last executing test programs:

20m12.740504152s ago: executing program 32 (id=218):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd8}, 0x94)
syz_io_uring_setup(0x82e, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
r0 = semget$private(0x0, 0x6, 0x3b1)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000002c0)={0xffffffff, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r1, 0x402c5342, &(0x7f0000000040)={0x0, 0x7a124, 0x60, {0x0, 0x100}})
semctl$SETVAL(r0, 0xff7f0000, 0x10, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
r2 = userfaultfd(0x1)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r2, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sendmsg$FOU_CMD_DEL(0xffffffffffffffff, 0x0, 0x4000)
io_uring_setup(0x2e34, 0x0)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
clock_gettime(0x0, &(0x7f00000003c0)={<r5=>0x0, <r6=>0x0})
clock_gettime(0x0, &(0x7f0000000400)={<r7=>0x0, <r8=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000440)={{r5, r6+10000000}, {r7, r8+10000000}}, 0x0)
setns(r4, 0x4000000)
creat(0x0, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='./file1\x00', 0x800002, &(0x7f0000000040)={[{@force}, {@type={'type', 0x3d, "6c588757"}}, {@nobarrier}, {@nls={'nls', 0x3d, 'iso8859-3'}}, {@nobarrier}, {@nobarrier}, {}, {@nobarrier}]}, 0x0, 0x6b3, &(0x7f0000000780)="$eJzs3U9sHFcdB/DvbDbrbJBSt03TgJBiNVIFjUjsrEqChNSAEMohQhFcerUSp7HipJXjorRCZAMUJE6cUA8cilA49IQQQionRDkjIXHhlHskbhxyAIzmz9pre+PYieN1289Hmp03+96895tf5s/ubKwJ8Jl1/vXs76fI+RMXbpXL9+72Fu7d7V0flJNMJGkl7XqWopsUHyfnUk/5fPlm013xsHFevf9R0X7/w1691G6mqn1rs/U2GNmynxxYWdiXZKou/mcLHbZG91dNVT+XVvt7TMVK3GXCjg8SB+O2vEF/tXLUobHW1o9bYM+6XV83N5hMDqa+upafA9KcHR59Zhi/Tc9N/d2LAwAAAJ6Wkd/lhz3zIA9yK4d2JxwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4dCjqZwYWzdQalKdSDJ7/3xl6pn5nzOE+ofeuVLPvPjPuQAAAAAAAAADgiRx7kAe5lUOD5eWi+s3/pWrhcPX6ubydm5nLYk7mVmazlKUsZibJ5FBHnVuzS0uLMxvX/GXKNZeXl283a54euebptXH11wc66n8abGgEAAAAAAAAAJ9ZP8r51d//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgLyiSffWsmg4PypNptZMcSNIpplaad8Ya7A7487gDAAAAgKev28wPFf+rC8tF9Z3/SPW9/0Dezo0sZT5LWchcLlf3Aupv/a2/93sL9+72rpfTxo6/8a9txVH1mPrew+iRp6sWL6yscT7fzvdyIlO5mMXM5/uZzVLmMpVvVaXZFJls7l5M3rvbzSDWjfGeW7N0cX1sx4bKZXxHq0i6uZL5KraTudQZhN5q2h0dGu2PnWTdiHfK7BSvNbaYo8vNvNyiXzTzvWGy2vL9KxmZbnJfZuPZ4bxvzP0295P1I82ktXIP6vDqKOXi+pEeK+cHm3mZ658+3Zxv81ba2kz0f14uDfa+I5vnPPnyP/5y8WrrxrWrV26e2Du70WNav0/0hjLx4pYysVBmov8EmTjwJPHvnE6Tjfosur2z5UvVuocyn+/kzVzOXM5kOjM5m+l8LafTy+mhvL6weV6rY621vWPt+JeaQnlN+tnQtWnXTDysoszrs0N5HT7TTVZ1w++sZum5LWSp6GR0lv45MpT2F5pCOcaPh64447c+EzNDmXh+80z8+r/LSW4u3Li2eHX2rS2O93IzLw/b99aem3+zIxu0fc3mlvvLc+U/VurLxvDeUdY9P6hbl69O84tLu+lsTV0n1fFc1z3qSC17OnJnVE913YsjR+lVdUeH6tZ8ysmbWVj5FNLY9YMUgC04+MrBTvd+92/dD7o/6V7tXjjwzYmzE1/sZP9f23/a97vWb1tfL17JB/lhDo07UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS4+c6712YXFuYW92AhrR3u8M7IqkEq6nc6I9ocyx7IxiejMLHZHvX71I9resjqnXHE3M1D49ndQtq7MNZERlRdWHmnm7RW4klybY884A54Gk4tXX/r1M133v3K/PXZN+bemLtx+uyZ1870vjpz+9SV+YW56fq1adwec7DAjlr9GDDuSAAAAAAAAAAAAICt2o0/bxgxbNEfw7YCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAn0znX8/+forMTJ+cLpfv3e0tlNOgvNqynaSVpPhBUnycnEs9ZXKou+Jh47x6/6Nfvfz+h73VvtqD9q116/3h38vL29yKfjNlKsm+Zv5oE1vq79JQf/1tBlYrVrawTNjxQeJg3P4fAAD//+/HBYc=")
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2b1245d, 0x0, 0x0, 0x0, &(0x7f00000000c0))
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x802053, 0x0, 0x0, 0x0, &(0x7f00000000c0))
creat(&(0x7f0000000300)='./file0\x00', 0x0)

18m5.364254676s ago: executing program 33 (id=474):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000012000/0x18000)=nil, &(0x7f00000002c0)=[@textreal={0x8, &(0x7f0000000080)="0f0d640c6665f20f10ad00000fc7af0a000f201bd11fbaf80c66b840cd3c8466efbafc0cb011eeb800068ee00f20d86635080000000f22d866b9950300000f32660f38826bd3", 0x46}], 0x1, 0x8, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17m57.778323194s ago: executing program 34 (id=481):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0xfffffffffffffca1}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
fsopen(0x0, 0x0)
rt_sigaction(0xe, &(0x7f00000000c0)={0x0, 0x8000000, 0x0, {[0x8000]}}, 0x0, 0x0, 0x0)
epoll_create1(0x80000)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="14000000000803"], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x40)

17m55.437907069s ago: executing program 35 (id=484):
syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000a80)='./file2\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x0, 0xa25, &(0x7f0000000ac0)="$eJzs3UtsXFfdAPAzY49TN+mXSb+EmjS0CYW2PGo3jgmPCJqq2RA1FbtKFZsoTUtEGhCpBK26SLJiR6sqbHmIVTcVICS6QVFXbCrRSGy6KixYEAWpEgsoJEa2zxmP/5nRnfFrPJ7fTzo+c+//zJxzx3fu3LmPcxIwsuqLf+fmpmopXX3nzRN/f/hvkwtznmiVaC7+HW+baqSUanl6PLzeh2NL+a2PXjvTKa+l2cW/ZTo9c7P13J0ppUvpYLqWmmn/1etvvDf79KnLJ68cev+tYzc2ZukBAGC0fOvasbl9f/nT/Xs+fvuB42lHa37ZP2/m6V15v/943vEv+//1tHK61pbaTYRy4znVQ7mxDuXa62mEcuNd6p8Ir9voUm5HRf1jbfM6LTcMs7IeN1OtPr1iul6fnl76TZ4Wf9dP1KYvnDv/wsUBNRRYd/98MKV0UJKkUUzzuwe9BQJYEs8X3uFSPLKwNq1XG++t/ptP1js/H9bBZq//6h+u+n912RaH9dPb2nTXhrdjvZXlKp+jXXk6nkeI1y/1+/kvrxfPRzR6bGe38wjDcn6hWzvHNrkdq9Wt/XG92K6+nvPyPnwjxNs/P/F/Oiz/Y6Czfzn+L0kjm+YHvQECtqx43dx8VuLxur4Y31ERv6siPlkRv7sivrMiDqPsty//JL1eW/6dH3/T93s8rBxnuyfn/9dne+LxyH7rj9f99mut9cfriWEr+/3pZ89+5fnnri9d/19rrf+38/p+ME8382frWi5QjhfG4+qta/+bK+updyl3b2jPPR3KLz7eu7Jcbe/y66S27cwd7Zha+bzd3codWFmuGcpN5hTPhMT9k7vD88r+R9mulvdrPCxvIyzHRGhH2a7syfnwnZFhKyrrY7fr/8v6OZUatRfOnT/7eJ4u6+kfxxo7FuYf3uR2A2vX6/0/U2nl/T+7WvMb9fbtwu7l+bX27UIzzJ/tMv9Ini7fc98Zm1ycP33me+efX++FhxF38ZVXv3v6/PmzP/DAAw88aD0Y9JYJ2GgzL7/0/ZmLr7z62LmXTr949sWzF44cPXpkdvboV4/MzSzu18+0790D28nyl/6gWwIAAAAAAAAAAAD06ocnT1z/87tf/mDp/v/l+//K/f/lyt9y//+Pw/3/8T75ch98uQ9wT4f4YpnQwepEKNfI6f9De/eGevaF530i561x/PL9/6W62K9rac99YX7sv7eUC90J3NFfykTogySOF/jpnF/J+S8TDFBtsvPsnFf1b13W9dI/hX4phlP5v5W1ofRjUu7/7tavU9n+79mENrL+NuN2wkEvI9DZP/T/vdq0PHTE4NuypdPkFmiD1DnNz69uFA/9XALrbdDjf5bjniW/8Idv3rWQSrGbT67cXsb+S2Ettvr4k+rfXuN/tn7E9Lz9CyPmNVdX779/duODtmrT/l7rj8tf+oHe21/9H+f6y9I8knqrf/4Xof54QqhH/wn1391j/Xcs/4HV1f/fXH952x59qNf6l1pcq69sRzxuXM7/xePGxa2w/KVvz76Xf5UDNd7O9cMoG5ZxZvs1LOP/dhOvw/hSni4bwnKdQxzvpN/2l+sryvfAvvD6tYrvN+P/Drev5bzq81DG/y3rY7PDdL1tutHhvd2u2xoYVh86/ydJI5vm5+c39oBWhYFWTnn/1/pzZdUG/TthbO1DRq7JVl//4/i/cR8+jv8b43H83xiP4//GeBxfL8bj+L/x/Yzj/8b4feF14/jAUxXxT1bE91fE76+IH6iIf6oifqgi/kBF/MGK+L0V8Ycq4p+piH+2Iv5wRfzRivjnKuLbXbkfZVSXH0ZZvD/P5x9GRzn/0+3zv7ciDgyvn759+KnnfvPt5tL9/xOt4zHlPN7xtrILv51/lB/H896pbXoh9m6e/muIb/XjHTBKYv8Z8fv9kYo4MLzKdV4+3zCCap177Om136pu+/kMl8/n/As5/2LOH8v5dM5ncn4457Ob1D42xlO//t2x12vLv/d3h3iv15PH+4FiP1FHemxPPD7Q7/XssR+/fq21/lXeDgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAw9cW/c3NTtZSuvvPmiWdPnZtZmPNEq0Rz8e9421Sj9byUHs/5WM5/nh/c+ui1M+357ZzX0myqpVprfnrmZqumnSmlS+lgupaaaf/V62+8N/v0qcsnrxx6/61jNzbuHQAAAIDt738BAAD//6DWDX0=")
syz_open_procfs(0x0, &(0x7f0000000180)='map_files\x00')
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
sendmsg$NLBL_CIPSOV4_C_REMOVE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x1c, r1, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004004}, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000240)='./file0\x00', 0x804, &(0x7f00000000c0)={[{@shortname_win95}, {@shortname_lower}, {@utf8}, {@shortname_mixed}, {@shortname_mixed}, {@utf8no}, {@rodir}, {@utf8no}, {@fat=@nocase}, {@fat=@codepage={'codepage', 0x3d, '869'}}, {}, {@utf8no}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp737'}}, {@shortname_win95}, {@shortname_winnt}]}, 0x1, 0x27b, &(0x7f0000000640)="$eJzs3cFqK1UYAOB/mqRJdJEsXInQAV24Kq1P0CIVxIKgZKEutNgUpAmFFgJVMXblE/gEPo8b8QV8AC93d7u43LmkM0nTyyQlvWlT7v2+TQ//+f85/5kZ2tWc/vBB//jw5Ozo4tf/otFIYm0nduIyiXasxdjvUerfJ+VxAOCRu8yyeJrl6nno/GZGbUZlde3emwMA7sX03/9V9wIAPIyvv/n2i939/b2v0rQR0f9j0Eki/5nP7x7FT9GLbmxFK55HZBP5+LPP9/eimo6046P+cNAZVfa//7u4/u7/EVf129GKdnn9dpqbqh8OOrV4p1h/pxfdL/+KVrxXXv9JSX101uPjD6f634xW/PNjnEQvDovexvW/bafpp9mfz375bhQd1SfDQac+ySuyKw/6YAAAAAAAAAAAAAAAAAAAAAAAeKNtphPtm+fvjA/+nzM/53yg4dT5PFtpmmZJnn9dX433q1Fd5d4BAAAAAAAAAAAAAAAAAADgsTg7//n4oNfrni51MP6sv2QqXtyM1CPi7mttLFoVlaK1XhKx2Fq1qF9V3p5cWXAXzVE/3dOkGst7BMkk0pye2oh8rVGkmQ+mIq+9eiOuBuO36/ggue3hNspekiUMspLXrzKzav3VSLPYQUlyc87q6+/eqeesNWMqiYja5GbOv05tuffw4X4HAQAAAAAAAAAAAAAAAAAAueuPfksmL1bQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACswPX//19gMCyKZ+VkldGgGkVkxVsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLfAyAAD//0MUZ+o=")
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000001a40)=""/102392, 0x18ff8)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='cgroup.kill\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000040), 0x208e24b)
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xf)

17m49.431071853s ago: executing program 36 (id=493):
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee6, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = creat(&(0x7f0000000080)='./file0\x00', 0xecf86c37d53049cc)
socket$netlink(0x10, 0x3, 0x0)
write$binfmt_script(r3, &(0x7f00000003c0)={'#! ', './file0', [{0x20, '\x86\x81\t\n\xac\"\xff4l\xaa\x91\xec\x99M.p\xdc4\x0e\x1c\xdf\xd3\xd4\x8d\xad\x99\x1c\xae\xb2vt\r@0K\x989\x1c\xd7%\x82\x94\x05\x06\xbeJ\x90\xd8&\xa6?~\x88\x01;\r7\xdf\xb7\xfb\x85\x133\x17I\xb4\xbc`7\xda\x91\xefP<f\xdcJ\xcf\xf9\xb1&M\xb9\x88\x8cK6\x89\xe9\xfa\xbfCN\x15\xa1M\xe67\xf5\x0e\a\x061\xb0\x00\xfc~<\xf3Eg\xcd\xd9\xa8\xf0\xbdw\xc6?Vs'}]}, 0x85)
close(r3)
r4 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)

16m30.487835s ago: executing program 37 (id=552):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r3=>0x0})
r4 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r3, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYBLOB="35874207"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x0)

16m26.275400804s ago: executing program 38 (id=557):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
r0 = syz_open_dev$video(&(0x7f0000000000), 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
fsopen(0x0, 0x1)
ioctl$VIDIOC_G_SELECTION(r0, 0xc040565e, &(0x7f0000000240)={0x9, 0x102, 0x4, {0x2, 0x10000000, 0x1, 0x8}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bond0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010000304040000000000000000000003", @ANYRES32=0x0, @ANYBLOB="4101030000000000140012800b70766c616e00140400028008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r5, @ANYBLOB], 0x44}, 0x1, 0xba01}, 0x810)
sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001b00)={0x1c, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}, [@typed={0x8, 0xc, 0x0, 0x0, @u32=0x1}]}, 0x1c}}, 0x20000000)

16m14.254380346s ago: executing program 39 (id=572):
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x101001, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x37}}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019580)=""/102400, 0x19000)
ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000240)={0x0, 0x8000000})

16m3.294895884s ago: executing program 40 (id=582):
syz_open_procfs(0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x869b10a9)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f0000000200)="ea0d00b0000f229464670fc79c8100800000ba6100ecbaf80c66b8ecb1048566efbafc0c66b8106d7dd166eff0867dc5decb66b9800000c00f326635000100000f30ea0000e50066b8010000000f01d9", 0x50}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0, 0x3f}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c00078008001240050000000500"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x8000)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f513, 0x0)

14m59.380653281s ago: executing program 41 (id=615):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = socket$igmp(0x2, 0x3, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
r3 = getpid()
setreuid(0xee00, 0x0)
syz_pidfd_open(r3, 0x0)
r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r4, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000040))
dup(r5)
syz_clone3(0x0, 0x0)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, 0x0, 0x0)

14m31.414346536s ago: executing program 42 (id=570):
arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x2)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xa6}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket(0x1e, 0x1, 0x0)
listen(r2, 0x5)
syz_open_dev$sndpcmp(&(0x7f0000000500), 0xb, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400d0}, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000b00), 0x0, 0x0)
sendto$unix(r2, &(0x7f0000000200), 0x0, 0x20000041, 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, 0x0)

12m12.986133238s ago: executing program 43 (id=1081):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x14, 0x0, 0x1, 0x101, 0x0, 0x0, {0xa}}, 0x7}, 0x1, 0x0, 0x0, 0x2400c051}, 0x24004086)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
keyctl$setperm(0x5, 0x0, 0x30925)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x6}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000340)={0x0, r2}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x4, &(0x7f00000002c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@i_version}]}, 0x6, 0x5fd, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvzCYxaaNpRcQWxYCHFqRpUotVL7b1YA8FC/Yg4qGhSWro9gdNCrYWTMGDgoKIV5Fe/Ae8S+/eRFBvnoUqUlFQ6crszrabZDfdttmdNPP5wGTnvZnd9747eZn3dvJ2Aiit8exHGrEj4taJJGKsZdtoNDaO5/vd/OPKyWxJolZ78/ckkjyvuX+SP27NE8MR8f3hiMcrq8tduHT59HS11vBBxN7FM+f3Lly6vGf+zPSp2VOzZ6f2vbT/wOTLU/un1iXOrfnjkaNvPP3ph+++OPdDdU8SB+P44PszsSKO9TIe43ErD7E1fyAiDmQrbd6Xh80mCKHUKvnv42BEPBljUamnGsZi/pNCKwf0VK0SUQNKKtH+oaSa/YDm2L67cfDxHvdK+ufGocYAaHX8A43PRmK4PjbacjNpGRk1PtvYtg7lZ2X8d2Xnl9kSyz6H+Pv20RlYh3I6WboaEU+1iz+p121bPdIs/nTZWD+JiMmIGMrr99oD1CFpWe/F5zBruZf4W49DGhEH88cs//B9lj++It3v+AEop+uH8hP5Upa6c/7L+h7N/k+06f+Mtjl33Y+iz3+d+3/N8/1wvd+TruiHZX2WY+1fcnBlxi8fH/m8U/mt/b9sycpv9gX74cbViJ0r4v8oCzbv/2TxJ22Of7bLiYPdlfH6j78d6bSt6Phr1yJ2tR3/3OmVZmtrXJ/cOzdfnZ1s/GxbxrffvfN1p/KLjj87/ls6xN9y/NOVz8vek/NdlvHNsWtnOm0bvWv86a9DSWO8OZTnvDe9uHhhKmIoOZrv0pK/b+26NPdpvkYW/+7n2rf/Zb//V5e/zkjzT2YXzr91+manbfdz/FsuJt+qdVmHTrL4Z+5+/Fe1/yzvsy7L+Ovti8902rZW/CMPEhgAAAAAAACUUFq/BpukE7fX03RiojFf9onYklbPLSw+P3fu4tmZiN31/4ccTJtXusca6SRLT+X/D9tM71uRfiEitkfEF5WRenri5LnqTNHBAwAAAAAAAAAAAAAAAAAAwAaxNZ//37xP9Z+Vxvx/oCR6eYM5YGPT/qG86u1/1S2egDJw/ofy0v6hvLR/KC/tH8pL+4fy0v6hvLR/KC/tHwAAAAA2pe3PXv85iYilV0bqS2Yo32ZGEGxug0VXAChMpegKAIW5felfZx9Kp6v+/z/5lwP2vjpAAZJ2mfXOQW3txn+97TMBAAAAAAAAAAAAgB7YtaPz/H9zg2FzM+0PyusB5v/76gB4yPnqfygvY3zgbrP4hzttMP8fAAAAAAAAAAAAAPpmtL4k6UQ+F3g00nRiIuLRiNgWg8ncfHV2MiIei4ifKoOPZOmpoisNAAAAAAAAAAAAAAAAAAAAm8zCpcunp6vV2QutK/+uytncK827oPahrFfjHp8VSf/flpGIKPyg9GxloCUniVjKjvyGqNiFhdgY1aivFPyHCQAAAAAAAAAAAAAAAAAASqhl7nF7O7/qc40AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoP/u3P+/dytFxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJz+DwAA///LLUAr")
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000200)=0xad)
ioctl$TCSETSW2(r5, 0x402c542c, &(0x7f00000000c0)={0xfffffff6, 0x3fe, 0xfffffffd, 0x7ff, 0x3, "04ae080000000000007800000500080100", 0x4, 0x200})
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000140)=0x8)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}}}, 0xb8}}, 0x0)

