last executing test programs:

8m24.94912351s ago: executing program 0 (id=61):
r0 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040), &(0x7f0000000080)=0x14)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sched_switch\x00', r5, 0x0, 0x3}, 0x18)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000680)={0x0, 0x40, 0x10}, 0xc)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x3)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000240)={0x3920e, r6})
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000006c0)={0x0, 0x0, 0x8}, 0xc)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xd, 0x14, &(0x7f00000006c0)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8", @ANYRES32=r8, @ANYRES32=0x0], &(0x7f00000000c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x17, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3}, {}, {}, [@btf_id={0x18, 0xf, 0x3, 0x0, 0x4}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @initr0={0x18, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x8}, @btf_id={0x18, 0xa, 0x3, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0xc3, &(0x7f00000004c0)=""/195, 0x41000, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000600)={0x3, 0xc, 0x101, 0x3ff}, 0x10, 0x0, r5, 0x6, &(0x7f0000000700), &(0x7f00000007c0)=[{0x4, 0x2, 0xb, 0xb}, {0x2, 0x2, 0x8, 0x8}, {0x5, 0x5, 0x10, 0xa}, {0x3, 0x4, 0x3, 0x7}, {0x2, 0x1, 0x7, 0x9}, {0x2, 0x401, 0x7, 0x8}], 0x10, 0x40, @void, @value}, 0x94)
r9 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r9, 0x112, 0xb, &(0x7f0000007480), 0x2)
write$binfmt_elf64(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="7f454c460000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000380000000000000000000300"/113], 0x78)
close_range(r0, 0xffffffffffffffff, 0x0)

8m20.049426769s ago: executing program 0 (id=70):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000049c000/0x18000)=nil, &(0x7f0000000400)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x3b, &(0x7f0000000200)=ANY=[@ANYBLOB="12011400c7f36d088d0e0020c621000000010902290001000000000904000000db02ef"], 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000540)={[0x88ab8, 0x7, 0x9, 0xd646, 0x7, 0xa90, 0x8001, 0x1ff, 0x3, 0x8000000000000000, 0x8000000000000001, 0x2, 0xffff, 0x101, 0x5, 0x1], 0x8000000, 0x141200})
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="000000000000000008000c00004e07006c001a"], 0x94}}, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000640)=0x4)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x1, 0x48, 0x10, 0x0, 0x100, 0x53, 0x40, 0x53, 0xb6, 0xff, 0x5a, 0x4, 0x0, 0x6, 0x5, 0x9, 0x1, 0x5, 0x93, '\x00', 0x5, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

8m14.247925571s ago: executing program 0 (id=81):
r0 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040), &(0x7f0000000080)=0x14)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sched_switch\x00', r5, 0x0, 0x3}, 0x18)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000680)={0x0, 0x40, 0x10}, 0xc)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x3)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000240)={0x3920e, r6})
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000006c0)={0x0, 0x0, 0x8}, 0xc)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xd, 0x14, &(0x7f00000006c0)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8", @ANYRES32=r8, @ANYRES32=0x0], &(0x7f00000000c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x17, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3}, {}, {}, [@btf_id={0x18, 0xf, 0x3, 0x0, 0x4}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @initr0={0x18, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x8}, @btf_id={0x18, 0xa, 0x3, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0xc3, &(0x7f00000004c0)=""/195, 0x41000, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000600)={0x3, 0xc, 0x101, 0x3ff}, 0x10, 0x0, r5, 0x6, &(0x7f0000000700), &(0x7f00000007c0)=[{0x4, 0x2, 0xb, 0xb}, {0x2, 0x2, 0x8, 0x8}, {0x5, 0x5, 0x10, 0xa}, {0x3, 0x4, 0x3, 0x7}, {0x2, 0x1, 0x7, 0x9}, {0x2, 0x401, 0x7, 0x8}], 0x10, 0x40, @void, @value}, 0x94)
r9 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r9, 0x112, 0xb, &(0x7f0000007480), 0x2)
write$binfmt_elf64(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="7f454c460000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000380000000000000000000300"/113], 0x78)
close_range(r0, 0xffffffffffffffff, 0x0)

8m10.758627828s ago: executing program 0 (id=88):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x5484}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
r3 = epoll_create1(0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000140))
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x821c10, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x112dd10, 0x0)

8m9.349481545s ago: executing program 0 (id=89):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f0000000780)=ANY=[@ANYBLOB], &(0x7f0000000380)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mount$9p_virtio(&(0x7f00000001c0), 0x0, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
io_uring_setup(0x6e74, &(0x7f0000000180)={0x0, 0xaebc, 0x20, 0x2, 0x180})
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
recvmmsg(r1, &(0x7f000000a1c0)=[{{0x0, 0x0, 0x0}, 0x6}, {{0x0, 0x0, 0x0}, 0x9}], 0x2, 0x2202, 0x0)
sendmsg$netlink(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x2000080)
unshare(0x62040200)
socket$inet(0xa, 0x801, 0x84)

8m8.287397355s ago: executing program 0 (id=92):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000dc0)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000480)={0x34, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})

8m6.698836776s ago: executing program 32 (id=92):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000dc0)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000480)={0x34, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})

7m1.463379654s ago: executing program 3 (id=207):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, 0x0, &(0x7f0000000280))
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000640)=0x3)
pwritev(r1, &(0x7f0000000080)=[{&(0x7f0000000140)="80fd", 0x2}], 0x1, 0x5, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f0000000040)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
close(0xffffffffffffffff)
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_opts(r4, 0x0, 0x200000000000c, 0x0, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x200000000000b, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r2, 0xc02064a4, &(0x7f0000000200)={r3, 0x0, 0x0, 0x0, 0x0})
fsetxattr$security_capability(r0, &(0x7f0000000140), &(0x7f00000002c0)=@v3={0x3000000, [{0x5, 0x18}, {0x6, 0xff}]}, 0x18, 0x3)
pipe2$watch_queue(&(0x7f0000000580)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80)
r7 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, r6, 0x8f)
r8 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_STEREO(r8, 0xc0045003, &(0x7f0000000040))
pipe2$watch_queue(&(0x7f0000000180)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r7, r10, 0xbc)
keyctl$KEYCTL_WATCH_KEY(0x20, r7, r6, 0xb5)
close_range(r5, r9, 0x0)

6m59.317419885s ago: executing program 3 (id=213):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x22020600)
r5 = syz_io_uring_setup(0x10d, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x40000000}, &(0x7f0000000380)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000100)=@IORING_OP_SYMLINKAT={0x26, 0x40, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./file0\x00'})
io_uring_enter(r5, 0x3f70, 0x0, 0x0, 0x0, 0x0)

6m55.912545572s ago: executing program 3 (id=217):
pipe2$watch_queue(&(0x7f0000000180), 0x80)
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, 0x0, 0x0)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000c40)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r5, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r5, 0x0)
preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="0000000000000000b702000014000000b7030000030000008500000005000000bf0900000000000055090100000000009500000000000000b7020000000000007b2af0ff000000003609080000000000c39af0ffa0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

6m48.614894186s ago: executing program 3 (id=229):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x103200, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000300)={0x28, 0x6, r5, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r5, 0x0, <r6=>0xffffffffffffffff})
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_RW(r7, 0x3ba0, &(0x7f0000000400)={0x48, 0x8, r6, 0x0, 0x2fff, 0x1, &(0x7f0000000340)="f6", 0x5})

6m46.442282439s ago: executing program 3 (id=233):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
ioctl$sock_inet_sctp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x800, 0x0)
ioctl$PPPIOCDISCONN(r0, 0x7439)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r1, 0x2c9ab000)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48850}, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r5, &(0x7f0000000480)={0x18}, 0x18)
write$FUSE_INIT(r5, &(0x7f0000000600)={0x50, 0x0, 0x0, {0x7, 0x29, 0x3, 0x0, 0x4, 0x772, 0x7, 0x0, 0x0, 0x0, 0xa0, 0x200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}})
io_uring_enter(0xffffffffffffffff, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1, 0x12, r6, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x21000000003c, &(0x7f00000000c0), 0x4)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

6m44.68036918s ago: executing program 3 (id=238):
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e22, 0x3, @private1, 0xffffffff}, 0x1c)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
dup(r0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f0000000100)='asymmetric\x00', &(0x7f0000000080)=@secondary)
prctl$PR_GET_ENDIAN(0x13, 0x0)
keyctl$get_persistent(0x16, 0x0, r5)
syz_open_dev$usbfs(&(0x7f0000000c00), 0xabce66e, 0x141402)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0xc0)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
r6 = openat$smackfs_cipsonum(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/smackfs/doi\x00', 0x2, 0x0)
writev(r6, &(0x7f0000002680)=[{&(0x7f00000025c0)='8', 0x1}], 0x1)
dup(0xffffffffffffffff)

6m36.016442016s ago: executing program 4 (id=250):
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, 0x0)
r2 = syz_io_uring_setup(0x6d0c, 0x0, &(0x7f00000000c0), &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_setup(0x1866, &(0x7f00000003c0), &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000100))
syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r2, 0x184d, 0x0, 0x0, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f00000010c0)='./file0\x00', 0x400)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = socket(0x2, 0x80805, 0x0)
getsockopt$bt_hci(r7, 0x84, 0x80, 0x0, &(0x7f0000001080))
r8 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000300), r5)
sendmsg$NET_DM_CMD_START(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, r8, 0x1, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000010)

6m34.589955948s ago: executing program 4 (id=253):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
r0 = socket$caif_seqpacket(0x25, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000850)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8923, &(0x7f00000002c0)={'veth1_macvtap\x00', 0x1001})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000c5e9abdb17bd8f26356887bcd2f78aeec77d079ed499cf32e3ac447e64f4dd0cbc510a7bc28fdd1a11905e4318e1db9ed93fbdf59ce2710d9ae7be87f82c647d98c6501b596665000000"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000100)='sched_switch\x00', r4, 0x0, 0xed}, 0x18)
openat$vimc2(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000180))
sendmsg$inet(r0, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001540)=[{}, {0x0}, {&(0x7f00000000c0)="5b66e6481f0bb9c86006e443a01c1a394fa21db31fa7e96bb9be1476ae2cfedcfe42", 0x22}, {&(0x7f0000000300)="e56242bf180ae89d77999f1addb32fc19b93fd3da0a2687372ef14df13f95e24c956af7ca665f70f9319b1f000a23f9c89905585f20391d414ff11145a298a5552b366302d4aef58c931eafeb5dff766df5e44af74516abe10076bc89df35426684f63d9ce20dcd03590ed6db15e0a30d829c6439d60cd30def8a1c0722f66267e84607bb540defca5bd0420c3dcb5113df731be3bfa15e7670d0ebe9ea2738e23f7c61795412a57b77390ec1b08589d343e4eae4265c37aae16024a551dc5317ec2bc05077a0ef2a7c5e0f8656ea1e9fc56efe631bfd79050f1c2ebab776aab7ca8565b9dd293adb8febc5ac28b621f4bb81057d2992ebb4d6d26f480ed645cc32bf6d1687b239a53e20858944963edc5f3a0f6dfc03c774d97418c0c57908f6a174c85f233d354b7d45768ee65310679d599230f1a767fc7a500001a5e2a48fdaf8720924df2b49ab71f2a259c0b0ae9743c86947b983e113e614e11be672c228f17fde045ac9319515fcf58ad7cc4c52e1fb41d3cf04d37d9ddabb068858dc39ad6cd4b6a709dbe856679cf8148d02efe808a8dc02fb0269105f59cdeb6e0a03451696a969b5970af3e941a6ab22d5eb55e85db14a7b8620f44576a76ad5074813edfb60d8b0ce9bc1af406619d3b680beb00010bd3790d47a410d2d7d05106ce96dcd08844c555d8b0432184979203c8d07a39ecabe66a6b9e48c9057adef9901c1c519b9cc2ec485510f990935270ab9d4303e30e347f8b3aebc782e330ab34145de53e2e01b6a1eba5c54910c80565b58022f595f7af1dba9f88f91ffa667fbaddc32c35b0ce69c2b420c2489602bcc3fdcfbf4ccfb2dd7764c0330af16d2b3455917d190fd8b1593f02407f02bf1fccb7a049b81e832e3072c8b6d2461a74abc51a144b8366e8cade4eef050f1d1820c9d1dd3f859dcf99c0a35ad69a83942eadd47c18f9e2118fbad49345953ee4e4c5bbd455ab61dc78dc876f911b7cc18f2da5b7e4dc494f7df6b575a7867a3bc5db40833e6a058a7c8c236d871cbfc886a040e0077836126768ed87e80e49388cd1d6e570acd264964ee59513bb89c9df65bc6443625afa57b95121a2ae1c483f5e8215154ad8ee92ab2ebec111142cb1a4bd12d5b6f95f839f59696be0869a1a451cbccf7ff3788d961d30f58d715cc15353b5a34ef56c787d2bea196bb277d78c77f1e8821df55e43a1841f0bc1f88e2b79f25aa0b1bb350bad2421d0e40d211315cdf466a7193e659692d0ea1a0ca4beeb739d70f3da971ed8fabd4b1cb498badf9193122867e9e53d783803bea438b316c391da3cbcf9be5daf64bf0fbf1bc3296dbb29384460a0783bc0672556e1c50b67686efcc1abd08a033456499b76ac6996051bb627fb2d5f3b026a2051091046b121fcef6b044b0d6b3db61a3f53136070912e093c080446a46888429aa2f768723fe15b11f9b1b998c27171e84fbb7a631ca6729e51c230ff7217305b28f56c0e21fe06f2e2980ccbfa2a1c002cb3af908be3fd9e7056762aba72ae1c77ebce61812557a3bcaf1bb5c2f85641d7fa3ffe9b0db994b54183a6c813fbce94282713b3d4ca730557d335d78fb65f3c910f8827d92beba7fd8d9154cc04f86a075244cfab0892bf03aea65bd64fd08cc6b4816b4d8eae7a1f18f8f424cbd6915be71541627ceb1b09a7860e3abf81a20872639243b7b421baf268a0d1ea4414ac40427c93da918362e1f83e7f86f10d820ec486eb9d2d3474875c494ecbf56190c1b5196c048005491d654a1f82411adaed8537becc882ca8a5e306c04b49ed28907869734099f6dc978b3aa76c27605dccbd1da1bdd3ee80204ab33f320016f5735e4066f6f0950737d785ec52f6376878ab782789837e050594e8b9f3a3a06d93b709c2f665065ede5e3803aa3bee4dd13e0e5489eef2a2442e714cc236a7935e8361f508114d06632655e55b3a2d173d3d5e8cc25c1e33169547ecbc6803f9a4e53e2139af8b0067f971db671f3e87c421c4c3249628dd33a333cc331024e07c58cf61b9062ba5093163a79ca263084dcf975e57da2ebd8ec691d0334dad1cfbcc0344ffedc0cfdf133885df0c582a7a35a923ad19f619f4b2e2588c2bb0f9f5ac3479c5344b0c6f45a8660363b0412155c842d3ee6543c1556809c4bbf4319d7e5f747bc6478a5709a3167f660d17954ba2a1b7a0396f1857f25ffd4eec6bc4342c1a6269a4788454a0fddba9ad7f8b787af68df11df4433941a63d5b067d1a99a867928ece8c71424b03f947b700dd24e513fefe694d0247e77b9d4c3357bf1020696683a0ab3a069fe23511f121f67b29d3945ad37d06d53d8541833099255f3c657ea5f52bff11c064ece91bb38a30c83cbfaa05022b216c20f8de0a0de945461b66e0454393f69b890d0a0b63df186589f56e48ae4bd2445f7630ca8b1c01a361d25d3202f26656482f6fdfbca422a62e2fa6eb4d6034df3c7e4914aa6f49e0b2b66d1ca4bf4f88322919f2657a60fac3273f5364056469733c95bf975662b7442deff70dc9d090278b67c4669430c217289c813af2f7db8e5a94134d5912df7d323a021b6756d779510bd0fb304a1fca4796de2cd5cea36bf23c396e34a4e47e76933a3b598d59c4e75836f303515874f0bf3674707703964ce7704779469826acf5db01d83cee53a2fea9ff15ddb1dd3d5403c1f5ed46d2e34b06647f36e11fc429620b548bc2907c78eca8459d86c6e8fdaafbc0e7cab4078d56ae6b93f2bfa1c608e4616425165be62bdc4bf79ad0095983897104435ebfb49d69e7400e6e9b4275abd4a0b8a09aa34708c87a8d66bef1904998395212b0336983a1e343dfdebba75247d210465cbcd1d8cc330c0448de4a5048f31bbb424df96ebd49c1b4c952e55d95690b0516a09e0c67edc10f1f5cac86d35aa0c4753884bf339874c204e86b604d2a7dba9ab2bf8d8303368d962954f7cd4aaf63a40204c5a864c3e5fe93a34d717d34a7cfa27d5bc3fde7b76cdcd6fc90c1961e80db89d47263c5d33a37498d7e138e83fd59fe05931be850c6e665f359cb9beca18f696e3342f71447e1cc881696ea217b90cb92ddfa2d6f11e11ea544963100eb82f60642ed041954b6891c3e0beac4fbbe8d33d351a6f1bd0b140a2b48dfc3638e3debed6c610054a905bd9011e7796fb1d594e51114a2c96fc07c811226f923ca3d6d6804df0b0bb41d905a589d3ffccce7f3b36a1f038ae3bed274b3f2082567c9bb1e134f73e58d22dd47e47d29c64db1d88723d3b62311013030dac88236e12bba0d0a4f936c525e9fec2aa3d03354f528e1d9c7a468f036cc952d67fb04af5d2fd763b5ecfab2cd1347567cd97c97687e26a227eb2552f7a8b1daf1703d8e3ad4bd7b4115a764e99fcc21e9228644421e04357aee70bc713b8559a1e81810a7581872981b8bc901cc4a3144edf7728a99b8530c3faa250da156b902dd5eb5fe0037c178a3024b1d78339e5a19582176f9589a62f5d88b2bf99341a237ab6b05077a6c7753e7990dec46199c82c10d8e53c99f4a9f55576afbabd7e4cac5761555cac631d8cc2b7a140744a2a2710f72820aefcac708b6afdd77250da5cc527b5287a629c1ca92c71f369aca4eef504315b3b8e458cd681794e28a423ddd63b7991995926ff999bdd6d1e87b63267ee9f3359a710d84fd9bf7d93f3d54039dd7970b25b9a56010427e9ea574c4b8d5872962e467fdcb440316076312bf26760625c8e856f13e0aaf8d11bde00711db9ba1c17f8a617153ebbdfa6de55e5a0a0375b679f87fd6dc1cbf6602133c9bd79e2a5b4e002e44dfc0cf17f995e9effc3832fe7c390ad34d727e1f8a61d17fdc10c2fd1e79e580d847ae3acabcdbf4e2f6e95c1e6d9d2d2118a90c21c49f91aa71992263bc3d394c8c66b8e2063e112b7bc295c1b3918021df809196f85f5a9008f24ff73542baebd0bfab39448e256716b5700f081f7e92d2eee962ea08635a864ea32e98e7cdde9cf368165d2ddd2c3c308115b93802d226a7a5c904b1eeb3f89caa2e385bdeb9153ee8f8e19e2d63eb52f814a67cc2a18df650777e3920ea908b012b2943891ee2b63190ae992b8191a63db2574d8aed224afa848cd80dd84f8d499c9f79023f3be068da3f17e83c96a8ac1013f7b3d0f3d7e79d3e19b34f32e54f7e1e606f0ca8b2eccefe17ebf906758e103afae112f2082593d31280577b5ed526675e5ccaf5245911fb9e60bab0ce3d3f33204a6a7714cf23ec421f3701fa1fd70cde599e5d9e03ae0adcaf3902890cbb7e47063a19d798fccffeb09cc43416a1015db78ec3363a9373571558903fb4c89b378ed763045d05529db09b616e4fd204e1aaaa8b662f8b9a9574696101bb1a818080dacbe30c05981f3b6b8006cfcbb40f906dcdd27f8a93c9280408c263db07048658ce1c828a9a52aea0e6f641c2dcaf33727f051b5d1c4a8c9b3d18322bedf3d6513e1951fcdf9dea6f97455f210b24b6a18105d43cc16a3cc4716922db0b9912c0160dc8e33d6595d230cb431d1e98f44fc7cc1625f141b68ae63e0b08237e71b28b46586092b6ed73236959f60d053fe428fa6b3752f988867d44472c17a5690c5807e13a180c7afb5b714dc8a0a47435277282b582464d23acb7741757e2ba765ec4a116eaa6b44e645dd70ceac326c70a30d12de6bffae8cfc3b04fabd4ab2a0de2c09c65f333251a8e5e2eae1c10d6869dce19e14780a685be8cbd6f3103c3539888f42b2c40e60283657758bacc0d4183c61343a94ab62e15c7835d353070ee5f6877e9ee5930f758ba991ec1f057187956c718c0bac45557054ae25b410560696705657fa413eae047ca12bad27344a7", 0xd7c}, {&(0x7f0000001300)="bcd1c0823335e95477b992142fcbd665274a5107ad3de2378186a6e38e9b632341ce2c140ca8df219133767670a0015a9b75771ca3bd01b88a4ff30e11c66611d7a2dfc2ab2b3cbd0a2ed97997292d276fa735b36bb96779b8a39c06d940ecbd0e5921f57dfff52fda5a47ce6c8223b9bcb4426b3c2d8c39cb23001f7de518ba466028c7f9696e75b2e3ec6170660f867058fe620c91b1b0ab8655fb941e30", 0x9f}, {&(0x7f00000013c0)="79fd86b0a2b375e4b827079a16bed357074d029317f30f9a97e5b7579f0830c3faa370d01a45ad6abdd329073187de5a1ea73f4317f003b5c889143d456f5ebaa699ec942f6636499ab7383cce2dbac8b092854c4e9a7e63a4a6764b5777f09519f4265b83595b579800e1618d796b8ed5edbb4bc8d7997ec2982b1f797e72730588ab9cf1382a8a115d60dca668a4264e8110e380d195c29bb3e137fc88f430f79f", 0xa2}, {&(0x7f0000001480)="f10c315d3914e8422bc9b81e2ce663e825ddf9b8509c660aa68a7267a67c123096f1f80fbb003db28abe73598033d6bcdbd8ecb6e1863a5adab497ecf6a763dc81f5e496859b9f25435dd454a13ab6b51edbc0db245ebe7716f206c1d779143d", 0x60}, {&(0x7f0000001500)}], 0x8}, 0x4000000)
r5 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r5, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0xb}})
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001680)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f0000000280000012949a798ef6d06619fd04e5c365e322fe67116028fa3e280f5c19", 0x47}, {0x0}], 0x2}, 0x400c040)

6m30.974467631s ago: executing program 4 (id=257):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c00)=@newsa={0x13c, 0x10, 0x713, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@private=0xa010102}, {@in6=@remote, 0x2, 0x32}, @in6=@private1, {0x0, 0x3, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth_trunc={0x4c, 0x14, {{'sha1\x00'}, 0x0, 0x100}}]}, 0x13c}}, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
add_key$keyring(0x0, &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r2 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
finit_module(r2, &(0x7f0000000200)='/\x00', 0x1)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0c2000003d0007010000000000000000017c0000040000000c00018006001700800a0000e81f02"], 0x200c}, 0x1, 0x0, 0x0, 0x4080}, 0x0)

