last executing test programs:

33m9.93683973s ago: executing program 32 (id=61):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)

26m40.906764887s ago: executing program 33 (id=840):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
r1 = memfd_secret(0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000480)='ext4_fallocate_exit\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18)
socket$netlink(0x10, 0x3, 0x15)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f00000000c0), 0x1)
io_uring_enter(0xffffffffffffffff, 0x564, 0x72, 0x0, 0x0, 0x0)
writev(r2, 0x0, 0x0)
write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x21d)
syz_io_uring_setup(0x106088, &(0x7f00000003c0)={0x0, 0x2c1, 0x4, 0x4005, 0xfc, 0x0, r1}, &(0x7f00000029c0), &(0x7f0000002a00))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xe)
ioctl$FS_IOC_SETFLAGS(r0, 0x80047456, &(0x7f0000000000)=0x200000)

25m48.83991513s ago: executing program 34 (id=910):
read$FUSE(0xffffffffffffffff, &(0x7f0000000400)={0x2020}, 0x2020)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
mlock(&(0x7f0000002000/0x2000)=nil, 0x2000)
r5 = syz_open_dev$video4linux(&(0x7f0000000100), 0x5, 0x20000)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r5, 0xc040563d, &(0x7f0000000140)={0x0, 0x0, 0x103, 0x0, {0x8, 0x0, 0x9, 0x109a}})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r6 = socket$netlink(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r7, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
read$FUSE(r4, &(0x7f0000000640)={0x2020}, 0x2020)

24m33.092372079s ago: executing program 35 (id=973):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@delchain={0x24, 0x64, 0x1, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x0, 0xa}, {}, {0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x4044048}, 0x20004804)
r8 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r8, 0x4020565a, &(0x7f0000000000)={0x3, 0x980900, 0x2})
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0xe, 0x0, 0x0, 0xfffffffe, 0x0, 0x4}})
ioctl$VIDIOC_QUERYMENU(r8, 0xc008561c, &(0x7f0000000400)={0x980900, 0x4003, @name="b6ae8e0f0376fa7d4eac0abd15418b9c7d97029e735ede962403968545b1c117"})
syz_open_dev$vim2m(&(0x7f0000000000), 0x100, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
sendmsg$NL80211_CMD_DEL_KEY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="38397d76f30000", @ANYRES16, @ANYBLOB="010003000000000000000a0000000800", @ANYRES32, @ANYBLOB="0c0050800500020000"], 0x28}, 0x1, 0x0, 0x0, 0x48881}, 0x40)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xe)

23m37.597932254s ago: executing program 36 (id=986):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x18, 0x0, 0x500)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='veno\x00', 0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r4, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"})
ioctl$USBDEVFS_CLEAR_HALT(r4, 0xc0105502, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect$uac1(0x3, 0xa4, 0x0, 0x0)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
socket$inet_smc(0x2b, 0x1, 0x0)
pselect6(0x40, &(0x7f0000000540)={0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000200), 0xfffffd9d)
sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x11}, 0x0)

22m19.679205818s ago: executing program 37 (id=1094):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e00000008000000000018000380140003801000018004000300080001"], 0x44}}, 0x20008000)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0700000000000000050005000000180003800800040000000000080002000900000004000100180001801400020073797a5f74756e"], 0x44}}, 0x0)

22m15.959768994s ago: executing program 38 (id=1099):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_SEND_PRIO(r0, 0x6b, 0x3, &(0x7f0000000240), 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000780)={0x4, 0x395e, 0x3, {0x1, @sdr={0x3031334d, 0xdd17}}, 0x6})
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
socket$packet(0x11, 0x3, 0x300)
ioctl$IOMMU_IOAS_IOVA_RANGES(0xffffffffffffffff, 0x3b84, 0x0)
ioctl$IOMMU_IOAS_ALLOW_IOVAS(0xffffffffffffffff, 0x3b82, &(0x7f0000000180)={0x18, 0x0, 0x0, 0x0, 0x0})
ioctl$IOMMU_IOAS_UNMAP$ALL(0xffffffffffffffff, 0x3b86, 0x0)
ioctl$IOMMU_IOAS_UNMAP(0xffffffffffffffff, 0x3b86, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000380)={0x28, 0x7, 0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000})
ioctl$IOMMU_IOAS_MAP(0xffffffffffffffff, 0x3b85, &(0x7f0000000440)={0x28, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2})
ioctl$IOMMU_IOAS_COPY(0xffffffffffffffff, 0x3b83, &(0x7f00000004c0)={0x28, 0x7, 0x0, 0x0, 0x1c, 0x14e, 0x2})
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000c40)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000850000002300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0x23, 0x0, &(0x7f0000000880)="e0b9547ed387dbe9abc89b6f5bec529d0468415e1c997308125b7fb308062b8e0b88b3", 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x9}, 0x50)

18m43.524576645s ago: executing program 39 (id=1326):
r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x2042, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
socket$nl_route(0x10, 0x3, 0x0)
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='sched_switch\x00'}, 0x18)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000600)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000fff07006706000020000000170200000ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffbd35010000000000840400000000000014000000100000009500000000000000db13d5d8b741f2cdaabc8383c8f56b8c2b848b00ea6553f304000000815dcf00c3ee7b042d1937ba52037fdedb2150e1918c30b6301f0212feb0cff9fc56357d81b2cc1a9e37d7b75c020b070000003eb22062bafaca036d9cc7db6671573e202e0a92ee4ba12b064981cc32d1ac0b9ecc8f604dcac2563e1c1e7624cc3b88b330ad416c4c1d8c60589b6045a4ffff50df4d34bc5847bebb943a84cb56956931ba9cc39c4a9deea5d77aa843a40000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c250000000000202020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_SET_SNDBIT(r5, 0x4004556a, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0xfffff)

18m31.735820943s ago: executing program 40 (id=1340):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x1a}, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
ioperm(0x0, 0x9, 0x2)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mremap(&(0x7f0000532000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000190000/0x1000)=nil)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000001c0)=0x80000000)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
shutdown(0xffffffffffffffff, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000200)={<r6=>0x0, 0x0, 0x0}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x7a, &(0x7f0000000340)={r6, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
getsockopt$bt_hci(r5, 0x84, 0x81, &(0x7f0000001280)=""/4107, &(0x7f00000000c0)=0x100b)

10m50.092644408s ago: executing program 9 (id=2331):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendmsg(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000240)='\x00', 0x1}], 0x1}, 0x8041)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
ppoll(&(0x7f00000005c0)=[{r0}], 0x1, &(0x7f00000003c0)={0x0, 0x3938700}, 0x0, 0x0)

10m49.75978648s ago: executing program 9 (id=2336):
mkdir(&(0x7f00000000c0)='./file1\x00', 0x154)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000640)='./file0\x00', 0x0, 0x2901090, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000340)='.\x00', &(0x7f0000000180)='./file0/../file0/../file0\x00')

10m49.417841316s ago: executing program 9 (id=2338):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x40241, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x7c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x2}]}}}, {0x28, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_NAT_REG_PROTO_MIN={0x8, 0x5, 0x1, 0x0, 0x3}, @NFTA_NAT_TYPE={0x8}, @NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xa4}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
write$tun(r0, &(0x7f0000000280)={@val={0x0, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x0, 0x0, 0x1c, {[@window={0xa, 0x3}, @timestamp={0x5, 0x2, 0x0, 0x4000}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e)

10m48.84325812s ago: executing program 9 (id=2340):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000002c0)={r2, <r3=>0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000640)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, &(0x7f0000000600)={r2, r2, 0x0, 0x9, 0x9, 0xa, 0xee, 0x7, 0x3, 0x4, 0xd, 0xcf2})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000580)={&(0x7f0000000040)=[r5], 0x1, r3, r4, 0x3, 0x0, 0xffffffff, 0x804, {0xac7c, 0x1, 0x3, 0x67, 0xf4b, 0x1, 0x2, 0x5, 0x412f, 0xe154, 0x1000, 0x7f, 0x6, 0xffffffff, "fe1d00003413000000000020b42717e47f00"}})

10m47.851295455s ago: executing program 41 (id=2340):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000002c0)={r2, <r3=>0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000640)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, &(0x7f0000000600)={r2, r2, 0x0, 0x9, 0x9, 0xa, 0xee, 0x7, 0x3, 0x4, 0xd, 0xcf2})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000580)={&(0x7f0000000040)=[r5], 0x1, r3, r4, 0x3, 0x0, 0xffffffff, 0x804, {0xac7c, 0x1, 0x3, 0x67, 0xf4b, 0x1, 0x2, 0x5, 0x412f, 0xe154, 0x1000, 0x7f, 0x6, 0xffffffff, "fe1d00003413000000000020b42717e47f00"}})

10m16.356911606s ago: executing program 42 (id=2470):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r1, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x20, r3, 0x301, 0xfffffffc, 0x0, {0x2b}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x0)
pipe2(&(0x7f0000001cc0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])

9m27.603779025s ago: executing program 7 (id=2569):
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000480)={0x0, @in={{0x2, 0x4e20, @rand_addr=0x64010101}}, 0x200, 0x100, 0x80, 0x4, 0x20, 0x6, 0x7}, &(0x7f0000000580)=0x9c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x29}]}, @NFT_MSG_NEWSETELEM={0x68, 0x1e, 0xa, 0x105, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x3c, 0x3, 0x0, 0x1, [{0x38, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x34, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x2d, 0x1, "fefe807eb37bc2a7a6110a370abbe10adf32aa848edc90232d4665de2ae1583b710c20da833679ebe6"}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xec}}, 0x0)

9m24.706278905s ago: executing program 7 (id=2571):
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c00", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9", 0x5, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="48000000100005040000000000000000", @ANYBLOB="ebffffffffffffff28"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

9m23.615619892s ago: executing program 7 (id=2577):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x3d, &(0x7f0000000000)='cgroup\x00\x8d\f\xf3\xcd\xc6X$\x01n-Hg\x144-.\xe2\x053\xe2\xf4\xbf[\xe9\xdddU\x91\x9d,\t\x8d\xc3@\x86,\x7f\xe2Z\xe8L\x80\xdbe~c\xbc\x9b\xcf\x9b\x1cH\x95\xf3'}, 0x30)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="0200"], 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)

9m20.718137486s ago: executing program 7 (id=2581):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4276ef66ba420266b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000980)=[@text32={0x20, 0x0}], 0x1, 0x79, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)=@x86={0x12, 0xc, 0x6, 0x0, 0x5, 0x7, 0x41, 0x3, 0x4, 0x58, 0x82, 0x1, 0x0, 0x3, 0x7, 0xf8, 0x10, 0x60, 0xd, '\x00', 0xd9, 0x93d6})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

9m17.672896172s ago: executing program 7 (id=2584):
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10)

8m21.043388546s ago: executing program 7 (id=2584):
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10)

5m6.886660051s ago: executing program 2 (id=2946):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$packet(r5, 0x0, 0x0)
getpeername(r5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000180)=ANY=[@ANYBLOB="050000000000000073112b865343122ee64300a38152ca25e2735902000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYRES32=r6], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)="303e300202000000000000d190c937dc6914243b0402d6dcb70ad80851956fe6727ae888746b02cee670a5882a0ad79716584e6b04b7f62edac751478af9c62f", 0x40, 0xfffffffffffffffc)

5m4.84445499s ago: executing program 2 (id=2951):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
chdir(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x82)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = syz_open_dev$amidi(&(0x7f0000000140), 0x2, 0x180)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r1, 0x40045731, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000ec0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040000}, 0x48000)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000000)={0x8, 0x2, 0x7})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, 0x0, 0x0)
sendmsg$kcm(r3, 0x0, 0x0)
connect$unix(r3, &(0x7f0000000f80)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000640)={0x34, r4, 0x1, 0x0, 0x0, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000000c000000bca30000000000002403000020feffff620af8fff8ffffff71a4f8ff000000001f03000000000000e5000200000000002604fdffff02000014010000033800001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

5m3.351615113s ago: executing program 5 (id=2953):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x9, 0x15031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f00000001c0), 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
epoll_create1(0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')
preadv(r2, &(0x7f0000000200)=[{&(0x7f0000000a40)=""/65, 0x41}], 0x1, 0x6, 0x0)
ioctl$BLKTRACESTOP(r2, 0x1275, 0x0)
getsockopt$PNPIPE_IFINDEX(r1, 0x113, 0x2, 0x0, &(0x7f0000000140))
sendmsg$can_bcm(r1, &(0x7f0000000340)={&(0x7f0000000240), 0x10, &(0x7f0000000300)={&(0x7f0000000280)={0x4, 0x0, 0x2, {}, {0x0, 0x2710}, {0x2, 0x1, 0x1}, 0x1, @canfd={{0x3}, 0x11, 0x1, 0x0, 0x0, "62726edffcfc66c4b73c140c0ec8eb5605bab69db76c8ed74af7fb5366bd0c0fdad8e665fbac67264ecda49a87f302de7b97181e8ccac89f0bb0a07055cc7d7b"}}, 0x80}, 0x1, 0x0, 0x0, 0x4080810}, 0x20004800)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x2)
r3 = syz_open_dev$sndpcmp(&(0x7f0000000040), 0x1, 0x80000)
ioctl$SNDRV_PCM_IOCTL_TTSTAMP(r3, 0x40044103, &(0x7f0000000080)=0x5)
mount(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0)

5m2.155918406s ago: executing program 2 (id=2955):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x402c5828, 0x0)
openat$fuse(0xffffff9c, 0x0, 0x2, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1d, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = timerfd_create(0x0, 0x0)
timerfd_gettime(r5, &(0x7f00000001c0))
preadv(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000380)=""/218, 0xda}], 0x1, 0x142, 0xfe)
sendfile(r1, r1, 0x0, 0x200000)
sendmsg$NL80211_CMD_FRAME(r0, 0x0, 0x0)

5m1.292759087s ago: executing program 5 (id=2956):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d100000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c000000000000000000000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b007f000001e000000200000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000000000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f000001000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f000001ac141400000000001c0000000000000000000000470000"], 0x230}, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x20000000}, 0x20)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='subflow_check_data_avail\x00', r6}, 0x18)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffdf2, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90324fc60350005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
r7 = socket(0xa, 0x2400000001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r7, 0x29, 0x2a, &(0x7f0000034000)={0x1, {{0xa, 0x0, 0x0, @mcast2}}}, 0x34)
getsockopt$inet6_buf(r7, 0x29, 0x10000000000030, &(0x7f0000034000)=""/144, &(0x7f0000e5f000)=0x90)
syz_emit_ethernet(0x1b5, &(0x7f0000000140)=ANY=[@ANYBLOB="000000000000aaaaaaaaaabb08004d1501a7006703ff082190780a010101ac1414aa445470a1ac1414aa00000008ac14141400000004ac14143a00000001ac14142800000280e0000002000000080a01010000000081ffffffff000080017f0000010000000800000000000000007f000001fffffff9891341e0000001e000000164010102640101008313bbe000000164010100e0000002ffffffff440c3c830000000000000007071777ac1e00017f000001ac1414bbac1414bbe00000020000004e234e24043190788c1baf5d04576ec173fc55305ae96cb2241800b49fdd4795384824a14d05fa70014d4ff4b72ba4dc296090aad459225d7bafe384bc2a8690641d7f3b937fdcee1eae46fe6f02e57e727f4fbf4e0e82741696ac99a15b9e48dd61e48dac64dbfd2dcc8bd05cb38c56f69504db6e324dfaec6452f211660644f0dc6c9970d3ff0eac621ae808bfecaa167ccadcb3a830f1190870a01011f65066d66b0f57b114bece2cc50b4050489031c289ac11a5eba6febf4170765213853455429cbc5b26440e454aabe23d498fdd1364bb25e7efda7a9c79de762100a0015edb8c9e8d783353e523459a7b861fe81da578a4fd07d477aa"], 0x0)

4m59.793924851s ago: executing program 6 (id=2958):
r0 = socket$inet(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x86}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0})
socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000000000)={0x3, {{0xa, 0x2, 0x1, @mcast2}}, {{0xa, 0x0, 0x6, @local}}}, 0x108)
getsockopt$inet6_buf(r2, 0x29, 0x30, &(0x7f0000000000)=""/40, &(0x7f0000001000)=0xf9)
read$msr(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000240)={<r4=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0, r4}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r3, &(0x7f0000000040)={0x7, 0x8, 0xfa00, {r4}}, 0x10)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000300)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r5, 0xc0145b0d, &(0x7f0000000040))

4m59.175708785s ago: executing program 5 (id=2959):
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
msgget(0x1, 0x68e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
syz_io_uring_setup(0x10e, &(0x7f0000000300)={0x0, 0x3fe8, 0x4, 0xfffffffd, 0xfffffffd}, &(0x7f00000003c0), 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00', 0x49})
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x18}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x404}, 0x0)
ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0)
r2 = syz_io_uring_setup(0x9e, 0x0, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000001c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, 0x0, 0x0, 0x4)
io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0)
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140))
r4 = syz_open_dev$loop(0x0, 0x81, 0x2a00)
ioctl$LOOP_SET_STATUS(r4, 0x4c02, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)

4m57.617115082s ago: executing program 6 (id=2961):
syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010}, &(0x7f0000000040), &(0x7f0000000080))
open(0x0, 0x80140, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(0xffffffffffffffff, 0x0, 0x488, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r0, 0xc0603d0f, &(0x7f0000000040))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r2 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r3 = getpid()
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000040), 0x6)
ioctl$sock_bt_hci(r4, 0x400448e6, &(0x7f0000000200))
ioctl$sock_bt_hci(r4, 0x400448e6, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
gettid()
readv(r2, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, 0x0, 0x0, 0x0)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r5, 0x3ba0, &(0x7f00000000c0)={0x48})

4m55.251801816s ago: executing program 6 (id=2963):
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
write$sysctl(0xffffffffffffffff, 0x0, 0xffc7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_init_net_socket$ax25(0x3, 0x3, 0x0)
r2 = socket(0x40000000015, 0x5, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000640)=ANY=[@ANYBLOB="08010000160001040000000000000000ac1414aa000000000000000000000000ff01000000000000000000000000000100000fd100000002020000000c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff0000000000000000000000000000000033000000000000000000fc11da2900000000000100000000000000000000000000000000000000000000000000000000000000000000000000000080010000800000000000000000000000000000000000000000010100000000000000000000000000000000000000000000000800000000000004000000060000000004000000000000000000000a000000940000000000000000000000ad04000008001f000000000008000c00030000"], 0x108}, 0x1, 0x0, 0x0, 0x20040080}, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$packet(r4, &(0x7f0000000000)={0x1f, 0xf8, 0x0, 0x1, 0x2, 0x6, @broadcast}, 0x14)
connect$inet(r2, 0x0, 0x0)
setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f0000000000)=0x3500, 0x4)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
eventfd(0x1)
syz_open_dev$media(&(0x7f0000000240), 0x9, 0x2)
mknod$loop(&(0x7f00000017c0)='./file0\x00', 0x2480, 0x0)

