last executing test programs:

40m40.721822166s ago: executing program 32 (id=1316):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r0, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x6ee80, 0x0)
io_setup(0x1, &(0x7f00000004c0)=<r2=>0x0)
io_submit(r2, 0xca, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0x1f, 0x0, 0x0, r1, &(0x7f0000000000)="98", 0x3e8000072a, 0x1000000, 0x0, 0x10}])

40m31.734736624s ago: executing program 33 (id=1282):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
recvmmsg(r0, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x94}, 0x3}, {{0x0, 0x0, &(0x7f0000002cc0)=[{0x0, 0x20}, {&(0x7f00000017c0)=""/130, 0x94}], 0x2}, 0xa1}], 0x2, 0x0, 0x0)

39m45.985251602s ago: executing program 4 (id=1465):
r0 = syz_io_uring_setup(0x3380, &(0x7f0000000180)={0x0, 0xfffffffd, 0x10100}, &(0x7f0000000380)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[@ANYBLOB='5'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

39m45.86846061s ago: executing program 4 (id=1466):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x4e)
mount$9p_virtio(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x800000, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=virtio,iccess=client,version=9p2000.u'])
chdir(&(0x7f0000000100)='./file0\x00')
r0 = inotify_init()
close(0xffffffffffffffff)
inotify_add_watch(r0, &(0x7f0000000400)='./file0\x00', 0x2000100)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)

39m45.681389737s ago: executing program 4 (id=1469):
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x3)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x14b000)
syz_open_dev$sndpcmp(&(0x7f0000000440), 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000b000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
close(r1)

39m45.330365533s ago: executing program 4 (id=1476):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', 0x0, 0x40000, 0x0)
pivot_root(&(0x7f0000007b00)='./file0/../file0\x00', &(0x7f0000000280)='./file0\x00')

39m45.275647472s ago: executing program 4 (id=1478):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x2041, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000023c0)="057e30aae10df4f97559054b9a301ecfe91b645115e1421774006df60cb393573839b0078ce169ec2fde0afea66b5bbefa9d4f3cd8c2458336ceb1f0efe647d6d7b1cdbd12c9b8e3a822cbd51494bf79a1dbe5c22338ce37ed467a1d3d616564cbb81faa2e935b2697c12efb0ed141fa2eaad4747725c4bf20f8975e402b03eb77d1aa3f10f512397b5037b1b4cd4b7c08c03dc5e52a066e5982969fa044125ae251f46c26e2536cc8b77e8edb251378be4beedfb8dca0d449123f57677ca3da5bdebf91b195f1a5d49d7c292f20f58d490de36d8ee0e8a86bd04c3165549465cbee7891fc747d7def370ce644db894b56bd53af0d0e261bcfa6bf72a684dafc5bcafe07ece74cbd1d5fa32716dd03f7acd4f32d935438c91e033beaf49e3963e13d05e7a8334a858639636799f04a9033193e7d18a2a4b20bcc96811bb5efe476db70a76b7456ac4e71f3e89c00da0c7761c188570c7902bf2fee1be273be8a9f7a2d7508ef2188d3ba1db4fa9d1533d2f2a288cdfe3b0c50908d56ba69e81386e7e979e9d7ff78685ffb8de6baea2451762736a2bbafa11d541790b0564aef9b0b80fa24832090b84341a9fdf712d3296f911020f8021eda8130befaaab01cbe91dfc5768e6ff31ec50dd88596832a9f5fd4f558d367f40e454d3c97ad16a7f30b93629ee2def77b99f8a17c157529b0782fd84704c75a2302ca96bbdcff660c2cca753e1a8c60dbcfb319a1594565a2e15bb6124316e196e3cafaf1a29eef84a0908d1dc80af7e333c65736699f1254addf2ab582f5c87c4f6ca234d7ca9673dc29444044b95abdaea958274e39aeb163ee2d05bc2ade5c33a0466e14fbdf8aa70ca2964c06ee5bc57b894b0143a7a503cc43574a07958940b029678df44d6c82fa2e6937ea6aeb5b8f33c21628e3b0d623c23c2e5a3546194fea742d90c1d61f343a005b9e58c3e8292b256fd0ecca81cda433f3bb0ed633607f0b635cdd8b4919bfa37c1e99df087d3f8f3ba5dec7930657eb3a4d8febb5234e048881fbfc499fe5eb6a0ce34546f7010ae2291e6731d0798ca451387a123998e68f6f577ba4e556bb9a119011a191a6bbcf55beb1fb0b8252deeed5721b271b964534a04462720c4c03e8ea7f120cfa1be630e7fc680d1f6e067075c72f642babcacf6b00cd3fdb9f3200e4ff8935b17ebe222053c78c3752666088017c2150dd014b9578af6adb15527a483eff5bb623710ca7b37ed49ff7cf1525f296af6f27846524e4aaea7476a2d08dceeca84a1ab11e2767abff12d10deaf63681dcabe9b1fb9ebe207d8e37bcdba9a73a02ebea4e3a072397a88c47795d5e88b2040c9fe3f96f66f8f7d593547c8fc8f4e75a1c20962ecf2dd1e7bddf896f2a6c5f37a8784e2bc5b10cef2feab3b6eee7430908eeadd372248041a09b0c29385cd7a75754d2c429e72bf5fdac34097bbbbb3790f86399c60cb5054fbeb8eb1241608b506beb135091c18110c1d10d9a80f4adb11a6fd3001957cae0b4f8f730cc4fa4a7328e23f390caab014cfeec0ebfd0e14021f47fe330a68680678d23e7ca1ff18e7e242f4c1e3cca51dec73c58b596c2a92267ee76d3657c1e2b34102b09fa4c59c2619148440bf26802c6f858b8eee6d8c697bad2c4d5a0f76c6a4cdd3b8fdc21e447920491ef40578b68a7a5dfda04fa235fac01ad4e824b627137dc48807100e52ec5ae2f3a3fd84d68b824033b4f0ee28a9e72333b4e209ae905d0781e4fe8116e03b1ca5c3b1ea84974cabaa0214ed15bfe01e974491e8a20f9d03ed1b73799b083f3a65e809c3ff3cf126288fc1627409d46f78b5fe8b8ba0b3ddc3ac79aecd6eee2e0cc59826e5798f48f80f0c7f549b3a656e9acbc5e51bdc3becef93533166c1d9ffe4335ec973d3d27ce5987d150f554c4095650528578fe4858b670b0786f23c886612191f89ec57970dbc0e33cd62b57a08fa940b339577fd12d07dec2ac50e9e0b27f0716b3233803153389a95df956637af8d9778e27bce49ab0a832978712a074d3f7516ad512ed0d9b43049b5990c841a7b7146a24c62fb70645b8d85b6c8863d5c6aab03638ffa4e30c8de24383cf320eee735a4fd37262d473076f495da8b2f0f028b8f178c238010738d6afb1dc2e48089e80f6a7658ad3496f1a1f7f78abdcf934c733d22abb0671a0d41b9b33a5faf99d7b82166e27df0f97a7953dcc1fb364478200253757e8311ba61cb4c78a380cdd820553c7296816210f64b34619966f1540a407c8d6e8e30788909de19ede4116d09a14ce26ad59957add80b90602855c0134ba7fe8afd4493f7cd9ced61fda7d0ae02505c046acf68d68ecd9b1507a4d4eba4c2c834777b2c3c5a8b3c06677fe468072dcab48c1ac9deec30265c7f6c5864df89e25bba52715c82e9921db601b3935f5047b8cc07351b9965b1a1f6ef36c1fba89d9d96e332eacc1e8a78e09d7d6ba30845866449ed5264f763735d4e7cc133dba4b296b2dd9331efea01e5b3d05f38055e41c49993d679ef133b9b1af435fd0ac5fad33f571c76d02c40d4e301110b4442aa134364f0456da0cf362b2c27ebd667c0969ae09dad18becba9d6918fb1e741f685735cc7078f0e6328181a83da67516fac31522f9d9fc64a4b769e57e76bfff6f9867fa2fee1e7dddd11128322210e44eeef6db7269dfa1bfbd9099dd6f8219d585c22c20483251447772719a6115ccb690609de352989610a138110c884562b65de3cf63c3ebe9adfeb53c6e4ecc637c98b60161f71952b84c6fc4cea6af0ed533144bde4f8fbab2d3ffe0b2a5d0c55ec9979ea85a25045ad3a84becf0e891b89c1a83178d7368aea4bdfa0ebd46b8e110a2972c8ac96e10ac630e89f8d76bf35b03b5ecd393d1986fc61318e08ef02721e5f2cd2fe098ebcd1bd30a8f87b2a5650b51dd50d0d78ab7fe66490f5827372f1779d3d389e9fa66bd0296f0203af010d8f76783837cdde2555a90be577626a12de47d4da638efd0017750a230485f6ade34a27284d85dd87f9db8a832c571106d8296629418777b4d933fa049f0f403008c193e889305074091be14c66a4bf02cdfe1e8d26a5d21fa78c5628a7ee3d7a0c550296b2f0625e2dd18d45f2d45bee6746d4462c92bc3cf50503c7479bd121393821afe1cd7144ea37f4e8e5ee21f739024ad25af9430dee006b76617725556ff8a820b767fa821629819732f086a5fdf2ccb4edae0aceb3d6dea698e798ead905a2eef9065d633b007271e93101a71cbe385f56e32b3a8fb081c5c1ab09b729fa9294a0007f13a3b8e93686020d993b812c6f85fe1618db897cd67be6cd5053dc8490bbebee133d140503c4aa51eea0c156523a1d81ae849dbe5a273bfc0de94836f8160ea9f146147fc02dd7b55dca6a2a43692268ee98f51fcd2d3faa76071d9716e877b2a3dcb51a51d5359a2ee705da52b43306f1f3caf33342fc281bc9c58d1ce05ecdeca371e3a788542f8fa999e4d8e10e66f0b6053d7d4cfc6acb815628bc2409b3dec01726121c267b3ee85fd61bbbdda68ae2c13026863e4a54b93d956fe692707a179411c841ca7d2f33a5223181b18b7ba2eebdd7c2a8dec3ac2a317b5fbd996e8598c394ee627308f0e887480a8dcd59b0256b636f4c62566501a733fa74232945ba1d9e2bae347391bf9ae2da4d3af2b262b772421fd3a5cab46862ea6049f5c9c76dd8549ce0e6c31c792b81b6b21f0bcca18bb2fa6a9d4d6e0a837bb119e2e002a69d6ca95a4b2acc463076c2e05731ef0cfaea84387a6baf6737cc14a25f5329ea924090311213344625a69ee382dd4bc72e00e63329956f3e021092585c9affa06a95bd0ef653ae9ff0abed5ee561ada4f83d8ef202d9c0b2225ebe8660cc408859d45e0332f4f78f6a339bce9d12ca2bc5116a8fd4007c485f5c1c41af96c41d96db35411842d7babc05c8b228066dccb9b67f348974363be521e41fa94d2034a0bc1e87360a80606e1e1bfa8e6399601b30bf93ac41129869158bc2b791b50e51519133ab58afd4023d4d721129b1307f054103a47c49e0524ac4df511c3409fa62d8b5c1a897794600f53efdcc987e06bffd77c9fc75fb7221ef29ed2f7e3e8abcb4a1875b85bd5176a6fba9a361d8684876508443bd50e630f4c684002b15930cf81d740b880eed25d22d8de8c00066790df084fea7c5021184a210a6d24f9bc862c4e3eafbb1782fa240ecfa5959d7a681bae84e8a96a5ff45dea4f9e16dd2cff2dccc6cf4042b44b7ad1f55dc1db5998ed40a409c0e67e1e64fab423d2c00fabb8976d9dacf0c82530e3fe4ab1ad3b55599fa15450dd5feee23591f1ce398e4c5ae8aad71ad26ea189c333c8467d1eaba9589bb8c41bbfe8c0c173e5446bc06b578c1db849fabe5fcd8fe0fca94bdc799b53b897249826037499e8b6213d640724fda1bcc9341ac61fbea02c8f39a53c496902d5c7922f678a273cdf5ffff38ea028ae19dc72f0b0688f2b9b7d5a9c04153c10ff4168cf9f243dea03b336be778f6c79d67a2d0ade82863eaf95d6fc7f745569864f369f4b39177c356c8c393bded485df28622f01251e58f3d39498520ff90e6c670f0dce5b494cb1d78dfad108406dc5857086d386bd42bd03fe716f049407e5e55caa0e73e96c1a4f6d5791ce7195b2ce72de52ed617ecefaeeabfa9350af49d1d91f9a4b97dc0808869b916f34ee242c40fe8c8aee57b6ddb69f9a10636e481dfa059ef001bad7020266f0d74b14edce6c18ffef854768a60885bad798658a6b9d0b438c483ba159346d5ce0771f53ff1ae0bd47d8583bd56237f8da2747ac7eb2a87b6e26c4820d4fe18b76e06bb6e0c0cdf478b4aecd381c2a6ca9f10ec433f0aca63a66d04f70557baf9f2844005351a21664c2430fb0002cd03bcf0b2004068a2567f91a9fbee8c6d948fb35d48527b23e1398ce9f535e2b0b33c2bc31ab737ba4b980f46f5d424e33892c8093f3cd18510a3157afc023f63ad3ba999e950747c78c06ab141a26d74ffc049a6f76c465f9f9f03a8d339a8e61fef26a5239fbc11c01a87800c81efd7b9f28ee2ab2ed88a383f5013bfd6671ea3086121b235a0cc45ccb300c02588895f8d13ec7e00a3aaaa8b0e739f666fd1b13a90b23998704859c9c76108ed7ecdc63770e6ebaa0aeb9208b92ec4e948ac7fc81cc6f305f06c2f2d8c9267463af92e185ff627eed54313fa2ee0bff2cfa8be411982fd19fa88db5ec99f238f88782f8c7a957bef14f79351b63799a4cce160357c068987a5516b04c79644c140850cddc8bd5541fcca9e30826aad864240f434bd1fc67b58e3d664f782e9e46edcb34e2db98a39c23e334e51c71c9fa466470992cc1fbc36c3c8ff4340be67f9b85a74c9114cb9fe5ca4dcbb641ea17a54ba4658aeaa515109e117625a6196dd66d3584d293b468fce63b5a9c4b9461700c74ae955539bfbbe3eccfa7d9c9f737792a9d4b978baa2e92819e88340b73c88c2900b723248b18ae9414cb37a64ef8cb8ca85cda9677d9f1e71a6b70fe3ad17f2d13c1df48d93bfa50fd939a72ea26f9fbeaa6f8af2eec91b04a8fa7dc14fec0f54fcd1c5c848b4432f979f10e661cd2d7f8ff669ce99f9813fc5440fbbeb35f1a5e5115f5ca35dcc270bdbcae07a9ae8e22aabf8178379dee08874ec7840de27815890a88fc9a3bcfa88a33f9baef9af0ae01b2bd34a907f1151cb14bc8b396bc43a60f884f425e4a04348cc645aae68db49980139ddad0fed303e40b124fd654b36c961a56c44cc3686a7529b1f1ee47da3a0f1158542337df15780444790a2ff1b57e062f0db66730c9f98de395f939f44188225211c514447f67fcbf320a34c43ce09ed272bb992db3a35ae2c3c491c36f2de88984129fcea1ffd235aff7bef7fa95d65894db9a5f1b348efcb571a81b3d73ccd07cbef052389001e4d456800e05ca53bcf3485ce05791ff65a9f7913416ae26972f34f51a3270580b81307ce31c98eda06f3b35890ce317e79a16d728cd0bb6a3835667555c0c5138cfa5305a91db1f873b2a75b82ffcb27616ee67777708f7dc2ed9ddbeb38a60f446d3ac88ded25265c25ef38b0755a9d34bab5e669b6501d8c9787aae7eced9945cad3d4d1c32fa68b48a1d773750f814631db3e088c1b5e7ffa854ea1343d94ec1343918d7a1c5a095bb72b00eb3bff210aeec0b8a581a2a13429b83a193f4d447059265b63c4b8f8ea1b9494f65e79844d956c5d80780849dc086506e9eba002e682a1bae1543f8289588c574bb6ca9a2e57b908aaffed23ecf3536abaf96fe08291f3d70773288b4698e972b0187385dfff4cba59175814e75e7e5146205c7f2d2f749583b393f46c448c152d8be50d60ed8d8bdb30fc7925656a0f90b1de967c729980815e5f19ed453fbefcff67832cb90d753410a0b18eb7504600b11b0360c3d3594d48d832160d357afc1f17dc71dccabef7bbcf1fdd55b48cb02130032650ab07b902f36b48be9376b2dd68343eacfe80d9dab3205a393a4c6ffd405f6db323dea11be4f22ce50df1e0cfec9e9b1e23acb94d66ea787d08f615a7c7288cdf1921a13a85d885e47cf1067d89ebad5b92ce5c9da255f8d74bd2d5b78366f998cc35bf35e45d06128f1c5984fabee7542642bbf6d981b60759d3e7900e5b3d1d7310f90df0c88a600ff2f39932bf7411e61c692c9444dc9ae0dff28c0b94292c430ac4464e83ce8a29b886f45c98b8396667740c5be51e592eac0250d6e479505d36e930ca3a32cb671d58707d25b10e2660cd5e661b08e268c8bf1b3cbceb2d995a2a6fdfe5475cccc965f71baa7c84054e3bb6cbcb7167b06c708cd72ad4301e943dd1b2b2c325f682be3eaae730a8ed8bc3134b28d1ce04543bc66a529744561c42d25e65c7b5cc2a17875ebf35e53aa46e1edec29ff8d046a7e01459d9639c10d1df998cd9a12d7e50b2dc71ee7338cf71beb72d5020dc69eeafc354bf822d65ee0328eb07d04ac0d266fdb53227a158411da5ded254b3c359ee710e0278e1a06f06002538e108450fd6b11949fdc618a29baf34f232aa192230ddb318aa6d59d122257e50713fe73e6c0059399589c382dc901a8c3381139436f7331b69f457bbb38ed54daaa07a52cce0000000090836c664b73d86261216b8610fc7b4d53dd3e5d9bcb3e25528e132911cac37e7f2618274c733b5ae02f9c27638d9e11988f1dfbb281ffd8cddf8558a481861cbe9d53a4ad8282d3587449cd51759ca397eda122d286e117d01539359870b94c98a3ce383ed1d280bcceb228acf73193e87fd3650e4dfd563cc55bfbc8626a41293cc90ef76e28e2dedaf968602d2997ae1c2752a0febe3a78f3756d40201ae13074091238324422caabe22c66b7866065264261fc2c3e0569493468d1c1c36259aedd5f078a231e72decd70f4de8532f6753287435296f33a096bc1c8b0ebb68c9f783881e45ac54159ec1c2f9e1f5cb48f96729a62d1b4fdaa89ef5de8741bca04e953534dc977e881a61281812af435206378eff173d7929ab4967e511bdc14e6a783ab647a4c257a4fcd6ba38ef32bc48a0064341697e34f7465b3e6240589d854db4d9714e998f2edf3a03986598a52aaf647d938f4a8e07c1c29615803af6cd403d261ad6da3c1c804034b4a4eef3ea1cc8db39d9e171b3f6dd074388577a4eb901c25c8031e4592cea80b6354850657f53b2acd910ec2c5a7db6abb0153e051dadfbcdf047e35591b96b5657ca55d99ef6fb48e07c34321cd20c40b30a646132f8afcb9426fe84a790567fb847076a8762ca29cfb037e0c948edc12122a1160a55d465f5c912406a10dc0d3c1156cd207e9ffe906d267c9c870521934e1c56af460c0ad0dea9c929acf85768e22bb65eca6e25e4ec8e6edb7a6215e8c7e5fdb56c7131b156ab6a78fc808f8f17a2708ff68b37778c00b3b546004fb2b2c588d8ca8276d281026bfe896698569814410422f27421b8fc5c09d47635f17ddf6b9f56a202a991514678c18a4afabe1eeca6fce1187fffcb6ebdacfc6cac9750766ed40c80e7eceb342a3fa6f86d014949f9d111bfd96e2a39d364f2e2722f2d9ab0577befe26055890161d780e52eff4022461c1d3b019b86af28c4f02fd1f7496d8c141344ad5756bcdc45158f3af7aac227c8853f607cae412db6fa924c039859fe455857bd5fde66cc1b773c12f516401a31c80d750079247c128a103361e7f0a392d21b4b1b594307ff6b37e5a242666209ec517561e04645b92e7cf3cff1a6c76c900d12d9556e2962c535401b1e61fa85e06551ed678703fb3bf8590f2608ae3c278b8d1ac286af38061afbbc3cb27ee7adc6ad299151cd00a84506e6a97648ff99f2a9d35d8421e71589437406fa8e6def8ce34c9abe5de3481c492887176d4485dac794b84567d5ebaf68d0007cb2256a0f1ce4318f6891f750fa9696fed3525059688cf973e70d688b1759cd0f3dfb0b2a7078174b978767cbdbfc3f7d5850e2f7772e2bd6e3ed69ef13cc141238b5ee04b6615e33c42fcd6cf979a0ac848458b713b9a988c1e3fc32f2a182fc0cab2e6933e9aa5c2d77db8c6a1802b43bd8220ff0ca92229fc26a44761d00eeebec834e5f7d382b4f58a2759c56e53b163dae034ffa1970acc57165746e575470e13c4044f392ae4bea93e7d666256436507bb987a247785301274d4f262f94989cdc94b209b7499bd0cb4437525b72be79c87c6076533e4a14799a60bd3563d46ee4767108bed7e637cfed6f3139637bb01f36385dc5873eed726fbec9a87da294cc11db8b49fe45b798ae74e1a8cb0f2907eb0178d2baf5f0f88f654baab9f147741945c496ddea1cfed65a82e913a131c4ac7bb6f0d8d5d28225dab8a33c6e60c0d2b2d5dbd8c35089f13f9a2ae81ec9addaefea9b8ddabc8cdeb6437381ce346db6e14d9d1e8bb4662b508d61da77fc8d9ebebceb1c23be5d0a7bba4a48c0591333ab7779bae78ff23c4bbf8a8cf30f3120a5b63a047064d7ed7d37191cf39b6d1e8ffe3b47379767bd691cb855a9c938e9a0235a5ec9c316a6dceca63fa5fe6df0b9f0d6b38add216aaf2726d3377ab827b00b4cbf490708a0f679b8cd7caadb3dee40cc98f778917d6a6263fcc0747bf75fd676d84abb7d10087da323f95c2571139fd4c9826ad5db6ee4c246b9da20592cae11f9264bd2945aa1a427b2acefb514a2daafbbae35ff761eb1e3b98b4a1dfca348b8c4ff96325a618d677180ceb7e916654ecc2deecb4e61d01080f44b98776b1b43aebeffe2c14006dd1d78c8babf1179f42fd20d87654d3246d41e9dc633eac1741be44f8d751d8c9fd57316fe06d60872939b7a2906bb27a299a3408a51d74e5d98417f05f85fc1b332e103e79203e9fe344dc1d1572de39d914c5270c839870d2b33da5a6efc08c4f0c8227cc35a7f77c6a55f80ceef90e217c80e5ecb4c236685f5219787b01612cfbac90794e8269c07fb7ca4f7dba4defb2aae2b37f7b1696e78de15dbb1b6d4ee0cc4c0fae274b2c2de9343862de1d9847515ad235b1837daa9b814f19e895ae3966ed262e3e7add9f19009e6b61462917b29502b67e124c43538a6bcab7296529e01bb26ab8b3ef094ed057383c4f92790b6f705ae9d943c4e8dad84f6ef82b54d062713c16960fb475d74d46a1b16062563da3391cc6ff5185162c31ff7339e4837e38adab8ab911abaaa006e313dd19a1f92b4f7bede4525b154e1b9f796136a85f3602da011ae2232be902347e08ce0bbf3d23d91c4aac11c8824caafa1d1ff0343ce655802c1915f3ae7c0c670b18e56e139be66a33613afcb3b1928613b3afba9d635070af678216d57023d1911f0eb7ebddefc96f0efd8e9dc10e8a87a68393e19733ef900c6264722940750a7f265cfae0a1e9314fc14674c2871c0d59bbe2eddaf9330a4e2a28673af73910d6cb90790f800e89d55a2930910a8430ade9551819d83d5ea6da4e58326b7ce555d01da86ea78200f0219ec92473da95cd5a632c525ca9fbcddebb8168881cdb2f5da787d0e31881e2b17d78184f3a0bed8662486d3937dab275d050b9dd5a2ce904208a91a467afc33e10fb6c1ca788a5ef30d6e8b615ec0ae1503fea7006569559b7b155c31b196b85881c5671173c06fc5373e9fd973e7111ed45874609bf3c88c6db732210a3ea04cb68662bbc2048bb55d811482af5c658e29bd18c57ffa25e88d7297cd20d4c2b13007cfae89f4dcd90177a0806a2ceb2095333b58f828c093b9bf63cd07e3d56a446fd12e755fd651211bc160948836939c17623b317b9e935307044bab2c11879a62288e7ecbbb97f10f52516f517b7b8e44cff5964fdfaf8044065056b48db13b1365004c336afa3535af1242c9b7271b8b1ba2213fcbb80926bcd394815cd7c27e3aeb2348dc45f5e06e32f5bd56d1c472f41b564ec0939cd012028412883cc098d082fd43858747b746be72b979d175f6a6447fc5908616dec7fc6c962e12e96e09bd068acd2fcf0ce1cc26d9f82b2b91bc9aafcbf8435011f73b6a8ea1bb2f3289b23236136b31656600762fefe53e607df8cf3c9a7f257b212630c19f142e4cf5094250b629cabb145c77f1f14ad60ab7617078f810a766cfa341fb7c16086609bc0a768fb1cd782606f32b83a0a55d883269a05b80275612dc571cb993ea9e447b4d32570d412203ab4c8b050b63bb5ac0f8d6f4e9a1644e4b622587b2ae125c2093bd363493d58544d6303a0de17780fcd83e993aa83f4432274eee1e6333fcdc77bcfdea95b8b9ed787723e35b71f1dbe89ff1e3e6fde146c05b6fe9eae52b472624e412253a63e7fcf1b77dbff7509eec5a55501e222f66bd84d36663cd244fa1556bd34b4c9957a93a71e63961ffc7700c5545acdd3e79da41e1cfaca0956d4978222cda23a574d691dbb6c6bd083c70c2782c045bbbe0fcaa10efbc002af6832e3fa7dda0ec8ff6ded69302d55d5a62a7ec213f16ecc5e3304a83103d1c2b21e04e3f5f3730339a630a407e8cc6a5afd2f2ed78ff992035a3783a2708195a46e565a9113be8c228ccaae3510363b475732ad48fe8ff34801f4c35132359d4c5c5bff65141f4a8684d462cf5d97b44496440fff3f7a28d28bbaa8e6db2a6064cbe9fca4679afe8ca6dd27a25c56f3e58165040f19a0455199a0ece4583f060979427f2f3495f40a83bc6ee3eaadab18705d464662b8aba9c7aa2f29114f7acc247548a85bd44723064abeee18f7f558f6d0d74fa08103dd906124454745d23005c425b260b0034372123b642a0cbebbc1a0bcf0cfc3639876eceac5f9734057ff659cfd35b1a3eaa768b86d66244aabc23a45676a59d492614f1c0011c9253e53fc7bb3e20d303afdb5b6614dcc7bbf72a339e414672aac23c2e2983083f08dbc34e3452def00f402598b6aaa4f0d896d1648b1442621993b7d0c930560cb6152b9ce59f94356726816a224fca84da5dbde6675d20f546a3e4635e82ff9575cac9160e6819f00", 0x201d, 0x0)
write$binfmt_aout(r0, &(0x7f0000000ac0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0xfe, "0062ba7d82000000160000000000f738096304"})
r1 = syz_open_pts(r0, 0x80)
r2 = dup3(r1, r0, 0x80000)
ioctl$sock_SIOCINQ(r2, 0x541b, &(0x7f0000000000))