6m28.456194058s ago: executing program 33 (id=238):
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e22, 0x3, @private1, 0xffffffff}, 0x1c)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
dup(r0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f0000000100)='asymmetric\x00', &(0x7f0000000080)=@secondary)
prctl$PR_GET_ENDIAN(0x13, 0x0)
keyctl$get_persistent(0x16, 0x0, r5)
syz_open_dev$usbfs(&(0x7f0000000c00), 0xabce66e, 0x141402)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0xc0)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
r6 = openat$smackfs_cipsonum(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/smackfs/doi\x00', 0x2, 0x0)
writev(r6, &(0x7f0000002680)=[{&(0x7f00000025c0)='8', 0x1}], 0x1)
dup(0xffffffffffffffff)

6m28.347720173s ago: executing program 4 (id=263):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$sndctrl(&(0x7f0000000200), 0x1, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
openat$audio(0xffffff9c, &(0x7f0000000100), 0x80000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r3}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
memfd_secret(0x0)
r4 = syz_io_uring_setup(0x19f2, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x1de}, &(0x7f0000000140)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x2f, 0x83, 0x20, 0x0, 0x2b, @private1={0xfc, 0x1, '\x00', 0x1}, @private1, 0x10, 0x8}})
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$key(0xf, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r8, &(0x7f0000000180)=ANY=[@ANYRES64=r7], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r8, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x5c, 0x0, r8, 0x0, r0, 0x3, 0x0, 0x1})
io_uring_enter(r4, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

6m25.546875526s ago: executing program 4 (id=268):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_io_uring_setup(0xec5, &(0x7f00000008c0)={0x0, 0x0, 0x400, 0x0, 0x4}, 0x0, &(0x7f0000000040)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x40})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000500)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000080)='./file0/../file0\x00')
open(&(0x7f00009e1000)='./file0\x00', 0xc162, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
read$FUSE(r4, &(0x7f0000006380)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000040)={0x50, 0x0, r5, {0x7, 0x1f, 0x103, 0x51964420, 0x0, 0x7ff, 0x1000000, 0x0, 0x0, 0x0, 0x100, 0x7}}, 0x50)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x10, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000040)='./file0\x00', 0x44, 0x842, 0x23456})
io_uring_enter(0xffffffffffffffff, 0xdb4, 0x0, 0x0, 0x0, 0x0)

6m22.350530203s ago: executing program 4 (id=271):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045503, 0x0)
openat$vim2m(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
mount(0x0, &(0x7f0000000080)='./file1\x00', 0x0, 0xc0ed0000, 0x0)
rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)

6m7.102891738s ago: executing program 34 (id=271):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045503, 0x0)
openat$vim2m(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
mount(0x0, &(0x7f0000000080)='./file1\x00', 0x0, 0xc0ed0000, 0x0)
rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)

2m59.09713141s ago: executing program 6 (id=548):
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
r5 = userfaultfd(0x80801)
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000d84000)={0xa, 0x2}, 0x1c)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000200)='./bus\x00', 0x100)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_auto}]})
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
sendto$inet6(r6, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x18115, @rand_addr, 0x983a}, 0x1c)

2m56.680034684s ago: executing program 6 (id=551):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r2=>r0, {0x1a3}}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'})
lsm_get_self_attr(0x67, 0x0, &(0x7f0000000080), 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='fdinfo/4\x00')
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000100)={0x2000001c})
ioctl$UI_SET_MSCBIT(r3, 0x40045568, 0x2)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r4}, 0x10)
mlockall(0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(0x0, r5)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_PMKSA(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000012c0)={0x54, r6, 0x623, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x3}}}}, [@NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0xff}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0xa}, @NL80211_ATTR_FILS_CACHE_ID={0x6}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x80000001}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x54}, 0x1, 0x0, 0x0, 0x40040}, 0x4004000)
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r2, &(0x7f0000001200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000011c0)={0x0}}, 0x4000)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
r9 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r9, 0x0, &(0x7f00000000c0))
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, 0x0)
sendmsg$NFC_CMD_ENABLE_SE(0xffffffffffffffff, &(0x7f0000002240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10880}, 0x800)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4458c}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_NET_NS_PID={0x8, 0x13, r1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4015}, 0x0)
syz_open_dev$vcsu(&(0x7f0000000000), 0x7, 0x52d882)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000002200)={'wlan0\x00'})

2m53.611584303s ago: executing program 6 (id=557):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000300)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x5, @remote, 0x1}, 0x1c, &(0x7f00000001c0)=[{&(0x7f00000000c0)='K', 0x1}], 0x1}}], 0x1, 0x20004011)
syz_io_uring_setup(0x748e, &(0x7f0000000780)={0x0, 0xf1eb, 0x8, 0x4, 0x1e4}, 0x0, 0x0)
pipe2$watch_queue(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r1, 0x5760, 0x15)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x14)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000180)=@assoc_value={0x0, 0x6}, 0x8)
memfd_create(&(0x7f0000000380)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x05aCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1dw^\x8c\xb8\xc5)\xc3\vM\xb1pK/v\xb8\x83\x03\xae\xde\xc3\x9c\x89\x1e:\x8cc\xc9\x94U\n\xe3\xb8\x95\xb6\x13\xf1E:d\v15\x1f\xb8.\xa3\x95\xe7-Q{\xacd\xb3\x9fd\x1eOvG\xe4\x92\x90\x7f\xd6J\x9b\xff\xc0\x941', 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r3, &(0x7f0000000000), 0x10)
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f00000000c0), 0xf00)
setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, 0x0, 0x0)
r4 = syz_open_dev$vcsn(&(0x7f0000000100), 0xb, 0x500000)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000140)=r4, 0x4)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$sock_linger(r5, 0x1, 0xd, &(0x7f0000000040)={0xa, 0xff}, 0x8)
connect$bt_sco(r5, &(0x7f0000000000), 0x8)
shutdown(r5, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r6}, 0x10)
getdents64(r4, &(0x7f0000000600)=""/115, 0x73)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='tlb_flush\x00', r6, 0x0, 0x10000000000000}, 0x18)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
r7 = syz_open_dev$audion(&(0x7f0000000040), 0x1, 0x222700)
r8 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0), 0x411c00, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000680)={{{@in6=@local, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in=@empty}, 0x0, @in=@empty}}, &(0x7f0000000340)=0xe8)
fchown(r8, r9, 0xffffffffffffffff)
openat$cgroup_ro(r7, &(0x7f00000000c0)='blkio.throttle.io_service_bytes\x00', 0x0, 0x0)
setsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000080)=@int=0x7, 0x4)

2m52.804743084s ago: executing program 6 (id=561):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00'})
socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000200)=<r1=>0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = inotify_init1(0x0)
poll(&(0x7f0000000040)=[{r3}], 0x1, 0x9)
r4 = syz_open_procfs(0x0, &(0x7f00000023c0)='net/tcp\x00')
read$FUSE(r4, &(0x7f0000004440)={0x2020}, 0x2020)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae09, &(0x7f0000000440)=""/147)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpgrp(0xffffffffffffffff)
ptrace$ARCH_SET_GS(0x1e, r5, &(0x7f0000000040), 0x1001)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r7=>0xffffffffffffffff})
connect$unix(r7, &(0x7f00000003c0)=@abs, 0x6e)

2m50.990476795s ago: executing program 6 (id=563):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, r0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000280)=ANY=[@ANYBLOB="7912b8000000000061138c0000000000bf2000000000000015000000080063033d030100000000009500003a000000006916000000000000bf6700000000000066060500fcff03006706000002000000760300000ee60060bf050000000000003c650000000000006507f9ff01000000070700004cdfffff1e75040000000000bf54000000000000070400000400f9ffad43010000000000d5000000000000000500000000000000950000000000000032410000000000000054bb12dc8c27df8ecfc7bdd2d17f2f1754558f22dd399703d6c4f6f3be0b369289aa6812b8e007e733a9a4f16d0a3e1282ee45a010fb94fe9de56c9d8a814261bdb94a05000000c6c60bf7a13ba1fcf1111ce4fc0d742a81762bab8395fa64810b5b40d893ea8fe0ffffff7f1b546cad3f1d5af65706fd4f68795cce6cf16ab689b555202da2e0ec2871a51445dc8da39e5b0ab71ca9b901627b562ed84b026002d4519af619e3cca4d69e0dee080006774a8f3e691700ec88158f02001b0000c81c8b297dff0445a13d0045fb3cda32a673a6bb55d8c80800dce431e56723888fb126a1403d2b63f16fb2ad9bc117aba7cbebe174aba210d739a018f9bbec63222d20cedbc4d03723f1c932b3a6aa57f1ad2e99e0e67a993716d20000009f0f53acbb40b401e3738270b3156268784f2af9e4bcf8b07a10d6735154be1602f9dd1d7d4301e00000000000460bcc5989ec85e3cbcb6bcfaf0000000000000000bc00f674629709e7e78f4ddc211bc3ebf0bd9d42ca019dd5d0861cd64722cf74686ebfbe2562671cd47840f81d2a8f8f9be3bcd19dc6840aa7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7eab049b1bd47287cd31cc43ea0ffb567b40407d000000000000000000000000005f37d83f84e98a523d80bd0d0d703f37ca363f601ae899a56715a0a62a26a0f6a5480a55c22fe394ae0000000000000000000000000000437d57defb79ea000500000000000000000000f014a4a318ba48d35ae9f438000000000000db894b62a614cb1fdd46619c5d2200000000000700000000000000000000006dcd2f421400f69947e4f26e099c9e8369080663c909b7e7c87e3b5e8e5a6df77c8f7338cd5a85f211a41b5d529d4243e47d7ab0d5991756b59d363ba30b18fc2ff189a4e8db38ab97c6a125e2785619e84c6a2b50f0e3ff83ef5149aff43dc899fdebdc2c496e6bdd4dd4d21f06fe133f4444272c5f0839ad663100452a6c6b6421f7e89a33b339401eee2cd466ab2a93a1ee7fb8a9e455ba1c6e17b02a1cd7bf35d36cf5b2a0f063469ae0d0b9fc042b48e98626eb0f9754d8cbbefa3079fe63063047baff09e9aaf7600000fba9a88db9ebef86f7cb522a784bb6d37e5f802757a15c6735138b493db9df53440a63fc565a0b190a710ae1e6807cbeb415ac841e94b706974160a60a14e571274f333d23186143b95514c79b50994cb39cda343bda8f01cf8ec7cdfdace0289e83ce50a57d68bfecfaf69fe7ff5b0375a47d3eb57b41d8a0589b82a1cf1149ba3f21ea2b65433321eb1a6f04ecc713c2b26d27baa49e54c2babec86335b9f418b5a5eb997bc9dd65197124b9aa80fc4aa8defb986bf05c41b919886bb81ecd3d24cf9ecc7004000000000000002c70d32f5d55ef2a2cf7560cb2884f46a92b3c25550f73e407fc5d514b2b7a6b690e290e676266addb7d96e723dec9c418eec8c48dffb6f432b4d5fef16e4f0051ba7efc690022c3f62b37cb5682d8bfdfc637ad3bf089ef0117bcd395322fcfb8e8e0a6e2babceb5f289b1d991770681192bcd0b584c3497e455f30ab918a690514a87a7d8e1d5f169a4e680e9c390071d26f2e0e26fc062f2785f14c0404fe01fb4000000000000000577dcb1698a9021a36d73ed03651c1937b2c84046023a1a0a87b208e33ad2d7c2892b176877264e1d699b7401eb917b289f6f67060fda0fa44b54bd87517a2bf09dba7209e41db4288b61bda5960952c45e5c55f2cd68bf9c6ff33e46109584bf42e8696ef1876564fef6f24cbbed0db8ab7fda1ffcc8c9fd4ab2cbe8f8df8e5535b12a942a948eacdaf308d48932064cfc3329da74f6f3e4409d6764a29680e312bf1a0143180e6493c9201ea916e6c9b2566c558ad88d9f7c0aebf82f5807eecefa97ada9bbd9e478e5d7748ee188bc719ca7a73dce5b6758a767c4c6b7572ab25eb2d73986379d5685cb438fe7091d097cc8f33fc0f83dee76603d6580f1c8fc4c37efd305ccc5a25678180425718bb9344e60dda8dae2677bb602d29aa0810616a2fdbca7020d72291b592b84223e2522ee01f5bdaa0fc4eb8d71d948a2baccf3ea2aa79d4d9069d8c0000000000000000000000321cd67859b4567badee56f158406f08683bdc5ffe2dedc916000c71f922fa2dfead7535999436a4aeb908781893479319b8b55e00d90ae6f09f06be2a0fc0bc17bef53331208112a0132350c0c5dd4607547079acc9471300dea6ae01742dccdae69f932cef80bca1bfcb57b9c852cf8358a580044772a80f20de36f707385380155be8907029d039a1d1447fc06b7020221e0d439f3f47edcf12f913dc8b6389a540340ae37804728ea65352e630c2e90424d58d72fdc1b28403e1dc7aad238b81df3b2d4166d656c6a9c73554bdf4f7312a4c0271e0eb45b4a596b7fa928ac3683f09fdaca46226c1df2c6c866cb4412d17d3d52c38cf0f7bd3b0eea2d4e06d061bb1b7c8c52f37f4036932d00028abd4527ffd639d7b16860033754ab13419429e5e39f290751ab6bd9392aef5519cd8c16e1f1cb1f225cc84a1a62497c1e436142fe28048a2b4d133905814a1808bc5b3e45eaa9eaebd946bee806968aeeb5a9eed87eba3d25d0b412a1b4cf2d419a58b09fc275c4395a0bd332eb538321465043e5967dd22459d0f52190a37f93ab823431a81fa6f54de61637fd473e19a6f567fead100e7d8cac149b66ebe9973af846146c62065a64854ed21e8b6f6fbe78474b753915a42efcb7da8ad18bacff8d69e0af1ca1f8174530a21820738412b100b54ee9b4a0dc22d5fe1cadecaea73fbfad087b19ce53177488d230539c5174f572a539d9d7c42698aa82bccf030ad393f25c10baa17e919f647d0e31877b7a6c1d8d86583f884a0c1da07b9b6dced06cdeb0094aa635a82f233b5993926b8970a0840ba116a7d20a40efb3bd03c4bdf380a2510a0a1ea69811ded68943c71218b42783b38959753978f222e1396b9b36dee2ce205122a000577cab29f48bff4f88c417e6bf5fb430d925596f29aca8677ca5a113aeaa5e0252ca17244d6c76e78ff1bbd81a71c4dfc72431d7f1126f8bdbf4056ee0f58a1bf83d53b1de07489541182dc4ee0f573c25b6c15dad930bc7a770b5a4f407d7a879db7185f15f80100000000000000739cc97db66ec6b925955d9a591808947fdd8d484ad27353230a449fdf87fc46c73b852fec931cfb6718acf3315bf5e577d00beb77c5514bc05d576a81345a03ad7aae74c5d2b77d45718348aed4fcbcd1441ff31b8f038824a989a9446a4a69367b228b3d174230b7320fc4d3c03368db573816dd0c04e65d6f8ce48283e76abdddbb965e0b2568e93c9cc5494a55421793f562c50c53f876cbde93c5cc7a3099c99d9775af010ba093f8a13b771782a3cfb24fbde6ef763e20c613164ab014d1906c4e098f1431b6b2886a155c4bac2911d7ee6a646f5913205ebd175e68975b93c330e4f9131788026b3b7cd5b6452c9e17452ac70000000000000000000000c71185f72436640fd4294fc3da230f9065095be47d7a848df12316c3c8b184fe110b061987fd79cf7d83443e69d08e2e839ae4fbe26ef7764f4870ef3bd0ec12eb45f60ca10dbfe329271f0bc93b28798e982e0dd32fc14bd4313c63b2dbb568f33fb45acad2dc7f438ea162c0709c0bbe1ea13e1e47399286e8143f400d7adf5f891f547c7e69e455706626814ee49274667f47769293451fd49885a152b8d2cf18febc7993f4a93893c6c7b7e46a230359ef2443e6bb9f50bb0faa5eaafd3ed6d551600c46b58a29fd7ccbbb0616f0be27302b683eccd742791d97f4a1daa0447f004426fd09b67d926f51525da63987bc73af35b28277879089b89fff6edab2fa1caf660a46a1a9f09e2d255b1c4be95c7c33dc81857f580e36c0a78d94dd879ee18de4a6475858d2ded2e3427ae007cc6f8e5e99aa146667f71ad83f3ddcf5db2dc396d7da499b65cd98125f20c284fc84d6a70be1de44b49c82022225292199c75cc26beab98dce4c331ed722f01d0d6314a72416814a565f4d90a5f8a255810f23541082f4b06f451e4724cd882f4d589600000000005854ca490d7df9cc293547c9a51aecc7a92f417f6a4d327737f1b198252358832dbe43507844a0cc112af4ce457c173fa64174ffd5ab9501eeb85508ebb60e169c0736c5960f2fe0879c77fff7b241439686cb4db435d6a7aa7c1f4a6433e77d3e547bbe6cf5b5d93a491ab4bba1ea7a1e6f37618b1d74cff3630d85a210092211be1ec12a30891eef590b19cdde055d626818c64e1c56b8918f33441a64b54946571b7bc70fb065d3bb1647f6f989ab8159e6d1cfa6c0ec7329d7d2263ca22144bf17d8692f03b592bd0f610096094da096233984e95b9a8216a6e60a104ae0bb5f77ac70b4390ea2cb6f6c40c928fae489f447240a25fd0a5bd9d5b6cd2a98f8804862922c11229c4e45c765e4d3348af3d3aadd5cc24b3943"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{0x0}], 0x1}}], 0x1, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='comm\x00')
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = epoll_create(0x6)
r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000040)={0x10000008})
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000140)={0x0, 0x2, 0x4})
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000200)={0x80000000, 0x2, 0x1})
syz_open_dev$video(&(0x7f0000000580), 0x0, 0x0)
pselect6(0x40, &(0x7f0000000000)={0xfc}, 0x0, 0x0, 0x0, 0x0)
r5 = epoll_create(0x1f)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000080)={0x200a})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r5, &(0x7f0000000300))
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000000))
bind$l2tp6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20)
syz_emit_ethernet(0x8e, &(0x7f0000000240)=ANY=[], 0x0)

2m46.628539466s ago: executing program 6 (id=569):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x31, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x5, 0x1000087}, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$sg(0x0, 0x0, 0x8002)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
ioctl$sock_inet_udp_SIOCOUTQ(r4, 0x5411, 0x0)
sigaltstack(0x0, &(0x7f0000000080)={&(0x7f0000000040)})
r5 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CONG_MONITOR(r5, 0x114, 0x3, 0x0, 0x10)

2m30.362444049s ago: executing program 35 (id=569):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x31, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, 0x0)
syz_memcpy_off$KVM_EXIT_HYPERCALL(r1, 0x20, 0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x5, 0x1000087}, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$sg(0x0, 0x0, 0x8002)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
ioctl$sock_inet_udp_SIOCOUTQ(r4, 0x5411, 0x0)
sigaltstack(0x0, &(0x7f0000000080)={&(0x7f0000000040)})
r5 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CONG_MONITOR(r5, 0x114, 0x3, 0x0, 0x10)

34.001241909s ago: executing program 2 (id=1090):
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = socket(0x200000100000011, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_LOCAL={0x14, 0x2, @local}, @IFA_CACHEINFO={0x14, 0x6, {0x40000000, 0xfffff001}}]}, 0x40}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@ipv6_newaddr={0x2c, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r4}, [@IFA_LOCAL={0x14, 0x2, @local}]}, 0x2c}}, 0x0)

33.806215851s ago: executing program 2 (id=1091):
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x8910, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
utime(&(0x7f0000000080)='./file0\x00', 0x0)

32.930145746s ago: executing program 2 (id=1093):
r0 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040), &(0x7f0000000080)=0x14)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe05000000000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sched_switch\x00', r5, 0x0, 0x3}, 0x18)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000680)={0x0, 0x40, 0x10}, 0xc)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x3)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000240)={0x3920e, r6})
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000006c0)={0x0, 0x0, 0x8}, 0xc)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xd, 0x14, &(0x7f00000006c0)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8", @ANYRES32=r8, @ANYRES32=0x0], &(0x7f00000000c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x17, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3}, {}, {}, [@btf_id={0x18, 0xf, 0x3, 0x0, 0x4}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @initr0={0x18, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x8}, @btf_id={0x18, 0xa, 0x3, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0xc3, &(0x7f00000004c0)=""/195, 0x41000, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000600)={0x3, 0xc, 0x101, 0x3ff}, 0x10, 0x0, r5, 0x6, &(0x7f0000000700), &(0x7f00000007c0)=[{0x4, 0x2, 0xb, 0xb}, {0x2, 0x2, 0x8, 0x8}, {0x5, 0x5, 0x10, 0xa}, {0x3, 0x4, 0x3, 0x7}, {0x2, 0x1, 0x7, 0x9}, {0x2, 0x401, 0x7, 0x8}], 0x10, 0x40, @void, @value}, 0x94)
r9 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r9, 0x112, 0xb, &(0x7f0000007480), 0x2)
write$binfmt_elf64(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="7f454c460000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000380000000000000000000300"/113], 0x78)
close_range(r0, 0xffffffffffffffff, 0x0)

31.358191023s ago: executing program 2 (id=1096):
r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0xa00, 0xf8)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000001b00), 0xffffffffffffffff)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040ed5000410"], 0x2d)

28.088522991s ago: executing program 2 (id=1107):
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x218002, &(0x7f0000000440)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}})
move_mount(r1, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

25.426633947s ago: executing program 2 (id=1109):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000300)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB='\a'], 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001940)=@newtaction={0x60, 0x30, 0xb, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80006}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x60}}, 0x0)

13.384550187s ago: executing program 8 (id=1140):
epoll_create1(0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
r2 = socket(0x1e, 0x2, 0x0)
r3 = getpid()
prlimit64(r3, 0xe, &(0x7f00000000c0)={0x9, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=@can_newroute={0x34, 0x18, 0x1, 0x0, 0x0, {}, [@CGW_MOD_XOR={0x15, 0x3, {{{}, 0x0, 0x0, 0x0, 0x0, "8ca5be073cff296e"}, 0x2}}, @CGW_CS_XOR={0x8, 0x5, {0xfffffffffffffff7, 0x0, 0x8}}]}, 0x34}}, 0x0)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, &(0x7f0000001500)=ANY=[], 0x10)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a)

12.474472543s ago: executing program 7 (id=1141):
bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x3, 0x10004, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
pipe2(0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=ANY=[@ANYBLOB="64000000020601020000000000000000000000000500010007000000090002"], 0x64}, 0x1, 0x0, 0x0, 0xc040}, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x101202, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x40000000)
r2 = io_uring_setup(0x6280, &(0x7f0000000080)={0x0, 0x10000000, 0x0, 0x0, 0x1d2})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, 0x0, &(0x7f0000000080))