4m54.159642826s ago: executing program 5 (id=2964):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
fanotify_init(0x4, 0x0)
r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$can_j1939(0x1d, 0x2, 0x7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000e00), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc1105511, &(0x7f00000000c0)={{0xb}, 0x0, [0x4, 0x0, 0x0, 0x0, 0x7, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffdfffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23]})
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)={0x10, 0x1419, 0x201}, 0x10}}, 0x840)
r4 = openat$ppp(0xffffffffffffff9c, 0x0, 0x161042, 0x0)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000280)={0x28, 0x7, 0x0, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000})
ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f0000000080)={0x20, 0x0, 0x3, 0x0, &(0x7f0000000000)=[{}, {}, {}]})
write$ppp(r4, 0x0, 0x0)
mkdir(0x0, 0x9)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000200))

4m53.013654208s ago: executing program 6 (id=2965):
socket$inet_udp(0x2, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2842, 0x0)
read$FUSE(r1, &(0x7f0000005140)={0x2020}, 0x2020)
read$FUSE(r1, &(0x7f0000007180)={0x2020}, 0x2020)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
timerfd_gettime(0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x88b2d849f033fb57, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\x00\x00\x00\x00\xd4\xa2\x88\x00\xd1l,'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
unshare(0x20040400)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(0xffffffffffffffff, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r2, 0x9, 0x0, 0x30, 0x0, @in6={0xa, 0x4e22, 0x3, @mcast2, 0xf0e}, @ib={0x1b, 0x7f, 0xc, {"7d8b59310010160e00000000d200"}, 0xfffffffffffffff9, 0x0, 0x7fff}}}, 0x118)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f0000000480)={0x2020, 0x0, 0x0, <r4=>0x0, <r5=>0x0}, 0x2020)
fchown(0xffffffffffffffff, r4, r5)

4m51.002178133s ago: executing program 5 (id=2967):
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
getpid()
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r2, 0x2285, 0x0)
writev(r2, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0fb0000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x2)
pipe2$9p(0x0, 0x0)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(0xffffffffffffffff, 0x0, 0x4000000)
sendmsg$netlink(r3, 0x0, 0x0)
landlock_create_ruleset(&(0x7f0000000080)={0x8601, 0x2}, 0x18, 0x0)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r5 = syz_io_uring_setup(0x236, &(0x7f0000000380)={0x0, 0x80fd, 0x8, 0x4, 0x2cf}, &(0x7f0000000040)=<r6=>0x0, &(0x7f00000002c0)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000080)=@l2tp={0x2, 0x0, @local, 0x3}})
io_uring_enter(r5, 0x1864, 0x6429, 0x1, 0x0, 0x0)

4m49.961529812s ago: executing program 2 (id=2968):
socket(0x1e, 0x4, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$NBD_DO_IT(r4, 0xab03)
socket$inet_udp(0x2, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f00004ad000/0x2000)=nil, 0x2000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x10000)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_RW(0xffffffffffffffff, 0x3ba0, &(0x7f0000000080)={0x48, 0x8, 0xffffffffffffffff, 0x0, 0x81, 0x0, 0x0, 0x4})
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000008c0), r5)
sendmsg$NLBL_MGMT_C_ADD(r5, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000940)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010029bd7000ffdbdf250100000008000700e0000001080002000500000007000800001e01010c0001"], 0x38}, 0x1, 0x0, 0x0, 0x40010}, 0x80)

4m49.960682594s ago: executing program 6 (id=2969):
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x100000f, 0x4008032, 0xffffffffffffffff, 0x2002000)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xb)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x2000, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
pread64(r1, &(0x7f00000001c0)=""/200, 0xc8, 0x0)
r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x183822, 0x0)
r3 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x4, 0x100, 0x0, 0x333}, &(0x7f0000000140)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x80001, 0x0)
write$vga_arbiter(r6, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r2, 0x0, &(0x7f0000000100)})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
io_uring_enter(r3, 0x47ba, 0x0, 0x0, 0x0, 0x0)

4m48.903263482s ago: executing program 5 (id=2971):
r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0x500, 0x0, 0x32315258, 0x2, 0x0, [{0x2}, {}, {}, {0x10000000, 0xffff}, {0x0, 0xffffffff}, {0xfffffffe}], 0x0, 0x8}})
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x58, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x1a3, 0x655c, 0x4, 0x40, 0x7fffffff, 0x7fffffff, 0x80, 0xffffffff, 0x1}}}}]}, 0x58}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0xfffffffd)
accept(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d004231a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb5b64f69853362ac3407173ec", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4080)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2604002c)

4m47.174598661s ago: executing program 2 (id=2972):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000140)=@raw=[@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x7d}, @exit], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
ioctl$BLKROTATIONAL(r3, 0x40101286, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x42, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
inotify_add_watch(r3, &(0x7f0000000000)='./file0\x00', 0x240)
sendto$inet(r4, 0x0, 0x0, 0x40, &(0x7f0000000180)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000700)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f0000000740)={0x2020}, 0x2020)

4m44.777830128s ago: executing program 2 (id=2973):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
sched_setaffinity(0x0, 0xfffffffffffffdc5, &(0x7f00000002c0)=0x800002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
mremap(&(0x7f00000aa000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f00001a0000/0x2000)=nil)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
pidfd_send_signal(0xffffffffffffffff, 0x12, 0x0, 0x4)
close(0xffffffffffffffff)
socket$can_j1939(0x1d, 0x2, 0x7)
socket$tipc(0x1e, 0x5, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1000005)
setsockopt(r2, 0x84, 0x80, &(0x7f0000000000), 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)

4m44.610691897s ago: executing program 6 (id=2975):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000300)=ANY=[], 0x15)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r2, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r2, 0xfffffffd)
r3 = accept4(r2, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000001000), 0x581, 0x4000001f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0x2)
r5 = dup(r0)
write$FUSE_BMAP(r5, 0x0, 0x0)
write$FUSE_DIRENTPLUS(r5, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r5, &(0x7f0000000480)={0x18}, 0x18)
write$FUSE_INIT(r5, &(0x7f0000000600)={0x50, 0x0, 0x0, {0x7, 0x29, 0x3, 0x0, 0x4, 0x53b, 0x7, 0x0, 0x0, 0x0, 0xa0, 0x200}}, 0x50)
ioprio_set$uid(0x3, 0xee00, 0x6000)

4m32.296274141s ago: executing program 43 (id=2971):
r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0x500, 0x0, 0x32315258, 0x2, 0x0, [{0x2}, {}, {}, {0x10000000, 0xffff}, {0x0, 0xffffffff}, {0xfffffffe}], 0x0, 0x8}})
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x58, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x1a3, 0x655c, 0x4, 0x40, 0x7fffffff, 0x7fffffff, 0x80, 0xffffffff, 0x1}}}}]}, 0x58}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000002000)=""/102400, 0x19000)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0xfffffffd)
accept(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d004231a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb5b64f69853362ac3407173ec", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4080)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2604002c)

4m28.642311269s ago: executing program 44 (id=2973):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
sched_setaffinity(0x0, 0xfffffffffffffdc5, &(0x7f00000002c0)=0x800002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
mremap(&(0x7f00000aa000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f00001a0000/0x2000)=nil)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
pidfd_send_signal(0xffffffffffffffff, 0x12, 0x0, 0x4)
close(0xffffffffffffffff)
socket$can_j1939(0x1d, 0x2, 0x7)
socket$tipc(0x1e, 0x5, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1000005)
setsockopt(r2, 0x84, 0x80, &(0x7f0000000000), 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)

4m27.947362471s ago: executing program 45 (id=2975):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000300)=ANY=[], 0x15)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r2, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r2, 0xfffffffd)
r3 = accept4(r2, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000001000), 0x581, 0x4000001f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0x2)
r5 = dup(r0)
write$FUSE_BMAP(r5, 0x0, 0x0)
write$FUSE_DIRENTPLUS(r5, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r5, &(0x7f0000000480)={0x18}, 0x18)
write$FUSE_INIT(r5, &(0x7f0000000600)={0x50, 0x0, 0x0, {0x7, 0x29, 0x3, 0x0, 0x4, 0x53b, 0x7, 0x0, 0x0, 0x0, 0xa0, 0x200}}, 0x50)
ioprio_set$uid(0x3, 0xee00, 0x6000)

2m34.435219847s ago: executing program 3 (id=3097):
openat$ocfs2_control(0xffffff9c, &(0x7f0000000000), 0x800, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = add_key(&(0x7f00000000c0)='pkcs7_test\x00', 0x0, &(0x7f0000000000)="100c0608262300ba8b0ad775b3", 0xd, 0xfffffffffffffffc)
add_key$keyring(0x0, 0x0, 0x0, 0x0, r4)
syz_open_dev$cec(0x0, 0x0, 0xa41)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
r5 = syz_open_dev$video4linux(&(0x7f0000000540), 0xd, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r5, 0xc0585605, &(0x7f0000000400)={0x1, 0x0, {0x7fff, 0x8, 0x100f, 0x5, 0x7, 0x7, 0x2, 0x7}})
r6 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc}, 0x10)
r7 = socket(0x1e, 0x4, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, 0x0, 0x201, 0x400002, 0x0, {{}, {}, {0x40, 0x11, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x20000844)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)

2m31.624207092s ago: executing program 3 (id=3099):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x80082, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xc)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
openat$zero(0xffffffffffffff9c, 0x0, 0x10480, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00', <r5=>0x0})
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f0000000540)={@rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x4400046, r5})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, 0x0, 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', 0x0, 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000080), 0x40, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@userxattr}]})
mknod(0x0, 0x8001420, 0x0)
mount$afs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x8000, 0x0)

2m29.859800958s ago: executing program 3 (id=3102):
openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
setsockopt(0xffffffffffffffff, 0x107, 0x1, &(0x7f00000001c0)="010000000000060000071a80010061cc", 0x10)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$TIOCSBRK(r0, 0x5427)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
r4 = io_uring_setup(0x5f6f, &(0x7f0000000000)={0x0, 0x84bf, 0x40, 0x20, 0xfffffffc})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r4, 0xb, &(0x7f0000000500)=[@ioring_restriction_sqe_op={0x1, 0x31a1ac19ea15b29b}], 0x1)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
syz_create_resource$binfmt(0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x9, 0x1, 0xb8}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f0000000100)=0x3)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$l2tp6(0xa, 0x2, 0x73)
sendto$l2tp6(r6, 0x0, 0x0, 0x4890, &(0x7f0000000040)={0xa, 0x0, 0xfffffffd, @mcast1, 0x6, 0x4}, 0x20)

2m25.559293031s ago: executing program 3 (id=3109):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2)
r0 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0x82865)
syz_open_procfs(0xffffffffffffffff, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000105002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
sched_setaffinity(0x0, 0xfffffffffffffdc5, &(0x7f00000002c0)=0x800002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_sctp(0x2, 0x5, 0x84)
r2 = socket$phonet(0x23, 0x2, 0x1)
sendmsg(r2, &(0x7f0000000440)={&(0x7f0000000100)=@phonet, 0x80, 0x0}, 0x0)
syz_open_dev$sg(0x0, 0x800000, 0x94240)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
setrlimit(0xa, &(0x7f0000000180)={0x2, 0x400})
fadvise64(0xffffffffffffffff, 0xbd, 0x200, 0x1)
memfd_create(0x0, 0x4)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=ANY=[@ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000001000004d432000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006af9c41e000000000000000000000000000000000000000200000000000000000000000000100000000000000000000000000000000000010000000000000002000400000000000000000048000200656362286369706865725f6e756c6c290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008001800cd000000"], 0x140}, 0x1, 0x0, 0x0, 0x20000011}, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x6)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x5, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x8000000, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

2m22.72347481s ago: executing program 3 (id=3112):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0)
r1 = openat$tcp_mem(0xffffffffffffff9c, 0x0, 0x1, 0x0)
fcntl$dupfd(r1, 0x406, 0xffffffffffffffff)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f0000000140), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x22)
r5 = dup2(r4, r4)
ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000480)={'\x00', 0x40, 0xa, 0x1fe, 0x40000004, 0x10})
unlinkat(r4, 0x0, 0x200)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
r6 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00')
lseek(r6, 0x2, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r7, 0x0, 0x14, 0x0, &(0x7f0000000380)="f6f4e9a1d78ad62ceef1884366a578bb3fb7dbfc", 0x0, 0xffffffff, 0x0, 0x2, 0x0, &(0x7f0000000700)="010a", 0x0}, 0x50)
r8 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x58, r8, 0x1, 0x0, 0x0, {0x3, 0x2, 0x2}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'wg2\x00'}]}, 0x58}, 0x1, 0x40030000000000, 0x0, 0x40c0091}, 0x0)

2m20.765443356s ago: executing program 3 (id=3115):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000340)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x88}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @multicast1}, 0xc)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000001c0)="39000000140081ae0000dc676f97daf01e2357f9ffffffffffffff0521018701546fabca1b4e8a06a6580e88370200c54c1960b89c40ebb373", 0x39}], 0x1}, 0x0)
syz_usb_connect(0x2, 0x3d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b000100000000090437"], 0x0)
personality(0x5000004)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff})
connect$unix(r7, 0x0, 0x0)

2m4.122361546s ago: executing program 46 (id=3115):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000340)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x88}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @multicast1}, 0xc)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000001c0)="39000000140081ae0000dc676f97daf01e2357f9ffffffffffffff0521018701546fabca1b4e8a06a6580e88370200c54c1960b89c40ebb373", 0x39}], 0x1}, 0x0)
syz_usb_connect(0x2, 0x3d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b000100000000090437"], 0x0)
personality(0x5000004)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff})
connect$unix(r7, 0x0, 0x0)

1m32.86713768s ago: executing program 0 (id=3165):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={0x0}}, 0x4000)
connect$unix(0xffffffffffffffff, 0x0, 0xffffffffffffff57)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_VM_DISABLE_NX_HUGE_PAGES(r1, 0x4068aea3, &(0x7f0000000040))
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f0000000100)={0x1d, r3, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r4, &(0x7f00000001c0)={0x1d, r3, 0x1, {0x0, 0xff, 0x4}, 0xff}, 0x18)
sendmsg$can_j1939(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x1d, r3, 0x2, {0x2, 0xff}, 0xfc}, 0x18, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x850}, 0x2400c0d0)
setsockopt$MRT_ADD_MFC(0xffffffffffffffff, 0x0, 0xcc, &(0x7f0000000240)={@initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010100, 0x1, "0d9c6e9f9c929c0f2bf87cb3e6da5bc11efab4b594828e344082b7ec45049cc9", 0x0, 0x1, 0xfffff86d, 0x4}, 0x3c)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
gettid()
connect$netrom(0xffffffffffffffff, &(0x7f00000005c0)={{0x6, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast, @default]}, 0x48)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r6 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_ENCAP(r6, 0x113, 0x1, &(0x7f0000000100)=0x1, 0x4)
getegid()

1m30.95017099s ago: executing program 0 (id=3167):
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x1, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d100000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000080)={0x8, 0xb, {<r1=>0x0}, {<r2=>0xee01}, 0x6, 0x81})
sched_setaffinity(r1, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000001b00)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r0, @ANYRES16=r2], 0x0, 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100), 0x40202, 0x0)
ioctl$SNDCTL_DSP_POST(r5, 0x5008, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000021c0)='/proc/asound/timers\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f000001ac40)={0x2020}, 0x2020)
preadv(r4, &(0x7f0000000240), 0x0, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r4, 0x4048ae9b, &(0x7f0000000300)={0x0, 0x0, [0x1, 0x1, 0xe, 0x5, 0x1000000000010001, 0x5, 0x3, 0x80]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r7)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IEEE802154_ADD_IFACE(r7, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x40810)
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/vlan/vlan0\x00')
ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000200)={0x2026, 0x3})

1m29.78762187s ago: executing program 0 (id=3168):
socket(0xa, 0x3, 0x3a)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx2\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r1, 0x0, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000580)=ANY=[@ANYBLOB="bbbbbbbbbbbb0000000f000088a836008100050086dd6000000000101100fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000e2200109078020a000000000000c13c80ad299ba27e847e057e52ebca45c486f30147d47ccfa586c41b6cb97146dfb24f93adb86ae95b7874fd555cf240497b81b34728b09cee575c56b868dd43488cc08813c5b461c25bb06868f2ed26622822bcc07277b900a1193f5f4208f3fd4d8951aba774dd01d7b4693c39d83fb03395fce33a88c55d908a17ef25177e56ff4e0f3581b53da4d850d3f6bcc60d0d2240b66628e4da9237b22c9aea83a2543e7961f9e90f35c0f69d1680c3bfcb0809ec98f8fabb5efc458aad7d0980134b6526de1b3b583ea8c012cae0a918d37238332fc5ed724dd371748fd919aed5e5712924033e1576768287da164d8e17ace343dacf1ecd7cf668ea08bd495289f0211f45f93c21ceec43606fe638d63723b5278a594e75667e134864e69b8c5950221522a5cc"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
clock_settime(0xbcd1940b87aad64b, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$SIOCNRDECOBS(r3, 0x89e2)
get_robust_list(0x0, 0x0, 0x0)
r4 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000440)="4c0000001200ff09ff3a150099a283ff04b8008000f0ffff000000", 0x1b}, {0x0}], 0x2}, 0x0)
recvmmsg(r4, &(0x7f0000001300), 0x0, 0x48, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4048904}, 0x4)
r5 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r6 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(r7, 0x6, 0xd, 0x0, 0x0)
setsockopt$inet6_int(r7, 0x29, 0x5, &(0x7f00000004c0)=0x5, 0x4)
writev(r6, &(0x7f00000008c0)=[{&(0x7f00000001c0)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641", 0x22}, {0x0}, {&(0x7f00000000c0)}, {&(0x7f0000000940)}, {&(0x7f0000000100)="19a7666a04b2b6", 0x7}], 0x5)

1m27.631591998s ago: executing program 0 (id=3170):
socket(0x18, 0x0, 0x0)
r0 = syz_io_uring_setup(0x139c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x2)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sysvipc/msg\x00', 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x2}, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r2, 0x400452c8, &(0x7f0000000100))
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140))
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b7000000ff020000bfa300000000000007030000f0ffffff620af0fff8ffffff71a4f0ff000000002d040200000000001d400200000000004604000001ed000062030000000000001d440000000000007a0a00fe00ffffffc303000041000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0465f2f994114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840b08000000f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e82623951743283070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a00a5b4f7e9ad0500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffc93, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/xfrm_stat\x00')
read$FUSE(r3, &(0x7f0000000640)={0x2020}, 0x2020)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8010, r0, 0x6a855000)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)