39m44.936213277s ago: executing program 4 (id=1483):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x24, &(0x7f0000000040)=0xb0, 0x4)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="000086dd03000a000000140000006c07010033d43afffec00000000000000000000000000010ff020000000000000000000000000001"], 0x340a)

39m44.858070121s ago: executing program 34 (id=1483):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x24, &(0x7f0000000040)=0xb0, 0x4)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="000086dd03000a000000140000006c07010033d43afffec00000000000000000000000000010ff020000000000000000000000000001"], 0x340a)

39m35.996125049s ago: executing program 5 (id=1508):
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000b0c0)={0x2020, 0x0, <r1=>0x0, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000002280)={0x50, 0x0, r1, {0x7, 0x9, 0x0, 0x110002, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
stat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240))
syz_fuse_handle_req(r0, &(0x7f0000004bc0)="d37f438c8ff0a793bb0fd85e80a3add0f8f65f17e46f60227e8b09439e47ae441d91f7c50d52383be1a08cfa58969071ef9251774b2aa82db4b537beb0834e94c9f625097a9fd8ae5d86ccc28ae9a5fbf7a931329d6c0aa28650849abea29afd035f5eb12f8126d5b8c277c8c14f25965396c229226cf8b0c6da769454f1981c1b0a8180b80469005a03d24fee1d6f5543a43d7156a0da6f40f6e4344cdfe5f96f373459fabd8c1fb029f3cbb965f11e04c92468dc54884926996135312816573b5f052907705fb31ed724a8097b4eb9a547bd0a4f9c66421393b19fe59fbc07bc8c6319225509823784428ca5f20741130774b9090811966d1de850ef61c965ba07e2fe52380c4bee79f58db0931b3d0c06cfac96c9e8676eb0e10ddcecb47f17e8c4ea80d3f67a9e04f5edae06ec33863b9fb5edf40c87fbdc5a00936d260eb32c3df5a905d3041a54d0fade7b220027169911111af6142645e771ce84efdff5ef5f3fe5b1efdb67ba83dd9f94008f787ecee2ec9849c34a8699900b3151e799fb1704100f2075cf313f719efba77efdfdf5e37379232785af24729608cf1099a9eeb643813fe492fbd86788f43e231fe0a6f3f0bf302efeaffa32890b1e48818959d7d2aabb83f062e356a81605f55da96df097b11471c46947910bb3e5e40a5a5c92077231d68efaec50b848907d1e37e18d885f5bd95d939ade1852a5e2f516781e1868f0894c8c0872c84d9c80fcfe085ac88e2a8caf63b3444f6d5f63c4582e766f1fb06a204d7b8c266e29bb43e04f42dc241b0f6926ea4b0340f0b3ac232d92677f2ec099b17361d988b72311e5e93d6d93ca3bb711c5fb979684f67f6ba32901b8adb223fea467157c55e8d5540743af46d36e6670fe21254ed91e207044db3424d42a63d780f2269ca3417aeb73632fb93dd42b07eff0f5ed90707423066f834c2881ae5272af5b3c04c6b9cadb8b234d24c5341696960a23f242837d91d6751695e9f07577bb81aea171df43b27c44ca5b815e66f63848403320ffdf2926f500b16e7496b835ae7a09288847cbb232e2e271cd732e38309d41ffb55391dc4a157e0c02505f54430a70a9ac197f5573a0b11722aec13a9adea4d8e0022810ca28414964d40cbcbf9d2704aa82637e13d561c4fed2ed602be375e547a7fa7198e6a75293abb3903d0b8204ba21dd369a79159cdd810162c2a2ee722bf4e43b7679dfb8b4ac9e768fb3d391fc4f1839f2e91f1c62050b8154cafb6dd19a3f8716a5c072725c5dad281281605ac02632d041accf07bed8135f4cab566db7e01c6902be5728fb01cd6b17edb8870e3417897a604ec795c440334b1bf9b6180ac13d13298b80b8f4352b0bb36ac151607d6ebedae06f8a0582ecd3963a6df647c38c64402ab29ed79533efbe311df5c29d9f1928371e99094f3e7d8aa3d277fe0e3471c6746ca5dab72d6ec161e05b46829c7b437cbbfd82e8606153f23205f051002e23a17906056a50a0d402814df2bfc1de9906b2ab651770a482315e06146af144acf0beea22a5a9bc61931d293483d0f3bf04e62e89cce3e3ee781b3340f59f8a026228e6f3cab05f23ea71334eadcaa1068f1b67f1eee3ee1698e92bc68759a3534069de9132ef7d853f4e20dc1cac32b42a995da861ee19c52e8387528db1ff0245807a1fb19c1670bc3c56f44db0333d7568eef79964f00d6d242a3735cf372c844d6cfcd9bd8934f14dbd5cb907108190fb7ed919840429d4da052d95a242e93db7f07c2c1f8f141026e15a767cc9386b31a18ecc82c4603354236446e9c79ad6899049648b4244446dad02225c5837fb8b033ce4db1fb044df7131bc99316434f232b8049701d33235e581341c5bb08208703e4daa83c0d4e1ab73e8c0724d0e9d6be114927acd0b792ab9464dd3b67963ed235243ebbc16e6af057e984fffc2554582cdd6548d9a929a89b39650a12511ea208ea9553703ec994318d50cea6a632724b08b0af3c11a4ca9d95dba675112563fbd166463cde649917402548547d54cede66d711d805060beed06c79be0c682dde2548a899bb121926ac690ecf1220764874c37810abc3c64291fef538f8959ed50a4b9f6058b8c45735fc783f3ec592c022b066583950037fed74e12f0fc8f04db78cae682c706fdc3783a206167336ff9e4707ce741893beec04916626c4ed07db0a73bfa5d786e3f3585e4b7b37f3968f08f8971963fefa07b7311d4bef7b5a5d72d3c40297da80d995d866220e005713d69b5dec9a4481301e9aa6ba8a6bb1f911c1d9f827838edb81348231f3da450c1044c9c722d31a1fadccbbac0d82de32f2a46c0a083ec89e2baf21b2b1655702e7d58b950df5904f76f129d15c93f95550e3b52c72eb79a1e09aa253c35fce97977f881f61acc6268c2596b755f18d1c95be938b390565d780929c4c6ba4c8d417775facfffce5c0bcc1f075913f5477563d06b3583c3bdcc7330bd6d1a8bdcce29f8452668a9f2a613f21d5195ba1a1bf134e80be88ee8fdd994936b1b40a0f2e98723d8bc53aef7b5af884f5fccd3eaf2dda01278be0b26eccd63cf68278e06e59889b8b9327550b615df368d99bd6d19636477c4d592e365b0c8c43a23d434ec3d622184f325d6d1c8b704aeac87359d9c09012deb32db9bc034fbf10b4662d6618b4d849a9546f00ed3265c22807072482b0ea4eacad35e10bded78ddc4e4025c7ba521b709e4923cfa8b6964fff4ef513965c4c71a77447daf08f7ddd10f2319b57c8075046ed4820e135f883fd4358edf30fc9965b16885aeb0f82cef2556f67bd33c44edad1a2e3bafe648f5e3797a62931218a468f637832f7ec481526824ebb8de5c207733c54313add8a24131f6de8eb8ddab462b5ac7693f7b278b38728449c9d595af99ba5b1548fd942b7b8538456a261a3ee3a7d18fb3e6180b6cfc9adc76a1defa797b57bcbcb9cb47fdeb2316fd2d913dd4aa0239638fc5c3d29df965aec2ade1f556ad58c9159c9f1b6e05691f476c5ff73230eb74a891f7b285de923d1cab7cf1fe2c82cc6ebcee9dd0be04bbc4d01b2ba8c2525fc4120ffae3df6bfe44663ee532ceb5a21db4f2204386f84e2f51666af55cda90dba169a9cd1adeadd7c90322af2656c3166fee2dc39b2db56e2e18b6f7a24bb7b0494320d2000d629e93427d224587dedb5c196b1796fec0c526a8a0355951045677733b33cb42ec170f137b934c4c6e141a8f8ebbeb1970797a29225901780f96521939b2edf85b1a456e9f97d02782104583757126159f264d9ed95e801561d63f0ca075543813c732e75deb01e585fb5b7bdbd7311d9f346e512b36e972489988f53f42118bbfefd3a52ff1fb97f47eaab7f8baa8e1f397bf877588c1c898690885273e47c1bdce3f220f80828fb7489283d5529756514842974a55cd95aa5a75a18627897836311486300bde4fec1c312c735e5ba3419028cbeeaef709d97752a12f83650aec7305232f22f90b8718113f06b3cf48cae0b365c456aa17610a78454fb81020c84ab51e27891dfe6e3820bb8c4ce0a5f72c72f2523b10be64a3c05f76e7bcb7b6c9aab9e49bc0c2b6044b66c475988f0a078f53912a9c442a40243da943376c8f75e74eac306c61004f6a88a818e3e992c0ccadf44e48c95472359c79f04462598dd467cc140e665e57b9b98702096750b82f291ee11b80a9064dc4a0c790107ac0aca2166e4a964aeadab9ec1ed1ca686b36ff00f75a3a131c09e3297d0471b689475941d09e09c62d94840a6083b1e8d80c22c9e10f3575cf53fe80702e0ef82f43bb13a1128a4f76a1728da93d86a5c86fe831334442deb1e003c96cc40a65ee721e219c06c01e75176d1035ec855258d3fc565f0d6eb31910c3c4e4450c65755ca563f0d877861df816160dbccce49865e0c6e9dc7cc281481b9f6bb8dee95d6a572421f1b2dc1995e0a3fde00ae6073015ae4176519e586ef434df534667d30ab103b7815f5a992e51004471ecdbbd8d9d464e7c24124a928b5aa925458825024ad03ad526a5b08ba1b30fef04288035749c266612bdd5caf4ed5245f67f5fccaabc6b2d8994c395dc7f8ce00089f4eacefb18e65a2d9d04136cd9172ce5aedad596d11fdd4b599f7f544f92a398042821b7c1e6ffdf053a35f95f9997791bbf6a0ecbc69531d14b2fd6b18dce4267816ef2fc135b24d76be1b59e35fd76796e9fd92dcb38c08968d9be724eb8a22575e7a7e2649f2a27fb3fac57f6aa53917ae27cd8efc4b6469de6155c3b9654a70ca7fa318682d1fbbf7e3e9f85f3fdf91f96eba538c899f3aebb79fa0ff96f122859061c2aca2a2fbac5640807cc7dec2a5f37a84cfe69af9775a703281d271a38ce08adcfe26ad3df7d0a1065393791dcb526634ceb5c33061fd83b4e1c72fa175585e0f839c9651002896fc7a6ced33919105de91d17083c8f6985e24ffd0fb35dd558af58cab9003e1fb7f87075704396ff677ae7a99725ac2c50c3a9edb15cce24de9a734f81f5187099b2ec316c6cf536c628445799bfc13803c6e94fa844de4b294b6f9b7f96ecf666c1088eee0997dc3d925e45fe9157ff86699e68ad786e973468de54ca6c9156c2e30541e97fb7b845ec2acdbfab05a03009de8260b444c48c0e64940a441d56446b33c698631f480dbcd6f8726e4c287c262bbb6de251c930e717797af777283e0575e8e1304af50cdc493f429dcbfa518e592550e980bf4516ff177a725c59ed0f8d9384bf9bbfe024560062eaf58bc6dd4ad29d71a39f02e00f6ca44ea68b9019387add513c767693d5535e46b3ff697aaeaeffe8e85b86ae877586fd706fbdcc492208c1b61556b80af1f80b018391a4d42e030d89e57c8c8c323c23805551954bcfeffb2c08f9043f24db22a9285f9edb6c66e1091b9dd8e51a228dac137df945491c53014a79b3e033305b1678d7664afc79bd04b0c397c0fb4a12fe3116b24e4d42830e3fb611b337f449c1e0e9667b09690b37789e45cc3007f4a56539c782fa41cbc30f8b213f36e03a1bcee413ae9b4706561c5c68e0ad645423eb5e799ca52a0cbb7e9468a7a0e253b5ea76f6a79a5dc9d72d5aab07703a814922f1fbe1eba0336659ae0acc46b46088b895846435a02bbacd4663f652c0e1289411bada43f1335d48d8ca7a021a60c8a19a8a894aa3375758a140bd040e24aabb0736f79ad95f2090a78418360cfba57398dbf3645bd6c964e53923ded0751512e8cadb650ab833ec3167e8bf385bfbbba46e0845e745810d0133cea434ddab18ef066caea680f16604baf0ee56b1f631f5ccf754fc79285af9d17d99346f7bcd7048dcbb3f0fbd6c2aaa415821f73e4ef5c09fffa911a7ecda2961342d0db95a92d597e8755e41fda1e39c65efc82ca82b22172b3e2017ec5bfbbdbecccc318190eca29ca4dfe393afbbaede3fbc53aa54fde14a1d98a3f0e673bd710d73a978cd7b37901915811c1a8478c61c4021792bd07d42a0e4f7f367139fd78ad1b6cc23c94bfc98bf73c8891c5c69c00c0aa4ba3d76472543fd8d2fef44f4fa928906a60f726a7aed2c6435ea80ffa1d91efc4a605b48845a1e66a7a79c92a869549383256e7724f796aa893c3a86c8c501dcef329d79d7ad5836cd41d48d0ddee68cd5dce8e59724bcf7a0d6872deae7dd15939db46b978fdb77158c3076ecc720b3fe3fefff15b28f7f1304c375a435f20c714576dfc8c9f53af9b6dd7d7ba14d8fe4408f8ffbd61aa0f1194e3c57d63519f96e42fdc97e7adfd686fdbef39bdca9a2716b337e406a909f3b2eed19e24408e8dbe91b5aa98fa62b6fb6f9f13dee6a5da24b24cd2cd859029aabb2bace5492de4985a19c508d2062e6b580bac1a55a41aecabf0d63f48315a6497f11a5a09bdfd1649203eedcd03069cac0bde4f7691e57e2a054e1c192f6d78f2647af7cfffc4daad033521b87103c5bbb81eafb0ff72c4cfc7beab3cd7074ed50f23021e917e85a0ea2dec4dd0d7f8efa68f15a1296ca768fac34f630014743eeeed57f80165e268c1cef7d5d385edb955195a3e44b8b388dcab72083fc2dc23d71913bb98ef2a34ad6df1675b936e294ebba47dbd74daa8098fcb627a1e17616d8775cf1fdec8676d57ce31bd4bfbe821a03ef251f651ce97dbae57f99c6755470e9cdd17699c568ada69a64621dd5625d95b0b550c596292b1816b9516cc7d8f02f8be32afda1f4357419b28363ced9bf7429e7687531fb00de4d2e03fe4ca448e66ad17c58d909df244f4f7ed265164b42273187816e0872e6818b8bdf48097d108f4c67ffa10038f7d2a705b4489c9af1284a7b34dec3e5b56f350c880277fca26427e0746eece173de1ae1104b7822a9fd45b262e5f3ce16a64dfa69e84f077296144f0c119bd2aac2251f463b3e8177dc259088c8a1794953b248b95e7c6e6f91ed45a7d3bce7e91ec72b98c06ba6c625bfdefc69c7416d89a0b1f3bcab5aed96370d74c6812ef0338368756f83f4be0331cde6d11d9a917483f25beda96af71882c3d4d1b3785932fa0bc93d611c919dcb116699db1a3d26ad6826937a984fa121fac7a45ff220520f702ee942793dbf7023b98c9cca4f150bccd29f26aff58e2255aa73fb7a7abd24b501bd403f24900d42e88c57494ab5ef8bacc07ff9904b100d709cc9b1018cacfa42d839476b7aeceeb2236e2c1151d441b167036bef84069401d67a1473d5d11cc109bd39a1fca5d5aa347c4fd5f6f3c12a8f5d1ec344dc1717f5e8e1aae6d7b7c42aa633ffdcb46c32ac667d933cb9fdaf6d83eefe77d8733a59fcf394d063efa474df67697f881991a34fa79bb78f3b19e9b29cc7b03ca7390b0ca6064a961f3fed249db4ff2c01840373b6242034cbac645d59743f1a90f372ee0c17efade2cef03e3f0edc640dfb629c6b98dc2f28ce06aff3574a2cbdb4b06fba31b2dfe34bba7e34e02a786fa4473d5ba847f4f1e644c1bad62ebd5ca9306219ad6beacb8a54ba299e1bad887293f1b65ff956ea2a562e290df607a608503afee3ae180d600f1d14a9459cd5a399c7e2c7bbde19c11ac869d34ea5e990a759e346c3d538108a277894d6ec7bc6fcd65862a2d9d0696551a4a37379feafb313a09f2575c52641db9f46f4cc5e851f67ce633572b6ffcea7b7c24b44b40d32e55e4f3b426e464c07741648f30d51fe3eb162cadcecf21b7182cc915ffd887e85c385b5989f87910c5c990d639f8d2cd9234c534400088ef49733c94f39131fd51d784a407a07eae6d5359acfa35994ec3760ca3866404a5faed0fb210ce1b849868a6007c8e839ac7518172928277bf2dc43d163d2a0f6146cca1738ec3526762e8e2caf69606a3980bd08fba42ec7cbf48d315e45b834bfb14221de8259250c4ae9590520288c73bfc7d8076d3fe46b772491173ea0daa76cb5cb40637a038ce734d72c0c020494062843715e762d71a8f8518fa7d837391c06b62c96efc17651158657db8ea9a57634b0b5628b06fd5d568fb02185a63a6beb56013cfb4fd1695b102fb58f39161232af39f6d87c5ff6af247df3d549b7f6f81cddf4e3cb12b18634e69df5af55127f72670a3104ce5aba7877c32ee4b0cfa076247a95750e830a240b092baec2f473e83581e5799d69593247f0e78ad8e44c0e0d09fc55888107c4badcdb20b2c82d5915b3b03060e53d199b20b29ad6742655bf62343421f826daf1a3c0c493c96bf719bdf0a8dc9a4fc3f75bcebec3aebfd898ef161cd4e2e33a142c36f673cd8da72edae4f691a4271881d326d77fca0af396bc1eaf9e9d2a047562f91f0e87972e3ae5abb75e352f28c81351c4be6a34e5a01b8ed8461f14e21d1afc9260d838b43e9e2ae078d64b6c718232bcd2b26d3c57beb3c605e00c6f9c1031a3bae4b1872ba5d6c23199253929f1cf57a2e961d798ca9d315fa6b9855c8e7efcc24ccde498a3f1ba23755360044f024753f886f97016bd45a56d802f3e9e040a84f6c46cd5aa99fd4471b97cdb0bd8d265853fb79c42b4cad7eda49ca08d3cefffee2d3f1b5f083a06ea4be4b0acf84ca27e5a8d579d3135f3e59bd5b823b2bef7708189f54c8f0d576e4c6bdbf932b55bc792bb302cddc5c555e4903eff45b493f9498f7bf184035335ad1ba1547795a443c9afb30f932e7d1b042fe1690cd34d98e2331cbe38108be26f8ed615590e8bd99fd01b700b21e6ed61de92297d8b447c723089cee359ccd4517328d54ebc43a3f9173698c4362a6130508c9a0ea57b9a8a74a997a21e3e2a7223ad3debd80f70aff2eba5a862aa667052462bf6635eca2dd3350ef70fda58f8492d34c5b819c802f97b8765680c39fcab3b92f8a8be88a93b5bfc1dbba3fbfd3051c4443e766f4cc6a9d0f96b66a081e9316a44efe5973479ae74bf13c18711218f75d7f4e6f70b0a34ff2a1aec8d1e3181a65b4d5f21f0c19789a2ff90ae5e1298e707628e97e6a5048ac29d916193577506a7f5a9cfb0c73d16a67a2e1f872c8026891e98df07579877460c845bf967f87d75295ed29ddf626340f313bb35a04f9304e34773eda19650f25a08b2bd603297d9edd7f7d1b88d0b18e7bc35b0593961e7403a03550a20a0eab83cb00e659f5fccc189d14b28f11b8f55db517ab124b3718e70868d2131c74640bc682ee785a75cf960a79fead7965d0798d98e386598efb5ce92b0ceeec4e63e2eee3a15642ac72691517c4197a667de3e57a56e2d6e4ecb5a2bc401f90ec2239baf6a9a418267fe2228f7776c7f932a048cd9aada01c2e6d9466ecc434ba61eb97a0d6eb00e719940b3dca3ae25b94e9040ee238184eeaf46e51b61d855ce476d10dd9cb09df18c585304bc4f9e88060e4bdd6e624dd90d7ae8874c0af1e17e67d3bb27babd15880cc61f22b6a0b24df6d03faa13f0c918a7b960f47d939934d9ae90edc40251fb53c9fde3ee255e49c8541d995a644d35b46ab202e56ad1de3da1c5ee587f167b398392d0fba4a43eedeaccb0ba16f571055381fe3885490c71e0805b1b3186bf2652b9a9df69d8d1232cf704fddfb5e7d3ff78ba5ae3b843f4f9b82161e223343240c33a9cd21eb312806163ebb2e60bc98b68b3d95bdd923f6ea831083c13ca65e4a06e999b2d014d0ed218d72c5b776fd21ae21d14e23e9074de20d6d16520b1061aa4db3b5b8077b1c43aa375c68a6243ad582a148dc6878ceb2ab6792cac38ef21765df51171436a412f60f5dc68fba51aae8c4909efa690340fd8a63cbfa4af6235c1c904a20578f54b9c91b1fb8017d05321e0bb9eda1502c1506f3d2939977af87d1f9329e237c129d5cb65e093396f016eb0c2f0aa5cab92a00259f6056532ef188be500fec4cd4614e29daf5b41da2b4742b02999e651c42d2f405344a232e36278785dc7a681d0ee2014ce3214f44ff9d2c3e083e18c299cd7cc8ddea4b805c673cb7479a553f28349235d37874ae3da878a5b6321e501c2b77470dd15b35ace69b1b8e3ba20cce47acb8350f206d136dfdcea697bf558bf3426bb1e0ebcf2797a1c7a181fad43b8c68633b361d40868c279896eb1c628656a9b57dcde8444ff92f2cc1d2dfa1998054487d8fcf11b852019ac21ae0582b1c8f4ff90f31d862e20740d7b803b0f109a8d1506137ca58167e8be1d13e6a5590e2bf2af5cbb7e79db2f4cdec83983463e1e830f54f8534e4c660039c0d372c7c757be3498f6be9ff6b6d13b88ca0ee07a0fd4df8cb13de0fa094cd3b9eb87032a6aaa757a6391ccf98fa7f9d99065b4f747e70ca497af77fbad520c589445d3401c67972ff7e274571b8c35a17ae78de90c81f791a69d70975208153f94ac7199c45de1ca5746887ec677452fd1a018b7287ac45e14ecdf1876229964153cfe6b39f1d50a9be63a0eb10016607ff338751cf9bb97c917d532be1174d0410e26dcfab873769b71db87758c0ad015b1db4b7565e244925ea0dc24313ac65f0355abcfa96c786b8ab7b32166bbf4c7ddae0d3f63d1aad63a9b105e05825aa012e075ba3e1c20b757e1dce75f6fe14e891a20988d365cb5e69206a1b7d8caf2effc73eb577330cb56495fbeaa6b7aef3467a32f53634e468208a8e55d626f98a2b51d39b48341c27306e59c0fc5c8058719b526eac245ce857288976abdfc9be1d4f220817f879c15cf0a258f89cd8269113821b0a1073165923748c6e8e0331ae9e7df11e62a80bf28559850cce385a98e0f48209ebcf69e8938a7605e96f4ffcf580b6c1df742766458763dc91b34035c12396b06ca5995b8feee35e1a3891cca0402fb9e739d8f8aa1a637b7c8c2c458493a323fbe5a76f866e2d9adf0d1d76950bc527a969f61c8519508eb5a93447d212e209c724aa16a949d8be1b14c8711d4c85e728e9d50b5b78b76242f9d59d866a86da0f129201a5b665611360ab3f4b678746cbba1b47884d2bfe4d3e38bf441fac354654c5077620cdf5870fda1fd5ca2bf4780d474a27cb660dd9d7ea83d423240c7ffe743dbefa3b922ac6d5f9544a7d5477dc44761a1d47633f67fe220f37630d678daeb62360b5f4f5d40493169f6554897c5d05c4909834fb2ef1494f8bbbf9e986761b931a26b0ab76b88d4f9b9bd9a024dc39819e0a139eefba8f617401811b4a7b97212aa82965e6008447979d19bfeacceedd48a24d65b8a1705d686fa8c44100d27dca9bc764b74345e1da71bfd9604e2f5bfdd28097f90e98f91ca81b08e827f7a3e742e6c019691afb612042a375985b01b94b3eb61a484fc2ece84f53ba5738273c80047663ec335d31f1ce43c6205a78fe7712626e8e6ff691b5bb9fe1a41909db60d8644d73936c4eb663bbfef030499c8c7d31f4eacae3cbf736a1eba6f85008139ba7eaf5f1ef8804f617e56c820c24f139b7036887f2ed2de32fd63574d0359ad4026e67c550b4ae960a2ce234a20e076da3f91a7ed60bd59a38e1acd7941a66bf3e755a431cead3f01600c6e47564167340f3f853efae37b036988bf4b30849d9dd5d0d09b1799bf9fadca76c497a1345018c8724065291bd8cc633e06359b72040a7673ffe5e86c240d043963bf2d76a0fbf50243a63d45d7f3358e1b9d1f3cbffd7e60429afee778f305e7d8f07c3e49a104f3a4e92118ce84cd11839f507656757d6e89ff296cf792ca2f1429aa80c8092b970d6f065eda3fb25b6b8a699561f8fe5236bbbc96f15860e29326a5a2671a88545a65e587d986615998a124a97820a65f81779b3101086e6f261177a66858d788c5c66521408a9e70238719614aa6232a3ef7a33e99d3b1dcdc20c33e8124b1dabe50ce9e4eadf34685560039e7d7e08f038f2004da7703bc4a30a28409719092e6640e743ee8a4e75dea106314a26ed5cae5d02bf9c8b0e96020a6b7941db7f0c311476f377a992caccff7f1919062f9db36ba72b29e9dc0880fb8eb24f41e0a6cbaa487058c6fbe6b062b372e0b84c9fcfd64d84724b6cda7fb3f582abaa6757782b20f9c1fad78f98273129caaa9496c1dbbbd167b52bae60dc327d1e18d82450ff9b6b108a0f20cbee5", 0x2000, &(0x7f0000004b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000045c0)={0x78, 0x0, 0x2, {0x8, 0x7, 0x0, {0x5, 0x0, 0x1, 0x40000000000, 0x4, 0x2, 0xe767, 0x7279, 0xe96, 0x8000, 0x3, 0x0, r2, 0x4, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

