last executing test programs:

17.218886239s ago: executing program 3 (id=2018):
syz_open_dev$radio(&(0x7f0000000140), 0x1, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x9, 0x81, 0x3, 0xffffffff, 0x116, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x181480, 0x0)
r1 = socket$inet(0xa, 0x801, 0x84)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r3, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r4, 0x0, 0x0, 0x30, 0x0, @in={0x1b, 0x0, @local}, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}}}}, 0x118)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {&(0x7f00000006c0), r4}}, 0x18)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x44, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r1, 0x8000)
r5 = accept4(r1, 0x0, 0x0, 0x0)
sendto$inet(r5, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f0000000100)={0x3}, 0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, 0x0, 0x0)
sendto$inet(r5, &(0x7f0000000300)="b3", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x1}, 0x8)
socket$nl_route(0x10, 0x3, 0x0)

16.063467434s ago: executing program 2 (id=2021):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x20682)
r1 = dup(r0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
listen(0xffffffffffffffff, 0x0)
r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r5, 0x40046f41, 0x20000502)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x2, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r7}, 0x10)
r8 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0xc0842)
r9 = dup(r8)
ioctl$USBDEVFS_CONTROL(r9, 0xc0185500, &(0x7f0000000240)={0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$ITER_CREATE(0x21, &(0x7f0000000440)={r1}, 0x8)
write(r6, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000000)={0x0, 0x3, 0x1, 0x0, 0x0, 0xfa5, 0x0})

15.55808606s ago: executing program 0 (id=2022):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$l2tp6(0xa, 0x2, 0x73)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000005000100070000000900020073797a30000000001400078008001240000000000500150004000000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000680)=ANY=[@ANYBLOB="90000000090605000000000000000000010000b13b00020073797a3000000000540008801c0007801800018014000240fe8000000000000000000000000000bb0c00078008001a"], 0x90}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
bind$l2tp6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@const={0x0, 0x0, 0x0, 0x9}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @restrict={0x0, 0x0, 0x0, 0xb, 0x3}]}}, 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
connect$l2tp6(r3, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000340)=ANY=[], 0x10)
getdents(0xffffffffffffffff, &(0x7f0000000040)=""/183, 0xb7)
r6 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r6, 0x0, 0x0)
connect$pptp(r6, &(0x7f0000000040)={0x18, 0x2, {0x0, @empty}}, 0x1e)
getdents64(0xffffffffffffffff, &(0x7f0000000280)=""/32, 0x68)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty, 0x3a00}, 0x1c, 0x0}}], 0x17fd147c801ae9ab, 0x0)
r7 = syz_open_dev$usbfs(&(0x7f0000000000), 0x76, 0x101b01)
openat$vmci(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$USBDEVFS_SETINTERFACE(r7, 0x41045508, &(0x7f0000000040))
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)

15.334669715s ago: executing program 3 (id=2023):
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00')
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, 0x0, &(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x100000}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b39090987f70e06d038e7ff7fc6e5539b0d650e8b089b3f3b006d090890e0878f0e1ac6e7049b336d959b6c9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074b0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffe}}, 0x10)