1m25.847380847s ago: executing program 0 (id=3171):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket(0x2000000015, 0x80005, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = mq_open(&(0x7f0000000040)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0xfffffffffffffffd, 0x1, 0x7, 0x4})
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x3, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0xfffffffffffffffc)
open(0x0, 0x64842, 0x22)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004882, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000006880)={0x80000010})
io_submit(0x0, 0x1, &(0x7f00000000c0)=[0x0])
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000000381, 0x0)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
recvfrom$packet(r0, 0x0, 0x0, 0x40010000, &(0x7f0000000440)={0x11, 0xd, 0x0, 0x1, 0x6, 0x6, @multicast}, 0x14)
r4 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r4, 0xc0045009, &(0x7f0000000000)=0x8)
ioctl$SNDCTL_DSP_SUBDIVIDE(r4, 0xc0045009, &(0x7f0000000240)=0x9)

1m24.373172046s ago: executing program 0 (id=3174):
setresgid(0xee00, 0xee01, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
write$sysctl(0xffffffffffffffff, 0x0, 0xffc7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_init_net_socket$ax25(0x3, 0x3, 0x0)
r4 = socket(0x40000000015, 0x5, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000640)=ANY=[@ANYBLOB="08010000160001040000000000000000ac1414aa000000000000000000000000ff01000000000000000000000000000100000fd100000002020000000c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff0000000000000000000000000000000033000000000000000000fc11da2900000000000100000000000000000000000000000000000000000000000000000000000000000000000000000080010000800000000000000000000000000000000000000000010100000000000000000000000000000000000000000000000800000000000004000000060000000004000000000000000000000a000000940000000000000000000000ad04000008001f000000000008000c00030000"], 0x108}, 0x1, 0x0, 0x0, 0x20040080}, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$packet(r6, &(0x7f0000000000)={0x1f, 0xf8, 0x0, 0x1, 0x2, 0x6, @broadcast}, 0x14)
connect$inet(r4, 0x0, 0x0)
setsockopt$SO_TIMESTAMP(r4, 0x1, 0x3f, &(0x7f0000000000)=0x3500, 0x4)
syz_open_dev$media(&(0x7f0000000240), 0x9, 0x2)
mknod$loop(&(0x7f00000017c0)='./file0\x00', 0x2480, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
readv(r1, &(0x7f00000001c0)=[{&(0x7f0000001400)=""/227, 0x10}], 0x4)
socket$kcm(0x2, 0xa, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000040)={0x0, 'syzkaller1\x00', {0x4}, 0x1})

1m7.726053204s ago: executing program 47 (id=3174):
setresgid(0xee00, 0xee01, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
write$sysctl(0xffffffffffffffff, 0x0, 0xffc7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_init_net_socket$ax25(0x3, 0x3, 0x0)
r4 = socket(0x40000000015, 0x5, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000640)=ANY=[@ANYBLOB="08010000160001040000000000000000ac1414aa000000000000000000000000ff01000000000000000000000000000100000fd100000002020000000c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff0000000000000000000000000000000033000000000000000000fc11da2900000000000100000000000000000000000000000000000000000000000000000000000000000000000000000080010000800000000000000000000000000000000000000000010100000000000000000000000000000000000000000000000800000000000004000000060000000004000000000000000000000a000000940000000000000000000000ad04000008001f000000000008000c00030000"], 0x108}, 0x1, 0x0, 0x0, 0x20040080}, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$packet(r6, &(0x7f0000000000)={0x1f, 0xf8, 0x0, 0x1, 0x2, 0x6, @broadcast}, 0x14)
connect$inet(r4, 0x0, 0x0)
setsockopt$SO_TIMESTAMP(r4, 0x1, 0x3f, &(0x7f0000000000)=0x3500, 0x4)
syz_open_dev$media(&(0x7f0000000240), 0x9, 0x2)
mknod$loop(&(0x7f00000017c0)='./file0\x00', 0x2480, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
readv(r1, &(0x7f00000001c0)=[{&(0x7f0000001400)=""/227, 0x10}], 0x4)
socket$kcm(0x2, 0xa, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000040)={0x0, 'syzkaller1\x00', {0x4}, 0x1})

10.763696364s ago: executing program 1 (id=3260):
syz_open_procfs(0xffffffffffffffff, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000105002, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
sched_setaffinity(0x0, 0xfffffffffffffdc5, &(0x7f00000002c0)=0x800002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$phonet(0x23, 0x2, 0x1)
sendmsg(r1, &(0x7f0000000440)={&(0x7f0000000100)=@phonet, 0x80, 0x0}, 0x0)
syz_open_dev$sg(0x0, 0x800000, 0x94240)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
setrlimit(0xa, &(0x7f0000000180)={0x2, 0x400})
fadvise64(0xffffffffffffffff, 0xbd, 0x200, 0x1)
memfd_create(&(0x7f0000000080)=',\xea\x00', 0x4)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=@newsa={0x140, 0x10, 0x713, 0x0, 0xfeffffff, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x5e}, {@in6=@loopback, 0x4d4, 0x32}, @in=@dev, {}, {0x0, 0x200000000, 0x0, 0x100000}, {}, 0x1, 0x0, 0x2, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @extra_flags={0x8, 0x18, 0xcd}]}, 0x140}, 0x1, 0x0, 0x0, 0x20000011}, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x6)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x5, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000001080021850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x439, 0x70fd2c, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x3, 0x610c3}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @dev}, @IFLA_IPTUN_6RD_RELAY_PREFIXLEN={0x6, 0xe, 0xfe00}]}}}]}, 0x40}}, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r3, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={&(0x7f0000001140)={0x20, 0x0, 0x20, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x5, 0x70}}}}}, 0x20}, 0x1, 0x0, 0x0, 0xc001}, 0x4000000)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

7.89894447s ago: executing program 1 (id=3262):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = syz_open_dev$sg(0x0, 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0)=0x2001)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_ABSBIT(r5, 0x40045567, 0x0)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r6, &(0x7f0000000140)=@pppol2tpv3={0x18, 0x1, {0x3, r7, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r8, &(0x7f0000000380)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x2, @empty}, 0x2, 0x2, 0x0, 0xfffffffc}}, 0x2e)
ioctl$PPPIOCGMRU(r8, 0x80047453, &(0x7f0000000080))
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a3200000000140000001100"], 0x7c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$NFT_BATCH(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SYNPROXY_WSCALE={0x5, 0x2, 0x5}, @NFTA_SYNPROXY_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1d}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)
syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5883, 0x8, 0x0, 0xfffffdfc}, &(0x7f0000000040)=<r10=>0x0, &(0x7f0000000280)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})

7.149756076s ago: executing program 4 (id=3264):
socket$tipc(0x1e, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
get_mempolicy(0x0, 0x0, 0x203, &(0x7f0000394000/0x3000)=nil, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = fsopen(0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
fchdir(r1)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socket$unix(0x1, 0x5, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xc0}}, 0x0)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000440)=ANY=[@ANYBLOB="140100001f000100000000000000000005"], 0x114}], 0x1}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r4, 0x0, 0x0)
lseek(r4, 0xa, 0x4)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

6.404901422s ago: executing program 1 (id=3266):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setsig(0x4203, r0, 0x4, &(0x7f0000000040)={0x15, 0xa, 0x1e0000})

5.092674733s ago: executing program 8 (id=3192):
r0 = socket(0x2, 0x3, 0xff)
setsockopt$sock_int(r0, 0x1, 0x3, &(0x7f0000000000)=0x97b, 0x4)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffe}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000001440), 0x5ab0c2, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(r1, 0x541b, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
getpid()
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r5, 0xc0045627, &(0x7f00000000c0)=0x3)
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_VDPA_GET_STATUS(r6, 0x8001af71, &(0x7f00000002c0))
syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f00000007c0)='usrquota')
chdir(&(0x7f0000000100)='./file1\x00')
r7 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x766c618eb221465a)
quotactl_fd$Q_SETINFO(r7, 0xffffffff80000600, 0xee01, &(0x7f0000000040)={0x2000000001, 0xffffffffffffffee, 0x1, 0x4})

5.086028907s ago: executing program 4 (id=3275):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x8c, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x2, 0x0, 0x8, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x2]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)

5.085357044s ago: executing program 1 (id=3276):
r0 = socket(0x2, 0x3, 0xff)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg$unix(r0, &(0x7f0000004840)=[{{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f00000008c0)="166da1949ba0ee9ee511f385427169498f9565a1c4099287", 0x18}], 0x1}}], 0x1, 0x0)

3.93258931s ago: executing program 8 (id=3267):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
kcmp(0x0, 0x0, 0x1, 0xffffffffffffffff, 0xffffffffffffffff)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0x34000, 0x600, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r5, &(0x7f0000000600)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
setrlimit(0xd, &(0x7f0000000140)={0x2, 0x8})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r6, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c000200080001"], 0x3c}}, 0x40000)
connect$pppl2tp(r5, &(0x7f00000001c0)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x0, 0x1, 0x4, 0x1, {0xa, 0x4e22, 0x2, @private0={0xfc, 0x0, '\x00', 0x21}, 0x4}}}, 0x32)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYRESOCT=r1, @ANYRES32=0x0, @ANYBLOB="0000311b51130000140012800b00010062726964676500000400028008000a00", @ANYRES8=r3], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0xc0b4)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wpan0\x00'})

3.932329973s ago: executing program 1 (id=3268):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0001}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
lremovexattr(&(0x7f0000000140)='./file0/file0/file0\x00', &(0x7f0000000100)=@known='security.apparmor\x00')
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0x20000004)
mkdir(&(0x7f0000000300)='./bus\x00', 0x113)
mount(&(0x7f0000000000)=@nullb, &(0x7f0000000040)='./bus\x00', &(0x7f00000000c0)='ufs\x00', 0x21864a, 0x0)
r5 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, 0x0, 0x0)
fchown(r3, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000380))
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000040)={0x780, 0xa0, 0x0, 0x0, 0x0, 0x7, 0x20, 0x1000000, {0x3, 0x6fb4}, {}, {}, {0x0, 0x0, 0x400}, 0x0, 0x40, 0x0, 0x0, 0x1, 0x0, 0x0, 0xecfe, 0x0, 0x6, 0x0, 0x0, 0x1, 0x2, 0x3})
r6 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
timer_settime(r2, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f00000000c0)={0x4000001, 0x71, 0x200000009})
syz_init_net_socket$ax25(0x3, 0x2, 0x3)
pread64(r0, 0x0, 0x0, 0xce2)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)

3.931348164s ago: executing program 4 (id=3278):
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_WRITE_CLASS_OF_DEV={{0x4}, 0x1}}}, 0x7)
r0 = syz_open_dev$evdev(0x0, 0x8000000000000001, 0x600)
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
close_range(0xffffffffffffffff, r0, 0x2)

3.074031535s ago: executing program 4 (id=3269):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000080000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000100000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x18)
openat2(0xffffffffffffffff, 0x0, 0x0, 0x0)

2.419941281s ago: executing program 8 (id=3270):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = dup(r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=@newlink={0x4c, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MACADDR_MODE={0x8}, @IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4001}, 0x880)

2.252819782s ago: executing program 4 (id=3271):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS(r1, 0x4068aea3, &(0x7f0000000280)={0xdb, 0x0, 0x53})

2.095129659s ago: executing program 8 (id=3272):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x48, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'geneve0\x00'}]}]}]}], {0x14, 0x10}}, 0xd0}}, 0x0)

1.927292282s ago: executing program 4 (id=3273):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f00000003c0)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x6}, @hci_evt_le_ext_adv_set_term={{}, {0x0, 0x0, 0xc9, 0x8d}}}}, 0x9)

1.771894974s ago: executing program 8 (id=3274):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000004c0), &(0x7f00000006c0), 0x20005, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r0, &(0x7f00000001c0)='2X.', &(0x7f0000000240)=""/137}, 0x20)

1.457673055s ago: executing program 9 (id=3130):
syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000004c0)={r1, 0x0, 0x0}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x102)
ioctl$TCSETS(r2, 0x404c4701, &(0x7f0000000040)={0x1, 0xfffffffd, 0x1000001, 0x420000, 0xc, "3ecc7eed00000000160000000000000092c400"})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r3, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_fuse_handle_req(r3, &(0x7f0000002140)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c392a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bc1c2745f5f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff06ccfc4e19aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a", 0x2000, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x5, {0x8000003, 0x1, 0x0, 0x400000000000000, 0xfffffffd, 0x7, {0x1, 0x8, 0x0, 0x1, 0x0, 0x7f, 0xffffffff, 0x0, 0x4, 0xc000, 0x0, 0x0, 0x0, 0x95bd}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(0x0, r4)
sendmsg$NLBL_MGMT_C_LISTDEF(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000900)={0x14, r6, 0x1}, 0x14}}, 0x0)
write$FUSE_INIT(r3, &(0x7f0000000380)={0x50, 0x0, 0x0, {0x7, 0x27, 0xffff, 0x881011e, 0x4, 0x0, 0x0, 0x20000002}}, 0x50)
syz_fuse_handle_req(r3, 0x0, 0x0, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x90, 0x0, 0x0, {0x3, 0x8000000000000, 0x28dc, 0x0, 0x440000, 0x1, {0x3, 0xfffffffffffffffd, 0x0, 0x0, 0xfffffffffffffffc, 0x100, 0x0, 0xffffff7f, 0x4, 0x8000, 0x40000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})

195.300927ms ago: executing program 9 (id=3277):
syz_open_dev$vim2m(&(0x7f0000000140), 0x7fff, 0x2)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/stat\x00', 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

34.054671ms ago: executing program 1 (id=3279):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001100)=@newlink={0x3c, 0x10, 0x1, 0x70bd2d, 0x2, {0x0, 0x0, 0x0, 0x0, 0x10104, 0x1}, [@IFLA_IFNAME={0x14, 0x3, 'macvtap0\x00'}, @IFLA_TXQLEN={0x8, 0xd, 0x6c790d25}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000080}, 0x0)

0s ago: executing program 8 (id=3280):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x80, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008", 0x1d)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x8, 0x6, 0x0, 0x0, 0x16, 0x4, "fee8a2ab780e00001ea8ffffffff0000000000000004ddb49a000000000000000000f8ff000800000000000000000000000000001400", "2809e8dbe108598948f8ffd54a07c21d875397bdb22d0008b420a1819e01177d3d458dd4992861ac00000080ffffffffffffffff001700", "90be8bf4bd00000000000000000000000000001000"}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1)

kernel console output (not intermixed with test programs):