39m35.884746956s ago: executing program 5 (id=1510):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x1001, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x2, 0x200000000000000, &(0x7f0000000300)='\x009'})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000480)=[@request_death], 0x0, 0x0, 0x0})

39m35.743601261s ago: executing program 5 (id=1512):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
write$vga_arbiter(r0, &(0x7f0000000000)=@other={'lock', ' ', 'io'}, 0x8)
io_uring_setup(0xad5, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x3d0})
pselect6(0x40, &(0x7f0000000580), 0x0, &(0x7f0000000d00)={0xd0}, 0x0, 0x0)
close(r0)

39m34.866858975s ago: executing program 5 (id=1525):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x2)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

39m34.822350344s ago: executing program 5 (id=1526):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=@newlink={0x3c, 0x10, 0x439, 0x70bd29, 0x25dffbfb, {0x0, 0x0, 0x0, r3, 0x9801}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20048001}, 0x4000004)
sendto$packet(r0, &(0x7f0000000640)="e8b77052a9", 0x28, 0x40, &(0x7f0000000200)={0x11, 0x86dd, r3, 0x1, 0x0, 0x6, @local}, 0x14)

39m34.406764455s ago: executing program 5 (id=1533):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40004}, 0x4000)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=@newtfilter={0x34, 0x2c, 0x1, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x0, 0x2}, {}, {0x7, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000850}, 0xc4014)

39m34.266363072s ago: executing program 35 (id=1533):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40004}, 0x4000)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=@newtfilter={0x34, 0x2c, 0x1, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x0, 0x2}, {}, {0x7, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000850}, 0xc4014)

39m26.543740211s ago: executing program 7 (id=1609):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000300)={0xa, 0x2, 0xfffffffc, @empty, 0x80000001}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x4e24, 0x0, @loopback, 0x1}}, 0x0, 0x0, 0x2, 0x0, "10baa70a93289349d889de25b87376f64276337642b890d33cb5b592266c5b98fb19402835fee1b3871b7ef6619db5b2a94edb6f73ea08b02aa3b47debd38b6d889a8c986b33eb49c3157f1f370dfd67"}, 0xd8)
r1 = dup(r0)
sendto$packet(r1, &(0x7f0000000400)='(', 0x1, 0x24004090, 0x0, 0x0)
connect$unix(r1, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e22}, 0x6e)

39m26.45650176s ago: executing program 7 (id=1610):
ioperm(0x284, 0x7f, 0xe3)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, &(0x7f0000002980)=@keyring)
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1, 0x0)
mount$fuse(0x0, 0x0, &(0x7f00000020c0), 0x0, 0x0)
llistxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000041c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)

39m26.456255457s ago: executing program 7 (id=1611):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x28)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
mkdir(&(0x7f0000000180)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@userxattr}]})
chdir(&(0x7f00000003c0)='./bus\x00')
mkdir(&(0x7f00000003c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0)

39m26.320594764s ago: executing program 7 (id=1612):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000340)='./file0/../file0\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0xb101e, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125499, 0x0)
mount$9p_unix(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3047c4a, 0x0)

39m26.15850528s ago: executing program 7 (id=1613):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000340)="71e67a15cd", 0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x80108907, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x1000000, 0xffffffffffffffff, 0x40c}, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x1, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff000000009408048000001700638af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000100000000b703000008"], &(0x7f0000005d80)='syzkaller\x00', 0xc}, 0x94)
r5 = socket$kcm(0x10, 0x2, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000400)=r4, 0x4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000700)=@raw={'raw\x00', 0x3c1, 0x3, 0x4cc, 0x0, 0x940c, 0x3002, 0x0, 0x2c0, 0x404, 0x3d8, 0x3d8, 0x404, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x28c, 0x2d4, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0x0, 0x3f, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf4}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0, [0x0, 0x0, 0xff000000, 0xff], [0xffffff00, 0xffffff00, 0xff000000, 0xffffffff], 'team_slave_1\x00', 'veth1_virt_wifi\x00', {0xff}, {}, 0x886215f4d37bb4bb, 0x90, 0x1, 0x69}, 0x0, 0xc8, 0x130, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x528)
sendmsg$kcm(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000004c0)="d80000001a0081044e81f782db4cb904021d0800fe0055a1150015000200142603600e12080005007a010401a8001600200002400400027c035c0461c1d67f6f94007134cf6efb8000a007a290457fffffffffffff0001bace8017cbec4c2ee5a7cef4090000001fb79164d322fe7c9f8775d3f2d5d0683f5aeb4edbb57a5025ccca9e00360db785262f3d40fad95667e006dcdf61951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a94100000000000000000000000000d4da15", 0xd8}], 0x1}, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
r7 = socket$rxrpc(0x21, 0x2, 0x2)
getsockopt(r7, 0x110, 0x6, 0x0, &(0x7f0000000280)=0x61)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2002, 0x0)
write$rfkill(r8, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x1}, 0x8)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="fab0817dbcb5f31a24001280110001006272696467655f736c617665000000000c09058006001f0009000000000000000000004cd05a90b061a07004"], 0x58}, 0x1, 0x0, 0x0, 0x20044010}, 0x4040)

39m25.906428156s ago: executing program 7 (id=1614):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1b, "5660359c3245d1c42317afad7d48ed51000000000000000100", <r1=>0xffffffffffffffff})
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x141100, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000140)={0x1000, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27", <r3=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f00000000c0)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8affbf514fd00", r3, <r4=>0xffffffffffffffff})
ppoll(&(0x7f0000000000)=[{r4}], 0x1, 0x0, 0x0, 0x0)
close_range(r0, r4, 0x0)

39m25.866812738s ago: executing program 36 (id=1614):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1b, "5660359c3245d1c42317afad7d48ed51000000000000000100", <r1=>0xffffffffffffffff})
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x141100, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000140)={0x1000, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27", <r3=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f00000000c0)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8affbf514fd00", r3, <r4=>0xffffffffffffffff})
ppoll(&(0x7f0000000000)=[{r4}], 0x1, 0x0, 0x0, 0x0)
close_range(r0, r4, 0x0)

17m17.25016834s ago: executing program 6 (id=7145):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x42)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r1, 0x8030942b, &(0x7f0000000080)={0x4, {0x25, 0x4, 0xcb, 0xa, 0x7ff}})
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="d800000018007b7be00212ba0d1605040a003f00000f040b067c55a1bc0009001e0006990300000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b3162700e06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5005ccca262f3d40fad95667e04adcdf63cc1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd601edef3d93452a92307f", 0xc5}], 0x1, 0x0, 0x0, 0x2663}, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f00000002c0)={0x8, 0x2, 0x6, 0xe552, 0x7})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='afs_make_fs_calli\x00', r1, 0x0, 0x7}, 0x6c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x100007, 0x4, 0x25, 0x1, 0xffffffffffffffff, 0x400000}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x1b, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240), 0x0, 0x2, r6}, 0x38)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000100)={{0x29, @multicast1, 0x4e23, 0x3, 'lblcr\x00', 0x24, 0xc, 0x21}, {@rand_addr=0x1000, 0x4e24, 0x4, 0x9, 0x4, 0x2}}, 0x44)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)

17m16.351995587s ago: executing program 6 (id=7147):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f000056f000/0x2000)=nil, 0x2000, &(0x7f0000000300)='@**$.\x00')
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
ioprio_set$pid(0x2, 0x0, 0x6000)
syz_clone(0x80280, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0xe, &(0x7f00000001c0))
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0x1, 0x140001c4, &(0x7f00000003c0)={0xa, 0x4e23, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x2008000}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @broadcast}]}, &(0x7f0000000180)=0xc)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000000)={r5, 0x8}, &(0x7f0000000040)=0x8)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x2, &(0x7f0000000200)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000000040)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x80000000}])
io_getevents(r7, 0x2a, 0x2, &(0x7f00000002c0)=[{}, {}], 0x0)
io_submit(r7, 0x1, &(0x7f0000000140)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r6, 0x0}])

17m15.088953631s ago: executing program 6 (id=7150):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xffffffff}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x20000001}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r3}, 0x18)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8b37, &(0x7f0000000000)={'wlan1\x00'})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000040)={0x4c, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)

17m10.285494179s ago: executing program 6 (id=7158):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000180)={@private0, 0x8000000, 0x0, 0xff, 0x1, 0xffff}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000180)={@loopback={0xfec0ffff00000000}, 0x8000000, 0x0, 0xff, 0x3, 0x0, 0x600}, 0x20)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x28011, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mount$9p_virtio(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil)
mmap(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x2000004, 0x31, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)

17m8.408936705s ago: executing program 6 (id=7163):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000180)={@private0, 0x8000000, 0x0, 0xff, 0x1, 0xffff}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000180)={@loopback={0xfec0ffff00000000}, 0x8000000, 0x0, 0xff, 0x3, 0x0, 0x600}, 0x20)
openat$comedi(0xffffffffffffff9c, 0x0, 0x401, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x28011, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mount$9p_virtio(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil)
mmap(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x2000004, 0x31, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)

17m4.929546748s ago: executing program 6 (id=7165):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000180)={@private0, 0x8000000, 0x0, 0xff, 0x1, 0xffff}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000180)={@loopback={0xfec0ffff00000000}, 0x8000000, 0x0, 0xff, 0x3, 0x0, 0x600}, 0x20)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x28011, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mount$9p_virtio(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil)
mmap(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x2000004, 0x31, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)

16m49.767145174s ago: executing program 37 (id=7165):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000180)={@private0, 0x8000000, 0x0, 0xff, 0x1, 0xffff}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000180)={@loopback={0xfec0ffff00000000}, 0x8000000, 0x0, 0xff, 0x3, 0x0, 0x600}, 0x20)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x28011, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
mount$9p_virtio(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil)
mmap(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x2000004, 0x31, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)

56.901674746s ago: executing program 2 (id=10428):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x101200, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = dup(r1)
r5 = fcntl$dupfd(r0, 0x406, r3)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/251, 0x0})
ioctl$VHOST_NET_SET_BACKEND(r5, 0x4008af30, &(0x7f0000000080)={0x0, r4})
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)

56.751584121s ago: executing program 2 (id=10429):
r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0)
write$cgroup_int(r0, &(0x7f0000000040)=0x10001f00, 0x12)

56.751354643s ago: executing program 2 (id=10430):
r0 = socket(0x10, 0x3, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xfffffffc}, [@call={0x85, 0x0, 0x0, 0x2f}]}, &(0x7f0000000080)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x0, 0xe, 0x0, &(0x7f00000001c0)="e00b90f177020000000000000000", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
ioctl$KVM_CAP_HYPERV_SYNIC2(r3, 0x4068aea3, &(0x7f0000000140))
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x9, 0x2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x400000b0, 0x0, 0x5}, {0x400000b1, 0x0, 0x5}]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={<r6=>0xffffffffffffffff})
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='io_uring_fail_link\x00', r7}, 0x18)
r9 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_vs\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0x40, 0x0, r9}, 0x50)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r9, 0xc0189377, &(0x7f0000000340)={{0x1, 0x1, 0x18, r8, {0x9, 0x5b}}, './file0\x00'})
syz_emit_ethernet(0x5a, &(0x7f0000000000)={@local, @multicast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "3000bb", 0x24, 0x2b, 0x0, @private2, @local, {[@routing={0x1, 0x2, 0x2, 0x8, 0x0, [@local]}], {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x1, 0x3, 0x1, 0x100, @void}}}}}}}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x5c8c, 0x0, @empty, @mcast1, 0x80, 0x0, 0x0, 0x20000000}})
io_uring_enter(0xffffffffffffffff, 0x2219, 0x7721, 0x16, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00', <r10=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x44, 0x24, 0xd0f, 0x50bd2d, 0x0, {0x60, 0x0, 0x0, r10, {0x0, 0xa}, {0xffff, 0xffff}, {0xc, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x18, 0x2, [@TCA_TBF_PRATE64={0xc, 0x5, 0x67eb6bf12151d48d}, @TCA_TBF_PBURST={0x8, 0x7, 0x126e}]}}]}, 0x44}}, 0x44080)

56.28458552s ago: executing program 2 (id=10432):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x100)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x99501e, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x887008, 0x0)

56.217417018s ago: executing program 2 (id=10433):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB="0000000000000000400012800c0001"], 0x68}}, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x2}})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0x72)

55.949854341s ago: executing program 2 (id=10435):
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
connect$inet6(r0, 0x0, 0x0)

55.902023s ago: executing program 38 (id=10435):
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
connect$inet6(r0, 0x0, 0x0)

10.751047178s ago: executing program 0 (id=10792):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x840, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000000)={[{0x80000000, 0x4, 0xc2, 0x4f, 0x3d, 0x2, 0x80, 0x1, 0x3, 0x44, 0x8, 0x2, 0x1}, {0xb, 0xa7f2, 0x8, 0x8, 0x9, 0xff, 0x4, 0x3, 0xa, 0x13, 0x7, 0x6, 0x1}, {0x21ff, 0x7, 0xd, 0x10, 0x25, 0x9, 0x0, 0xfb, 0x4, 0x15, 0x0, 0x2, 0x4}], 0x9})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x8, 0x8a, 0x7fffffffffffe, 0xfffffffffffffffd, 0x2, 0xfffffffffffffffd, 0x4002004c4, 0x1000, 0x6, 0x8, 0x10, 0x2, 0x3, 0x0, 0x3], 0x3000, 0x1011c4})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10.607074496s ago: executing program 0 (id=10793):
pwritev2(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000040)='4', 0x1}], 0x1, 0x0, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

9.701202213s ago: executing program 0 (id=10798):
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000380)={0x1c, 0x0, 0xf21, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000015}, 0x44000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, 0x0, 0x2000c000)

9.641008864s ago: executing program 0 (id=10800):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x260)

9.640907172s ago: executing program 0 (id=10801):
socket$nl_netfilter(0x10, 0x3, 0xc)
read$FUSE(0xffffffffffffffff, &(0x7f00000002c0)={0x2020, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}, 0x2020)
ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, r0, 0x2, 0x4002)
open$dir(0x0, 0x200800, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$phonet_pipe(0x23, 0x5, 0x2)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
bind$alg(r2, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha384\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
recvmmsg$unix(r3, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500, 0x8d}}], 0x600, 0x0, 0x0)

9.390890056s ago: executing program 0 (id=10804):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001000000"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x18, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x4}]}]}, @NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x1, 0x10}}, 0xb4}}, 0x0)

9.225935473s ago: executing program 39 (id=10804):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001000000"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x18, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x4}]}]}, @NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x1, 0x10}}, 0xb4}}, 0x0)

3.000854658s ago: executing program 3 (id=10868):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000001f80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='kfree\x00', r1}, 0x18)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000400)=ANY=[@ANYBLOB="020300030f0000002cbd7040fcdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af030006000000000002004e22ac1414bb000000000000000002000100000000000000070c00000080030005000000000002004e22ac14140a0000000000000000020013"], 0x78}, 0x1, 0x7}, 0x0)

2.821096428s ago: executing program 3 (id=10874):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071100000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d07000000374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6bebf5088a2a12dd1a1b14d948aa911cf50968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3a51cc87e068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a881192292469d2d25115be3cfb8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c5a7bd32cb8d3ca303a671a9339e77a"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$phonet(0x23, 0x2, 0x1)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0x3, 0x300)
socket$inet_mptcp(0x2, 0x1, 0x106)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x20000, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$unix(0x1, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc00", @ANYRES32=r0], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

2.581010263s ago: executing program 3 (id=10875):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, 0x0, 0x0)
listen(r2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)

2.517587031s ago: executing program 3 (id=10878):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a000008048002000905", @ANYBLOB="f7", @ANYRESDEC], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r0)
write$char_usb(r1, &(0x7f0000000180)="2fed425a35", 0x5)

2.514705166s ago: executing program 1 (id=10879):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100))
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="180800ec0c00000000000000000000001801000020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00', {0x2}})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0x72)

2.420986666s ago: executing program 9 (id=10880):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c000280080001400000000d080002400000000f05000300010000000900010073797a30000000000900020073797a320000005b1337700011000100"/127], 0x80}}, 0x0)

2.420821089s ago: executing program 9 (id=10881):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x800000001fe, 0x2)
r2 = dup(r1)
ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000040)={0x23, 0x3, 0x1c, 0x9, 0x0, 0x0, 0x0})

2.35080691s ago: executing program 9 (id=10882):
r0 = syz_io_uring_setup(0x5c6, &(0x7f0000000140)={0x0, 0x80001021, 0x80, 0x6, 0x237}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000240)=<r2=>0x0)
timer_create(0xfffffffd, 0x0, &(0x7f00000011c0)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000100)={{0x77359400}, {0x0, 0x989680}}, 0x0)
timer_delete(0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x6e2, 0x3900, 0x1, 0x0, 0xe00)

2.350422063s ago: executing program 1 (id=10883):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071100000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d07000000374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6bebf5088a2a12dd1a1b14d948aa911cf50968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3a51cc87e068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a881192292469d2d25115be3cfb8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c5a7bd32cb8d3ca303a671a9339e77a"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$phonet(0x23, 0x2, 0x1)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0x3, 0x300)
socket$inet_mptcp(0x2, 0x1, 0x106)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x20000, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$unix(0x1, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc0000000800110007000000", @ANYRES32=r0], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

2.260472459s ago: executing program 1 (id=10884):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000400)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r3, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r3], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x4c094)
r5 = socket(0x10, 0x3, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {0xffff, 0xffff}, {0x5, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x6, 0x2}}}}]}, 0x79}}, 0x800)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newtfilter={0x74, 0x28, 0xd27, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xfff2, 0x9}, {}, {0x2, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x44, 0x2, [@TCA_CGROUP_POLICE={0x40, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0xfffffffc, 0x8, 0x0, 0x8, 0x80, {0x4, 0x1, 0x0, 0x2, 0x61e, 0x10000}, {0x5, 0x0, 0x6b4a, 0x9, 0xa6, 0x10000}, 0x4, 0x80000001, 0xc6}}]}]}}]}, 0x74}, 0x1, 0x0, 0x0, 0x8800}, 0x404c0c0)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0x0, 0x1}}}, 0x24}}, 0x10)

2.193279546s ago: executing program 1 (id=10885):
r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$int_out(r0, 0x5460, &(0x7f0000000280))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x20000000000000cc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYRES16=r3, @ANYBLOB="010000000000000000003a00000008", @ANYRES32=r4, @ANYBLOB], 0x28}}, 0x0)
r5 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f0000000080)=0x80000003)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x20c4)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
r6 = dup2(r5, r5)
read$FUSE(r6, &(0x7f00000063c0)={0x2020}, 0x2020)
syz_usb_connect(0x1, 0x2d, 0x0, 0x0)
openat$tun(0xffffff9c, &(0x7f0000000380), 0x800, 0x0)

1.470341644s ago: executing program 9 (id=10894):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000001200)=0x8a4, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='bbr', 0x3)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

1.291093775s ago: executing program 8 (id=10896):
open_tree(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x1)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x148)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x30, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x46)
write$qrtrtun(r0, &(0x7f0000000340)="66bb0b760dc0f4ff", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], &(0x7f0000000240)=[0x2], 0x0, 0x9}}, 0x40)

1.220931681s ago: executing program 8 (id=10897):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000200)={0x2020}, 0x2020)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010008020000001800006600000008000300", @ANYBLOB="08002600940900000800b700"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

1.174703918s ago: executing program 8 (id=10898):
syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_io_uring_setup(0x49a, &(0x7f0000000280)={0x0, 0x9bd7, 0x800, 0x2, 0x40024e}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0x6, 0x0, 0x0, 0x2, 0x1})
io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x0)

1.110237991s ago: executing program 3 (id=10899):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff)
mknod(&(0x7f0000000080)='./bus\x00', 0x8000, 0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
listen(0xffffffffffffffff, 0x3)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0xc, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80000001}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x45}}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000040)={r5, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000003c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x30, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x10, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_REPLY={0x4, 0x4}]}, 0x30}}, 0x0)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='./bus\x00', &(0x7f0000000180)='jfs\x00', 0x400080, 0x0)
r7 = fsopen(&(0x7f0000000000)='devtmpfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)

1.040989293s ago: executing program 8 (id=10900):
getsockopt$XDP_STATISTICS(0xffffffffffffffff, 0x11b, 0x7, &(0x7f0000000280), &(0x7f0000000340)=0x30)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x95f57000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r3, 0x84, 0x12, &(0x7f00000000c0)=0x9d, 0x4)
bind$inet6(r3, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x7e)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x2, @loopback, 0xfffffffd}}, 0x0, 0x0, 0x500, 0x0, 0x54, 0xa}, 0x9c)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
sched_getattr(0x0, 0x0, 0x0, 0x0)
mount$cgroup(0x0, 0x0, &(0x7f00000001c0), 0x2010042, &(0x7f0000000000)={[{@subsystem='hugetlb'}, {@subsystem='memory'}, {@subsystem='cpuacct'}, {@xattr}]})
socket$packet(0x11, 0x3, 0x300)

560.905777ms ago: executing program 9 (id=10901):
syz_usb_connect$uac1(0x0, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00', <r5=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=@newlink={0x78, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x38, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x4}, @IFLA_VLAN_EGRESS_QOS={0x28, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7, 0x1}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x4, 0x6}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x110527dd, 0x3}}]}, @IFLA_VLAN_INGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x78}, 0x1, 0x0, 0x0, 0x600}, 0x0)