12.432454457s ago: executing program 5 (id=1142):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x1, 0x1}, 0x18, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
r2 = landlock_create_ruleset(&(0x7f0000000040)={0x1000, 0x3, 0x1}, 0x18, 0x0)
landlock_restrict_self(r2, 0x0)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)

11.629806858s ago: executing program 5 (id=1143):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8000)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r3, 0x40485404, &(0x7f0000000040)={{0x1, 0x2, 0x6, 0x0, 0x4}, 0xfffffffffffffffb, 0x6cd})

11.332436131s ago: executing program 7 (id=1144):
r0 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040), &(0x7f0000000080)=0x14)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe0500"/16], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sched_switch\x00', r5, 0x0, 0x3}, 0x18)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000680)={0x0, 0x40, 0x10}, 0xc)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x3)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000240)={0x3920e, r6})
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000006c0)={0x0, 0x0, 0x8}, 0xc)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xd, 0x14, &(0x7f00000006c0)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8", @ANYRES32=r8, @ANYRES32=0x0], &(0x7f00000000c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x17, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3}, {}, {}, [@btf_id={0x18, 0xf, 0x3, 0x0, 0x4}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @initr0={0x18, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x8}, @btf_id={0x18, 0xa, 0x3, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0xc3, &(0x7f00000004c0)=""/195, 0x41000, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000600)={0x3, 0xc, 0x101, 0x3ff}, 0x10, 0x0, r5, 0x6, &(0x7f0000000700), &(0x7f00000007c0)=[{0x4, 0x2, 0xb, 0xb}, {0x2, 0x2, 0x8, 0x8}, {0x5, 0x5, 0x10, 0xa}, {0x3, 0x4, 0x3, 0x7}, {0x2, 0x1, 0x7, 0x9}, {0x2, 0x401, 0x7, 0x8}], 0x10, 0x40, @void, @value}, 0x94)
r9 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r9, 0x112, 0xb, &(0x7f0000007480), 0x2)
write$binfmt_elf64(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="7f454c460000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000380000000000000000000300"/113], 0x78)
close_range(r0, 0xffffffffffffffff, 0x0)

10.522670886s ago: executing program 5 (id=1146):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = userfaultfd(0x801)
r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='oom_adj\x00')
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000280)='0', 0x1}], 0x1)
read$FUSE(r2, 0x0, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, 0x0)
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00000f9000/0x4000)=nil, 0x400000, 0x2, 0x2})

8.483528289s ago: executing program 36 (id=1109):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000300)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB='\a'], 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001940)=@newtaction={0x60, 0x30, 0xb, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80006}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x60}}, 0x0)

8.459268361s ago: executing program 8 (id=1148):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x44850)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x1ac, 0x111, 0x4b4, 0x0, 0xd4feffff, 0x2f4, 0x20a, 0x278, 0x2f4, 0x278, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@TCPMSS={0x28}}, {{@ipv6={@loopback, @private1, [], [], 'veth1_to_hsr\x00', 'veth0_virt_wifi\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = syz_open_dev$mouse(&(0x7f0000000180), 0x0, 0x0)
readv(r2, &(0x7f0000000240)=[{&(0x7f0000000000)=""/56, 0x38}], 0x1)
r3 = syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000000240)={0x24, 0x0, 0x0, &(0x7f0000000280)=ANY=[], 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)

8.458535362s ago: executing program 7 (id=1149):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0x45c6d381)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
r5 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x200000, 0x10100}, &(0x7f0000000180)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r5, 0x2def, 0x4000, 0x0, 0x0, 0x0)
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
semget$private(0x0, 0x2, 0x5a0)

8.281059677s ago: executing program 5 (id=1150):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffffffffffdc5, &(0x7f00000002c0)=0x800002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000180), 0x610080, 0x0)
ioctl$TCFLSH(r1, 0x400455c8, 0x2)
socket$nl_rdma(0x10, 0x3, 0x14)

7.050527984s ago: executing program 8 (id=1152):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="0100"})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r3, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})

6.876115319s ago: executing program 7 (id=1153):
socket$inet_dccp(0x2, 0x6, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000140)=0xfffffffffffffffe, 0xb, 0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

6.274444815s ago: executing program 8 (id=1155):
bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x3, 0x10004, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
pipe2(0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=ANY=[@ANYBLOB="64000000020601020000000000000000000000000500010007000000090002"], 0x64}, 0x1, 0x0, 0x0, 0xc040}, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x101202, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x40000000)
r2 = io_uring_setup(0x6280, &(0x7f0000000080)={0x0, 0x10000000, 0x0, 0x0, 0x1d2})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xc}, @hci_ev_le_remote_feat_complete={{}, {0x0, 0xc9, "18d040519ed62cea"}}}}, 0xf)

4.333685072s ago: executing program 1 (id=1157):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f1ea3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b2213fdc2881e1a6ec9d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232f0485a2ca9f37fc9c3d2688efcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdcdeb2af1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f925f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5c49209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378ad8f6afb0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400a7242dc207251e8797eca24ea4f487663e60f2f5e1f142"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r4=>0x0], 0x1})
ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000001c0)={r4, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r3, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[<r6=>0x0], &(0x7f0000000280), 0x1, r5})
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000380)={0x601, 0x1, &(0x7f00000000c0)=[r5], &(0x7f0000000200), &(0x7f0000000300)=[r6], &(0x7f0000000580)})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
close_range(r0, 0xffffffffffffffff, 0x0)

4.074597851s ago: executing program 1 (id=1158):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10)
socket$nl_audit(0x10, 0x3, 0x9)
r3 = accept4(r1, 0x0, 0x0, 0x800)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
epoll_create1(0x0)
read$msr(r3, &(0x7f0000000240)=""/36, 0x24)

3.606296955s ago: executing program 8 (id=1159):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
ioctl$sock_inet_sctp_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x800, 0x0)
ioctl$PPPIOCDISCONN(r0, 0x7439)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r1, 0x2c9ab000)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x1000, @loopback}, 0x1c)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48850}, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r5, &(0x7f0000000480)={0x18}, 0x18)
write$FUSE_INIT(r5, &(0x7f0000000600)={0x50, 0x0, 0x0, {0x7, 0x29, 0x3, 0x0, 0x4, 0x772, 0x7, 0x0, 0x0, 0x0, 0xa0, 0x200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}})
io_uring_enter(0xffffffffffffffff, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, 0x0, 0x20842, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1, 0x12, r6, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x21000000003c, &(0x7f00000000c0), 0x4)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

3.272995649s ago: executing program 5 (id=1160):
r0 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040), &(0x7f0000000080)=0x14)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sched_switch\x00', r5, 0x0, 0x3}, 0x18)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000680)={0x0, 0x40, 0x10}, 0xc)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x3)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000240)={0x3920e, r6})
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000006c0)={0x0, 0x0, 0x8}, 0xc)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xd, 0x14, &(0x7f00000006c0)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8", @ANYRES32=r8, @ANYRES32=0x0], &(0x7f00000000c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x17, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3}, {}, {}, [@btf_id={0x18, 0xf, 0x3, 0x0, 0x4}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @initr0={0x18, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x8}, @btf_id={0x18, 0xa, 0x3, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0xc3, &(0x7f00000004c0)=""/195, 0x41000, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000600)={0x3, 0xc, 0x101, 0x3ff}, 0x10, 0x0, r5, 0x6, &(0x7f0000000700), &(0x7f00000007c0)=[{0x4, 0x2, 0xb, 0xb}, {0x2, 0x2, 0x8, 0x8}, {0x5, 0x5, 0x10, 0xa}, {0x3, 0x4, 0x3, 0x7}, {0x2, 0x1, 0x7, 0x9}, {0x2, 0x401, 0x7, 0x8}], 0x10, 0x40, @void, @value}, 0x94)
r9 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(r9, 0x112, 0xb, &(0x7f0000007480), 0x2)
write$binfmt_elf64(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="7f454c460000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000380000000000000000000300"/113], 0x78)
close_range(r0, 0xffffffffffffffff, 0x0)

2.938573149s ago: executing program 1 (id=1161):
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xb8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x23}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}]}], {0x14, 0x10}}, 0xa4}}, 0x4)
syz_open_procfs(0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x800000)

2.889037563s ago: executing program 8 (id=1162):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/35, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1.837302125s ago: executing program 7 (id=1163):
bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
pipe2(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)=ANY=[@ANYBLOB="64000000020601020000000000000000000000000500010007000000090002"], 0x64}, 0x1, 0x0, 0x0, 0xc040}, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x101202, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x40000000)
r2 = io_uring_setup(0x6280, &(0x7f0000000080)={0x0, 0x10000000, 0x0, 0x0, 0x1d2})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, 0x0, &(0x7f0000000080))
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xc}, @hci_ev_le_remote_feat_complete={{}, {0x0, 0xc9, "18d040519ed62cea"}}}}, 0xf)

1.604296444s ago: executing program 5 (id=1164):
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$SO_TIMESTAMP(r2, 0x1, 0x23, 0x0, 0x0)
bind$inet6(r2, &(0x7f0000d84000)={0xa, 0x2, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e28, 0x0, @remote}}, 0x0, 0x0, 0xb, 0x0, "3f114438efdaca16d374b49a365be44d5e860ea3ba676c0b5047b80e2c3535d5bd9db3c8572560f4d1be5cd41f7716082ee3589f099942e6f1c395ddf27900"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000000)={@in6={{0xa, 0x2, 0x23, @local, 0x1000000}}, 0x0, 0x0, 0x41, 0x0, "ddfd3b7ed7c6a1c172a987ae5ce3cafd64c9a736831a5912d606798fb75c9981c4b3ac0e06891ff18bc5543ed57215a3c45f9154dfa319e52a15a2b9acf80c07fb1a854dad742eef6187f2304844c296"}, 0xd8)
sendto$inet6(r2, 0x0, 0x0, 0x20004002, &(0x7f0000b63fe4)={0xa, 0x2, 0x80000000}, 0x1c)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r3, 0xffffffffffffffff, 0x0)

1.603660652s ago: executing program 1 (id=1165):
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0xc0145401, &(0x7f0000000180)={{0x2, 0x2, 0x0, 0xfdfdffff}})
userfaultfd(0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000015640)=""/102400, 0x19000)
socket$inet6(0xa, 0x800000000000002, 0x0)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r1, &(0x7f0000002200)={0x23, 0x7c}, 0x10)

716.102214ms ago: executing program 1 (id=1166):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xe, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x0, @empty, 0x7}, {0xa, 0x0, 0x0, @mcast2, 0xfffffffe}, r3}}, 0xfffffe10)

651.321912ms ago: executing program 7 (id=1167):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000080)=""/4076, &(0x7f0000000040)=0xfec)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}, 0x4}}, 0x2e)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000000540)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}})
syz_io_uring_setup(0x1e1e, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000400)='ramfs\x00', 0x2000000, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
clock_settime(0x0, &(0x7f0000003c80)={0x77359400})
creat(&(0x7f0000000300)='./bus\x00', 0x15d)
r3 = open(&(0x7f00000000c0)='./bus\x00', 0x14103e, 0x0)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x143042, 0xfe)
r5 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$FUSE(r5, &(0x7f0000001b00)={0x2020}, 0x2020)
ftruncate(r4, 0x2008002)
sendfile(r3, r4, 0x0, 0x80000001)

0s ago: executing program 1 (id=1168):
r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r0, &(0x7f0000000000)={0x1a, 0x100, 0x0, 0x0, 0x81, 0x42}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$sysctl(0xffffffffffffffff, &(0x7f0000000000)='1\x00', 0x2)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
mount(&(0x7f0000000100)=@nullb, &(0x7f0000000040)='./file1\x00', &(0x7f00000001c0)='gfs2\x00', 0x0, 0x0)
connect$llc(r0, 0x0, 0x0)
bind$llc(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[], 0x88}}, 0x4000)
setsockopt(r3, 0x84, 0x80, &(0x7f00000002c0), 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000000), 0x0)

kernel console output (not intermixed with test programs):