ing dummy_hcd
[ 1643.355456][T17771] cgroup: fork rejected by pids controller in /syz1
[ 1644.194783][ T5810] usb 6-1: Using ep0 maxpacket: 8
[ 1644.199257][T17584] team0: Port device team_slave_0 added
[ 1644.213280][T17584] team0: Port device team_slave_1 added
[ 1644.239425][ T5810] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1644.254552][ T5810] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1644.262854][ T5810] usb 6-1: Product: syz
[ 1644.267551][ T5810] usb 6-1: Manufacturer: syz
[ 1644.289328][ T5810] usb 6-1: SerialNumber: syz
[ 1644.345072][ T5810] usb 6-1: config 0 descriptor??
[ 1644.763707][T17584] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1644.772165][ T5810] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1644.791919][T17584] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1644.861535][T17584] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1644.876479][T17584] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1644.887343][T17584] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1644.915103][T17584] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1645.088564][T17584] hsr_slave_0: entered promiscuous mode
[ 1645.110588][T17584] hsr_slave_1: entered promiscuous mode
[ 1645.130762][T17584] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1645.146481][T17584] Cannot create hsr debugfs directory
[ 1646.765237][T18083] vxcan0: tx address claim with dest, not broadcast
[ 1646.779580][T18083] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[ 1648.032633][ T5810] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1648.081518][ T5810] usb 6-1: USB disconnect, device number 27
[ 1653.009154][T17584] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1653.417824][ T5900] libceph: connect (1)[c::]:6789 error -101
[ 1653.431634][ T5900] libceph: mon0 (1)[c::]:6789 connect error
[ 1653.433924][T17584] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1653.581398][T17584] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1653.621899][T17584] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1653.650773][T18120] ceph: No mds server is up or the cluster is laggy
[ 1656.280059][T17584] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1656.446191][T14093] Bluetooth: hci1: command 0x0406 tx timeout
[ 1656.505787][T17584] 8021q: adding VLAN 0 to HW filter on device team0
[ 1656.520235][ T6145] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1656.527629][ T6145] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1657.445952][ T5928] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1657.453296][ T5928] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1659.052951][T18159] bridge0: port 2(syz_tun) entered blocking state
[ 1659.060335][T18159] bridge0: port 2(syz_tun) entered disabled state
[ 1659.067409][T18159] syz_tun: entered allmulticast mode
[ 1659.077192][T18159] syz_tun: entered promiscuous mode
[ 1659.085555][T18159] bridge0: port 2(syz_tun) entered blocking state
[ 1659.094074][T18159] bridge0: port 2(syz_tun) entered forwarding state
[ 1660.342684][T17584] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1660.623051][T18176] x_tables: duplicate underflow at hook 2
[ 1661.078420][   T30] kauditd_printk_skb: 657 callbacks suppressed
[ 1661.078440][   T30] audit: type=1326 audit(2000000759.591:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18175 comm="syz.6.2756" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff81578e969 code=0x0
[ 1663.037186][T18197] 9pnet_fd: Insufficient options for proto=fd
[ 1664.290430][T17584] veth0_vlan: entered promiscuous mode
[ 1664.915922][T10963] bridge_slave_1: left promiscuous mode
[ 1664.928001][T10963] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1665.679230][T10963] bridge_slave_0: left promiscuous mode
[ 1665.731965][T10963] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1666.101392][T18224] Invalid source name
[ 1666.105660][T18224] UBIFS error (pid: 18224): cannot open "./file0", error -22
[ 1668.894659][   T30] audit: type=1800 audit(2000000766.485:1352): pid=18231 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.5.2765" name="bus" dev="overlay" ino=1017 res=0 errno=0
[ 1671.194473][T18245] rdma_op ffff88806aad99f0 conn xmit_rdma 0000000000000000
[ 1671.646464][T14093] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1671.668105][T14093] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1671.679282][T14093] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1671.688780][T14093] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1671.697268][T14093] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1673.222876][T10963] dvmrp1 (unregistering): left allmulticast mode
[ 1673.894783][T14093] Bluetooth: hci3: command tx timeout
[ 1674.015144][T18263] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2774'.
[ 1674.244653][T10963] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1674.286466][T10963] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1674.319073][T10963] bond0 (unregistering): Released all slaves
[ 1674.780467][ T5915] usb 2-1: new full-speed USB device number 29 using dummy_hcd
[ 1675.471074][ T5915] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1675.481033][ T5915] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1675.544866][ T5915] usb 2-1: Product: syz
[ 1675.549635][ T5915] usb 2-1: Manufacturer: syz
[ 1675.573240][ T5915] usb 2-1: SerialNumber: syz
[ 1675.584920][ T5915] usb 2-1: config 0 descriptor??
[ 1675.847450][ T5915] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1676.127403][T14093] Bluetooth: hci3: command tx timeout
[ 1677.264294][T10963] : left promiscuous mode
[ 1677.291564][T18252] lo speed is unknown, defaulting to 1000
[ 1677.614230][T10963] tipc: Left network mode
[ 1678.376662][T14093] Bluetooth: hci3: command tx timeout
[ 1678.416567][ T5915] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1678.479815][ T5915] usb 2-1: USB disconnect, device number 29
[ 1680.699368][T14093] Bluetooth: hci3: command tx timeout
[ 1682.970724][T18252] chnl_net:caif_netlink_parms(): no params data found
[ 1683.638293][T10963] hsr_slave_0: left promiscuous mode
[ 1683.965200][T10963] hsr_slave_1: left promiscuous mode
[ 1683.990086][T10963] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1684.042404][T10963] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1686.817670][T18340] hub 8-0:1.0: USB hub found
[ 1686.823131][T18340] hub 8-0:1.0: 1 port detected
[ 1689.382906][ T5889] IPVS: starting estimator thread 0...
[ 1689.512811][T18360] IPVS: using max 26 ests per chain, 62400 per kthread
[ 1690.074448][T18367] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1691.424358][T10963] team0 (unregistering): Port device team_slave_1 removed
[ 1691.923934][T10963] team0 (unregistering): Port device team_slave_0 removed
[ 1692.938059][   T30] audit: type=1326 audit(2000000789.374:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18383 comm="syz.2.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb85f78e969 code=0x7ffc0000
[ 1692.989340][   T30] audit: type=1326 audit(2000000789.374:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18383 comm="syz.2.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb85f78e969 code=0x7ffc0000
[ 1693.033337][   T30] audit: type=1326 audit(2000000789.383:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18383 comm="syz.2.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb85f78d2d0 code=0x7ffc0000
[ 1693.072429][   T30] audit: type=1326 audit(2000000789.383:1356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18383 comm="syz.2.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb85f78e56b code=0x7ffc0000
[ 1693.096397][   T30] audit: type=1326 audit(2000000789.383:1357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18383 comm="syz.2.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb85f78e56b code=0x7ffc0000
[ 1693.119476][   T30] audit: type=1326 audit(2000000789.383:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18383 comm="syz.2.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb85f78e56b code=0x7ffc0000
[ 1693.143022][   T30] audit: type=1326 audit(2000000789.383:1359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18383 comm="syz.2.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb85f78e56b code=0x7ffc0000
[ 1693.166972][   T30] audit: type=1326 audit(2000000789.495:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18383 comm="syz.2.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb85f78e56b code=0x7ffc0000
[ 1693.189260][ T5900] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[ 1693.207963][   T30] audit: type=1326 audit(2000000789.561:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18383 comm="syz.2.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb85f78e56b code=0x7ffc0000
[ 1693.237817][   T30] audit: type=1326 audit(2000000789.636:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18383 comm="syz.2.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb85f78e56b code=0x7ffc0000
[ 1693.350241][ T5900] usb 3-1: Using ep0 maxpacket: 32
[ 1693.363059][ T5900] usb 3-1: config 0 has an invalid interface number: 65 but max is 2
[ 1693.371734][ T5900] usb 3-1: config 0 has an invalid interface number: 73 but max is 2
[ 1693.379862][ T5900] usb 3-1: config 0 has an invalid interface number: 82 but max is 2
[ 1693.388379][ T5900] usb 3-1: config 0 has no interface number 0
[ 1693.394847][ T5900] usb 3-1: config 0 has no interface number 1
[ 1693.401079][ T5900] usb 3-1: config 0 has no interface number 2
[ 1693.407420][ T5900] usb 3-1: config 0 interface 65 has no altsetting 0
[ 1693.414212][ T5900] usb 3-1: config 0 interface 73 has no altsetting 0
[ 1693.421024][ T5900] usb 3-1: config 0 interface 82 has no altsetting 0
[ 1693.435673][ T5900] usb 3-1: New USB device found, idVendor=1b3d, idProduct=9316, bcdDevice=13.99
[ 1693.444935][ T5900] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1693.478946][ T5900] usb 3-1: Product: syz
[ 1693.483195][ T5900] usb 3-1: Manufacturer: syz
[ 1693.506909][ T5900] usb 3-1: SerialNumber: syz
[ 1693.517105][ T5900] usb 3-1: config 0 descriptor??
[ 1694.797421][T18399] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1695.317118][T18252] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1695.359555][T18252] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1695.412195][T18252] bridge_slave_0: entered allmulticast mode
[ 1695.446430][T18252] bridge_slave_0: entered promiscuous mode
[ 1695.516703][T18252] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1695.574147][T18252] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1695.671887][ T5900] ftdi_sio 3-1:0.65: FTDI USB Serial Device converter detected
[ 1695.681175][ T5900] ftdi_sio ttyUSB0: unknown device type: 0x1399
[ 1695.691212][ T5900] ftdi_sio 3-1:0.73: FTDI USB Serial Device converter detected
[ 1695.700333][ T5900] ftdi_sio ttyUSB1: unknown device type: 0x1399
[ 1695.711561][ T5900] ftdi_sio 3-1:0.82: FTDI USB Serial Device converter detected
[ 1695.720726][ T5900] ftdi_sio ttyUSB2: unknown device type: 0x1399
[ 1695.814490][T18252] bridge_slave_1: entered allmulticast mode
[ 1695.832656][T18252] bridge_slave_1: entered promiscuous mode
[ 1696.681305][T18398] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1696.692579][T18398] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1696.755050][ T5900] usb 3-1: USB disconnect, device number 31
[ 1696.768108][ T5900] ftdi_sio 3-1:0.65: device disconnected
[ 1696.777747][ T5900] ftdi_sio 3-1:0.73: device disconnected
[ 1697.189094][ T5900] ftdi_sio 3-1:0.82: device disconnected
[ 1697.993286][T18413] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2810'.
[ 1698.843589][T18252] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1698.862101][T10963] IPVS: stop unused estimator thread 0...
[ 1699.071949][T18252] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1702.273866][T18252] team0: Port device team_slave_0 added
[ 1702.336464][T18252] team0: Port device team_slave_1 added
[ 1702.698898][T18252] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1702.707904][T18252] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1702.747197][T18252] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1705.469873][T18252] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1705.539558][T18252] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1705.646309][T18252] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1706.705976][T18464] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1707.260002][T18252] hsr_slave_0: entered promiscuous mode
[ 1707.266823][T18252] hsr_slave_1: entered promiscuous mode
[ 1707.289159][T18252] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1707.565213][T18252] Cannot create hsr debugfs directory
[ 1709.484560][T18497] hfs: unable to load iocharset "io#harset"
[ 1715.751996][T18521] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2834'.
[ 1716.804900][T10963] bridge_slave_1: left allmulticast mode
[ 1716.820030][T10963] bridge_slave_1: left promiscuous mode
[ 1716.847884][ T5900] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[ 1716.855949][T10963] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1716.908728][T10963] bridge_slave_0: left allmulticast mode
[ 1716.932600][T10963] bridge_slave_0: left promiscuous mode
[ 1716.961712][T10963] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1717.107875][ T5900] usb 7-1: Using ep0 maxpacket: 16
[ 1717.156079][ T5900] usb 7-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[ 1717.356699][ T5900] usb 7-1: config 5 has 0 interfaces, different from the descriptor's value: 1
[ 1717.690383][ T5900] usb 7-1: New USB device found, idVendor=04cc, idProduct=2533, bcdDevice=fc.58
[ 1717.841327][ T5900] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1717.970932][ T5900] usb 7-1: Product: syz
[ 1717.999657][ T5900] usb 7-1: Manufacturer: syz
[ 1718.045155][ T5900] usb 7-1: SerialNumber: syz
[ 1718.421658][ T5900] usb 7-1: USB disconnect, device number 8
[ 1719.949040][T18565] Can't find a SQUASHFS superblock on nullb0
[ 1722.409937][T10963] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1722.445235][T10963] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1722.479167][T10963] bond0 (unregistering): Released all slaves
[ 1724.712083][T10963] hsr_slave_0: left promiscuous mode
[ 1725.103121][T10963] hsr_slave_1: left promiscuous mode
[ 1725.237323][T10963] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1725.291507][T10963] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1725.419062][T10963] veth0_vlan: left promiscuous mode
[ 1727.835710][ T5915] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[ 1728.146102][ T5915] hid-generic 0000:0000:0000.0022: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1728.864999][T18600] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1729.256339][T18606] fido_id[18606]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1731.154315][T10963] team0 (unregistering): Port device team_slave_1 removed
[ 1731.319951][T10963] team0 (unregistering): Port device team_slave_0 removed
[ 1731.833011][ T5900] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[ 1732.007569][ T5900] usb 6-1: Using ep0 maxpacket: 16
[ 1732.027542][ T5900] usb 6-1: New USB device found, idVendor=25c6, idProduct=9002, bcdDevice=62.ba
[ 1732.175214][ T5900] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1732.184526][ T5900] usb 6-1: Product: syz
[ 1732.196121][ T5900] usb 6-1: Manufacturer: syz
[ 1732.210599][ T5900] usb 6-1: SerialNumber: syz
[ 1732.229163][ T5900] usb 6-1: config 0 descriptor??
[ 1732.245183][T18632] loop6: detected capacity change from 0 to 63
[ 1732.270156][T18527] buffer_io_error: 41 callbacks suppressed
[ 1732.270174][T18527] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1732.299888][T18527] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1732.311243][T18632] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1732.328219][T18632] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1732.341801][T18632] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1732.359352][T18527] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1732.376319][T18632] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1732.421399][T18633] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1732.431990][T18527] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1732.441120][T18633] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1732.498973][T18632] Bluetooth: MGMT ver 1.23
[ 1732.504403][ T5900] snd-usb-hiface 6-1:0.0: probe with driver snd-usb-hiface failed with error -22
[ 1732.740654][ T5900] usb 6-1: USB disconnect, device number 28
[ 1733.660160][T18639] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[ 1736.074884][T18643] Bluetooth: hci0: command 0x0406 tx timeout
[ 1736.207858][T14093] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[ 1739.434120][T18643] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1739.448505][ T5810] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[ 1739.505396][T18643] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1739.520316][T18643] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1739.535271][T18643] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1739.551809][T18643] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1739.781997][ T5810] usb 3-1: Using ep0 maxpacket: 16
[ 1740.301478][ T5810] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1740.324451][ T5810] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1740.334853][ T5810] usb 3-1: New USB device found, idVendor=0c70, idProduct=f00a, bcdDevice= 0.00
[ 1740.344747][ T5810] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1740.424488][   T30] kauditd_printk_skb: 23 callbacks suppressed
[ 1740.424508][   T30] audit: type=1804 audit(2000000833.815:1386): pid=18686 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.5.2871" name="/newroot/215/file0" dev="tmpfs" ino=1155 res=1 errno=0
[ 1740.613404][ T5810] usb 3-1: config 0 descriptor??
[ 1740.657902][T18679] lo speed is unknown, defaulting to 1000
[ 1741.851469][T18694] netlink: 'syz.2.2869': attribute type 2 has an invalid length.
[ 1741.890814][T18643] Bluetooth: hci2: command tx timeout
[ 1744.051560][ T5810] usbhid 3-1:0.0: can't add hid device: -71
[ 1744.082972][ T5810] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1744.111241][T18643] Bluetooth: hci2: command tx timeout
[ 1744.279058][ T5810] usb 3-1: USB disconnect, device number 32
[ 1746.409125][T18643] Bluetooth: hci2: command tx timeout
[ 1747.209779][T18722] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1748.656488][T18643] Bluetooth: hci2: command tx timeout
[ 1749.851883][ T5974] bridge_slave_1: left allmulticast mode
[ 1749.879036][ T5974] bridge_slave_1: left promiscuous mode
[ 1749.941663][ T5974] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1750.151567][ T5974] bridge_slave_0: left allmulticast mode
[ 1750.183106][T18740] netlink: 'syz.6.2883': attribute type 1 has an invalid length.
[ 1750.192822][T18740] netlink: 216 bytes leftover after parsing attributes in process `syz.6.2883'.
[ 1750.202165][T18740] NCSI netlink: No device for ifindex 767
[ 1750.233937][ T5974] bridge_slave_0: left promiscuous mode
[ 1750.305215][ T5974] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1751.023368][ T5974] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1751.039842][ T5974] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1751.055273][ T5974] bond0 (unregistering): Released all slaves
[ 1751.889166][T18710] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1751.895484][T18710] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[ 1752.987823][T18710] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1752.994324][T18710] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 1753.402827][T18710] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1753.408809][T18710] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1754.166278][T18710] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1754.179180][T18710] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1754.744558][T18767] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1754.821965][T18679] chnl_net:caif_netlink_parms(): no params data found
[ 1754.931666][T18767] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1755.816953][ T5974] hsr_slave_0: left promiscuous mode
[ 1755.828145][ T5974] hsr_slave_1: left promiscuous mode
[ 1755.848402][ T5974] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1755.865785][ T5974] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1758.643994][T18789] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.2895'.
[ 1758.653906][T18789] netlink: zone id is out of range
[ 1758.659465][T18789] netlink: zone id is out of range
[ 1758.669641][T18789] netlink: zone id is out of range
[ 1758.674974][T18789] netlink: get zone limit has 8 unknown bytes
[ 1760.992476][ T5974] team0 (unregistering): Port device team_slave_1 removed
[ 1761.937273][ T5974] team0 (unregistering): Port device team_slave_0 removed
[ 1763.799884][T18767] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1763.901774][T18826] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[ 1763.964586][T18767] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1764.157795][T18679] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1764.193769][T18679] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1764.226451][T18679] bridge_slave_0: entered allmulticast mode
[ 1764.262276][T18679] bridge_slave_0: entered promiscuous mode
[ 1764.297439][T18679] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1764.338115][T18679] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1764.362268][T18679] bridge_slave_1: entered allmulticast mode
[ 1764.435236][T18679] bridge_slave_1: entered promiscuous mode
[ 1764.716292][T18811] IPv6: Can't replace route, no match found
[ 1765.469117][T18767] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1765.597896][T18767] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1765.891055][T18679] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1766.349044][T18846] vivid-004: disconnect
[ 1768.147332][T18839] vivid-004: reconnect
[ 1768.158745][   T30] audit: type=1326 audit(2000000859.753:1387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18839 comm="syz.2.2907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb85f78e969 code=0x7fc00000
[ 1768.186292][T18679] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1768.278725][T18767] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1768.754216][T18767] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1768.843394][T18679] team0: Port device team_slave_0 added
[ 1768.886487][T18679] team0: Port device team_slave_1 added
[ 1768.993896][T18679] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1769.025674][T18679] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1769.061261][T18679] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1769.074811][T18679] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1769.081830][T18679] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1769.109153][T18679] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1769.271561][T18679] hsr_slave_0: entered promiscuous mode
[ 1769.279573][T18679] hsr_slave_1: entered promiscuous mode
[ 1769.288456][T18679] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1769.300281][T18679] Cannot create hsr debugfs directory
[ 1769.713327][ T5915] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[ 1770.257358][T18871] netlink: 248 bytes leftover after parsing attributes in process `syz.1.2913'.