socket$netlink(0x10, 0x3, 0x4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0x45, &(0x7f0000000300)='c\xa7\xcf0up\x00\xf6]\a\xf2\x1cd\xad\x00\xcf\xfd\x9f\xceG\xc9\x88\xc2\x86\xb4\x13\xb5\xaf>\xff2l\x95U\b\xb3\xa0\xd3\xe8[N\x0f2\xd3\x85\xcb\xbf`Dpf]\xaa\x8b3\t\x8a\xf5\xfe\x9a\xb1\xef\x90\xea\v\xa2U\xd2/'}, 0x30)
r6 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
sendfile(r6, r6, 0x0, 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)

12.991619395s ago: executing program 0 (id=2024):
getpgid(0xffffffffffffffff)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x4, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000005c0)=ANY=[@ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB="3600a0c264b0befa36"], 0x6c)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet(0x2, 0x802, 0x1)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
read$FUSE(r2, &(0x7f0000000540)={0x2020}, 0x2020)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000003b000701000000000ce2aa66027c00000400000014000180066ea6d0"], 0x2c}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r1, &(0x7f0000000100)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x81)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card1/oss_mixer\x00', 0x80400, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000000000/0x400000)=nil, 0x800000})

12.890155876s ago: executing program 2 (id=2026):
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x5, &(0x7f0000fcb000), 0x4)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f0000000000)="17000000020001000003be8c5e687a8a6a003300020100ecff3f0000000300c1a03cf4646bbed85d87000a0001000098fc5a53d3f5b7e4a96c6b06169da9c0f8d9485bbb6a880a00243c5197b29f9368bdd6c8db0000dba67e060000", 0x5c)
pipe(&(0x7f0000001800)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58)
write$FUSE_INIT(r1, &(0x7f0000000200)={0x50, 0x0, 0x0, {0x7, 0x29, 0x19f, 0x84806, 0x0, 0x4, 0x9}}, 0x50)
syz_open_dev$usbfs(0x0, 0x1ff, 0xc0842)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f00000001c0)={0x2, 0x0, 0x0, 0x0, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, 0x0)
r5 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
r6 = syz_open_dev$amidi(&(0x7f0000000140), 0x3, 0x181)
r7 = memfd_create(&(0x7f0000000200)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05', 0x0)
ftruncate(r7, 0x80079a0)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r7, 0x0)
r8 = accept4$alg(r2, 0x0, 0x0, 0x80800)
splice(r8, 0x0, r8, 0x0, 0x3, 0x0)
fanotify_init(0x4, 0x0)
r9 = syz_usb_connect(0x3, 0x24, &(0x7f0000000100)=ANY=[@ANYRES8, @ANYRES64, @ANYRESDEC=r6, @ANYRES64=r5, @ANYRESDEC=r6], 0x0)
syz_usb_control_io$cdc_ncm(r9, 0x0, 0x0)

11.864328349s ago: executing program 0 (id=2027):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
dup(r1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000540)={'vcan0\x00', <r6=>0x0})
bind$packet(r5, &(0x7f0000001640)={0x11, 0x18, r6, 0x1, 0x3, 0x6, @local}, 0x14)
setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0xffffffff}, 0x1c)
userfaultfd(0x801)
r7 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r7, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
close(r7)
r8 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_G_FMT(r8, 0xc0d05604, &(0x7f0000000040)={0xa})

11.837275811s ago: executing program 4 (id=2028):
unshare(0x600)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