 8
[  239.592289][ T5833] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  239.601589][ T5833] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.609610][ T5833] usb 6-1: Product: syz
[  239.630138][ T5833] usb 6-1: Manufacturer: syz
[  239.634804][ T5833] usb 6-1: SerialNumber: syz
[  239.681323][ T5833] usb 6-1: config 0 descriptor??
[  239.979360][ T5833] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  242.194475][ T5828] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  242.232747][ T5828] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  242.294049][ T5828] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  242.300553][ T5828] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  242.315652][ T5828] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  242.342151][ T5828] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  242.750337][ T5844] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  242.800556][ T5844] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  242.857413][ T5844] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  242.870985][ T5844] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  242.880238][ T5844] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  242.889203][ T5844] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  244.082146][ T5833] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -110
[  244.241612][ T5933] usb 6-1: USB disconnect, device number 2
[  244.607936][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.810313][ T5933] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  244.931102][ T5828] Bluetooth: hci5: command tx timeout
[  244.933020][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.999614][ T5933] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  245.047947][ T5933] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  245.136055][ T5933] usb 6-1: New USB device found, idVendor=05ac, idProduct=4262, bcdDevice= 0.00
[  245.159079][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.169852][ T5933] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.226768][ T5933] usb 6-1: config 0 descriptor??
[  245.286226][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.792673][ T7148] netlink: 'syz.5.272': attribute type 29 has an invalid length.
[  247.208428][ T5828] Bluetooth: hci5: command tx timeout
[  247.427238][  T974] usb 6-1: USB disconnect, device number 3
[  247.505553][ T7107] chnl_net:caif_netlink_parms(): no params data found
[  247.537139][   T12] bridge_slave_1: left allmulticast mode
[  247.570383][   T12] bridge_slave_1: left promiscuous mode
[  247.582524][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  247.648330][   T12] bridge_slave_0: left allmulticast mode
[  247.670269][   T12] bridge_slave_0: left promiscuous mode
[  247.938988][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.806376][ T5828] Bluetooth: hci5: command tx timeout
[  251.415614][ T7200] Option '                                                                                      ��P����i�	' to dns_resolver key: bad/missing value
[  251.900353][ T5828] Bluetooth: hci5: command tx timeout
[  256.729468][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  256.736323][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  258.433191][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  258.849470][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  258.871326][   T12] bond0 (unregistering): Released all slaves
[  259.079002][ T7236] team_slave_0: entered promiscuous mode
[  259.085014][ T7236] team_slave_1: entered promiscuous mode
[  259.091897][ T7236] macvtap1: entered promiscuous mode
[  259.097222][ T7236] team0: entered promiscuous mode
[  259.109246][ T7236] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  259.117615][ T7236] team0: Device macvtap1 is already an upper device of the team interface
[  259.242469][ T7236] team0: left promiscuous mode
[  259.247789][ T7236] team_slave_0: left promiscuous mode
[  259.253300][ T7236] team_slave_1: left promiscuous mode
[  259.443049][ T5844] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  259.452164][ T5844] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  259.460152][ T5844] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  259.469370][ T5844] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  259.477970][ T5844] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  259.485693][ T5844] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  259.591981][ T7244] Option '                                                                                      ��P����i�	' to dns_resolver key: bad/missing value
[  260.954509][ T7260] netlink: 60 bytes leftover after parsing attributes in process `syz.5.291'.
[  261.575896][ T5844] Bluetooth: hci1: command tx timeout
[  262.186775][ T7107] bridge0: port 1(bridge_slave_0) entered blocking state
[  262.347587][ T7107] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.370283][ T7107] bridge_slave_0: entered allmulticast mode
[  262.381391][ T7107] bridge_slave_0: entered promiscuous mode
[  262.515354][ T7107] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.564416][ T7107] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.587257][ T7107] bridge_slave_1: entered allmulticast mode
[  262.620483][ T7107] bridge_slave_1: entered promiscuous mode
[  263.650602][ T5844] Bluetooth: hci1: command tx timeout
[  264.265502][ T7107] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  264.303009][ T7107] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  264.334844][   T12] hsr_slave_0: left promiscuous mode
[  264.347567][   T12] hsr_slave_1: left promiscuous mode
[  264.377853][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  265.413215][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  265.446062][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  265.453743][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  265.541683][   T12] veth1_macvtap: left promiscuous mode
[  265.852974][ T5844] Bluetooth: hci1: command tx timeout
[  265.897182][   T12] veth0_macvtap: left promiscuous mode
[  267.991645][ T5844] Bluetooth: hci1: command tx timeout
[  268.811163][ T7321] loop7: detected capacity change from 0 to 16384
[  268.891598][ T7321] loop7: detected capacity change from 16384 to 16383
[  268.934432][ T7321] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  268.944353][ T7321] Buffer I/O error on dev loop7, logical block 0, async page read
[  268.955042][ T7321] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  268.964609][ T7321] Buffer I/O error on dev loop7, logical block 0, async page read
[  268.974925][ T7321] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  268.984894][ T7321] Buffer I/O error on dev loop7, logical block 0, async page read
[  268.995117][ T7321] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  269.004830][ T7321] Buffer I/O error on dev loop7, logical block 0, async page read
[  269.014827][ T7321] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  269.024348][ T7321] Buffer I/O error on dev loop7, logical block 0, async page read
[  269.034479][ T7321] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  269.044095][ T7321] Buffer I/O error on dev loop7, logical block 0, async page read
[  269.053455][ T7321] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  269.062950][ T7321] Buffer I/O error on dev loop7, logical block 0, async page read
[  269.073466][ T7321] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  269.082993][ T7321] Buffer I/O error on dev loop7, logical block 0, async page read
[  269.092086][ T7321] ldm_validate_partition_table(): Disk read failed.
[  269.101405][ T7321] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  269.110952][ T7321] Buffer I/O error on dev loop7, logical block 0, async page read
[  269.121538][ T7321] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  269.131057][ T7321] Buffer I/O error on dev loop7, logical block 0, async page read
[  269.142776][ T7321] Dev loop7: unable to read RDB block 0
[  269.159516][ T7321]  loop7: unable to read partition table
[  269.167682][ T7321] loop_reread_partitions: partition scan of loop7 (R%0���T�$7�)]W����?�18��;9��C?��-��z׌����	������97d���) failed (rc=-5)
[  269.741473][ T7327] netlink: 24 bytes leftover after parsing attributes in process `syz.5.305'.
[  269.751785][ T7327] netlink: 8 bytes leftover after parsing attributes in process `syz.5.305'.
[  270.832175][   T12] team0 (unregistering): Port device team_slave_1 removed
[  270.929292][   T12] team0 (unregistering): Port device team_slave_0 removed
[  271.031364][ T7331] tipc: Can't bind to reserved service type 2
[  271.306615][ T7333] x_tables: duplicate underflow at hook 2
[  275.903006][ T7313] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  275.913130][ T7313] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  277.035372][ T7107] team0: Port device team_slave_0 added
[  278.011486][ T7107] team0: Port device team_slave_1 added
[  278.105898][ T7376] tmpfs: Bad value for 'mpol'
[  278.564979][ T7107] batman_adv: batadv0: Adding interface: batadv_slave_0
[  278.630614][ T7107] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.656621][    C0] vkms_vblank_simulate: vblank timer overrun
[  278.685888][ T7107] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  278.826103][ T7107] batman_adv: batadv0: Adding interface: batadv_slave_1
[  278.833232][ T7107] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.859124][    C0] vkms_vblank_simulate: vblank timer overrun
[  278.959116][ T7107] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  279.086845][ T7246] chnl_net:caif_netlink_parms(): no params data found
[  279.372286][ T7107] hsr_slave_0: entered promiscuous mode
[  279.454859][ T7107] hsr_slave_1: entered promiscuous mode
[  280.181586][ T7371] xt_HMARK: proto mask must be zero with L3 mode
[  280.219852][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.265580][ T7246] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.282157][ T7246] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.289705][ T7246] bridge_slave_0: entered allmulticast mode
[  280.302490][ T7246] bridge_slave_0: entered promiscuous mode
[  280.310975][ T7246] bridge0: port 2(bridge_slave_1) entered blocking state
[  280.319135][ T7246] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.326591][ T7246] bridge_slave_1: entered allmulticast mode
[  280.335949][ T7246] bridge_slave_1: entered promiscuous mode
[  280.385100][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.512067][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.534327][ T7246] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  280.606782][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.978958][ T7246] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  281.443335][ T7246] team0: Port device team_slave_0 added
[  281.899631][ T7246] team0: Port device team_slave_1 added
[  282.068166][ T1207] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  282.434756][ T7246] batman_adv: batadv0: Adding interface: batadv_slave_0
[  282.460566][ T1207] usb 6-1: Using ep0 maxpacket: 8
[  282.470475][ T7246] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  282.526296][ T7246] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  282.558992][ T1207] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  282.568779][ T1207] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  282.593282][ T7246] batman_adv: batadv0: Adding interface: batadv_slave_1
[  282.600746][ T1207] usb 6-1: Product: syz
[  282.604942][ T1207] usb 6-1: Manufacturer: syz
[  282.609564][ T1207] usb 6-1: SerialNumber: syz
[  282.615362][ T7246] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  282.668490][ T1207] usb 6-1: config 0 descriptor??
[  282.680096][ T7246] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  282.808362][ T7430] 9pnet_fd: Insufficient options for proto=fd
[  282.986001][ T1207] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  283.213345][ T7435] netlink: 8 bytes leftover after parsing attributes in process `syz.2.328'.
[  283.222537][ T7435] netlink: 72 bytes leftover after parsing attributes in process `syz.2.328'.
[  284.061470][   T25] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  284.200659][   T25] usb 3-1: device descriptor read/64, error -71
[  284.444039][   T12] bridge_slave_1: left allmulticast mode
[  284.449788][   T12] bridge_slave_1: left promiscuous mode
[  284.471717][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.490295][   T25] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  284.501963][   T12] bridge_slave_0: left allmulticast mode
[  284.517458][   T12] bridge_slave_0: left promiscuous mode
[  284.523681][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.821293][   T25] usb 3-1: device descriptor read/64, error -71
[  285.013403][   T25] usb usb3-port1: attempt power cycle
[  285.459227][   T25] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  285.490958][   T25] usb 3-1: device descriptor read/8, error -71
[  285.740622][   T25] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  285.869003][   T25] usb 3-1: device descriptor read/8, error -71
[  286.151825][   T25] usb usb3-port1: unable to enumerate USB device
[  286.749965][ T1207] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  286.802163][ T1207] usb 6-1: USB disconnect, device number 4
[  288.304137][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  288.315832][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  288.327142][   T12] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  288.340817][   T12] bond0 (unregistering): Released all slaves
[  289.633418][ T7246] hsr_slave_0: entered promiscuous mode
[  289.639829][ T7246] hsr_slave_1: entered promiscuous mode
[  289.658329][ T7472] 9pnet_fd: Insufficient options for proto=fd
[  289.714346][ T7246] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  289.744272][ T7246] Cannot create hsr debugfs directory
[  289.771145][ T7107] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  290.235765][ T7476] netlink: 24 bytes leftover after parsing attributes in process `syz.5.337'.
[  290.241831][ T7107] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  290.252113][ T7476] openvswitch: netlink: Flow key attr not present in new flow.
[  291.439022][ T7107] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  291.679261][ T7107] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  294.982152][   T12] hsr_slave_0: left promiscuous mode
[  295.303002][   T12] hsr_slave_1: left promiscuous mode
[  295.427492][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  295.634297][ T7509] Falling back ldisc for ttyS3.
[  295.641116][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  295.682275][ T7514] Bluetooth: MGMT ver 1.23
[  296.091169][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  296.098642][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  296.273950][   T12] veth1_macvtap: left promiscuous mode
[  296.279489][   T12] veth0_macvtap: left promiscuous mode
[  296.294170][   T12] veth1_vlan: left promiscuous mode
[  296.305631][   T12] veth0_vlan: left promiscuous mode
[  296.349159][ T7516] 9pnet_fd: Insufficient options for proto=fd
[  298.191276][ T7532] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  299.078500][ T5828] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  299.112803][ T5828] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  299.121307][ T5828] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  299.134241][ T5828] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  299.142568][ T5828] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  299.150690][ T5828] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  300.168089][  T974] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  300.312995][   T12] team0 (unregistering): Port device team_slave_1 removed
[  300.340190][  T974] usb 2-1: Using ep0 maxpacket: 32
[  300.359657][   T12] team0 (unregistering): Port device team_slave_0 removed
[  300.360621][  T974] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  300.384282][  T974] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.402505][  T974] usb 2-1: config 0 descriptor??
[  300.623745][  T974] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  300.648151][  T974] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  300.660557][  T974] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  300.671575][  T974] usb 2-1: media controller created
[  300.692715][  T974] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  302.051645][ T5828] Bluetooth: hci3: command tx timeout
[  302.199269][ T7526] pim6reg: entered allmulticast mode
[  302.953943][  T974] az6027: usb out operation failed. (-110)
[  302.966535][  T974] az6027: usb out operation failed. (-32)
[  302.989905][  T974] stb0899_attach: Driver disabled by Kconfig
[  303.026908][  T974] az6027: no front-end attached
[  303.026908][  T974] 
[  303.067328][  T974] az6027: usb out operation failed. (-32)
[  303.100305][  T974] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  303.125004][  T974] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input6
[  303.182702][  T974] dvb-usb: schedule remote query interval to 400 msecs.
[  303.243613][  T974] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  303.562869][ T1207] usb 2-1: USB disconnect, device number 3
[  304.605992][ T5828] Bluetooth: hci3: command tx timeout
[  304.757495][ T7246] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  304.913252][ T7246] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  305.808887][ T1207] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  306.529637][ T7246] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  306.691929][ T5828] Bluetooth: hci3: command tx timeout
[  307.483518][ T7246] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  307.630318][ T7539] chnl_net:caif_netlink_parms(): no params data found
[  308.578271][ T7539] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.600160][ T7539] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.607450][ T7539] bridge_slave_0: entered allmulticast mode
[  308.621605][ T7539] bridge_slave_0: entered promiscuous mode
[  308.648222][ T7539] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.670376][ T7539] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.678350][ T7539] bridge_slave_1: entered allmulticast mode
[  308.721705][ T7539] bridge_slave_1: entered promiscuous mode
[  308.786003][ T5828] Bluetooth: hci3: command tx timeout
[  310.046148][ T7539] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  310.099692][ T7539] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  310.212401][ T7623] netlink: 60 bytes leftover after parsing attributes in process `syz.5.365'.
[  315.108844][ T7539] team0: Port device team_slave_0 added
[  315.264609][   T29] kauditd_printk_skb: 11 callbacks suppressed
[  315.264669][   T29] audit: type=1326 audit(1738977906.727:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7656 comm="syz.2.371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a878cde9 code=0x7ffc0000
[  315.395952][ T7246] 8021q: adding VLAN 0 to HW filter on device bond0
[  315.464726][   T29] audit: type=1326 audit(1738977906.727:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7656 comm="syz.2.371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a878cde9 code=0x7ffc0000
[  315.511594][   T29] audit: type=1326 audit(1738977906.727:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7656 comm="syz.2.371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7ff3a878cde9 code=0x7ffc0000
[  315.577809][   T29] audit: type=1326 audit(1738977906.727:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7656 comm="syz.2.371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a878cde9 code=0x7ffc0000
[  315.601615][   T29] audit: type=1326 audit(1738977906.727:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7656 comm="syz.2.371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a878cde9 code=0x7ffc0000
[  315.623179][   T29] audit: type=1326 audit(1738977906.727:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7656 comm="syz.2.371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7ff3a878cde9 code=0x7ffc0000
[  315.624653][ T7539] team0: Port device team_slave_1 added
[  315.862247][   T29] audit: type=1326 audit(1738977906.727:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7656 comm="syz.2.371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a878cde9 code=0x7ffc0000
[  315.885881][ T7661] Option '                                                                                      ��P����i�	' to dns_resolver key: bad/missing value
[  316.061297][   T29] audit: type=1326 audit(1738977906.727:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7656 comm="syz.2.371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a878cde9 code=0x7ffc0000
[  316.128394][   T29] audit: type=1326 audit(1738977906.737:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7656 comm="syz.2.371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7ff3a878cde9 code=0x7ffc0000
[  316.150356][   T29] audit: type=1326 audit(1738977906.787:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7656 comm="syz.2.371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3a878cde9 code=0x7ffc0000
[  316.314444][ T7667] vivid-001: disconnect
[  316.328325][ T7539] batman_adv: batadv0: Adding interface: batadv_slave_0
[  316.336696][ T7539] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  317.202564][ T7539] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  317.217023][ T7539] batman_adv: batadv0: Adding interface: batadv_slave_1
[  317.224427][ T7539] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  317.242004][ T7666] vivid-001: reconnect
[  317.270607][ T7539] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  317.501954][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  317.743844][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  320.078343][ T7692] netlink: 60 bytes leftover after parsing attributes in process `syz.1.378'.
[  320.129071][ T7539] hsr_slave_0: entered promiscuous mode
[  320.173226][ T7539] hsr_slave_1: entered promiscuous mode
[  320.179397][ T7539] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  320.190934][ T5844] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  320.201402][ T5844] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  320.213494][ T5844] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  320.227209][ T5844] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  320.237900][ T5844] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  320.249463][ T5844] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  320.266578][ T7539] Cannot create hsr debugfs directory
[  320.458762][   T12] bridge_slave_1: left allmulticast mode
[  320.542922][   T12] bridge_slave_1: left promiscuous mode
[  320.554693][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  320.744742][   T12] bridge_slave_0: left allmulticast mode
[  320.804556][   T12] bridge_slave_0: left promiscuous mode
[  320.910677][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.489272][ T7698] sctp: failed to load transform for md5: -2
[  322.265044][ T7718] Option '                                                                                      ��P����i�	' to dns_resolver key: bad/missing value
[  322.334797][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  322.418064][ T5844] Bluetooth: hci5: command tx timeout
[  322.573371][ T7719] input: syz1 as /devices/virtual/input/input7
[  322.805660][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  323.391201][   T12] bond0 (unregistering): Released all slaves
[  323.821878][   T12] hsr_slave_0: left promiscuous mode
[  323.835900][   T12] hsr_slave_1: left promiscuous mode
[  323.842574][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  323.850816][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  324.584500][ T5844] Bluetooth: hci5: command tx timeout
[  324.736032][ T5833] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  324.845948][   T12] team0 (unregistering): Port device team_slave_1 removed
[  324.907799][ T5833] usb 3-1: Using ep0 maxpacket: 8
[  324.931444][ T5833] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  324.947291][ T5833] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.955835][ T5833] usb 3-1: Product: syz
[  324.968725][ T5833] usb 3-1: Manufacturer: syz
[  324.973679][ T5833] usb 3-1: SerialNumber: syz
[  324.991466][ T5833] usb 3-1: config 0 descriptor??
[  325.031087][   T12] team0 (unregistering): Port device team_slave_0 removed
[  325.205995][ T5833] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  326.613868][ T5844] Bluetooth: hci5: command tx timeout
[  326.995582][ T7693] chnl_net:caif_netlink_parms(): no params data found
[  328.046879][ T5833] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  328.078745][ T7781] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  328.374690][ T5833] usb 3-1: USB disconnect, device number 7
[  328.690451][ T5844] Bluetooth: hci5: command tx timeout
[  328.714818][ T7539] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  328.821394][ T7539] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  329.853711][ T7539] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  329.912845][ T7788] Option '                                                                                      ��P����i�	' to dns_resolver key: bad/missing value
[  330.096976][ T7539] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  330.154095][ T7693] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.175615][ T7693] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.214921][ T7693] bridge_slave_0: entered allmulticast mode
[  330.224649][ T7693] bridge_slave_0: entered promiscuous mode
[  330.430847][ T7693] bridge0: port 2(bridge_slave_1) entered blocking state
[  330.443865][ T7693] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.452034][ T7693] bridge_slave_1: entered allmulticast mode
[  330.459151][ T7693] bridge_slave_1: entered promiscuous mode
[  330.652949][ T7796] netlink: 8 bytes leftover after parsing attributes in process `syz.5.393'.
[  330.705893][   T12] bridge_slave_1: left allmulticast mode
[  330.733641][   T12] bridge_slave_1: left promiscuous mode
[  330.922071][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.165184][   T12] bridge_slave_0: left allmulticast mode
[  331.258350][   T12] bridge_slave_0: left promiscuous mode
[  331.421587][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  332.228686][ T7813] netlink: 44 bytes leftover after parsing attributes in process `syz.2.394'.
[  335.470561][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  335.628113][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  335.652150][   T12] bond0 (unregistering): Released all slaves
[  335.725187][ T7812] tipc: Started in network mode
[  335.730594][ T7812] tipc: Node identity 4, cluster identity 4711
[  335.736772][ T7812] tipc: Node number set to 4
[  335.937045][ T7693] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  335.969649][ T7693] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  336.274335][ T7842] Option '                                                                                      ��P����i�	' to dns_resolver key: bad/missing value
[  337.656755][   T12] hsr_slave_0: left promiscuous mode
[  337.798763][ T7850] netlink: 8 bytes leftover after parsing attributes in process `syz.2.403'.
[  337.874097][   T12] hsr_slave_1: left promiscuous mode
[  338.004074][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  338.191434][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  338.669834][ T7841] syz.5.402 (7841): drop_caches: 2
[  338.690874][ T7841] Process accounting resumed