[ 1770.373229][ T5915] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1770.416572][ T5915] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1770.453609][ T5915] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1770.498560][ T5915] usb 7-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[ 1770.518690][ T5915] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1770.576670][ T5915] usb 7-1: config 0 descriptor??
[ 1771.228910][T10204] usb 7-1: USB disconnect, device number 9
[ 1771.944369][T18887] tipc: Started in network mode
[ 1771.951154][T18887] tipc: Node identity ac14140f, cluster identity 4711
[ 1771.958490][T18887] tipc: New replicast peer: 255.255.255.255
[ 1771.965047][T18887] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1773.090168][ T5900] tipc: Node number set to 2886997007
[ 1774.648940][T18902] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2920'.
[ 1775.925214][T18913] No source specified
[ 1777.930076][T18679] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1778.206460][T18679] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1779.458641][T18929] tty tty23: ldisc open failed (-12), clearing slot 22
[ 1779.681846][T18679] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1780.383320][T18937] Invalid source name
[ 1780.388392][T18937] UBIFS error (pid: 18937): cannot open "./file0", error -22
[ 1784.476319][T18679] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1784.870996][T18952] rdma_op ffff88805c9041f0 conn xmit_rdma 0000000000000000
[ 1785.702164][T18954] No source specified
[ 1786.339692][T18954] workqueue: Failed to create a rescuer kthread for wq "xfs-conv/nullb0": -EINTR
[ 1787.174962][T18963] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2934'.
[ 1787.968795][T18679] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1788.085062][T18679] 8021q: adding VLAN 0 to HW filter on device team0
[ 1788.408944][ T1104] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1788.416426][ T1104] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1789.526856][T18980] could not allocate digest TFM handle cbcmac-aes-neon
[ 1792.084405][ T1104] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1792.091700][ T1104] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1792.132267][T18679] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1792.142957][T18679] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1796.859441][T19004] program syz.5.2945 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1796.954641][T19023] RDS: rds_bind could not find a transport for fc02::, load rds_tcp or rds_rdma?
[ 1798.005764][T19036] Bluetooth: hci0: Opcode 0x0401 failed: -22
[ 1800.320717][T18643] Bluetooth: hci0: command tx timeout
[ 1803.904749][T19066] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.2956'.
[ 1803.914683][T19066] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[ 1803.923116][T19066] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[ 1807.421300][T19087] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1809.233985][T14093] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1809.248333][T14093] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1809.259312][T14093] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1809.267979][T14093] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1809.279092][T14093] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1809.298991][T18643] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1809.483045][T18643] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1809.500170][T18643] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1810.220164][T18643] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1810.438957][T18643] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1813.056812][T18643] Bluetooth: hci2: command tx timeout
[ 1813.748331][T19111] sg_write: data in/out 64380/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1813.748331][T19111]    program syz.5.2967 not setting count and/or reply_len properly
[ 1814.674045][T19088] lo speed is unknown, defaulting to 1000
[ 1815.361229][T18643] Bluetooth: hci2: command tx timeout
[ 1817.596132][T18643] Bluetooth: hci2: command tx timeout
[ 1819.852243][T14093] Bluetooth: hci2: command tx timeout
[ 1819.963915][ T6145] bridge_slave_1: left allmulticast mode
[ 1820.007710][ T6145] bridge_slave_1: left promiscuous mode
[ 1820.190437][ T6145] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1820.484470][ T6145] bridge_slave_0: left allmulticast mode
[ 1820.490471][ T6145] bridge_slave_0: left promiscuous mode
[ 1820.496784][ T6145] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1824.121209][ T6145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1824.154823][ T6145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1824.177325][ T6145] bond0 (unregistering): Released all slaves
[ 1826.012573][ T6145] hsr_slave_0: left promiscuous mode
[ 1826.019134][ T6145] hsr_slave_1: left promiscuous mode
[ 1826.029590][ T6145] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1826.045375][ T6145] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1828.064753][ T6145] team0 (unregistering): Port device team_slave_1 removed
[ 1828.156607][ T6145] team0 (unregistering): Port device team_slave_0 removed
[ 1832.246293][T19088] chnl_net:caif_netlink_parms(): no params data found
[ 1832.952801][T19088] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1833.806438][T19088] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1833.836349][T19088] bridge_slave_0: entered allmulticast mode
[ 1833.850907][T19088] bridge_slave_0: entered promiscuous mode
[ 1833.937398][T19088] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1833.983906][T19088] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1834.013665][T19088] bridge_slave_1: entered allmulticast mode
[ 1834.067233][T19088] bridge_slave_1: entered promiscuous mode
[ 1834.108478][T18643] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1834.169891][T18643] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1834.184446][T19088] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1834.209154][T18643] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1834.218649][T19088] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1834.242934][T18643] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1834.251085][T18643] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1834.276459][ T5915] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[ 1834.404134][T19088] team0: Port device team_slave_0 added
[ 1834.426990][T19088] team0: Port device team_slave_1 added
[ 1834.439653][T19197] lo speed is unknown, defaulting to 1000
[ 1834.455834][ T5915] usb 2-1: Using ep0 maxpacket: 32
[ 1834.591925][ T5915] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1834.623733][ T5915] usb 2-1: no configurations
[ 1834.638007][ T5915] usb 2-1: can't read configurations, error -22
[ 1834.649846][T19088] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1834.669847][T19088] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1834.744230][T19088] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1834.783984][T19088] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1834.818909][T19088] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1834.934188][T19088] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1836.064327][T19088] hsr_slave_0: entered promiscuous mode
[ 1836.083038][T19088] hsr_slave_1: entered promiscuous mode
[ 1836.089165][T19088] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1836.160760][T19088] Cannot create hsr debugfs directory
[ 1836.639971][T14093] Bluetooth: hci3: command tx timeout
[ 1837.622249][T18643] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1837.648531][T18643] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1837.661197][T18643] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1837.675362][T18643] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1837.733609][T18643] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1837.753796][T19210] overlayfs: missing 'lowerdir'
[ 1838.037992][T18643] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1838.051741][T18643] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1838.063589][T18643] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1838.078079][ T5832] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1838.232584][ T5832] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1838.504239][ T5915] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[ 1838.881316][T18643] Bluetooth: hci3: command tx timeout
[ 1838.905118][T19206] lo speed is unknown, defaulting to 1000
[ 1839.297344][ T5915] usb 2-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05
[ 1839.347147][ T5915] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1839.389213][ T5915] usb 2-1: Product: syz
[ 1839.393430][ T5915] usb 2-1: Manufacturer: syz
[ 1839.428391][ T5915] usb 2-1: SerialNumber: syz
[ 1839.449282][ T5915] usb 2-1: config 0 descriptor??
[ 1839.482344][ T5915] go7007 2-1:0.0: probe with driver go7007 failed with error -12
[ 1839.509489][T19212] lo speed is unknown, defaulting to 1000
[ 1839.521372][T19197] chnl_net:caif_netlink_parms(): no params data found
[ 1839.914220][T13120] usb 2-1: USB disconnect, device number 32
[ 1840.153971][T19216] Bluetooth: hci6: command tx timeout
[ 1840.297269][T19197] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1840.322189][T19197] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1840.344215][T19197] bridge_slave_0: entered allmulticast mode
[ 1840.367525][T19197] bridge_slave_0: entered promiscuous mode
[ 1840.509037][T19197] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1840.532809][T19197] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1840.544868][T19197] bridge_slave_1: entered allmulticast mode
[ 1840.569425][T19197] bridge_slave_1: entered promiscuous mode
[ 1841.359101][T19216] Bluetooth: hci7: command tx timeout
[ 1841.367267][T14093] Bluetooth: hci3: command tx timeout
[ 1841.411376][T19197] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1841.513556][T19197] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1841.849312][T19197] team0: Port device team_slave_0 added
[ 1842.472741][T14093] Bluetooth: hci6: command tx timeout
[ 1842.515143][T19197] team0: Port device team_slave_1 added
[ 1842.635783][T19206] chnl_net:caif_netlink_parms(): no params data found
[ 1842.761059][T19088] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1842.806730][T19088] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1842.884184][T19088] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1842.976542][T19197] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1843.052482][T19197] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1843.102810][T19197] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1843.236824][T19088] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1843.361175][T19197] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1843.387307][T19197] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1843.476467][T19197] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1843.574837][T14093] Bluetooth: hci3: command tx timeout
[ 1843.580639][T19216] Bluetooth: hci7: command tx timeout
[ 1843.929067][ T1104] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1844.018206][T19212] chnl_net:caif_netlink_parms(): no params data found
[ 1844.070008][T19206] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1844.082162][T19206] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1844.091020][T19206] bridge_slave_0: entered allmulticast mode
[ 1844.102697][T19206] bridge_slave_0: entered promiscuous mode
[ 1844.140129][ T1104] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1844.182204][T19197] hsr_slave_0: entered promiscuous mode
[ 1844.191237][T19197] hsr_slave_1: entered promiscuous mode
[ 1844.199799][T19197] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1844.211361][T19197] Cannot create hsr debugfs directory
[ 1844.219482][T19206] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1844.229496][T19206] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1844.236779][T19206] bridge_slave_1: entered allmulticast mode
[ 1844.252584][T19206] bridge_slave_1: entered promiscuous mode
[ 1844.414803][ T1104] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1844.524835][T19136] bridge0: port 2(syz_tun) entered disabled state
[ 1844.552000][T19136] syz_tun (unregistering): left allmulticast mode
[ 1844.561921][T19136] syz_tun (unregistering): left promiscuous mode
[ 1844.572879][T19136] bridge0: port 2(syz_tun) entered disabled state
[ 1844.640899][ T1104] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1844.668784][T19206] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1844.685788][T19206] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1844.695258][T14093] Bluetooth: hci6: command tx timeout
[ 1844.851238][T19206] team0: Port device team_slave_0 added
[ 1844.864209][T19206] team0: Port device team_slave_1 added
[ 1844.877696][T19212] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1844.886147][T19212] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1844.893993][T19212] bridge_slave_0: entered allmulticast mode
[ 1844.902719][T19212] bridge_slave_0: entered promiscuous mode
[ 1844.945602][T19212] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1844.953124][T19212] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1844.966409][T19212] bridge_slave_1: entered allmulticast mode
[ 1844.974010][T19212] bridge_slave_1: entered promiscuous mode
[ 1845.074089][T19212] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1845.242367][T19206] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1845.250728][T19206] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1845.277919][T19206] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1845.300460][T19206] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1845.308721][T19206] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1845.335920][T19206] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1845.362227][T19212] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1845.889650][T14093] Bluetooth: hci7: command tx timeout
[ 1845.955494][T19212] team0: Port device team_slave_0 added
[ 1846.068046][T19212] team0: Port device team_slave_1 added
[ 1846.926169][T14093] Bluetooth: hci6: command tx timeout
[ 1846.949569][T19206] hsr_slave_0: entered promiscuous mode
[ 1846.965138][T19206] hsr_slave_1: entered promiscuous mode
[ 1846.972083][T19206] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1846.984829][T19206] Cannot create hsr debugfs directory
[ 1847.022937][T19212] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1847.031417][T19212] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1847.058468][T19212] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1847.079081][ T1104] bridge_slave_1: left allmulticast mode
[ 1847.097206][ T1104] bridge_slave_1: left promiscuous mode
[ 1847.104059][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1847.114164][ T1104] bridge_slave_0: left allmulticast mode
[ 1847.119833][ T1104] bridge_slave_0: left promiscuous mode
[ 1847.126950][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1847.710369][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1847.727852][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1847.738222][ T1104] bond0 (unregistering): Released all slaves
[ 1847.755486][T19212] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1847.770086][T19212] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1847.805394][T19212] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1848.108436][T14093] Bluetooth: hci7: command tx timeout
[ 1848.188501][T19212] hsr_slave_0: entered promiscuous mode
[ 1848.216059][T19212] hsr_slave_1: entered promiscuous mode
[ 1848.222514][T19212] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1848.240847][T19212] Cannot create hsr debugfs directory
[ 1849.135745][T19088] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1850.484437][ T1104] hsr_slave_0: left promiscuous mode
[ 1850.626434][ T1104] hsr_slave_1: left promiscuous mode
[ 1850.633283][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1850.641036][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1850.656872][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1850.666097][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1850.889273][ T1104] veth1_macvtap: left promiscuous mode
[ 1850.894856][ T1104] veth0_macvtap: left promiscuous mode
[ 1853.347023][ T1104] team0 (unregistering): Port device team_slave_1 removed
[ 1853.425950][ T1104] team0 (unregistering): Port device team_slave_0 removed
[ 1854.492982][T19088] 8021q: adding VLAN 0 to HW filter on device team0
[ 1854.588446][T10113] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1854.595835][T10113] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1854.625400][T10113] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1854.632964][T10113] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1854.798089][T19197] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1855.059954][T19197] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1855.190869][T19197] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1855.399508][T19197] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1856.344318][ T1104] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1856.534612][ T1104] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1856.675910][T19206] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1856.767515][T19206] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1856.779776][T19206] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1857.245300][ T1104] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1857.270308][T19206] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1857.349146][ T1104] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1857.406844][T19088] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1857.632257][T19197] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1857.755469][T19197] 8021q: adding VLAN 0 to HW filter on device team0
[ 1858.401243][T19295] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3002'.
[ 1858.410396][T19295] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3002'.
[ 1858.478116][T10113] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1858.485355][T10113] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1858.585995][ T1104] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1858.665787][T16875] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1858.673225][T16875] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1858.838485][ T1104] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1858.880403][T19212] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1858.938516][T19088] veth0_vlan: entered promiscuous mode
[ 1858.954531][T19206] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1858.963968][T19212] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1858.995216][T19088] veth1_vlan: entered promiscuous mode
[ 1859.027979][T19212] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1859.126572][ T1104] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1859.503955][T19212] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1859.545205][T19206] 8021q: adding VLAN 0 to HW filter on device team0
[ 1859.596004][ T1104] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1859.691869][T16875] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1859.699191][T16875] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1859.714265][T19088] veth0_macvtap: entered promiscuous mode
[ 1859.818009][ T6145] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1859.825368][ T6145] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1859.910272][T19088] veth1_macvtap: entered promiscuous mode
[ 1860.077018][T19206] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1860.105719][T19206] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1860.664252][T19088] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1860.741045][T19088] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1860.784260][T19212] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1860.811000][T19088] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1860.832996][T19088] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1860.848776][T19088] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1860.861712][T19088] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1861.036710][ T1104] bridge_slave_1: left allmulticast mode
[ 1861.042412][ T1104] bridge_slave_1: left promiscuous mode
[ 1861.049415][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1861.077436][ T1104] bridge_slave_0: left allmulticast mode
[ 1861.083168][ T1104] bridge_slave_0: left promiscuous mode
[ 1861.089919][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1861.115300][ T1104] bridge_slave_0: left allmulticast mode
[ 1861.125109][ T1104] bridge_slave_0: left promiscuous mode
[ 1861.137627][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1862.276184][T19325] netlink: 'syz.1.3006': attribute type 21 has an invalid length.
[ 1863.338388][ T1104] bond2 (unregistering): (slave gretap1): Releasing active interface
[ 1863.495022][ T1104] team0: Port device geneve0 removed
[ 1864.118675][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1864.140245][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1864.180531][ T1104] bond0 (unregistering): Released all slaves
[ 1864.470741][T19216] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1864.482283][T19216] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1864.492509][T19216] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1864.505050][T19216] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1864.519105][T19216] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1864.580703][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1864.599424][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1864.610848][ T1104] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[ 1864.623316][ T1104] bond0 (unregistering): Released all slaves
[ 1864.639602][ T1104] bond1 (unregistering): Released all slaves
[ 1864.655294][ T1104] bond2 (unregistering): Released all slaves
[ 1864.695605][T19325] netlink: 'syz.1.3006': attribute type 6 has an invalid length.
[ 1864.725637][T19325] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3006'.
[ 1864.975630][T19328] lo speed is unknown, defaulting to 1000
[ 1865.072619][T19206] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1865.187837][T19197] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1865.589285][T19212] 8021q: adding VLAN 0 to HW filter on device team0
[ 1865.662302][ T6145] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1865.669532][ T6145] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1865.742822][ T6145] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1865.750200][ T6145] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1866.754172][T19216] Bluetooth: hci0: command tx timeout
[ 1867.798655][ T1104] : left promiscuous mode
[ 1868.523920][ T1104] tipc: Left network mode
[ 1868.557655][T19206] veth0_vlan: entered promiscuous mode
[ 1868.578680][ T1104] tipc: Left network mode
[ 1868.891459][    C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1868.977064][T19216] Bluetooth: hci0: command tx timeout
[ 1869.444781][T19206] veth1_vlan: entered promiscuous mode
[ 1869.793263][T19356] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3010'.
[ 1869.825051][T19197] veth0_vlan: entered promiscuous mode
[ 1869.857500][T19197] veth1_vlan: entered promiscuous mode
[ 1871.199234][T19216] Bluetooth: hci0: command tx timeout
[ 1871.215200][T19212] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1871.241282][T19328] chnl_net:caif_netlink_parms(): no params data found