fsopen(&(0x7f0000000040)='afs\x00', 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r2 = socket(0x40000000015, 0x5, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000240)={&(0x7f0000002380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWSETELEM={0x157c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x5, 0x0, 0x5}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1534, 0x3, 0x0, 0x1, [{0x4}, {0x60, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPR={0x10, 0x7, 0x0, 0x1, @payload={{0xc}, @void}}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x99ff}, @NFTA_SET_ELEM_EXPR={0x40, 0x7, 0x0, 0x1, @nat={{0x8}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_NAT_FLAGS={0x8, 0x7, 0x1, 0x0, 0x21}, @NFTA_NAT_REG_PROTO_MIN={0x8, 0x5, 0x1, 0x0, 0xe}, @NFTA_NAT_REG_PROTO_MIN={0x8, 0x5, 0x1, 0x0, 0x15}, @NFTA_NAT_TYPE={0x8}, @NFTA_NAT_TYPE={0x8}]}}}]}, {0x1bc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x94, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x7d, 0x1, "2128cc46b0667be8bb05092fdd30a357cf8d7c8f4bec3e43a40d3414d57c2eb272733a44033befe246e0d8ea6cfa278c671400878de9f7b94e4583b67959b7a5cb35e65c7ff4b955a5476a87fdc42fdf4516b7d45420ab988c269a01bc3039e9a5cb54d33d2b0d30e310b34b31627a92f0b9a9f5b017dc1f8a"}, @NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}]}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}, @NFTA_SET_ELEM_USERDATA={0xdf, 0x6, 0x1, 0x0, "4e63c36333524709b3f123d105ec63f59470979ff41a15eb420da96adeade4a070ffb33c8329dc56bb43b3e31e121c752f4111069e8ddf77dfe70fa2442861e9b0c580ac3165daeb02a14a41ba97b309414182f5e9daef726f5d12ea94f4ab7e8e6a7a759766ada926b806ef2bee5fda4ffffabf9bcd426cc923d7dbf8920bef752096f22e70f057c5d5dfa5ab8497e921a5894c1daff66c4f46dd1cce6b082ea0d03893780a6424069762f56404db7d5e9c14a1d325474efb39111b98ec6369b050523cd796da50104a221ba98b2e4e283a7a49a5a153a6a5514e"}, @NFTA_SET_ELEM_EXPRESSIONS={0x38, 0xb, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}]}, {0x1290, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY_END={0x26c, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x54, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8}]}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFTA_DATA_VERDICT={0x4}, @NFTA_DATA_VALUE={0xec, 0x1, "e9835685f02d94016b3b5ab7fd0935a8940f4e1600b87e5dec910c5640370e8897408b1f4fe87f46acf1cbda2e3150be868ca51093ed8aa9ea4402edf42ac9e7d4725fb4ec8b5e97f40b4a50537c07adb073d60b2c71c7343a5dda04d305acce4eda42c38c8abf8bb3f32553a935f6a1dccb68406f6c66e50a276afa0425b6f1ee72430c17c18b6ec3dcc3d28f4c897115526040744d69daf40b36d361d9beed549946042894a66a54e1db3bd404b805dace30fb52781b9bf3d4c429bb880fdc854ae7936d434de17ccba1f8a3f676643557cccd8c96d1abe46711e49fee6a5886daa66f03a37639"}, @NFTA_DATA_VERDICT={0x50, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}, @NFTA_DATA_VERDICT={0x14, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}]}, @NFTA_DATA_VERDICT={0x54, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x3ea795bf67a1e9af}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VERDICT={0x60, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x6}]}]}, @NFTA_SET_ELEM_KEY={0x1008, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x1004, 0x1, "b9ba66420386a14e4fde656b8d3fd3d6f28cd98bc73d4209deef36f8a9a4d4803a0276f43f62aa9786fbb2a7087e59b58bdb6a5fa604736d180af7f636ca8ad45880f5d603cc272fcc93655ac8d7d2e8887cebe8d9f32cca0bfaf348a9dab659f6b12fae33551debbfaae8ad492bdc7f015826fd5749f90843cce04ffa5e6fe844d376e95454330c16ebeba3a301d0d8318c61e13fa4d5b535b8d3220b4d72d7bcbb58d37e48cca040a3e52f8ec8af56730dfb37f7d7d7de4b89caa0fc4b104fcb19e0235c963e5e0411632f46dd049ef89885d6d74079adbce2aa826679217f70abde9f25b8cf35606b3b257c0c61147e12b80ce53f66f8cf2b2a482fdd1beb1f2e2e445c8c5b23716eb49e7b36da6df57c8df68e8df7b7a1af1ed9b9f719c7e128603b64862a97a325f35f8d500e2861153e4bf9f7678466b6f7051f23194d894f0525e7b5e0f9b7ff9d653a84ab079ffa7999cc79315c869960f1f19983b74f9a618bd6434bb3a5b26af6ec2013758ef128019d929d4bbbdfef92e8099739b370d86f9004c68d41ec2218a4e231c6a52c8e7fac65e971ef3f061d28876dcd2806795b2343aa33ca213a6e5241644422ddf91613ed2409768d7db5f9fc7531bf0c06efd641bbf2289a43fb09752a745ac914c46e7f29d3c4b787d0feb3d43648dccef303f765e36add35799751a4d08103f319e32db8e6fb4111848f268ea33587d73e253efe4ab2dc3aebaf946531de4e60fb9be61d0dd2b429340b252328a178d7c6c38bd50355f7a4d0c6fe0aeaa1ad476b3b4a0c530f3c174035eedbfb8cc4c5861014fb296e3f796d3a001bdd80c986db901cb40ba13eba48d1e49c64c2063c7d1f6ec8803aec05ee30c46f7543292528c8194d2aa2dbab139bc0a04e7805e66863482a23476e86f81041be22151ecf7e740471de9838e259e22eb689479b02914bd495b6045599cef5fb70f64a13ef524e500db62ebe6ae448099b5af6528b2c6b30d9e3b45f3bc7e1d67b768ae60a5e39cf4afebf08ea3e5a785e6e47d0b36919a18b40bfaf5b2ad2ce8b06c3aabe0d98d9ac9b9c3eff40c60929608bd9d77161b0cef889e171a04c3e7d02b030bece15fc1d4ad37c7c3636bfe4314bbf72bd92da45211e35e470120fc31bc1274eaf063d3992e5007a0b49e77d7b967f4d6c230a806dbe4b62934c9603590d44d0aac6760dca559888a94b56ec3b0caf0ee367eb40257a56dd357fab5191e14ffdcb0a17266a2f59c5bee54a8b519da4648aaff3b0f050963b3864a9e80163b650e05fcbcd91da3f73a61c2a8e48721a44b73454fd28de359d1cdd8e355684c134cf0b7c301c4f64468a6878b2c090ac9fc6969a03b36898b456045c7e2a4c1f5329be097c94c2a4f123d178102fe662569b62ff5d8bebe1218e208b3e039ad64f60ce02127b7fc6cd84b23f9cb30d3c05e250420d77bcd6ad52822b4e4b3e84efea5f86ba448607976a9dc1703c0fb7209510d1ef45e5177886ab61343efa5f83e13dbcae09d8a506e223e6460cf88f1a52a66c20a36f1a79115cedb8ff7f8998309adcf17bafcfd0f1badb3938e1e583f5e8c5c1c0a78f84373eb088ca896caaaac985f812daa38ae95ba2d4f309b915c056e01a7c61d42a8bbdf0352dffe40fa0d5bc46c02c67d670273fa575c6293d60f55bf53bd054acada738080f11f8f6d4d3e85f9f67987e6f007af2f75dc03e543ed3fd6b085453774fd8edf6eab6d467dfe4c4a68e14ac4f16a4aaf72f3287b771e92dc302499c0265909b254db6e1caa0d3ddf5c4cd3b04bcd715869f9d689b3464b817d01995c27f2335e6c7fc8f54335ef83c3527baf65c1d85449dcab15b1b38696ea4c1cf78411838fa231a1659655ad0af4ecf56d2fe09cf7c0faec89c83c9fc6db934d0d8b0afec09b6b79db32c5307bce26f5b401a864e43d856fbfae168d57b5c20701d2f37ddea699fb498f2060f943d24c5bbf622e1d38afc2a3c840ea61748be139cf91ebe951a58681cfd8f72ff7cdbe073733b6bccad4c5133aa552a040b8ffb23062a99b3b997d303d702264ad458fdf804937314be20dc5dbf140ed9f545cefd1a510cd4465a8b486c643d2cc5ce1338c2db2a8a9a4e40845b90d4153dc94d10f9ffa60ead8012e7833f7a070275f0b92df3d80e3f926d151e9dfcbb2b61e91892f22e9947d46c73176580077c17a4fd3b31e3c69266c226ef361161d4ea7dbf52db47d163f1f3706497cc2c1395e5a1f151481e5d79b57859c2e5bb906f5e765d3d0d6a535e0e979f96447c3486b883184c63f946bc9aedf53acbc4938fc2dd6b69d18dc8c7415a809bad5b83f48b0dde9f74eca28a35c469e24bf4acb5aa711c2b61dc320dde67f832187fbd4ea03783402bb72535ab0f881e33e11af5ed3c612b3aea56457deb0f9cd1d9d4db80b5fe40637a983c8dbcc898c2cdda59903ca88c5efd8169caa5e2b826e87d802f29a0ee44168e5c1ae22887e09f01ef5ad029f708296fa9ef1540a151017c143a744f9e746d37eae00742797a4b5caf2397f13503ea06356641fe7d3d6454a9d0ea9385e98c5a8529aa4714d1895bcf8ef3d52827cd7c67cea20ab4dda076803a9463fdd27704eba96559915acf75b0974a328c7796d43e43564c36b8a988cb741b4e73c3ad08bbf943fb57ad1596c94937a64d332af6d611cd4cee7601eb4d851efbf0ae6f5779235c92ea0a511d526ccc26169a9707b8e49a1f3a9199c40287a87aeca7708afbaa6130f5a0d1b38d2751e66f4ae16ec2e8d76390db1551753607c2b06f124151405e54e4172ef945f8b0eddb2bcc1a4dd57fc3d72dfff19f14875f8a5fe8faaba54fb489d06fa6911d28485e845f6ef67818719a875c7be163cd0b94c4b576c0dd9a6a6aa65d907837409fe9512e040beeb80a68c44fa35aa8282a644ac10be39326550c5733aa22a7eb3b9f5930e6e6ce950f844196576f0750ceffb3c11cbcec2932dfc91a6ac39033930a0c7ff717d22da4d3995d456569c53e0b9bb628415462f349f2e40b72e4060d7d0d0b81742f11a87c5e292d3ac685688913c691b8fc00045e4f4aeb690cd8fa43c212604be988f35f161de703f45d1e6e35f711bd313d5d04f522092279e5e68857facf999249f77