos+0x253/0x320
[ 1984.679165][T20588]  ksys_write+0x14b/0x260
[ 1984.679197][T20588]  ? __pfx_ksys_write+0x10/0x10
[ 1984.679221][T20588]  ? rcu_is_watching+0x15/0xb0
[ 1984.679252][T20588]  ? do_syscall_64+0xbe/0x3b0
[ 1984.679281][T20588]  do_syscall_64+0xfa/0x3b0
[ 1984.679304][T20588]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1984.679326][T20588]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1984.679350][T20588]  ? clear_bhb_loop+0x60/0xb0
[ 1984.679380][T20588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1984.679402][T20588] RIP: 0033:0x7f4cb2fdeec9
[ 1984.679422][T20588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1984.679442][T20588] RSP: 002b:00007f4cb121d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1984.679463][T20588] RAX: ffffffffffffffda RBX: 00007f4cb3236090 RCX: 00007f4cb2fdeec9
[ 1984.679480][T20588] RDX: 0000000000000012 RSI: 0000200000000100 RDI: 0000000000000007
[ 1984.679494][T20588] RBP: 00007f4cb3061f91 R08: 0000000000000000 R09: 0000000000000000
[ 1984.679509][T20588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1984.679523][T20588] R13: 00007f4cb3236128 R14: 00007f4cb3236090 R15: 00007fff5efd06d8
[ 1984.679560][T20588]  </TASK>
[ 1984.679838][T20588] Kernel Offset: disabled