[ 1871.304828][T19197] veth0_macvtap: entered promiscuous mode
[ 1871.326815][T19197] veth1_macvtap: entered promiscuous mode
[ 1871.374954][T19197] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1871.399082][T19197] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1871.420309][T19197] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1871.436516][T19197] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1871.451952][T19197] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1871.480431][T19197] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1871.953838][T19206] veth0_macvtap: entered promiscuous mode
[ 1872.025388][T19206] veth1_macvtap: entered promiscuous mode
[ 1872.191736][T19212] veth0_vlan: entered promiscuous mode
[ 1872.222126][T19212] veth1_vlan: entered promiscuous mode
[ 1872.655661][T19328] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1872.693779][T19328] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1872.729028][T19328] bridge_slave_0: entered allmulticast mode
[ 1872.801439][T19328] bridge_slave_0: entered promiscuous mode
[ 1873.539707][T19216] Bluetooth: hci0: command tx timeout
[ 1874.491918][T19328] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1874.513356][T19328] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1874.520781][T19328] bridge_slave_1: entered allmulticast mode
[ 1874.555804][T19328] bridge_slave_1: entered promiscuous mode
[ 1874.604251][T19328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1874.617131][T19328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1874.777917][ T6145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1874.809362][ T6145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1874.851323][T19206] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1874.859635][T19212] veth0_macvtap: entered promiscuous mode
[ 1874.935415][T19328] team0: Port device team_slave_0 added
[ 1875.052115][T19328] team0: Port device team_slave_1 added
[ 1875.627787][T16875] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1875.639846][T19212] veth1_macvtap: entered promiscuous mode
[ 1875.668906][T16875] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1875.788694][T19206] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1875.815109][T19328] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1875.834723][T19328] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1875.861454][T19328] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1875.890440][T19328] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1875.898830][T19328] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1875.925048][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1875.950138][T19328] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1876.867412][T19206] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1876.876764][T19206] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1876.885824][T19206] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1876.923037][T19206] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1877.159452][T19212] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1879.110502][ T1104] hsr_slave_0: left promiscuous mode
[ 1879.131748][ T1104] hsr_slave_1: left promiscuous mode
[ 1879.139559][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1879.162807][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1879.339742][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1879.366916][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1879.388007][ T1104] hsr_slave_0: left promiscuous mode
[ 1879.400558][ T1104] hsr_slave_1: left promiscuous mode
[ 1879.413951][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1879.423019][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1879.448183][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1879.456982][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1879.465532][T19400] sd 0:0:1:0: device reset
[ 1879.664992][ T1104] batman_adv: batadv0: Removing interface: macvtap0
[ 1880.562893][ T1104] veth1_macvtap: left promiscuous mode
[ 1880.592578][ T1104] veth0_macvtap: left promiscuous mode
[ 1880.635335][ T1104] veth1_vlan: left promiscuous mode
[ 1880.676861][ T1104] veth0_vlan: left promiscuous mode
[ 1880.849030][ T1104] batadv_slave_0: left allmulticast mode
[ 1880.882070][ T1104] batadv_slave_0: left promiscuous mode
[ 1880.914520][ T1104] veth1_macvtap: left promiscuous mode
[ 1880.925739][ T1104] veth1_vlan: left promiscuous mode
[ 1880.949485][ T1104] veth0_vlan: left promiscuous mode
[ 1882.616783][ T5810] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[ 1882.721592][T19414] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1882.851992][ T5810] usb 5-1: Using ep0 maxpacket: 16
[ 1882.869436][ T5810] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1882.892638][ T5810] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 11
[ 1882.914667][ T5810] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[ 1882.935372][ T5810] usb 5-1: config 1 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1883.159792][ T5810] usb 5-1: config 1 interface 0 has no altsetting 0
[ 1883.172903][ T5810] usb 5-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[ 1883.199233][ T5810] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1883.245160][ T5810] ums-sddr09 5-1:1.0: USB Mass Storage device detected
[ 1883.391897][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1884.491992][ T1104] team0 (unregistering): Port device team_slave_1 removed
[ 1884.575473][ T1104] team0 (unregistering): Port device team_slave_0 removed
[ 1885.631553][T11579] usb 5-1: USB disconnect, device number 11
[ 1886.082938][T10963] Bluetooth: hci1: Frame reassembly failed (-90)
[ 1887.120719][ T1104] team0 (unregistering): Port device team_slave_1 removed
[ 1887.187745][ T1104] team0 (unregistering): Port device team_slave_0 removed
[ 1887.999484][T16875] smc: removing ib device s
z1
[ 1888.106479][ T5915] lo speed is unknown, defaulting to 1000
[ 1888.112602][T19433] tipc: Started in network mode
[ 1888.117517][T19433] tipc: Node identity ac14140f, cluster identity 4711
[ 1888.125578][ T5915] s
z1: Port: 1 Link DOWN
[ 1888.134426][T19433] tipc: New replicast peer: 255.255.255.255
[ 1888.141212][T19433] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1888.148388][T19434] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3025'.
[ 1888.162039][T19434] tipc: Disabling bearer <udp:syz2>
[ 1888.178733][T19212] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1888.218970][T19216] Bluetooth: hci1: Entering manufacturer mode failed (-110)
[ 1888.262845][T19328] hsr_slave_0: entered promiscuous mode
[ 1888.285195][T19328] hsr_slave_1: entered promiscuous mode
[ 1888.382779][T19212] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1888.598131][T19212] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1888.631515][T19212] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1890.147252][T19212] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1891.002577][T19451] syz.1.3028: attempt to access beyond end of device
[ 1891.002577][T19451] nbd1: rw=0, sector=6, nr_sectors = 2 limit=0
[ 1891.016027][T19451] ADFS-fs (nbd1): error: unable to read block 3, try 0
[ 1892.328829][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1892.374379][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1893.134985][T10113] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1893.165847][T10113] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1893.214282][T19456] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1893.461176][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1893.494822][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1893.717596][T19328] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1894.572233][T19471] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1895.355181][T19470] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1895.673190][T19328] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1897.153864][ T5974] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1897.161891][ T5974] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1897.418548][T19328] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1897.712443][ T5889] usb 2-1: new full-speed USB device number 33 using dummy_hcd
[ 1898.286304][ T5889] usb 2-1: config index 0 descriptor too short (expected 12336, got 27)
[ 1898.297159][ T5889] usb 2-1: config 48 has too many interfaces: 48, using maximum allowed: 32
[ 1898.455936][ T5889] usb 2-1: config 48 has an invalid descriptor of length 57, skipping remainder of the config
[ 1898.984089][ T5889] usb 2-1: config 48 has 0 interfaces, different from the descriptor's value: 48
[ 1899.273900][ T5889] usb 2-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60
[ 1899.398685][ T5889] usb 2-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3
[ 1899.484833][ T5889] usb 2-1: Product: syz
[ 1899.521496][ T5889] usb 2-1: Manufacturer: syz
[ 1899.565763][ T5889] usb 2-1: SerialNumber: syz
[ 1899.724671][T19328] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1901.888647][ T5889] usb 2-1: can't set config #48, error -71
[ 1902.063309][ T5889] usb 2-1: USB disconnect, device number 33
[ 1902.491801][T19513] vivid-000: disconnect
[ 1903.180917][T19507] vivid-000: reconnect
[ 1903.440033][T19515] binder: 19508:19515 ioctl c0306201 0 returned -14
[ 1903.448486][T19515] binder: 19508:19515 ioctl c0306201 0 returned -14
[ 1905.044616][T19328] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1905.309927][T19328] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1905.731532][T19328] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1905.846637][T19529] netlink: 'syz.1.3046': attribute type 5 has an invalid length.
[ 1905.884361][   T30] audit: type=1326 audit(2000000988.539:1388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19522 comm="syz.4.3045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 1906.015013][T19328] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1906.072026][   T30] audit: type=1326 audit(2000000988.539:1389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19522 comm="syz.4.3045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 1907.076751][   T30] audit: type=1326 audit(2000000988.623:1390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19522 comm="syz.4.3045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 1907.142705][   T30] audit: type=1326 audit(2000000988.623:1391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19522 comm="syz.4.3045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 1907.238443][   T30] audit: type=1326 audit(2000000988.633:1392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19522 comm="syz.4.3045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 1907.246855][ T1104] IPVS: stop unused estimator thread 0...
[ 1907.260895][   T30] audit: type=1326 audit(2000000988.642:1393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19522 comm="syz.4.3045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 1907.403672][   T30] audit: type=1326 audit(2000000988.642:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19522 comm="syz.4.3045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 1907.439174][   T30] audit: type=1326 audit(2000000988.680:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19522 comm="syz.4.3045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 1908.405564][   T30] audit: type=1326 audit(2000000988.689:1396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19522 comm="syz.4.3045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 1908.442849][   T30] audit: type=1326 audit(2000000988.689:1397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19522 comm="syz.4.3045" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 1908.872897][T19539] syz.1.3049 (19539) used greatest stack depth: 16728 bytes left
[ 1910.482123][ T1104] bridge_slave_1: left allmulticast mode
[ 1910.623765][ T1104] bridge_slave_1: left promiscuous mode
[ 1910.658349][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1910.738400][ T1104] bridge_slave_0: left allmulticast mode
[ 1910.757635][T19549] netlink: 'syz.3.3051': attribute type 24 has an invalid length.
[ 1911.565577][ T1104] bridge_slave_0: left promiscuous mode
[ 1911.572062][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1917.479135][T10204] usb 4-1: new full-speed USB device number 10 using dummy_hcd
[ 1918.586111][T10204] usb 4-1: device descriptor read/all, error -71
[ 1919.382502][T19597] misc userio: Invalid payload size
[ 1919.388847][T19597] misc userio: No port type given on /dev/userio
[ 1919.397255][T19597] misc userio: Invalid payload size
[ 1919.452366][T19602] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3061'.
[ 1921.133684][   T30] kauditd_printk_skb: 12 callbacks suppressed
[ 1921.133703][   T30] audit: type=1804 audit(2000001002.842:1410): pid=19610 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.3065" name="/newroot/9/bus/file0" dev="overlay" ino=71 res=1 errno=0
[ 1921.203125][   T30] audit: type=1804 audit(2000001002.879:1411): pid=19610 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.3065" name="/newroot/9/bus/file0" dev="overlay" ino=71 res=1 errno=0
[ 1921.258129][   T30] audit: type=1804 audit(2000001002.898:1412): pid=19610 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.0.3065" name="/newroot/9/bus/file0" dev="overlay" ino=71 res=1 errno=0
[ 1922.600784][T19622] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3067'.
[ 1922.726743][T19623] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3067'.
[ 1922.735984][T19623] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3067'.
[ 1925.103995][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1925.342962][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1925.384102][ T1104] bond0 (unregistering): Released all slaves
[ 1925.576291][T19328] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1925.666089][T19328] 8021q: adding VLAN 0 to HW filter on device team0
[ 1925.871879][T10963] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1925.879214][T10963] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1928.510640][T19644] Cannot find set identified by id 0 to match
[ 1928.526983][ T1104] hsr_slave_0: left promiscuous mode
[ 1928.554485][ T1104] hsr_slave_1: left promiscuous mode
[ 1928.565607][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1928.573803][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1928.594695][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1928.607560][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1928.656538][ T1104] veth1_macvtap: left promiscuous mode
[ 1928.662568][ T1104] veth0_macvtap: left promiscuous mode
[ 1928.668341][ T1104] veth1_vlan: left promiscuous mode
[ 1928.674461][ T1104] veth0_vlan: left promiscuous mode
[ 1929.483446][T19658] netlink: 10 bytes leftover after parsing attributes in process `syz.0.3076'.
[ 1929.710317][T14093] Bluetooth: hci0: command 0x0405 tx timeout
[ 1930.977498][T19654] netlink: 256 bytes leftover after parsing attributes in process `syz.4.3075'.
[ 1931.319327][ T1104] team0 (unregistering): Port device team_slave_1 removed
[ 1931.412135][ T1104] team0 (unregistering): Port device team_slave_0 removed
[ 1931.609798][T14093] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1931.989463][T18643] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1932.014792][T18643] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1932.044044][T18643] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1932.063944][T18643] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1932.726482][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1932.733781][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1934.734864][T18643] Bluetooth: hci1: command tx timeout
[ 1937.000426][T18643] Bluetooth: hci1: command tx timeout
[ 1938.924907][T19700] Falling back ldisc for ptm0.
[ 1939.642763][T18643] Bluetooth: hci1: command tx timeout
[ 1940.109148][T19691] bridge0: port 3(batadv1) entered blocking state
[ 1940.533636][T19691] bridge0: port 3(batadv1) entered disabled state
[ 1940.873367][T19691] batadv1: entered allmulticast mode
[ 1941.555424][T19691] batadv1: entered promiscuous mode
[ 1941.565615][T19712] x_tables: duplicate underflow at hook 2
[ 1941.865704][T18643] Bluetooth: hci1: command tx timeout
[ 1942.578813][ T6145] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[ 1942.588784][ T6145] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[ 1942.601794][T19666] chnl_net:caif_netlink_parms(): no params data found
[ 1944.989852][T19734] cgroup: fork rejected by pids controller in /syz0
[ 1947.172646][T19730] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3092'.
[ 1951.453543][T20999] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.3096'.
[ 1951.485768][T20998] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.3096'.
[ 1952.957341][T21014] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1952.966345][T21014] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1953.010271][T21014] kAFS: Can only specify source 'none' with -o dyn
[ 1953.026651][T19666] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1953.121308][T21016] Process accounting resumed
[ 1953.228108][T19666] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1953.235474][T19666] bridge_slave_0: entered allmulticast mode
[ 1953.258535][T19666] bridge_slave_0: entered promiscuous mode
[ 1953.728294][T19666] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1953.737623][T19666] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1953.746935][T19666] bridge_slave_1: entered allmulticast mode
[ 1953.757223][T21019] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1953.758895][T19666] bridge_slave_1: entered promiscuous mode
[ 1955.965968][T19666] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1956.004153][T19666] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1957.243949][T19666] team0: Port device team_slave_0 added
[ 1957.913796][T19666] team0: Port device team_slave_1 added
[ 1958.753851][T21056] sctp: [Deprecated]: syz.0.3110 (pid 21056) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1958.753851][T21056] Use struct sctp_sack_info instead
[ 1958.968274][T21059] netlink: 'syz.1.3108': attribute type 4 has an invalid length.
[ 1960.790014][T19666] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1960.821376][T19666] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1961.930443][T19666] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1962.344575][T19666] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1962.366171][T19666] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1962.409845][T19666] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1962.832187][ T1104] bridge_slave_1: left allmulticast mode
[ 1962.856721][ T1104] bridge_slave_1: left promiscuous mode
[ 1962.896411][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1962.961087][ T1104] bridge_slave_0: left allmulticast mode
[ 1963.014538][ T1104] bridge_slave_0: left promiscuous mode
[ 1963.072285][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1963.550312][T21081] fuse: Bad value for 'fd'
[ 1963.840022][T21085] netlink: 84 bytes leftover after parsing attributes in process `syz.4.3117'.
[ 1972.727921][ T5832] Bluetooth: hci3: command 0x0406 tx timeout
[ 1973.756271][ T5832] Bluetooth: hci7: command 0x0406 tx timeout
[ 1973.763606][ T5832] Bluetooth: hci6: command 0x0406 tx timeout
[ 1974.504434][T21121] sctp: [Deprecated]: syz.4.3124 (pid 21121) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1974.504434][T21121] Use struct sctp_sack_info instead
[ 1974.522425][T21121] sctp: [Deprecated]: syz.4.3124 (pid 21121) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1974.522425][T21121] Use struct sctp_sack_info instead
[ 1976.666303][ T5889] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[ 1976.952204][ T9991] usb 4-1: new full-speed USB device number 12 using dummy_hcd
[ 1977.025427][ T5889] usb 2-1: Using ep0 maxpacket: 8
[ 1977.586405][ T9991] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[ 1977.615723][ T9991] usb 4-1: config 0 has an invalid descriptor of length 27, skipping remainder of the config
[ 1977.641954][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1977.656364][ T9991] usb 4-1: config 0 has no interface number 0
[ 1977.681878][ T9991] usb 4-1: config 0 interface 55 altsetting 135 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1977.721004][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1977.738495][ T9991] usb 4-1: config 0 interface 55 has no altsetting 0
[ 1977.760665][ T9991] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1977.788271][ T1104] bond0 (unregistering): Released all slaves
[ 1977.812951][ T9991] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1977.844686][ T9991] usb 4-1: config 0 descriptor??
[ 1977.868645][T19666] hsr_slave_0: entered promiscuous mode
[ 1977.916206][T19666] hsr_slave_1: entered promiscuous mode
[ 1977.939849][T19666] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1977.977406][T19666] Cannot create hsr debugfs directory
[ 1978.334638][ T1104] hsr_slave_0: left promiscuous mode
[ 1978.396840][ T1104] hsr_slave_1: left promiscuous mode
[ 1978.433485][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1978.478220][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1978.515791][T21153] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(15)
[ 1978.522500][T21153] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1978.610979][T21153] vhci_hcd vhci_hcd.0: Device attached
[ 1978.689248][T21156] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(18)
[ 1978.695930][T21156] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1978.721145][T21156] vhci_hcd vhci_hcd.0: Device attached
[ 1978.755338][T21153] vhci_hcd vhci_hcd.0: pdev(0) rhport(2) sockfd(17)
[ 1978.762037][T21153] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1978.775946][T21153] vhci_hcd vhci_hcd.0: Device attached
[ 1979.320348][ T9991] usb 4-1: string descriptor 0 read error: -71
[ 1979.379413][T10205] usb 33-1: new low-speed USB device number 2 using vhci_hcd
[ 1979.440174][T21153] vhci_hcd vhci_hcd.0: pdev(0) rhport(3) sockfd(21)
[ 1979.446858][T21153] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1979.482804][ T9991] ldusb 4-1:0.55: Interrupt in endpoint not found
[ 1979.498244][T21153] vhci_hcd vhci_hcd.0: Device attached
[ 1979.505862][ T9991] usb 4-1: USB disconnect, device number 12
[ 1979.591618][T21153] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(23)
[ 1979.598320][T21153] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1979.669581][T21153] vhci_hcd vhci_hcd.0: Device attached
[ 1979.685179][T21170] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1979.709820][T21156] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1979.747378][T21153] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1979.917782][T21160] vhci_hcd: connection closed
[ 1979.944069][T21157] vhci_hcd: connection closed
[ 1979.966335][T21163] vhci_hcd: connection closed
[ 1979.972987][T21166] vhci_hcd: connection closed
[ 1979.978039][T21154] vhci_hcd: connection reset by peer
[ 1980.014086][   T12] vhci_hcd: stop threads
[ 1980.018421][   T12] vhci_hcd: release socket
[ 1980.037275][   T12] vhci_hcd: disconnect device
[ 1980.058230][   T12] vhci_hcd: stop threads
[ 1980.533622][   T12] vhci_hcd: release socket
[ 1980.594929][   T12] vhci_hcd: disconnect device
[ 1980.627745][   T12] vhci_hcd: stop threads
[ 1980.639214][   T12] vhci_hcd: release socket
[ 1980.649548][   T12] vhci_hcd: disconnect device
[ 1980.662596][   T12] vhci_hcd: stop threads
[ 1980.692318][   T12] vhci_hcd: release socket
[ 1980.703032][   T12] vhci_hcd: disconnect device