10m56.763927468s ago: executing program 44 (id=1309):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000004000000000000000000008500000050000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
syz_emit_ethernet(0x25a, &(0x7f0000000e80)={@local, @empty, @void, {@ipv6={0x86dd, @udp={0x3, 0x6, '\x00\b\x00', 0x224, 0x11, 0x1, @private1, @loopback, {[@hopopts={0x67, 0x7, '\x00', [@calipso={0x7, 0x20, {0x3, 0x6, 0x4, 0x18, [0x10000000200, 0x80, 0x7]}}, @jumbo={0xc2, 0x4, 0xc}, @pad1, @padn={0x1, 0x2, [0x0, 0x0]}, @padn={0x1, 0x1, [0x0]}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x40}]}, @routing={0x1b, 0x14, 0x2, 0x3, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private2, @remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @loopback, @initdev={0xfe, 0x88, '\x00', 0x20, 0x0}, @local, @loopback, @private1, @private0]}, @srh={0x8, 0x4, 0x4, 0x2, 0x2, 0x30, 0x6, [@mcast2, @local]}, @fragment={0x0, 0x0, 0x8, 0x0, 0x0, 0x12, 0x67}, @routing={0xdd, 0xc, 0x2, 0x8, 0x0, [@dev={0xfe, 0x80, '\x00', 0x11}, @rand_addr=' \x01\x00', @mcast1, @private2={0xfc, 0x2, '\x00', 0x1}, @empty, @private0={0xfc, 0x0, '\x00', 0x1}]}], {0x4e20, 0x4e21, 0x9c, 0x0, @wg=@initiation={0x1, 0x1, "05b88ba6df8467af4ed24dcdd60f7a3935cf00f4b998fe21a64d805b31a37a0f", "b29ddec6e4abcec819fe05e65219dad6580bd56adc244842fd8e0ed4ec9b5fc9100fa187cf0304cba917f53ba1a184a9", "330e83fc02c79a38ade26f17fe6171ca34ed1451720fb779918a4f27", {"b2a35c7da69f4e13b25dd763eef66078", "b3ccfe5958c416ee4e4379e5135bdf35"}}}}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0xd}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r3)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x20, r4, 0x6a98047402e98331, 0x70bd21, 0xffa1, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x24000044}, 0x4008800)
connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
readv(r0, &(0x7f0000000080)=[{&(0x7f0000000740)=""/200, 0xc8}, {0x0}], 0x2)
close_range(r0, r1, 0x0)
mprotect(&(0x7f000004f000/0x800000)=nil, 0x800000, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, &(0x7f0000000040)=0x13e)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000180)='fsi_master_acf_cmd_same_addr\x00', r5}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000008, &(0x7f00000003c0), 0xfc, 0x53e, &(0x7f0000000940)="$eJzs3UFvI1cdAPD/eO3d7G62SYEDVGoptGi3grWThrYRh1IkBKdKiMJ5CYkTRXHiKHbaTVRB9hMgIQRInODCBYkPgIRW4sKxQqoEZ5CKQIhuQYIDdJDtcRKcceKsnHjX+f2kybz3xjP/9xy/8YznaSaAC+vZiHgtIj5M0/SFiJjKygvZFHudqfW6Dx68vdiakkjTN/6eRJKVdbeVZPPr2WoTEfH1r0Z8Ozkat7Gzu7ZQqxW7+UpzfbPS2Nm9vbq+sFJdqW7Mzc2+PP/K/EvzM0Np542IePXLf/7h937+lVd//bm3/nTnr7e+06rWZLb8cDtOqXjcwk7TS1cmelbYeshgj6JWe0rdzNXB1rl3hvUBAKC/1jH+RyLi0xHxQkzFpeMPZwEAAIDHUPrFyfhPEpHmu9ynHAAAAHiMFNpjYJNCORsLMBmFQrncGcP7sbhWqNUbzc8u17c3ljpjZaejVFherVVnsrHC01FKWvnZdvog/2JPfi4inoyIH0xdbefLi/Xa0qh//AAAAIAL4nrP+f8/pzrn/wAAAMCYmT5+8dR51QMAAAA4Oyec/wMAAABjwPk/AAAAjLWvvf56a0q7z79eenNne63+5u2lamOtvL69WF6sb22WV+r1lfY9+9ZP2l6tXt/8fGxs3600q41mpbGze2e9vr3RvLMaE+fSIAAAAOCIJz95/w9JROx94Wp7ark86koB56K4n0qyeU7v/+MTnfl751Qp4FxcGuA1713JL3ecAI+3Ym9Bn74OjJ/SqCsAjFxywvKewTvX9lPvZPNPDb9OAADAcN38RP71/5OvC+wVzqF6wBnSieHi6vmeTz3rBy6O9vX/QQfyOFiAsVIaaAQgMM5Oef3/wDuDRkjTU1UIAAAYusn2lBTK2c97k1EolMsRN9qPBSgly6u16kxEPBERv58qXWnlZ9trJieeMwAAAAAAAAAAAAAAAAAAAAAAAAAAHWmaRAoAAACMtYjCX5LfdO7lf3Pq+cne3wcuJ/9uPxL4ckS89ZM3fnR3odncmm2Vv79f3vxxVv7iKH7BAAAAAHp1z9Pb83+NujYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjJsPHry92J0GePnVYcX925ciYjovfjEm2vOJKEXEtX8kUTy0XhIRl4YQf+9eRHw8L37SqtZ+yLz4w3gTTogf09m7kBf/+hDiw0V2v7X/eS2v/xXi2fY8v/8VI/4v/7D67/9if/93qU//vzFgjKfe/WWlb/x7EU8V8/c/3fhJn/jPDRj/W9/Y3e23LP1pxM3u9097j3c4wkGq0lzfrDR2dm+vri+sVFeqG3Nzsy/PvzL/0vxMZXm1Vs3+5sb4/tO/+vC49l/L/f5Lstr0b//zOdvL+07677t3H3y0m9k7Gv/Wcznxf/uz7BVH4xeyOJ/J0kn2XrXTe53387BnfvG7Z45r/9JB+0un+f/f6rfRXkc6ytODfnQAgDPQ2NldW6jVqltjm2idpT8C1bjoiW++/wh+2L471A2maZq2+lTOovsRMch2khhySwv59TlI9P2njHrPBAAADNvBQf+oawIAAAAAAAAAAAAAAAAAAAAX13ncZa035sEtkJNh3EIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAo/hcAAP//A/7SsQ==")

10m47.668126444s ago: executing program 45 (id=1330):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001000)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
gettid()
timer_create(0x0, 0x0, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
listen(r4, 0x0)
mknodat$loop(0xffffffffffffffff, &(0x7f00000002c0)='./file1\x00', 0x4, 0x0)
linkat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x400)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000180), 0x4)

9m40.216272212s ago: executing program 6 (id=1556):
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
pselect6(0x40, &(0x7f0000000000)={0x10}, 0x0, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c900"], 0x16)

9m38.691516583s ago: executing program 6 (id=1561):
clock_gettime(0x0, &(0x7f00000000c0))
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in=@loopback, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x2, 0x0, 0x8, 0x8, 0x4}, {0x4}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x3f}, 0x80, 0x32}, 0x0, @in=@multicast2, 0x0, 0x0, 0x0, 0x8}}, 0xe8)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x1070bd2c, 0x4, {0x5}, [@L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008000}, 0x30)

9m38.015052966s ago: executing program 6 (id=1565):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'vlan0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="680000001000030500000000fcdbdf25000000ff", @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB="0500060001000000050007000000000005000300df00000008000200", @ANYRES64=r0], 0x68}}, 0x0)

9m37.542370368s ago: executing program 6 (id=1567):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, 0x0, 0x0)
setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000340)={@multicast, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @private=0xe0, @multicast1=0xe000c800}, {{0x0, 0x0, 0x1, 0x0, 0xb, 0x0, 0x0, 0x4, 0x6558}, {0x0, 0x0, 0x0, 0x0, 0x11}, {}, {0x8, 0x88be, 0x0, {{}, 0xfffff788}}}}}}}, 0x0)

9m37.072509586s ago: executing program 6 (id=1569):
socket$inet_smc(0x2b, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0)
syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(0xffffffffffffffff, 0x0, 0x40000)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/consoles\x00', 0x0, 0x0)
r2 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x9624, 0x3180, 0x7ffe, 0x195}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd=r1, 0xffffffffffffffff, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r2, 0x627, 0x4c1, 0x43, 0x0, 0x30)

9m22.206772334s ago: executing program 46 (id=1568):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
socket$phonet_pipe(0x23, 0x5, 0x2)
madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x48, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11, 0x1, 0x0, 0x89}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x48}}, 0x22040000)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}}, 0x0)

9m20.443141119s ago: executing program 47 (id=1569):
socket$inet_smc(0x2b, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0)
syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(0xffffffffffffffff, 0x0, 0x40000)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/consoles\x00', 0x0, 0x0)
r2 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x9624, 0x3180, 0x7ffe, 0x195}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd=r1, 0xffffffffffffffff, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r2, 0x627, 0x4c1, 0x43, 0x0, 0x30)

7m34.005225736s ago: executing program 48 (id=1843):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000cc0)={'filter\x00', 0x3b, 0x4, 0x4c8, 0x1e8, 0x2f8, 0x3e0, 0x2f8, 0x3e0, 0x3e0, 0x4, 0x0, {[{{@uncond, 0xc0, 0x1e8}, @unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:update_modules_exec_t:s0\x00'}}}, {{@arp={@broadcast, @dev, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_batadv\x00', 'veth1_to_hsr\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @empty, @multicast2, @loopback}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x520)

6m29.214019504s ago: executing program 49 (id=2081):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x104}, 0x0)
r2 = syz_open_procfs(0x0, 0x0)
preadv(r2, &(0x7f0000001740)=[{0x0}], 0x1, 0x73, 0xff7ef001)
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b40501000000fd8f71103b00000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xb7, &(0x7f000000cf3d)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x20000000}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x10}, 0x94)
syz_usb_connect$uac1(0x5, 0x0, 0x0, 0x0)
r3 = openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_TRY_DECODER_CMD(r3, 0xc0485661, &(0x7f0000000040)={0x0, 0x1, @stop_pts=0x5})
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$IOMMU_IOAS_COPY(r4, 0x3b83, &(0x7f0000000440)={0x28, 0x0, 0x0, 0x0, 0x9, 0x9, 0x5})
sendto$inet(r4, &(0x7f0000002040)="d4", 0x1, 0x4040000, &(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x10)
ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000400)={0xf0f071, 0x19})
r5 = syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r5, 0x13)
waitid(0x0, r5, &(0x7f0000000380), 0x2, 0x0)
recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x40000002, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000500), 0x0)
getpid()

6m22.378426539s ago: executing program 50 (id=2094):
syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000400)='./file0\x00', 0x94, &(0x7f0000003280)=ANY=[@ANYBLOB="0001def4774774366f0b8a20db13db64e85fc9322c3fe018b91ff1291b4f4c56de7e4543f49818e1307d98d09daa1e2a7dbf88003e9401dc73aad0b7dbb5685565c7825ba8340621faeae92abed19c524ab06c4303258d253722e159642af447aeb096c6a26d345d82f2925163331b0e9157441a9c61dd1051d3b970f9ac12f5975cf1ad4e45acef1a54921c492a77bcb1858b68758ed339608b8e43c733219f1f9e0b867840f821e03bc0e8a497c4d5dde436000090a397637dedb2f3"], 0x1, 0xd99, &(0x7f0000006900)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==")
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
dup(0xffffffffffffffff)
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, 0x0, 0x240048c1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, &(0x7f0000000100), 0x4)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086e81, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000b80), 0x8, 0x0)
kexec_load(0x3e01, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0x8ff600000, 0x1000000}], 0x0)

5m22.037656795s ago: executing program 51 (id=2169):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
timer_gettime(0x0, &(0x7f0000000240))
read$FUSE(0xffffffffffffffff, &(0x7f000000e280)={0x2020, 0x0, 0x0, 0x0, <r1=>0x0}, 0x2020)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x18, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={0x0, 0x0, 0x34}, 0x28)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e4c"], 0x15)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={<r4=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4e21, 0x7, @mcast2}, {0xa, 0x0, 0xb, @mcast1}, r4}}, 0x48)
r5 = dup(0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
link(&(0x7f0000000280)='./file0/../file0/file0\x00', &(0x7f0000000400)='./file0/../file0/file0\x00')
ioctl$UI_DEV_CREATE(r5, 0x5501)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x90}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)={0x90, 0x0, 0x40100000000, {0x3, 0x3, 0x716, 0x81, 0x2, 0x2c7, {0x1, 0x38000, 0x8, 0x8, 0x1a20, 0xb, 0x5e7, 0x80, 0x9, 0x8000, 0x7, 0x0, r1, 0x8, 0x10000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
close_range(r0, 0xffffffffffffffff, 0x0)

4m24.920833305s ago: executing program 52 (id=2252):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r1, &(0x7f0000000180)=ANY=[@ANYBLOB='RECLEV\nPHONEOUT\nSPEAKER \'CD\' 0000000000000000'], 0xb8)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r2, r1, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000200)={{{@in=@loopback}}, {{@in6=@mcast1}, 0x0, @in=@private}}, &(0x7f0000000040)=0xe8)

4m0.568289215s ago: executing program 0 (id=2316):
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, 0x0)
setuid(0xee00)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000400), 0x12)

3m58.844313785s ago: executing program 53 (id=2297):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r4=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r4], 0x1c}}, 0x0)
close(0x3)

3m58.097012833s ago: executing program 0 (id=2319):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000480)=ANY=[@ANYBLOB="000086dd0203030009000a004000623d885d009c11fffc000000000000000000000000000000ff0200000000000000000000000000014e224e21009c90"], 0xd2)

3m56.44076446s ago: executing program 0 (id=2322):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x3c, r0, 0x801, 0x0, 0x400003, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x1c, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5, 0x2, 0xfe}, @NL80211_KEY_MODE={0x5, 0x9, 0x1}, @NL80211_KEY_IDX={0x5, 0x2, 0x1}]}, @NL80211_ATTR_KEY={0x4}]}, 0x3c}}, 0x4000)

3m55.518978767s ago: executing program 0 (id=2324):
r0 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
listen(r1, 0xf)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
recvmsg(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000b00)=""/77, 0x4d}], 0x1}, 0x4c2003a0)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008800}, 0x4000800)

3m54.432114034s ago: executing program 0 (id=2326):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
read(r2, &(0x7f0000000040)=""/148, 0xffffff96)

3m53.027873941s ago: executing program 0 (id=2328):
openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="611234000000000061134c0000000000bf2000000000000015000200000001103d030100000000009500000000000000bc26000000000000bf67000000000000070300000fff070067020000030000001606000000000078bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f909ad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305865050df26469fac5202d6293c3d5e11f4f83e7455baeeba4f"], &(0x7f0000000100)='GPL\x00'}, 0x48)

3m47.822611781s ago: executing program 6 (id=2280):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24000000)
openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
socket$packet(0x11, 0x2, 0x300)
r0 = openat(0xffffffffffffff9c, 0x0, 0x143142, 0x40)
pwritev2(r0, 0x0, 0x0, 0x5405, 0x405, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r2)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000100000000037400062c00070073797352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a7330000800020000000000080007002606090914000600626f6e64300000000000000080000000080003"], 0x78}, 0x1, 0xffffffff00000003, 0x0, 0x40}, 0x4008)

3m37.492605418s ago: executing program 54 (id=2328):
openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="611234000000000061134c0000000000bf2000000000000015000200000001103d030100000000009500000000000000bc26000000000000bf67000000000000070300000fff070067020000030000001606000000000078bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f909ad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe70305865050df26469fac5202d6293c3d5e11f4f83e7455baeeba4f"], &(0x7f0000000100)='GPL\x00'}, 0x48)

3m32.303507994s ago: executing program 55 (id=2280):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24000000)
openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
socket$packet(0x11, 0x2, 0x300)
r0 = openat(0xffffffffffffff9c, 0x0, 0x143142, 0x40)
pwritev2(r0, 0x0, 0x0, 0x5405, 0x405, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r2)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000100000000037400062c00070073797352656d5f753a6f626a6563745f723a756465765f68656c7065725f657865635f743a7330000800020000000000080007002606090914000600626f6e64300000000000000080000000080003"], 0x78}, 0x1, 0xffffffff00000003, 0x0, 0x40}, 0x4008)

3m0.484201139s ago: executing program 4 (id=2398):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@delchain={0x24, 0x2e, 0x501, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r3, {}, {0x0, 0xffff}, {0x0, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

2m59.354132465s ago: executing program 4 (id=2399):
socket(0x1e, 0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x8300, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x0, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x94)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f00000008c0)=0x400002)
ioctl$PPPIOCSPASS(r1, 0x40107447, 0x0)
write(r1, &(0x7f0000000280)="4591", 0x2)
rename(0x0, &(0x7f00000001c0)='./file0/file1\x00')

2m57.04138252s ago: executing program 4 (id=2401):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240))
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000e40)={0x1, 0x0, [{0x0, 0xf3, &(0x7f00000008c0)=""/243}]})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f0000000200))
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf}, 0x94)

2m54.604072156s ago: executing program 4 (id=2404):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000340)=0x1, 0x4)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000000))
write(r0, &(0x7f0000000100)="1400000052004f7fb3e4bf80a000080000000000", 0x14)