[  339.239459][ T7856] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  339.247876][ T7856] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  339.276714][ T7856] F2FS-fs (loop5): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  339.284858][ T7856] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[  340.761655][   T12] team0 (unregistering): Port device team_slave_1 removed
[  340.863417][   T12] team0 (unregistering): Port device team_slave_0 removed
[  341.010939][ T7869] fuse: Unknown parameter '00000000000000000000005����HQ�2�kX�;�z��T�pd7�9���m�T����GM'
[  343.349830][ T7873] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  343.372793][ T7873] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  344.268155][ T7878] overlayfs: missing 'workdir'
[  345.459195][ T7693] team0: Port device team_slave_0 added
[  345.555587][ T7693] team0: Port device team_slave_1 added
[  345.564346][ T5833] libceph: connect (1)[c::]:6789 error -101
[  345.590550][ T5833] libceph: mon0 (1)[c::]:6789 connect error
[  346.340815][ T5833] libceph: connect (1)[c::]:6789 error -101
[  346.347143][ T5833] libceph: mon0 (1)[c::]:6789 connect error
[  346.553066][ T7693] batman_adv: batadv0: Adding interface: batadv_slave_0
[  346.672720][ T7693] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  346.721469][ T7693] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  346.733278][ T7880] ceph: No mds server is up or the cluster is laggy
[  346.901435][ T5833] libceph: connect (1)[c::]:6789 error -101
[  346.917720][ T5833] libceph: mon0 (1)[c::]:6789 connect error
[  347.035716][ T7693] batman_adv: batadv0: Adding interface: batadv_slave_1
[  347.061094][ T7693] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  347.087030][    C1] vkms_vblank_simulate: vblank timer overrun
[  347.120779][ T7693] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  348.932166][ T7693] hsr_slave_0: entered promiscuous mode
[  348.938690][ T7693] hsr_slave_1: entered promiscuous mode
[  349.260926][ T7539] 8021q: adding VLAN 0 to HW filter on device bond0
[  350.505836][ T7539] 8021q: adding VLAN 0 to HW filter on device team0
[  350.680821][ T6558] bridge0: port 1(bridge_slave_0) entered blocking state
[  350.688011][ T6558] bridge0: port 1(bridge_slave_0) entered forwarding state
[  350.797504][ T6558] bridge0: port 2(bridge_slave_1) entered blocking state
[  350.804683][ T6558] bridge0: port 2(bridge_slave_1) entered forwarding state
[  351.122196][ T7539] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  351.853332][ T7539] 8021q: adding VLAN 0 to HW filter on device batadv0
[  353.733492][ T7693] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  353.934434][ T7693] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  353.963634][ T7693] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  354.792983][ T7693] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  358.033687][ T7693] 8021q: adding VLAN 0 to HW filter on device bond0
[  358.142859][ T7693] 8021q: adding VLAN 0 to HW filter on device team0
[  358.744704][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  358.751999][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  358.965840][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  358.973048][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  361.025525][ T8020] netlink: 'syz.5.433': attribute type 10 has an invalid length.
[  361.274075][   T29] kauditd_printk_skb: 38 callbacks suppressed
[  361.274093][   T29] audit: type=1400 audit(1738977952.067:138): lsm=SMACK fn=smack_file_receive action=denied subject="w" object="_" requested=w pid=8012 comm="syz.2.432" path="socket:[16957]" dev="sockfs" ino=16957
[  361.424324][ T8020] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  362.281831][ T8029] netlink: 256 bytes leftover after parsing attributes in process `syz.1.434'.
[  362.291446][ T8029] netlink: 24 bytes leftover after parsing attributes in process `syz.1.434'.
[  364.596894][ T5828] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  364.607443][ T5828] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  364.616384][ T5828] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  364.641878][ T5828] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  364.651910][ T5828] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  364.663513][ T5828] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  364.731412][ T8049] (unnamed net_device) (uninitialized): down delay (32768) is not a multiple of miimon (100), value rounded to 32700 ms
[  364.744956][ T8049] (unnamed net_device) (uninitialized): option use_carrier: invalid value (4)
[  364.850911][ T8049] Cannot find map_set index 0 as target
[  365.257370][ T7693] 8021q: adding VLAN 0 to HW filter on device batadv0
[  367.076728][ T8074] xt_socket: unknown flags 0x50
[  367.538555][ T5828] Bluetooth: hci1: command tx timeout
[  368.440817][ T1207] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  368.946085][ T1207] usb 2-1: Using ep0 maxpacket: 8
[  369.570302][ T5828] Bluetooth: hci1: command tx timeout
[  369.572562][ T1207] usb 2-1: config 0 has an invalid interface number: 190 but max is 0
[  369.597088][ T1207] usb 2-1: config 0 has no interface number 0
[  370.152843][ T1207] usb 2-1: New USB device found, idVendor=0584, idProduct=0008, bcdDevice= 1.02
[  370.169668][ T1207] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.190211][ T8087] netlink: 'syz.5.441': attribute type 11 has an invalid length.
[  370.255486][ T1207] usb 2-1: config 0 descriptor??
[  370.278089][ T1207] usb 2-1: can't set config #0, error -71
[  370.324067][ T1207] usb 2-1: USB disconnect, device number 4
[  371.694045][ T5828] Bluetooth: hci1: command tx timeout
[  372.163587][ T8105] kAFS: No cell specified
[  372.799662][ T7693] veth0_vlan: entered promiscuous mode
[  372.849084][ T8045] chnl_net:caif_netlink_parms(): no params data found
[  372.895258][ T7693] veth1_vlan: entered promiscuous mode
[  373.390756][ T3515] bridge_slave_1: left allmulticast mode
[  373.396770][ T3515] bridge_slave_1: left promiscuous mode
[  373.403230][ T3515] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.412694][ T3515] bridge_slave_0: left allmulticast mode
[  373.418362][ T3515] bridge_slave_0: left promiscuous mode
[  373.520759][ T8116] netlink: 256 bytes leftover after parsing attributes in process `syz.1.447'.
[  374.259211][ T5828] Bluetooth: hci1: command tx timeout
[  374.316163][ T3515] bridge0: port 1(bridge_slave_0) entered disabled state
[  374.480174][ T8121] serio: Serial port ptm0
[  375.250303][ T5929] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  376.710179][ T5929] usb 6-1: Using ep0 maxpacket: 32
[  377.322538][ T5929] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  377.901392][ T5929] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  378.337588][ T8144] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  378.838373][ T3515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  378.890161][ T3515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  378.932676][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  378.939028][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  378.952327][ T3515] bond0 (unregistering): Released all slaves
[  379.102443][ T5929] usb 6-1: string descriptor 0 read error: -71
[  379.108723][ T5929] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  379.119842][ T8045] bridge0: port 1(bridge_slave_0) entered blocking state
[  379.141669][ T8045] bridge0: port 1(bridge_slave_0) entered disabled state
[  379.148941][ T8045] bridge_slave_0: entered allmulticast mode
[  379.160081][ T5929] usb 6-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  379.188958][ T5929] usb 6-1: can't set config #4, error -71
[  379.210957][ T8045] bridge_slave_0: entered promiscuous mode
[  379.278799][ T8045] bridge0: port 2(bridge_slave_1) entered blocking state
[  379.300167][ T5929] usb 6-1: USB disconnect, device number 5
[  379.337741][ T8045] bridge0: port 2(bridge_slave_1) entered disabled state
[  379.366892][ T8045] bridge_slave_1: entered allmulticast mode
[  379.389908][ T8045] bridge_slave_1: entered promiscuous mode
[  379.689060][ T3515] hsr_slave_0: left promiscuous mode
[  379.743265][ T3515] hsr_slave_1: left promiscuous mode
[  379.782413][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_0
[  380.401088][ T8158] netlink: 24 bytes leftover after parsing attributes in process `syz.5.454'.
[  380.760255][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_1
[  380.806206][ T5844] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  380.887894][ T5844] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  380.909045][ T5844] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  380.946030][ T5844] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  380.956740][ T5844] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  380.964689][ T5844] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  381.154784][ T8166] netlink: 12 bytes leftover after parsing attributes in process `syz.2.452'.
[  381.700941][ T3515] team0 (unregistering): Port device team_slave_1 removed
[  381.837126][ T3515] team0 (unregistering): Port device team_slave_0 removed
[  383.100296][ T5844] Bluetooth: hci3: command tx timeout
[  385.170362][ T5844] Bluetooth: hci3: command tx timeout
[  386.883832][ T8198] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input11
[  387.544888][ T5844] Bluetooth: hci3: command tx timeout
[  387.953935][ T8045] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  387.982712][ T8045] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  388.099102][ T8045] team0: Port device team_slave_0 added
[  388.117026][ T8045] team0: Port device team_slave_1 added
[  388.176923][ T8045] batman_adv: batadv0: Adding interface: batadv_slave_0
[  388.199923][ T8045] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  388.270563][ T8045] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  388.308389][ T8045] batman_adv: batadv0: Adding interface: batadv_slave_1
[  388.323211][ T8045] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  388.355443][ T8045] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  388.553103][ T8162] chnl_net:caif_netlink_parms(): no params data found
[  388.577094][ T8045] hsr_slave_0: entered promiscuous mode
[  388.589339][ T8045] hsr_slave_1: entered promiscuous mode
[  388.595679][ T8045] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  388.607907][ T8045] Cannot create hsr debugfs directory
[  388.766968][ T8162] bridge0: port 1(bridge_slave_0) entered blocking state
[  388.774879][ T8162] bridge0: port 1(bridge_slave_0) entered disabled state
[  388.785303][ T8162] bridge_slave_0: entered allmulticast mode
[  388.792649][ T8162] bridge_slave_0: entered promiscuous mode
[  388.838185][ T8162] bridge0: port 2(bridge_slave_1) entered blocking state
[  388.846986][ T8162] bridge0: port 2(bridge_slave_1) entered disabled state
[  388.868613][ T8162] bridge_slave_1: entered allmulticast mode
[  388.878132][ T8162] bridge_slave_1: entered promiscuous mode
[  389.015116][ T8162] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  389.035539][ T8162] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  389.154156][ T8162] team0: Port device team_slave_0 added
[  389.223059][ T8162] team0: Port device team_slave_1 added
[  389.249521][ T8162] batman_adv: batadv0: Adding interface: batadv_slave_0
[  389.264252][ T8162] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  389.293166][ T8162] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  389.329169][ T8162] batman_adv: batadv0: Adding interface: batadv_slave_1
[  389.336788][ T8162] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  389.363686][ T8162] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  389.461979][ T3515] bridge_slave_1: left allmulticast mode
[  389.467670][ T3515] bridge_slave_1: left promiscuous mode
[  389.474628][ T3515] bridge0: port 2(bridge_slave_1) entered disabled state
[  389.485185][ T3515] bridge_slave_0: left allmulticast mode
[  389.491493][ T3515] bridge_slave_0: left promiscuous mode
[  389.497156][ T3515] bridge0: port 1(bridge_slave_0) entered disabled state
[  389.570185][ T5844] Bluetooth: hci3: command tx timeout
[  389.787043][ T3515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  389.798865][ T3515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  389.809171][ T3515] bond0 (unregistering): Released all slaves
[  389.830960][ T8162] hsr_slave_0: entered promiscuous mode
[  389.837108][ T8162] hsr_slave_1: entered promiscuous mode
[  389.843365][ T8162] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  389.851014][ T8162] Cannot create hsr debugfs directory
[  389.928985][ T3515] hsr_slave_0: left promiscuous mode
[  389.935014][ T3515] hsr_slave_1: left promiscuous mode
[  389.941070][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_0
[  389.948636][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_1
[  389.969319][ T3515] veth1_vlan: left promiscuous mode
[  389.974723][ T3515] veth0_vlan: left promiscuous mode
[  390.288556][ T3515] team0 (unregistering): Port device team_slave_1 removed
[  390.339296][ T3515] team0 (unregistering): Port device team_slave_0 removed
[  390.942131][ T8045] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  390.958048][ T8045] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  390.973746][ T8045] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  390.998112][ T8045] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  391.133932][ T8045] 8021q: adding VLAN 0 to HW filter on device bond0
[  391.169183][ T8045] 8021q: adding VLAN 0 to HW filter on device team0
[  391.208451][ T1162] bridge0: port 1(bridge_slave_0) entered blocking state
[  391.215594][ T1162] bridge0: port 1(bridge_slave_0) entered forwarding state
[  391.246121][ T8162] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  391.259771][ T3515] bridge0: port 2(bridge_slave_1) entered blocking state
[  391.266935][ T3515] bridge0: port 2(bridge_slave_1) entered forwarding state
[  391.283788][ T8162] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  391.303619][ T8162] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  391.316492][ T8162] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  391.478409][ T8162] 8021q: adding VLAN 0 to HW filter on device bond0
[  391.502776][ T8162] 8021q: adding VLAN 0 to HW filter on device team0
[  391.529963][ T6558] bridge0: port 1(bridge_slave_0) entered blocking state
[  391.537119][ T6558] bridge0: port 1(bridge_slave_0) entered forwarding state
[  391.548130][ T6558] bridge0: port 2(bridge_slave_1) entered blocking state
[  391.555288][ T6558] bridge0: port 2(bridge_slave_1) entered forwarding state
[  391.596320][ T8045] 8021q: adding VLAN 0 to HW filter on device batadv0
[  391.944782][ T8162] 8021q: adding VLAN 0 to HW filter on device batadv0
[  391.973735][ T8045] veth0_vlan: entered promiscuous mode
[  391.993388][ T8045] veth1_vlan: entered promiscuous mode
[  392.018510][ T8045] veth0_macvtap: entered promiscuous mode
[  392.034717][ T8045] veth1_macvtap: entered promiscuous mode
[  392.065346][ T8045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  392.079737][ T8045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.097980][ T8045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  392.108672][ T8045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.121258][ T8045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  392.132361][ T8045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.143723][ T8045] batman_adv: batadv0: Interface activated: batadv_slave_0
[  392.155825][ T8045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  392.166777][ T8045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.177703][ T8045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  392.188167][ T8045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.198086][ T8045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  392.209408][ T8045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.221190][ T8045] batman_adv: batadv0: Interface activated: batadv_slave_1
[  392.234666][ T8045] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  392.247712][ T8045] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  392.256940][ T8045] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  392.266190][ T8045] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  392.384138][ T1162] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  392.403588][ T1162] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  392.434828][ T3515] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  392.455450][ T3515] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  392.527475][ T8162] veth0_vlan: entered promiscuous mode
[  392.563416][ T8162] veth1_vlan: entered promiscuous mode
[  392.630287][ T8162] veth0_macvtap: entered promiscuous mode
[  392.648171][ T8162] veth1_macvtap: entered promiscuous mode
[  392.719488][ T8162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  392.735398][ T8162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.745852][ T8162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  392.757168][ T8162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.767887][ T8162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  392.798353][ T8162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  392.815486][ T8162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  392.831124][ T8162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.930111][  T974] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  394.117443][ T8162] batman_adv: batadv0: Interface activated: batadv_slave_0
[  394.310993][ T8162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.360942][  T974] usb 2-1: Using ep0 maxpacket: 8
[  394.401585][ T8162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.431296][  T974] usb 2-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  394.480078][ T8162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.496428][  T974] usb 2-1: config 2 has 0 interfaces, different from the descriptor's value: 1
[  394.515895][ T8162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.547699][  T974] usb 2-1: New USB device found, idVendor=0b48, idProduct=3015, bcdDevice=77.a0
[  394.560095][ T8162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.570657][  T974] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.578684][  T974] usb 2-1: Product: syz
[  394.592177][ T8162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.603307][  T974] usb 2-1: Manufacturer: syz
[  394.607948][  T974] usb 2-1: SerialNumber: syz
[  394.612814][ T8162] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.624738][ T8162] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.637126][ T8162] batman_adv: batadv0: Interface activated: batadv_slave_1
[  394.677331][ T8162] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  394.691736][ T8162] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  394.706530][ T8162] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  394.715443][ T8162] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  395.932018][ T8283] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  396.644981][ T8079] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  396.682157][ T8079] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  396.863131][ T5833] usb 2-1: USB disconnect, device number 5
[  397.647522][ T6019] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.209666][ T6019] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  400.729771][ T8326] evm: overlay not supported
[  403.062387][ T5879] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  403.581812][ T5879] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  404.582635][ T5879] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  404.613038][ T5879] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  404.833273][ T5879] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  404.851900][ T8348] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  404.994943][ T5879] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  405.783293][ T5879] usb 3-1: USB disconnect, device number 8
[  407.359383][ T5829] udevd[5829]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  408.758086][ T8389] Attempt to restore checkpoint with obsolete wellknown handles
[  415.176297][ T8464] netlink: 'syz.5.500': attribute type 3 has an invalid length.
[  415.176394][ T8464] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.500'.
[  415.783037][ T8473] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  415.792689][ T8473] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  417.209556][ T8489] 9pnet: Unknown protocol version 9p200
[  417.227950][ T8489] lo speed is unknown, defaulting to 1000
[  417.234425][ T8489] lo speed is unknown, defaulting to 1000
[  417.246671][ T8489] lo speed is unknown, defaulting to 1000
[  417.271531][ T8489] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  417.316125][ T8489] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  417.458006][ T8489] lo speed is unknown, defaulting to 1000
[  417.472776][ T8489] lo speed is unknown, defaulting to 1000
[  417.486811][ T8489] lo speed is unknown, defaulting to 1000
[  417.500038][ T8489] lo speed is unknown, defaulting to 1000
[  417.513635][ T8489] lo speed is unknown, defaulting to 1000
[  419.661144][ T8502] trusted_key: encrypted_key: keylen parameter is missing
[  423.583135][ T8525] mkiss: ax0: crc mode is auto.
[  423.644064][ T6201] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  424.242913][ T6201] usb 8-1: Using ep0 maxpacket: 16
[  424.351878][ T1207] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  425.242730][ T8543] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  425.259715][ T1207] usb 2-1: config index 0 descriptor too short (expected 9318, got 36)
[  425.280496][ T6201] usb 8-1: device descriptor read/all, error -71
[  425.500551][ T1207] usb 2-1: config 82 has too many interfaces: 201, using maximum allowed: 32
[  425.794377][ T1207] usb 2-1: config 82 has 1 interface, different from the descriptor's value: 201
[  425.898713][ T1207] usb 2-1: config 82 has no interface number 0
[  425.905966][ T1207] usb 2-1: config 82 interface 113 has no altsetting 0
[  425.935698][ T1207] usb 2-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[  425.950141][ T1207] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  426.209420][ T1207] usb 2-1: Product: syz
[  426.214926][ T1207] usb 2-1: Manufacturer: syz
[  426.219580][ T1207] usb 2-1: SerialNumber: syz
[  427.593905][    C1] usb 2-1: NFC: Urb failure (status -71)
[  427.603125][    C1] usb 2-1: NFC: Urb failure (status -71)
[  427.617797][ T1207] usb 2-1: NFC: Unable to get FW version
[  427.645424][ T1207] pn533_usb 2-1:82.113: probe with driver pn533_usb failed with error -71
[  427.719063][ T1207] usb 2-1: USB disconnect, device number 6
[  429.326464][ T8575] TCP: out of memory -- consider tuning tcp_mem
[  432.575193][ T8602] No control pipe specified
[  434.143239][ T8614] Bluetooth: hci5: Frame reassembly failed (-84)
[  434.477390][ T8610] Cannot find set identified by id 0 to match
[  436.280821][ T5844] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  437.184677][ T8649] overlayfs: missing 'workdir'
[  439.088396][ T8656] x_tables: unsorted underflow at hook 3
[  439.113494][ T8656] netlink: 16 bytes leftover after parsing attributes in process `syz.2.534'.
[  439.857018][ T8674] netlink: 4 bytes leftover after parsing attributes in process `syz.5.537'.
[  442.314458][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  442.320945][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  443.212165][ T8704] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input13
[  443.990620][ T8616] Bluetooth: hci3: command 0x0405 tx timeout
[  446.331913][ T8724] netlink: 16 bytes leftover after parsing attributes in process `syz.2.546'.
[  447.387717][ T8731] overlayfs: missing 'workdir'
[  448.323983][ T8734] netlink: 'syz.7.547': attribute type 3 has an invalid length.
[  448.332135][ T8734] netlink: 209852 bytes leftover after parsing attributes in process `syz.7.547'.
[  448.421432][ T8734] trusted_key: syz.7.547 sent an empty control message without MSG_MORE.
[  450.600873][ T8752] netlink: 4 bytes leftover after parsing attributes in process `syz.2.552'.
[  451.051149][ T8770] netlink: 'syz.1.555': attribute type 2 has an invalid length.
[  451.117473][ T8770] netlink: 212912 bytes leftover after parsing attributes in process `syz.1.555'.
[  451.671227][ T5879] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  451.879124][ T5879] usb 8-1: too many configurations: 164, using maximum allowed: 8
[  451.924586][ T5879] usb 8-1: New USB device found, idVendor=7de0, idProduct=676e, bcdDevice=77.db
[  451.960572][ T5879] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  451.992098][ T5879] usb 8-1: config 0 descriptor??
[  454.414204][ T8616] Bluetooth: hci3: command 0x0405 tx timeout
[  455.001677][   T25] usb 8-1: USB disconnect, device number 4
[  455.705099][ T8823] netlink: 'syz.7.564': attribute type 1 has an invalid length.
[  455.712973][ T8823] netlink: 8 bytes leftover after parsing attributes in process `syz.7.564'.
[  458.226119][ T8839] netlink: 72 bytes leftover after parsing attributes in process `syz.2.567'.
[  458.229050][ T8835] netdevsim netdevsim2: Direct firmware load for .
[  458.229050][ T8835]  failed with error -2
[  458.269438][ T8836] bridge0: port 3(syz_tun) entered blocking state
[  458.279099][ T8836] bridge0: port 3(syz_tun) entered disabled state
[  458.300935][ T8836] syz_tun: entered allmulticast mode
[  458.307687][ T8836] syz_tun: entered promiscuous mode
[  458.323154][ T8836] bridge0: port 3(syz_tun) entered blocking state
[  458.329874][ T8836] bridge0: port 3(syz_tun) entered forwarding state
[  458.343061][ T8835] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  458.343061][ T8835] 
[  458.789418][ T8839] libceph: resolve '0.0' (ret=-3): failed
[  459.277230][ T5879] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  461.044139][ T5879] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  461.061575][ T5879] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  461.071379][ T5879] usb 7-1: New USB device found, idVendor=056a, idProduct=0031, bcdDevice= 0.00
[  461.099591][ T5879] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  461.132989][ T5879] usb 7-1: config 0 descriptor??
[  462.606362][ T8849] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  462.629004][ T8849] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  462.673638][ T8849] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  462.696776][ T8849] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  462.719114][ T8849] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  462.755792][ T8849] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  462.810349][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout
[  464.121887][ T5838] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  465.156286][ T5844] Bluetooth: hci3: command 0x0405 tx timeout
[  465.162512][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout
[  466.058209][ T8902] openvswitch: netlink: Flow key attr not present in new flow.
[  466.726023][ T8896] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  466.732934][ T8896] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  466.741747][ T8896] vhci_hcd vhci_hcd.0: Device attached
[  466.751845][ T5879] usbhid 7-1:0.0: can't add hid device: -32
[  466.757950][ T5879] usbhid 7-1:0.0: probe with driver usbhid failed with error -32
[  467.330014][ T8616] Bluetooth: hci1: command 0x0c1a tx timeout
[  467.347696][ T5844] Bluetooth: hci3: command 0x0405 tx timeout
[  467.550915][   T25] vhci_hcd: vhci_device speed not set