[ 1980.715266][   T12] vhci_hcd: stop threads
[ 1980.725104][   T12] vhci_hcd: release socket
[ 1980.735010][   T12] vhci_hcd: disconnect device
[ 1980.982923][ T1104] team0 (unregistering): Port device team_slave_1 removed
[ 1981.061923][ T1104] team0 (unregistering): Port device team_slave_0 removed
[ 1981.104814][T18643] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1981.123348][T18643] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1981.133777][T18643] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1981.142701][T18643] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1981.150795][T18643] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1982.700636][T21183] netlink: 'syz.0.3133': attribute type 4 has an invalid length.
[ 1982.701269][ T5889] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1982.711007][T21183] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.3133'.
[ 1982.739449][ T5889] usb 2-1: unable to read config index 0 descriptor/start: -32
[ 1982.747739][ T5889] usb 2-1: chopping to 0 config(s)
[ 1982.752876][ T5889] usb 2-1: can't read configurations, error -32
[ 1983.696608][T19216] Bluetooth: hci0: command tx timeout
[ 1984.168640][T21190] kvm: pic: non byte write
[ 1984.760290][T21201] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.3137'.
[ 1984.777969][T21201] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3137'.
[ 1984.883253][T10205] vhci_hcd: vhci_device speed not set
[ 1986.000474][T19216] Bluetooth: hci0: command tx timeout
[ 1987.631059][T10204] usb usb34-port1: attempt power cycle
[ 1988.224221][T19216] Bluetooth: hci0: command tx timeout
[ 1988.827949][T10204] usb usb34-port1: unable to enumerate USB device
[ 1989.062051][T21222] vivid-000: disconnect
[ 1989.659683][T21211] vivid-000: reconnect
[ 1990.322671][T21228] hub 8-0:1.0: USB hub found
[ 1990.327930][T21228] hub 8-0:1.0: 1 port detected
[ 1990.421096][T19216] Bluetooth: hci0: command tx timeout
[ 1990.453918][T21219] ntfs3(nullb0): Primary boot signature is not NTFS.
[ 1990.472630][ T1104] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1990.493720][T21219] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[ 1990.636098][T21178] chnl_net:caif_netlink_parms(): no params data found
[ 1991.214647][T21231] random: crng reseeded on system resumption
[ 1991.805662][T19489] IPVS: starting estimator thread 0...
[ 1991.893218][T21240] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[ 1991.905811][T21240] qnx6: wrong signature (magic) in superblock #1.
[ 1991.907772][ T1104] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1991.924520][T21240] qnx6: unable to read the first superblock
[ 1992.026981][T21246] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3146'.
[ 1992.191922][T21245] IPVS: using max 26 ests per chain, 62400 per kthread
[ 1993.371539][T21250] syz.4.3147 (21250): /proc/21248/oom_adj is deprecated, please use /proc/21248/oom_score_adj instead.
[ 1994.241499][ T1104] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1994.742451][T21178] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1994.749945][T21178] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1994.762581][T21178] bridge_slave_0: entered allmulticast mode
[ 1994.770374][T21178] bridge_slave_0: entered promiscuous mode
[ 1994.819886][ T1104] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1994.855748][T21178] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1994.868386][T21178] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1994.875885][T21178] bridge_slave_1: entered allmulticast mode
[ 1994.885707][T21178] bridge_slave_1: entered promiscuous mode
[ 1994.956869][T21178] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1994.998527][T21178] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1995.447654][T21178] team0: Port device team_slave_0 added
[ 1995.473797][T21178] team0: Port device team_slave_1 added
[ 1996.175605][T21263] loop6: detected capacity change from 0 to 524287999
[ 1996.367184][T21269] CIFS: Unable to determine destination address
[ 1997.061825][T21263] Dev loop6: unable to read RDB block 8
[ 1997.073192][T21263]  loop6: unable to read partition table
[ 1997.085630][T21263] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[ 1999.577755][T21178] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1999.613086][T21178] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1999.710820][T21178] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1999.792009][T21178] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1999.824996][T21178] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1999.968235][T21178] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2001.073126][T18643] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2001.086895][T18643] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2001.097521][T18643] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2001.110518][T18643] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2001.122574][T18643] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2001.758565][T21284] netlink: 'syz.0.3154': attribute type 1 has an invalid length.
[ 2001.766559][T21284] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3154'.
[ 2003.302124][T21178] hsr_slave_0: entered promiscuous mode
[ 2003.341498][T18643] Bluetooth: hci2: command tx timeout
[ 2003.360163][T21178] hsr_slave_1: entered promiscuous mode
[ 2003.499095][ T1104] batadv1: left allmulticast mode
[ 2003.504214][ T1104] batadv1: left promiscuous mode
[ 2004.074706][T18643] Bluetooth: hci6: unexpected event for opcode 0x0c6d
[ 2004.087328][T21300] netlink: 512 bytes leftover after parsing attributes in process `syz.1.3158'.
[ 2004.087762][ T1104] bridge0: port 3(batadv1) entered disabled state
[ 2005.024258][ T1104] bridge_slave_1: left allmulticast mode
[ 2005.030003][ T1104] bridge_slave_1: left promiscuous mode
[ 2005.056348][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2005.080922][ T1104] bridge_slave_0: left allmulticast mode
[ 2005.086653][ T1104] bridge_slave_0: left promiscuous mode
[ 2005.098970][T21299] (syz.0.3156,21299,0):ocfs2_fill_super:989 ERROR: superblock probe failed!
[ 2005.108596][T21299] (syz.0.3156,21299,0):ocfs2_fill_super:1177 ERROR: status = -22
[ 2005.255371][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2006.147300][T18643] Bluetooth: hci2: command tx timeout
[ 2008.823514][T19216] Bluetooth: hci2: command tx timeout
[ 2011.302863][T19216] Bluetooth: hci2: command tx timeout
[ 2011.546771][T21337] vcan0: tx drop: invalid da for name 0x0000000000000002
[ 2012.591964][T21341] No control pipe specified
[ 2012.667116][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2012.689776][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2012.712245][ T1104] bond0 (unregistering): Released all slaves
[ 2020.189118][T21380] use of bytesused == 0 is deprecated and will be removed in the future,
[ 2020.198557][T21380] use the actual size instead.
[ 2021.145504][ T1104] hsr_slave_0: left promiscuous mode
[ 2021.177083][ T1104] hsr_slave_1: left promiscuous mode
[ 2021.217573][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2021.233472][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2021.292504][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2021.300492][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2021.735686][T18643] Bluetooth: hci2: command 0x0405 tx timeout
[ 2022.267284][ T1104] veth1_macvtap: left promiscuous mode
[ 2022.283700][ T1104] veth0_macvtap: left promiscuous mode
[ 2022.297810][ T1104] veth1_vlan: left promiscuous mode
[ 2022.305503][ T1104] veth0_vlan: left promiscuous mode
[ 2022.657660][T21391] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3176'.
[ 2023.741560][T21394] netlink: 256 bytes leftover after parsing attributes in process `syz.1.3177'.
[ 2025.195608][T21396] 9pnet_virtio: no channels available for device syz
[ 2026.460474][T21407] xt_connbytes: Forcing CT accounting to be enabled
[ 2026.467807][T21407] Cannot find set identified by id 0 to match
[ 2029.517980][ T1104] team0 (unregistering): Port device team_slave_1 removed
[ 2029.614844][ T1104] team0 (unregistering): Port device team_slave_0 removed
[ 2029.928338][T21424] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3184'.
[ 2032.865125][T21438] x_tables: duplicate underflow at hook 1
[ 2036.848229][T18643] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2036.880823][T18643] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2036.960708][T18643] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2036.972892][T18643] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2036.982584][T18643] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2039.240518][T18643] Bluetooth: hci1: command tx timeout
[ 2039.880352][T21475] new mount options do not match the existing superblock, will be ignored
[ 2039.893208][T21475] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[ 2040.491518][T21474] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 2040.664307][T21278] chnl_net:caif_netlink_parms(): no params data found
[ 2040.978223][T21484] syz.4.3199: attempt to access beyond end of device
[ 2040.978223][T21484] nbd4: rw=0, sector=6, nr_sectors = 2 limit=0
[ 2040.993401][T21484] ADFS-fs (nbd4): error: unable to read block 3, try 0
[ 2041.393424][T18643] Bluetooth: hci1: command tx timeout
[ 2042.533181][T21278] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2042.573552][T21278] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2042.597038][T21278] bridge_slave_0: entered allmulticast mode
[ 2042.631110][T21278] bridge_slave_0: entered promiscuous mode
[ 2042.704364][T21278] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2042.723804][T21278] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2042.830792][T21278] bridge_slave_1: entered allmulticast mode
[ 2042.862907][T21278] bridge_slave_1: entered promiscuous mode
[ 2043.679828][T18643] Bluetooth: hci1: command tx timeout
[ 2044.650686][T21278] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2044.792628][T21278] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2045.509488][T21519] netlink: 'syz.4.3204': attribute type 1 has an invalid length.
[ 2045.638870][T21519] bond1: entered promiscuous mode
[ 2045.644742][T21519] 8021q: adding VLAN 0 to HW filter on device bond1
[ 2045.719071][T21458] chnl_net:caif_netlink_parms(): no params data found
[ 2045.851896][T18643] Bluetooth: hci1: command tx timeout
[ 2046.477909][T21278] team0: Port device team_slave_0 added
[ 2047.247926][T19216] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2047.279271][T19216] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2047.296193][T19216] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2047.378108][T19216] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2047.451443][T19216] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2048.185359][T21278] team0: Port device team_slave_1 added
[ 2048.393861][ T1104] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2048.396174][T21537] netlink: 'syz.1.3207': attribute type 2 has an invalid length.
[ 2048.545949][T21278] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2048.552992][T21278] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2049.087464][T21278] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2049.245131][T21546] 9pnet_fd: Insufficient options for proto=fd
[ 2050.228431][T18643] Bluetooth: hci5: command tx timeout
[ 2050.237668][ T1104] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2050.264130][T21278] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2050.277925][T21278] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2050.303854][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2050.311002][T21278] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2052.567741][T18643] Bluetooth: hci5: command tx timeout
[ 2053.145870][ T1104] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2054.261223][T21278] hsr_slave_0: entered promiscuous mode
[ 2054.286748][T21278] hsr_slave_1: entered promiscuous mode
[ 2054.301772][T21278] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2054.310302][T21278] Cannot create hsr debugfs directory
[ 2054.767894][T18643] Bluetooth: hci5: command tx timeout
[ 2055.744583][ T1104] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2056.015679][T21458] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2057.408794][T18643] Bluetooth: hci5: command tx timeout
[ 2057.461845][T21458] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2057.469196][T21458] bridge_slave_0: entered allmulticast mode
[ 2057.596846][T21458] bridge_slave_0: entered promiscuous mode
[ 2058.750285][T21458] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2058.758273][T21458] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2058.766433][T21458] bridge_slave_1: entered allmulticast mode
[ 2058.774433][T21458] bridge_slave_1: entered promiscuous mode
[ 2063.457444][T21458] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2063.496050][T21458] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2063.908682][   T30] audit: type=1326 audit(2000001136.342:1413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21588 comm="syz.4.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 2063.934370][T21458] team0: Port device team_slave_0 added
[ 2064.036410][   T30] audit: type=1326 audit(2000001136.342:1414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21588 comm="syz.4.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 2064.556122][   T30] audit: type=1326 audit(2000001136.342:1415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21588 comm="syz.4.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 2064.613704][   T30] audit: type=1326 audit(2000001136.342:1416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21588 comm="syz.4.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 2064.682854][   T30] audit: type=1326 audit(2000001136.342:1417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21588 comm="syz.4.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 2064.712638][   T30] audit: type=1326 audit(2000001136.342:1418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21588 comm="syz.4.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 2064.754048][   T30] audit: type=1326 audit(2000001136.342:1419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21588 comm="syz.4.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 2064.855480][T19216] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2064.869015][T19216] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2064.879807][T19216] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2064.892619][T19216] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2064.903074][   T30] audit: type=1326 audit(2000001136.342:1420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21588 comm="syz.4.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 2064.926603][   T30] audit: type=1326 audit(2000001136.342:1421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21588 comm="syz.4.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 2064.954732][T19216] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2064.965326][   T30] audit: type=1326 audit(2000001136.342:1422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21588 comm="syz.4.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2045d8e969 code=0x7ffc0000
[ 2065.177004][T21458] team0: Port device team_slave_1 added
[ 2067.137100][T19216] Bluetooth: hci0: command tx timeout
[ 2067.490557][T21458] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2067.498552][T21458] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2067.540720][T21458] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2067.647052][T21458] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2067.665530][T21458] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2067.728852][T21458] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2069.012451][T21529] chnl_net:caif_netlink_parms(): no params data found
[ 2069.178818][T21620] trusted_key: encrypted_key: insufficient parameters specified
[ 2069.202565][T21458] hsr_slave_0: entered promiscuous mode
[ 2069.209446][T21458] hsr_slave_1: entered promiscuous mode
[ 2069.254197][T21458] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2069.272907][T21458] Cannot create hsr debugfs directory
[ 2069.381518][T19216] Bluetooth: hci0: command tx timeout
[ 2070.719832][T21529] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2070.727901][T21529] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2070.740047][T21529] bridge_slave_0: entered allmulticast mode
[ 2070.748005][T21529] bridge_slave_0: entered promiscuous mode
[ 2070.937983][T21529] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2070.950742][T21529] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2070.981139][T21529] bridge_slave_1: entered allmulticast mode
[ 2071.002044][T21529] bridge_slave_1: entered promiscuous mode
[ 2071.668289][T19216] Bluetooth: hci0: command tx timeout
[ 2072.472908][T21529] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2073.897175][T19216] Bluetooth: hci0: command tx timeout
[ 2075.398543][T21529] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2075.730828][T21662] netlink: 'syz.1.3232': attribute type 3 has an invalid length.
[ 2075.739622][T21662] netlink: 236 bytes leftover after parsing attributes in process `syz.1.3232'.
[ 2075.785152][   T30] kauditd_printk_skb: 17 callbacks suppressed
[ 2075.785182][   T30] audit: type=1804 audit(2000001147.482:1440): pid=21662 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.3232" name="/newroot/373/file0/file0" dev="ramfs" ino=84741 res=1 errno=0
[ 2076.893283][T21667] netlink: 'syz.4.3233': attribute type 21 has an invalid length.
[ 2076.937490][T21529] team0: Port device team_slave_0 added
[ 2076.962809][ T1104] bridge_slave_1: left allmulticast mode
[ 2076.979916][ T1104] bridge_slave_1: left promiscuous mode
[ 2076.999484][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2077.024344][ T1104] bridge_slave_0: left allmulticast mode
[ 2077.033811][ T1104] bridge_slave_0: left promiscuous mode
[ 2077.046127][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2077.070902][ T1104] bridge_slave_1: left allmulticast mode
[ 2077.090834][ T1104] bridge_slave_1: left promiscuous mode
[ 2077.099125][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2077.164611][ T5810] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[ 2077.177779][ T1104] bridge_slave_0: left allmulticast mode
[ 2077.231633][ T1104] bridge_slave_0: left promiscuous mode
[ 2077.247031][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2077.341374][ T5810] usb 2-1: config index 0 descriptor too short (expected 23569, got 27)
[ 2077.351020][ T5810] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2077.369120][ T5810] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 2077.379439][ T5810] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 2077.387638][ T5810] usb 2-1: Manufacturer: syz
[ 2077.411982][ T5810] usb 2-1: config 0 descriptor??
[ 2077.440741][ T5810] igorplugusb 2-1:0.0: incorrect number of endpoints
[ 2077.751854][T21668] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3234'.
[ 2077.882945][T21669] Invalid ELF header magic: != ELF
[ 2079.360149][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2079.373762][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2079.388746][ T1104] bond0 (unregistering): Released all slaves
[ 2079.408849][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2079.421232][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2079.434844][ T1104] bond0 (unregistering): Released all slaves
[ 2079.512004][T21529] team0: Port device team_slave_1 added
[ 2079.575026][T21668] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2079.582623][T21668] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2079.740577][T19489] usb 2-1: USB disconnect, device number 36
[ 2079.759705][T21597] chnl_net:caif_netlink_parms(): no params data found
[ 2080.128668][T21529] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2080.135710][T21529] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2080.172668][T21529] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2080.275455][T21529] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2080.282502][T21529] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2080.313299][T21529] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2080.546300][ T1104] hsr_slave_0: left promiscuous mode
[ 2080.549446][ T1104] hsr_slave_1: left promiscuous mode
[ 2080.551252][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2080.551331][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2080.562124][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2080.562157][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2080.597935][ T1104] hsr_slave_0: left promiscuous mode
[ 2080.598837][ T1104] hsr_slave_1: left promiscuous mode
[ 2080.599335][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2080.628952][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2080.733763][ T1104] veth1_macvtap: left promiscuous mode
[ 2080.742802][ T1104] veth0_macvtap: left promiscuous mode
[ 2080.760125][ T1104] veth1_vlan: left promiscuous mode
[ 2080.765976][ T1104] veth0_vlan: left promiscuous mode
[ 2081.522012][T21687] netlink: 248 bytes leftover after parsing attributes in process `syz.4.3237'.
[ 2081.754809][T21690] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[ 2081.761413][T21690] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 2081.769436][T21690] vhci_hcd vhci_hcd.0: Device attached
[ 2082.146649][   T10] usb 35-1: new low-speed USB device number 2 using vhci_hcd
[ 2082.647093][T21692] vhci_hcd: connection reset by peer
[ 2082.680934][ T1091] vhci_hcd: stop threads
[ 2082.686393][ T1091] vhci_hcd: release socket
[ 2082.719271][ T1091] vhci_hcd: disconnect device
[ 2083.728327][T19489] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[ 2083.789340][ T1104] team0 (unregistering): Port device team_slave_1 removed
[ 2083.870225][ T1104] team0 (unregistering): Port device team_slave_0 removed
[ 2083.948315][T19489] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2083.973896][T19489] usb 2-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice= 0.9c
[ 2083.987400][T19489] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2083.996244][T19489] usb 2-1: Product: syz
[ 2084.000496][T19489] usb 2-1: Manufacturer: syz
[ 2084.005256][T19489] usb 2-1: SerialNumber: syz
[ 2084.025894][T19489] usb 2-1: config 0 descriptor??
[ 2084.042009][T19489] ims_pcu 2-1:0.0: Zero length descriptor
[ 2084.054978][T19489] ims_pcu 2-1:0.0: probe with driver ims_pcu failed with error -22
[ 2084.308135][T19489] usb 2-1: USB disconnect, device number 37
[ 2085.116290][ T1104] team0 (unregistering): Port device team_slave_1 removed
[ 2085.200642][ T1104] team0 (unregistering): Port device team_slave_0 removed
[ 2085.900181][T21597] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2085.907375][T21597] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2085.916655][T21597] bridge_slave_0: entered allmulticast mode
[ 2085.927667][T21597] bridge_slave_0: entered promiscuous mode
[ 2086.126421][T21529] hsr_slave_0: entered promiscuous mode
[ 2086.154544][T21529] hsr_slave_1: entered promiscuous mode
[ 2086.202720][T21529] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2086.218454][T21529] Cannot create hsr debugfs directory
[ 2086.231489][T21597] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2086.238952][T21597] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2086.268298][T21597] bridge_slave_1: entered allmulticast mode
[ 2086.278944][T21597] bridge_slave_1: entered promiscuous mode