2m53.83083385s ago: executing program 4 (id=2405):
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x2000c12, &(0x7f0000000200)={[{@check_relaxed}, {@iocharset={'iocharset', 0x3d, 'iso8859-13'}}, {@check_relaxed}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@overriderock}, {@map_acorn}, {@check_strict}, {}, {@block={'block', 0x3d, 0x400}}, {@cruft}, {@check_relaxed}, {@uid}]}, 0x1, 0xa00, &(0x7f00000003c0)="$eJzs3UtsXFf9B/Dv9SNx3SpJ2/z7L1XbTFKSuq1xbIcmRF2UxJ4kLn4g25EasWhK46AQQ6EBqa2QmkqIFRVIIBawq1jBplI3dIO6gx2sWCChrthXrMLK6M6M49eMx3YdO00/n+h67uN3z/nd58mMr+eEz5eF/SumFhZqwxanL/5hBzLmLnZ29JP3P3ivHN69mT3pzPPFn5KeJJWkK8mjSffI6PTURJuCrieXk3ycFEn2pv66IZdT/CIPLE1/nOJ3Zb0t7dloybSzwBfabp9/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwNypGRgcHh4o9GZu8+HKlLqmsMTI6PVVkYWHtksV16j6q9fpdfNS23qQoh/T0LHb1/ejBpcWPJKkcyeP1qcdrHZKnJ2/f/8iBFx7u6lhcv1U2n8nejRd74623r786Pz/3RuuQhXfq27A9ud1lzlcnx2amxibOnK9WxmamKqdPnhw8fuHcTOXc2Hh15tLMbHWiMjJdPTM7NV3pG3mmMnT69IlKdeDS1MXJ86MD49XFmae+Mjw4eLLy0sA3q2emZ6Ymj780MDNyYWx8fGzyfC2mXFzGnCpPxG+MzVZmq2cmKpWr1+bnTqzKqXP1zi6DhtptSRk03C5oeHB4eGhoeHjo3Ubv2bdnnHz+9POnBge7BlfJmog7dNJyd7mv9WHe5js4bF1Hvf3Pd8czlslczMupNP03ktFMZyoTLZY3LLb/R49X1613efvfaOW7li1+rPxxJE82JntatP8tctm5fzfyVt7O9bya+cxnLm/sekY7++98qpnMWGYylbFM5ExtTqUxp5LTOZmTGcwruZBDmUkl5zKW8VQzk0uZyWyqtTNqJNOp5kxmM5XpVNKXkTyTSoZyOqdzIpVUM5BLmcrFTOZ8RnOmVsrVXKvt9xPr5Hg7aGgjQcPrBK1uzMtzfXPtf/Ve/Z8gG7b9N3HYooVG+7+nfWjfyE4kBAAAAGy7L/01+w4+9Jd/JUWeqH0uf25svPribqcFAAAAbKPa43qPly/d5dgTPbX3/4O7nRYAAACwjYra39gVSXpzqD62+JdQPgQAAACAe0Tt9/9Ppji0NMP7fwAAALjHtP+O/bYRRf/i1/9WrtRfrzQi6lNF77mx8erAyNT4C0M5VvuWgSRPrC2tMym6a39+8GwO16MO99Zfe5dKLOvsKaOGBl4YyrM50tiQvqfKl6f6mkQO1yOfrkc+vTyyMysiT5SRAHCvO7JOe7zR9v/Z9Ncj+h+rNfldjzVpgwe1rABwt7jdx85/G12aNWn/GxFPtmr/v7rO+/8y4qFcPVR/pGAgr+X1zOdK+tN44uBQs1IXeyOoP4bQ3+bTgN7GIwt/P9WR/jWfB/Tc3tblsXMZTn/TTwSWlVss5nCiHtd5Z44BAOy0I+u2wxtr//vbvP/v9UghANxVbvdgv4mRdzYTPPfGjd3eRgBgJa00AAAAAAAAAAAAAAAAAAAAAAAAAAAAbL8NfYH/344l8/NzyRY6C9jySM9mMlx/pCM7lPOuj3Qm2a3aX8ym1yqP8Weo9I/3NVb/9+7v+XtuZJdvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyIIulsNr8j2ZtkMMnxnc/qzrm52wlsl8qeLa1W3MqtvJl9254PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAXXOP7/ztSf72/PitdHcnRJJeTfGu3c9xOt3Y7gTujaB/yvXrg0vf/dyTdWSjSVT/sKbpHRqenJsqiir3l8k/e/+C9cmhf9tpeFcoCyhpWdC7RqGHZnO6Vaz1YW6t3dO7G9R+9/oPK6NnaiXl29tz46MT56a8vBT5SfJhUUh8WLeb7k6N//uWy2Y2OEooPyy1tbnW952r1jq6t9/+brd2i3g24Nj83XNY0W3159sffv/bmskUP5XDyVF/St7Km75RDi5oOr96fKxWfFj8r9uU3uVw7/uXeKBaK8hDtr23/fVevzc8NvPb6/JXbOb2zIqcDOZTkStKz8ZwOtT43a2ddR3dZ62AtqPxxsE1561pW4lCL/fpg7ZTp3dQ2VNpcX232eyOjE00z+tUPH86xTR/pY21qbKr4tPhncSH/yE+X9f/RUR7/o2l6dTYpoha57ExZvmzF5dVRj6xt+fDyBa+sLrPlVckd8PN8O1+7ffw7lt3/G8dqZ+5Hy2psfl0km78ufr9/TYuypNYiHVzVIjXuPq3WaeR5sB7VIs//y3P1MjdxR3muXYt9h67/3xZ9+U9u6v8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4+xVJZ7P5HcnRJAeS7C+nK8nC6pibW6ivo7fYSprbZis5f/4ULTe0uJVbeTP7djojAAAAAAAAAO6Ms6OfvP/Be+VQ+318Z77c0VhSSbqSHCh+3T0yOj010aag7uTy4q/0ezaXw+XyxwNL0x+XU4+2WWl3Hx8AgM+1/wUAAP//p2dujQ==")
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x40080)
mount$fuseblk(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@mcast1, 0x1, 0x0, 0x2, 0x3, 0x9}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x29, 0x5, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f0000000140)=@newtaction={0x64, 0x30, 0x1, 0x0, 0x0, {}, [{0x50, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x1}}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
futex(0x0, 0x84, 0x0, 0x0, 0x0, 0x0)

2m52.188530454s ago: executing program 4 (id=2409):
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
truncate(&(0x7f0000000240)='./file0\x00', 0x206b12)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xa2f00, 0xa3)
truncate(&(0x7f00000054c0)='./file0\x00', 0x1)

2m36.476221492s ago: executing program 56 (id=2409):
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
truncate(&(0x7f0000000240)='./file0\x00', 0x206b12)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xa2f00, 0xa3)
truncate(&(0x7f00000054c0)='./file0\x00', 0x1)

1m27.798163367s ago: executing program 7 (id=2689):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000280)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
close_range(r1, 0xffffffffffffffff, 0x0)

1m26.429062763s ago: executing program 7 (id=2691):
socket$nl_route(0x10, 0x3, 0x0)
symlink(0x0, &(0x7f0000000140)='./file0\x00')
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="02c9300c00080005001607040005000000"], 0x11)

1m25.544063158s ago: executing program 7 (id=2693):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, 0x0)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)={0x28, r1, 0x1, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0xc0)

1m24.629656441s ago: executing program 7 (id=2695):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)

1m24.011641159s ago: executing program 2 (id=2697):
syz_emit_vhci(&(0x7f0000001440)=ANY=[@ANYBLOB="02c93010000c000500188808"], 0x15)

1m23.934445474s ago: executing program 7 (id=2698):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r1, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0)

1m23.066016571s ago: executing program 2 (id=2700):
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x2000c12, &(0x7f0000000200)={[{@check_relaxed}, {@iocharset={'iocharset', 0x3d, 'iso8859-13'}}, {@check_relaxed}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@overriderock}, {@map_acorn}, {@check_strict}, {}, {@block={'block', 0x3d, 0x400}}, {@cruft}, {@check_relaxed}, {@uid}]}, 0x1, 0xa00, &(0x7f00000003c0)="$eJzs3UtsXFf9B/Dv9SNx3SpJ2/z7L1XbTFKSuq1xbIcmRF2UxJ4kLn4g25EasWhK46AQQ6EBqa2QmkqIFRVIIBawq1jBplI3dIO6gx2sWCChrthXrMLK6M6M49eMx3YdO00/n+h67uN3z/nd58mMr+eEz5eF/SumFhZqwxanL/5hBzLmLnZ29JP3P3ivHN69mT3pzPPFn5KeJJWkK8mjSffI6PTURJuCrieXk3ycFEn2pv66IZdT/CIPLE1/nOJ3Zb0t7dloybSzwBfabp9/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwNypGRgcHh4o9GZu8+HKlLqmsMTI6PVVkYWHtksV16j6q9fpdfNS23qQoh/T0LHb1/ejBpcWPJKkcyeP1qcdrHZKnJ2/f/8iBFx7u6lhcv1U2n8nejRd74623r786Pz/3RuuQhXfq27A9ud1lzlcnx2amxibOnK9WxmamKqdPnhw8fuHcTOXc2Hh15tLMbHWiMjJdPTM7NV3pG3mmMnT69IlKdeDS1MXJ86MD49XFmae+Mjw4eLLy0sA3q2emZ6Ymj780MDNyYWx8fGzyfC2mXFzGnCpPxG+MzVZmq2cmKpWr1+bnTqzKqXP1zi6DhtptSRk03C5oeHB4eGhoeHjo3Ubv2bdnnHz+9POnBge7BlfJmog7dNJyd7mv9WHe5js4bF1Hvf3Pd8czlslczMupNP03ktFMZyoTLZY3LLb/R49X1613efvfaOW7li1+rPxxJE82JntatP8tctm5fzfyVt7O9bya+cxnLm/sekY7++98qpnMWGYylbFM5ExtTqUxp5LTOZmTGcwruZBDmUkl5zKW8VQzk0uZyWyqtTNqJNOp5kxmM5XpVNKXkTyTSoZyOqdzIpVUM5BLmcrFTOZ8RnOmVsrVXKvt9xPr5Hg7aGgjQcPrBK1uzMtzfXPtf/Ve/Z8gG7b9N3HYooVG+7+nfWjfyE4kBAAAAGy7L/01+w4+9Jd/JUWeqH0uf25svPribqcFAAAAbKPa43qPly/d5dgTPbX3/4O7nRYAAACwjYra39gVSXpzqD62+JdQPgQAAACAe0Tt9/9Ppji0NMP7fwAAALjHtP+O/bYRRf/i1/9WrtRfrzQi6lNF77mx8erAyNT4C0M5VvuWgSRPrC2tMym6a39+8GwO16MO99Zfe5dKLOvsKaOGBl4YyrM50tiQvqfKl6f6mkQO1yOfrkc+vTyyMysiT5SRAHCvO7JOe7zR9v/Z9Ncj+h+rNfldjzVpgwe1rABwt7jdx85/G12aNWn/GxFPtmr/v7rO+/8y4qFcPVR/pGAgr+X1zOdK+tN44uBQs1IXeyOoP4bQ3+bTgN7GIwt/P9WR/jWfB/Tc3tblsXMZTn/TTwSWlVss5nCiHtd5Z44BAOy0I+u2wxtr//vbvP/v9UghANxVbvdgv4mRdzYTPPfGjd3eRgBgJa00AAAAAAAAAAAAAAAAAAAAAAAAAAAAbL8NfYH/344l8/NzyRY6C9jySM9mMlx/pCM7lPOuj3Qm2a3aX8ym1yqP8Weo9I/3NVb/9+7v+XtuZJdvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyIIulsNr8j2ZtkMMnxnc/qzrm52wlsl8qeLa1W3MqtvJl9254PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAXXOP7/ztSf72/PitdHcnRJJeTfGu3c9xOt3Y7gTujaB/yvXrg0vf/dyTdWSjSVT/sKbpHRqenJsqiir3l8k/e/+C9cmhf9tpeFcoCyhpWdC7RqGHZnO6Vaz1YW6t3dO7G9R+9/oPK6NnaiXl29tz46MT56a8vBT5SfJhUUh8WLeb7k6N//uWy2Y2OEooPyy1tbnW952r1jq6t9/+brd2i3g24Nj83XNY0W3159sffv/bmskUP5XDyVF/St7Km75RDi5oOr96fKxWfFj8r9uU3uVw7/uXeKBaK8hDtr23/fVevzc8NvPb6/JXbOb2zIqcDOZTkStKz8ZwOtT43a2ddR3dZ62AtqPxxsE1561pW4lCL/fpg7ZTp3dQ2VNpcX232eyOjE00z+tUPH86xTR/pY21qbKr4tPhncSH/yE+X9f/RUR7/o2l6dTYpoha57ExZvmzF5dVRj6xt+fDyBa+sLrPlVckd8PN8O1+7ffw7lt3/G8dqZ+5Hy2psfl0km78ufr9/TYuypNYiHVzVIjXuPq3WaeR5sB7VIs//y3P1MjdxR3muXYt9h67/3xZ9+U9u6v8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4+xVJZ7P5HcnRJAeS7C+nK8nC6pibW6ivo7fYSprbZis5f/4ULTe0uJVbeTP7djojAAAAAAAAAO6Ms6OfvP/Be+VQ+318Z77c0VhSSbqSHCh+3T0yOj010aag7uTy4q/0ezaXw+XyxwNL0x+XU4+2WWl3Hx8AgM+1/wUAAP//p2dujQ==")
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000002fc0)={0x0, 0x0, 0x0}, 0x40080)
mount$fuseblk(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$kcm(0x10, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$kcm(0x10, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000440)='vegas\x00', 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@mcast1, 0x1, 0x0, 0x2, 0x3, 0x9}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x29, 0x5, 0x0)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
sendmsg$nl_route_sched(r1, 0x0, 0x0)

1m23.01400782s ago: executing program 7 (id=2701):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_HANDLE(r0, 0x113, 0x3, 0x0, 0x0)
connect$phonet_pipe(r0, &(0x7f0000000000), 0x10)
r1 = socket$packet(0x11, 0x2, 0x300)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
memfd_create(0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000540), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x5)
setsockopt$inet_tcp_int(r3, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
bind$inet(r3, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg$inet(r3, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000340)="b9cd14c222ee3c0cb001829a8681ed391da1a71d8d", 0x63}], 0x1}}], 0x1, 0x20008000)
setsockopt$inet_tcp_TLS_TX(r3, 0x6, 0x1, &(0x7f0000000080)=@ccm_128={{0x303}, "f1a0f9fff9e440b4", "881aae83544dfa6412f91b9057e3f415", "9dca43b6", "9ecb592c6ee49fbd"}, 0x28)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x48, 0x83, 0x0, 0x80000001}, {0x6, 0x5, 0x0, 0xfffffc}]}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000018c0)={&(0x7f0000001900)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26, 0x0, 0x1, 0xfffffa16}, 0x28)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
write$binfmt_aout(r4, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r5 = syz_open_pts(r4, 0x0)
dup3(r5, r4, 0x0)

1m18.120723275s ago: executing program 2 (id=2704):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000cc0)=@newtaction={0x84, 0x30, 0x12f, 0x0, 0x0, {0x0, 0x0, 0x1be}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x4, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0xfffe}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x84}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8800}, 0x0)

1m16.611730587s ago: executing program 2 (id=2706):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(0x0, r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000200)={0x44, r1, 0xd55319eec59dfa33, 0xfffffffd, 0x25dfdbfc, {{}, {@void, @val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'dummy0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}]}]]}, 0x44}, 0x1, 0x0, 0x0, 0xc804}, 0xc2010)

1m15.817757955s ago: executing program 2 (id=2708):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)

1m14.617145114s ago: executing program 2 (id=2710):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40))
syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
openat(0xffffffffffffff9c, 0x0, 0x40, 0x10)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r2 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c050}, 0x20000000)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4040800}, 0x4000000)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, 0x0)
timerfd_create(0x9, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x20040800)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000, 0x2})
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x400000000020)
ioctl$KVM_CAP_DISABLE_QUIRKS2(r6, 0x4068aea3, &(0x7f00000000c0)={0xd5, 0x0, 0x7c})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x1, 0x0, 0x0)

1m7.374564773s ago: executing program 57 (id=2701):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_HANDLE(r0, 0x113, 0x3, 0x0, 0x0)
connect$phonet_pipe(r0, &(0x7f0000000000), 0x10)
r1 = socket$packet(0x11, 0x2, 0x300)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
memfd_create(0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000540), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x5)
setsockopt$inet_tcp_int(r3, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
bind$inet(r3, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg$inet(r3, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000340)="b9cd14c222ee3c0cb001829a8681ed391da1a71d8d", 0x63}], 0x1}}], 0x1, 0x20008000)
setsockopt$inet_tcp_TLS_TX(r3, 0x6, 0x1, &(0x7f0000000080)=@ccm_128={{0x303}, "f1a0f9fff9e440b4", "881aae83544dfa6412f91b9057e3f415", "9dca43b6", "9ecb592c6ee49fbd"}, 0x28)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x48, 0x83, 0x0, 0x80000001}, {0x6, 0x5, 0x0, 0xfffffc}]}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000018c0)={&(0x7f0000001900)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26, 0x0, 0x1, 0xfffffa16}, 0x28)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
write$binfmt_aout(r4, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r5 = syz_open_pts(r4, 0x0)
dup3(r5, r4, 0x0)

59.109218237s ago: executing program 58 (id=2710):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40))
syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
openat(0xffffffffffffff9c, 0x0, 0x40, 0x10)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r2 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c050}, 0x20000000)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4040800}, 0x4000000)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, 0x0)
timerfd_create(0x9, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x20040800)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000, 0x2})
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x400000000020)
ioctl$KVM_CAP_DISABLE_QUIRKS2(r6, 0x4068aea3, &(0x7f00000000c0)={0xd5, 0x0, 0x7c})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r6, r7, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x1, 0x0, 0x0)

23.826076849s ago: executing program 9 (id=2804):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000cc0)=@newtaction={0x84, 0x30, 0x12f, 0x0, 0x0, {0x0, 0x0, 0x1be}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x4, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0xfffe}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x84}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001e80)=@newtaction={0x18, 0x31, 0x1, 0xfffffffd, 0x25dfdbfb, {0x0, 0x0, 0x11}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8800}, 0x0)

23.087856863s ago: executing program 9 (id=2808):
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x2000c12, &(0x7f0000000200)={[{@check_relaxed}, {@iocharset={'iocharset', 0x3d, 'iso8859-13'}}, {@check_relaxed}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@overriderock}, {@map_acorn}, {@check_strict}, {}, {@block={'block', 0x3d, 0x400}}, {@cruft}, {@check_relaxed}, {@uid}]}, 0x1, 0xa00, &(0x7f00000003c0)="$eJzs3UtsXFf9B/Dv9SNx3SpJ2/z7L1XbTFKSuq1xbIcmRF2UxJ4kLn4g25EasWhK46AQQ6EBqa2QmkqIFRVIIBawq1jBplI3dIO6gx2sWCChrthXrMLK6M6M49eMx3YdO00/n+h67uN3z/nd58mMr+eEz5eF/SumFhZqwxanL/5hBzLmLnZ29JP3P3ivHN69mT3pzPPFn5KeJJWkK8mjSffI6PTURJuCrieXk3ycFEn2pv66IZdT/CIPLE1/nOJ3Zb0t7dloybSzwBfabp9/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwNypGRgcHh4o9GZu8+HKlLqmsMTI6PVVkYWHtksV16j6q9fpdfNS23qQoh/T0LHb1/ejBpcWPJKkcyeP1qcdrHZKnJ2/f/8iBFx7u6lhcv1U2n8nejRd74623r786Pz/3RuuQhXfq27A9ud1lzlcnx2amxibOnK9WxmamKqdPnhw8fuHcTOXc2Hh15tLMbHWiMjJdPTM7NV3pG3mmMnT69IlKdeDS1MXJ86MD49XFmae+Mjw4eLLy0sA3q2emZ6Ymj780MDNyYWx8fGzyfC2mXFzGnCpPxG+MzVZmq2cmKpWr1+bnTqzKqXP1zi6DhtptSRk03C5oeHB4eGhoeHjo3Ubv2bdnnHz+9POnBge7BlfJmog7dNJyd7mv9WHe5js4bF1Hvf3Pd8czlslczMupNP03ktFMZyoTLZY3LLb/R49X1613efvfaOW7li1+rPxxJE82JntatP8tctm5fzfyVt7O9bya+cxnLm/sekY7++98qpnMWGYylbFM5ExtTqUxp5LTOZmTGcwruZBDmUkl5zKW8VQzk0uZyWyqtTNqJNOp5kxmM5XpVNKXkTyTSoZyOqdzIpVUM5BLmcrFTOZ8RnOmVsrVXKvt9xPr5Hg7aGgjQcPrBK1uzMtzfXPtf/Ve/Z8gG7b9N3HYooVG+7+nfWjfyE4kBAAAAGy7L/01+w4+9Jd/JUWeqH0uf25svPribqcFAAAAbKPa43qPly/d5dgTPbX3/4O7nRYAAACwjYra39gVSXpzqD62+JdQPgQAAACAe0Tt9/9Ppji0NMP7fwAAALjHtP+O/bYRRf/i1/9WrtRfrzQi6lNF77mx8erAyNT4C0M5VvuWgSRPrC2tMym6a39+8GwO16MO99Zfe5dKLOvsKaOGBl4YyrM50tiQvqfKl6f6mkQO1yOfrkc+vTyyMysiT5SRAHCvO7JOe7zR9v/Z9Ncj+h+rNfldjzVpgwe1rABwt7jdx85/G12aNWn/GxFPtmr/v7rO+/8y4qFcPVR/pGAgr+X1zOdK+tN44uBQs1IXeyOoP4bQ3+bTgN7GIwt/P9WR/jWfB/Tc3tblsXMZTn/TTwSWlVss5nCiHtd5Z44BAOy0I+u2wxtr//vbvP/v9UghANxVbvdgv4mRdzYTPPfGjd3eRgBgJa00AAAAAAAAAAAAAAAAAAAAAAAAAAAAbL8NfYH/344l8/NzyRY6C9jySM9mMlx/pCM7lPOuj3Qm2a3aX8ym1yqP8Weo9I/3NVb/9+7v+XtuZJdvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyIIulsNr8j2ZtkMMnxnc/qzrm52wlsl8qeLa1W3MqtvJl9254PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAXXOP7/ztSf72/PitdHcnRJJeTfGu3c9xOt3Y7gTujaB/yvXrg0vf/dyTdWSjSVT/sKbpHRqenJsqiir3l8k/e/+C9cmhf9tpeFcoCyhpWdC7RqGHZnO6Vaz1YW6t3dO7G9R+9/oPK6NnaiXl29tz46MT56a8vBT5SfJhUUh8WLeb7k6N//uWy2Y2OEooPyy1tbnW952r1jq6t9/+brd2i3g24Nj83XNY0W3159sffv/bmskUP5XDyVF/St7Km75RDi5oOr96fKxWfFj8r9uU3uVw7/uXeKBaK8hDtr23/fVevzc8NvPb6/JXbOb2zIqcDOZTkStKz8ZwOtT43a2ddR3dZ62AtqPxxsE1561pW4lCL/fpg7ZTp3dQ2VNpcX232eyOjE00z+tUPH86xTR/pY21qbKr4tPhncSH/yE+X9f/RUR7/o2l6dTYpoha57ExZvmzF5dVRj6xt+fDyBa+sLrPlVckd8PN8O1+7ffw7lt3/G8dqZ+5Hy2psfl0km78ufr9/TYuypNYiHVzVIjXuPq3WaeR5sB7VIs//y3P1MjdxR3muXYt9h67/3xZ9+U9u6v8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4+xVJZ7P5HcnRJAeS7C+nK8nC6pibW6ivo7fYSprbZis5f/4ULTe0uJVbeTP7djojAAAAAAAAAO6Ms6OfvP/Be+VQ+318Z77c0VhSSbqSHCh+3T0yOj010aag7uTy4q/0ezaXw+XyxwNL0x+XU4+2WWl3Hx8AgM+1/wUAAP//p2dujQ==")
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x40080)
mount$fuseblk(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$kcm(0x10, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@mcast1, 0x1, 0x0, 0x2, 0x3, 0x9}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x29, 0x5, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
futex(0x0, 0x84, 0x0, 0x0, 0x0, 0x0)