[  467.597849][ T8914] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  467.658732][   T25] usb 35-1: new full-speed USB device number 2 using vhci_hcd
[  467.712089][ T8909] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  468.099031][ T8904] vhci_hcd: connection reset by peer
[  469.116886][ T1162] vhci_hcd: stop threads
[  469.179761][ T1162] vhci_hcd: release socket
[  469.258432][ T1162] vhci_hcd: disconnect device
[  469.397363][ T8932] x_tables: unsorted underflow at hook 3
[  469.407796][ T8932] netlink: 16 bytes leftover after parsing attributes in process `syz.2.584'.
[  469.560614][ T8616] Bluetooth: hci3: command 0x0405 tx timeout
[  469.833712][ T8929] smk_cipso_doi:677 remove rc = -2
[  469.839080][ T8929] smk_cipso_doi:690 cipso add rc = -17
[  471.096143][ T8940] delete_channel: no stack
[  473.217058][ T8957] fuse: Unknown parameter 'roʇmode'
[  473.659794][   T25] vhci_hcd: vhci_device speed not set
[  475.528051][ T8973] mkiss: ax0: crc mode is auto.
[  480.532662][ T5844] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  480.561689][ T5844] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  480.574862][ T5844] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  480.584498][ T5844] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  480.595389][ T5844] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  480.603065][ T5844] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  481.317839][ T9005] lo speed is unknown, defaulting to 1000
[  481.714340][ T9021] smk_cipso_doi:677 remove rc = -2
[  481.719823][ T9021] smk_cipso_doi:690 cipso add rc = -17
[  482.055948][ T5844] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  482.426251][ T5844] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  482.829711][ T5844] Bluetooth: hci5: command tx timeout
[  483.469146][ T5838] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  483.482630][ T5933] usb 7-1: USB disconnect, device number 2
[  483.656467][ T5838] usb 8-1: Using ep0 maxpacket: 8
[  483.693122][ T5838] usb 8-1: config 0 has an invalid interface number: 196 but max is 0
[  483.740408][ T5838] usb 8-1: config 0 has no interface number 0
[  483.774154][ T5838] usb 8-1: New USB device found, idVendor=17a1, idProduct=0128, bcdDevice=bf.0a
[  483.801921][ T5838] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  483.821932][ T5838] usb 8-1: Product: syz
[  483.826637][ T9005] chnl_net:caif_netlink_parms(): no params data found
[  483.837063][ T5838] usb 8-1: Manufacturer: syz
[  483.841830][ T5838] usb 8-1: SerialNumber: syz
[  484.043270][ T5838] usb 8-1: config 0 descriptor??
[  484.062776][ T5838] gspca_main: t613-2.14.0 probing 17a1:0128
[  484.121417][ T6201] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  484.378364][ T6201] usb 6-1: Using ep0 maxpacket: 32
[  484.473322][ T6201] usb 6-1: config 0 has an invalid interface number: 35 but max is 0
[  484.528755][ T6201] usb 6-1: config 0 has no interface number 0
[  484.599588][ T6201] usb 6-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  484.632819][ T6201] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  484.891147][ T6201] usb 6-1: Product: syz
[  484.895418][ T6201] usb 6-1: Manufacturer: syz
[  484.900032][ T6201] usb 6-1: SerialNumber: syz
[  484.957436][ T6201] usb 6-1: config 0 descriptor??
[  485.029945][ T5844] Bluetooth: hci5: command tx timeout
[  485.047199][ T9005] bridge0: port 1(bridge_slave_0) entered blocking state
[  485.073043][ T9005] bridge0: port 1(bridge_slave_0) entered disabled state
[  485.082303][ T9005] bridge_slave_0: entered allmulticast mode
[  485.097324][ T5838] gspca_t613: unknown sensor 0000
[  485.102583][ T5838] t613 8-1:0.196: probe with driver t613 failed with error -22
[  485.115083][ T9005] bridge_slave_0: entered promiscuous mode
[  485.116599][ T5838] usb 8-1: USB disconnect, device number 5
[  485.133641][ T9005] bridge0: port 2(bridge_slave_1) entered blocking state
[  485.152585][ T9005] bridge0: port 2(bridge_slave_1) entered disabled state
[  485.168635][ T9005] bridge_slave_1: entered allmulticast mode
[  485.197674][ T6201] radio-si470x 6-1:0.35: this is not a si470x device.
[  485.228405][ T9005] bridge_slave_1: entered promiscuous mode
[  485.299816][ T6201] radio-raremono 6-1:0.35: this is not Thanko's Raremono.
[  486.000582][ T6201] usb 6-1: USB disconnect, device number 6
[  486.063233][ T9070] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  486.072585][ T9070] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  486.081778][ T9070] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  486.090603][ T9070] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  486.127383][ T9005] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  486.183845][ T9065] ALSA: mixer_oss: invalid OSS volume 'u'
[  486.192901][ T9005] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  486.340032][ T9068] kexec: Could not allocate control_code_buffer
[  486.816376][ T9005] team0: Port device team_slave_0 added
[  487.006747][ T9087] Option '                                                                                      ��P����i�	' to dns_resolver key: bad/missing value
[  487.572790][ T5844] Bluetooth: hci5: command tx timeout
[  487.951360][ T9005] team0: Port device team_slave_1 added
[  488.010441][ T5844] Bluetooth: hci3: unexpected event for opcode 0x080f
[  488.148391][ T9005] batman_adv: batadv0: Adding interface: batadv_slave_0
[  488.388949][ T9100] smk_cipso_doi:677 remove rc = -2
[  488.412020][ T9005] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  488.492842][ T9099] smk_cipso_doi:677 remove rc = -2
[  488.499129][ T9099] smk_cipso_doi:690 cipso add rc = -17
[  488.732799][ T9100] smk_cipso_doi:690 cipso add rc = -17
[  488.796251][ T9005] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  488.876749][ T9005] batman_adv: batadv0: Adding interface: batadv_slave_1
[  489.098640][ T9005] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  489.852648][ T5844] Bluetooth: hci5: command tx timeout
[  489.983473][ T9118] No such timeout policy "syz1"
[  490.077318][ T9005] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  490.400186][ T9005] hsr_slave_0: entered promiscuous mode
[  490.406665][ T9005] hsr_slave_1: entered promiscuous mode
[  493.069559][ T9152] netlink: 44 bytes leftover after parsing attributes in process `syz.7.627'.
[  493.742961][ T9151] netlink: 'syz.5.626': attribute type 1 has an invalid length.
[  494.496667][ T9005] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  494.646238][ T9005] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  495.040267][ T9166] program syz.5.630 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  495.945582][   T25] IPVS: starting estimator thread 0...
[  496.238896][ T9005] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  496.334669][ T9168] IPVS: using max 23 ests per chain, 55200 per kthread
[  496.524513][ T9177] netlink: 48 bytes leftover after parsing attributes in process `syz.5.634'.
[  496.533585][ T9005] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  496.787370][ T9005] 8021q: adding VLAN 0 to HW filter on device bond0
[  496.853479][ T9005] 8021q: adding VLAN 0 to HW filter on device team0
[  496.891770][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  496.898926][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  496.983784][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  496.990942][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  497.036798][ T5879] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  497.138817][ T9005] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  497.169344][ T9005] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  497.264396][ T5879] usb 8-1: Using ep0 maxpacket: 8
[  497.286771][ T9192] netlink: 60 bytes leftover after parsing attributes in process `syz.1.637'.
[  497.368994][ T5879] usb 8-1: descriptor type invalid, skip
[  497.374695][ T5879] usb 8-1: descriptor type invalid, skip
[  497.408200][ T5879] usb 8-1: descriptor type invalid, skip
[  497.427567][ T5879] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  497.480376][ T5879] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1024
[  497.582830][ T5879] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  497.602358][ T5879] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  497.813648][   T25] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  497.818914][ T5879] usb 8-1: Product: syz
[  497.848061][ T5879] usb 8-1: Manufacturer: syz
[  497.866685][ T5879] usb 8-1: SerialNumber: syz
[  497.905068][ T9184] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  497.923138][ T9184] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  498.020824][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  498.051461][   T25] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  498.060555][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  498.117666][   T25] usb 3-1: config 0 descriptor??
[  498.146181][   T25] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  498.166811][ T9005] 8021q: adding VLAN 0 to HW filter on device batadv0
[  498.182791][ T5879] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -71
[  498.221464][ T5879] usb 8-1: USB disconnect, device number 6
[  498.353091][   T25] usb 3-1: USB disconnect, device number 10
[  498.382535][ T5878] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  498.575032][ T5878] usb 2-1: Using ep0 maxpacket: 32
[  498.609545][ T5878] usb 2-1: unable to get BOS descriptor or descriptor too short
[  498.618817][ T5878] usb 2-1: config 5 has an invalid interface number: 52 but max is 0
[  498.626946][ T5878] usb 2-1: config 5 has no interface number 0
[  498.650301][ T5878] usb 2-1: config 5 interface 52 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  498.660119][ T5878] usb 2-1: config 5 interface 52 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  498.706275][ T5878] usb 2-1: New USB device found, idVendor=16ca, idProduct=1502, bcdDevice=51.58
[  498.735321][ T5878] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  498.779072][ T5878] usb 2-1: Product: syz
[  498.783338][ T5878] usb 2-1: Manufacturer: syz
[  498.787985][ T5878] usb 2-1: SerialNumber: syz
[  498.800564][ T9005] veth0_vlan: entered promiscuous mode
[  498.840232][ T9005] veth1_vlan: entered promiscuous mode
[  498.936800][ T9005] veth0_macvtap: entered promiscuous mode
[  498.983559][ T9005] veth1_macvtap: entered promiscuous mode
[  499.052240][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  499.087225][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  499.104667][ T5878] aircable 2-1:5.52: aircable converter detected
[  499.130115][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  499.167714][ T5878] usb 2-1: aircable converter now attached to ttyUSB0
[  499.169418][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  499.199399][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  499.205837][ T5878] usb 2-1: USB disconnect, device number 7
[  499.212832][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  499.233773][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  499.254980][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  499.273601][ T5878] aircable ttyUSB0: aircable converter now disconnected from ttyUSB0
[  499.303046][ T5878] aircable 2-1:5.52: device disconnected
[  499.526111][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  499.537212][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  499.554460][ T9005] batman_adv: batadv0: Interface activated: batadv_slave_0
[  499.999770][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.199953][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.218987][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.328379][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.381650][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.424505][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.442538][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.475355][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.502450][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  500.520618][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  500.584570][ T9005] batman_adv: batadv0: Interface activated: batadv_slave_1
[  500.636996][ T9005] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  500.745439][ T9005] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  500.799725][ T9005] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  500.813126][ T9264] netlink: 'syz.1.644': attribute type 1 has an invalid length.
[  500.819842][ T9005] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  500.884154][ T9264] netlink: 'syz.1.644': attribute type 2 has an invalid length.
[  500.895053][ T9264] netlink: 'syz.1.644': attribute type 1 has an invalid length.
[  500.905681][ T9264] netlink: 8 bytes leftover after parsing attributes in process `syz.1.644'.
[  501.782269][ T3548] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  501.804696][ T3548] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  501.878931][ T3515] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  501.886814][ T3515] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  502.818618][ T9299] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  502.827748][ T9299] batadv_slave_0: entered promiscuous mode
[  505.754743][ T9314] afs: Bad value for 'source'
[  505.942556][ T9314] libceph: resolve '0.0' (ret=-3): failed
[  506.477165][ T9329] netlink: 288 bytes leftover after parsing attributes in process `syz.7.658'.
[  506.774675][   T25] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  507.202285][   T25] usb 8-1: Using ep0 maxpacket: 8
[  507.245576][   T25] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 13
[  507.258178][   T25] usb 8-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  507.267566][   T25] usb 8-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3
[  507.275776][   T25] usb 8-1: Product: syz
[  507.280429][   T25] usb 8-1: Manufacturer: syz
[  507.285383][   T25] usb 8-1: SerialNumber: syz
[  507.300391][   T25] usb 8-1: config 0 descriptor??
[  507.313680][   T25] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  507.622207][   T46] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  507.822429][   T46] usb 3-1: Using ep0 maxpacket: 16
[  507.845686][   T46] usb 3-1: config 8 has an invalid interface number: 39 but max is 0
[  507.853881][   T46] usb 3-1: config 8 has no interface number 0
[  507.897245][   T46] usb 3-1: config 8 interface 39 altsetting 1 has an endpoint descriptor with address 0xDF, changing to 0x8F
[  507.936571][   T46] usb 3-1: config 8 interface 39 altsetting 1 endpoint 0x8F has invalid wMaxPacketSize 0
[  507.953671][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  507.960129][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  507.978799][   T46] usb 3-1: config 8 interface 39 altsetting 1 bulk endpoint 0x8F has invalid maxpacket 0
[  508.013985][   T46] usb 3-1: config 8 interface 39 has no altsetting 0
[  508.044080][   T46] usb 3-1: New USB device found, idVendor=05ac, idProduct=c704, bcdDevice=62.77
[  508.054798][   T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  508.073879][   T46] usb 3-1: Product: syz
[  508.078190][   T46] usb 3-1: Manufacturer: syz
[  508.089032][   T46] usb 3-1: SerialNumber: syz
[  508.552431][   T46] ipheth 3-1:8.39: ipheth_get_macaddr: usb_control_msg: -71
[  508.567731][   T46] ipheth 3-1:8.39: probe with driver ipheth failed with error -71
[  508.604187][   T46] usb 3-1: USB disconnect, device number 11
[  508.912705][    C1] hrtimer: interrupt took 56667 ns
[  509.084823][   T25] gspca_zc3xx: reg_w_i err -110
[  509.832184][   T25] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  509.840205][   T25] gspca_zc3xx 8-1:0.0: probe with driver gspca_zc3xx failed with error -110
[  509.853564][   T25] usb 8-1: USB disconnect, device number 7
[  509.873296][ T9402] netlink: 144 bytes leftover after parsing attributes in process `syz.8.678'.
[  510.027915][ T9408] xt_TCPMSS: Only works on TCP SYN packets
[  510.422121][ T9416] overlayfs: failed to resolve './file0': -2
[  510.523280][ T9417] lo speed is unknown, defaulting to 1000
[  510.546539][ T9417] lo speed is unknown, defaulting to 1000
[  510.555613][ T9417] lo speed is unknown, defaulting to 1000
[  511.166513][ T9417] infiniband s
z1: set active
[  511.171751][ T9417] infiniband s
z1: added lo
[  511.195628][   T25] lo speed is unknown, defaulting to 1000
[  511.258533][ T9417] RDS/IB: s
z1: added
[  511.263538][ T9417] smc: adding ib device s
z1 with port count 1
[  511.269967][ T9417] smc:    ib device s
z1 port 1 has pnetid 
[  511.278469][ T9417] lo speed is unknown, defaulting to 1000
[  511.288899][   T25] lo speed is unknown, defaulting to 1000
[  511.394901][ T9417] lo speed is unknown, defaulting to 1000
[  511.503956][ T9417] lo speed is unknown, defaulting to 1000
[  511.615401][ T9417] lo speed is unknown, defaulting to 1000
[  511.801175][ T9417] lo speed is unknown, defaulting to 1000
[  511.911510][ T9417] lo speed is unknown, defaulting to 1000
[  512.063694][ T9436] netlink: 8 bytes leftover after parsing attributes in process `syz.2.676'.
[  512.452036][ T9438] Option '                                                                                      ��P����i�	' to dns_resolver key: bad/missing value
[  512.775117][ T9446] libceph: resolve '0.' (ret=-3): failed
[  514.517045][ T9475] Option '                                                                                      ��P����i�	' to dns_resolver key: bad/missing value
[  515.163011][  T974] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  515.362015][  T974] usb 9-1: Using ep0 maxpacket: 16
[  515.396333][  T974] usb 9-1: New USB device found, idVendor=0483, idProduct=1234, bcdDevice=ff.76
[  515.445861][  T974] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  515.508865][  T974] usb 9-1: Product: syz
[  515.513098][  T974] usb 9-1: Manufacturer: syz
[  515.565549][ T9511] Option '                                                                                      ��P����i�	' to dns_resolver key: bad/missing value
[  515.680361][  T974] usb 9-1: SerialNumber: syz
[  515.688046][  T974] usb 9-1: config 0 descriptor??
[  515.865602][ T8616] Bluetooth: hci3: Malformed Event: 0x2f
[  515.936879][  T974] usb 9-1: ignoring: not an USB2CAN converter
[  516.160498][ T5878] usb 9-1: USB disconnect, device number 2
[  516.184629][ T9541] xt_recent: hitcount (4294967167) is larger than allowed maximum (65535)
[  516.620757][ T6201] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  516.806304][ T6201] usb 8-1: Using ep0 maxpacket: 32
[  516.855987][ T6201] usb 8-1: config 0 interface 0 has no altsetting 0
[  517.869324][ T6201] usb 8-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  518.097105][ T6201] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  518.106062][ T6201] usb 8-1: Product: syz
[  518.114207][ T6201] usb 8-1: Manufacturer: syz
[  518.120998][ T6201] usb 8-1: SerialNumber: syz
[  518.131617][ T6201] usb 8-1: config 0 descriptor??
[  519.518161][ T5878] usb 2-1: new full-speed USB device number 8 using dummy_hcd
[  519.817242][ T6201] gs_usb 8-1:0.0: Couldn't get device config: (err=-71)
[  519.824293][ T6201] gs_usb 8-1:0.0: probe with driver gs_usb failed with error -71
[  519.855200][ T6201] usb 8-1: USB disconnect, device number 8
[  520.875919][ T5878] usb 2-1: unable to get BOS descriptor or descriptor too short
[  520.907476][ T5878] usb 2-1: not running at top speed; connect to a high speed hub
[  520.934960][ T5878] usb 2-1: config 219 has 1 interface, different from the descriptor's value: 2
[  520.946705][ T5878] usb 2-1: config 219 interface 0 has no altsetting 0
[  520.978237][ T5878] usb 2-1: config 219 interface 0 has no altsetting 1
[  520.991296][ T5878] usb 2-1: New USB device found, idVendor=2b73, idProduct=0017, bcdDevice=a2.0e
[  521.011397][ T5878] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  521.042629][ T5878] usb 2-1: Product: syz
[  521.075472][ T5878] usb 2-1: Manufacturer: syz
[  521.105057][ T5878] usb 2-1: SerialNumber: syz
[  521.416996][ T5878] usb 2-1: selecting invalid altsetting 0
[  521.443675][ T5878] usb 2-1: selecting invalid altsetting 0
[  521.591939][ T5878] usb 2-1: USB disconnect, device number 8
[  521.924629][ T5829] udevd[5829]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:219.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  523.062295][ T9626] No such timeout policy "syz1"
[  523.374008][ T9636] netlink: 60 bytes leftover after parsing attributes in process `syz.1.751'.
[  523.465892][ T5929] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  523.601795][ T5838] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  523.648067][ T5929] usb 3-1: Using ep0 maxpacket: 32
[  523.679468][ T5929] usb 3-1: config 0 has an invalid interface number: 88 but max is 0
[  523.719428][ T5929] usb 3-1: config 0 has no interface number 0
[  523.760056][ T5929] usb 3-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=7d.12
[  523.788361][ T5929] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  523.824805][ T5838] usb 8-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  523.827136][ T5929] usb 3-1: Product: syz
[  523.852202][ T5929] usb 3-1: Manufacturer: syz
[  523.856848][ T5929] usb 3-1: SerialNumber: syz
[  523.860178][ T5838] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  523.884926][ T5929] usb 3-1: config 0 descriptor??
[  523.895226][ T9651] afs: Unexpected value for 'dyn'
[  523.903935][ T5838] usb 8-1: config 0 descriptor??
[  524.170275][ T5838] [drm] vendor descriptor length:6 data:06 5f 00 00 00 00 00 00 00 00 00
[  524.207887][ T5838] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  524.404158][ T5838] [drm:udl_init] *ERROR* Selecting channel failed
[  524.505253][ T5838] [drm] Initialized udl 0.0.1 for 8-1:0.0 on minor 2
[  524.529577][ T5838] [drm] Initialized udl on minor 2
[  524.537901][ T5878] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  524.568051][ T5838] udl 8-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  524.601868][ T5838] udl 8-1:0.0: [drm] Cannot find any crtc or sizes
[  524.636932][  T974] udl 8-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  524.649621][ T5838] usb 8-1: USB disconnect, device number 9
[  524.675828][  T974] udl 8-1:0.0: [drm] Cannot find any crtc or sizes
[  524.728369][ T9673] netlink: 60 bytes leftover after parsing attributes in process `syz.1.762'.
[  524.748965][ T5878] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  524.793317][ T5878] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  524.913899][ T5878] usb 9-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  524.989626][ T5878] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  525.014249][ T5878] usb 9-1: config 0 descriptor??
[  525.324346][ T5929] f81534a_ctrl 3-1:0.88: failed to set register 0x116: -5
[  525.331528][ T5929] f81534a_ctrl 3-1:0.88: failed to enable ports: -5
[  525.423953][ T5929] f81534a_ctrl 3-1:0.88: probe with driver f81534a_ctrl failed with error -5
[  525.517203][ T5929] usb 3-1: USB disconnect, device number 12
[  525.614447][ T5878] kye 0003:0458:5011.0002: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  525.652422][ T5878] kye 0003:0458:5011.0002: unknown main item tag 0x0
[  525.668494][ T5878] kye 0003:0458:5011.0002: unknown main item tag 0x0
[  525.710358][ T5878] kye 0003:0458:5011.0002: unknown main item tag 0x0
[  525.743998][ T5878] kye 0003:0458:5011.0002: unknown main item tag 0x0
[  525.767033][ T5878] kye 0003:0458:5011.0002: unknown main item tag 0x0
[  526.022857][ T9700] Option '                                                                                      ��P����i�	' to dns_resolver key: bad/missing value
[  526.815902][ T5878] kye 0003:0458:5011.0002: hidraw0: USB HID ve.4e Device [HID 0458:5011] on usb-dummy_hcd.8-1/input0
[  526.830536][ T5878] kye 0003:0458:5011.0002: tablet-enabling feature report not found
[  526.838567][ T5878] kye 0003:0458:5011.0002: tablet enabling failed
[  526.853665][ T5878] usb 9-1: USB disconnect, device number 3
[  528.396729][ T9719] netlink: 60 bytes leftover after parsing attributes in process `syz.2.774'.
[  528.776116][ T5838] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  528.813830][ T9733] vxcan3: entered promiscuous mode
[  528.840071][ T9733] vxcan3: entered allmulticast mode
[  528.966663][ T5838] usb 2-1: Using ep0 maxpacket: 16
[  529.119172][ T5838] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  529.155888][ T5838] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  529.164853][ T9739] netlink: 20 bytes leftover after parsing attributes in process `syz.5.781'.
[  529.284342][ T9739] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  529.297902][ T9739] netlink: 16 bytes leftover after parsing attributes in process `syz.5.781'.
[  529.418888][ T9749] Option '                                                                                      ��P����i�	' to dns_resolver key: bad/missing value
[  530.199432][ T5838] usb 2-1: Product: syz
[  530.203750][ T5838] usb 2-1: Manufacturer: syz
[  530.208431][ T5838] usb 2-1: SerialNumber: syz
[  530.219390][ T5838] r8152-cfgselector 2-1: Unknown version 0x0000
[  530.225690][ T5838] r8152-cfgselector 2-1: config 0 descriptor??
[  530.557637][ T9759] netlink: 60 bytes leftover after parsing attributes in process `syz.2.788'.
[  530.590920][ T5838] hid-generic 0000:0003:0000.0003: unknown main item tag 0x0
[  530.646368][ T5838] hid-generic 0000:0003:0000.0003: unknown main item tag 0x0
[  530.690128][ T5838] hid-generic 0000:0003:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  530.713291][   T25] r8152-cfgselector 2-1: USB disconnect, device number 9
[  530.949254][ T9770] smk_cipso_doi:677 remove rc = -2
[  530.954658][ T9770] smk_cipso_doi:690 cipso add rc = -17
[  532.218325][   T25] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  532.523539][ T9809] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input18
[  532.699421][   T25] usb 8-1: Using ep0 maxpacket: 16
[  533.291831][   T25] usb 8-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  533.312742][   T25] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[  533.327042][   T25] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 152, changing to 11
[  533.343813][   T25] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 8285, setting to 1024
[  533.359917][   T25] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  533.522729][   T25] usb 8-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  533.572543][   T25] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  533.608861][   T25] usb 8-1: Product: syz
[  533.613082][   T25] usb 8-1: Manufacturer: syz
[  533.637461][   T25] usb 8-1: SerialNumber: syz
[  533.650451][ T9820] tmpfs: Cannot retroactively limit inodes
[  533.655285][   T25] usb 8-1: config 0 descriptor??
[  533.984436][   T25] appledisplay 8-1:0.0: Error while getting initial brightness: -110
[  533.987690][   T25] appledisplay 8-1:0.0: probe with driver appledisplay failed with error -110
[  534.083247][ T5838] usb 8-1: USB disconnect, device number 10
[  534.581181][ T9838] smk_cipso_doi:677 remove rc = -2
[  534.587958][ T9838] smk_cipso_doi:690 cipso add rc = -17
[  536.847681][   T25] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  536.868946][ T5838] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  536.880134][   T46] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  537.018611][   T25] usb 2-1: Using ep0 maxpacket: 8
[  537.025782][   T25] usb 2-1: config 0 interface 0 has no altsetting 0
[  537.039763][   T25] usb 2-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=bc.76