572d4586c103f9e4969909e08b0dd122e556ea41452a171943d37da83acc1fa02409a228453d75061c8cd564f123f620eccd9b59c1030b2c06692f5d8139e82cd088dbd47c8a0687315aa9419060136a57ca152681ec5f9467f1afbf4acec363b437b39112d35810263ea6a91c8b650cd369ea8339650b48862cc2ad58876df7bf4d4b3d94b47da80b5e88d01c8f61cf0244386b13f3048d629236b0bd12ccb83e0452ea437e0d20877446ad81f14a61f1ef60d69fd5bfa41f5a1ec8e8352e031ae478edc5c778bf7096791aa1f76267906baf8bb2e9cad90578f2e605a07b4e1fec5ca25fe70d6ccbac6fd0ab1421a4e2f8ccd7f4e26ea95050a3655137e7415ae7eee7d3dc758a9355fb6c9dc8ea1a58a089da2a3b78dd2745f67afd6fccb882f40bb2a324e921f0395b0fddf3eab04535ded8e5179eeeaf9cf863be93179f4a890db3c448b1d5a31f18da03a4394239ebc1ae598af10b255846c7df16a9211bace168870e1766958c16b3b5301d14d693cc031c11b11accf7d3840118b8e7dcd273dbdbbf6da14705c78d0253dffafea9b65d00194a65edf23df061a3991a34c9f25ea7f4bc50c8ca0e348a53c9671e171bd66e5d6c924367c4f5890297d6a6fc251b59127c04503008580b5d85f3764586935c79817e528f04d5f402ffa68105e29000cfc9c6152734c1a8a8de67dfc69895b59927be24cb2ded0375516b3ac75f237448c31854c2d4b8bb707c867f9b9f0d3844b4566b5b7d4e5da850bffceb74364270c40a199061763afda5b1bd31baac8032d91543164e09a85d39ec1223a60e1ec6fe824e20a8db87846366e16b1b355222a147455018a20ea31b807f7f7292b2437f87943f38d1d5a0398e77f5fe26929e176b4a0334417fd4d0311e88bc11409117dda7a25cc4a7f739a5a5782c44eee6db741a666348b6fa70a083ca8e32e716a07bc08743de50750de0e459f0843af7991452687949035dc78daed1a82eb9b66d92c0fa10d180ee1f7b30818f6e70646b022122ed60df69454540c1831b57da118ccceb5f215565d1f1fab970f693154d3c684bd7f1d475510c6c32b0dc03c2b9af326b68bfde4de7535aabadeef923fce272739bccedd973876ae87954c4b10424fcd4662f35b01ff11bac7737101d59c9831c767726a63bc59e19e40a839d9f94b1b2f6f92dd9f22cd4defb9ae07d704ed2e1860a037ec5ce4ec042ff01d7bd44ad30bca67af8bd7430f959acce2b2096dd9aaa2631a268bc8283b8a14b7bb017a4951302456a852566fd51a128df8fc76aa0160b57cf96742eb32bf08d90bc7e83234076ece03caa9c5578d7cdd811d5c4075f12e4f9a6299dc5b27782525e2ea0692c3e791062ae216ae4b4407ad13a8aa47e11ea39d5fc4db46d5b1dee15a217e8afefb4af6433eef72e833492400f8f0adbb0c4fe7016cbed0818fb5f66160666806255adec7f2388191f297054fd16f760e1b276249e5f8fb6f70175284d228acb971a73dcf9cce17bd5de562f66b3f1ba5a22256690f6fe4c77f6e9d36ef0c7de2f1ff51e1b8c26af9993ab4bc45fef9ffa7e8f353ce423f27fe3b385c501b7aa317a7ff53569eddd7b33c62e18901a7f1a5ecba8ba6fa53fac1d92353a274f10e523d75425ee4d2038d42481032de2aebb6f8f46a7491d0b60681761cde8137b9d9fcb2677ef49e88e233ed7f1ce9bd55f2a0860ac2a1ee83b2b3d6fa6150ce924c31e881e1f9bec5515a9bd9831d4baac0349418126ed8c2555584878dce769260923ef8b6479f94c41f95220188b3156ea355ff7fe7d2a0599d50e0096c2d92c35c2ef5460bc6143009463b88e7faf83b02d2b8b50cba6d2d5970325e727d8e1dfd1e1652fdefe376b6c8749600febab005fb91dcb400cd3bfffe2ec4203131fb00427515a67f4ef8d44263bbac8c9a2a471017a4e3d02b35c5d5a7e3fc89f6e4855d29fe88212fb93d0a5f848ad74981afdf7501de342a23c47fb1aed0639b4ca6ebcb466d6ec4fb9676bc846adb6379b6f9ce23fd247b3c673b942b614ebcc9561ac2b7644b7fbede86634bf7e1d7f0c558965482248fa55d08375328b424047d77c91a583bbb6564bc43d40bf231ac73bdb1a91d83d37c0d5b1523d54d6f016886eb87e888ea504e52fb318e2f2c0e5afa81e3e907a86ecfe67d54358f21e3726dfec4d7754e7ddabbad217e5e5ce25dbfc8d2a2323f3a56ec31421babe18a412cb4cf6358fe74da6c19dda6539c32bb5ce3f198d3a0c15810e9f321fffa05a7493a804e9d331660fff61e71dc3e80e301ae34e6280e03ef35a2c923b2b1f5080f024f2575c2c33b14a617590ba51e46cf4322f9f891460cc2dc87314349f0be7f7c44199b910f85baeaf1ca7506bea310fb3a2a35ed3399cd65c8014ccd62ca97b2918ef7beb6f12381922460f5a4bcaae805f78b49baf73bd67fc59af97ff019ae34315ad8cc073e9139fb195911be091ec46d52fc9489b75eb7c51a456f21b51c957b211015c51d8df44dc10467f6d2fa7c579f8f6bc66b317c69480829c0c178758271e9db5c4f0367118b81c26a7c309fb35a270153d51cfdef10aa8dcbdea0c190678499d5306f4e8dc56b151e5a3f22a726ad54f862fae75338"}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x690e}, @NFTA_SET_ELEM_EXPIRATION={0xc}]}, {0x28, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_TIMEOUT={0xc}]}, {0x30, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x1400000000}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x9}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}, {0x28, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x4}]}]}]}, @NFT_MSG_DELTABLE={0xa8, 