20.875771013s ago: executing program 9 (id=2814):
socket$nl_route(0x10, 0x3, 0x0)
symlink(0x0, &(0x7f0000000140)='./file0\x00')
syz_emit_vhci(0x0, 0x11)

19.904435126s ago: executing program 9 (id=2819):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000640)={{0x1}})
readv(r0, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x5422)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)

18.925340019s ago: executing program 9 (id=2821):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={0x28, r0, 0x801, 0x0, 0x400003, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_KEY={0xc, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5, 0x2, 0xfe}]}]}, 0x28}}, 0x4000)

18.491278492s ago: executing program 8 (id=2824):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={0x1c, r0, 0x801, 0x0, 0x400003, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x4000)

17.979393278s ago: executing program 9 (id=2825):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4031, 0xffffffffffffffff, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xe9}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = userfaultfd(0x80001)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa07, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1, 0x2})

17.732779952s ago: executing program 8 (id=2826):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @mcast2}, {0xa, 0x0, 0x7, @mcast1}}}, 0x48)
close_range(r0, 0xffffffffffffffff, 0x0)

16.878231985s ago: executing program 8 (id=2830):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000000)="2ef36644f7e62e3e672e450f078f29d095abaa960000b890a4f084ef66bafc0c6d8f297812cf66ba410066ef48b800100000000000000f23d00f21f835100000080f23f866baf80cb88ef01480ef66bafc0c66b80c0066efc7442402d8650000c7442406000000000f011c2466ba4200ec2e64f30f5a8e6c000000", 0x7b}], 0x1, 0x52, &(0x7f0000000200)=[@vmwrite={0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x85200000c}], 0x1)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x3, 0xec, 0x401, 0x3, 0x7, 0x4, 0x8000000000000001, 0x80000001, 0x1, 0x200, 0x4, 0x6, 0x9, 0x10000000003a, 0x9, 0x9], 0x0, 0x2a80})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, 0x0}], 0x1, 0x65, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

15.604726375s ago: executing program 8 (id=2834):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, 0x0, 0xc0)

14.69134025s ago: executing program 8 (id=2836):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={0x1c, r0, 0x801, 0x0, 0x400003, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x4000)

13.719126318s ago: executing program 8 (id=2838):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
sendmmsg$inet(r2, 0x0, 0x0, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
open(0x0, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x11, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000001540)=@raw={'raw\x00', 0x3c1, 0x3, 0x1388, 0x1290, 0x5802, 0x294, 0x1290, 0x294, 0x1408, 0x325, 0x378, 0x1408, 0x378, 0x3, 0x0, {[{{@ipv6={@loopback, @empty, [0x0, 0x0, 0x0, 0xff000000], [], 'pimreg0\x00', 'macsec0\x00', {0xff}, {}, 0x0, 0x0, 0x3}, 0x0, 0x10d8, 0x1140, 0x52020000, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0xfc, 0xfd, 0x0, './cgroup.net/syz1\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x108, 0x178, 0x0, {}, [@common=@ah={{0x30}}, @common=@frag={{0x30}, {[0x0, 0x101]}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0xcfd, 0x8000, 0x8, 0x1, 0x0, "40384e1aa968ae1a869c8ce9a46b9ff41931137193fc6c2a5d28667be0e6c0e8dd7ab2a2560d636022502c16f2d80f7e97c47fa0a3d21b373dc257058a128931"}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x13e8)
r4 = socket$inet6(0xa, 0x3, 0x8000000003c)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'})
connect$inet6(r4, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg(r4, &(0x7f00000000c0)={0x0, 0x9584, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

6.52021457s ago: executing program 1 (id=2853):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r1, 0x0, 0x0)

6.23994502s ago: executing program 5 (id=2854):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000640)={{0x1}})
readv(r0, &(0x7f0000000500), 0x0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x5422)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)

6.144661303s ago: executing program 3 (id=2855):
socket$nl_route(0x10, 0x3, 0x0)
symlink(0x0, &(0x7f0000000140)='./file0\x00')
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x11)

5.523194978s ago: executing program 1 (id=2856):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000000)={0x20000000000002d4, &(0x7f0000000100)})
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_SEQ_NRSYNTHS(r0, 0x40045109, &(0x7f0000001280))

5.455899354s ago: executing program 3 (id=2857):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/246, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)

5.228350407s ago: executing program 5 (id=2858):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, 0x0, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000e40)={0x1, 0x0, [{0x0, 0xf3, &(0x7f00000008c0)=""/243}]})
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f0000000200))
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf}, 0x94)

4.910970417s ago: executing program 1 (id=2859):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0xc0)

4.038441071s ago: executing program 3 (id=2860):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, 0x0, 0xc2d41, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x94)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x10)
syz_emit_ethernet(0x36, &(0x7f00000002c0)=ANY=[], 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xfff3, 0x2}}}, 0x24}}, 0x0)

3.522363614s ago: executing program 5 (id=2861):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20000000)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r2, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r1, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0)

3.427382027s ago: executing program 1 (id=2862):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENT(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="58000000000000009fed2788c5532994414b47034801d524faf416638217", @ANYRES32], 0x58)
mount$9p_fd(0x0, &(0x7f00000025c0)='./file0\x00', &(0x7f0000002340), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
chdir(&(0x7f0000000100)='./file0\x00')
read$FUSE(r0, &(0x7f0000000300)={0x2020}, 0x2020)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)

2.251900055s ago: executing program 59 (id=2825):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000a, 0x4031, 0xffffffffffffffff, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xe9}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = userfaultfd(0x80001)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa07, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1, 0x2})

2.186114511s ago: executing program 3 (id=2864):
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x7c}}, 0x80)

2.164444686s ago: executing program 5 (id=2865):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r1)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003380)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000006cfa000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='kfree\x00', r4, 0x0, 0xfffffffffffffffd}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYRESDEC, @ANYBLOB], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x23, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x379542d6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mq_unlink(0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5, 0x0, 0xfffffffffffffffe}, 0x18)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
r7 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, 0x0, 0x0)
sendmmsg$inet(r6, &(0x7f0000006c80)=[{{&(0x7f00000006c0)={0x2, 0x4e25, @private=0xa010102}, 0x10, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10800000000000000000000007000000"], 0x10}}], 0x1, 0x2400c870)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00000000001080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, 0x0, &(0x7f0000000180))
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x24008000}, 0x4040000)

2.105746635s ago: executing program 1 (id=2866):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001280)={0x0, 0x0, 0x0}, 0x0)

1.471647577s ago: executing program 3 (id=2867):
socket$nl_route(0x10, 0x3, 0x0)
symlink(0x0, &(0x7f0000000140)='./file0\x00')
syz_emit_vhci(&(0x7f0000000100)=ANY=[], 0x11)

1.095151708s ago: executing program 5 (id=2868):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000640)={{0x1}})
readv(r0, &(0x7f0000000500), 0x0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x5422)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)

605.630537ms ago: executing program 3 (id=2869):
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x43, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff})
truncate(&(0x7f0000000080)='./file1\x00', 0x400000f000)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r0, &(0x7f0000000040)={0x2, 0xa000, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{0x0}], 0x1)
ioctl$sock_FIOGETOWN(r0, 0x8903, 0x0)
syz_emit_vhci(0x0, 0x11)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
io_submit(0x0, 0x1, &(0x7f0000000580)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, 0x0, &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100))
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})

495.565579ms ago: executing program 1 (id=2870):
socket$nl_audit(0x10, 0x3, 0x9)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00')
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffffffffffffffff}, 0x6)
r2 = socket$unix(0x1, 0x2, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e23, 0x0, @remote, 0x21ff}}}, 0x0)
socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a80)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000001007d60b7030000000000006a0a00fe00000100850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465cbf188ef10871b81ac7553358380b3a1f59916ffc9bf0bdf81524f07fb2819bf5774fedda52e39c90af27db5b56024df96b4673b4e8d5467e114604ea09b290a248a120c9c6cd87cef9000000a39c15a7ef365cc27dfeac7b9b0e9048517354b0ca4f9cf8b59ee6fa003fe1f2c4c15f20a07db4583a462d8be6602186fd68ee14a19ea2eb42122b8635a66ce6b5b92356081bc0f18a0ca83dbc089a9813c1efa26001b3f486ebfaae85c4d0b96778478ae5355e6f923b11056969f486f80a35f7f2339704fa93fa915ab8e1e0d7f31ebd19455e6827cd493907bf9d0000000000000000000000004e1fa60acabcf0553910ca2e5ea499fd5889dde9261f0848a5b8af657bfc96049308e8953431b269053627a1523551c160c813969925a892d266792352ec0204596a37ce8d6d260b32239bddbce2e79f93cb5a0ad897adb53b397d07c50f84b74f2605a565ee149016aa75ea31c0087dcd821b47c8b36efc6da4fb2ea7f1f36c85856b73ac9872babc62149699b6b8c796a79d833eb4b5ca668d430db5653a2b3c5b87e17ca1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000040)="b90103600040f000009e0ff008001f", 0x0, 0x100, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x400448ca, 0x0)
syz_80211_inject_frame(&(0x7f00000000c0)=@device_b, &(0x7f0000000080)=ANY=[@ANYRESDEC], 0x36)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)

0s ago: executing program 5 (id=2871):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0xd2f0})
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r2, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r2, 0x8)
r3 = accept4(r2, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000001400)={0x0, 0x0, 0x7a}, 0x8)
sendto$inet6(r3, &(0x7f00000000c0)="44dab01a", 0x4, 0x24040001, &(0x7f0000000100)={0xa, 0x4e24, 0x8000, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xe}, 0x1c)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
lsm_list_modules(0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
write$binfmt_aout(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="c02102"], 0x20)
userfaultfd(0x80801)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="cc00000077e7b633de7197709190b9556efa8e82af0d25986b00177cc92c95526c78a0a74bcb1c2db1b1f48b10cd9f300ba8305c4925d52aa46e8417e5c2be48c4209711adf35cd9e0f88e44cb21eb0735eeab7e5f5ea6f7a29b62b48c496460090005ee9d0a8d66a7aee96d25e2", @ANYRES16=0x0], 0xcc}, 0x1, 0x0, 0x0, 0x4004050}, 0x4000000)
sendmsg$netlink(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100001f0001000000000000000000040100804c"], 0x114}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