[  537.056677][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  537.067757][   T25] usb 2-1: Product: syz
[  537.072389][   T46] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  537.083527][ T5838] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  537.084252][   T25] usb 2-1: Manufacturer: syz
[  537.097452][   T46] usb 9-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  537.107995][ T5838] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  537.109280][   T46] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  537.129952][ T5838] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  537.132751][   T25] usb 2-1: SerialNumber: syz
[  537.150240][ T5838] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  537.157019][   T25] usb 2-1: config 0 descriptor??
[  537.176718][ T5838] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  537.177936][   T46] usb 9-1: config 0 descriptor??
[  537.205453][ T5838] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  537.206451][   T25] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 found
[  537.223277][ T5838] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  537.239901][ T5838] usb 6-1: Product: syz
[  537.246105][ T5838] usb 6-1: Manufacturer: syz
[  537.257725][ T5838] cdc_wdm 6-1:1.0: skipping garbage
[  537.262985][ T5838] cdc_wdm 6-1:1.0: skipping garbage
[  537.281120][ T5838] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  537.293128][ T5838] cdc_wdm 6-1:1.0: Unknown control protocol
[  537.439639][   T25] snd_usb_toneport 2-1:0.0: cannot get proper max packet size
[  537.457947][   T25] snd_usb_toneport 2-1:0.0: Line 6 TonePort UX2 now disconnected
[  537.468067][   T25] snd_usb_toneport 2-1:0.0: probe with driver snd_usb_toneport failed with error -22
[  537.708254][   T25] usb 2-1: USB disconnect, device number 10
[  537.719022][   T46] magicmouse 0003:05AC:0265.0004: unknown main item tag 0x5
[  537.754683][   T46] magicmouse 0003:05AC:0265.0004: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.8-1/input0
[  538.188033][ T5838] usb 9-1: USB disconnect, device number 4
[  539.819457][ T5838] usb 6-1: USB disconnect, device number 7
[  541.648813][ T9971] netlink: 24 bytes leftover after parsing attributes in process `syz.1.839'.
[  542.250838][ T9976] netlink: 60 bytes leftover after parsing attributes in process `syz.5.840'.
[  544.717375][T10023] netlink: 60 bytes leftover after parsing attributes in process `syz.5.859'.
[  546.846963][ T5878] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  546.968049][T10065] netlink: 'syz.5.874': attribute type 21 has an invalid length.
[  546.995135][T10065] netlink: 'syz.5.874': attribute type 20 has an invalid length.
[  547.002957][T10065] IPv6: NLM_F_CREATE should be specified when creating new route
[  547.026733][  T974] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  547.059789][ T5878] usb 2-1: config 0 has an invalid interface number: 117 but max is 0
[  547.078181][ T5878] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  547.099249][ T5878] usb 2-1: config 0 has no interface number 0
[  547.121694][ T5878] usb 2-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  547.143682][ T5878] usb 2-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  547.178998][ T5878] usb 2-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  547.385464][T10077] netlink: 60 bytes leftover after parsing attributes in process `syz.5.877'.
[  547.429502][  T974] usb 8-1: Using ep0 maxpacket: 16
[  547.437468][  T974] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  547.452537][ T5878] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  547.465534][  T974] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  547.477367][ T5878] usb 2-1: Product: syz
[  547.481571][ T5878] usb 2-1: Manufacturer: syz
[  547.486354][  T974] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  547.501545][ T5878] usb 2-1: SerialNumber: syz
[  547.516268][ T5878] usb 2-1: config 0 descriptor??
[  547.521514][  T974] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  548.420826][  T974] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  548.476702][  T974] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  548.518576][  T974] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  548.586162][  T974] usb 8-1: Manufacturer: syz
[  548.638843][  T974] usb 8-1: config 0 descriptor??
[  548.969555][   T29] audit: type=1326 audit(1738978131.727:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10088 comm="syz.5.880" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3c0ff8cde9 code=0x0
[  549.056065][  T974] rc_core: IR keymap rc-hauppauge not found
[  549.068603][  T974] Registered IR keymap rc-empty
[  549.073778][T10097] netlink: 8 bytes leftover after parsing attributes in process `syz.8.882'.
[  549.074219][  T974] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  549.115820][ T5878] usb 2-1: USB disconnect, device number 11
[  549.138810][T10054] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  549.152448][  T974] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  549.172972][T10054] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  549.196426][  T974] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0
[  549.237493][  T974] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0/input20
[  549.280607][  T974] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  549.313645][  T974] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  549.355386][  T974] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  549.386215][  T974] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  549.414245][  T974] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  549.655721][  T974] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  549.676249][  T974] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  549.711334][   T46] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  549.891801][   T46] usb 3-1: Using ep0 maxpacket: 8
[  549.916720][   T46] usb 3-1: config 0 interface 0 altsetting 112 endpoint 0x81 has invalid wMaxPacketSize 0
[  549.949383][   T46] usb 3-1: config 0 interface 0 has no altsetting 0
[  550.105208][  T974] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  550.135793][  T974] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  550.171475][  T974] mceusb 8-1:0.0: Error: mce write submit urb error = -90
[  550.177614][   T46] usb 3-1: New USB device found, idVendor=056a, idProduct=0319, bcdDevice= 0.00
[  550.188743][   T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  550.207416][   T46] usb 3-1: config 0 descriptor??
[  550.240372][  T974] mceusb 8-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  551.197666][  T974] mceusb 8-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  551.254854][  T974] usb 8-1: USB disconnect, device number 11
[  551.473358][   T46] wacom 0003:056A:0319.0005: unknown main item tag 0x0
[  551.487332][   T46] wacom 0003:056A:0319.0005: unknown main item tag 0x0
[  551.494452][T10119] netlink: 60 bytes leftover after parsing attributes in process `syz.5.890'.
[  551.525716][   T46] wacom 0003:056A:0319.0005: unknown main item tag 0x0
[  551.532685][   T46] wacom 0003:056A:0319.0005: unknown main item tag 0x0
[  551.552194][   T46] wacom 0003:056A:0319.0005: unknown main item tag 0x0
[  551.766339][ T5929] usb 3-1: USB disconnect, device number 13
[  551.955579][T10135] sg_read: process 137 (syz.8.897) changed security contexts after opening file descriptor, this is not allowed.
[  554.529699][  T974] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  554.549062][T10161] netlink: 60 bytes leftover after parsing attributes in process `syz.1.904'.
[  554.766227][  T974] usb 3-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36
[  554.807551][  T974] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  554.880303][  T974] usb 3-1: config 0 descriptor??
[  555.134892][  T974] kaweth 3-1:0.0: Firmware present in device.
[  555.208538][T10180] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  555.225891][T10180] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  555.402826][  T974] kaweth 3-1:0.0: Statistics collection: 0
[  555.414307][  T974] kaweth 3-1:0.0: Multicast filter limit: 0
[  555.427583][  T974] kaweth 3-1:0.0: MTU: 0
[  555.431924][  T974] kaweth 3-1:0.0: Read MAC address 00:00:00:00:00:00
[  556.476630][  T974] kaweth 3-1:0.0: Error setting SOFS wait
[  556.482576][  T974] kaweth 3-1:0.0: probe with driver kaweth failed with error -5
[  556.535196][  T974] usb 3-1: USB disconnect, device number 14
[  557.779879][T10199] netlink: 60 bytes leftover after parsing attributes in process `syz.5.920'.
[  558.527618][   T25] usb 9-1: new full-speed USB device number 5 using dummy_hcd
[  558.680791][T10224] loop9: detected capacity change from 0 to 7
[  558.716794][T10224] Dev loop9: unable to read RDB block 7
[  558.725249][T10224]  loop9: unable to read partition table
[  558.733417][   T25] usb 9-1: config 0 has an invalid interface number: 133 but max is 0
[  558.748750][   T25] usb 9-1: config 0 has no interface number 0
[  558.757417][T10224] loop9: partition table beyond EOD, truncated
[  558.770906][T10224] loop_reread_partitions: partition scan of loop9 (�被x������ ) failed (rc=-5)
[  558.782390][   T25] usb 9-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d
[  558.799342][   T25] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  558.810094][   T25] usb 9-1: Product: syz
[  558.814308][   T25] usb 9-1: Manufacturer: syz
[  558.823933][   T25] usb 9-1: SerialNumber: syz
[  558.883959][   T25] usb 9-1: config 0 descriptor??
[  559.976294][   T25] keyspan 9-1:0.133: Keyspan 1 port adapter converter detected
[  560.025938][   T25] keyspan 9-1:0.133: found no endpoint descriptor for endpoint 81
[  560.079161][   T25] keyspan 9-1:0.133: found no endpoint descriptor for endpoint 1
[  560.097506][   T25] keyspan 9-1:0.133: found no endpoint descriptor for endpoint 2
[  560.111132][   T25] usb 9-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  560.253389][   T25] usb 9-1: USB disconnect, device number 5
[  560.307318][   T25] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  560.347630][   T25] keyspan 9-1:0.133: device disconnected
[  560.857525][T10262] smk_cipso_doi:677 remove rc = -2
[  560.863429][T10262] smk_cipso_doi:690 cipso add rc = -17
[  561.383557][T10265] netlink: 36 bytes leftover after parsing attributes in process `syz.1.943'.
[  561.436889][T10270] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  561.451007][T10265] netlink: 32 bytes leftover after parsing attributes in process `syz.1.943'.
[  562.045195][ T5878] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  562.367667][ T5878] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  562.418446][ T5878] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  562.429513][ T5878] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  562.453895][ T5878] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  562.471589][ T5878] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  562.803440][ T5878] usb 8-1: config 0 descriptor??
[  563.176422][T10292] netlink: 4 bytes leftover after parsing attributes in process `syz.2.955'.
[  563.178476][   T46] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  563.257945][ T5878] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  563.286877][ T5878] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  563.392607][   T46] usb 9-1: Using ep0 maxpacket: 32
[  563.401147][   T46] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  563.413817][   T46] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  563.429687][   T46] usb 9-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  563.442578][   T46] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  563.490626][   T46] usb 9-1: config 0 descriptor??
[  563.511216][   T46] hub 9-1:0.0: USB hub found
[  563.563150][ T5833] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  563.563466][ T5929] usb 8-1: USB disconnect, device number 12
[  563.729820][   T46] hub 9-1:0.0: 1 port detected
[  563.766376][ T5833] usb 6-1: Using ep0 maxpacket: 8
[  563.808905][ T5833] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  563.943488][ T5833] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  564.043804][T10308] smk_cipso_doi:677 remove rc = -2
[  564.049762][T10308] smk_cipso_doi:690 cipso add rc = -17
[  564.514617][ T5833] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  564.525995][ T5833] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  564.539243][ T5833] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  564.546959][   T46] hub 9-1:0.0: hub_hub_status failed (err = -71)
[  564.549389][ T5833] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  564.615044][   T46] hub 9-1:0.0: config failed, can't get hub status (err -71)
[  564.699112][   T46] usbhid 9-1:0.0: can't add hid device: -71
[  564.706299][   T46] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  564.760215][   T46] usb 9-1: USB disconnect, device number 6
[  564.801456][ T5833] usb 6-1: GET_CAPABILITIES returned 0
[  564.825123][ T5833] usbtmc 6-1:16.0: can't read capabilities
[  565.023049][    C0] usbtmc 6-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  565.046306][ T5878] usb 6-1: USB disconnect, device number 8
[  565.206070][T10321] netlink: 60 bytes leftover after parsing attributes in process `syz.7.965'.
[  566.370874][T10343] netlink: 48 bytes leftover after parsing attributes in process `syz.2.974'.
[  566.880595][T10354] netlink: 60 bytes leftover after parsing attributes in process `syz.8.979'.
[  567.016573][ T5878] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  567.254909][ T5878] usb 2-1: Using ep0 maxpacket: 16
[  567.308814][ T5878] usb 2-1: config 0 has an invalid descriptor of length 178, skipping remainder of the config
[  567.346179][ T5878] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  567.370678][ T5878] usb 2-1: New USB device found, idVendor=046d, idProduct=c531, bcdDevice= 0.00
[  567.380568][T10363] loop8: detected capacity change from 0 to 7
[  567.387214][ T5878] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  567.400213][ T5878] usb 2-1: config 0 descriptor??
[  567.419685][ T5878] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  567.429838][T10363] Dev loop8: unable to read RDB block 7
[  567.462748][T10363]  loop8: AHDI p1 p3 p4
[  567.473453][T10363] loop8: partition table partially beyond EOD, truncated
[  567.487186][T10363] loop8: p1 start 975770946 is beyond EOD, truncated
[  567.494006][T10363] loop8: p3 start 1600350066 is beyond EOD, truncated
[  567.643204][T10350] loop8: detected capacity change from 0 to 7
[  567.670694][T10350] Dev loop8: unable to read RDB block 7
[  567.677351][T10350]  loop8: AHDI p1 p3 p4
[  567.689969][T10350] loop8: partition table partially beyond EOD, truncated
[  567.698946][T10350] loop8: p1 start 975770946 is beyond EOD, truncated
[  567.708467][T10350] loop8: p3 start 6514546 is beyond EOD, truncated
[  567.722613][ T5878] usb 2-1: USB disconnect, device number 12
[  569.547472][T10391] netlink: 60 bytes leftover after parsing attributes in process `syz.8.991'.
[  570.601111][ T5838] usb 3-1: new full-speed USB device number 15 using dummy_hcd
[  570.810543][ T5838] usb 3-1: New USB device found, idVendor=055d, idProduct=9000, bcdDevice=31.44
[  570.830704][ T5838] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  570.855056][ T5838] usb 3-1: config 0 descriptor??
[  570.877272][ T5838] pwc: Samsung MPC-C10 USB webcam detected.
[  570.886465][T10411] xt_CT: No such helper "snmp"
[  571.084617][T10418] 9pnet: p9_errstr2errno: server reported unknown error �@��L�|	��U�
[  571.084617][T10418] 
[  571.100398][ T5838] pwc: send_video_command error -71
[  571.105647][ T5838] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  571.127557][ T5838] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71
[  571.155111][ T5838] usb 3-1: USB disconnect, device number 15
[  571.428709][T10426] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1005'.
[  571.470925][T10426] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  571.480315][T10426] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  571.489447][T10426] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  571.498292][T10426] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  571.548333][T10426] vxlan0: entered promiscuous mode
[  571.990786][ T5838] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  572.545038][ T5838] usb 3-1: New USB device found, idVendor=055d, idProduct=9000, bcdDevice=31.44
[  572.567184][ T5838] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  572.712434][ T5838] usb 3-1: config 0 descriptor??
[  573.644964][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  573.651582][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  573.654830][ T5838] pwc: Samsung MPC-C10 USB webcam detected.
[  573.693017][ T5838] pwc: recv_control_msg error -32 req 02 val 2b00
[  573.700643][ T5838] pwc: recv_control_msg error -32 req 02 val 2700
[  573.750087][T10448] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1012'.
[  573.908835][ T5838] pwc: recv_control_msg error -71 req 04 val 1700
[  573.942450][ T5838] pwc: recv_control_msg error -71 req 02 val 2c00
[  573.973194][ T5838] pwc: recv_control_msg error -71 req 04 val 1000
[  574.015356][ T5838] pwc: recv_control_msg error -71 req 04 val 1300
[  574.043878][ T5838] pwc: recv_control_msg error -71 req 04 val 1400
[  574.068717][ T5838] pwc: recv_control_msg error -71 req 02 val 2000
[  574.072104][   T46] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  574.083047][ T5838] pwc: recv_control_msg error -71 req 02 val 2100
[  574.100613][ T5838] pwc: recv_control_msg error -71 req 02 val 2200
[  574.118088][ T5838] pwc: recv_control_msg error -71 req 06 val 0600
[  574.135936][ T5838] pwc: recv_control_msg error -71 req 04 val 1500
[  574.166298][ T5838] pwc: recv_control_msg error -71 req 02 val 2500
[  574.200097][ T5838] pwc: recv_control_msg error -71 req 02 val 2400
[  574.230498][ T5838] pwc: recv_control_msg error -71 req 02 val 2600
[  574.252586][ T5838] pwc: recv_control_msg error -71 req 02 val 2900
[  574.268648][ T5838] pwc: recv_control_msg error -71 req 02 val 2800
[  574.296592][   T46] usb 6-1: Using ep0 maxpacket: 16
[  574.307484][ T5838] pwc: recv_control_msg error -71 req 04 val 1100
[  574.321484][   T46] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  574.325745][ T5838] pwc: recv_control_msg error -71 req 04 val 1200
[  574.339430][   T46] usb 6-1: config 0 has no interfaces?
[  574.344991][   T46] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  574.382276][   T46] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  574.459359][   T46] usb 6-1: config 0 descriptor??
[  574.588739][ T5838] pwc: Registered as video103.
[  574.607143][ T5838] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input26
[  574.637965][ T5838] usb 3-1: USB disconnect, device number 16
[  574.752118][   T46] usb 6-1: USB disconnect, device number 9
[  575.328004][T10490] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  576.017859][ T5833] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  576.232811][ T5833] usb 2-1: Using ep0 maxpacket: 32
[  576.259705][ T5833] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  576.296336][ T5833] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  576.330109][ T5833] usb 2-1: config 32 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  576.354612][ T5833] usb 2-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  576.366051][ T5833] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  576.877707][T10533] netlink: 14 bytes leftover after parsing attributes in process `syz.8.1034'.
[  576.918872][ T5833] input: HID 0458:5011 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:32.0/0003:0458:5011.0007/input/input28
[  577.070570][ T5833] input: HID 0458:5011 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:32.0/0003:0458:5011.0007/input/input29
[  577.136089][ T5833] kye 0003:0458:5011.0007: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.1-1/input0
[  577.193107][ T5833] usb 2-1: USB disconnect, device number 13
[  578.945906][T10568] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1047'.
[  578.990033][T10568] netlink: 'syz.1.1047': attribute type 1 has an invalid length.
[  579.464617][T10585] program syz.1.1055 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  579.478998][T10582] netlink: 'syz.8.1054': attribute type 1 has an invalid length.
[  579.561352][   T29] audit: type=1326 audit(1738978160.341:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10586 comm="syz.5.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c0ff8cde9 code=0x7ffc0000
[  579.587534][T10582] bond1: entered promiscuous mode
[  579.636222][   T29] audit: type=1326 audit(1738978160.341:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10586 comm="syz.5.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c0ff8cde9 code=0x7ffc0000
[  579.663419][T10582] bond1: entered allmulticast mode
[  579.709687][T10588] bond1: (slave geneve2): making interface the new active one
[  579.740430][   T29] audit: type=1326 audit(1738978160.341:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10586 comm="syz.5.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f3c0ff8cde9 code=0x7ffc0000
[  579.773118][T10588] geneve2: entered promiscuous mode
[  579.778572][T10588] geneve2: entered allmulticast mode
[  579.788347][T10588] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  579.811412][   T29] audit: type=1326 audit(1738978160.453:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10586 comm="syz.5.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c0ff8cde9 code=0x7ffc0000
[  579.959954][   T29] audit: type=1326 audit(1738978160.453:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10586 comm="syz.5.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c0ff8cde9 code=0x7ffc0000
[  580.026704][   T29] audit: type=1326 audit(1738978160.453:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10592 comm="syz.5.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f3c0ffbf6a5 code=0x7ffc0000
[  581.053010][   T29] audit: type=1326 audit(1738978160.687:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10592 comm="syz.5.1056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f3c0ff8cde9 code=0x7ffc0000
[  587.285183][T10653] netlink: 60 bytes leftover after parsing attributes in process `syz.8.1077'.
[  589.342831][T10678] dccp_close: ABORT with 56 bytes unread
[  589.488037][ T5838] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  589.493010][   T29] audit: type=1804 audit(1738978169.639:147): pid=10683 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.1085" name="/newroot/244/bus/bus" dev="overlay" ino=1329 res=1 errno=0
[  590.033089][ T5838] usb 6-1: Using ep0 maxpacket: 16
[  590.043283][ T5838] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  590.078139][ T5838] usb 6-1: New USB device found, idVendor=05ac, idProduct=0272, bcdDevice= 0.40
[  590.099658][ T5838] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  590.125523][ T5838] usb 6-1: Product: syz
[  591.003070][ T5838] usb 6-1: Manufacturer: syz
[  591.008535][ T5838] usb 6-1: SerialNumber: syz
[  591.029461][ T5838] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/input/input32
[  591.240401][ T5182] bcm5974 6-1:1.0: could not read from device
[  591.240401][ T1207] usb 6-1: USB disconnect, device number 10
[  591.285052][ T5182] bcm5974 6-1:1.0: could not read from device
[  591.308051][ T7479] bcm5974 6-1:1.0: could not read from device
[  591.337964][ T5182] bcm5974 6-1:1.0: could not read from device
[  591.551219][ T5929] usb 9-1: new full-speed USB device number 7 using dummy_hcd
[  591.742131][ T5929] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  591.831977][ T5929] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  591.989906][ T5929] usb 9-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[  592.132933][ T5929] usb 9-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  592.256928][ T5929] usb 9-1: Manufacturer: syz
[  592.273757][ T5929] usb 9-1: config 0 descriptor??
[  593.809260][ T5929] cougar 0003:060B:700A.0008: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.8-1/input0
[  594.035813][   T25] usb 9-1: USB disconnect, device number 7
[  594.106331][T10714] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1095'.
[  595.512500][T10733] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1098'.
[  596.515220][T10734] smk_cipso_doi:677 remove rc = -2
[  596.521141][T10734] smk_cipso_doi:690 cipso add rc = -17
[  597.480247][  T974] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  599.614843][  T974] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  599.626594][  T974] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  599.638436][  T974] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  599.648555][  T974] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  599.750920][  T974] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  599.802881][  T974] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  599.881634][  T974] usb 9-1: config 0 descriptor??
[  601.089128][  T974] usbhid 9-1:0.0: can't add hid device: -71
[  601.095174][  T974] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  601.113126][  T974] usb 9-1: USB disconnect, device number 8
[  602.263430][T10776] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1113'.
[  605.522268][T10803] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  605.902732][   T46] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  606.155377][   T46] usb 2-1: Using ep0 maxpacket: 16
[  606.224629][   T46] usb 2-1: config 0 has an invalid interface number: 110 but max is 0
[  606.273240][   T46] usb 2-1: config 0 has no interface number 0
[  606.357780][   T46] usb 2-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=66.39
[  606.405368][   T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  606.429078][   T46] usb 2-1: Product: syz
[  606.452922][   T46] usb 2-1: Manufacturer: syz
[  606.464651][   T46] usb 2-1: SerialNumber: syz
[  606.784990][   T46] usb 2-1: config 0 descriptor??
[  606.800599][   T46] ftdi_sio 2-1:0.110: FTDI USB Serial Device converter detected
[  606.825869][   T46] ftdi_sio ttyUSB0: unknown device type: 0x6639
[  609.890529][   T46] usb 2-1: USB disconnect, device number 14
[  609.920740][   T46] ftdi_sio 2-1:0.110: device disconnected
[  609.992691][T10842] kvm: pic: single mode not supported
[  609.993006][T10842] kvm: pic: single mode not supported
[  609.998918][T10842] kvm: pic: single mode not supported
[  610.004505][T10842] kvm: pic: single mode not supported
[  610.009989][T10842] kvm: pic: single mode not supported
[  610.015556][T10842] kvm: pic: single mode not supported
[  610.021117][T10842] kvm: pic: single mode not supported
[  610.026680][T10842] kvm: pic: single mode not supported
[  610.032155][T10842] kvm: pic: single mode not supported
[  610.037664][T10842] kvm: pic: single mode not supported
[  616.548231][T10891] syz.5.1146 (10891): /proc/10887/oom_adj is deprecated, please use /proc/10887/oom_score_adj instead.
[  617.544065][T10906] devpts: called with bogus options
[  617.893089][ T5844] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  617.931951][ T6558] Bluetooth: (null): Invalid header checksum
[  617.982678][ T6558] Bluetooth: (null): Invalid header checksum
[  618.059928][ T6019] Bluetooth: (null): Invalid header checksum
[  618.062421][ T5844] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  618.085489][ T5844] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  618.092722][ T6019] Bluetooth: (null): Invalid header checksum
[  618.109364][ T5844] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  618.116630][ T6019] Bluetooth: (null): Invalid header checksum