0x2, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFTA_TABLE_USERDATA={0x30, 0x6, "72f5416b691bb14a1e4c4261472498c64865789a671ff487fc2b2e5068490624e1c648b5a28ac7b2ba583fe8"}, @NFTA_TABLE_USERDATA={0x4a, 0x6, "75e86c861a7fd9017bd2a27e65dd99f0ea2a830dee1cff8b79b7d541cdb348a95623369b7ef4eee3dbe4e98263d98d75fe41ceb1e4203dfc38e8a14f098895b4b12daddbe3a8"}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x4}, @NFT_OBJECT_SYNPROXY=@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x5}}, @NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x9}}, @NFT_MSG_NEWTABLE={0x34, 0x0, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x5}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELFLOWTABLE={0xe4, 0x18, 0xa, 0x301, 0x0, 0x0, {0x3, 0x0, 0x9}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HOOK={0xa8, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x48}, @NFTA_FLOWTABLE_HOOK_DEVS={0x7c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wg1\x00'}, {0x14, 0x1, 'bridge_slave_1\x00'}, {0x14, 0x1, 'vlan0\x00'}, {0x14, 0x1, 'veth0\x00'}, {0x14, 0x1, 'xfrm0\x00'}, {0x14, 0x1, 'syz_tun\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x4}, @NFTA_FLOWTABLE_HOOK_DEVS={0x4}]}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELSET={0x14, 0xb, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x4}}, @NFT_MSG_DELOBJ={0x38, 0x14, 0xa, 0x3, 0x0, 0x0, {0x1, 0x0, 0xa}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x5}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x17e4}, 0x1, 0x0, 0x0, 0x8800}, 0x4000801)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x60, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x1000}, [@CTA_TUPLE_ORIG={0x18, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x18, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x80000000}, @CTA_HELP={0x14, 0x5, 0x0, 0x1, {0xe, 0x1, 'ftp-20000\x00'}}]}, 0x60}}, 0x0)
ioctl$VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOVER(0xffffffffffffffff, 0x4004af07, 0x0)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r2, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400c0}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0xb78}, 0x1, 0x0, 0x0, 0x804c8c0}, 0x0)
close(r2)
add_key$user(&(0x7f0000002100), &(0x7f0000002180)={'syz', 0x1}, &(0x7f00000021c0)='b', 0x1, 0xfffffffffffffffe)
add_key$user(&(0x7f0000002300), &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000000100)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45e0738b959acafd2c12863045265bcbc2c9426ac3f614746b436fe86a72dc642dd67d970604a69b4f22cd0076beedc18056ab4bea4c825b69a7a77adcd5488684872b1bb9eb84586549e11b", 0xb4, 0xffffffffffffffff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x41, 0x0)
r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r4, &(0x7f0000001440)={0x24, @short={0x2, 0x2, 0xffff}}, 0x8)

10.013004124s ago: executing program 4 (id=2030):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(r3, 0x40107446, &(0x7f0000000080)={0x0, 0x0})