moving interface: batadv_slave_0
[ 1162.878903][   T54] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1162.887054][   T54] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1162.956767][   T54] veth1_macvtap: left promiscuous mode
[ 1162.963760][   T54] veth0_macvtap: left promiscuous mode
[ 1162.976519][   T54] veth1_vlan: left promiscuous mode
[ 1162.982340][   T54] veth0_vlan: left promiscuous mode
[ 1163.612219][   T30] audit: type=1800 audit(1753883395.289:179): pid=13445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2129" name="bus" dev="tmpfs" ino=1928 res=0 errno=0
[ 1164.179611][   T54] team0 (unregistering): Port device team_slave_1 removed
[ 1164.283681][   T54] team0 (unregistering): Port device team_slave_0 removed
[ 1165.161807][T13365] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1165.205549][T13390] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1165.293774][T13390] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1165.378025][T13390] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1165.467405][T13390] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1165.707934][   T14] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1165.879563][   T14] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1166.037159][   T14] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1166.300926][   T14] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1166.407315][T13456] syzkaller1: entered promiscuous mode
[ 1166.413627][T13456] syzkaller1: entered allmulticast mode
[ 1166.734219][T13390] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1166.999118][   T14] bridge_slave_1: left allmulticast mode
[ 1167.005449][   T14] bridge_slave_1: left promiscuous mode
[ 1167.012676][   T14] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1167.085454][   T14] bridge_slave_0: left allmulticast mode
[ 1167.091612][   T14] bridge_slave_0: left promiscuous mode
[ 1167.098267][   T14] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1167.633193][   T14] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1167.659453][   T14] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1167.697733][   T14] bond0 (unregistering): Released all slaves
[ 1167.878520][T13390] 8021q: adding VLAN 0 to HW filter on device team0
[ 1167.977336][ T8211] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1167.985062][ T8211] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1168.111130][ T8211] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1168.118841][ T8211] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1168.697747][   T14] hsr_slave_0: left promiscuous mode
[ 1168.736074][   T14] hsr_slave_1: left promiscuous mode
[ 1168.745293][   T14] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1168.753352][   T14] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1168.781999][   T14] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1168.789810][   T14] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1168.850272][   T14] veth1_macvtap: left promiscuous mode
[ 1168.856851][   T14] veth0_macvtap: left promiscuous mode
[ 1168.863052][   T14] veth1_vlan: left promiscuous mode
[ 1168.868646][   T14] veth0_vlan: left promiscuous mode
[ 1169.955312][   T14] team0 (unregistering): Port device team_slave_1 removed
[ 1170.093571][   T14] team0 (unregistering): Port device team_slave_0 removed
[ 1171.498363][T13365] veth0_vlan: entered promiscuous mode
[ 1171.624164][T13365] veth1_vlan: entered promiscuous mode
[ 1171.934072][T13365] veth0_macvtap: entered promiscuous mode
[ 1172.006643][T13365] veth1_macvtap: entered promiscuous mode
[ 1172.230042][T13365] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1172.325671][T13365] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1172.456038][T13365] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1172.465528][T13365] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1172.475522][T13365] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1172.484876][T13365] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1172.952305][   T30] audit: type=1326 audit(1753883404.629:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13480 comm="syz.1.2138" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1173.043242][T13390] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1173.570611][T13390] veth0_vlan: entered promiscuous mode
[ 1173.703327][T13390] veth1_vlan: entered promiscuous mode
[ 1174.006823][T13390] veth0_macvtap: entered promiscuous mode
[ 1174.112949][T13390] veth1_macvtap: entered promiscuous mode
[ 1174.276113][T13390] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1174.419528][T13390] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1174.493463][T13390] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1174.503280][T13390] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1174.512593][T13390] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1174.521926][T13390] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1179.173202][ T3676] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1179.181667][ T3676] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1179.406814][ T3448] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1179.415237][ T3448] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1180.156848][T13539] loop9: detected capacity change from 0 to 256
[ 1180.356353][T13539] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xc44194a6, utbl_chksum : 0xe619d30d)
[ 1180.732393][T13539] exFAT-fs (loop9): IO charset is not found
[ 1181.111647][ T3766] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1181.119860][ T3766] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1181.409538][ T3728] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1181.417957][ T3728] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1182.270342][T13559] loop2: detected capacity change from 0 to 256
[ 1182.402152][   T30] audit: type=1326 audit(1753883414.069:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13548 comm="syz.3.2149" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7fc00000
[ 1182.604826][T13558] loop9: detected capacity change from 0 to 4096
[ 1182.660022][T13559] FAT-fs (loop2): Directory bread(block 64) failed
[ 1182.667886][T13559] FAT-fs (loop2): Directory bread(block 65) failed
[ 1182.675159][T13559] FAT-fs (loop2): Directory bread(block 66) failed
[ 1182.682266][T13559] FAT-fs (loop2): Directory bread(block 67) failed
[ 1182.689253][T13559] FAT-fs (loop2): Directory bread(block 68) failed
[ 1182.696409][T13559] FAT-fs (loop2): Directory bread(block 69) failed
[ 1182.704056][T13559] FAT-fs (loop2): Directory bread(block 70) failed
[ 1182.710836][T13559] FAT-fs (loop2): Directory bread(block 71) failed
[ 1182.718050][T13559] FAT-fs (loop2): Directory bread(block 72) failed
[ 1182.725130][T13559] FAT-fs (loop2): Directory bread(block 73) failed
[ 1182.844198][T13558] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1183.809194][T13365] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1185.550637][T13581] loop2: detected capacity change from 0 to 2048
[ 1185.665140][T13581] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1188.871716][   T30] audit: type=1326 audit(1753883420.549:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13591 comm="syz.0.2164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28539 code=0x7fc00000
[ 1188.897563][   T30] audit: type=1326 audit(1753883420.549:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13591 comm="syz.0.2164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f28539 code=0x7fc00000
[ 1188.921806][   T30] audit: type=1326 audit(1753883420.549:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13591 comm="syz.0.2164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28539 code=0x7fc00000
[ 1188.944652][   T30] audit: type=1326 audit(1753883420.549:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13591 comm="syz.0.2164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28539 code=0x7fc00000
[ 1188.968418][   T30] audit: type=1326 audit(1753883420.549:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13591 comm="syz.0.2164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28539 code=0x7fc00000
[ 1188.994175][   T30] audit: type=1326 audit(1753883420.549:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13591 comm="syz.0.2164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28539 code=0x7fc00000
[ 1189.018388][   T30] audit: type=1326 audit(1753883420.549:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13591 comm="syz.0.2164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28539 code=0x7fc00000
[ 1189.041488][   T30] audit: type=1326 audit(1753883420.549:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13591 comm="syz.0.2164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28539 code=0x7fc00000
[ 1189.064199][   T30] audit: type=1326 audit(1753883420.549:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13591 comm="syz.0.2164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28539 code=0x7fc00000
[ 1189.090055][   T30] audit: type=1326 audit(1753883420.639:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13591 comm="syz.0.2164" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28539 code=0x7fc00000
[ 1192.418860][T13613] loop1: detected capacity change from 0 to 64
[ 1193.391080][T13615] loop0: detected capacity change from 0 to 2048
[ 1193.568869][T13615] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1199.382088][T10027] Bluetooth: hci2: command 0x0406 tx timeout
[ 1204.266933][T13666] loop1: detected capacity change from 0 to 64
[ 1206.670651][   T49] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1206.724220][   T49] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1206.747966][   T49] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1206.821702][   T49] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1206.836992][   T49] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1207.654105][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1207.660813][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1208.083291][T13672] chnl_net:caif_netlink_parms(): no params data found
[ 1208.901534][T10027] Bluetooth: hci0: command tx timeout
[ 1210.140906][T13672] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1210.149211][T13672] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1210.157717][T13672] bridge_slave_0: entered allmulticast mode
[ 1210.167524][T13672] bridge_slave_0: entered promiscuous mode
[ 1210.446962][T13672] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1210.455144][T13672] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1210.463425][T13672] bridge_slave_1: entered allmulticast mode
[ 1210.473892][T13672] bridge_slave_1: entered promiscuous mode
[ 1210.683414][T13672] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1210.844098][T13672] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1210.981824][T10027] Bluetooth: hci0: command tx timeout
[ 1211.364784][T13672] team0: Port device team_slave_0 added
[ 1211.529551][T13672] team0: Port device team_slave_1 added
[ 1211.952531][T13672] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1211.959707][T13672] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1211.986483][T13672] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1212.176015][T13672] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1212.183498][T13672] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1212.210457][T13672] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1212.831442][T13672] hsr_slave_0: entered promiscuous mode
[ 1212.847056][T13672] hsr_slave_1: entered promiscuous mode
[ 1212.855541][T13672] debugfs: 'hsr0' already exists in 'hsr'
[ 1212.861613][T13672] Cannot create hsr debugfs directory
[ 1213.075685][T10027] Bluetooth: hci0: command tx timeout
[ 1215.104203][T13702] loop0: detected capacity change from 0 to 8192
[ 1215.122440][T13672] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1215.142681][T10027] Bluetooth: hci0: command tx timeout
[ 1215.247285][T13672] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1215.370667][T13672] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1215.486809][T13672] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1216.983572][T13672] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1217.226323][T13672] 8021q: adding VLAN 0 to HW filter on device team0
[ 1217.337682][ T3728] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1217.345389][ T3728] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1217.476458][ T3728] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1217.484120][ T3728] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1219.050149][T13719] random: crng reseeded on system resumption
[ 1220.135881][T13725] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2206'.
[ 1221.407999][T13672] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1223.294322][T13743] loop9: detected capacity change from 0 to 256
[ 1223.774633][T13743] FAT-fs (loop9): Directory bread(block 64) failed
[ 1223.782589][T13743] FAT-fs (loop9): Directory bread(block 65) failed
[ 1223.789597][T13743] FAT-fs (loop9): Directory bread(block 66) failed
[ 1223.802558][T13743] FAT-fs (loop9): Directory bread(block 67) failed
[ 1223.809513][T13743] FAT-fs (loop9): Directory bread(block 68) failed
[ 1223.818277][T13743] FAT-fs (loop9): Directory bread(block 69) failed
[ 1223.825359][T13743] FAT-fs (loop9): Directory bread(block 70) failed
[ 1223.832245][T13743] FAT-fs (loop9): Directory bread(block 71) failed
[ 1223.839298][T13743] FAT-fs (loop9): Directory bread(block 72) failed
[ 1223.846247][T13743] FAT-fs (loop9): Directory bread(block 73) failed
[ 1224.341090][T13749] loop1: detected capacity change from 0 to 64
[ 1225.466631][T13672] veth0_vlan: entered promiscuous mode
[ 1225.588040][T13672] veth1_vlan: entered promiscuous mode
[ 1225.666328][T13755] syzkaller1: entered promiscuous mode
[ 1225.672407][T13755] syzkaller1: entered allmulticast mode
[ 1226.246297][T13672] veth0_macvtap: entered promiscuous mode
[ 1226.330229][T13672] veth1_macvtap: entered promiscuous mode
[ 1226.600984][T13672] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1226.782327][T13672] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1226.887239][T13672] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1226.897948][T13672] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1226.908224][T13672] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1226.918058][T13672] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1229.243445][ T3766] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1229.486553][ T3766] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1229.781811][ T3766] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1230.021977][ T3766] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1230.326960][T13777] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2219'.
[ 1230.735077][ T3766] bridge_slave_1: left allmulticast mode
[ 1230.740898][ T3766] bridge_slave_1: left promiscuous mode
[ 1230.748794][ T3766] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1230.864247][ T3766] bridge_slave_0: left allmulticast mode
[ 1230.870440][ T3766] bridge_slave_0: left promiscuous mode
[ 1230.879255][ T3766] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1231.567966][ T3766] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1231.607175][T13782] loop9: detected capacity change from 0 to 1024
[ 1231.649995][ T3766] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1231.720341][ T3766] bond0 (unregistering): Released all slaves
[ 1231.877170][T13782] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1231.895901][T13782] ext4 filesystem being mounted at /19/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1232.464372][T13365] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1232.801808][ T3766] hsr_slave_0: left promiscuous mode
[ 1232.825118][ T3766] hsr_slave_1: left promiscuous mode
[ 1232.833730][ T3766] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1232.842162][ T3766] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1232.868067][ T3766] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1232.876167][ T3766] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1232.971796][ T3766] veth1_macvtap: left promiscuous mode
[ 1232.977623][ T3766] veth0_macvtap: left promiscuous mode
[ 1232.984183][ T3766] veth1_vlan: left promiscuous mode
[ 1232.989784][ T3766] veth0_vlan: left promiscuous mode
[ 1233.793450][T13790] loop1: detected capacity change from 0 to 1024
[ 1233.832185][T13790] EXT4-fs: Ignoring removed nobh option
[ 1233.838427][T13790] EXT4-fs: Ignoring removed bh option
[ 1234.153295][ T3766] team0 (unregistering): Port device team_slave_1 removed
[ 1234.203702][ T3766] team0 (unregistering): Port device team_slave_0 removed
[ 1234.608791][T13790] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1234.716664][T13803] loop9: detected capacity change from 0 to 128
[ 1234.899558][T13803] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[ 1234.997172][T13803] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1235.234510][T13807] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input17
[ 1235.446009][T13365] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1235.472848][   T49] Bluetooth: hci4: command 0x0406 tx timeout
[ 1236.209846][T13815] loop0: detected capacity change from 0 to 256
[ 1236.353831][T11976] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1236.671744][T13815] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x4d00fdee, utbl_chksum : 0xe619d30d)
[ 1236.821747][T13815] exFAT-fs (loop0): error, invalid access to FAT (entry 0x00000005) bogus content (0x0101ffff)
[ 1236.832716][T13815] exFAT-fs (loop0): Filesystem has been set read-only
[ 1236.839717][T13815] exFAT-fs (loop0): failed to initialize root inode
[ 1238.579318][ T3676] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1238.587549][ T3676] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1238.840371][   T14] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1238.851715][   T14] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1239.766598][T13842] loop8: detected capacity change from 0 to 2048
[ 1240.042354][T13842] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1240.402550][T11431] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[ 1240.582012][T11431] usb 2-1: Using ep0 maxpacket: 32
[ 1240.621618][T11431] usb 2-1: config 0 has an invalid interface number: 29 but max is 0
[ 1240.630278][T11431] usb 2-1: config 0 has no interface number 0
[ 1240.637637][T11431] usb 2-1: config 0 interface 29 has no altsetting 0
[ 1240.738436][T11431] usb 2-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[ 1240.748316][T11431] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1240.757147][T11431] usb 2-1: Product: syz
[ 1240.761758][T11431] usb 2-1: Manufacturer: syz
[ 1240.766620][T11431] usb 2-1: SerialNumber: syz
[ 1240.885402][T11431] usb 2-1: config 0 descriptor??
[ 1241.051996][ T5935] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[ 1241.117937][T11431] peak_usb 2-1:0.29: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels)
[ 1241.292883][ T5935] usb 10-1: Using ep0 maxpacket: 16
[ 1241.331750][T11431] peak_usb 2-1:0.29 can0: unable to request usb[type=2 value=5] err=-71
[ 1241.340577][T11431] peak_usb 2-1:0.29: unable to tell PCAN-USB X6 driver is loaded (err -71)
[ 1241.362533][ T5935] usb 10-1: config 0 has no interfaces?
[ 1241.435280][ T5935] usb 10-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1241.445002][ T5935] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1241.453979][ T5935] usb 10-1: Product: syz
[ 1241.458483][ T5935] usb 10-1: Manufacturer: syz
[ 1241.466292][ T5935] usb 10-1: SerialNumber: syz
[ 1241.498981][T11431] peak_usb 2-1:0.29: probe with driver peak_usb failed with error -71
[ 1241.552872][T11431] usb 2-1: USB disconnect, device number 19
[ 1241.573618][ T5935] usb 10-1: config 0 descriptor??
[ 1241.632891][T13852] loop8: detected capacity change from 0 to 1764
[ 1244.167906][T11435] usb 10-1: USB disconnect, device number 3
[ 1246.263205][T13884] loop9: detected capacity change from 0 to 2048
[ 1246.452060][T13884] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1246.816148][T11431] libceph: connect (1)[c::]:6789 error -101
[ 1246.822942][T11431] libceph: mon0 (1)[c::]:6789 connect error
[ 1247.093176][T11431] libceph: connect (1)[c::]:6789 error -101
[ 1247.099729][T11431] libceph: mon0 (1)[c::]:6789 connect error
[ 1247.555891][T13889] ceph: No mds server is up or the cluster is laggy
[ 1249.547245][T13904] loop8: detected capacity change from 0 to 64
[ 1253.530985][T13923] loop0: detected capacity change from 0 to 2048
[ 1253.616261][T13923] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1256.075204][T11431] libceph: connect (1)[c::]:6789 error -101
[ 1256.082314][T11431] libceph: mon0 (1)[c::]:6789 connect error
[ 1256.261978][T11435] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 1256.370509][T11431] libceph: connect (1)[c::]:6789 error -101
[ 1256.377404][T11431] libceph: mon0 (1)[c::]:6789 connect error
[ 1256.403185][T13936] ceph: No mds server is up or the cluster is laggy
[ 1256.467983][T11435] usb 2-1: Using ep0 maxpacket: 32
[ 1256.658605][T11435] usb 2-1: config 0 has an invalid interface number: 29 but max is 0
[ 1256.671100][T11435] usb 2-1: config 0 has no interface number 0
[ 1256.679109][T11435] usb 2-1: config 0 interface 29 has no altsetting 0
[ 1257.072181][T13943] overlayfs: failed to clone upperpath
[ 1257.165838][T11435] usb 2-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[ 1257.180407][T11435] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1257.190218][T11435] usb 2-1: Product: syz
[ 1257.194935][T11435] usb 2-1: Manufacturer: syz
[ 1257.199738][T11435] usb 2-1: SerialNumber: syz
[ 1257.258082][T11435] usb 2-1: config 0 descriptor??
[ 1257.518292][T11435] peak_usb 2-1:0.29 can0: unable to request usb[type=0 value=1] err=-71
[ 1257.527351][T11435] peak_usb 2-1:0.29: unable to read PCAN-USB X6 firmware info (err -71)
[ 1257.734041][T11435] peak_usb 2-1:0.29: probe with driver peak_usb failed with error -71
[ 1257.762199][T13948] loop8: detected capacity change from 0 to 64
[ 1257.774046][T11435] usb 2-1: USB disconnect, device number 20
[ 1259.635341][T13959] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1260.740330][T13961] loop1: detected capacity change from 0 to 2048
[ 1261.600209][T13961] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1262.310935][T13965] loop0: detected capacity change from 0 to 1024
[ 1262.577065][T13965] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled
[ 1262.962786][T13965] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1263.849864][T12786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1264.059918][   T49] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1264.099020][   T49] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1264.203634][   T49] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1264.263241][   T49] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1264.355102][   T49] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1265.493889][T13978] syz.0.2281: attempt to access beyond end of device
[ 1265.493889][T13978] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1265.507418][T13978] syz.0.2281: attempt to access beyond end of device
[ 1265.507418][T13978] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1265.650680][T13974] chnl_net:caif_netlink_parms(): no params data found
[ 1266.422819][T10027] Bluetooth: hci5: command tx timeout
[ 1267.408818][T13974] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1267.424062][T13974] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1267.432069][T13974] bridge_slave_0: entered allmulticast mode
[ 1267.440813][T13974] bridge_slave_0: entered promiscuous mode
[ 1267.585249][T13974] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1267.593048][T13974] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1267.600645][T13974] bridge_slave_1: entered allmulticast mode
[ 1267.609404][T13974] bridge_slave_1: entered promiscuous mode
[ 1268.066044][T13974] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1268.160151][T13974] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1268.502943][T10027] Bluetooth: hci5: command tx timeout
[ 1268.668886][T13974] team0: Port device team_slave_0 added
[ 1268.710686][T13974] team0: Port device team_slave_1 added
[ 1268.910870][T14007] ptrace attach of "./syz-executor exec"[12786] was attempted by ""[14007]
[ 1269.047544][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1269.057711][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1269.116553][T13974] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1269.124576][T13974] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1269.152081][T13974] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1269.249582][T13974] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1269.263025][T13974] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1269.291072][T13974] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1269.927031][T13974] hsr_slave_0: entered promiscuous mode
[ 1269.937710][T13974] hsr_slave_1: entered promiscuous mode
[ 1269.946956][T13974] debugfs: 'hsr0' already exists in 'hsr'
[ 1269.953174][T13974] Cannot create hsr debugfs directory
[ 1270.582137][T10027] Bluetooth: hci5: command tx timeout
[ 1271.712754][T14021] netlink: 'syz.3.2293': attribute type 3 has an invalid length.
[ 1272.507582][T13974] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1272.578724][T13974] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1272.661827][T10027] Bluetooth: hci5: command tx timeout
[ 1272.695747][T13974] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1272.807234][T13974] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1274.305172][T11431] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 1274.468265][T13974] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1274.576470][T11431] usb 2-1: Using ep0 maxpacket: 32
[ 1274.740664][T11431] usb 2-1: config 0 has an invalid interface number: 29 but max is 0
[ 1274.750937][T11431] usb 2-1: config 0 has no interface number 0
[ 1274.757479][T11431] usb 2-1: config 0 interface 29 has no altsetting 0
[ 1274.971502][T11431] usb 2-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[ 1274.980983][T11431] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1274.990239][T11431] usb 2-1: Product: syz
[ 1274.997763][T11431] usb 2-1: Manufacturer: syz
[ 1275.003552][T11431] usb 2-1: SerialNumber: syz
[ 1275.072305][T13974] 8021q: adding VLAN 0 to HW filter on device team0
[ 1275.118164][T11431] usb 2-1: config 0 descriptor??
[ 1275.149102][   T54] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1275.156738][   T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1275.346940][   T54] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1275.354504][   T54] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1275.461996][T11431] peak_usb 2-1:0.29 can0: unable to request usb[type=0 value=1] err=-71
[ 1275.470778][T11431] peak_usb 2-1:0.29: unable to read PCAN-USB X6 firmware info (err -71)
[ 1275.643837][T11431] peak_usb 2-1:0.29: probe with driver peak_usb failed with error -71
[ 1275.750925][T11431] usb 2-1: USB disconnect, device number 21
[ 1278.688169][T14046] loop0: detected capacity change from 0 to 2048
[ 1278.824827][T14046] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1280.804335][T13974] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1283.438707][T14070] loop0: detected capacity change from 0 to 1764
[ 1283.705969][T14070] isofs_fill_super: root inode is not a directory. Corrupted media?
[ 1284.383958][T13974] veth0_vlan: entered promiscuous mode
[ 1284.550348][T13974] veth1_vlan: entered promiscuous mode
[ 1285.348373][T13974] veth0_macvtap: entered promiscuous mode
[ 1285.517914][T13974] veth1_macvtap: entered promiscuous mode
[ 1285.902609][T13974] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1286.009166][T13974] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1286.077051][T13974] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1286.086398][T13974] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1286.095462][T13974] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1286.104522][T13974] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1286.130307][T14078] loop0: detected capacity change from 0 to 2048
[ 1286.254931][T14078] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1290.227665][   T49] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1290.268967][   T49] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1290.387419][   T49] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1290.420887][   T49] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1290.470748][   T49] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1291.372755][   T58] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1291.726583][   T58] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1291.953565][   T58] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1292.133327][   T58] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1292.206452][   T30] kauditd_printk_skb: 23 callbacks suppressed