[ 2086.433504][T21597] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2086.455263][T21597] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2086.892699][T21597] team0: Port device team_slave_0 added
[ 2086.948980][T21597] team0: Port device team_slave_1 added
[ 2087.084740][T21597] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2087.093647][T21597] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2087.122771][T21597] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2087.146219][T21458] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 2087.174483][T21597] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2087.182056][T17508] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 2087.191527][T21597] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2087.218336][T21597] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2087.270574][T21458] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 2087.302189][T21458] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 2087.378198][T21458] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 2087.391601][T17508] usb 2-1: config 0 has an invalid interface number: 117 but max is 0
[ 2087.401587][T17508] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2087.423218][T17508] usb 2-1: config 0 has no interface number 0
[ 2087.434614][T17508] usb 2-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[ 2087.448181][T17508] usb 2-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2087.457361][T21597] hsr_slave_0: entered promiscuous mode
[ 2087.468740][T21597] hsr_slave_1: entered promiscuous mode
[ 2087.476626][T21597] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2087.478964][T17508] usb 2-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[ 2087.484480][T21597] Cannot create hsr debugfs directory
[ 2087.506252][T17508] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2087.533078][T17508] usb 2-1: Product: syz
[ 2087.538933][T17508] usb 2-1: Manufacturer: syz
[ 2087.543757][T17508] usb 2-1: SerialNumber: syz
[ 2087.558234][T17508] usb 2-1: config 0 descriptor??
[ 2087.653557][   T10] vhci_hcd: vhci_device speed not set
[ 2087.876473][T21458] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2087.907088][T21458] 8021q: adding VLAN 0 to HW filter on device team0
[ 2087.939479][ T6145] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2087.946687][ T6145] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2087.956743][ T6145] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2087.963946][ T6145] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2088.017122][ T1104] bridge_slave_1: left allmulticast mode
[ 2088.022846][ T1104] bridge_slave_1: left promiscuous mode
[ 2088.042679][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2088.071246][ T1104] bridge_slave_0: left allmulticast mode
[ 2088.080341][ T1104] bridge_slave_0: left promiscuous mode
[ 2088.086135][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2088.102330][ T1104] bridge_slave_1: left allmulticast mode
[ 2088.108035][ T1104] bridge_slave_1: left promiscuous mode
[ 2088.116596][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2088.127273][ T1104] bridge_slave_0: left allmulticast mode
[ 2088.134365][ T1104] bridge_slave_0: left promiscuous mode
[ 2088.140694][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2088.227228][T17508] usbtouchscreen 2-1:0.117: probe with driver usbtouchscreen failed with error -71
[ 2088.249807][T17508] usb 2-1: USB disconnect, device number 38
[ 2088.298705][T21596] udevd[21596]: setting mode of /dev/bus/usb/002/038 to 020664 failed: No such file or directory
[ 2088.325392][T21596] udevd[21596]: setting owner of /dev/bus/usb/002/038 to uid=0, gid=0 failed: No such file or directory
[ 2088.461433][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2088.473009][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2088.484308][ T1104] bond0 (unregistering): Released all slaves
[ 2088.505033][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2088.523089][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2088.535579][ T1104] bond0 (unregistering): Released all slaves
[ 2088.749404][ T1104] hsr_slave_0: left promiscuous mode
[ 2088.756421][ T1104] hsr_slave_1: left promiscuous mode
[ 2088.762449][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2088.770937][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2088.784346][ T1104] hsr_slave_0: left promiscuous mode
[ 2088.792491][ T1104] hsr_slave_1: left promiscuous mode
[ 2088.799927][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2088.809836][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2089.031303][T18643] Bluetooth: hci2: command 0x1003 tx timeout
[ 2089.038392][T19216] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 2089.039807][ T1104] team0 (unregistering): Port device team_slave_1 removed
[ 2089.204384][ T1104] team0 (unregistering): Port device team_slave_0 removed
[ 2089.387214][T21732] netlink: 256 bytes leftover after parsing attributes in process `syz.4.3254'.
[ 2090.080790][ T1104] team0 (unregistering): Port device team_slave_1 removed
[ 2090.124253][ T1104] team0 (unregistering): Port device team_slave_0 removed
[ 2090.489548][T21529] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 2090.633937][T21529] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 2090.698816][T21529] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 2091.269633][T21748] netlink: 'syz.1.3257': attribute type 1 has an invalid length.
[ 2091.280075][T21747] adf_ctl_ioctl: 15 callbacks suppressed
[ 2091.280089][T21747] QAT: Invalid ioctl 1073935638
[ 2091.677142][T21529] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 2091.768630][T21748] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 2092.854301][T21458] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2093.463775][T21764] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 2094.611512][T21764] lo: entered allmulticast mode
[ 2094.619892][T21764] tunl0: entered allmulticast mode
[ 2094.630555][T21764] gre0: entered allmulticast mode
[ 2094.663780][T21764] gretap0: entered allmulticast mode
[ 2094.686792][T21764] erspan0: entered allmulticast mode
[ 2094.696008][T21764] ip_vti0: entered allmulticast mode
[ 2094.706523][T21764] ip6_vti0: entered allmulticast mode
[ 2094.715939][T21764] sit0: entered allmulticast mode
[ 2094.726003][T21764] ip6tnl0: entered allmulticast mode
[ 2094.735150][T21764] ip6gre0: entered allmulticast mode
[ 2094.743807][T21764] syz_tun: entered allmulticast mode
[ 2094.753794][T21764] ip6gretap0: entered allmulticast mode
[ 2094.769343][T21764] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2094.776976][T21764] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2094.785221][T21764] bridge0: entered allmulticast mode
[ 2094.794350][T21764] vcan0: entered allmulticast mode
[ 2094.802823][T21764] bond0: entered allmulticast mode
[ 2094.808268][T21764] bond_slave_0: entered allmulticast mode
[ 2094.814063][T21764] bond_slave_1: entered allmulticast mode
[ 2094.826454][T21764] team0: entered allmulticast mode
[ 2094.831651][T21764] team_slave_0: entered allmulticast mode
[ 2094.837564][T21764] team_slave_1: entered allmulticast mode
[ 2094.845877][T21764] dummy0: entered allmulticast mode
[ 2094.854309][T21764] nlmon0: entered allmulticast mode
[ 2094.861093][T21764] caif0: entered allmulticast mode
[ 2094.866803][T21764] batadv0: entered allmulticast mode
[ 2094.877364][T21764] vxcan0: entered allmulticast mode
[ 2094.884079][T21764] vxcan1: entered allmulticast mode
[ 2094.890855][T21764] veth0: entered allmulticast mode
[ 2094.898595][T21764] veth1: entered allmulticast mode
[ 2094.907909][T21764] wg0: entered allmulticast mode
[ 2094.918441][T21764] wg1: entered allmulticast mode
[ 2094.931141][T21764] wg2: entered allmulticast mode
[ 2094.941056][T21764] veth0_to_bridge: entered allmulticast mode
[ 2094.952444][T21764] veth1_to_bridge: entered allmulticast mode
[ 2094.963724][T21764] veth0_to_bond: entered allmulticast mode
[ 2094.973274][T21764] veth1_to_bond: entered allmulticast mode
[ 2094.983187][T21764] veth0_to_team: entered allmulticast mode
[ 2094.993949][T21764] veth1_to_team: entered allmulticast mode
[ 2095.004581][T21764] veth0_to_batadv: entered allmulticast mode
[ 2095.013330][T21764] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2095.021797][T21764] batadv_slave_0: entered allmulticast mode
[ 2095.031303][T21764] veth1_to_batadv: entered allmulticast mode
[ 2095.042126][T21764] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2095.050492][T21764] batadv_slave_1: entered allmulticast mode
[ 2095.059673][T21764] xfrm0: entered allmulticast mode
[ 2095.067434][T21764] veth0_to_hsr: entered allmulticast mode
[ 2095.076271][T21764] hsr_slave_0: entered allmulticast mode
[ 2095.085930][T21764] veth1_to_hsr: entered allmulticast mode
[ 2095.094398][T21764] hsr_slave_1: entered allmulticast mode
[ 2095.104962][T21764] hsr0: entered allmulticast mode
[ 2095.112848][T21764] veth1_virt_wifi: entered allmulticast mode
[ 2095.121741][T21764] veth0_virt_wifi: entered allmulticast mode
[ 2095.129990][T21764] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[ 2095.138671][T21764] veth1_vlan: entered allmulticast mode
[ 2095.147967][T21764] veth0_vlan: entered allmulticast mode
[ 2095.162352][T21764] vlan0: entered allmulticast mode
[ 2095.167856][T21764] vlan1: entered allmulticast mode
[ 2095.174090][T21764] macvlan0: entered allmulticast mode
[ 2095.183657][T21764] macvlan1: entered allmulticast mode
[ 2095.196274][T21764] ipvlan0: entered allmulticast mode
[ 2095.202396][T21764] ipvlan1: entered allmulticast mode
[ 2095.208623][T21764] veth1_macvtap: entered allmulticast mode
[ 2095.218607][T21764] veth0_macvtap: entered allmulticast mode
[ 2095.228233][T21764] macvtap0: entered allmulticast mode
[ 2095.239112][T21764] macsec0: entered allmulticast mode
[ 2095.251301][T21764] geneve0: entered allmulticast mode
[ 2095.261738][T21764] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2095.273358][T21764] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2095.282663][T21764] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2095.291691][T21764] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2095.302925][T21764] geneve1: entered allmulticast mode
[ 2095.312399][T21764] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[ 2095.323772][T21764] netdevsim netdevsim4 netdevsim1: entered allmulticast mode
[ 2095.335367][T21764] netdevsim netdevsim4 netdevsim2: entered allmulticast mode
[ 2095.345374][T21764] netdevsim netdevsim4 netdevsim3: entered allmulticast mode
[ 2095.366509][T21764] mac80211_hwsim hwsim66 wlan0: entered allmulticast mode
[ 2095.383981][T21764] mac80211_hwsim hwsim67 wlan1: entered allmulticast mode
[ 2095.395412][T21764] bond1: left promiscuous mode
[ 2095.400219][T21764] bond1: entered allmulticast mode
[ 2095.823679][T21529] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2096.006489][T21529] 8021q: adding VLAN 0 to HW filter on device team0
[ 2096.264425][ T1091] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2096.271741][ T1091] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2097.043503][ T1091] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2097.050822][ T1091] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2097.208154][T21597] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 2097.291004][T21790] netlink: 256 bytes leftover after parsing attributes in process `syz.4.3264'.
[ 2097.320581][T21597] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 2097.333826][T21597] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 2097.346765][T21597] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 2097.633293][T21458] veth0_vlan: entered promiscuous mode
[ 2097.657063][T21458] veth1_vlan: entered promiscuous mode
[ 2097.738857][T21458] veth0_macvtap: entered promiscuous mode
[ 2097.752266][T21458] veth1_macvtap: entered promiscuous mode
[ 2097.822159][T21458] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2097.858756][T21597] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2097.887801][T21458] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2097.913477][T21458] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2097.936497][T21458] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2097.945262][T21458] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2097.955186][T21458] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2098.004928][T21597] 8021q: adding VLAN 0 to HW filter on device team0
[ 2098.045484][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2098.052674][ T1148] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2098.075859][ T1148] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2098.083017][ T1148] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2098.167176][T21529] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2098.292542][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2098.330372][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2098.382298][ T6145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2098.410156][ T6145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2099.371043][T21529] veth0_vlan: entered promiscuous mode
[ 2099.419477][T21529] veth1_vlan: entered promiscuous mode
[ 2099.439808][T21597] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2099.512549][T21529] veth0_macvtap: entered promiscuous mode
[ 2099.539571][T21529] veth1_macvtap: entered promiscuous mode
[ 2099.586776][T21529] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2099.611630][T21529] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2099.635061][T21529] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2099.655250][T21529] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2099.689861][T21529] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2099.698646][T21529] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2099.719933][T19216] Bluetooth: hci3: unexpected event for opcode 0x0c24
[ 2099.793829][   T30] audit: type=1326 audit(2000001169.960:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21820 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e9a98e969 code=0x7ffc0000
[ 2099.983061][   T30] audit: type=1326 audit(2000001169.960:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21820 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7f4e9a98e969 code=0x7ffc0000
[ 2100.596240][T21825] xt_hashlimit: size too large, truncated to 1048576
[ 2100.663224][   T30] audit: type=1326 audit(2000001169.960:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21820 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e9a98e969 code=0x7ffc0000
[ 2100.690332][T21826] netlink: 'syz.8.3267': attribute type 1 has an invalid length.
[ 2100.979920][   T30] audit: type=1326 audit(2000001169.998:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21820 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4e9a98d2d0 code=0x7ffc0000
[ 2101.067424][   T30] audit: type=1326 audit(2000001169.998:1445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21820 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e9a98e969 code=0x7ffc0000
[ 2101.140131][T21826] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[ 2101.242759][   T30] audit: type=1326 audit(2000001169.998:1446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21820 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f4e9a98e969 code=0x7ffc0000
[ 2101.398753][   T30] audit: type=1326 audit(2000001169.998:1447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21820 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e9a98e969 code=0x7ffc0000
[ 2101.537513][   T30] audit: type=1326 audit(2000001169.998:1448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21820 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f4e9a98e969 code=0x7ffc0000
[ 2101.658612][T10963] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2101.680384][   T30] audit: type=1326 audit(2000001169.998:1449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21820 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e9a98e969 code=0x7ffc0000
[ 2101.720865][T10963] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2101.787004][   T30] audit: type=1326 audit(2000001169.998:1450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21820 comm="syz.1.3268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4e9a98e969 code=0x7ffc0000
[ 2101.890687][ T6145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2101.942923][ T6145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2102.029079][T21597] veth0_vlan: entered promiscuous mode
[ 2102.085095][T21597] veth1_vlan: entered promiscuous mode
[ 2102.264756][T21597] veth0_macvtap: entered promiscuous mode
[ 2103.425058][T21597] veth1_macvtap: entered promiscuous mode
[ 2103.573416][T21597] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2103.624315][T21597] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2103.659439][T21597] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2103.669053][T21597] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2103.688992][T21597] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2103.706672][T21597] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2103.720450][T21855] ==================================================================
[ 2103.728566][T21855] BUG: KASAN: vmalloc-out-of-bounds in tpg_fill_plane_buffer+0x1b9b/0x5ec0
[ 2103.737199][T21855] Write of size 5120 at addr ffffc9000463c000 by task vivid-000-vid-c/21855
[ 2103.745916][T21855] 
[ 2103.748285][T21855] CPU: 0 UID: 0 PID: 21855 Comm: vivid-000-vid-c Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) 
[ 2103.748313][T21855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2103.748328][T21855] Call Trace:
[ 2103.748336][T21855]  <TASK>
[ 2103.748346][T21855]  dump_stack_lvl+0x189/0x250
[ 2103.748382][T21855]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2103.748411][T21855]  ? __pfx__printk+0x10/0x10
[ 2103.748444][T21855]  ? __pfx__printk+0x10/0x10
[ 2103.748472][T21855]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[ 2103.748498][T21855]  ? __virt_addr_valid+0xc3/0x540
[ 2103.748526][T21855]  print_report+0xb4/0x290
[ 2103.748549][T21855]  ? tpg_fill_plane_buffer+0x1b9b/0x5ec0
[ 2103.748574][T21855]  kasan_report+0x118/0x150
[ 2103.748607][T21855]  ? tpg_fill_plane_buffer+0x1b9b/0x5ec0
[ 2103.748638][T21855]  kasan_check_range+0x29a/0x2b0
[ 2103.748656][T21855]  ? tpg_fill_plane_buffer+0x1b9b/0x5ec0
[ 2103.748682][T21855]  __asan_memcpy+0x40/0x70
[ 2103.748708][T21855]  tpg_fill_plane_buffer+0x1b9b/0x5ec0
[ 2103.748776][T21855]  vivid_thread_vid_cap_tick+0xfff/0x5fe0
[ 2103.748818][T21855]  ? kvm_sched_clock_read+0x11/0x20
[ 2103.748845][T21855]  ? __lock_acquire+0xaac/0xd20
[ 2103.748876][T21855]  ? ktime_get+0x3e/0x1f0
[ 2103.748898][T21855]  ? __pfx_vivid_thread_vid_cap_tick+0x10/0x10
[ 2103.748931][T21855]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2103.748957][T21855]  vivid_thread_vid_cap+0x8d8/0x10d0
[ 2103.748992][T21855]  ? __pfx_vivid_thread_vid_cap+0x10/0x10
[ 2103.749012][T21855]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 2103.749032][T21855]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2103.749057][T21855]  ? __kthread_parkme+0x7b/0x200
[ 2103.749075][T21855]  ? __kthread_parkme+0x1a1/0x200
[ 2103.749098][T21855]  kthread+0x711/0x8a0
[ 2103.749123][T21855]  ? __pfx_vivid_thread_vid_cap+0x10/0x10
[ 2103.749144][T21855]  ? __pfx_kthread+0x10/0x10
[ 2103.749167][T21855]  ? __pfx_kthread+0x10/0x10
[ 2103.749189][T21855]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2103.749210][T21855]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2103.749232][T21855]  ? __pfx_kthread+0x10/0x10
[ 2103.749253][T21855]  ret_from_fork+0x4b/0x80
[ 2103.749284][T21855]  ? __pfx_kthread+0x10/0x10
[ 2103.749306][T21855]  ret_from_fork_asm+0x1a/0x30
[ 2103.749345][T21855]  </TASK>
[ 2103.749354][T21855] 
[ 2103.966004][T21855] The buggy address belongs to the virtual mapping at
[ 2103.966004][T21855]  [ffffc900045ec000, ffffc9000463d000) created by:
[ 2103.966004][T21855]  vb2_vmalloc_alloc+0xef/0x340
[ 2103.983912][T21855] 
[ 2103.986237][T21855] Memory state around the buggy address:
[ 2103.991865][T21855]  ffffc9000463bf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2103.999936][T21855]  ffffc9000463bf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2104.008009][T21855] >ffffc9000463c000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 2104.016111][T21855]                    ^
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 2104.020184][T21855]  ffffc9000463c080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 2104.028253][T21855]  ffffc9000463c100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[ 2104.036314][T21855] ==================================================================
[ 2104.044621][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2104.146824][T21855] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 2104.154097][T21855] CPU: 1 UID: 0 PID: 21855 Comm: vivid-000-vid-c Not tainted 6.15.0-rc7-syzkaller-00007-g4a95bc121ccd #0 PREEMPT(full) 
[ 2104.166635][T21855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2104.176730][T21855] Call Trace:
[ 2104.180046][T21855]  <TASK>
[ 2104.183003][T21855]  dump_stack_lvl+0x99/0x250
[ 2104.187636][T21855]  ? __asan_memcpy+0x40/0x70
[ 2104.192270][T21855]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2104.197548][T21855]  ? __pfx__printk+0x10/0x10
[ 2104.202378][T21855]  panic+0x2db/0x790
[ 2104.206310][T21855]  ? __pfx_panic+0x10/0x10
[ 2104.210745][T21855]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 2104.216652][T21855]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2104.222994][T21855]  ? print_memory_metadata+0x314/0x400
[ 2104.228469][T21855]  ? tpg_fill_plane_buffer+0x1b9b/0x5ec0
[ 2104.234200][T21855]  check_panic_on_warn+0x89/0xb0
[ 2104.239253][T21855]  ? tpg_fill_plane_buffer+0x1b9b/0x5ec0
[ 2104.244979][T21855]  end_report+0x78/0x160
[ 2104.249452][T21855]  kasan_report+0x129/0x150
[ 2104.253979][T21855]  ? tpg_fill_plane_buffer+0x1b9b/0x5ec0
[ 2104.259642][T21855]  kasan_check_range+0x29a/0x2b0
[ 2104.264598][T21855]  ? tpg_fill_plane_buffer+0x1b9b/0x5ec0
[ 2104.270255][T21855]  __asan_memcpy+0x40/0x70
[ 2104.274686][T21855]  tpg_fill_plane_buffer+0x1b9b/0x5ec0
[ 2104.280187][T21855]  vivid_thread_vid_cap_tick+0xfff/0x5fe0
[ 2104.285932][T21855]  ? kvm_sched_clock_read+0x11/0x20
[ 2104.291144][T21855]  ? __lock_acquire+0xaac/0xd20
[ 2104.296012][T21855]  ? ktime_get+0x3e/0x1f0
[ 2104.300351][T21855]  ? __pfx_vivid_thread_vid_cap_tick+0x10/0x10
[ 2104.306522][T21855]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2104.311736][T21855]  vivid_thread_vid_cap+0x8d8/0x10d0
[ 2104.317045][T21855]  ? __pfx_vivid_thread_vid_cap+0x10/0x10
[ 2104.322776][T21855]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 2104.328676][T21855]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2104.335016][T21855]  ? __kthread_parkme+0x7b/0x200
[ 2104.339965][T21855]  ? __kthread_parkme+0x1a1/0x200
[ 2104.345008][T21855]  kthread+0x711/0x8a0
[ 2104.349091][T21855]  ? __pfx_vivid_thread_vid_cap+0x10/0x10
[ 2104.354818][T21855]  ? __pfx_kthread+0x10/0x10
[ 2104.359416][T21855]  ? __pfx_kthread+0x10/0x10
[ 2104.364015][T21855]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2104.369745][T21855]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2104.374950][T21855]  ? __pfx_kthread+0x10/0x10
[ 2104.379548][T21855]  ret_from_fork+0x4b/0x80
[ 2104.383968][T21855]  ? __pfx_kthread+0x10/0x10
[ 2104.388565][T21855]  ret_from_fork_asm+0x1a/0x30
[ 2104.393443][T21855]  </TASK>
[ 2104.396750][T21855] Kernel Offset: disabled
[ 2104.401106][T21855] Rebooting in 86400 seconds..