368.936155ms ago: executing program 1 (id=10902):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x101401, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xffffffed, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000006c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70b925, 0x25dfdbff, {0x0, 0x0, 0x0, r8, {}, {0xb, 0xb}, {0x0, 0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xfffd, 0xfffffffe, 0xb, 0x7, 0xfffffffc, 0xffff, 0x5, 0x4000007}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20018041}, 0x4008000)
sendto$packet(r6, &(0x7f00000005c0)="ba", 0x1, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r5, 0x1, 0xd8, 0x6, @multicast}, 0x14)

150.626339ms ago: executing program 3 (id=10903):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x8031, 0xffffffffffffffff, 0x3ba27000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000480)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000180), 0x2)
r5 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2)
ftruncate(r5, 0xffff)
fcntl$addseals(r5, 0x409, 0x7)
r6 = ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000140)={r5, 0x1, 0x0, 0x4000})
mmap(&(0x7f00002ca000/0x4000)=nil, 0x4000, 0x3000007, 0x12, r6, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)

150.208917ms ago: executing program 1 (id=10904):
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv4/tcp_mtu_probing\x00', 0x1, 0x0)
pwritev2(r0, &(0x7f00000001c0), 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r1, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

70.527627ms ago: executing program 8 (id=10905):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000040340000000000000800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000357500007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000006c0)={0x1, &(0x7f0000000500)=[{0x6, 0x43, 0x0, 0x7fff0000}]})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
close_range(r2, 0xffffffffffffffff, 0x0)

743.54µs ago: executing program 8 (id=10906):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000200)={0x2020}, 0x2020)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010008020000001800006600000008000300", @ANYBLOB="08002600940900000800b700"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

0s ago: executing program 9 (id=10907):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a000008048002000905", @ANYBLOB="f7", @ANYRESDEC], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r0)
write$char_usb(r1, &(0x7f0000000180)="2fed425a35", 0x5)

kernel console output (not intermixed with test programs):