[ 1292.206531][   T30] audit: type=1326 audit(1753883523.889:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.1.2321" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1292.236229][   T30] audit: type=1326 audit(1753883523.889:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.1.2321" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1292.258720][   T30] audit: type=1326 audit(1753883523.889:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.1.2321" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1292.281319][   T30] audit: type=1326 audit(1753883523.889:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.1.2321" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1292.306348][   T30] audit: type=1326 audit(1753883523.889:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.1.2321" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1292.329770][   T30] audit: type=1326 audit(1753883523.889:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.1.2321" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1292.352187][   T30] audit: type=1326 audit(1753883523.889:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.1.2321" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1292.374654][   T30] audit: type=1326 audit(1753883523.889:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.1.2321" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1292.397110][   T30] audit: type=1326 audit(1753883523.889:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.1.2321" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1292.422241][   T30] audit: type=1326 audit(1753883523.889:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14110 comm="syz.1.2321" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1292.591789][T10027] Bluetooth: hci6: command tx timeout
[ 1292.992888][T14102] chnl_net:caif_netlink_parms(): no params data found
[ 1293.075754][   T58] bridge_slave_1: left allmulticast mode
[ 1293.082274][   T58] bridge_slave_1: left promiscuous mode
[ 1293.089019][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1293.156508][   T58] bridge_slave_0: left allmulticast mode
[ 1293.162755][   T58] bridge_slave_0: left promiscuous mode
[ 1293.169500][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1293.749273][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1293.780112][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1293.796851][   T58] bond0 (unregistering): Released all slaves
[ 1294.665285][T10027] Bluetooth: hci6: command tx timeout
[ 1294.771651][   T58] hsr_slave_0: left promiscuous mode
[ 1294.802916][   T58] hsr_slave_1: left promiscuous mode
[ 1294.811041][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1294.819683][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1294.908913][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1294.917641][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1295.084680][   T58] veth1_macvtap: left promiscuous mode
[ 1295.090707][   T58] veth0_macvtap: left promiscuous mode
[ 1295.097186][   T58] veth1_vlan: left promiscuous mode
[ 1295.102898][   T58] veth0_vlan: left promiscuous mode
[ 1296.242035][   T58] team0 (unregistering): Port device team_slave_1 removed
[ 1296.442481][   T58] team0 (unregistering): Port device team_slave_0 removed
[ 1296.742495][T10027] Bluetooth: hci6: command tx timeout
[ 1296.900601][T14144] tap0: tun_chr_ioctl cmd 1074025677
[ 1296.910261][T14144] tap0: linktype set to 823
[ 1297.084675][T14143] tap0: tun_chr_ioctl cmd 2147767511
[ 1297.938045][T14102] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1297.945989][T14102] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1297.954257][T14102] bridge_slave_0: entered allmulticast mode
[ 1297.964165][T14102] bridge_slave_0: entered promiscuous mode
[ 1298.277799][T14102] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1298.285650][T14102] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1298.293482][T14102] bridge_slave_1: entered allmulticast mode
[ 1298.301996][T14102] bridge_slave_1: entered promiscuous mode
[ 1298.539643][T14102] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1298.613013][T14102] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1298.827034][T10027] Bluetooth: hci6: command tx timeout
[ 1298.846851][T14102] team0: Port device team_slave_0 added
[ 1298.884299][T14102] team0: Port device team_slave_1 added
[ 1298.897856][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1298.906172][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1299.153387][   T14] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1299.163972][   T14] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1299.176561][T14102] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1299.184415][T14102] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1299.211814][T14102] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1299.405501][T14102] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1299.412871][T14102] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1299.439932][T14102] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1299.969125][T14102] hsr_slave_0: entered promiscuous mode
[ 1299.985362][T14102] hsr_slave_1: entered promiscuous mode
[ 1299.993394][T14102] debugfs: 'hsr0' already exists in 'hsr'
[ 1299.999252][T14102] Cannot create hsr debugfs directory
[ 1300.392356][T14159] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2280'.
[ 1301.536349][T14102] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1301.572677][T14102] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1301.805430][T14102] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1301.933029][T14102] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1302.041480][   T30] kauditd_printk_skb: 10 callbacks suppressed
[ 1302.041562][   T30] audit: type=1326 audit(1753883533.699:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14160 comm="syz.1.2335" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1302.070544][   T30] audit: type=1326 audit(1753883533.699:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14160 comm="syz.1.2335" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1302.093863][   T30] audit: type=1326 audit(1753883533.699:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14160 comm="syz.1.2335" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1302.116305][   T30] audit: type=1326 audit(1753883533.699:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14160 comm="syz.1.2335" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1302.140694][   T30] audit: type=1326 audit(1753883533.699:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14160 comm="syz.1.2335" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1302.163961][   T30] audit: type=1326 audit(1753883533.699:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14160 comm="syz.1.2335" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1302.186644][   T30] audit: type=1326 audit(1753883533.699:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14160 comm="syz.1.2335" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1302.209267][   T30] audit: type=1326 audit(1753883533.699:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14160 comm="syz.1.2335" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1302.234829][   T30] audit: type=1326 audit(1753883533.709:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14160 comm="syz.1.2335" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1302.516678][   T30] audit: type=1326 audit(1753883533.999:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14160 comm="syz.1.2335" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1303.516913][T14102] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1303.646355][T14102] 8021q: adding VLAN 0 to HW filter on device team0
[ 1303.756649][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1303.764162][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1303.917366][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1303.924875][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1306.032292][T14102] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1308.072128][T11431] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[ 1308.263211][T11431] usb 2-1: Using ep0 maxpacket: 32
[ 1308.336741][T11431] usb 2-1: config 0 has an invalid interface number: 29 but max is 0
[ 1308.345949][T11431] usb 2-1: config 0 has no interface number 0
[ 1308.352865][T11431] usb 2-1: config 0 interface 29 has no altsetting 0
[ 1308.445599][T11431] usb 2-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[ 1308.455262][T11431] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1308.463834][T11431] usb 2-1: Product: syz
[ 1308.468138][T11431] usb 2-1: Manufacturer: syz
[ 1308.473177][T11431] usb 2-1: SerialNumber: syz
[ 1308.608341][T11431] usb 2-1: config 0 descriptor??
[ 1308.929711][T11431] peak_usb 2-1:0.29: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels)
[ 1309.173090][T11431] peak_usb 2-1:0.29 can0: unable to request usb[type=2 value=5] err=-71
[ 1309.182348][T11431] peak_usb 2-1:0.29: unable to tell PCAN-USB X6 driver is loaded (err -71)
[ 1309.333883][T11431] peak_usb 2-1:0.29: probe with driver peak_usb failed with error -71
[ 1309.423420][T11431] usb 2-1: USB disconnect, device number 22
[ 1309.928538][T14102] veth0_vlan: entered promiscuous mode
[ 1310.077413][T14102] veth1_vlan: entered promiscuous mode
[ 1310.449236][T14102] veth0_macvtap: entered promiscuous mode
[ 1310.563966][T14102] veth1_macvtap: entered promiscuous mode
[ 1310.760394][T14102] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1310.884553][T14102] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1311.019386][T14102] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1311.029673][T14102] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1311.047113][T14102] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1311.056263][T14102] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1312.381982][   T30] kauditd_printk_skb: 13 callbacks suppressed
[ 1312.382061][   T30] audit: type=1326 audit(1753883544.049:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14202 comm="syz.1.2348" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1312.411791][   T30] audit: type=1326 audit(1753883544.049:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14202 comm="syz.1.2348" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1313.726741][   T49] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1313.742452][   T49] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1313.765506][   T49] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1313.779360][   T49] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1313.818273][   T49] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1315.973455][   T49] Bluetooth: hci4: command tx timeout
[ 1316.612999][T10027] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1316.651831][T10027] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1316.693303][T10027] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1316.723066][T10027] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1316.738419][T10027] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1317.194547][T14211] chnl_net:caif_netlink_parms(): no params data found
[ 1318.040390][   T49] Bluetooth: hci4: command tx timeout
[ 1318.517294][T14233] chnl_net:caif_netlink_parms(): no params data found
[ 1318.833266][   T49] Bluetooth: hci7: command tx timeout
[ 1319.744973][   T30] audit: type=1326 audit(1753883551.409:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14249 comm="syz.3.2357" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7fc00000
[ 1320.106869][   T49] Bluetooth: hci4: command tx timeout
[ 1320.904393][   T49] Bluetooth: hci7: command tx timeout
[ 1321.852243][T14233] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1321.859861][T14233] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1321.868047][T14233] bridge_slave_0: entered allmulticast mode
[ 1321.877883][T14233] bridge_slave_0: entered promiscuous mode
[ 1321.951827][T14211] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1321.959291][T14211] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1321.968046][T14211] bridge_slave_0: entered allmulticast mode
[ 1321.978041][T14211] bridge_slave_0: entered promiscuous mode
[ 1322.075629][   T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1322.083787][   T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1322.182359][   T49] Bluetooth: hci4: command tx timeout
[ 1322.189888][T14211] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1322.197577][T14211] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1322.212323][T14211] bridge_slave_1: entered allmulticast mode
[ 1322.220943][T14211] bridge_slave_1: entered promiscuous mode
[ 1322.417093][ T8211] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1322.426509][ T8211] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1322.535786][T14211] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1322.554242][T14233] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1322.562205][T14233] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1322.569839][T14233] bridge_slave_1: entered allmulticast mode
[ 1322.578436][T14233] bridge_slave_1: entered promiscuous mode
[ 1322.688116][T14211] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1322.991427][   T49] Bluetooth: hci7: command tx timeout
[ 1323.260426][T14233] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1323.584160][T14233] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1323.621908][T14211] team0: Port device team_slave_0 added
[ 1323.975230][T14211] team0: Port device team_slave_1 added
[ 1324.445380][   T58] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1325.013881][T14233] team0: Port device team_slave_0 added
[ 1325.059570][   T58] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1325.079497][   T49] Bluetooth: hci7: command tx timeout
[ 1325.494891][T14233] team0: Port device team_slave_1 added
[ 1325.553502][   T58] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1325.826063][T14211] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1325.833598][T14211] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1325.860940][T14211] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1325.876725][T14233] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1325.884241][T14233] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1325.915060][T14233] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1326.004400][   T58] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1326.142652][T14211] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1326.149916][T14211] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1326.176758][T14211] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1326.204763][T14233] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1326.212107][T14233] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1326.238687][T14233] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1326.755636][   T58] bridge_slave_1: left allmulticast mode
[ 1326.762686][   T58] bridge_slave_1: left promiscuous mode
[ 1326.768938][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1326.802013][   T58] bridge_slave_0: left allmulticast mode
[ 1326.814021][   T58] bridge_slave_0: left promiscuous mode
[ 1326.820281][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1327.414122][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1327.509952][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1327.574135][   T58] bond0 (unregistering): Released all slaves
[ 1327.612201][T11435] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[ 1327.752309][   T30] audit: type=1326 audit(1753883559.429:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14280 comm="syz.3.2366" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7fc00000
[ 1327.775288][   T30] audit: type=1326 audit(1753883559.429:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14280 comm="syz.3.2366" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf711e539 code=0x7fc00000
[ 1327.798603][   T30] audit: type=1326 audit(1753883559.429:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14280 comm="syz.3.2366" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7fc00000
[ 1327.821530][   T30] audit: type=1326 audit(1753883559.429:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14280 comm="syz.3.2366" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7fc00000
[ 1327.846739][   T30] audit: type=1326 audit(1753883559.429:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14280 comm="syz.3.2366" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7fc00000
[ 1327.871633][   T30] audit: type=1326 audit(1753883559.429:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14280 comm="syz.3.2366" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7fc00000
[ 1327.894035][   T30] audit: type=1326 audit(1753883559.429:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14280 comm="syz.3.2366" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7fc00000
[ 1327.917107][   T30] audit: type=1326 audit(1753883559.429:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14280 comm="syz.3.2366" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7fc00000
[ 1327.943372][   T30] audit: type=1326 audit(1753883559.429:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14280 comm="syz.3.2366" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7fc00000
[ 1327.966762][   T30] audit: type=1326 audit(1753883559.429:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14280 comm="syz.3.2366" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7fc00000
[ 1328.085711][T14233] hsr_slave_0: entered promiscuous mode
[ 1328.098274][T14233] hsr_slave_1: entered promiscuous mode
[ 1328.107592][T14233] debugfs: 'hsr0' already exists in 'hsr'
[ 1328.113899][T14233] Cannot create hsr debugfs directory
[ 1328.230309][T11435] usb 5-1: Using ep0 maxpacket: 16
[ 1328.420054][T14211] hsr_slave_0: entered promiscuous mode
[ 1328.430874][T14211] hsr_slave_1: entered promiscuous mode
[ 1328.439727][T14211] debugfs: 'hsr0' already exists in 'hsr'
[ 1328.449044][T14211] Cannot create hsr debugfs directory
[ 1328.510867][T11435] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1328.523001][T11435] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1328.774562][T11435] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1328.784054][T11435] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1328.792531][T11435] usb 5-1: Product: syz
[ 1328.796961][T11435] usb 5-1: Manufacturer: syz
[ 1328.802074][T11435] usb 5-1: SerialNumber: syz
[ 1328.970666][   T58] hsr_slave_0: left promiscuous mode
[ 1328.999264][   T58] hsr_slave_1: left promiscuous mode
[ 1329.007687][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1329.015814][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1329.086340][T11435] usb 5-1: config 0 descriptor??
[ 1329.148158][T14289] overlayfs: failed to clone upperpath
[ 1329.175023][T11435] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1329.184956][T11435] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[ 1329.225208][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1329.233481][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1329.532139][   T58] veth1_macvtap: left promiscuous mode
[ 1329.538024][   T58] veth0_macvtap: left promiscuous mode
[ 1329.546382][   T58] veth1_vlan: left promiscuous mode
[ 1329.553118][   T58] veth0_vlan: left promiscuous mode
[ 1329.998521][T11435] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[ 1330.053480][T11435] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[ 1330.230315][T11435] em28xx 5-1:0.0: AC97 chip type couldn't be determined
[ 1330.237837][T11435] em28xx 5-1:0.0: No AC97 audio processor
[ 1330.451193][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1330.457993][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1330.510900][T11435] usb 5-1: USB disconnect, device number 6
[ 1330.518969][T11435] em28xx 5-1:0.0: Disconnecting em28xx
[ 1330.744253][T11435] em28xx 5-1:0.0: Freeing device
[ 1331.716699][   T58] team0 (unregistering): Port device team_slave_1 removed
[ 1331.876489][   T58] team0 (unregistering): Port device team_slave_0 removed
[ 1332.306192][T14301] loop4: detected capacity change from 0 to 1024
[ 1334.302983][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 1334.303063][   T30] audit: type=1326 audit(1753883565.939:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14306 comm="syz.3.2378" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7fc00000
[ 1335.282420][T14211] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1335.473813][T14211] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1335.732570][T14211] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1335.896400][T14211] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1336.698577][T14233] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1336.973136][T14233] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1337.124674][T14233] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1337.303773][T14233] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1338.496454][T14211] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1338.820795][T14211] 8021q: adding VLAN 0 to HW filter on device team0
[ 1339.025481][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1339.033241][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1339.049185][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1339.056999][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1339.790810][   T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1339.929309][   T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1340.168580][   T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1340.363611][   T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1340.628884][T14233] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1340.999325][   T35] bridge_slave_1: left allmulticast mode
[ 1341.005435][   T35] bridge_slave_1: left promiscuous mode
[ 1341.012161][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1341.079875][   T30] audit: type=1326 audit(1753883572.759:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1341.102758][   T30] audit: type=1326 audit(1753883572.759:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1341.125689][   T30] audit: type=1326 audit(1753883572.759:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1341.149676][   T30] audit: type=1326 audit(1753883572.759:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1341.173490][   T30] audit: type=1326 audit(1753883572.759:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1341.196142][   T30] audit: type=1326 audit(1753883572.759:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1341.218666][   T30] audit: type=1326 audit(1753883572.759:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1341.327636][   T35] bridge_slave_0: left allmulticast mode
[ 1341.334311][   T35] bridge_slave_0: left promiscuous mode
[ 1341.341225][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1341.441624][T11432] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[ 1341.529131][   T30] audit: type=1326 audit(1753883572.959:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1341.558628][   T30] audit: type=1326 audit(1753883572.959:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1341.583401][   T30] audit: type=1326 audit(1753883572.959:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14332 comm="syz.4.2388" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1341.602009][T11432] usb 2-1: Using ep0 maxpacket: 8
[ 1341.645722][T11432] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1341.659152][T11432] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[ 1341.669296][T11432] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1341.892420][T11432] usb 2-1: config 0 descriptor??
[ 1341.918021][T11432] gspca_main: vc032x-2.14.0 probing 046d:0892
[ 1343.034499][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1343.099642][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1343.157322][   T35] bond0 (unregistering): Released all slaves
[ 1343.392767][T11432] gspca_vc032x: reg_w err -71
[ 1343.401917][T11432] vc032x 2-1:0.0: probe with driver vc032x failed with error -71
[ 1343.476547][T14233] 8021q: adding VLAN 0 to HW filter on device team0
[ 1343.491471][T11432] usb 2-1: USB disconnect, device number 23
[ 1343.612720][ T3766] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1343.620317][ T3766] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1343.758369][T14353] loop4: detected capacity change from 0 to 1764
[ 1343.817020][ T3766] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1343.824727][ T3766] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1344.354321][   T35] hsr_slave_0: left promiscuous mode
[ 1344.385803][   T35] hsr_slave_1: left promiscuous mode
[ 1344.396389][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1344.404462][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1344.549717][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1344.557930][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1344.673183][   T35] veth1_macvtap: left promiscuous mode
[ 1344.679029][   T35] veth0_macvtap: left promiscuous mode
[ 1344.685383][   T35] veth1_vlan: left promiscuous mode
[ 1344.690968][   T35] veth0_vlan: left promiscuous mode
[ 1344.760474][T14364] loop1: detected capacity change from 0 to 512
[ 1344.823987][T14364] EXT4-fs: Ignoring removed nobh option
[ 1345.302787][T14364] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.2396: iget: bad i_size value: 38620345925642
[ 1345.464368][   T35] team0 (unregistering): Port device team_slave_1 removed
[ 1345.501653][T14364] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2396: couldn't read orphan inode 15 (err -117)
[ 1345.570105][   T35] team0 (unregistering): Port device team_slave_0 removed
[ 1345.728498][T14364] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1346.265833][T14211] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1346.856553][   T35] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1347.137164][   T35] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1347.335130][   T35] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1347.553786][   T35] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1348.022138][T14366] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[ 1348.196969][   T35] bridge_slave_1: left allmulticast mode
[ 1348.203931][   T35] bridge_slave_1: left promiscuous mode
[ 1348.214977][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1348.327369][   T35] bridge_slave_0: left allmulticast mode
[ 1348.333437][   T35] bridge_slave_0: left promiscuous mode
[ 1348.339686][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1348.894253][T11976] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1349.006107][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1349.263379][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1349.279882][   T35] bond0 (unregistering): Released all slaves
[ 1350.044265][T14233] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1350.532193][   T35] hsr_slave_0: left promiscuous mode
[ 1350.552456][   T35] hsr_slave_1: left promiscuous mode
[ 1350.562140][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1350.572863][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1350.639198][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1350.647282][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1350.755914][   T35] veth1_macvtap: left promiscuous mode
[ 1350.763661][   T35] veth0_macvtap: left promiscuous mode
[ 1350.773852][   T35] veth1_vlan: left promiscuous mode
[ 1350.779591][   T35] veth0_vlan: left promiscuous mode
[ 1351.585294][   T30] kauditd_printk_skb: 22 callbacks suppressed
[ 1351.585372][   T30] audit: type=1326 audit(1753883583.209:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14391 comm="syz.4.2401" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1351.617882][   T30] audit: type=1326 audit(1753883583.209:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14391 comm="syz.4.2401" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1351.640388][   T30] audit: type=1326 audit(1753883583.219:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14391 comm="syz.4.2401" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1351.662998][   T30] audit: type=1326 audit(1753883583.219:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14391 comm="syz.4.2401" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1351.685728][   T30] audit: type=1326 audit(1753883583.219:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14391 comm="syz.4.2401" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1351.713437][   T30] audit: type=1326 audit(1753883583.219:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14391 comm="syz.4.2401" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1351.740080][   T30] audit: type=1326 audit(1753883583.229:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14391 comm="syz.4.2401" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1351.762743][   T30] audit: type=1326 audit(1753883583.229:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14391 comm="syz.4.2401" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1351.787145][   T30] audit: type=1326 audit(1753883583.229:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14391 comm="syz.4.2401" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1351.812824][   T30] audit: type=1326 audit(1753883583.229:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14391 comm="syz.4.2401" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000