[  618.123774][ T5844] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  618.131435][ T5844] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  618.192517][ T6019] Bluetooth: (null): Invalid header checksum
[  618.229349][T10905] lo speed is unknown, defaulting to 1000
[  618.243854][T10905] lo speed is unknown, defaulting to 1000
[  618.502727][T10910] syzkaller0: entered promiscuous mode
[  618.508258][T10910] syzkaller0: entered allmulticast mode
[  618.827426][ T3548] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  618.846630][ T3548] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  619.955968][T10924] netlink: 60 bytes leftover after parsing attributes in process `syz.8.1155'.
[  620.385300][ T5844] Bluetooth: hci1: command tx timeout
[  620.599771][ T3548] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  620.632429][ T3548] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  620.997192][ T3548] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  621.088207][ T3548] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  621.188139][T10905] chnl_net:caif_netlink_parms(): no params data found
[  621.428816][ T3548] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  621.463589][ T3548] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  621.533492][T10905] bridge0: port 1(bridge_slave_0) entered blocking state
[  621.547872][T10905] bridge0: port 1(bridge_slave_0) entered disabled state
[  621.555246][T10905] bridge_slave_0: entered allmulticast mode
[  621.563285][T10905] bridge_slave_0: entered promiscuous mode
[  621.575091][T10905] bridge0: port 2(bridge_slave_1) entered blocking state
[  621.582820][T10905] bridge0: port 2(bridge_slave_1) entered disabled state
[  621.590113][T10905] bridge_slave_1: entered allmulticast mode
[  621.597543][T10905] bridge_slave_1: entered promiscuous mode
[  621.667496][T10905] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  621.693346][T10905] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  621.779527][ T3548] bridge_slave_1: left allmulticast mode
[  621.797027][ T3548] bridge_slave_1: left promiscuous mode
[  621.812190][ T3548] bridge0: port 2(bridge_slave_1) entered disabled state
[  621.872027][ T3548] bridge_slave_0: left allmulticast mode
[  621.886005][ T3548] bridge_slave_0: left promiscuous mode
[  621.915737][ T3548] bridge0: port 1(bridge_slave_0) entered disabled state
[  623.377234][ T5844] Bluetooth: hci1: command tx timeout
[  623.723898][T10955] netlink: 60 bytes leftover after parsing attributes in process `syz.7.1163'.
[  624.590520][T10963] kvm: kvm [10958]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x790000f770
[  624.609677][T10963] kvm: kvm [10958]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x890000f7b4
[  624.681832][T10963] kvm: kvm [10958]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0xf10000f761
[  624.809934][T10963] kvm: kvm [10958]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x1480000f7f4
[  624.839088][T10963] kvm_intel: kvm [10958]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0x14d0000f7d6
[  624.850405][T10963] kvm_intel: kvm [10958]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0x1510000f7b6
[  737.659653][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  737.666669][    C0] rcu: 	1-...!: (0 ticks this GP) idle=21b4/1/0x4000000000000000 softirq=41290/41291 fqs=0
[  737.678226][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5823/1:b..l P25/1:b..l P12/1:b..l
[  737.688119][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=40985, q=166 ncpus=2)
[  737.695860][    C0] Sending NMI from CPU 0 to CPUs 1:
[  737.695905][    C1] NMI backtrace for cpu 1
[  737.695930][    C1] CPU: 1 UID: 0 PID: 10972 Comm: syz.7.1167 Not tainted 6.14.0-rc1-syzkaller-00181-g7ee983c850b4 #0
[  737.695947][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  737.695957][    C1] RIP: 0010:__asan_memset+0x31/0x50
[  737.695985][    C1] Code: 53 48 89 d3 41 89 f6 48 89 fd 48 8b 4c 24 18 48 89 d6 ba 01 00 00 00 e8 3d e6 ff ff 84 c0 74 12 48 89 ef 44 89 f6 48 89 da 5b <41> 5e 5d e9 f7 ae ca 09 31 c0 5b 41 5e 5d c3 cc cc cc cc 66 2e 0f
[  737.695997][    C1] RSP: 0018:ffffc90000a18cc0 EFLAGS: 00000002
[  737.696010][    C1] RAX: ffffffff8be9d301 RBX: 1ffff110170e58ea RCX: ffffffff8be9d390
[  737.696021][    C1] RDX: 0000000000000018 RSI: 0000000000000000 RDI: ffff888027737340
[  737.696030][    C1] RBP: ffff888027737340 R08: ffff888027737357 R09: 1ffff11004ee6e6a
[  737.696042][    C1] R10: dffffc0000000000 R11: ffffed1004ee6e6b R12: ffff8880b872c750
[  737.696053][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888027737340
[  737.696063][    C1] FS:  00007f44b497b6c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  737.696076][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  737.696085][    C1] CR2: 000020000002c000 CR3: 0000000031ce4000 CR4: 00000000003526f0
[  737.696098][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  737.696106][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  737.696115][    C1] Call Trace:
[  737.696122][    C1]  <NMI>
[  737.696129][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  737.696147][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  737.696167][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  737.696183][    C1]  ? nmi_handle+0x2a/0x5a0
[  737.696209][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  737.696224][    C1]  ? nmi_handle+0x14f/0x5a0
[  737.696243][    C1]  ? nmi_handle+0x2a/0x5a0
[  737.696263][    C1]  ? __asan_memset+0x31/0x50
[  737.696283][    C1]  ? default_do_nmi+0x63/0x160
[  737.696298][    C1]  ? exc_nmi+0x123/0x1f0
[  737.696312][    C1]  ? end_repeat_nmi+0xf/0x53
[  737.696335][    C1]  ? timerqueue_add+0x171/0x290
[  737.696348][    C1]  ? timerqueue_add+0x200/0x290
[  737.696361][    C1]  ? __asan_memset+0x31/0x50
[  737.696383][    C1]  ? __asan_memset+0x31/0x50
[  737.696404][    C1]  ? __asan_memset+0x31/0x50
[  737.696425][    C1]  </NMI>
[  737.696429][    C1]  <IRQ>
[  737.696435][    C1]  timerqueue_add+0x200/0x290
[  737.696449][    C1]  ? rcu_is_watching+0x15/0xb0
[  737.696470][    C1]  ? enqueue_hrtimer+0x14f/0x3c0
[  737.696510][    C1]  __hrtimer_run_queues+0x6cb/0xd30
[  737.696541][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  737.696563][    C1]  ? sched_clock+0x4a/0x70
[  737.696579][    C1]  ? read_tsc+0x9/0x20
[  737.696593][    C1]  ? ktime_get_update_offsets_now+0x38e/0x3b0
[  737.696615][    C1]  hrtimer_interrupt+0x403/0xa40
[  737.696647][    C1]  __sysvec_apic_timer_interrupt+0x110/0x420
[  737.696671][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  737.696691][    C1]  </IRQ>
[  737.696696][    C1]  <TASK>
[  737.696702][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  737.696724][    C1] RIP: 0010:finish_task_switch+0x1ea/0x870
[  737.696747][    C1] Code: c9 50 e8 79 09 0c 00 48 83 c4 08 4c 89 f7 e8 fd 39 00 00 e9 de 04 00 00 4c 89 f7 e8 90 0d 62 0a e8 cb 73 38 00 fb 48 8b 5d c0 <48> 8d bb 08 16 00 00 48 89 f8 48 c1 e8 03 49 be 00 00 00 00 00 fc
[  737.696760][    C1] RSP: 0018:ffffc90003c8f588 EFLAGS: 00000282
[  737.696773][    C1] RAX: 8f8206eca83e1c00 RBX: ffff888021b49e00 RCX: ffffffff9a3cd903
[  737.696784][    C1] RDX: dffffc0000000000 RSI: ffffffff8c0aa680 RDI: ffffffff8c5fb780
[  737.696808][    C1] RBP: ffffc90003c8f5d0 R08: ffffffff901a2c77 R09: 1ffffffff203458e
[  737.696819][    C1] R10: dffffc0000000000 R11: fffffbfff203458f R12: 1ffff110170e7ebe
[  737.696831][    C1] R13: dffffc0000000000 R14: ffff8880b863e7c0 R15: ffff8880b873f5f0
[  737.696850][    C1]  ? finish_task_switch+0x1e5/0x870
[  737.696874][    C1]  __schedule+0x18c4/0x4c40
[  737.696902][    C1]  ? __pfx___schedule+0x10/0x10
[  737.696921][    C1]  ? __pfx_lock_release+0x10/0x10
[  737.696946][    C1]  ? schedule+0x90/0x320
[  737.696963][    C1]  schedule+0x14b/0x320
[  737.696981][    C1]  schedule_timeout+0xb0/0x290
[  737.697007][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  737.697021][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  737.697044][    C1]  ? wait_for_completion+0x2fe/0x620
[  737.697062][    C1]  ? wait_for_completion+0x2fe/0x620
[  737.697096][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  737.697112][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  737.697131][    C1]  ? wait_for_completion+0x2fe/0x620
[  737.697151][    C1]  wait_for_completion+0x355/0x620
[  737.697170][    C1]  ? __smp_call_single_queue+0x11a/0x3a0
[  737.697198][    C1]  ? __pfx_wait_for_completion+0x10/0x10
[  737.697221][    C1]  ? smp_call_function_single_async+0xb4/0x110
[  737.697245][    C1]  rdmsr_safe_on_cpu+0x16c/0x310
[  737.697271][    C1]  ? __pfx_rdmsr_safe_on_cpu+0x10/0x10
[  737.697295][    C1]  ? __pfx___rdmsr_safe_on_cpu+0x10/0x10
[  737.697320][    C1]  ? __pfx_lock_release+0x10/0x10
[  737.697343][    C1]  ? __might_fault+0xaa/0x120
[  737.697366][    C1]  ? __might_fault+0xc6/0x120
[  737.697391][    C1]  msr_read+0x15d/0x260
[  737.697415][    C1]  ? __pfx_msr_read+0x10/0x10
[  737.697436][    C1]  ? __pfx_msr_read+0x10/0x10
[  737.697457][    C1]  ? rw_verify_area+0x1ed/0x630
[  737.697480][    C1]  ? vfs_read+0x161/0xb40
[  737.697501][    C1]  ? vfs_read+0x1e0/0xb40
[  737.697523][    C1]  ? __pfx_msr_read+0x10/0x10
[  737.697546][    C1]  vfs_read+0x1f8/0xb40
[  737.697572][    C1]  ? __pfx_vfs_read+0x10/0x10
[  737.697596][    C1]  ? __rcu_read_unlock+0xa1/0x110
[  737.697613][    C1]  ? __fget_files+0x2a/0x410
[  737.697634][    C1]  ? __fget_files+0x395/0x410
[  737.697653][    C1]  ? __fget_files+0x2a/0x410
[  737.697676][    C1]  ksys_read+0x18f/0x2b0
[  737.697690][    C1]  ? __pfx_ksys_read+0x10/0x10
[  737.697704][    C1]  ? do_syscall_64+0x100/0x230
[  737.697727][    C1]  ? do_syscall_64+0xb6/0x230
[  737.697748][    C1]  do_syscall_64+0xf3/0x230
[  737.697768][    C1]  ? clear_bhb_loop+0x35/0x90
[  737.697796][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  737.697817][    C1] RIP: 0033:0x7f44b3b8cde9
[  737.697834][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  737.697846][    C1] RSP: 002b:00007f44b497b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  737.697861][    C1] RAX: ffffffffffffffda RBX: 00007f44b3da5fa0 RCX: 00007f44b3b8cde9
[  737.697872][    C1] RDX: 0000000000018ff8 RSI: 0000200000019680 RDI: 0000000000000003
[  737.697882][    C1] RBP: 00007f44b3c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  737.697891][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  737.697900][    C1] R13: 0000000000000000 R14: 00007f44b3da5fa0 R15: 00007ffcd162b998
[  737.697917][    C1]  </TASK>
[  737.698900][    C0] task:kworker/u8:1    state:R  running task     stack:18872 pid:12    tgid:12    ppid:2      task_flags:0x4208060 flags:0x00004000
[  738.372035][    C0] Workqueue: bat_events batadv_nc_worker
[  738.377687][    C0] Call Trace:
[  738.380975][    C0]  <TASK>
[  738.383929][    C0]  __schedule+0x18bc/0x4c40
[  738.388480][    C0]  ? __pfx___schedule+0x10/0x10
[  738.393356][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  738.399365][    C0]  ? preempt_schedule_irq+0xf0/0x1c0
[  738.404672][    C0]  preempt_schedule_irq+0xfb/0x1c0
[  738.409848][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  738.415625][    C0]  irqentry_exit+0x5e/0x90
[  738.420086][    C0]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  738.425584][    C0] RIP: 0010:lock_acquire+0x264/0x550
[  738.430900][    C0] Code: 2b 00 74 08 4c 89 f7 e8 2a b5 88 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[  738.450521][    C0] RSP: 0000:ffffc90000117940 EFLAGS: 00000206
[  738.456605][    C0] RAX: 0000000000000001 RBX: 1ffff92000022f34 RCX: ffff88801c2864e8
[  738.464585][    C0] RDX: dffffc0000000000 RSI: ffffffff8c0ab8e0 RDI: ffffffff8c5fb780
[  738.472572][    C0] RBP: ffffc90000117aa0 R08: ffffffff942c6847 R09: 1ffffffff2858d08
[  738.480564][    C0] R10: dffffc0000000000 R11: fffffbfff2858d09 R12: 1ffff92000022f30
[  738.488553][    C0] R13: dffffc0000000000 R14: ffffc900001179a0 R15: 0000000000000246
[  738.496565][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  738.501611][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  738.506848][    C0]  ? batadv_nc_worker+0xcb/0x610
[  738.511814][    C0]  ? __pfx_lock_release+0x10/0x10
[  738.516873][    C0]  batadv_nc_worker+0xec/0x610
[  738.521650][    C0]  ? batadv_nc_worker+0xcb/0x610
[  738.526599][    C0]  ? batadv_nc_worker+0xcb/0x610
[  738.531549][    C0]  ? process_scheduled_works+0x976/0x1840
[  738.537286][    C0]  process_scheduled_works+0xa66/0x1840
[  738.542871][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  738.548903][    C0]  ? assign_work+0x364/0x3d0
[  738.553522][    C0]  worker_thread+0x870/0xd30
[  738.558231][    C0]  ? __kthread_parkme+0x169/0x1d0
[  738.563293][    C0]  ? __pfx_worker_thread+0x10/0x10
[  738.568432][    C0]  kthread+0x7a9/0x920
[  738.572521][    C0]  ? __pfx_kthread+0x10/0x10
[  738.577130][    C0]  ? __pfx_worker_thread+0x10/0x10
[  738.582260][    C0]  ? __pfx_kthread+0x10/0x10
[  738.586873][    C0]  ? __pfx_kthread+0x10/0x10
[  738.591502][    C0]  ? __pfx_kthread+0x10/0x10
[  738.596125][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  738.601343][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  738.606563][    C0]  ? __pfx_kthread+0x10/0x10
[  738.611174][    C0]  ret_from_fork+0x4b/0x80
[  738.615610][    C0]  ? __pfx_kthread+0x10/0x10
[  738.620229][    C0]  ret_from_fork_asm+0x1a/0x30
[  738.625020][    C0]  </TASK>
[  738.628053][    C0] task:kworker/1:0     state:R  running task     stack:21200 pid:25    tgid:25    ppid:2      task_flags:0x4208060 flags:0x00004000
[  738.641669][    C0] Workqueue: events delayed_vfree_work
[  738.647157][    C0] Call Trace:
[  738.650446][    C0]  <TASK>
[  738.653388][    C0]  __schedule+0x18bc/0x4c40
[  738.657930][    C0]  ? __pfx___schedule+0x10/0x10
[  738.662810][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  738.668827][    C0]  ? preempt_schedule_irq+0xf0/0x1c0
[  738.674174][    C0]  preempt_schedule_irq+0xfb/0x1c0
[  738.679311][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  738.685054][    C0]  ? finish_task_switch+0x1e5/0x870
[  738.690281][    C0]  irqentry_exit+0x5e/0x90
[  738.694715][    C0]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  738.700192][    C0] RIP: 0010:preempt_count_add+0x16/0x190
[  738.705838][    C0] Code: 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 41 57 41 56 53 89 fb 48 c7 c0 80 d9 3c 9a 48 c1 e8 03 <49> bf 00 00 00 00 00 fc ff df 42 0f b6 04 38 84 c0 0f 85 ed 00 00
[  738.725467][    C0] RSP: 0018:ffffc900001f75f0 EFLAGS: 00000a06
[  738.731548][    C0] RAX: 1ffffffff3479b30 RBX: 0000000000000001 RCX: ffffc900001f7d30
[  738.739535][    C0] RDX: dffffc0000000000 RSI: ffffffff81896a80 RDI: 0000000000000001
[  738.747525][    C0] RBP: ffffc900001f7718 R08: 0000000000000004 R09: ffffc900001f77d0
[  738.755509][    C0] R10: ffffc900001f7730 R11: ffffffff81ab1d60 R12: dffffc0000000000
[  738.763489][    C0] R13: ffffc900001f76e0 R14: ffffffff81896a80 R15: 0000000000000000
[  738.771477][    C0]  ? worker_thread+0x870/0xd30
[  738.776261][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  738.782434][    C0]  ? worker_thread+0x870/0xd30
[  738.787214][    C0]  ? worker_thread+0x870/0xd30
[  738.791987][    C0]  unwind_next_frame+0xb0/0x22d0
[  738.796955][    C0]  ? process_scheduled_works+0xa66/0x1840
[  738.802692][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  738.808893][    C0]  arch_stack_walk+0x11c/0x150
[  738.813694][    C0]  ? worker_thread+0x870/0xd30
[  738.818478][    C0]  stack_trace_save+0x118/0x1d0
[  738.823342][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  738.828736][    C0]  save_stack+0xfb/0x1f0
[  738.832990][    C0]  ? __pfx_save_stack+0x10/0x10
[  738.837853][    C0]  ? free_frozen_pages+0xe04/0x10e0
[  738.843068][    C0]  ? vfree+0x1c3/0x360
[  738.847152][    C0]  ? delayed_vfree_work+0x56/0x80
[  738.852189][    C0]  ? process_scheduled_works+0xa66/0x1840
[  738.857918][    C0]  ? worker_thread+0x870/0xd30
[  738.862709][    C0]  ? page_ext_get+0x20/0x2a0
[  738.867318][    C0]  __reset_page_owner+0x76/0x430
[  738.872269][    C0]  ? mod_memcg_page_state+0x531/0x800
[  738.877663][    C0]  ? mod_memcg_page_state+0x97/0x800
[  738.882976][    C0]  free_frozen_pages+0xe04/0x10e0
[  738.888031][    C0]  vfree+0x1c3/0x360
[  738.891956][    C0]  ? process_scheduled_works+0x976/0x1840
[  738.897687][    C0]  delayed_vfree_work+0x56/0x80
[  738.902554][    C0]  process_scheduled_works+0xa66/0x1840
[  738.908156][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  738.914158][    C0]  ? assign_work+0x364/0x3d0
[  738.918766][    C0]  worker_thread+0x870/0xd30
[  738.923383][    C0]  ? __kthread_parkme+0x169/0x1d0
[  738.928419][    C0]  ? __pfx_worker_thread+0x10/0x10
[  738.933547][    C0]  kthread+0x7a9/0x920
[  738.937633][    C0]  ? __pfx_kthread+0x10/0x10
[  738.942234][    C0]  ? __pfx_worker_thread+0x10/0x10
[  738.947351][    C0]  ? __pfx_kthread+0x10/0x10
[  738.951958][    C0]  ? __pfx_kthread+0x10/0x10
[  738.956566][    C0]  ? __pfx_kthread+0x10/0x10
[  738.961182][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  738.966394][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  738.971606][    C0]  ? __pfx_kthread+0x10/0x10
[  738.976214][    C0]  ret_from_fork+0x4b/0x80
[  738.980646][    C0]  ? __pfx_kthread+0x10/0x10
[  738.985252][    C0]  ret_from_fork_asm+0x1a/0x30
[  738.990079][    C0]  </TASK>
[  738.993111][    C0] task:syz-executor    state:R  running task     stack:20368 pid:5823  tgid:5823  ppid:5819   task_flags:0x400140 flags:0x00004000
[  739.006621][    C0] Call Trace:
[  739.009917][    C0]  <TASK>
[  739.012943][    C0]  __schedule+0x18bc/0x4c40
[  739.017504][    C0]  ? __pfx___schedule+0x10/0x10
[  739.022400][    C0]  ? mark_lock+0x9a/0x360
[  739.026771][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  739.032779][    C0]  ? preempt_schedule+0xe1/0xf0
[  739.037639][    C0]  preempt_schedule_common+0x84/0xd0
[  739.042949][    C0]  preempt_schedule+0xe1/0xf0
[  739.047640][    C0]  ? __pfx_preempt_schedule+0x10/0x10
[  739.053035][    C0]  preempt_schedule_thunk+0x1a/0x30
[  739.058257][    C0]  unwind_next_frame+0x18f8/0x22d0
[  739.063398][    C0]  ? do_ip6t_get_ctl+0x11eb/0x1820
[  739.068532][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  739.074703][    C0]  arch_stack_walk+0x11c/0x150
[  739.079497][    C0]  ? nf_getsockopt+0x299/0x2c0
[  739.084288][    C0]  stack_trace_save+0x118/0x1d0
[  739.089164][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  739.094576][    C0]  save_stack+0xfb/0x1f0
[  739.098843][    C0]  ? __pfx_save_stack+0x10/0x10
[  739.103731][    C0]  ? free_frozen_pages+0xe04/0x10e0
[  739.108983][    C0]  ? vfree+0x1c3/0x360
[  739.113079][    C0]  ? do_ip6t_get_ctl+0x11eb/0x1820
[  739.118219][    C0]  ? page_ext_get+0x20/0x2a0
[  739.122829][    C0]  __reset_page_owner+0x76/0x430
[  739.127780][    C0]  ? mod_memcg_page_state+0x531/0x800
[  739.133178][    C0]  ? mod_memcg_page_state+0x97/0x800
[  739.138492][    C0]  free_frozen_pages+0xe04/0x10e0
[  739.143550][    C0]  vfree+0x1c3/0x360
[  739.147471][    C0]  do_ip6t_get_ctl+0x11eb/0x1820
[  739.152432][    C0]  ? __pfx_do_ip6t_get_ctl+0x10/0x10
[  739.157751][    C0]  ? nf_getsockopt+0x248/0x2c0
[  739.162529][    C0]  ? __pfx_lock_release+0x10/0x10
[  739.167582][    C0]  ? rcu_is_watching+0x15/0xb0
[  739.172370][    C0]  ? trace_contention_end+0x3c/0x120
[  739.177677][    C0]  ? __mutex_lock+0x397/0x1010
[  739.182470][    C0]  ? __mutex_unlock_slowpath+0x227/0x800
[  739.188141][    C0]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  739.194148][    C0]  ? __might_fault+0xaa/0x120
[  739.198869][    C0]  ? __pfx_lock_release+0x10/0x10
[  739.203950][    C0]  nf_getsockopt+0x299/0x2c0
[  739.208560][    C0]  ipv6_getsockopt+0x23e/0x360
[  739.213348][    C0]  ? __pfx_ipv6_getsockopt+0x10/0x10
[  739.218658][    C0]  ? __pfx___might_resched+0x10/0x10
[  739.223969][    C0]  ? __might_fault+0xaa/0x120
[  739.228697][    C0]  tcp_getsockopt+0x163/0x1c0
[  739.233407][    C0]  ? __pfx_tcp_getsockopt+0x10/0x10
[  739.238628][    C0]  ? __might_fault+0xaa/0x120
[  739.243341][    C0]  ? sock_common_getsockopt+0x2e/0xb0
[  739.248739][    C0]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  739.254671][    C0]  do_sock_getsockopt+0x3c4/0x7e0
[  739.259731][    C0]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  739.265322][    C0]  __x64_sys_getsockopt+0x2a1/0x370
[  739.270555][    C0]  ? __pfx___x64_sys_getsockopt+0x10/0x10
[  739.276292][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  739.282642][    C0]  ? do_syscall_64+0xb6/0x230
[  739.287353][    C0]  do_syscall_64+0xf3/0x230
[  739.291877][    C0]  ? clear_bhb_loop+0x35/0x90
[  739.296581][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  739.302493][    C0] RIP: 0033:0x7f5eeef8eb2a
[  739.306920][    C0] RSP: 002b:00007ffebdabc578 EFLAGS: 00000216 ORIG_RAX: 0000000000000037
[  739.315369][    C0] RAX: ffffffffffffffda RBX: 00007ffebdabc600 RCX: 00007f5eeef8eb2a
[  739.323353][    C0] RDX: 0000000000000041 RSI: 0000000000000029 RDI: 0000000000000003
[  739.331333][    C0] RBP: 0000000000000003 R08: 00007ffebdabc59c R09: 0079746972756365
[  739.339319][    C0] R10: 00007ffebdabc600 R11: 0000000000000216 R12: 00007f5eef178340
[  739.347311][    C0] R13: 00007ffebdabc59c R14: 0000000000000000 R15: 00007f5eef179e40
[  739.355320][    C0]  </TASK>
[  739.358355][    C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g40985 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  739.369559][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  739.379541][    C0] rcu: RCU grace-period kthread stack dump:
[  739.385438][    C0] task:rcu_preempt     state:R  running task     stack:26104 pid:17    tgid:17    ppid:2      task_flags:0x208040 flags:0x00004000
[  739.398970][    C0] Call Trace:
[  739.402260][    C0]  <TASK>
[  739.405206][    C0]  __schedule+0x18bc/0x4c40
[  739.409737][    C0]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  739.415672][    C0]  ? __pfx___schedule+0x10/0x10
[  739.420577][    C0]  ? __pfx_lock_release+0x10/0x10
[  739.425623][    C0]  ? __pfx___mod_timer+0x10/0x10
[  739.430608][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  739.436971][    C0]  ? schedule+0x90/0x320
[  739.441234][    C0]  schedule+0x14b/0x320
[  739.445410][    C0]  schedule_timeout+0x15a/0x290
[  739.450274][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  739.455666][    C0]  ? __pfx_process_timeout+0x10/0x10
[  739.460993][    C0]  ? prepare_to_swait_event+0x330/0x350
[  739.466561][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  739.471777][    C0]  rcu_gp_fqs_loop+0x2df/0x1330
[  739.476659][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  739.481888][    C0]  ? rcu_gp_init+0x1256/0x1630
[  739.486694][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[  739.491648][    C0]  ? __pfx_rcu_watching_snap_save+0x10/0x10
[  739.497572][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  739.502895][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  739.508830][    C0]  ? finish_swait+0xd4/0x1e0
[  739.513452][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  739.518679][    C0]  rcu_gp_kthread+0xa7/0x3b0
[  739.523299][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  739.528535][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  739.534453][    C0]  ? __kthread_parkme+0x169/0x1d0
[  739.539509][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  739.544738][    C0]  kthread+0x7a9/0x920
[  739.548830][    C0]  ? __pfx_kthread+0x10/0x10
[  739.553473][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  739.558693][    C0]  ? __pfx_kthread+0x10/0x10
[  739.563304][    C0]  ? __pfx_kthread+0x10/0x10
[  739.567931][    C0]  ? __pfx_kthread+0x10/0x10
[  739.572542][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  739.577757][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  739.582969][    C0]  ? __pfx_kthread+0x10/0x10
[  739.587668][    C0]  ret_from_fork+0x4b/0x80
[  739.592124][    C0]  ? __pfx_kthread+0x10/0x10
[  739.596732][    C0]  ret_from_fork_asm+0x1a/0x30
[  739.601522][    C0]  </TASK>
[  739.604548][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  739.610880][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.14.0-rc1-syzkaller-00181-g7ee983c850b4 #0
[  739.621306][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  739.631385][    C0] RIP: 0010:acpi_safe_halt+0x21/0x30
[  739.636733][    C0] Code: 90 90 90 90 90 90 90 90 90 65 48 8b 04 25 00 d5 03 00 48 f7 00 08 00 00 00 75 10 66 90 0f 00 2d 45 16 7b 00 f3 0f 1e fa fb f4 <fa> c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90
[  739.656352][    C0] RSP: 0018:ffffffff8e607ca8 EFLAGS: 00000246
[  739.662432][    C0] RAX: ffffffff8e696580 RBX: ffff88801dea4864 RCX: 0000000000959299
[  739.670413][    C0] RDX: 0000000000000001 RSI: ffff88801dea4800 RDI: ffff88801dea4864
[  739.678400][    C0] RBP: 000000000003a938 R08: ffff8880b863799b R09: 1ffff110170c6f33
[  739.686385][    C0] R10: dffffc0000000000 R11: ffffffff8bee2b50 R12: ffff888144a84800
[  739.694369][    C0] R13: 0000000000000001 R14: 0000000000000001 R15: ffffffff8f11e320
[  739.702349][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  739.711289][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  739.717894][    C0] CR2: 0000001b3140fff8 CR3: 0000000031ce4000 CR4: 00000000003526f0
[  739.725880][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  739.733866][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  739.741850][    C0] Call Trace:
[  739.745145][    C0]  <IRQ>
[  739.748006][    C0]  ? rcu_check_gp_kthread_starvation+0x278/0x310
[  739.754380][    C0]  ? print_other_cpu_stall+0x1481/0x15c0
[  739.760051][    C0]  ? __pfx_print_other_cpu_stall+0x10/0x10
[  739.765893][    C0]  ? timekeeping_advance+0x5e8/0x770
[  739.771209][    C0]  ? kvm_check_and_clear_guest_paused+0x6a/0xd0
[  739.777481][    C0]  ? rcu_sched_clock_irq+0xa26/0x10e0
[  739.782878][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[  739.788550][    C0]  ? update_process_times+0x242/0x2f0
[  739.793939][    C0]  ? tick_nohz_handler+0x37c/0x500
[  739.799071][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[  739.804564][    C0]  ? __hrtimer_run_queues+0x551/0xd30
[  739.809998][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  739.815791][    C0]  ? read_tsc+0x9/0x20
[  739.819896][    C0]  ? ktime_get_update_offsets_now+0x38e/0x3b0
[  739.826006][    C0]  ? hrtimer_interrupt+0x403/0xa40
[  739.831160][    C0]  ? __sysvec_apic_timer_interrupt+0x110/0x420
[  739.837336][    C0]  ? sysvec_apic_timer_interrupt+0xa1/0xc0
[  739.843153][    C0]  </IRQ>
[  739.846107][    C0]  <TASK>
[  739.849056][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  739.855244][    C0]  ? __pfx_acpi_idle_enter+0x10/0x10
[  739.860568][    C0]  ? acpi_safe_halt+0x21/0x30
[  739.865263][    C0]  acpi_idle_enter+0xe4/0x140
[  739.869968][    C0]  cpuidle_enter_state+0x109/0x470
[  739.875105][    C0]  ? __pfx_menu_select+0x10/0x10
[  739.880065][    C0]  cpuidle_enter+0x5d/0xa0
[  739.884534][    C0]  do_idle+0x372/0x5c0
[  739.888639][    C0]  ? __pfx_do_idle+0x10/0x10
[  739.893245][    C0]  ? rest_init+0x31/0x300
[  739.897599][    C0]  ? do_idle+0x5/0x5c0
[  739.901688][    C0]  ? rest_init+0x31/0x300
[  739.906033][    C0]  cpu_startup_entry+0x42/0x60
[  739.910812][    C0]  rest_init+0x2dc/0x300
[  739.915069][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  739.920650][    C0]  start_kernel+0x484/0x510
[  739.925190][    C0]  x86_64_start_reservations+0x2a/0x30
[  739.930675][    C0]  x86_64_start_kernel+0x9f/0xa0
[  739.935637][    C0]  common_startup_64+0x13e/0x147
[  739.940610][    C0]  </TASK>