338] usb 14-1: config 0 interface 98 has no altsetting 0
[ 2720.058326][ T8338] usb 14-1: New USB device found, idVendor=0846, idProduct=1040, bcdDevice=d0.c9
[ 2720.061739][ T8338] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2720.064886][ T8338] usb 14-1: Product: syz
[ 2720.066553][ T8338] usb 14-1: Manufacturer: syz
[ 2720.068827][ T8338] usb 14-1: SerialNumber: syz
[ 2720.072766][ T8338] usb 14-1: config 0 descriptor??
[ 2720.075604][ T8742] raw-gadget.2 gadget.9: fail, usb_ep_enable returned -22
[ 2720.078911][ T8742] raw-gadget.2 gadget.9: fail, usb_ep_enable returned -22
[ 2720.107571][T30771] usb 7-1: Using ep0 maxpacket: 8
[ 2720.111603][T30771] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[ 2720.114735][T30771] usb 7-1: config 0 has no interface number 0
[ 2720.117109][T30771] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 2720.121412][T30771] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 2720.124869][T30771] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2720.130401][T30771] usb 7-1: config 0 descriptor??
[ 2720.139254][T30771] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 2720.255041][ T8740] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 2720.257640][ T8740] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 2720.268366][ T5472] usb usb56-port1: unable to enumerate USB device
[ 2720.285723][ T8742] raw-gadget.2 gadget.9: fail, usb_ep_enable returned -22
[ 2720.289050][ T8742] raw-gadget.2 gadget.9: fail, usb_ep_enable returned -22
[ 2720.467577][ T6085] usb 42-1: device descriptor read/8, error -110
[ 2720.493113][ T8338] asix 14-1:0.98 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 2720.496535][ T8338] asix 14-1:0.98: probe with driver asix failed with error -71
[ 2720.500949][ T8338] usb 14-1: USB disconnect, device number 3
[ 2720.858905][ T6085] usb usb42-port1: attempt power cycle
[ 2720.937808][   T10] usb 7-1: USB disconnect, device number 41
[ 2721.257584][T30430] usb 14-1: new high-speed USB device number 4 using dummy_hcd
[ 2721.264661][ T8397] asix 13-1:0.98 (unnamed net_device) (uninitialized): invalid hw address, using random
[ 2721.407562][T30430] usb 14-1: Using ep0 maxpacket: 16
[ 2721.410541][T30430] usb 14-1: config 0 has an invalid interface number: 142 but max is 0
[ 2721.413658][T30430] usb 14-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2721.416808][T30430] usb 14-1: config 0 has no interface number 0
[ 2721.418847][T30430] usb 14-1: config 0 interface 142 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 2721.422471][T30430] usb 14-1: config 0 interface 142 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 2721.425927][T30430] usb 14-1: config 0 interface 142 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 0
[ 2721.428387][ T6085] usb usb42-port1: unable to enumerate USB device
[ 2721.429005][T30430] usb 14-1: config 0 interface 142 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2721.438888][T30430] usb 14-1: New USB device found, idVendor=1943, idProduct=2255, bcdDevice=91.0d
[ 2721.441867][T30430] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2721.444456][T30430] usb 14-1: Product: syz
[ 2721.445766][T30430] usb 14-1: Manufacturer: syz
[ 2721.447180][T30430] usb 14-1: SerialNumber: syz
[ 2721.449923][T30430] usb 14-1: config 0 descriptor??
[ 2721.455366][T30430] usb 14-1: Direct firmware load for f2255usb.bin failed with error -2
[ 2721.458064][T30430] usb 14-1: Falling back to sysfs fallback for: f2255usb.bin
[ 2721.465170][ T8397] asix 13-1:0.98 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 2721.470928][ T8397] asix 13-1:0.98 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[ 2721.474420][ T8397] asix 13-1:0.98: probe with driver asix failed with error -71
[ 2721.479920][ T8397] usb 13-1: USB disconnect, device number 14
[ 2721.727618][T30771] usb 7-1: new high-speed USB device number 42 using dummy_hcd
[ 2721.877516][T30771] usb 7-1: Using ep0 maxpacket: 32
[ 2721.880535][T30771] usb 7-1: config 0 has an invalid interface number: 188 but max is 0
[ 2721.883164][T30771] usb 7-1: config 0 has no interface number 0
[ 2721.885146][T30771] usb 7-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[ 2721.890252][T30771] usb 7-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[ 2721.893115][T30771] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2721.895595][T30771] usb 7-1: Product: syz
[ 2721.896921][T30771] usb 7-1: Manufacturer: syz
[ 2721.898698][T30771] usb 7-1: SerialNumber: syz
[ 2721.901363][T30771] usb 7-1: config 0 descriptor??
[ 2721.906334][ T8751] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 2722.113286][ T8751] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 2722.238650][ T8397] usb 13-1: new high-speed USB device number 15 using dummy_hcd
[ 2722.387606][ T8397] usb 13-1: Using ep0 maxpacket: 32
[ 2722.391641][ T8397] usb 13-1: config 0 has an invalid interface number: 188 but max is 0
[ 2722.394939][ T8397] usb 13-1: config 0 has no interface number 0
[ 2722.397393][ T8397] usb 13-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[ 2722.404005][ T8397] usb 13-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[ 2722.407743][ T8397] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2722.410854][ T8397] usb 13-1: Product: syz
[ 2722.412601][ T8397] usb 13-1: Manufacturer: syz
[ 2722.414531][ T8397] usb 13-1: SerialNumber: syz
[ 2722.418840][ T8397] usb 13-1: config 0 descriptor??
[ 2722.421649][ T8753] raw-gadget.2 gadget.8: fail, usb_ep_enable returned -22
[ 2722.629137][ T8753] raw-gadget.2 gadget.8: fail, usb_ep_enable returned -22
[ 2723.839759][ T8397] asix 13-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 2723.842968][ T8397] asix 13-1:0.188 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x00b0: ffffffb9
[ 2723.857802][ T8397] asix 13-1:0.188: probe with driver asix failed with error -71
[ 2723.862468][ T8397] usb 13-1: USB disconnect, device number 15
[ 2724.538769][T30771] asix 7-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x8001: -71
[ 2724.543275][T30771] asix 7-1:0.188: probe with driver asix failed with error -71
[ 2724.550090][T30771] usb 7-1: USB disconnect, device number 42
[ 2724.607568][ T6085] usb 13-1: new high-speed USB device number 16 using dummy_hcd
[ 2724.767509][ T6085] usb 13-1: Using ep0 maxpacket: 16
[ 2724.770766][ T6085] usb 13-1: config 0 has an invalid interface number: 105 but max is 0
[ 2724.773355][ T6085] usb 13-1: config 0 descriptor has 1 excess byte, ignoring
[ 2724.775740][ T6085] usb 13-1: config 0 has no interface number 0
[ 2724.779771][ T6085] usb 13-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[ 2724.782623][ T6085] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2724.785157][ T6085] usb 13-1: Product: syz
[ 2724.786584][ T6085] usb 13-1: Manufacturer: syz
[ 2724.788172][ T6085] usb 13-1: SerialNumber: syz
[ 2724.791182][ T6085] usb 13-1: config 0 descriptor??
[ 2724.794689][ T6085] uvcvideo 13-1:0.105: Found UVC 0.00 device syz (046d:08f3)
[ 2724.797107][ T6085] uvcvideo 13-1:0.105: No valid video chain found.
[ 2724.997138][ T5472] usb 13-1: USB disconnect, device number 16
[ 2725.298518][T30771] usb 7-1: new high-speed USB device number 43 using dummy_hcd
[ 2725.447536][T30771] usb 7-1: Using ep0 maxpacket: 8
[ 2725.451597][T30771] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[ 2725.455110][T30771] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[ 2725.460317][T30771] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2725.464375][T30771] usb 7-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 2725.469835][T30771] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 2725.473579][T30771] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2725.482043][T30771] usbtmc 7-1:16.0: bulk endpoints not found
[ 2725.684117][ T8397] usb 7-1: USB disconnect, device number 43
[ 2725.777520][ T5472] usb 13-1: new high-speed USB device number 17 using dummy_hcd
[ 2725.947553][ T5472] usb 13-1: Using ep0 maxpacket: 32
[ 2725.950754][ T5472] usb 13-1: config 0 has an invalid interface number: 184 but max is 0
[ 2725.953378][ T5472] usb 13-1: config 0 has no interface number 0
[ 2725.955356][ T5472] usb 13-1: config 0 interface 184 has no altsetting 0
[ 2725.959534][ T5472] usb 13-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 2725.962323][ T5472] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2725.964875][ T5472] usb 13-1: Product: syz
[ 2725.966185][ T5472] usb 13-1: Manufacturer: syz
[ 2725.967734][ T5472] usb 13-1: SerialNumber: syz
[ 2725.970489][ T5472] usb 13-1: config 0 descriptor??
[ 2725.976380][ T5472] smsc75xx v1.0.0
[ 2726.117593][ T8397] usb 7-1: new high-speed USB device number 44 using dummy_hcd
[ 2726.267547][ T8397] usb 7-1: Using ep0 maxpacket: 8
[ 2726.270674][ T8397] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFA, changing to 0x8A
[ 2726.274151][ T8397] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2726.278262][ T8397] usb 7-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b
[ 2726.281366][ T8397] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 2726.283836][ T8397] usb 7-1: SerialNumber: syz
[ 2726.286589][ T8397] usb 7-1: config 0 descriptor??
[ 2726.293259][ T8397] hso 7-1:0.0: Can't find BULK OUT endpoint
[ 2726.496691][ T8397] usb 7-1: USB disconnect, device number 44
[ 2726.581557][ T5472] smsc75xx 13-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[ 2726.584837][ T5472] smsc75xx 13-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 2727.257540][ T8397] usb 7-1: new high-speed USB device number 45 using dummy_hcd
[ 2727.407576][ T8397] usb 7-1: Using ep0 maxpacket: 8
[ 2727.413419][ T8397] usb 7-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[ 2727.416409][ T8397] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2727.419037][ T8397] usb 7-1: Product: syz
[ 2727.420461][ T8397] usb 7-1: Manufacturer: syz
[ 2727.421935][ T8397] usb 7-1: SerialNumber: syz
[ 2727.424714][ T8397] usb 7-1: config 0 descriptor??
[ 2727.635803][ T8397] usb read operation failed. (-71)
[ 2727.637817][ T8397] usb write operation failed. (-71)
[ 2727.639712][ T8397] usb write operation failed. (-71)
[ 2727.641677][ T8397] usb write operation failed. (-71)
[ 2727.643313][ T8397] usb 7-1: dvb_usb_v2: found a 'Terratec H7' in cold state
[ 2727.646037][ T8397] usb 7-1: Direct firmware load for dvb-usb-terratec-h7-az6007.fw failed with error -2
[ 2727.649177][ T8397] usb 7-1: Falling back to sysfs fallback for: dvb-usb-terratec-h7-az6007.fw
[ 2729.204660][ T5472] smsc75xx 13-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -71
[ 2729.208841][ T5472] smsc75xx 13-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -71
[ 2729.211755][ T5472] smsc75xx 13-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[ 2729.214861][ T5472] smsc75xx 13-1:0.184: probe with driver smsc75xx failed with error -71
[ 2729.219168][ T5472] usb 13-1: USB disconnect, device number 17
[ 2729.997585][   T10] usb 13-1: new high-speed USB device number 18 using dummy_hcd
[ 2730.150989][   T10] usb 13-1: New USB device found, idVendor=0424, idProduct=9d00, bcdDevice=eb.c7
[ 2730.154222][   T10] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2730.156762][   T10] usb 13-1: Product: syz
[ 2730.158411][   T10] usb 13-1: Manufacturer: syz
[ 2730.159968][   T10] usb 13-1: SerialNumber: syz
[ 2730.162929][   T10] usb 13-1: config 0 descriptor??
[ 2732.785592][ T3922] usb 13-1: USB disconnect, device number 18
[ 2733.117611][ T3922] usb 13-1: new high-speed USB device number 19 using dummy_hcd
[ 2733.270668][ T3922] usb 13-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 2733.273571][ T3922] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2733.276117][ T3922] usb 13-1: Product: syz
[ 2733.277763][ T3922] usb 13-1: Manufacturer: syz
[ 2733.279275][ T3922] usb 13-1: SerialNumber: syz
[ 2733.283940][ T3922] usb 13-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 2733.307805][ T3922] usb 13-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 2733.938669][ T8338] usb 13-1: USB disconnect, device number 19
[ 2734.387991][ T3922] ath9k_htc 13-1:1.0: ath9k_htc: Target is unresponsive
[ 2734.391288][ T3922] ath9k_htc: Failed to initialize the device
[ 2734.399057][ T8338] usb 13-1: ath9k_htc: USB layer deinitialized
[ 2734.714213][ T1423] aoe: packet could not be sent on bond0.  consider increasing tx_queue_len
[ 2734.718835][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[ 2734.797524][ T8338] usb 13-1: new high-speed USB device number 20 using dummy_hcd
[ 2734.957492][ T8338] usb 13-1: Using ep0 maxpacket: 8
[ 2734.960554][ T8338] usb 13-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2734.964041][ T8338] usb 13-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 2734.966938][ T8338] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[ 2734.970527][ T8338] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[ 2734.974249][ T8338] usb 13-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 2734.977386][ T8338] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2734.985537][ T8338] hub 13-1:1.0: bad descriptor, ignoring hub
[ 2734.987836][ T8338] hub 13-1:1.0: probe with driver hub failed with error -5
[ 2734.990322][ T8338] cdc_wdm 13-1:1.0: skipping garbage
[ 2734.991974][ T8338] cdc_wdm 13-1:1.0: skipping garbage
[ 2734.994765][ T8338] cdc_wdm 13-1:1.0: cdc-wdm0: USB WDM device
[ 2734.996652][ T8338] cdc_wdm 13-1:1.0: Unknown control protocol
[ 2735.517837][ T8338] usb 13-1: USB disconnect, device number 20
[ 2736.397599][ T6055] usb 13-1: new high-speed USB device number 21 using dummy_hcd
[ 2736.557511][ T6055] usb 13-1: Using ep0 maxpacket: 8
[ 2736.560689][ T6055] usb 13-1: config 0 has an invalid interface number: 1 but max is 0
[ 2736.563274][ T6055] usb 13-1: config 0 has no interface number 0
[ 2736.565364][ T6055] usb 13-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 2736.569191][ T6055] usb 13-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 2736.572320][ T6055] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2736.579323][ T6055] usb 13-1: config 0 descriptor??
[ 2736.585304][ T6055] iowarrior 13-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 2736.786592][ T6055] usb 13-1: USB disconnect, device number 21
[ 2736.833140][ T8819] IPVS: sync thread started: state = MASTER, mcast_ifn = sit0, syncid = 4, id = 0
[ 2736.917141][ T8821] ieee802154 phy1 wpan1: encryption failed: -90
[ 2737.008045][ T8825] netlink: 20 bytes leftover after parsing attributes in process `syz.0.9485'.
[ 2737.266261][ T8833] netlink: 'syz.9.9489': attribute type 9 has an invalid length.
[ 2737.269550][ T8833] netlink: 'syz.9.9489': attribute type 11 has an invalid length.
[ 2737.272806][ T8833] netlink: 'syz.9.9489': attribute type 12 has an invalid length.
[ 2737.275651][ T8833] netlink: 210020 bytes leftover after parsing attributes in process `syz.9.9489'.
[ 2737.279987][ T8833] netlink: 4 bytes leftover after parsing attributes in process `syz.9.9489'.
[ 2737.371511][ T8839] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2737.385350][ T8839] picdev_read: 12 callbacks suppressed
[ 2737.385363][ T8839] kvm: pic: non byte read
[ 2737.390387][ T8839] kvm: pic: non byte read
[ 2737.394151][ T8839] kvm: pic: non byte read
[ 2737.398398][ T8839] kvm: pic: non byte read
[ 2737.401141][ T8839] kvm: pic: non byte read
[ 2737.404017][ T8839] kvm: pic: single mode not supported
[ 2737.404031][ T8839] pic_ioport_write: 11 callbacks suppressed
[ 2737.404106][ T8839] kvm: pic: level sensitive irq not supported
[ 2737.410634][ T8839] kvm: pic: non byte read
[ 2737.415546][ T8839] kvm: pic: single mode not supported
[ 2737.415556][ T8839] kvm: pic: level sensitive irq not supported
[ 2737.419031][ T8839] kvm: pic: non byte read
[ 2737.424477][ T8839] kvm: pic: non byte read
[ 2737.428342][ T8839] kvm: pic: level sensitive irq not supported
[ 2737.431261][ T8839] kvm: pic: non byte read
[ 2737.641075][ T8861] 8021q: VLANs not supported on gre0
[ 2737.664804][T14912] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2737.848473][ T8875] loop6: detected capacity change from 0 to 2640
[ 2737.851510][ T8875] buffer_io_error: 22 callbacks suppressed
[ 2737.851525][ T8875] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2737.856220][ T8875] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2737.858889][ T8875] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2737.861647][ T8875] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2737.864886][ T8875] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2737.868597][ T8875] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2737.871957][ T8875] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2737.875213][ T8875] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2737.879525][ T8875] ldm_validate_partition_table(): Disk read failed.
[ 2737.882365][ T8875] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2737.885664][ T8875] Buffer I/O error on dev loop6, logical block 0, async page read
[ 2737.889515][ T8875] Dev loop6: unable to read RDB block 0
[ 2737.892224][ T8875]  loop6: unable to read partition table
[ 2737.894748][ T8875] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[ 2737.948204][ T8875] loop6: detected capacity change from 2640 to 524287999
[ 2737.958094][ T8237] udevd[8237]: symlink '../../loop6' '/dev/disk/by-diskseq/159.tmp-b7:6' failed: Read-only file system
[ 2737.969750][ T8237] udevd[8237]: symlink '../../loop6' '/dev/disk/by-diskseq/159.tmp-b7:6' failed: Read-only file system
[ 2738.110778][ T8881] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[ 2738.208669][ T8883] 8021q: VLANs not supported on gre0
[ 2738.572030][ T8894] overlayfs: failed to resolve './file1': -2
[ 2738.690383][ T8898] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2739.293174][ T8929] overlayfs: failed to resolve './file1': -2
[ 2739.501936][ T8936] netlink: 'syz.8.9535': attribute type 1 has an invalid length.
[ 2739.530310][ T8936] 8021q: adding VLAN 0 to HW filter on device bond2
[ 2739.534992][ T8936] bond1: (slave bond2): making interface the new active one
[ 2739.539226][ T8936] bond1: (slave bond2): Enslaving as an active interface with an up link
[ 2740.126181][ T8953] comedi comedi0: Minor 3 could not be opened
[ 2740.490986][ T8973] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2740.503337][ T8973] kvm: pic: level sensitive irq not supported
[ 2740.503686][ T8973] kvm: pic: non byte read
[ 2740.510418][ T8973] kvm: pic: level sensitive irq not supported
[ 2740.512810][ T8973] kvm: pic: level sensitive irq not supported
[ 2740.518214][ T8973] kvm: pic: level sensitive irq not supported
[ 2740.779226][ T8991] syz.0.9557 (8991): drop_caches: 2
[ 2740.790650][ T5976] Bluetooth: hci2: Malformed Event: 0x2f
[ 2740.971241][ T9001] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2740.980869][ T9001] kvm: pic: level sensitive irq not supported
[ 2740.983497][ T9001] kvm: pic: level sensitive irq not supported
[ 2740.987704][ T9001] kvm: pic: level sensitive irq not supported
[ 2741.146704][ T9007] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2741.152903][ T9007] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2742.012096][ T9029] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2742.014789][ T9029] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2742.755553][ T9067] syz.0.9587 (9067): drop_caches: 2
[ 2742.960426][ T9077] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2742.974058][ T9077] pic_ioport_write: 1 callbacks suppressed
[ 2742.974076][ T9077] kvm: pic: level sensitive irq not supported
[ 2742.978285][ T9077] picdev_read: 7 callbacks suppressed
[ 2742.978366][ T9077] kvm: pic: non byte read
[ 2742.986237][ T9077] kvm: pic: level sensitive irq not supported
[ 2742.987190][ T9077] kvm: pic: non byte read
[ 2742.994015][ T9077] kvm: pic: level sensitive irq not supported
[ 2742.994470][ T9077] kvm: pic: non byte read
[ 2743.001284][ T9077] kvm: pic: level sensitive irq not supported
[ 2743.001773][ T9077] kvm: pic: non byte read
[ 2743.554425][ T9111] binder_alloc: 9110: binder_alloc_buf, no vma
[ 2743.641914][ T9115] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2743.989469][ T9144] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2744.016334][ T9149] syzkaller0: entered promiscuous mode
[ 2744.018914][ T9149] syzkaller0: entered allmulticast mode
[ 2744.081775][ T5976] Bluetooth: hci3: Malformed Event: 0x02
[ 2744.302437][ T5976] Bluetooth: hci4: unexpected event for opcode 0x0c24
[ 2744.509481][ T9207] syz.2.9646 (9207): drop_caches: 2
[ 2744.681905][ T9231] syzkaller0: entered promiscuous mode
[ 2744.684102][ T9231] syzkaller0: entered allmulticast mode
[ 2744.819608][ T9242] wg1: entered promiscuous mode
[ 2744.917707][ T9257] syzkaller0: tun_chr_ioctl cmd 1074025678
[ 2744.919786][ T9257] syzkaller0: group set to 0
[ 2744.992154][ T9269] binder: 9268:9269 unknown command 0
[ 2744.994250][ T9269] binder: 9268:9269 ioctl c0306201 80000080 returned -22
[ 2745.056987][ T9282] binder_alloc: 9280: binder_alloc_buf, no vma
[ 2745.100632][   T41] kauditd_printk_skb: 19 callbacks suppressed
[ 2745.100643][   T41] audit: type=1326 audit(1765174202.651:1088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9290 comm="syz.9.9684" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703d579 code=0x0
[ 2745.140344][ T9297] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2745.290276][ T9313] overlayfs: workdir and upperdir must reside under the same mount
[ 2745.447401][ T9331] syzkaller0: entered promiscuous mode
[ 2745.449250][ T9331] syzkaller0: entered allmulticast mode
[ 2745.625074][ T9338] overlayfs: workdir and upperdir must reside under the same mount
[ 2745.977717][ T9357] binder_alloc: 9356: binder_alloc_buf, no vma
[ 2746.009626][ T9357] syz.9.9710 (9357): drop_caches: 2
[ 2746.058638][ T5976] Bluetooth: hci4: unexpected event for opcode 0x2031
[ 2746.080190][ T9367] wg1: entered promiscuous mode
[ 2746.267692][ T9387] binder_alloc: 9386: binder_alloc_buf, no vma
[ 2746.275057][ T9387] syz.9.9724 (9387): drop_caches: 2
[ 2746.650651][ T9411] binder: BINDER_SET_CONTEXT_MGR already set
[ 2746.653107][ T9411] binder: 9410:9411 ioctl 4018620d 80004a80 returned -16
[ 2746.683785][ T9413] binder_alloc: 9412: binder_alloc_buf, no vma
[ 2746.689531][ T9413] syz.8.9735 (9413): drop_caches: 2
[ 2747.180642][ T9436] binder: BINDER_SET_CONTEXT_MGR already set
[ 2747.182740][ T9436] binder: 9435:9436 ioctl 4018620d 80004a80 returned -16
[ 2747.256249][ T9449] binder: 9446:9449 ioctl c0306201 80000300 returned -11
[ 2747.331189][ T9451] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2749.469877][ T9500] binder: BINDER_SET_CONTEXT_MGR already set
[ 2749.472167][ T9500] binder: 9499:9500 ioctl 4018620d 80000040 returned -16
[ 2749.650833][ T9515] netlink: 'syz.8.9778': attribute type 9 has an invalid length.
[ 2749.656661][ T9515] netlink: 'syz.8.9778': attribute type 11 has an invalid length.
[ 2749.659321][ T9515] netlink: 'syz.8.9778': attribute type 12 has an invalid length.
[ 2749.661938][ T9515] netlink: 210020 bytes leftover after parsing attributes in process `syz.8.9778'.
[ 2749.664984][ T9515] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9778'.
[ 2749.776953][ T9529] binder: BINDER_SET_CONTEXT_MGR already set
[ 2749.779645][ T9529] binder: 9527:9529 ioctl 4018620d 80000040 returned -16
[ 2750.142035][ T5976] Bluetooth: hci1: Received unexpected HCI Event 0x00
[ 2751.341972][ T9581] netlink: 36 bytes leftover after parsing attributes in process `syz.2.9806'.
[ 2751.406123][ T9550] Set syz1 is full, maxelem 65536 reached
[ 2751.609262][ T9589] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2751.746317][ T9592] binder: 9591:9592 unknown command 0
[ 2751.748252][ T9592] binder: 9591:9592 ioctl c0306201 80000080 returned -22
[ 2751.752510][ T9592] binder_alloc: 9591: binder_alloc_buf, no vma
[ 2751.754815][ T9592] binder: 9591:9592 ioctl c0306201 80000300 returned -11
[ 2751.861914][ T9594] syz.2.9812 (9594): drop_caches: 2
[ 2751.911687][ T9598] netlink: 36 bytes leftover after parsing attributes in process `syz.2.9815'.
[ 2752.889512][ T9641] netlink: 'syz.8.9834': attribute type 9 has an invalid length.
[ 2752.892859][ T9641] netlink: 'syz.8.9834': attribute type 11 has an invalid length.
[ 2752.896157][ T9641] netlink: 'syz.8.9834': attribute type 12 has an invalid length.
[ 2752.900213][ T9641] netlink: 210020 bytes leftover after parsing attributes in process `syz.8.9834'.
[ 2753.059176][ T9651] netlink: 24 bytes leftover after parsing attributes in process `syz.8.9839'.
[ 2753.392874][ T9668] netlink: 'syz.8.9845': attribute type 9 has an invalid length.
[ 2753.395758][ T9668] netlink: 'syz.8.9845': attribute type 11 has an invalid length.
[ 2753.399601][ T9668] netlink: 'syz.8.9845': attribute type 12 has an invalid length.
[ 2753.402268][ T9668] netlink: 210020 bytes leftover after parsing attributes in process `syz.8.9845'.
[ 2753.469747][ T9670] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2753.476805][ T9670] kvm: pic: non byte read
[ 2753.480551][ T9670] kvm: pic: level sensitive irq not supported
[ 2753.480910][ T9670] kvm: pic: non byte read
[ 2754.439809][ T9695] overlayfs: workdir and upperdir must reside under the same mount
[ 2754.773152][ T9702] netlink: 24 bytes leftover after parsing attributes in process `syz.8.9858'.
[ 2754.816612][ T9704] netlink: 48 bytes leftover after parsing attributes in process `syz.8.9859'.
[ 2754.984892][ T9711] syz.8.9862 (9711): drop_caches: 2
[ 2755.124702][ T9723] binder: BINDER_SET_CONTEXT_MGR already set
[ 2755.126644][ T9723] binder: 9722:9723 ioctl 4018620d 80000040 returned -16
[ 2755.213585][ T5976] Bluetooth: hci3: SCO packet for unknown connection handle 1583
[ 2756.167948][   T41] audit: type=1326 audit(1765174213.721:1089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9761 comm="syz.8.9881" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7ff7579 code=0x0
[ 2756.431831][ T9768] netlink: 64 bytes leftover after parsing attributes in process `syz.9.9883'.
[ 2756.574015][ T9781] netlink: 48 bytes leftover after parsing attributes in process `syz.0.9889'.
[ 2756.609592][ T9784] binder: BINDER_SET_CONTEXT_MGR already set
[ 2756.611618][ T9784] binder: 9783:9784 ioctl 4018620d 80000040 returned -16
[ 2756.615108][ T9784] binder: 9783:9784 ioctl c0306201 80000300 returned -11
[ 2756.865179][ T9800] binder: 9799:9800 ioctl c0306201 0 returned -14
[ 2756.979780][ T9810] binder: BINDER_SET_CONTEXT_MGR already set
[ 2756.982299][ T9810] binder: 9809:9810 ioctl 4018620d 80000040 returned -16
[ 2756.985757][ T9810] binder: 9809:9810 ioctl c0306201 80000300 returned -11
[ 2757.053331][ T9815] 8021q: VLANs not supported on gre0
[ 2757.236951][ T5976] Bluetooth: hci2: Malformed Event: 0x2f
[ 2757.432856][ T9857] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.9919'.
[ 2758.246388][ T9889] syz.8.9932 (9889): drop_caches: 2
[ 2758.355886][ T9897] netlink: 'syz.0.9936': attribute type 1 has an invalid length.
[ 2758.369750][ T9899] overlayfs: failed to resolve './file0': -2
[ 2758.374858][ T9897] 8021q: adding VLAN 0 to HW filter on device bond1
[ 2758.411552][ T9897] vlan3: entered allmulticast mode
[ 2758.413249][ T9897] veth0_to_bond: entered allmulticast mode
[ 2758.416937][ T9897] bond1: (slave vlan3): making interface the new active one
[ 2758.421183][ T9897] bond1: (slave vlan3): Enslaving as an active interface with an up link
[ 2758.425562][ T9902] 8021q: VLANs not supported on gre0
[ 2758.460105][ T5976] Bluetooth: hci4: Malformed Event: 0x2f
[ 2758.616224][T16076] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2758.620811][T16076] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2758.624022][T16076] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2758.627238][T16076] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2758.633313][T16076] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2758.787363][ T9910] chnl_net:caif_netlink_parms(): no params data found
[ 2758.845615][ T9910] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2758.848046][ T9910] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2758.850374][ T9910] bridge_slave_0: entered allmulticast mode
[ 2758.853246][ T9910] bridge_slave_0: entered promiscuous mode
[ 2758.858010][ T9910] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2758.860371][ T9910] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2758.862909][ T9910] bridge_slave_1: entered allmulticast mode
[ 2758.865714][ T9910] bridge_slave_1: entered promiscuous mode
[ 2758.904901][ T9910] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2758.941687][   T13] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2758.947592][ T6055] usb 13-1: new high-speed USB device number 22 using dummy_hcd
[ 2758.987585][ T9910] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2759.011923][ T9910] team0: Port device team_slave_0 added
[ 2759.015105][ T9910] team0: Port device team_slave_1 added
[ 2759.033534][ T9910] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2759.036118][ T9910] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2759.045484][ T9910] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2759.083745][ T9927] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.9946'.
[ 2759.096466][   T13] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2759.105075][ T9929] overlayfs: failed to resolve './file0': -2
[ 2759.107883][ T6055] usb 13-1: config 0 has no interfaces?
[ 2759.109628][ T6055] usb 13-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[ 2759.113412][ T6055] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2759.120950][ T9910] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2759.121719][ T6055] usb 13-1: config 0 descriptor??
[ 2759.126835][ T9910] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2759.144900][ T9910] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2759.174387][   T13] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2759.208791][ T9910] hsr_slave_0: entered promiscuous mode
[ 2759.212754][ T9910] hsr_slave_1: entered promiscuous mode
[ 2759.215018][ T9910] debugfs: 'hsr0' already exists in 'hsr'
[ 2759.217530][ T9910] Cannot create hsr debugfs directory
[ 2759.282992][   T13] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2759.337086][ T6055] usb 13-1: USB disconnect, device number 22
[ 2759.442315][   T13] bridge_slave_1: left allmulticast mode
[ 2759.445041][   T13] bridge_slave_1: left promiscuous mode
[ 2759.448484][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2759.454565][   T13] bridge_slave_0: left allmulticast mode
[ 2759.457745][   T13] bridge_slave_0: left promiscuous mode
[ 2759.460451][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2759.805794][ T9953] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.9954'.
[ 2760.707593][ T5976] Bluetooth: hci0: command tx timeout
[ 2761.389423][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2761.393386][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2761.397922][   T13] bond0 (unregistering): Released all slaves
[ 2761.422654][ T9955] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9955'.
[ 2761.443912][ T9960] syzkaller0: entered promiscuous mode
[ 2761.445709][ T9960] syzkaller0: entered allmulticast mode
[ 2762.793874][ T5976] Bluetooth: hci0: command tx timeout
[ 2763.365142][ T9996] 8021q: VLANs not supported on gre0
[ 2763.435470][T10004] overlayfs: failed to resolve './file1': -2
[ 2763.487513][   T13] hsr_slave_0: left promiscuous mode
[ 2763.489821][   T13] hsr_slave_1: left promiscuous mode