[ 1352.110735][   T35] team0 (unregistering): Port device team_slave_1 removed
[ 1352.250201][   T35] team0 (unregistering): Port device team_slave_0 removed
[ 1353.049944][T14401] loop1: detected capacity change from 0 to 4096
[ 1353.135120][T14211] veth0_vlan: entered promiscuous mode
[ 1353.221261][T14404] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1353.269935][T14211] veth1_vlan: entered promiscuous mode
[ 1353.617530][T14211] veth0_macvtap: entered promiscuous mode
[ 1353.718857][T14211] veth1_macvtap: entered promiscuous mode
[ 1353.947247][T14211] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1354.055072][T14211] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1354.152124][T14211] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1354.161998][T14211] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1354.171352][T14211] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1354.180373][T14211] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1354.247167][T14408] loop4: detected capacity change from 0 to 1764
[ 1355.248410][T14413] loop1: detected capacity change from 0 to 4096
[ 1355.302717][T14413] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[ 1355.573830][T14233] veth0_vlan: entered promiscuous mode
[ 1355.673850][T14233] veth1_vlan: entered promiscuous mode
[ 1356.004242][T14233] veth0_macvtap: entered promiscuous mode
[ 1356.079288][T14233] veth1_macvtap: entered promiscuous mode
[ 1356.153690][ T3766] ntfs3(loop1): ino=1e, ni_find_attr
[ 1356.308897][T14233] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1356.397190][T14233] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1356.479656][T14233] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1356.489357][T14233] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1356.498678][T14233] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1356.512264][T14233] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1358.166832][   T30] kauditd_printk_skb: 131 callbacks suppressed
[ 1358.166917][   T30] audit: type=1326 audit(1753883589.839:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14439 comm="syz.3.2412" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7fc00000
[ 1359.981631][T14469] loop1: detected capacity change from 0 to 1764
[ 1360.367920][   T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1360.377432][   T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1360.640527][ T8211] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1360.649264][ T8211] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1362.578632][ T8211] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1362.587687][ T8211] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1362.916656][ T8211] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1362.925138][ T8211] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1363.571393][   T30] audit: type=1326 audit(1753883595.239:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14495 comm="syz.1.2423" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1363.594330][   T30] audit: type=1326 audit(1753883595.239:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14495 comm="syz.1.2423" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1363.616962][   T30] audit: type=1326 audit(1753883595.239:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14495 comm="syz.1.2423" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1363.640471][   T30] audit: type=1326 audit(1753883595.239:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14495 comm="syz.1.2423" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1364.301668][T11432] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[ 1364.503880][T11432] usb 2-1: Using ep0 maxpacket: 8
[ 1364.525717][T11432] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[ 1364.534840][T11432] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1364.545097][T11432] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1364.555147][T11432] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1364.565585][T11432] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1364.578910][T11432] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1364.588264][T11432] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1364.887288][T14513] loop5: detected capacity change from 0 to 4096
[ 1364.918579][T14513] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[ 1365.020399][T11432] usb 2-1: usb_control_msg returned -32
[ 1365.028250][T11432] usbtmc 2-1:16.0: can't read capabilities
[ 1365.472340][ T3676] ntfs3(loop5): ino=1e, ni_find_attr
[ 1366.254734][T14531] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(3)
[ 1366.261576][T14531] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1366.273340][T14531] vhci_hcd vhci_hcd.0: Device attached
[ 1366.481557][T14343] vhci_hcd: vhci_device speed not set
[ 1366.543248][T14343] usb 47-1: new full-speed USB device number 2 using vhci_hcd
[ 1366.552204][ T5935] usb 8-1: new low-speed USB device number 13 using dummy_hcd
[ 1366.729773][ T5935] usb 8-1: config 0 has no interfaces?
[ 1366.739184][ T5935] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1366.751359][ T5935] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1366.824576][ T5935] usb 8-1: config 0 descriptor??
[ 1367.098692][T14532] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 1
[ 1367.103391][ T5935] usb 8-1: USB disconnect, device number 13
[ 1367.115055][   T54] vhci_hcd: stop threads
[ 1367.119673][   T54] vhci_hcd: release socket
[ 1367.124867][   T54] vhci_hcd: disconnect device
[ 1367.288233][T11432] usb 2-1: USB disconnect, device number 24
[ 1367.937843][T14543] loop5: detected capacity change from 0 to 1764
[ 1368.043037][   T30] audit: type=1326 audit(1753883599.709:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz.3.2439" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7fc00000
[ 1368.267807][T14548] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2443'.
[ 1369.945848][T14563] netlink: 'syz.1.2449': attribute type 9 has an invalid length.
[ 1369.954969][T14563] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2449'.
[ 1370.097335][T14566] loop7: detected capacity change from 0 to 1764
[ 1371.606640][T14582] loop1: detected capacity change from 0 to 1764
[ 1371.702187][T14343] vhci_hcd: vhci_device speed not set
[ 1371.986162][   T30] audit: type=1326 audit(1753883603.639:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14574 comm="syz.7.2454" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7fc00000
[ 1372.009299][   T30] audit: type=1326 audit(1753883603.639:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14574 comm="syz.7.2454" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf703e539 code=0x7fc00000
[ 1372.032072][   T30] audit: type=1326 audit(1753883603.639:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14574 comm="syz.7.2454" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7fc00000
[ 1372.055551][   T30] audit: type=1326 audit(1753883603.639:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14574 comm="syz.7.2454" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7fc00000
[ 1372.084282][   T30] audit: type=1326 audit(1753883603.639:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14574 comm="syz.7.2454" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7fc00000
[ 1372.108984][   T30] audit: type=1326 audit(1753883603.639:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14574 comm="syz.7.2454" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7fc00000
[ 1372.115021][T10027] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1372.141820][T10027] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1372.154211][T10027] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1372.168263][T10027] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1372.181710][T10027] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1372.280021][T14585] netlink: 'syz.5.2458': attribute type 3 has an invalid length.
[ 1373.128814][T14596] syzkaller1: entered promiscuous mode
[ 1373.134913][T14596] syzkaller1: entered allmulticast mode
[ 1373.606780][T14584] chnl_net:caif_netlink_parms(): no params data found
[ 1373.776237][T14602] loop1: detected capacity change from 0 to 1764
[ 1374.262291][   T49] Bluetooth: hci0: command tx timeout
[ 1375.200507][T14620] netlink: 'syz.7.2470': attribute type 3 has an invalid length.
[ 1375.839056][T14584] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1375.847856][T14584] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1375.870153][T14584] bridge_slave_0: entered allmulticast mode
[ 1375.881165][T14584] bridge_slave_0: entered promiscuous mode
[ 1375.905789][   T30] audit: type=1326 audit(1753883607.519:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14614 comm="syz.3.2469" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7fc00000
[ 1376.008996][T14625] loop1: detected capacity change from 0 to 1764
[ 1376.048617][T14584] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1376.056957][T14584] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1376.074354][T14584] bridge_slave_1: entered allmulticast mode
[ 1376.084350][T14584] bridge_slave_1: entered promiscuous mode
[ 1376.341535][   T49] Bluetooth: hci0: command tx timeout
[ 1376.561545][T14627] loop7: detected capacity change from 0 to 4096
[ 1376.650834][T14584] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1376.791561][T14584] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1376.811435][T14636] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1377.169437][T14584] team0: Port device team_slave_0 added
[ 1377.282917][T14584] team0: Port device team_slave_1 added
[ 1377.690064][T14584] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1377.697488][T14584] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1377.732944][T14584] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1377.857385][T14584] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1377.864825][T14584] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1377.891877][T14584] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1377.970084][T14641] loop1: detected capacity change from 0 to 1764
[ 1378.422716][   T49] Bluetooth: hci0: command tx timeout
[ 1378.948412][T14584] hsr_slave_0: entered promiscuous mode
[ 1378.959257][T14584] hsr_slave_1: entered promiscuous mode
[ 1378.968688][T14584] debugfs: 'hsr0' already exists in 'hsr'
[ 1378.974948][T14584] Cannot create hsr debugfs directory
[ 1379.571365][T14652] netlink: 'syz.3.2482': attribute type 3 has an invalid length.
[ 1380.501561][   T49] Bluetooth: hci0: command tx timeout
[ 1380.732678][   T30] audit: type=1326 audit(1753883612.359:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14656 comm="syz.7.2484" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e539 code=0x7fc00000
[ 1380.839050][T14666] loop5: detected capacity change from 0 to 1024
[ 1380.947076][T14664] loop1: detected capacity change from 0 to 1764
[ 1380.959320][T14666] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[ 1381.136755][T14584] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1381.173041][T14666] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1381.294945][T14584] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1381.397313][T14584] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1381.499868][T14584] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1381.572009][T14343] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[ 1381.783045][T14343] usb 8-1: Using ep0 maxpacket: 32
[ 1381.832860][T14343] usb 8-1: config 0 has an invalid interface number: 29 but max is 0
[ 1381.842336][T14343] usb 8-1: config 0 has no interface number 0
[ 1381.848708][T14343] usb 8-1: config 0 interface 29 has no altsetting 0
[ 1381.949485][T14211] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1382.023456][T14343] usb 8-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[ 1382.033897][T14343] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1382.042519][T14343] usb 8-1: Product: syz
[ 1382.046926][T14343] usb 8-1: Manufacturer: syz
[ 1382.051988][T14343] usb 8-1: SerialNumber: syz
[ 1382.143600][T14343] usb 8-1: config 0 descriptor??
[ 1382.431901][T14343] peak_usb 8-1:0.29 can0: unable to request usb[type=0 value=1] err=-32
[ 1382.440730][T14343] peak_usb 8-1:0.29: unable to read PCAN-USB X6 firmware info (err -32)
[ 1382.563412][T14343] peak_usb 8-1:0.29: probe with driver peak_usb failed with error -32
[ 1382.650639][T14343] usb 8-1: USB disconnect, device number 14
[ 1383.137955][T11432] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[ 1383.156646][T14584] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1383.351887][T11432] usb 2-1: Using ep0 maxpacket: 8
[ 1383.360903][T14584] 8021q: adding VLAN 0 to HW filter on device team0
[ 1383.391185][T11432] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[ 1383.399528][T11432] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1383.412088][T11432] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1383.424198][T11432] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1383.438224][T11432] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1383.486792][T11432] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[ 1383.495654][T11432] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1383.507502][T11432] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1383.519675][T11432] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1383.531492][T11432] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1383.557469][T11432] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[ 1383.566233][T11432] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1383.578137][T11432] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1383.586415][ T8211] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1383.590690][T11432] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1383.597415][ T8211] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1383.608521][T11432] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1383.908685][ T8211] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1383.916357][ T8211] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1384.021700][T11432] usb 2-1: string descriptor 0 read error: -22
[ 1384.028580][T11432] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1384.038196][T11432] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1384.156376][T11432] adutux 2-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 1384.176704][T14584] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1384.189833][T14584] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1384.381529][T14330] usb 2-1: USB disconnect, device number 25
[ 1384.889412][T14691] loop7: detected capacity change from 0 to 4096
[ 1384.965228][T14691] ntfs3(loop7): Different NTFS sector size (1024) and media sector size (512).
[ 1386.266091][T14709] loop1: detected capacity change from 0 to 1024
[ 1386.417225][T14709] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[ 1386.490007][T14584] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1386.600038][T14709] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1387.044919][T14715] loop7: detected capacity change from 0 to 1764
[ 1387.119250][T14584] veth0_vlan: entered promiscuous mode
[ 1387.173889][T11976] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1387.313596][T14584] veth1_vlan: entered promiscuous mode
[ 1387.625402][T14717] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2501'.
[ 1387.950930][T14584] veth0_macvtap: entered promiscuous mode
[ 1388.018898][T14584] veth1_macvtap: entered promiscuous mode
[ 1388.277825][T14584] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1388.427233][T14584] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1388.527823][T14584] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1388.537115][T14584] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1388.547123][T14584] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1388.564000][T14584] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1389.188496][T14732] loop7: detected capacity change from 0 to 1764
[ 1391.558971][T14755] loop5: detected capacity change from 0 to 1764
[ 1391.876558][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1391.883560][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1391.887147][T14762] 9pnet_virtio: no channels available for device syz
[ 1392.047288][T14763] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2516'.
[ 1393.287566][T14776] loop1: detected capacity change from 0 to 1764
[ 1394.423782][   T42] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[ 1394.602264][   T42] usb 8-1: Using ep0 maxpacket: 8
[ 1394.641609][   T42] usb 8-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1394.653137][   T42] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[ 1394.665171][   T42] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 239, changing to 11
[ 1394.676837][   T42] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 9059, setting to 1024
[ 1394.688350][   T42] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1394.916389][   T42] usb 8-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[ 1394.926006][   T42] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=9
[ 1394.934470][   T42] usb 8-1: Product: syz
[ 1394.938895][   T42] usb 8-1: Manufacturer: syz
[ 1394.944046][   T42] usb 8-1: SerialNumber: syz
[ 1395.043627][   T42] usb 8-1: config 0 descriptor??
[ 1395.067559][   T42] input: KB Gear Tablet as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/input/input18
[ 1395.196760][    C0] kbtab 8-1:0.0: kbtab_irq - usb_submit_urb failed with result -1
[ 1395.354795][T14343] usb 8-1: USB disconnect, device number 15
[ 1396.218641][T14810] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2529'.
[ 1397.352159][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1397.363306][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1397.727758][   T14] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1397.736601][   T14] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1398.722094][   T30] audit: type=1326 audit(1753883630.399:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.5.2534" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1398.744802][   T30] audit: type=1326 audit(1753883630.399:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.5.2534" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1398.768173][   T30] audit: type=1326 audit(1753883630.399:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.5.2534" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1398.790911][   T30] audit: type=1326 audit(1753883630.409:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.5.2534" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1398.819581][   T30] audit: type=1326 audit(1753883630.409:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.5.2534" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1398.843889][   T30] audit: type=1326 audit(1753883630.409:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.5.2534" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1398.866554][   T30] audit: type=1326 audit(1753883630.409:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.5.2534" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1398.889404][   T30] audit: type=1326 audit(1753883630.409:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.5.2534" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1398.916648][   T30] audit: type=1326 audit(1753883630.409:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.5.2534" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1398.941374][   T30] audit: type=1326 audit(1753883630.409:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14823 comm="syz.5.2534" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1399.781958][T14343] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1399.867867][T14843] netlink: 'syz.2.2540': attribute type 4 has an invalid length.
[ 1399.876314][T14843] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2540'.
[ 1399.900418][T14841] loop7: detected capacity change from 0 to 4096
[ 1399.962388][T14841] ntfs3(loop7): Different NTFS sector size (1024) and media sector size (512).
[ 1399.963563][T14343] usb 6-1: Using ep0 maxpacket: 8
[ 1400.020329][T14854] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2543'.
[ 1400.064000][T14343] usb 6-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1400.077122][T14343] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[ 1400.089606][T14343] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 239, changing to 11
[ 1400.101522][T14343] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 9059, setting to 1024
[ 1400.113132][T14343] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1400.242128][T14343] usb 6-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[ 1400.251808][T14343] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=9
[ 1400.260192][T14343] usb 6-1: Product: syz
[ 1400.265128][T14343] usb 6-1: Manufacturer: syz
[ 1400.270015][T14343] usb 6-1: SerialNumber: syz
[ 1400.282519][T14343] usb 6-1: config 0 descriptor??
[ 1400.309289][T14343] input: KB Gear Tablet as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input19
[ 1400.565861][T14841] ntfs3(loop7): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ni_find_attr
[ 1400.598468][T14343] usb 6-1: USB disconnect, device number 7
[ 1401.647069][T14862] loop1: detected capacity change from 0 to 1764
[ 1404.164721][   T30] kauditd_printk_skb: 17 callbacks suppressed
[ 1404.164805][   T30] audit: type=1326 audit(1753883635.829:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14875 comm="syz.2.2551" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57539 code=0x7fc00000
[ 1404.194145][   T30] audit: type=1326 audit(1753883635.829:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14875 comm="syz.2.2551" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f57539 code=0x7fc00000
[ 1404.216730][   T30] audit: type=1326 audit(1753883635.829:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14875 comm="syz.2.2551" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57539 code=0x7fc00000
[ 1404.246237][   T30] audit: type=1326 audit(1753883635.829:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14875 comm="syz.2.2551" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57539 code=0x7fc00000
[ 1404.271350][   T30] audit: type=1326 audit(1753883635.829:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14875 comm="syz.2.2551" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57539 code=0x7fc00000
[ 1404.294245][   T30] audit: type=1326 audit(1753883635.829:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14875 comm="syz.2.2551" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57539 code=0x7fc00000
[ 1404.316762][   T30] audit: type=1326 audit(1753883635.829:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14875 comm="syz.2.2551" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57539 code=0x7fc00000
[ 1404.345875][   T30] audit: type=1326 audit(1753883635.829:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14875 comm="syz.2.2551" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57539 code=0x7fc00000
[ 1404.371422][   T30] audit: type=1326 audit(1753883635.829:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14875 comm="syz.2.2551" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57539 code=0x7fc00000
[ 1404.394114][   T30] audit: type=1326 audit(1753883635.829:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14875 comm="syz.2.2551" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57539 code=0x7fc00000
[ 1404.765000][T14893] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2555'.
[ 1405.605846][   T49] Bluetooth: Wrong link type (-57)
[ 1406.019169][T14907] overlayfs: failed to clone upperpath
[ 1406.038755][T14896] loop5: detected capacity change from 0 to 4096
[ 1406.050477][T14905] loop1: detected capacity change from 0 to 1764
[ 1406.101632][T14896] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[ 1406.804283][T14896] ntfs3(loop5): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ni_find_attr
[ 1409.910447][T14947] netlink: 'syz.7.2577': attribute type 1 has an invalid length.
[ 1409.919070][T14947] netlink: 'syz.7.2577': attribute type 1 has an invalid length.
[ 1409.927376][T14947] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2577'.
[ 1409.937277][T14947] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1409.947178][T14947] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1409.954949][T14947] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1411.991307][   T30] kauditd_printk_skb: 42 callbacks suppressed
[ 1411.991389][   T30] audit: type=1326 audit(1753883643.669:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14965 comm="syz.5.2586" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1412.026537][   T30] audit: type=1326 audit(1753883643.669:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14965 comm="syz.5.2586" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1412.051708][   T30] audit: type=1326 audit(1753883643.669:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14965 comm="syz.5.2586" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1412.074446][   T30] audit: type=1326 audit(1753883643.669:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14965 comm="syz.5.2586" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1412.097113][   T30] audit: type=1326 audit(1753883643.669:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14965 comm="syz.5.2586" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1412.125727][   T30] audit: type=1326 audit(1753883643.669:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14965 comm="syz.5.2586" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1412.150349][   T30] audit: type=1326 audit(1753883643.669:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14965 comm="syz.5.2586" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1412.173810][   T30] audit: type=1326 audit(1753883643.669:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14965 comm="syz.5.2586" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1412.196420][   T30] audit: type=1326 audit(1753883643.669:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14965 comm="syz.5.2586" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1412.225040][   T30] audit: type=1326 audit(1753883643.669:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14965 comm="syz.5.2586" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1413.286210][T14989] loop2: detected capacity change from 0 to 1764
[ 1414.432470][T10027] Bluetooth: hci6: command 0x0406 tx timeout
[ 1415.931803][T14343] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[ 1415.954264][T15024] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2607'.
[ 1415.964222][T15024] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2607'.
[ 1416.134306][T14343] usb 3-1: Using ep0 maxpacket: 16
[ 1416.189916][T14343] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1416.205006][T14343] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1416.219677][T14343] usb 3-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[ 1416.229298][T14343] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1416.362517][T14343] usb 3-1: config 0 descriptor??
[ 1416.480819][T14343] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1416.660768][T14343] usb 3-1: USB disconnect, device number 10
[ 1418.009732][T15041] loop7: detected capacity change from 0 to 1764
[ 1418.108262][T15047] netlink: 'syz.3.2616': attribute type 5 has an invalid length.
[ 1418.116594][T15047] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2616'.
[ 1419.502000][T14330] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[ 1419.697075][T14330] usb 2-1: Using ep0 maxpacket: 8
[ 1419.710893][T14330] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1419.722599][T14330] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[ 1419.734675][T14330] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 239, changing to 11
[ 1419.746377][T14330] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 9059, setting to 1024
[ 1419.757986][T14330] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1419.846658][T15059] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2622'.
[ 1420.030394][T14330] usb 2-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[ 1420.040044][T14330] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=9
[ 1420.048594][T14330] usb 2-1: Product: syz
[ 1420.053245][T14330] usb 2-1: Manufacturer: syz
[ 1420.058104][T14330] usb 2-1: SerialNumber: syz
[ 1420.134758][T14330] usb 2-1: config 0 descriptor??
[ 1420.268729][T14330] input: KB Gear Tablet as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input20
[ 1420.286542][T15063] loop7: detected capacity change from 0 to 1764
[ 1420.532160][T14330] usb 2-1: USB disconnect, device number 26
[ 1422.434653][T15085] loop2: detected capacity change from 0 to 1764
[ 1424.661369][T15107] loop2: detected capacity change from 0 to 1764
[ 1425.352180][T15113] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2643'.
[ 1426.360508][T15124] loop7: detected capacity change from 0 to 1764
[ 1429.842450][T15153] loop5: detected capacity change from 0 to 1764
[ 1430.478300][T15151] loop7: detected capacity change from 0 to 4096
[ 1430.568610][T15151] ntfs3(loop7): Different NTFS sector size (1024) and media sector size (512).
[ 1431.469169][T15165] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2658'.
[ 1433.703314][T15190] loop7: detected capacity change from 0 to 1764
[ 1436.104717][T15207] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2674'.
[ 1436.510425][   T49] Bluetooth: Wrong link type (-57)
[ 1437.532464][T15221] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2679'.
[ 1437.690494][T15221] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1437.815923][T15221] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1437.889105][T15221] bond0 (unregistering): Released all slaves
[ 1439.424631][T15235] loop1: detected capacity change from 0 to 1764
[ 1440.021964][T15227] Bluetooth: hci7: command 0x0406 tx timeout
[ 1440.028617][T15227] Bluetooth: hci4: command 0x0406 tx timeout
[ 1440.350204][T15245] netlink: 'syz.7.2689': attribute type 4 has an invalid length.
[ 1441.442264][T15243] Bluetooth: Wrong link type (-57)
[ 1444.071720][T14343] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[ 1444.288124][T14343] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1444.299227][T14343] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1444.308802][T14343] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1444.420271][T14343] usb 2-1: config 0 descriptor??
[ 1444.465488][T14343] pwc: Askey VC010 type 2 USB webcam detected.
[ 1445.981148][T15279] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2696'.
[ 1446.394693][T15273] loop2: detected capacity change from 0 to 1764
[ 1449.705271][T14343] pwc: recv_control_msg error -110 req 02 val 2b00
[ 1449.761836][T14343] pwc: recv_control_msg error -32 req 02 val 2700
[ 1449.828855][T14343] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1449.869968][T14343] pwc: recv_control_msg error -32 req 04 val 1000
[ 1449.943819][T14343] pwc: recv_control_msg error -32 req 04 val 1300
[ 1450.012196][T14343] pwc: recv_control_msg error -32 req 04 val 1400
[ 1450.070069][T14343] pwc: recv_control_msg error -32 req 02 val 2000
[ 1450.132609][T14343] pwc: recv_control_msg error -32 req 02 val 2100
[ 1450.163547][T14343] pwc: recv_control_msg error -32 req 04 val 1500
[ 1450.204912][T14343] pwc: recv_control_msg error -32 req 02 val 2500
[ 1450.227931][T14343] pwc: recv_control_msg error -32 req 02 val 2400
[ 1450.288255][T14343] pwc: recv_control_msg error -32 req 02 val 2600
[ 1450.308994][T14343] pwc: recv_control_msg error -32 req 02 val 2900
[ 1450.371917][T14343] pwc: recv_control_msg error -32 req 02 val 2800
[ 1450.454221][T14343] pwc: recv_control_msg error -32 req 04 val 1100
[ 1450.501684][T14343] pwc: recv_control_msg error -32 req 04 val 1200
[ 1450.566180][T14343] pwc: Registered as video103.
[ 1450.573169][T14343] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input21
[ 1453.056835][T15301] netlink: 'syz.3.2709': attribute type 20 has an invalid length.
[ 1453.334105][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1453.340845][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1455.219617][T15314] loop5: detected capacity change from 0 to 1764
[ 1456.095077][T14343] usb 2-1: USB disconnect, device number 27
[ 1458.767609][T15329] overlayfs: failed to clone upperpath
[ 1462.736644][T11135] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1462.749560][T11135] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1462.761269][T11135] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1462.776659][T11135] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1462.787412][T11135] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1463.331531][T15348] loop5: detected capacity change from 0 to 1764
[ 1464.863303][T15345] chnl_net:caif_netlink_parms(): no params data found
[ 1464.904841][T15243] Bluetooth: hci2: command tx timeout
[ 1466.130524][T15358] loop5: detected capacity change from 0 to 1764
[ 1467.127523][T15243] Bluetooth: hci2: command tx timeout
[ 1467.306574][T15345] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1467.314181][T15345] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1467.322271][T15345] bridge_slave_0: entered allmulticast mode
[ 1467.330658][T15345] bridge_slave_0: entered promiscuous mode
[ 1467.515455][T15345] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1467.523079][T15345] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1467.530744][T15345] bridge_slave_1: entered allmulticast mode
[ 1467.539352][T15345] bridge_slave_1: entered promiscuous mode
[ 1468.047111][T15345] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1468.199624][T15345] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1468.725972][T15345] team0: Port device team_slave_0 added
[ 1468.795726][T15345] team0: Port device team_slave_1 added
[ 1469.141469][T15243] Bluetooth: hci2: command tx timeout
[ 1469.180820][T15345] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1469.188233][T15345] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1469.214981][T15345] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1469.396517][T15345] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1469.403859][T15345] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1469.430421][T15345] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1470.045472][T15345] hsr_slave_0: entered promiscuous mode
[ 1470.056401][T15345] hsr_slave_1: entered promiscuous mode
[ 1470.070587][T15345] debugfs: 'hsr0' already exists in 'hsr'
[ 1470.076804][T15345] Cannot create hsr debugfs directory
[ 1471.126077][T11135] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1471.136067][T11135] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1471.149471][T11135] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1471.189012][T11135] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1471.222236][T11135] Bluetooth: hci2: command tx timeout
[ 1471.233115][T11135] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1473.064644][T15345] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1473.170193][T15345] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1473.254750][T15345] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1473.372147][T15345] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1473.392525][T11135] Bluetooth: hci5: command tx timeout
[ 1474.793711][T15375] chnl_net:caif_netlink_parms(): no params data found
[ 1475.487137][T11135] Bluetooth: hci5: command tx timeout
[ 1475.497766][   T30] kauditd_printk_skb: 14 callbacks suppressed
[ 1475.497816][   T30] audit: type=1326 audit(1753883707.139:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15398 comm="syz.3.2742" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7fc00000
[ 1476.138188][T15345] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1476.586322][T15345] 8021q: adding VLAN 0 to HW filter on device team0
[ 1476.710499][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1476.718191][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1476.913053][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1476.920549][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1477.547996][T11135] Bluetooth: hci5: command tx timeout
[ 1478.126745][T15375] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1478.134565][T15375] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1478.143101][T15375] bridge_slave_0: entered allmulticast mode
[ 1478.162855][T15375] bridge_slave_0: entered promiscuous mode
[ 1478.505103][T15375] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1478.513248][T15375] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1478.521394][T15375] bridge_slave_1: entered allmulticast mode
[ 1478.532278][T15375] bridge_slave_1: entered promiscuous mode
[ 1479.294518][T15375] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1479.399694][T11135] Bluetooth: Wrong link type (-57)
[ 1479.432340][T15375] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1479.622431][T11135] Bluetooth: hci5: command tx timeout
[ 1479.662223][T15375] team0: Port device team_slave_0 added
[ 1479.703856][T15375] team0: Port device team_slave_1 added
[ 1480.267431][T15375] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1480.274888][T15375] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1480.301836][T15375] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1480.620358][T15375] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1480.628217][T15375] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1480.655931][T15375] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1481.804153][T15375] hsr_slave_0: entered promiscuous mode
[ 1481.815067][T15375] hsr_slave_1: entered promiscuous mode
[ 1481.826260][T15375] debugfs: 'hsr0' already exists in 'hsr'
[ 1481.832441][T15375] Cannot create hsr debugfs directory
[ 1481.987738][ T1025] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1482.201662][   T30] audit: type=1326 audit(1753883713.869:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15442 comm="syz.1.2753" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1482.225030][   T30] audit: type=1326 audit(1753883713.869:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15442 comm="syz.1.2753" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1482.247860][   T30] audit: type=1326 audit(1753883713.869:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15442 comm="syz.1.2753" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1482.274965][   T30] audit: type=1326 audit(1753883713.869:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15442 comm="syz.1.2753" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1482.298829][   T30] audit: type=1326 audit(1753883713.869:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15442 comm="syz.1.2753" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1482.321626][   T30] audit: type=1326 audit(1753883713.869:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15442 comm="syz.1.2753" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1482.344043][   T30] audit: type=1326 audit(1753883713.869:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15442 comm="syz.1.2753" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1482.366417][ T1025] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1482.525896][T15345] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1482.770595][ T1025] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1483.081227][ T1025] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1483.767881][ T1025] bridge_slave_1: left allmulticast mode
[ 1483.773984][ T1025] bridge_slave_1: left promiscuous mode
[ 1483.780352][ T1025] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1483.876776][ T1025] bridge_slave_0: left allmulticast mode
[ 1483.883737][ T1025] bridge_slave_0: left promiscuous mode
[ 1483.895624][ T1025] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1484.475770][ T1025] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1484.574139][ T1025] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1484.626015][ T1025] bond0 (unregistering): Released all slaves
[ 1485.790852][ T1025] hsr_slave_0: left promiscuous mode
[ 1485.842320][ T1025] hsr_slave_1: left promiscuous mode
[ 1485.850660][ T1025] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1485.858792][ T1025] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1485.949172][ T1025] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1485.957426][ T1025] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1486.065956][ T1025] veth1_macvtap: left promiscuous mode
[ 1486.072238][ T1025] veth0_macvtap: left promiscuous mode
[ 1486.078097][ T1025] veth1_vlan: left promiscuous mode
[ 1486.083987][ T1025] veth0_vlan: left promiscuous mode
[ 1486.785114][ T1025] team0 (unregistering): Port device team_slave_1 removed
[ 1486.823334][ T1025] team0 (unregistering): Port device team_slave_0 removed
[ 1488.047006][T15375] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1488.172839][T15375] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1488.312322][T15375] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1488.470814][T15375] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1488.917077][T15345] veth0_vlan: entered promiscuous mode
[ 1489.037240][T15345] veth1_vlan: entered promiscuous mode
[ 1489.201753][   T30] audit: type=1326 audit(1753883720.859:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15478 comm="syz.1.2764" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1489.493598][T15345] veth0_macvtap: entered promiscuous mode
[ 1489.654934][T15345] veth1_macvtap: entered promiscuous mode
[ 1489.745379][   T35] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1489.928436][   T35] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1490.054963][   T35] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1490.216362][   T35] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1490.343744][T15345] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1490.504784][T15345] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1490.698202][T15345] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1490.707516][T15345] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1490.716960][T15345] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1490.726274][T15345] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1490.783007][T15375] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1490.926622][T15375] 8021q: adding VLAN 0 to HW filter on device team0
[ 1490.944566][   T35] bridge_slave_1: left allmulticast mode
[ 1490.950596][   T35] bridge_slave_1: left promiscuous mode
[ 1490.962405][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1491.039423][   T35] bridge_slave_0: left allmulticast mode
[ 1491.045670][   T35] bridge_slave_0: left promiscuous mode
[ 1491.052511][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1491.828092][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1491.889312][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1491.917658][   T35] bond0 (unregistering): Released all slaves
[ 1492.066616][ T3766] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1492.074207][ T3766] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1492.253974][ T3766] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1492.261451][ T3766] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1493.016047][   T35] hsr_slave_0: left promiscuous mode
[ 1493.030834][   T35] hsr_slave_1: left promiscuous mode
[ 1493.039804][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1493.047947][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1493.077612][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1493.086313][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1493.124760][   T35] veth1_macvtap: left promiscuous mode
[ 1493.130708][   T35] veth0_macvtap: left promiscuous mode
[ 1493.138258][   T35] veth1_vlan: left promiscuous mode
[ 1493.144281][   T35] veth0_vlan: left promiscuous mode
[ 1493.601428][   T30] audit: type=1804 audit(1753883725.259:587): pid=15511 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2775" name="file0" dev="tmpfs" ino=2907 res=1 errno=0
[ 1494.100849][   T35] team0 (unregistering): Port device team_slave_1 removed
[ 1494.143114][   T35] team0 (unregistering): Port device team_slave_0 removed
[ 1494.402928][T15514] 8021q: VLANs not supported on ipvlan1
[ 1496.130301][   T30] audit: type=1326 audit(1753883727.799:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15519 comm="syz.1.2777" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1496.425766][T15375] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1499.087296][T15375] veth0_vlan: entered promiscuous mode
[ 1499.192600][T15375] veth1_vlan: entered promiscuous mode
[ 1499.570041][T15375] veth0_macvtap: entered promiscuous mode
[ 1499.694541][T15375] veth1_macvtap: entered promiscuous mode
[ 1499.823316][T15375] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1499.951966][T15375] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1500.065748][T15375] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1500.077530][T15375] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1500.087222][T15375] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1500.096304][T15375] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1500.233339][   T30] audit: type=1326 audit(1753883731.889:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15566 comm="syz.5.2789" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1501.520312][   T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1501.529163][   T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1501.649897][ T3448] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1501.660697][ T3448] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1503.986471][   T30] audit: type=1326 audit(1753883735.649:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15605 comm="syz.5.2801" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1505.092993][T15630] loop9: detected capacity change from 0 to 1764
[ 1507.457580][ T1025] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1507.466114][ T1025] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1507.634009][ T3448] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1507.642740][ T3448] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1508.216338][   T30] audit: type=1326 audit(1753883739.899:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15656 comm="syz.1.2816" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1512.116783][   T30] audit: type=1326 audit(1753883743.759:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15699 comm="syz.1.2832" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1512.140285][   T30] audit: type=1326 audit(1753883743.759:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15699 comm="syz.1.2832" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1512.166808][   T30] audit: type=1326 audit(1753883743.759:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15699 comm="syz.1.2832" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1512.190758][   T30] audit: type=1326 audit(1753883743.759:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15699 comm="syz.1.2832" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1512.214458][   T30] audit: type=1326 audit(1753883743.769:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15699 comm="syz.1.2832" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7fc00000
[ 1514.761054][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1514.768205][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1518.598286][   T30] audit: type=1326 audit(1753883750.279:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15729 comm="syz.5.2845" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1523.602666][   T30] audit: type=1326 audit(1753883755.269:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15764 comm="syz.5.2858" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67539 code=0x7fc00000
[ 1524.072550][T15772] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2860'.
[ 1527.184796][T15243] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1527.223075][T15243] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1527.233883][T15243] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1527.251608][T15243] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1527.267204][T15243] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1527.886886][T15796] =====================================================
[ 1527.894722][T15796] BUG: KMSAN: uninit-value in batadv_get_vid+0x2d0/0x3b0
[ 1527.902239][T15796]  batadv_get_vid+0x2d0/0x3b0
[ 1527.907036][T15796]  batadv_interface_tx+0x2e9/0x1e60
[ 1527.912482][T15796]  dev_hard_start_xmit+0x22f/0xa30
[ 1527.917818][T15796]  __dev_queue_xmit+0x3cb4/0x5e20
[ 1527.923184][T15796]  __bpf_redirect+0x162d/0x1760
[ 1527.928380][T15796]  bpf_clone_redirect+0x366/0x530
[ 1527.933633][T15796]  ___bpf_prog_run+0x1294/0xeba0
[ 1527.938898][T15796]  __bpf_prog_run512+0xc5/0x100
[ 1527.943970][T15796]  bpf_test_run+0x350/0xab0
[ 1527.948675][T15796]  bpf_prog_test_run_skb+0x19f8/0x26c0
[ 1527.954378][T15796]  bpf_prog_test_run+0x5c2/0xa40
[ 1527.959500][T15796]  __sys_bpf+0x6ca/0xe60
[ 1527.963962][T15796]  __ia32_sys_bpf+0xa4/0xf0
[ 1527.968572][T15796]  ia32_sys_call+0xadf/0x4310
[ 1527.973469][T15796]  __do_fast_syscall_32+0xb0/0x150
[ 1527.978796][T15796]  do_fast_syscall_32+0x38/0x80
[ 1527.983927][T15796]  do_SYSENTER_32+0x1f/0x30
[ 1527.988581][T15796]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1527.995208][T15796] 
[ 1527.997591][T15796] Uninit was created at:
[ 1528.002328][T15796]  kmem_cache_alloc_node_noprof+0x818/0xf00
[ 1528.008383][T15796]  kmalloc_reserve+0x13c/0x4b0
[ 1528.013462][T15796]  pskb_expand_head+0x1fc/0x1610
[ 1528.018536][T15796]  skb_ensure_writable+0x44e/0x510
[ 1528.023994][T15796]  bpf_clone_redirect+0x1c1/0x530
[ 1528.029277][T15796]  ___bpf_prog_run+0x1294/0xeba0
[ 1528.034586][T15796]  __bpf_prog_run512+0xc5/0x100
[ 1528.039568][T15796]  bpf_test_run+0x350/0xab0
[ 1528.044319][T15796]  bpf_prog_test_run_skb+0x19f8/0x26c0
[ 1528.049900][T15796]  bpf_prog_test_run+0x5c2/0xa40
[ 1528.055058][T15796]  __sys_bpf+0x6ca/0xe60
[ 1528.059485][T15796]  __ia32_sys_bpf+0xa4/0xf0
[ 1528.064198][T15796]  ia32_sys_call+0xadf/0x4310
[ 1528.068980][T15796]  __do_fast_syscall_32+0xb0/0x150
[ 1528.074297][T15796]  do_fast_syscall_32+0x38/0x80
[ 1528.079260][T15796]  do_SYSENTER_32+0x1f/0x30
[ 1528.083980][T15796]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1528.090436][T15796] 
[ 1528.092916][T15796] CPU: 0 UID: 0 PID: 15796 Comm: syz.1.2870 Not tainted 6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(none) 
[ 1528.104856][T15796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1528.115105][T15796] =====================================================
[ 1528.122234][T15796] Disabling lock debugging due to kernel taint
[ 1528.128509][T15796] Kernel panic - not syncing: kmsan.panic set ...
[ 1528.135066][T15796] CPU: 0 UID: 0 PID: 15796 Comm: syz.1.2870 Tainted: G    B               6.16.0-syzkaller-04405-g4b290aae788e #0 PREEMPT(none) 
[ 1528.148500][T15796] Tainted: [B]=BAD_PAGE
[ 1528.152712][T15796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1528.162863][T15796] Call Trace:
[ 1528.166232][T15796]  <TASK>
[ 1528.169252][T15796]  __dump_stack+0x26/0x30
[ 1528.173740][T15796]  dump_stack_lvl+0x53/0x270
[ 1528.178572][T15796]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1528.184617][T15796]  dump_stack+0x1e/0x25
[ 1528.188995][T15796]  panic+0x4bd/0xd50
[ 1528.193059][T15796]  kmsan_report+0x31c/0x320
[ 1528.197693][T15796]  ? __do_fast_syscall_32+0xb0/0x150
[ 1528.203120][T15796]  ? __msan_warning+0x1b/0x30
[ 1528.207901][T15796]  ? batadv_get_vid+0x2d0/0x3b0
[ 1528.212851][T15796]  ? batadv_interface_tx+0x2e9/0x1e60
[ 1528.218329][T15796]  ? dev_hard_start_xmit+0x22f/0xa30
[ 1528.223732][T15796]  ? __dev_queue_xmit+0x3cb4/0x5e20
[ 1528.229175][T15796]  ? __bpf_redirect+0x162d/0x1760
[ 1528.234409][T15796]  ? bpf_clone_redirect+0x366/0x530
[ 1528.239731][T15796]  ? ___bpf_prog_run+0x1294/0xeba0
[ 1528.244960][T15796]  ? __bpf_prog_run512+0xc5/0x100
[ 1528.250127][T15796]  ? bpf_test_run+0x350/0xab0
[ 1528.254916][T15796]  ? bpf_prog_test_run_skb+0x19f8/0x26c0
[ 1528.260676][T15796]  ? bpf_prog_test_run+0x5c2/0xa40
[ 1528.265905][T15796]  ? __sys_bpf+0x6ca/0xe60
[ 1528.270431][T15796]  ? __ia32_sys_bpf+0xa4/0xf0
[ 1528.275231][T15796]  ? ia32_sys_call+0xadf/0x4310
[ 1528.280176][T15796]  ? __do_fast_syscall_32+0xb0/0x150
[ 1528.285580][T15796]  ? do_fast_syscall_32+0x38/0x80
[ 1528.290729][T15796]  ? do_SYSENTER_32+0x1f/0x30
[ 1528.295512][T15796]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1528.302141][T15796]  ? kmsan_internal_memmove_metadata+0x91/0x230
[ 1528.308512][T15796]  ? kmsan_get_metadata+0xfb/0x160
[ 1528.313778][T15796]  ? kmsan_get_metadata+0xfb/0x160
[ 1528.319014][T15796]  ? kmsan_get_metadata+0xfb/0x160
[ 1528.324242][T15796]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1528.330234][T15796]  ? batadv_interface_tx+0x81/0x1e60
[ 1528.335731][T15796]  ? filter_irq_stacks+0x49/0x190
[ 1528.341001][T15796]  ? stack_depot_save_flags+0x35/0x7b0
[ 1528.346701][T15796]  ? packet_rcv+0x1c2f/0x20b0
[ 1528.351555][T15796]  ? kmsan_get_metadata+0xfb/0x160
[ 1528.356793][T15796]  __msan_warning+0x1b/0x30
[ 1528.361493][T15796]  batadv_get_vid+0x2d0/0x3b0
[ 1528.366293][T15796]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1528.372294][T15796]  batadv_interface_tx+0x2e9/0x1e60
[ 1528.377843][T15796]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1528.384318][T15796]  ? kmsan_get_metadata+0xfb/0x160
[ 1528.389592][T15796]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1528.395532][T15796]  ? __pfx_batadv_interface_tx+0x10/0x10
[ 1528.401286][T15796]  dev_hard_start_xmit+0x22f/0xa30
[ 1528.406553][T15796]  __dev_queue_xmit+0x3cb4/0x5e20
[ 1528.411798][T15796]  ? skb_release_data+0xa12/0xac0
[ 1528.416978][T15796]  ? kmsan_internal_memmove_metadata+0x91/0x230
[ 1528.423381][T15796]  ? kmsan_get_metadata+0xfb/0x160
[ 1528.428716][T15796]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1528.434689][T15796]  ? __dev_queue_xmit+0x30c/0x5e20
[ 1528.440105][T15796]  __bpf_redirect+0x162d/0x1760
[ 1528.445128][T15796]  ? kmsan_get_metadata+0xfb/0x160
[ 1528.450414][T15796]  bpf_clone_redirect+0x366/0x530
[ 1528.455636][T15796]  ___bpf_prog_run+0x1294/0xeba0
[ 1528.460748][T15796]  __bpf_prog_run512+0xc5/0x100
[ 1528.465743][T15796]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1528.472334][T15796]  ? kmsan_internal_poison_memory+0x7f/0xa0
[ 1528.478364][T15796]  ? kmsan_internal_poison_memory+0x4a/0xa0
[ 1528.484379][T15796]  ? kmsan_slab_alloc+0xde/0x160
[ 1528.489482][T15796]  ? kmem_cache_alloc_noprof+0x81b/0xec0
[ 1528.495317][T15796]  ? slab_build_skb+0x5c/0x590
[ 1528.500311][T15796]  ? kmsan_get_metadata+0xfb/0x160
[ 1528.505622][T15796]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1528.511595][T15796]  ? bpf_test_run+0x11/0xab0
[ 1528.516345][T15796]  ? filter_irq_stacks+0x49/0x190
[ 1528.521497][T15796]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1528.527472][T15796]  ? kmsan_get_metadata+0xfb/0x160
[ 1528.532720][T15796]  ? kmsan_get_metadata+0xfb/0x160
[ 1528.538090][T15796]  ? kmsan_get_metadata+0xfb/0x160
[ 1528.543435][T15796]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1528.549902][T15796]  ? kmsan_get_metadata+0x150/0x160
[ 1528.555249][T15796]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1528.561182][T15796]  ? __pfx___bpf_prog_run512+0x10/0x10
[ 1528.566767][T15796]  ? __pfx___bpf_prog_run512+0x10/0x10
[ 1528.572368][T15796]  bpf_test_run+0x350/0xab0
[ 1528.577003][T15796]  ? kmsan_get_metadata+0xfb/0x160
[ 1528.582251][T15796]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1528.588729][T15796]  ? kmsan_get_metadata+0xfb/0x160
[ 1528.594006][T15796]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1528.599965][T15796]  ? bpf_test_run+0x1b0/0xab0
[ 1528.604871][T15796]  bpf_prog_test_run_skb+0x19f8/0x26c0
[ 1528.610575][T15796]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1528.616576][T15796]  bpf_prog_test_run+0x5c2/0xa40
[ 1528.621662][T15796]  __sys_bpf+0x6ca/0xe60
[ 1528.626169][T15796]  __ia32_sys_bpf+0xa4/0xf0
[ 1528.630906][T15796]  ia32_sys_call+0xadf/0x4310
[ 1528.635739][T15796]  __do_fast_syscall_32+0xb0/0x150
[ 1528.641031][T15796]  ? irqentry_exit_to_user_mode+0x82/0xa0
[ 1528.647165][T15796]  do_fast_syscall_32+0x38/0x80
[ 1528.652268][T15796]  do_SYSENTER_32+0x1f/0x30
[ 1528.657221][T15796]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1528.663714][T15796] RIP: 0023:0xf7f83539
[ 1528.667896][T15796] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1528.687698][T15796] RSP: 002b:00000000f50a655c EFLAGS: 00000206 ORIG_RAX: 0000000000000165
[ 1528.696239][T15796] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000080
[ 1528.704307][T15796] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000
[ 1528.712411][T15796] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1528.720479][T15796] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1528.728548][T15796] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1528.736656][T15796]  </TASK>
[ 1528.740116][T15796] Kernel Offset: disabled
[ 1528.744534][T15796] Rebooting in 86400 seconds..