[ 2763.491888][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2763.494158][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2763.501346][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2763.503983][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2763.511925][T10010] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9970'.
[ 2763.517172][   T13] veth1_macvtap: left promiscuous mode
[ 2763.538642][   T13] veth0_macvtap: left promiscuous mode
[ 2763.540731][   T13] veth1_vlan: left promiscuous mode
[ 2763.542554][   T13] veth0_vlan: left promiscuous mode
[ 2764.019934][   T13] team0 (unregistering): Port device team_slave_1 removed
[ 2764.076517][   T13] team0 (unregistering): Port device team_slave_0 removed
[ 2764.531394][T10031] 8021q: VLANs not supported on gre0
[ 2764.569768][ T9910] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 2764.583467][ T9910] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 2764.596730][ T9910] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 2764.601026][T10036] overlayfs: failed to resolve './file1': -2
[ 2764.614358][ T9910] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 2764.665537][ T9910] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2764.675197][ T9910] 8021q: adding VLAN 0 to HW filter on device team0
[ 2764.681256][  T309] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2764.683578][  T309] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2764.689692][T30567] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2764.692019][T30567] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2764.757627][T10048] syzkaller0: entered promiscuous mode
[ 2764.760077][T10048] syzkaller0: entered allmulticast mode
[ 2764.830399][T10050] binder: 10049:10050 ioctl c0306201 0 returned -14
[ 2764.867597][ T5976] Bluetooth: hci0: command tx timeout
[ 2764.919608][T10061] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9983'.
[ 2764.944453][ T9910] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2765.125590][ T9910] veth0_vlan: entered promiscuous mode
[ 2765.133501][ T9910] veth1_vlan: entered promiscuous mode
[ 2765.159908][T10078] netlink: 212408 bytes leftover after parsing attributes in process `syz.8.9987'.
[ 2765.161719][ T9910] veth0_macvtap: entered promiscuous mode
[ 2765.171451][ T9910] veth1_macvtap: entered promiscuous mode
[ 2765.194495][ T9910] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2765.204236][ T9910] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2765.212536][ T4709] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2765.215969][ T4709] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2765.220079][ T4709] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2765.223575][ T4709] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2765.284165][ T4709] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2765.286464][ T4709] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2765.310290][T10091] netlink: 24 bytes leftover after parsing attributes in process `syz.8.9992'.
[ 2765.317251][T31937] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2765.321500][T31937] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2765.411805][T10098] binder: 10097:10098 unknown command 0
[ 2765.413641][T10098] binder: 10097:10098 ioctl c0306201 80000080 returned -22
[ 2765.418209][T10098] binder: 10097:10098 ioctl c0306201 80000300 returned -11
[ 2765.525965][T10109] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9998'.
[ 2765.565258][T10113] netlink: 212408 bytes leftover after parsing attributes in process `syz.9.9999'.
[ 2765.641877][T10122] binder: 10120:10122 unknown command 0
[ 2765.646507][T10122] binder: 10120:10122 ioctl c0306201 80000080 returned -22
[ 2765.654945][T10122] binder: 10120:10122 ioctl c0306201 80000300 returned -11
[ 2765.747775][T10133] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10008'.
[ 2765.770922][T10136] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10009'.
[ 2766.385648][T10181] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10029'.
[ 2766.390934][T10181] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2766.394430][T10181] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2766.441131][T10183] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10030'.
[ 2766.484615][T10185] binder: 10184:10185 ioctl c0306201 0 returned -14
[ 2766.565769][T10195] netlink: 'syz.0.10035': attribute type 1 has an invalid length.
[ 2766.591270][T10195] 8021q: adding VLAN 0 to HW filter on device bond2
[ 2766.674867][T10206] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10040'.
[ 2766.747740][T10212] binder: 10211:10212 unknown command 0
[ 2766.749464][T10212] binder: 10211:10212 ioctl c0306201 80000080 returned -22
[ 2766.753150][T10212] binder: 10211:10212 ioctl c0306201 80000300 returned -11
[ 2766.958201][ T5976] Bluetooth: hci0: command tx timeout
[ 2767.217333][T10260] syzkaller0: entered promiscuous mode
[ 2767.220099][T10260] syzkaller0: entered allmulticast mode
[ 2768.213028][T10290] syz.0.10077 (10290): drop_caches: 2
[ 2768.246174][T10292] binder: 10291:10292 unknown command 0
[ 2768.248073][T10292] binder: 10291:10292 ioctl c0306201 80000080 returned -22
[ 2768.252265][T10292] binder: 10291:10292 ioctl c0306201 80000300 returned -11
[ 2770.012504][T10337] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 2770.015829][T10337] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 2770.098187][T10342] __nla_validate_parse: 1 callbacks suppressed
[ 2770.098204][T10342] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.10099'.
[ 2770.630054][T10361] netlink: 212408 bytes leftover after parsing attributes in process `syz.9.10108'.
[ 2770.733552][T10369] syz.9.10112 (10369): drop_caches: 2
[ 2770.926119][T10386] netlink: 48 bytes leftover after parsing attributes in process `syz.9.10120'.
[ 2771.049975][T10398] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2771.062635][T10398] kvm: pic: non byte read
[ 2771.065684][T10398] kvm: pic: level sensitive irq not supported
[ 2771.066013][T10398] kvm: pic: non byte read
[ 2771.071154][T10398] kvm: pic: non byte read
[ 2771.197874][T10411] netlink: 'syz.9.10130': attribute type 9 has an invalid length.
[ 2771.200486][T10411] netlink: 'syz.9.10130': attribute type 11 has an invalid length.
[ 2771.202962][T10411] netlink: 'syz.9.10130': attribute type 12 has an invalid length.
[ 2771.205572][T10411] netlink: 210020 bytes leftover after parsing attributes in process `syz.9.10130'.
[ 2771.240543][T10415] netlink: 48 bytes leftover after parsing attributes in process `syz.8.10132'.
[ 2771.273621][T10419] overlayfs: missing 'lowerdir'
[ 2771.322465][T10425] binder: 10423:10425 ioctl c0306201 0 returned -14
[ 2771.330050][T10425] binder: 10423:10425 ioctl c0306201 80000300 returned -11
[ 2771.557833][ T8766] usb 13-1: new high-speed USB device number 23 using dummy_hcd
[ 2771.599342][T10435] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2771.610824][T10435] kvm: pic: non byte read
[ 2771.613214][T10435] kvm: pic: level sensitive irq not supported
[ 2771.613523][T10435] kvm: pic: non byte read
[ 2771.618411][T10435] kvm: pic: non byte read
[ 2771.739213][ T8766] usb 13-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 2771.742400][ T8766] usb 13-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2771.746995][ T8766] usb 13-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 2771.750415][ T8766] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2771.754147][ T8766] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2771.759014][ T8766] usb 13-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 2771.761940][ T8766] usb 13-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 2771.764564][ T8766] usb 13-1: Product: syz
[ 2771.765939][ T8766] usb 13-1: Manufacturer: syz
[ 2771.771672][ T8766] cdc_wdm 13-1:1.0: skipping garbage
[ 2771.773396][ T8766] cdc_wdm 13-1:1.0: skipping garbage
[ 2771.776127][ T8766] cdc_wdm 13-1:1.0: cdc-wdm0: USB WDM device
[ 2771.778159][ T8766] cdc_wdm 13-1:1.0: Unknown control protocol
[ 2771.821405][T10439] netlink: 48 bytes leftover after parsing attributes in process `syz.9.10142'.
[ 2771.976017][ T6305] usb 13-1: USB disconnect, device number 23
[ 2772.033884][T10448] overlayfs: missing 'workdir'
[ 2772.076683][T10450] binder: 10449:10450 ioctl c0306201 0 returned -14
[ 2772.082679][T10450] binder: 10449:10450 ioctl c0306201 80000300 returned -11
[ 2772.201942][T10454] syzkaller1: entered promiscuous mode
[ 2772.204428][T10454] syzkaller1: entered allmulticast mode
[ 2772.338970][T10460] netlink: 'syz.0.10151': attribute type 9 has an invalid length.
[ 2772.341756][T10460] netlink: 'syz.0.10151': attribute type 11 has an invalid length.
[ 2772.344366][T10460] netlink: 'syz.0.10151': attribute type 12 has an invalid length.
[ 2772.346863][T10460] netlink: 210020 bytes leftover after parsing attributes in process `syz.0.10151'.
[ 2772.587747][T10472] overlayfs: missing 'workdir'
[ 2773.103254][T10511] netlink: 'syz.9.10170': attribute type 9 has an invalid length.
[ 2773.106379][T10511] netlink: 'syz.9.10170': attribute type 11 has an invalid length.
[ 2773.110082][T10511] netlink: 'syz.9.10170': attribute type 12 has an invalid length.
[ 2773.113167][T10511] netlink: 210020 bytes leftover after parsing attributes in process `syz.9.10170'.
[ 2773.157700][ T8766] usb 13-1: new high-speed USB device number 24 using dummy_hcd
[ 2773.160012][T10513] netlink: 40 bytes leftover after parsing attributes in process `syz.9.10171'.
[ 2773.318912][ T8766] usb 13-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 2773.321617][ T8766] usb 13-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2773.324899][ T8766] usb 13-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 2773.328316][ T8766] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2773.332263][ T8766] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2773.337266][ T8766] usb 13-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 2773.340154][ T8766] usb 13-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 2773.342548][ T8766] usb 13-1: Product: syz
[ 2773.343860][ T8766] usb 13-1: Manufacturer: syz
[ 2773.348549][ T8766] cdc_wdm 13-1:1.0: skipping garbage
[ 2773.350242][ T8766] cdc_wdm 13-1:1.0: skipping garbage
[ 2773.354982][ T8766] cdc_wdm 13-1:1.0: cdc-wdm0: USB WDM device
[ 2773.356891][ T8766] cdc_wdm 13-1:1.0: Unknown control protocol
[ 2773.554421][ T8766] usb 13-1: USB disconnect, device number 24
[ 2773.686337][T10530] netlink: 'syz.0.10178': attribute type 1 has an invalid length.
[ 2773.704651][T10530] 8021q: adding VLAN 0 to HW filter on device bond3
[ 2774.271809][T10555] binder: 10554:10555 ioctl c0306201 80000640 returned -22
[ 2774.306318][T10561] netlink: 40 bytes leftover after parsing attributes in process `syz.8.10187'.
[ 2774.353156][T10571] netlink: 'syz.8.10189': attribute type 9 has an invalid length.
[ 2774.356031][T10571] netlink: 'syz.8.10189': attribute type 11 has an invalid length.
[ 2774.359343][T10571] netlink: 'syz.8.10189': attribute type 12 has an invalid length.
[ 2774.681982][T10598] binder: 10597:10598 ioctl c0306201 80000640 returned -22
[ 2774.690015][T10603] 8021q: adding VLAN 0 to HW filter on device bond1
[ 2775.017574][ T6049] usb 13-1: new high-speed USB device number 25 using dummy_hcd
[ 2775.105854][T10622] tun0: tun_chr_ioctl cmd 1074025672
[ 2775.107706][T10622] tun0: ignored: set checksum disabled
[ 2775.179170][ T6049] usb 13-1: config 0 has no interfaces?
[ 2775.181571][ T6049] usb 13-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[ 2775.185341][ T6049] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2775.193919][ T6049] usb 13-1: config 0 descriptor??
[ 2775.238800][T10624] binder: 10623:10624 ioctl c0306201 80000040 returned -22
[ 2775.273718][T10629] __nla_validate_parse: 4 callbacks suppressed
[ 2775.273735][T10629] netlink: 40 bytes leftover after parsing attributes in process `syz.0.10208'.
[ 2775.412986][ T6049] usb 13-1: USB disconnect, device number 25
[ 2775.963850][T10654] netlink: 210020 bytes leftover after parsing attributes in process `syz.8.10218'.
[ 2776.034633][ T5976] Bluetooth: hci2: Malformed LE Event: 0x0b
[ 2776.382445][T10679] netlink: 210020 bytes leftover after parsing attributes in process `syz.9.10228'.
[ 2776.450776][T10681] vlan2: entered allmulticast mode
[ 2776.452510][T10681] veth0_to_bond: entered allmulticast mode
[ 2776.813654][T10703] netlink: 40 bytes leftover after parsing attributes in process `syz.8.10236'.
[ 2776.873608][T10705] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2777.033928][T10709] netlink: 210020 bytes leftover after parsing attributes in process `syz.9.10238'.
[ 2777.273205][T10723] netlink: 48 bytes leftover after parsing attributes in process `syz.9.10244'.
[ 2777.367535][ T6085] usb 13-1: new full-speed USB device number 26 using dummy_hcd
[ 2777.522109][ T6085] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2777.525671][ T6085] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2777.530925][ T6085] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2777.533916][ T6085] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2777.562039][T10731] syzkaller1: entered promiscuous mode
[ 2777.564439][T10731] syzkaller1: entered allmulticast mode
[ 2777.743179][ T6085] usb 13-1: GET_CAPABILITIES returned 0
[ 2777.745144][ T6085] usbtmc 13-1:16.0: can't read capabilities
[ 2777.902780][T10745] syzkaller0: entered promiscuous mode
[ 2777.905076][T10745] syzkaller0: entered allmulticast mode
[ 2777.946882][T30771] usb 13-1: USB disconnect, device number 26
[ 2778.146351][T10755] binder: 10753:10755 ioctl c0306201 80000040 returned -22
[ 2778.222173][T10761] binder: BINDER_SET_CONTEXT_MGR already set
[ 2778.224700][T10761] binder: 10760:10761 ioctl 4018620d 800000c0 returned -16
[ 2778.229422][T10761] binder: 10760:10761 unknown command 0
[ 2778.231592][T10761] binder: 10760:10761 ioctl c0306201 80000080 returned -22
[ 2778.237022][T10761] binder: 10760:10761 ioctl 4018620d 0 returned -22
[ 2778.242770][T10761] binder: 10760:10761 ioctl c0306201 80000300 returned -11
[ 2778.763202][T10776] tmpfs: Unknown parameter 'usrquota_inode_hardli'
[ 2778.813889][T10780] validate_nla: 13 callbacks suppressed
[ 2778.813909][T10780] netlink: 'syz.2.10268': attribute type 9 has an invalid length.
[ 2778.824857][T10780] netlink: 'syz.2.10268': attribute type 11 has an invalid length.
[ 2778.830246][T10780] netlink: 'syz.2.10268': attribute type 12 has an invalid length.
[ 2778.833562][T10780] netlink: 210020 bytes leftover after parsing attributes in process `syz.2.10268'.
[ 2778.835784][T10782] binder: 10781:10782 ioctl c0306201 80000040 returned -22
[ 2779.033441][T10798] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2779.080478][T10798] kvm: pic: non byte read
[ 2779.083320][T10798] kvm: pic: level sensitive irq not supported
[ 2779.083690][T10798] kvm: pic: non byte read
[ 2779.093703][T10798] kvm: pic: level sensitive irq not supported
[ 2779.093999][T10798] kvm: pic: non byte read
[ 2779.099286][T10798] kvm: pic: level sensitive irq not supported
[ 2779.099595][T10798] kvm: pic: non byte read
[ 2779.100761][T10807] tmpfs: Unknown parameter 'usrquota_inode_hardli'
[ 2779.104312][T10798] kvm: pic: level sensitive irq not supported
[ 2779.108155][T10798] kvm: pic: non byte read
[ 2779.202089][T10811] binder: 10810:10811 ioctl c0306201 80000040 returned -14
[ 2779.423159][T10838] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[ 2779.508562][T10840] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2779.515182][ T5976] Bluetooth: hci3: Malformed LE Event: 0x0b
[ 2779.520670][T10840] kvm: pic: non byte read
[ 2779.523233][T10840] kvm: pic: level sensitive irq not supported
[ 2779.523556][T10840] kvm: pic: non byte read
[ 2779.528754][T10840] kvm: pic: level sensitive irq not supported
[ 2779.529152][T10840] kvm: pic: non byte read
[ 2779.538530][T10840] kvm: pic: level sensitive irq not supported
[ 2779.539232][T10840] kvm: pic: non byte read
[ 2779.546264][T10840] kvm: pic: level sensitive irq not supported
[ 2779.546550][T10840] kvm: pic: non byte read
[ 2779.745053][ T5976] Bluetooth: hci1: Malformed LE Event: 0x0b
[ 2779.782405][T10867] binder: 10866:10867 ioctl c0306201 80000040 returned -14
[ 2779.862566][T10883] ALSA: mixer_oss: invalid OSS volume 'disconnect'
[ 2779.895893][ T5976] Bluetooth: hci3: Malformed LE Event: 0x0b
[ 2779.900066][T10889] ALSA: mixer_oss: invalid OSS volume '—ˆ'
[ 2779.975912][T10898] binder: 10897:10898 ioctl c0306201 80000040 returned -22
[ 2779.978486][T10898] binder: 10897:10898 ioctl c0306201 80000640 returned -22
[ 2780.056968][T10911] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[ 2780.069487][ T5976] Bluetooth: hci0: Malformed LE Event: 0x0b
[ 2780.157111][T10924] netlink: 'syz.8.10328': attribute type 9 has an invalid length.
[ 2780.170651][T10924] netlink: 'syz.8.10328': attribute type 11 has an invalid length.
[ 2780.173159][T10924] netlink: 'syz.8.10328': attribute type 12 has an invalid length.
[ 2780.175804][T10924] netlink: 210020 bytes leftover after parsing attributes in process `syz.8.10328'.
[ 2780.371650][T10938] syzkaller1: entered promiscuous mode
[ 2780.373477][T10938] syzkaller1: entered allmulticast mode
[ 2780.445104][T10941] kernel read not supported for file /cpuacct.usage_percpu_user (pid: 10941 comm: syz.0.10335)
[ 2780.450988][   T41] audit: type=1800 audit(1765174238.001:1090): pid=10941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.10335" name="cpuacct.usage_percpu_user" dev="mqueue" ino=164956 res=0 errno=0
[ 2780.501513][ T5976] Bluetooth: hci1: Malformed LE Event: 0x0b
[ 2780.594916][T10952] netlink: 'syz.0.10340': attribute type 9 has an invalid length.
[ 2780.597624][T10952] netlink: 'syz.0.10340': attribute type 11 has an invalid length.
[ 2780.600113][T10952] netlink: 'syz.0.10340': attribute type 12 has an invalid length.
[ 2780.602595][T10952] netlink: 210020 bytes leftover after parsing attributes in process `syz.0.10340'.
[ 2781.215647][T10967] syzkaller1: entered promiscuous mode
[ 2781.217977][T10967] syzkaller1: entered allmulticast mode
[ 2781.339404][ T5976] Bluetooth: hci1: Malformed LE Event: 0x0b
[ 2781.462390][T10979] netlink: 'syz.9.10350': attribute type 9 has an invalid length.
[ 2781.465287][T10979] netlink: 210020 bytes leftover after parsing attributes in process `syz.9.10350'.
[ 2781.503435][T10981] binder: 10980:10981 unknown command 0
[ 2781.506261][T10981] binder: 10980:10981 ioctl c0306201 80000080 returned -22
[ 2781.513169][T10981] binder: 10980:10981 ioctl c0306201 80000300 returned -11
[ 2781.639234][T10987] syzkaller1: entered promiscuous mode
[ 2781.642426][T10987] syzkaller1: entered allmulticast mode
[ 2781.812491][T10994] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10358'.
[ 2782.257137][T11019] binder: 11018:11019 unknown command 0
[ 2782.259573][T11019] binder: 11018:11019 ioctl c0306201 80000080 returned -22
[ 2782.264108][T11019] binder: 11018:11019 ioctl c0306201 80000300 returned -11
[ 2782.799943][T11047] binder: 11046:11047 unknown command 0
[ 2782.802373][T11047] binder: 11046:11047 ioctl c0306201 80000080 returned -22
[ 2782.808455][T11047] binder: 11046:11047 ioctl c0306201 80000300 returned -11
[ 2782.862210][T11049] netlink: 210020 bytes leftover after parsing attributes in process `syz.9.10379'.
[ 2782.937219][T11051] 8021q: adding VLAN 0 to HW filter on device bond2
[ 2782.953308][T11051] vlan2: entered allmulticast mode
[ 2782.958985][T11051] bond2: (slave vlan2): making interface the new active one
[ 2782.963541][T11051] bond2: (slave vlan2): Enslaving as an active interface with an up link
[ 2783.170272][T11058] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10381'.
[ 2783.409985][T11078] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2783.422677][T11078] kvm: pic: level sensitive irq not supported
[ 2783.424264][T11078] kvm: pic: level sensitive irq not supported
[ 2783.588830][T11088] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10390'.
[ 2784.275672][T11106] syzkaller0: entered promiscuous mode
[ 2784.278495][T11106] syzkaller0: entered allmulticast mode
[ 2784.694013][T11110] validate_nla: 6 callbacks suppressed
[ 2784.694032][T11110] netlink: 'syz.0.10398': attribute type 1 has an invalid length.
[ 2785.950329][T30430] s2255 14-1:0.142: sensoray 2255 failed to get firmware
[ 2785.956372][T30430] Sensoray 2255 driver load failed: 0xfffffff4
[ 2785.959684][T30430] s2255 14-1:0.142: probe with driver s2255 failed with error -12
[ 2785.970901][T30430] usb 14-1: USB disconnect, device number 4
[ 2786.057119][T11110] 8021q: adding VLAN 0 to HW filter on device bond4
[ 2786.213615][T11129] tmpfs: Unknown parameter 'n'
[ 2786.309765][T30430] usb 14-1: new high-speed USB device number 5 using dummy_hcd
[ 2786.474466][T11143] binder: 11142:11143 unknown command 0
[ 2786.477066][T11143] binder: 11142:11143 ioctl c0306201 80000080 returned -22
[ 2786.481987][T30430] usb 14-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[ 2786.485168][T30430] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2786.488297][T30430] usb 14-1: Product: syz
[ 2786.491696][T30430] usb 14-1: Manufacturer: syz
[ 2786.494129][T30430] usb 14-1: SerialNumber: syz
[ 2786.496193][T11143] binder: 11142:11143 ioctl c0306201 80000300 returned -11
[ 2786.500638][T30430] usb 14-1: config 0 descriptor??
[ 2786.513628][T30430] gspca_main: sunplus-2.14.0 probing 055f:c230
[ 2786.612811][T30430] gspca_sunplus: reg_r err -71
[ 2786.617063][T30430] sunplus 14-1:0.0: probe with driver sunplus failed with error -71
[ 2786.644207][T30430] usb 14-1: USB disconnect, device number 5
[ 2786.670447][T11155] tmpfs: Unknown parameter 'n'
[ 2786.954767][T11170] syz_tun: entered allmulticast mode
[ 2786.960191][T11170] pimreg: entered allmulticast mode
[ 2786.964972][T11168] syz_tun: left allmulticast mode
[ 2787.060615][T11180] overlayfs: failed to resolve './file0': -2
[ 2787.099882][T11183] syzkaller1: entered promiscuous mode
[ 2787.101723][T11183] syzkaller1: entered allmulticast mode
[ 2787.257617][   T10] usb 13-1: new high-speed USB device number 27 using dummy_hcd
[ 2787.448273][   T10] usb 13-1: config 0 has no interfaces?
[ 2787.452342][   T10] usb 13-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[ 2787.458583][   T10] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2787.467902][   T10] usb 13-1: config 0 descriptor??
[ 2787.715757][ T6049] usb 13-1: USB disconnect, device number 27
[ 2787.745331][T11196] tmpfs: Unknown parameter 'n'
[ 2788.048410][  T309] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2788.130036][  T309] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2788.227308][T16076] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2788.230581][  T309] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2788.240260][T16076] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2788.244574][T16076] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2788.255555][T16076] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2788.259336][T16076] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2788.356772][  T309] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2788.486333][T11202] chnl_net:caif_netlink_parms(): no params data found
[ 2788.560209][  T309] bridge_slave_1: left allmulticast mode
[ 2788.562849][  T309] bridge_slave_1: left promiscuous mode
[ 2788.566521][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2788.579325][  T309] bridge_slave_0: left allmulticast mode
[ 2788.581499][  T309] bridge_slave_0: left promiscuous mode
[ 2788.583946][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2788.991069][  T309] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2788.995845][  T309] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2789.000310][  T309] bond0 (unregistering): Released all slaves
[ 2789.026991][T11202] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2789.031703][T11202] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2789.034219][T11202] bridge_slave_0: entered allmulticast mode
[ 2789.037153][T11202] bridge_slave_0: entered promiscuous mode
[ 2789.041177][T11202] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2789.043591][T11202] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2789.046011][T11202] bridge_slave_1: entered allmulticast mode
[ 2789.048747][T11202] bridge_slave_1: entered promiscuous mode
[ 2789.088561][T11202] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2789.093819][T11202] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2789.136580][T11202] team0: Port device team_slave_0 added
[ 2789.142387][T11202] team0: Port device team_slave_1 added
[ 2789.181670][T11202] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2789.184009][T11202] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2789.193646][T11202] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2789.200971][T11202] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2789.203194][T11202] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2789.212305][T11202] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2789.292031][T11202] hsr_slave_0: entered promiscuous mode
[ 2789.294768][T11202] hsr_slave_1: entered promiscuous mode
[ 2789.328883][  T309] hsr_slave_0: left promiscuous mode
[ 2789.331930][  T309] hsr_slave_1: left promiscuous mode
[ 2789.334703][  T309] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2789.338042][  T309] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2789.341030][  T309] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2789.343427][  T309] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2789.356815][  T309] veth1_macvtap: left promiscuous mode
[ 2789.359634][  T309] veth0_macvtap: left promiscuous mode
[ 2789.362031][  T309] veth1_vlan: left promiscuous mode
[ 2789.367599][  T309] veth0_vlan: left promiscuous mode
[ 2789.403133][   T41] audit: type=1326 audit(1765174246.951:1091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.9.10442" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[ 2789.414434][T11232] /dev/nullb0: Can't open blockdev
[ 2789.429013][   T41] audit: type=1326 audit(1765174246.951:1092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.9.10442" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[ 2789.438399][   T41] audit: type=1326 audit(1765174246.961:1093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.9.10442" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[ 2789.446767][   T41] audit: type=1326 audit(1765174246.961:1094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.9.10442" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[ 2789.454310][   T41] audit: type=1326 audit(1765174246.971:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.9.10442" exe="/syz-executor" sig=0 arch=40000003 syscall=352 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[ 2789.462111][   T41] audit: type=1326 audit(1765174246.971:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.9.10442" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[ 2789.469196][   T41] audit: type=1326 audit(1765174246.971:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.9.10442" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[ 2789.469364][  T309] pimreg (unregistering): left allmulticast mode
[ 2789.476197][   T41] audit: type=1326 audit(1765174246.971:1098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.9.10442" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[ 2789.509583][   T41] audit: type=1326 audit(1765174246.971:1099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.9.10442" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[ 2789.516403][   T41] audit: type=1326 audit(1765174246.971:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11224 comm="syz.9.10442" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000
[ 2789.895850][  T309] team0 (unregistering): Port device team_slave_1 removed
[ 2789.951383][  T309] team0 (unregistering): Port device team_slave_0 removed
[ 2790.135134][T11235] netlink: 'syz.0.10445': attribute type 1 has an invalid length.
[ 2790.312757][ T5976] Bluetooth: hci3: command tx timeout
[ 2790.563580][T11235] 8021q: adding VLAN 0 to HW filter on device bond5
[ 2790.722643][T11248] tmpfs: Unknown parameter 'nr_blo'
[ 2791.061938][ T8397] usb 7-1: dvb_usb_v2: Did not find the firmware file 'dvb-usb-terratec-h7-az6007.fw' (status -110). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[ 2791.078401][ T8397] dvb_usb_az6007 7-1:0.0: probe with driver dvb_usb_az6007 failed with error -110
[ 2791.086197][ T8397] usb 7-1: USB disconnect, device number 45
[ 2791.142993][T11254] binder: 11253:11254 unknown command 0
[ 2791.145152][T11254] binder: 11253:11254 ioctl c0306201 80000080 returned -22
[ 2791.156348][T11254] binder: 11253:11254 ioctl c0306201 80000300 returned -11
[ 2791.183707][ T8550] udevd[8550]: failed to send result of seq 28663 to main daemon: Connection refused
[ 2791.216552][ T8550] printk: udevd: 132 output lines suppressed due to ratelimiting
[ 2791.295811][T11202] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 2791.301072][T11202] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 2791.305802][T11202] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 2791.314629][T11202] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 2791.361422][T11202] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2791.370787][T11202] 8021q: adding VLAN 0 to HW filter on device team0
[ 2791.376959][T30567] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2791.380053][T30567] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2791.391604][T30567] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2791.393897][T30567] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2791.536913][T11202] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2791.587766][ T6305] usb 14-1: new high-speed USB device number 6 using dummy_hcd
[ 2791.592801][T11202] veth0_vlan: entered promiscuous mode
[ 2791.601288][T11202] veth1_vlan: entered promiscuous mode
[ 2791.647654][T11202] veth0_macvtap: entered promiscuous mode
[ 2791.653012][T11202] veth1_macvtap: entered promiscuous mode
[ 2791.662736][T11202] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2791.670628][T11202] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2791.676291][   T74] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2791.679961][   T74] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2791.687939][   T74] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2791.690849][   T74] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2791.742206][ T6305] usb 14-1: device descriptor read/64, error -71
[ 2791.743555][  T309] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2791.747546][  T309] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2791.764633][  T309] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2791.767878][  T309] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2791.987642][ T6305] usb 14-1: new high-speed USB device number 7 using dummy_hcd
[ 2792.127566][ T6305] usb 14-1: device descriptor read/64, error -71
[ 2792.238887][ T6305] usb usb14-port1: attempt power cycle
[ 2792.387592][ T5976] Bluetooth: hci3: command tx timeout
[ 2792.577619][ T6305] usb 14-1: new high-speed USB device number 8 using dummy_hcd
[ 2792.598018][ T6305] usb 14-1: device descriptor read/8, error -71
[ 2792.847586][ T6305] usb 14-1: new high-speed USB device number 9 using dummy_hcd
[ 2792.877685][ T6305] usb 14-1: device descriptor read/8, error -71
[ 2792.990139][ T6305] usb usb14-port1: unable to enumerate USB device
[ 2794.468526][ T5976] Bluetooth: hci3: command tx timeout
[ 2794.608763][T11340] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input105
[ 2794.758919][T11356] netlink: 36 bytes leftover after parsing attributes in process `syz.0.10486'.
[ 2794.763160][T11356] netlink: 36 bytes leftover after parsing attributes in process `syz.0.10486'.
[ 2794.799897][T11360] netlink: 'syz.0.10488': attribute type 2 has an invalid length.
[ 2794.937648][ T5472] usb 13-1: new high-speed USB device number 28 using dummy_hcd
[ 2794.957602][ T8340] usb 14-1: new high-speed USB device number 10 using dummy_hcd
[ 2795.087639][ T8340] usb 14-1: device descriptor read/64, error -71
[ 2795.098880][ T5472] usb 13-1: config 0 has no interfaces?
[ 2795.101553][ T5472] usb 13-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[ 2795.104864][ T5472] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2795.109498][ T5472] usb 13-1: config 0 descriptor??
[ 2795.223030][T11374] binder: 11373:11374 unknown command 0
[ 2795.224846][T11374] binder: 11373:11374 ioctl c0306201 80000080 returned -22
[ 2795.313639][ T6055] usb 13-1: USB disconnect, device number 28
[ 2795.337708][ T8340] usb 14-1: new high-speed USB device number 11 using dummy_hcd
[ 2795.467607][ T8340] usb 14-1: device descriptor read/64, error -71
[ 2795.578026][ T8340] usb usb14-port1: attempt power cycle
[ 2795.720258][T11387] netlink: 36 bytes leftover after parsing attributes in process `syz.0.10497'.
[ 2795.724349][T11387] netlink: 36 bytes leftover after parsing attributes in process `syz.0.10497'.
[ 2795.937517][ T8340] usb 14-1: new high-speed USB device number 12 using dummy_hcd
[ 2795.967935][ T8340] usb 14-1: device descriptor read/8, error -71
[ 2796.150375][ T1423] aoe: packet could not be sent on bond0.  consider increasing tx_queue_len
[ 2796.154596][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[ 2796.207622][ T8340] usb 14-1: new high-speed USB device number 13 using dummy_hcd
[ 2796.228855][ T8340] usb 14-1: device descriptor read/8, error -71
[ 2796.348018][ T8340] usb usb14-port1: unable to enumerate USB device
[ 2796.547493][ T5976] Bluetooth: hci3: command tx timeout
[ 2797.795918][T11431] tmpfs: Bad value for 'nr_blocks'
[ 2798.033742][T11446] binder: 11440:11446 ioctl c0306201 80000040 returned -22
[ 2798.036502][T11446] binder: 11440:11446 ioctl c0306201 80000640 returned -22
[ 2798.469020][ T5976] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[ 2798.473195][ T5976] Bluetooth: hci0: Injecting HCI hardware error event
[ 2798.477750][T16076] Bluetooth: hci0: hardware error 0x00
[ 2798.692317][T11471] binder: 11470:11471 ioctl c0306201 80000040 returned -22
[ 2798.695021][T11471] binder: 11470:11471 ioctl c0306201 80000640 returned -22
[ 2798.819661][T11478] netlink: 'syz.1.10527': attribute type 2 has an invalid length.
[ 2798.847512][T11480] binder: 11479:11480 unknown command 0
[ 2798.850147][T11480] binder: 11479:11480 ioctl c0306201 80000080 returned -22
[ 2798.936426][T11490] netlink: 12 bytes leftover after parsing attributes in process `syz.8.10533'.
[ 2798.968115][T11493] binder: 11492:11493 ioctl c0306201 0 returned -14
[ 2798.968375][T11490] netlink: 12 bytes leftover after parsing attributes in process `syz.8.10533'.
[ 2798.974660][T11493] binder: 11492:11493 ioctl c0306201 80000640 returned -22
[ 2799.110517][T11501] netlink: 28 bytes leftover after parsing attributes in process `syz.9.10532'.
[ 2799.121607][T11501] hub 9-0:1.0: USB hub found
[ 2799.123990][T11501] hub 9-0:1.0: 1 port detected
[ 2799.926369][T11527] netlink: 12 bytes leftover after parsing attributes in process `syz.9.10545'.
[ 2799.961933][T11527] netlink: 12 bytes leftover after parsing attributes in process `syz.9.10545'.
[ 2799.994140][T11530] syzkaller0: entered promiscuous mode
[ 2799.996474][T11530] syzkaller0: entered allmulticast mode
[ 2800.064940][T11534] binder: 11533:11534 ioctl c0306201 0 returned -14
[ 2800.067354][T11534] binder: 11533:11534 ioctl c0306201 80000640 returned -22
[ 2800.234282][T11546] netlink: 48 bytes leftover after parsing attributes in process `syz.1.10551'.
[ 2800.552012][T16076] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 2802.020355][T11558] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10555'.
[ 2802.024340][T11560] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10555'.
[ 2802.086492][T11569] binder: 11568:11569 ioctl c0306201 80000640 returned -22
[ 2802.210060][T11587] netlink: 'syz.0.10566': attribute type 1 has an invalid length.
[ 2802.230252][T11587] 8021q: adding VLAN 0 to HW filter on device bond6
[ 2802.286007][T11592] syzkaller0: entered promiscuous mode
[ 2802.288664][T11592] syzkaller0: entered allmulticast mode
[ 2802.398134][T11603] binder: 11602:11603 ioctl c0306201 80000640 returned -22
[ 2804.512046][T11626] netlink: 48 bytes leftover after parsing attributes in process `syz.0.10577'.
[ 2804.556964][T11631] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(3)
[ 2804.559189][T11631] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 2804.563104][T11631] vhci_hcd vhci_hcd.0: Device attached
[ 2804.586722][T11629] netlink: 8 bytes leftover after parsing attributes in process `syz.9.10579'.
[ 2804.622571][T11629] netlink: 8 bytes leftover after parsing attributes in process `syz.9.10579'.
[ 2804.737590][ T5472] vhci_hcd vhci_hcd.8: vhci_device speed not set
[ 2804.797784][ T5472] usb 53-1: new full-speed USB device number 2 using vhci_hcd
[ 2804.860417][T11651] syzkaller0: entered promiscuous mode
[ 2804.862763][T11651] syzkaller0: entered allmulticast mode
[ 2804.971878][   T41] kauditd_printk_skb: 1 callbacks suppressed
[ 2804.971895][   T41] audit: type=1326 audit(1765174262.521:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="syz.8.10580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2805.017984][   T41] audit: type=1326 audit(1765174262.521:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="syz.8.10580" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2805.027698][   T41] audit: type=1326 audit(1765174262.521:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="syz.8.10580" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2805.036785][   T41] audit: type=1326 audit(1765174262.521:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="syz.8.10580" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2805.058332][   T41] audit: type=1326 audit(1765174262.521:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="syz.8.10580" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2805.067165][   T41] audit: type=1326 audit(1765174262.521:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="syz.8.10580" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2805.075206][   T41] audit: type=1326 audit(1765174262.531:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="syz.8.10580" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2805.086436][   T41] audit: type=1326 audit(1765174262.531:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="syz.8.10580" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2805.105434][   T41] audit: type=1326 audit(1765174262.531:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="syz.8.10580" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2805.134475][   T41] audit: type=1326 audit(1765174262.541:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11630 comm="syz.8.10580" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2805.485758][T11634] vhci_hcd: connection reset by peer
[ 2805.487923][T30567] vhci_hcd vhci_hcd.8: stop threads
[ 2805.490304][T30567] vhci_hcd vhci_hcd.8: release socket
[ 2805.493453][T30567] vhci_hcd vhci_hcd.8: disconnect device
[ 2807.337684][T11692] binder: 11691:11692 ioctl c0306201 80000640 returned -22
[ 2807.406866][T11701] overlayfs: missing 'lowerdir'
[ 2808.469221][T16076] Bluetooth: hci2: command 0x0406 tx timeout
[ 2809.043519][T11719] syzkaller0: entered promiscuous mode
[ 2809.046830][T11719] syzkaller0: entered allmulticast mode
[ 2809.219966][ T5976] Bluetooth: hci2: unexpected event for opcode 0x0000
[ 2809.557649][ T1896] usb 13-1: new high-speed USB device number 29 using dummy_hcd
[ 2809.724205][ T1896] usb 13-1: config 0 has no interfaces?
[ 2809.726623][ T1896] usb 13-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[ 2809.750151][ T1896] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2809.755549][ T1896] usb 13-1: config 0 descriptor??
[ 2809.898422][ T5472] vhci_hcd vhci_hcd.8: vhci_device speed not set
[ 2810.007379][ T8340] usb 13-1: USB disconnect, device number 29
[ 2811.367594][ T6055] usb 13-1: new high-speed USB device number 30 using dummy_hcd
[ 2811.537742][ T6055] usb 13-1: Using ep0 maxpacket: 32
[ 2811.544817][ T6055] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2811.549330][ T6055] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2811.552582][ T6055] usb 13-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 2811.556227][ T6055] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2811.560486][ T6055] usb 13-1: config 0 descriptor??
[ 2812.436467][ T6055] savu 0003:1E7D:2D5A.0022: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.8-1/input0
[ 2812.671065][ T1896] usb 13-1: USB disconnect, device number 30
[ 2813.277541][ T5976] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 2813.281546][ T5976] Bluetooth: hci2: Injecting HCI hardware error event
[ 2813.296193][ T5976] Bluetooth: hci2: hardware error 0x00
[ 2813.348124][T11773] netlink: 'syz.1.10625': attribute type 2 has an invalid length.
[ 2813.434539][T11779] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10628'.
[ 2813.543669][T11779] team0 (unregistering): Port device team_slave_0 removed
[ 2813.560266][T11779] team0 (unregistering): Port device team_slave_1 removed
[ 2814.803714][T11808] netlink: 'syz.9.10637': attribute type 1 has an invalid length.
[ 2814.887693][ T1896] usb 13-1: new high-speed USB device number 31 using dummy_hcd
[ 2815.039264][ T1896] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2815.043291][ T1896] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2815.046449][ T1896] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 2815.050726][ T1896] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 2815.053912][ T1896] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2815.057750][ T1896] usb 13-1: config 0 descriptor??
[ 2815.347706][ T5976] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 2815.539148][ T1896] plantronics 0003:047F:FFFF.0023: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[ 2815.769742][ T8340] usb 13-1: USB disconnect, device number 31
[ 2816.365498][T11843] openvswitch: netlink: IP tunnel dst address not specified
[ 2816.424086][T11848] netlink: 'syz.8.10651': attribute type 1 has an invalid length.
[ 2816.436661][T11848] vlan3: entered allmulticast mode
[ 2816.439093][T11848] veth0_to_bond: entered allmulticast mode
[ 2818.546983][T11889] netlink: 'syz.8.10663': attribute type 5 has an invalid length.
[ 2818.557484][T11889] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10663'.
[ 2818.564512][T11889] netlink: 'syz.8.10663': attribute type 5 has an invalid length.
[ 2818.577131][T11889] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10663'.
[ 2818.871851][   T41] kauditd_printk_skb: 170 callbacks suppressed
[ 2818.871868][   T41] audit: type=1326 audit(1765174276.421:1282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11901 comm="syz.1.10669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2818.907663][   T41] audit: type=1326 audit(1765174276.431:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11901 comm="syz.1.10669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2818.916880][   T41] audit: type=1326 audit(1765174276.431:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11901 comm="syz.1.10669" exe="/syz-executor" sig=0 arch=40000003 syscall=402 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2818.944222][   T41] audit: type=1326 audit(1765174276.431:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11901 comm="syz.1.10669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2818.954957][   T41] audit: type=1326 audit(1765174276.431:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11901 comm="syz.1.10669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2818.990599][   T41] audit: type=1326 audit(1765174276.441:1287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11901 comm="syz.1.10669" exe="/syz-executor" sig=0 arch=40000003 syscall=302 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2819.000800][   T41] audit: type=1326 audit(1765174276.441:1288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11901 comm="syz.1.10669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2819.010259][   T41] audit: type=1326 audit(1765174276.441:1289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11901 comm="syz.1.10669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2820.360995][T11943] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input108
[ 2821.272382][T11965] netlink: 16 bytes leftover after parsing attributes in process `syz.9.10691'.
[ 2822.802209][T12010] /dev/nullb0: Can't open blockdev
[ 2823.062012][T12012] netlink: 'syz.9.10711': attribute type 25 has an invalid length.
[ 2823.064971][T12012] netlink: 184 bytes leftover after parsing attributes in process `syz.9.10711'.
[ 2823.415056][T12018] infiniband syb2: RDMA CMA: cma_listen_on_dev, error -98
[ 2824.367844][ T6085] usb 14-1: new high-speed USB device number 14 using dummy_hcd
[ 2824.521344][ T6085] usb 14-1: Using ep0 maxpacket: 16
[ 2824.528211][ T6085] usb 14-1: config 0 has an invalid interface number: 8 but max is 0
[ 2824.531642][ T6085] usb 14-1: config 0 has an invalid descriptor of length 143, skipping remainder of the config
[ 2824.535912][ T6085] usb 14-1: config 0 has no interface number 0
[ 2824.557541][ T6085] usb 14-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2824.569044][ T6085] usb 14-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 2824.573058][ T6085] usb 14-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 2824.576705][ T6085] usb 14-1: Product: syz
[ 2824.587549][ T6085] usb 14-1: SerialNumber: syz
[ 2824.598178][ T6085] usb 14-1: config 0 descriptor??
[ 2824.605571][ T6085] usbhid 14-1:0.8: couldn't find an input interrupt endpoint
[ 2824.800841][T12053] syz.1.10725 invoked oom-killer: gfp_mask=0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|__GFP_COMP), order=0, oom_score_adj=1000
[ 2824.817665][T12053] CPU: 0 UID: 0 PID: 12053 Comm: syz.1.10725 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2824.817697][T12053] Tainted: [L]=SOFTLOCKUP
[ 2824.817704][T12053] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 2824.817716][T12053] Call Trace:
[ 2824.817722][T12053]  <TASK>
[ 2824.817730][T12053]  dump_stack_lvl+0x16c/0x1f0
[ 2824.817846][T12053]  dump_header+0x101/0x960
[ 2824.817871][T12053]  oom_kill_process+0x176/0x910
[ 2824.817891][T12053]  ? oom_cpuset_eligible.isra.0+0x199/0x2d0
[ 2824.817912][T12053]  out_of_memory+0x1407/0x1700
[ 2824.817956][T12053]  ? __pfx_out_of_memory+0x10/0x10
[ 2824.817983][T12053]  __alloc_frozen_pages_noprof+0x1dbc/0x2430
[ 2824.818023][T12053]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 2824.818046][T12053]  ? __mod_zone_page_state+0xcc/0x1a0
[ 2824.818071][T12053]  ? __lock_acquire+0x436/0x2890
[ 2824.818093][T12053]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 2824.818122][T12053]  ? cpuset_nodemask_valid_mems_allowed+0x5f/0x80
[ 2824.818146][T12053]  ? policy_nodemask+0xea/0x4e0
[ 2824.818181][T12053]  alloc_pages_mpol+0x1fb/0x550
[ 2824.818208][T12053]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 2824.818244][T12053]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 2824.818265][T12053]  vma_alloc_folio_noprof+0xed/0x1e0
[ 2824.818283][T12053]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 2824.818311][T12053]  do_anonymous_page+0xc81/0x2190
[ 2824.818343][T12053]  __handle_mm_fault+0x1ecf/0x2bb0
[ 2824.818371][T12053]  ? __pfx___handle_mm_fault+0x10/0x10
[ 2824.818393][T12053]  ? __pte_offset_map_lock+0x174/0x310
[ 2824.818420][T12053]  ? find_held_lock+0x2b/0x80
[ 2824.818451][T12053]  ? follow_page_pte+0x5cf/0x1390
[ 2824.818483][T12053]  handle_mm_fault+0x3fe/0xad0
[ 2824.818508][T12053]  __get_user_pages+0x54e/0x3590
[ 2824.818546][T12053]  ? __pfx___get_user_pages+0x10/0x10
[ 2824.818580][T12053]  populate_vma_page_range+0x267/0x3f0
[ 2824.818610][T12053]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 2824.818639][T12053]  ? __pfx_find_vma_intersection+0x10/0x10
[ 2824.818669][T12053]  ? do_mmap+0x69c/0x1210
[ 2824.818699][T12053]  __mm_populate+0x1d8/0x380
[ 2824.818729][T12053]  ? __pfx___mm_populate+0x10/0x10
[ 2824.818760][T12053]  ? up_write+0x282/0x4e0
[ 2824.818784][T12053]  vm_mmap_pgoff+0x37f/0x470
[ 2824.818815][T12053]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 2824.818844][T12053]  ? __ia32_sys_futex_time32+0x2fc/0x460
[ 2824.818871][T12053]  ? xfd_validate_state+0x61/0x180
[ 2824.818894][T12053]  ksys_mmap_pgoff+0x7d/0x5c0
[ 2824.818921][T12053]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[ 2824.818951][T12053]  __do_fast_syscall_32+0xe8/0x680
[ 2824.818976][T12053]  do_fast_syscall_32+0x32/0x80
[ 2824.818997][T12053]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2824.819023][T12053] RIP: 0023:0xf705d579
[ 2824.819037][T12053] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 2824.819055][T12053] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[ 2824.819073][T12053] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000000b36000
[ 2824.819085][T12053] RDX: 000000000000000f RSI: 0000000004008032 RDI: 00000000ffffffff
[ 2824.819097][T12053] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2824.819108][T12053] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 2824.819142][T12053] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2824.819169][T12053]  </TASK>
[ 2824.819202][T12053] Mem-Info:
[ 2824.819499][T30771] usb 14-1: USB disconnect, device number 14
[ 2824.823856][T12053] active_anon:142 inactive_anon:673 isolated_anon:3
[ 2824.823856][T12053]  active_file:578 inactive_file:1996 isolated_file:3
[ 2824.823856][T12053]  unevictable:1768 dirty:22 writeback:0
[ 2824.823856][T12053]  slab_reclaimable:6684 slab_unreclaimable:59451
[ 2824.823856][T12053]  mapped:26837 shmem:1770 pagetables:1153
[ 2824.823856][T12053]  sec_pagetables:345 bounce:0
[ 2824.823856][T12053]  kernel_misc_reclaimable:0
[ 2824.823856][T12053]  free:87853 free_pcp:750 free_cma:0
[ 2824.986251][T12053] Node 0 active_anon:0kB inactive_anon:428kB active_file:12kB inactive_file:692kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:384kB dirty:8kB writeback:0kB shmem:4264kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:7724kB pagetables:940kB sec_pagetables:1164kB all_unreclaimable? no Balloon:0kB
[ 2824.998983][T12053] Node 0 DMA free:2580kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB zspages:32kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 2825.011168][T12053] lowmem_reserve[]: 0 289 289 289 289
[ 2825.013533][T12053] Node 0 DMA32 free:34520kB boost:0kB min:13332kB low:16664kB high:19996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:416kB active_file:0kB inactive_file:920kB unevictable:3536kB writepending:8kB zspages:488kB present:1032196kB managed:296924kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 2825.026646][T12053] lowmem_reserve[]: 0 0 0 0 0
[ 2825.028814][T12053] Node 0 DMA: 37*4kB (UM) 24*8kB (UM) 12*16kB (UM) 12*32kB (UM) 2*64kB (UM) 0*128kB 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2580kB
[ 2825.035250][T12053] Node 0 DMA32: 1248*4kB (UME) 672*8kB (UME) 349*16kB (UME) 297*32kB (UME) 85*64kB (UME) 33*128kB (UME) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 35376kB
[ 2825.042234][T12053] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 2825.046035][T12053] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 2825.049882][T12053] 2739 total pagecache pages
[ 2825.051775][T12053] 583 pages in swap cache
[ 2825.053629][T12053] Free swap  = 94532kB
[ 2825.055354][T12053] Total swap = 124996kB
[ 2825.057091][T12053] 524155 pages RAM
[ 2825.058748][T12053] 0 pages HighMem/MovableOnly
[ 2825.060762][T12053] 209031 pages reserved
[ 2825.062531][T12053] 0 pages cma reserved
[ 2825.064275][T12053] Unreclaimable slab info:
[ 2825.066790][T12053] Name                      Used          Total
[ 2825.069668][T12053] bio-184                    4KB          4KB
[ 2825.072115][T12053] pid_3                     31KB         31KB
[ 2825.074669][T12053] pid_2                    105KB        141KB
[ 2825.077180][T12053] bio-472                   15KB         15KB
[ 2825.079717][T12053] bio-536                   15KB         15KB
[ 2825.082156][T12053] bio-552                   15KB         15KB
[ 2825.084083][T12053] bio-584                   15KB         15KB
[ 2825.086001][T12053] afs_inode_cache           61KB         61KB
[ 2825.089554][T12053] zspage-zswap1            148KB        192KB
[ 2825.091524][T12053] zs_handle-zswap1         146KB        256KB
[ 2825.093518][T12053] zswap_entry              393KB        632KB
[ 2825.095436][T12053] AF_VSOCK                 122KB        122KB
[ 2825.097321][T12053] sw_flow_stats             16KB         16KB
[ 2825.099284][T12053] sw_flow                   61KB         61KB
[ 2825.101128][T12053] batadv_tt_change_cache         16KB         16KB
[ 2825.103576][T12053] batadv_tl_cache           16KB         16KB
[ 2825.106120][T12053] ceph_osd_request         191KB        191KB
[ 2825.108579][T12053] ceph_msg                  92KB        130KB
[ 2825.110765][T12053] IEEE-802.15.4-MAC        125KB        125KB
[ 2825.113264][T12053] IEEE-802.15.4-RAW         31KB         31KB
[ 2825.115871][T12053] p9_req_t                  87KB        127KB
[ 2825.118558][T12053] INET_SMC                 125KB        125KB
[ 2825.121143][T12053] SMC6                      93KB         93KB
[ 2825.123733][T12053] SMC                      125KB        125KB
[ 2825.126302][T12053] TIPC                     123KB        123KB
[ 2825.128597][T12053] rds_tcp_incoming           7KB          7KB
[ 2825.130777][T12053] rds_tcp_connection         31KB         31KB
[ 2825.133113][T12053] RDS                      123KB        123KB
[ 2825.135653][T12053] rds_connection            30KB         30KB
[ 2825.138307][T12053] SCTPv6                   120KB        120KB
[ 2825.140881][T12053] SCTP                     122KB        122KB
[ 2825.143504][T12053] sctp_chunk               125KB        195KB
[ 2825.146043][T12053] sctp_bind_bucket          16KB         16KB
[ 2825.148713][T12053] PNPIPE                   123KB        123KB
[ 2825.151345][T12053] PHONET                   126KB        126KB
[ 2825.153690][T12053] L2TP/IPv6                127KB        127KB
[ 2825.156251][T12053] L2TP/IP                  126KB        126KB
[ 2825.158815][T12053] KCM                      124KB        124KB
[ 2825.161314][T12053] kcm_mux                   63KB         63KB
[ 2825.163897][T12053] RXRPC                    128KB        128KB
[ 2825.166447][T12053] rxrpc_call_jar           350KB        350KB
[ 2825.168683][T12053] can_receiver              15KB         15KB
[ 2825.170609][T12053] net_bridge_fdb_entry         15KB         15KB
[ 2825.172694][T12053] nf-frags                  23KB         23KB
[ 2825.174622][T12053] xfrm6_tunnel_spi           8KB          8KB
[ 2825.176623][T12053] MPTCPv6                  125KB        125KB
[ 2825.178610][T12053] ip6-frags                 31KB         31KB
[ 2825.180533][T12053] fib6_node                166KB        184KB
[ 2825.182606][T12053] ip6_dst_cache            206KB        281KB
[ 2825.185195][T12053] mfc6_cache                 8KB          8KB
[ 2825.187883][T12053] PINGv6                   123KB        123KB
[ 2825.190418][T12053] RAWv6                    216KB        216KB
[ 2825.192959][T12053] UDPLITEv6                122KB        122KB
[ 2825.194990][T12053] UDPv6                    183KB        183KB
[ 2825.196999][T12053] tw_sock_TCPv6             31KB         31KB
[ 2825.199033][T12053] request_sock_TCPv6         30KB         30KB
[ 2825.201089][T12053] TCPv6                    371KB        477KB
[ 2825.203657][T12053] ip_vs_conn                 7KB          7KB
[ 2825.206196][T12053] nf_conntrack              94KB         94KB
[ 2825.208864][T12053] fq_flow_cache             63KB         63KB
[ 2825.211444][T12053] wg_peer                  208KB        208KB
[ 2825.214036][T12053] allowedips_node           23KB         23KB
[ 2825.216626][T12053] ubi_wl_entry_slab          7KB          7KB
[ 2825.219313][T12053] t10_alua_lu_gp_cache          7KB          7KB
[ 2825.221960][T12053] scsi_sense_cache          48KB         48KB
[ 2825.224569][T12053] virtio_scsi_cmd           16KB         16KB
[ 2825.227005][T12053] bio-136                   79KB        104KB
[ 2825.229412][T12053] io_kiocb                 135KB        210KB
[ 2825.231437][T12053] bio-264                   23KB         23KB
[ 2825.233842][T12053] mqueue_inode_cache        121KB        121KB
[ 2825.236427][T12053] f2fs_bio_post_read_ctx         23KB         23KB
[ 2825.239339][T12053] jfs_mp                     7KB          7KB
[ 2825.241925][T12053] orangefs_op_cache         34KB         34KB
[ 2825.244510][T12053] fuse_request              87KB        166KB
[ 2825.247177][T12053] cifs_small_rq             16KB         16KB
[ 2825.249825][T12053] cifs_request              67KB         67KB
[ 2825.252433][T12053] cifs_mpx_ids               7KB          7KB
[ 2825.254965][T12053] cifs_io_subrequest         39KB         39KB
[ 2825.257662][T12053] cifs_io_request           95KB         95KB
[ 2825.260236][T12053] nfs_commit_data           15KB         15KB
[ 2825.262794][T12053] nfs_write_data            63KB         63KB
[ 2825.265200][T12053] jbd2_inode                15KB         15KB
[ 2825.267562][T12053] ext4_system_zone           3KB          3KB
[ 2825.269935][T12053] ext4_io_end_vec           15KB         15KB
[ 2825.272590][T12053] kioctx                   127KB        127KB
[ 2825.275198][T12053] aio_kiocb                 31KB         31KB
[ 2825.277940][T12053] userfaultfd_ctx_cache         63KB         63KB
[ 2825.280692][T12053] fanotify_fid_event         63KB         83KB
[ 2825.283077][T12053] fanotify_mark             15KB         15KB
[ 2825.285686][T12053] dnotify_mark               7KB          7KB
[ 2825.288364][T12053] dnotify_struct             7KB          7KB
[ 2825.290921][T12053] fasync_cache              15KB         15KB
[ 2825.293492][T12053] pid_namespace             61KB         61KB
[ 2825.296094][T12053] kvm_gmem_inode_cache         63KB         63KB
[ 2825.298872][T12053] kvm_async_pf               7KB          7KB
[ 2825.301457][T12053] kvm_vcpu                 185KB        185KB
[ 2825.304090][T12053] kvm_mmu_page_header         77KB        104KB
[ 2825.306742][T12053] pte_list_desc             94KB        114KB
[ 2825.309524][T12053] x86_emulator             126KB        126KB
[ 2825.312116][T12053] rpc_buffers               31KB         31KB
[ 2825.314497][T12053] rpc_tasks                  7KB          7KB
[ 2825.316445][T12053] UNIX-STREAM              367KB        367KB
[ 2825.318438][T12053] UNIX                     367KB        581KB
[ 2825.320364][T12053] ip4-frags                 31KB         31KB
[ 2825.322416][T12053] mfc_cache                 16KB         16KB
[ 2825.324348][T12053] UDP-Lite                 123KB        123KB
[ 2825.326328][T12053] MPTCP                    120KB        120KB
[ 2825.328417][T12053] request_sock_subflow_v6          7KB          7KB
[ 2825.330801][T12053] request_sock_subflow_v4         15KB         15KB
[ 2825.333144][T12053] tcp_bind2_bucket          28KB         28KB
[ 2825.335341][T12053] tcp_bind_bucket           72KB         72KB
[ 2825.337530][T12053] inet_peer                 16KB         16KB
[ 2825.339526][T12053] xfrm_dst                  94KB        133KB
[ 2825.341523][T12053] xfrm_state               318KB        446KB
[ 2825.343711][T12053] ip_fib_trie               29KB         48KB
[ 2825.345760][T12053] ip_fib_alias              94KB        106KB
[ 2825.347976][T12053] rtable                    50KB        100KB
[ 2825.349989][T12053] PING                     126KB        126KB
[ 2825.351962][T12053] RAW                      159KB        159KB
[ 2825.354085][T12053] UDP                      154KB        154KB
[ 2825.356503][T12053] tw_sock_TCP               31KB         31KB
[ 2825.359024][T12053] request_sock_TCP          30KB         30KB
[ 2825.361399][T12053] TCP                      497KB        669KB
[ 2825.363636][T12053] hugetlbfs_inode_cache        125KB        125KB
[ 2825.365878][T12053] fscache_cookie_jar         30KB         30KB
[ 2825.368655][T12053] netfs_subrequest         140KB        179KB
[ 2825.371022][T12053] netfs_request            334KB        414KB
[ 2825.373153][T12053] bio-280                   15KB         15KB
[ 2825.375316][T12053] ep_head                   16KB         16KB
[ 2825.377535][T12053] eventpoll_pwq             23KB         23KB
[ 2825.379821][T12053] eventpoll_epi             74KB         74KB
[ 2825.382193][T12053] inotify_inode_mark         27KB         27KB
[ 2825.384793][T12053] sgpool-128                29KB         29KB
[ 2825.387019][T12053] sgpool-64                 31KB         31KB
[ 2825.389293][T12053] sgpool-32                189KB        189KB
[ 2825.391432][T12053] sgpool-16                 78KB         78KB
[ 2825.393344][T12053] sgpool-8                 125KB        140KB
[ 2825.395496][T12053] bio_crypt_ctx              7KB          7KB
[ 2825.397754][T12053] bio_integrity_data          4KB          4KB
[ 2825.400029][T12053] request_queue            228KB        247KB
[ 2825.402098][T12053] blkdev_ioc                39KB         39KB
[ 2825.404232][T12053] bio-200                  227KB        242KB
[ 2825.406186][T12053] biovec-max               756KB        896KB
[ 2825.408416][T12053] biovec-128                31KB         31KB
[ 2825.410402][T12053] biovec-64                252KB        409KB
[ 2825.412608][T12053] biovec-16                132KB        132KB
[ 2825.414953][T12053] mm_slot                   15KB         15KB
[ 2825.416932][T12053] ksm_mm_slot               16KB         16KB
[ 2825.419436][T12053] user_namespace            31KB         31KB
[ 2825.421571][T12053] uid_cache                 31KB         31KB
[ 2825.423619][T12053] iommu_iova_magazine       1053KB       1071KB
[ 2825.425732][T12053] iommu_iova               280KB        280KB
[ 2825.428017][T12053] dmaengine-unmap-256         30KB         30KB
[ 2825.430418][T12053] dmaengine-unmap-128         30KB         30KB
[ 2825.432548][T12053] dmaengine-unmap-16          4KB          4KB
[ 2825.434556][T12053] dmaengine-unmap-2          4KB          4KB
[ 2825.436385][T12053] QIPCRTR                  125KB        125KB
[ 2825.438219][T12053] audit_buffer              58KB         78KB
[ 2825.440006][T12053] skbuff_ext_cache         100KB        120KB
[ 2825.442064][T12053] skbuff_small_head        725KB        787KB
[ 2825.444325][T12053] skbuff_fclone_cache        187KB        328KB
[ 2825.446591][T12053] skbuff_head_cache       1056KB       1109KB
[ 2825.448867][T12053] configfs_dir_cache         16KB         16KB
[ 2825.451305][T12053] file_lease_cache         103KB        174KB
[ 2825.453587][T12053] file_lock_cache          102KB        142KB
[ 2825.455602][T12053] file_lock_ctx             19KB         19KB
[ 2825.457715][T12053] fsnotify_mark_connector         15KB         15KB
[ 2825.460252][T12053] posix_timers_cache         32KB         32KB
[ 2825.462546][T12053] taskstats                123KB        123KB
[ 2825.464655][T12053] mem_cgroup_per_node        123KB        123KB
[ 2825.466780][T12053] mem_cgroup                89KB         89KB
[ 2825.469065][T12053] proc_dir_entry           705KB        789KB
[ 2825.471041][T12053] pde_opener                15KB         15KB
[ 2825.473203][T12053] seq_file                 124KB        163KB
[ 2825.475305][T12053] sigqueue                  39KB         63KB
[ 2825.477345][T12053] shmem_inode_cache       7768KB       7988KB
[ 2825.479477][T12053] kernfs_iattrs_cache         35KB         35KB
[ 2825.481973][T12053] kernfs_node_cache      27236KB      27328KB
[ 2825.484230][T12053] mnt_cache                124KB        173KB
[ 2825.486285][T12053] bfilp                     86KB        126KB
[ 2825.488541][T12053] filp                     256KB        456KB
[ 2825.490602][T12053] names_cache             2120KB       2409KB
[ 2825.492880][T12053] net_namespace            169KB        169KB
[ 2825.495347][T12053] ima_iint_cache            55KB         55KB
[ 2825.497708][T12053] lsm_inode_cache         1418KB       1834KB
[ 2825.499708][T12053] lsm_file_cache            86KB        160KB
[ 2825.505352][T12053] key_jar                   31KB         31KB
[ 2825.507740][T12053] uts_namespace             62KB         62KB
[ 2825.509807][T12053] nsproxy                   15KB         15KB
[ 2825.511801][T12053] vm_area_struct           664KB        992KB
[ 2825.513757][T12053] fs_cache                  57KB         80KB
[ 2825.515744][T12053] files_cache              213KB        382KB
[ 2825.517788][T12053] signal_cache             904KB       1910KB
[ 2825.519779][T12053] sighand_cache           1181KB       2164KB
[ 2825.521751][T12053] task_struct             4253KB       5099KB
[ 2825.523751][T12053] cred                     161KB        340KB
[ 2825.525729][T12053] anon_vma_chain           143KB        248KB
[ 2825.527839][T12053] anon_vma                 238KB        390KB
[ 2825.529825][T12053] pid                      190KB        393KB
[ 2825.531808][T12053] Acpi-Operand             260KB        376KB
[ 2825.533765][T12053] Acpi-ParseExt             94KB        126KB
[ 2825.535747][T12053] Acpi-Parse                78KB        114KB
[ 2825.537740][T12053] Acpi-State                47KB         82KB
[ 2825.539730][T12053] Acpi-Namespace            56KB         56KB
[ 2825.541702][T12053] shared_policy_node         16KB         16KB
[ 2825.543742][T12053] numa_policy               15KB         15KB
[ 2825.545712][T12053] perf_event               125KB        125KB
[ 2825.547770][T12053] trace_event_file         528KB        528KB
[ 2825.549759][T12053] ftrace_event_field       1000KB       1000KB
[ 2825.552143][T12053] pool_workqueue          1953KB       2000KB
[ 2825.554324][T12053] task_group                61KB         61KB
[ 2825.556308][T12053] maple_node               802KB       1280KB
[ 2825.558307][T12053] mm_struct                428KB        612KB
[ 2825.560343][T12053] vmap_area                606KB       1136KB
[ 2825.562385][T12053] debug_objects_cache       2715KB       3329KB
[ 2825.564427][T12053] page->ptl                123KB        169KB
[ 2825.566405][T12053] kmalloc-cg-8k           1904KB       2112KB
[ 2825.568481][T12053] kmalloc-cg-4k          13000KB      15520KB
[ 2825.570484][T12053] kmalloc-cg-2k           8628KB      10880KB
[ 2825.572447][T12053] kmalloc-cg-1k           2552KB       3872KB
[ 2825.574442][T12053] kmalloc-cg-512          1151KB       1632KB
[ 2825.576412][T12053] kmalloc-cg-256           427KB        560KB
[ 2825.578425][T12053] kmalloc-cg-128           243KB        312KB
[ 2825.580478][T12053] kmalloc-cg-64             88KB        104KB
[ 2825.582494][T12053] kmalloc-cg-32             77KB        152KB
[ 2825.584500][T12053] kmalloc-cg-16             40KB         56KB
[ 2825.586456][T12053] kmalloc-cg-8              37KB         44KB
[ 2825.589427][T12053] kmalloc-cg-192            92KB         96KB
[ 2825.591529][T12053] kmalloc-cg-96             97KB        108KB
[ 2825.593647][T12053] kmalloc-8k              7488KB       7552KB
[ 2825.595616][T12053] kmalloc-4k             26936KB      27040KB
[ 2825.599018][T12053] kmalloc-2k             12592KB      14016KB
[ 2825.601375][T12053] kmalloc-1k              7476KB       9024KB
[ 2825.603646][T12053] kmalloc-512             8661KB      10864KB
[ 2825.605721][T12053] kmalloc-256             3985KB       4984KB
[ 2825.607933][T12053] kmalloc-128             1038KB       1380KB
[ 2825.610261][T12053] kmalloc-64              6571KB       8656KB
[ 2825.612912][T12053] kmalloc-32              1627KB       2652KB
[ 2825.615426][T12053] kmalloc-16               498KB        568KB
[ 2825.617361][T12053] kmalloc-8                439KB        560KB
[ 2825.619413][T12053] kmalloc-192             1720KB       2076KB
[ 2825.621377][T12053] kmalloc-96              1521KB       1760KB
[ 2825.623713][T12053] kmem_cache_node          224KB        228KB
[ 2825.625870][T12053] kmem_cache               195KB        195KB
[ 2825.628641][T12053] oom-kill:constraint=CONSTRAINT_MEMORY_POLICY,nodemask=0,cpuset=/,mems_allowed=0-1,global_oom,task_memcg=/syz1,task=syz.1.10725,pid=12053,uid=0
[ 2825.635249][T12053] Out of memory (oom_kill_allocating_task): Killed process 12052 (syz.1.10725) total-vm:103880kB, anon-rss:128kB, file-rss:20724kB, shmem-rss:0kB, UID:0 pgtables:108kB oom_score_adj:1000
[ 2826.005523][T12068] syzkaller0: entered promiscuous mode
[ 2826.007320][T12068] syzkaller0: entered allmulticast mode
[ 2826.988860][T17347] IPVS: starting estimator thread 0...
[ 2827.049743][ T6085] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[ 2827.077777][T12085] IPVS: using max 27 ests per chain, 64800 per kthread
[ 2827.209721][ T6085] usb 6-1: Using ep0 maxpacket: 16
[ 2827.231656][ T6085] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[ 2827.235392][ T6085] usb 6-1: config 0 has no interface number 0
[ 2827.239035][ T6085] usb 6-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2827.260720][ T6085] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 2827.264561][ T6085] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 2827.268496][ T6085] usb 6-1: Product: syz
[ 2827.270322][ T6085] usb 6-1: SerialNumber: syz
[ 2827.281051][ T6085] usb 6-1: config 0 descriptor??
[ 2827.286330][ T6085] usbhid 6-1:0.8: couldn't find an input interrupt endpoint
[ 2827.381488][T12096] syzkaller1: entered promiscuous mode
[ 2827.383401][T12096] syzkaller1: entered allmulticast mode
[ 2827.420631][T12099] syzkaller0: entered promiscuous mode
[ 2827.422534][T12099] syzkaller0: entered allmulticast mode
[ 2827.502210][ T8340] usb 6-1: USB disconnect, device number 17
[ 2827.622615][T12104] tipc: Started in network mode
[ 2827.627530][T12104] tipc: Node identity 84e, cluster identity 4711
[ 2827.629627][T12104] tipc: Node number set to 2126
[ 2828.107819][T30771] usb 13-1: new high-speed USB device number 32 using dummy_hcd
[ 2828.267851][T30771] usb 13-1: Using ep0 maxpacket: 32
[ 2828.272957][T30771] usb 13-1: config index 0 descriptor too short (expected 156, got 27)
[ 2828.276680][T30771] usb 13-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[ 2828.298342][T30771] usb 13-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 2828.302127][T30771] usb 13-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[ 2828.306312][T30771] usb 13-1: config 0 interface 0 has no altsetting 0
[ 2828.331320][T30771] usb 13-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[ 2828.334703][T30771] usb 13-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[ 2828.344711][T30771] usb 13-1: Product: syz
[ 2828.346134][T30771] usb 13-1: Manufacturer: syz
[ 2828.348767][T30771] usb 13-1: SerialNumber: syz
[ 2828.351369][T30771] usb 13-1: config 0 descriptor??
[ 2828.354882][T30771] ldusb 13-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 2828.359359][T30771] ldusb 13-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 2828.703285][ T6055] usb 13-1: USB disconnect, device number 32
[ 2828.706385][ T6055] ldusb 13-1:0.0: LD USB Device #0 now disconnected
[ 2828.797192][T12127] syzkaller0: entered promiscuous mode
[ 2828.799779][T12127] syzkaller0: entered allmulticast mode
[ 2829.336057][T12135] netlink: 'syz.8.10753': attribute type 2 has an invalid length.
[ 2829.515858][ T5607] Bluetooth: hci4: Frame reassembly failed (-84)
[ 2831.023861][T12163] syzkaller0: entered promiscuous mode
[ 2831.026237][T12163] syzkaller0: entered allmulticast mode
[ 2831.409921][T12176] netlink: 16 bytes leftover after parsing attributes in process `syz.0.10766'.
[ 2831.606823][T16076] Bluetooth: hci4: command 0x1003 tx timeout
[ 2831.610813][ T5976] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 2831.936342][T12192] syzkaller0: entered promiscuous mode
[ 2831.947481][T12192] syzkaller0: entered allmulticast mode
[ 2831.987517][T12194] program syz.8.10774 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2832.119958][T12205] netlink: 16 bytes leftover after parsing attributes in process `syz.9.10776'.
[ 2832.119983][T12202] syzkaller1: entered promiscuous mode
[ 2832.125588][T12202] syzkaller1: entered allmulticast mode
[ 2832.850270][ T6055] IPVS: starting estimator thread 0...
[ 2832.854325][T12240] netlink: 16 bytes leftover after parsing attributes in process `syz.9.10788'.
[ 2832.947625][T12239] IPVS: using max 42 ests per chain, 100800 per kthread
[ 2833.043313][   T41] audit: type=1326 audit(1765174290.591:1290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12225 comm="syz.8.10784" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2833.045137][T12241] /dev/nullb0: Can't open blockdev
[ 2833.057222][   T41] audit: type=1326 audit(1765174290.591:1291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12225 comm="syz.8.10784" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2833.064622][   T41] audit: type=1326 audit(1765174290.591:1292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12225 comm="syz.8.10784" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2833.071487][   T41] audit: type=1326 audit(1765174290.601:1293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12225 comm="syz.8.10784" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2833.078220][   T41] audit: type=1326 audit(1765174290.601:1294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12225 comm="syz.8.10784" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2833.087273][   T41] audit: type=1326 audit(1765174290.611:1295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12225 comm="syz.8.10784" exe="/syz-executor" sig=0 arch=40000003 syscall=352 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2833.096986][   T41] audit: type=1326 audit(1765174290.611:1296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12225 comm="syz.8.10784" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2833.105794][   T41] audit: type=1326 audit(1765174290.611:1297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12225 comm="syz.8.10784" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2833.114626][   T41] audit: type=1326 audit(1765174290.621:1298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12225 comm="syz.8.10784" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2833.123214][   T41] audit: type=1326 audit(1765174290.631:1299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12225 comm="syz.8.10784" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff7579 code=0x7ffc0000
[ 2834.294060][T12276] netlink: 16 bytes leftover after parsing attributes in process `syz.1.10797'.
[ 2834.538247][T12280] futex_wake_op: syz.1.10799 tries to shift op by -1; fix this program
[ 2834.545641][ T1896] kernel write not supported for file bpf-prog (pid: 1896 comm: kworker/2:0)
[ 2834.597684][T12283] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10799'.
[ 2834.672062][T12147] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2834.795658][T12147] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2834.918964][T12147] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2834.934724][T12296] netlink: 16 bytes leftover after parsing attributes in process `syz.8.10807'.
[ 2834.985470][T16076] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2835.000721][T16076] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2835.004819][T16076] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2835.010139][T12147] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2835.011234][T16076] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2835.016641][T16076] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2835.223553][T12147] bridge_slave_1: left allmulticast mode
[ 2835.225809][T12147] bridge_slave_1: left promiscuous mode
[ 2835.251610][T12147] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2835.265722][T12147] bridge_slave_0: left allmulticast mode
[ 2835.274889][T12147] bridge_slave_0: left promiscuous mode
[ 2835.281769][T12147] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2835.389544][T12313] netlink: 36 bytes leftover after parsing attributes in process `syz.8.10810'.
[ 2835.393381][T12313] netlink: 36 bytes leftover after parsing attributes in process `syz.8.10810'.
[ 2835.857283][T12147] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2835.862118][T12147] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2835.867175][T12147] bond0 (unregistering): Released all slaves
[ 2835.981672][T12147] bond1 (unregistering): (slave vlan3): Releasing active interface
[ 2835.986574][T12147] bond1 (unregistering): Released all slaves
[ 2836.124701][T12147] bond2 (unregistering): Released all slaves
[ 2836.236245][T12147] bond3 (unregistering): Released all slaves
[ 2836.356637][T12147] bond4 (unregistering): Released all slaves
[ 2836.510927][T12147] bond5 (unregistering): Released all slaves
[ 2836.639817][T12147] bond6 (unregistering): Released all slaves
[ 2836.679433][T12299] chnl_net:caif_netlink_parms(): no params data found
[ 2836.803364][T12147] IPVS: stopping master sync thread 8819 ...
[ 2836.901487][T12147] hsr_slave_0: left promiscuous mode
[ 2836.907872][T12147] hsr_slave_1: left promiscuous mode
[ 2836.912163][T12147] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2836.917633][T12147] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2836.923300][T12147] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2836.925837][T12147] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2836.945542][T12147] veth1_macvtap: left promiscuous mode
[ 2836.947317][T12147] veth0_macvtap: left promiscuous mode
[ 2836.957674][T12147] veth1_vlan: left promiscuous mode
[ 2836.959421][T12147] veth0_vlan: left promiscuous mode
[ 2837.119882][ T5976] Bluetooth: hci1: command tx timeout
[ 2837.593148][T12147] team0 (unregistering): Port device team_slave_1 removed
[ 2837.643069][T12147] team0 (unregistering): Port device team_slave_0 removed
[ 2837.857355][T12362] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10827'.
[ 2838.006814][T12366] netlink: 12 bytes leftover after parsing attributes in process `syz.9.10829'.
[ 2838.010890][T12366] netlink: 12 bytes leftover after parsing attributes in process `syz.9.10829'.
[ 2838.138107][T12299] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2838.140722][T12299] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2838.143723][T12299] bridge_slave_0: entered allmulticast mode
[ 2838.147293][T12299] bridge_slave_0: entered promiscuous mode
[ 2838.151476][T12299] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2838.154624][T12299] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2838.156975][T12299] bridge_slave_1: entered allmulticast mode
[ 2838.161017][T12299] bridge_slave_1: entered promiscuous mode
[ 2838.179330][T12299] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2838.196076][T12299] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2838.223155][T12299] team0: Port device team_slave_0 added
[ 2838.225021][T12379] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10833'.
[ 2838.246650][T12299] team0: Port device team_slave_1 added
[ 2838.280300][T12299] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2838.285556][T12299] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2838.294966][T12299] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2838.300113][T12299] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2838.302366][T12299] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2838.311838][T12299] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2838.317470][   T41] kauditd_printk_skb: 7 callbacks suppressed
[ 2838.317480][   T41] audit: type=1326 audit(1765174295.861:1307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12387 comm="syz.1.10838" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2838.326603][   T41] audit: type=1326 audit(1765174295.861:1308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12387 comm="syz.1.10838" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2838.336371][   T41] audit: type=1326 audit(1765174295.861:1309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12387 comm="syz.1.10838" exe="/syz-executor" sig=0 arch=40000003 syscall=45 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2838.343584][   T41] audit: type=1326 audit(1765174295.861:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12387 comm="syz.1.10838" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2838.350253][   T41] audit: type=1326 audit(1765174295.861:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12387 comm="syz.1.10838" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2838.391270][T12299] hsr_slave_0: entered promiscuous mode
[ 2838.393980][T12299] hsr_slave_1: entered promiscuous mode
[ 2838.396559][T12299] debugfs: 'hsr0' already exists in 'hsr'
[ 2838.400341][T12299] Cannot create hsr debugfs directory
[ 2838.977353][T12299] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2838.981826][T12299] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2838.986322][T12299] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2838.992427][T12299] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2839.067345][T12299] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2839.096219][T12299] 8021q: adding VLAN 0 to HW filter on device team0
[ 2839.105378][T12147] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2839.108553][T12147] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2839.116481][T14912] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2839.119103][T14912] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2839.188030][T16076] Bluetooth: hci1: command tx timeout
[ 2839.265931][T12419] netlink: 8 bytes leftover after parsing attributes in process `syz.9.10845'.
[ 2839.281152][T12299] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2839.319395][T12299] veth0_vlan: entered promiscuous mode
[ 2839.326534][T12299] veth1_vlan: entered promiscuous mode
[ 2839.356557][T12299] veth0_macvtap: entered promiscuous mode
[ 2839.364340][T12299] veth1_macvtap: entered promiscuous mode
[ 2839.378953][T12299] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2839.390405][T12299] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2839.399652][ T1156] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2839.403563][ T1156] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2839.409703][ T1156] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2839.413520][ T1156] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2839.461354][ T1156] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2839.464969][ T1156] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2839.487104][ T1156] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2839.490616][ T1156] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2839.740697][T12442] IPVS: sync thread started: state = BACKUP, mcast_ifn = macvlan0, syncid = 0, id = 0
[ 2839.745082][T12441] IPVS: stopping backup sync thread 12442 ...
[ 2839.863972][T12448] netlink: 40 bytes leftover after parsing attributes in process `syz.9.10857'.
[ 2839.877533][   T10] usb 13-1: new high-speed USB device number 33 using dummy_hcd
[ 2840.044043][T12457] netlink: 660 bytes leftover after parsing attributes in process `syz.9.10861'.
[ 2840.057503][   T10] usb 13-1: Using ep0 maxpacket: 16
[ 2840.060943][   T10] usb 13-1: config 0 has an invalid interface number: 8 but max is 0
[ 2840.063729][   T10] usb 13-1: config 0 has no interface number 0
[ 2840.065884][   T10] usb 13-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 2840.073249][   T10] usb 13-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 2840.076332][   T10] usb 13-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 2840.079253][   T10] usb 13-1: Product: syz
[ 2840.080875][   T10] usb 13-1: SerialNumber: syz
[ 2840.084122][   T10] usb 13-1: config 0 descriptor??
[ 2840.088056][   T10] cm109 13-1:0.8: invalid payload size 208, expected 4
[ 2840.092044][   T10] input: CM109 USB driver as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.8/input/input109
[ 2840.208887][T12457] infiniband syû: set active
[ 2840.211048][T12457] infiniband syû: added bond_slave_0
[ 2840.236947][T12457] RDS/IB: syû: added
[ 2840.238824][T12457] smc: adding ib device syû with port count 1
[ 2840.241441][T12457] smc:    ib device syû port 1 has no pnetid
[ 2840.290151][   T29] usb 13-1: USB disconnect, device number 33
[ 2840.290170][    C0] cm109 13-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 2840.294533][    C0] cm109 13-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[ 2840.298146][   T29] cm109 13-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[ 2840.467684][ T5976] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 2840.761993][T12463] netlink: 20 bytes leftover after parsing attributes in process `syz.3.10863'.
[ 2841.090293][   T41] audit: type=1326 audit(1765174298.641:1312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12484 comm="syz.1.10871" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2841.099503][   T41] audit: type=1326 audit(1765174298.641:1313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12484 comm="syz.1.10871" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2841.110785][   T41] audit: type=1326 audit(1765174298.641:1314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12484 comm="syz.1.10871" exe="/syz-executor" sig=0 arch=40000003 syscall=132 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2841.120509][   T41] audit: type=1326 audit(1765174298.641:1315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12484 comm="syz.1.10871" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2841.129995][   T41] audit: type=1326 audit(1765174298.641:1316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12484 comm="syz.1.10871" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000
[ 2841.176039][T12491] netlink: 'syz.1.10873': attribute type 1 has an invalid length.
[ 2841.199849][T12491] 8021q: adding VLAN 0 to HW filter on device bond1
[ 2841.209706][T12491] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10873'.
[ 2841.214312][T12494] netlink: 24 bytes leftover after parsing attributes in process `syz.3.10874'.
[ 2841.277638][ T5976] Bluetooth: hci1: command tx timeout
[ 2841.356166][T12491] bond1 (unregistering): Released all slaves
[ 2841.757889][   T10] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[ 2841.909106][   T10] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 2841.913944][   T10] usb 8-1: config 1 has an invalid descriptor of length 52, skipping remainder of the config
[ 2841.917208][   T10] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 2841.920125][   T10] usb 8-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xF7, changing to 0x87
[ 2841.923981][   T10] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 52, changing to 7
[ 2841.927854][   T10] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 9272, setting to 1024
[ 2841.933203][   T10] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 2841.936630][   T10] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 2841.939813][   T10] usb 8-1: Product: syz
[ 2841.941289][   T10] usb 8-1: Manufacturer: syz
[ 2841.945536][   T10] cdc_wdm 8-1:1.0: skipping garbage
[ 2841.947599][   T10] cdc_wdm 8-1:1.0: skipping garbage
[ 2841.949479][   T10] cdc_wdm 8-1:1.0: probe with driver cdc_wdm failed with error -22
[ 2842.153556][ T6085] usb 8-1: USB disconnect, device number 18
[ 2842.706536][T12547] ref_ctr_offset mismatch. inode: 0x987 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x30656c69662f2e
[ 2843.154415][T12561] /dev/nullb0: Can't open blockdev
[ 2843.347592][ T5976] Bluetooth: hci1: command tx timeout
[ 2843.676298][T12567] syzkaller0: entered promiscuous mode
[ 2843.678620][T12567] syzkaller0: entered allmulticast mode
[ 2844.046461][T12582] __nla_validate_parse: 4 callbacks suppressed
[ 2844.046479][T12582] netlink: 16 bytes leftover after parsing attributes in process `syz.8.10906'.
[ 2844.116187][T12585] ------------[ cut here ]------------
[ 2844.118821][T12585] WARNING: fs/exec.c:118 at path_noexec+0x1ca/0x230, CPU#1: syz.3.10903/12585
[ 2844.121837][T12585] Modules linked in:
[ 2844.123520][T12585] CPU: 1 UID: 0 PID: 12585 Comm: syz.3.10903 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2844.126973][T12585] Tainted: [L]=SOFTLOCKUP
[ 2844.128487][T12585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 2844.132459][T12585] RIP: 0010:path_noexec+0x1ca/0x230
[ 2844.134370][T12585] Code: ff 83 e3 02 48 89 de e8 54 35 82 ff 48 85 db 41 0f 95 c4 e8 78 3a 82 ff 44 89 e0 5b 5d 41 5c c3 cc cc cc cc e8 67 3a 82 ff 90 <0f> 0b 90 e9 47 ff ff ff e8 d9 0f eb ff e9 a8 fe ff ff e8 cf 0f eb
[ 2844.140747][T12585] RSP: 0018:ffffc90007a97c88 EFLAGS: 00010283
[ 2844.142822][T12585] RAX: 00000000000000ab RBX: ffff8880412841e0 RCX: ffffc9000c7a2000
[ 2844.145378][T12585] RDX: 0000000000080000 RSI: ffffffff823c1c39 RDI: 0000000000000007
[ 2844.148083][T12585] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[ 2844.150656][T12585] R10: 0000000000000000 R11: ffff888028f82ff0 R12: 00000000802ca000
[ 2844.153276][T12585] R13: 0000000000000001 R14: 000000007c07f9f3 R15: ffff88801377f740
[ 2844.155819][T12585] FS:  0000000000000000(0000) GS:ffff88809780e000(0063) knlGS:00000000f542bb40
[ 2844.158840][T12585] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 2844.161043][T12585] CR2: 0000000057ef24c0 CR3: 0000000074f5d000 CR4: 0000000000352ef0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 2844.163643][T12585] Call Trace:
[ 2844.164695][T12585]  <TASK>
[ 2844.165641][T12585]  do_mmap+0xd23/0x1210
[ 2844.167013][T12585]  ? __pfx_do_mmap+0x10/0x10
[ 2844.168542][T12585]  ? __pfx_down_write_killable+0x10/0x10
[ 2844.170288][T12585]  vm_mmap_pgoff+0x29e/0x470
[ 2844.171882][T12585]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 2844.173525][T12585]  ? __fget_files+0x20e/0x3c0
[ 2844.175009][T12585]  ksys_mmap_pgoff+0x32c/0x5c0
[ 2844.176525][T12585]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[ 2844.178293][T12585]  __do_fast_syscall_32+0xe8/0x680
[ 2844.179956][T12585]  do_fast_syscall_32+0x32/0x80
[ 2844.181576][T12585]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2844.183612][T12585] RIP: 0023:0xf707d579
[ 2844.184888][T12585] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 2844.190928][T12585] RSP: 002b:00000000f542b55c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[ 2844.193568][T12585] RAX: ffffffffffffffda RBX: 00000000802ca000 RCX: 0000000000004000
[ 2844.196031][T12585] RDX: 0000000003000007 RSI: 0000000000000012 RDI: 0000000000000007
[ 2844.198605][T12585] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2844.201307][T12585] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 2844.203781][T12585] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2844.206305][T12585]  </TASK>
[ 2844.207342][T12585] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 2844.209638][T12585] CPU: 1 UID: 0 PID: 12585 Comm: syz.3.10903 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 2844.213157][T12585] Tainted: [L]=SOFTLOCKUP
[ 2844.214494][T12585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[ 2844.217703][T12585] Call Trace:
[ 2844.218778][T12585]  <TASK>
[ 2844.219743][T12585]  dump_stack_lvl+0x3d/0x1f0
[ 2844.221498][T12585]  vpanic+0x640/0x6f0
[ 2844.222765][T12585]  ? path_noexec+0x1ca/0x230
[ 2844.224430][T12585]  panic+0xca/0xd0
[ 2844.226178][T12585]  ? __pfx_panic+0x10/0x10
[ 2844.228080][T12585]  check_panic_on_warn+0xab/0xb0
[ 2844.230422][T12585]  __warn+0x108/0x3c0
[ 2844.232192][T12585]  __report_bug+0x2a0/0x520
[ 2844.234122][T12585]  ? path_noexec+0x1ca/0x230
[ 2844.235896][T12585]  ? __pfx___report_bug+0x10/0x10
[ 2844.237766][T12585]  ? arch_get_unmapped_area_topdown+0x494/0x8f0
[ 2844.240337][T12585]  ? path_noexec+0x1ca/0x230
[ 2844.242304][T12585]  report_bug+0xb2/0x220
[ 2844.244121][T12585]  ? path_noexec+0x1ca/0x230
[ 2844.246062][T12585]  handle_bug+0x127/0x260
[ 2844.247807][T12585]  exc_invalid_op+0x17/0x50
[ 2844.249657][T12585]  asm_exc_invalid_op+0x1a/0x20
[ 2844.251745][T12585] RIP: 0010:path_noexec+0x1ca/0x230
[ 2844.253861][T12585] Code: ff 83 e3 02 48 89 de e8 54 35 82 ff 48 85 db 41 0f 95 c4 e8 78 3a 82 ff 44 89 e0 5b 5d 41 5c c3 cc cc cc cc e8 67 3a 82 ff 90 <0f> 0b 90 e9 47 ff ff ff e8 d9 0f eb ff e9 a8 fe ff ff e8 cf 0f eb
[ 2844.261800][T12585] RSP: 0018:ffffc90007a97c88 EFLAGS: 00010283
[ 2844.264364][T12585] RAX: 00000000000000ab RBX: ffff8880412841e0 RCX: ffffc9000c7a2000
[ 2844.267671][T12585] RDX: 0000000000080000 RSI: ffffffff823c1c39 RDI: 0000000000000007
[ 2844.270971][T12585] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[ 2844.274260][T12585] R10: 0000000000000000 R11: ffff888028f82ff0 R12: 00000000802ca000
[ 2844.277542][T12585] R13: 0000000000000001 R14: 000000007c07f9f3 R15: ffff88801377f740
[ 2844.280885][T12585]  ? path_noexec+0x1c9/0x230
[ 2844.282928][T12585]  ? path_noexec+0x1c9/0x230
[ 2844.284910][T12585]  do_mmap+0xd23/0x1210
[ 2844.286841][T12585]  ? __pfx_do_mmap+0x10/0x10
[ 2844.288802][T12585]  ? __pfx_down_write_killable+0x10/0x10
[ 2844.291077][T12585]  vm_mmap_pgoff+0x29e/0x470
[ 2844.293001][T12585]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 2844.295121][T12585]  ? __fget_files+0x20e/0x3c0
[ 2844.297062][T12585]  ksys_mmap_pgoff+0x32c/0x5c0
[ 2844.299023][T12585]  ? __ia32_sys_mmap_pgoff+0x11/0x1b0
[ 2844.301155][T12585]  __do_fast_syscall_32+0xe8/0x680
[ 2844.303361][T12585]  do_fast_syscall_32+0x32/0x80
[ 2844.305410][T12585]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2844.308055][T12585] RIP: 0023:0xf707d579
[ 2844.309750][T12585] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[ 2844.317577][T12585] RSP: 002b:00000000f542b55c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0
[ 2844.321004][T12585] RAX: ffffffffffffffda RBX: 00000000802ca000 RCX: 0000000000004000
[ 2844.324290][T12585] RDX: 0000000003000007 RSI: 0000000000000012 RDI: 0000000000000007
[ 2844.327486][T12585] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2844.330682][T12585] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[ 2844.333941][T12585] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2844.337212][T12585]  </TASK>
[ 2844.339249][T12585] Kernel Offset: disabled
[ 2844.341036][T12585] Rebooting in 86400 seconds..