write$ppp(r3, &(0x7f0000000140)="000004", 0x3)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='sched_switch\x00'}, 0x18)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r6 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="ffffffff", @ANYRES16=0x0, @ANYBLOB="040000000000000000002e"], 0x1c}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, <r7=>0x0], 0x0, 0x0, 0x0, 0x5})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f00000006c0)={&(0x7f0000000200)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, r7})
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x7a, 0x0, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
getdents64(r8, &(0x7f0000002f40)=""/4098, 0x1002)

9.883154041s ago: executing program 0 (id=2031):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x14, &(0x7f0000000340)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}, @printk={@lli, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
setrlimit(0xc, &(0x7f00000001c0)={0x1ff, 0x223})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x25dfdbfb, {0xa, 0x0, 0x80, 0x0, 0x0, 0x8}, [@IFAL_ADDRESS={0x14, 0x1, @private2}]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x0)
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x34000, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000340)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r7, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r8, 0x0, 0x0, 0x0, <r9=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r10=>0x0})
ioctl$IOMMU_HWPT_ALLOC$TEST(r7, 0x3b89, &(0x7f00000002c0)={0x18, 0x3, r9, r10, <r11=>0x0, 0x0, 0xdead, 0x4, &(0x7f0000000280)})
set_mempolicy(0x4003, &(0x7f0000000080)=0x7, 0x3)
ioctl$IOMMU_HWPT_GET_DIRTY_BITMAP(r7, 0x3b8c, &(0x7f0000000300)={0x30, r11, 0x1, 0x0, 0x0, 0x0, 0x1000, 0x0})

9.844922681s ago: executing program 1 (id=2032):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, &(0x7f0000000340)="0fc79fc83766b95e0b000066b813c1000066ba000000000f30f20f2db00000b89c000f00d866b92409000066b89fc9000066ba000000000f300f684b00670fdf12baa000b085ee9ab600640036f30f1efa", 0x51}], 0x1, 0x24, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x6e, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000008c0)}, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000480)={0x0, &(0x7f0000000180)}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x80000400000bce)
r3 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r3, &(0x7f0000007e00), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/wireless\x00')
preadv(r5, &(0x7f0000000100)=[{&(0x7f0000000280)=""/254, 0xfe}], 0x1, 0x1fc, 0x0)
futex(0x0, 0x8c, 0x1, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
unshare(0x8000000)
setsockopt$inet6_tcp_int(r3, 0x6, 0x19, &(0x7f00000000c0)=0xfffffffc, 0x4)
r6 = shmget$private(0x0, 0x3000, 0x54001800, &(0x7f000010d000/0x3000)=nil)
shmat(r6, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffdfff)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xf, 0x4, &(0x7f0000000080)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94)

8.18741521s ago: executing program 0 (id=2033):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
mmap(&(0x7f000000d000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$smackfs_access(0xffffffffffffff9c, &(0x7f0000000600)='/sys/fs/smackfs/access\x00', 0x2, 0x0)
write$smackfs_access(r2, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x5, 0x0, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$loop(0x0, 0x4, 0x445c01)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r6 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000280), 0xaa481, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r6, 0x800c5012, &(0x7f0000000040))
ioctl$SNDCTL_DSP_SPEED(r6, 0xc0045002, &(0x7f0000000080)=0x10000000)
ioctl$SNDCTL_DSP_GETOSPACE(r6, 0x8010500c, &(0x7f0000000100))
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000940)=@bpf_lsm={0xe, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="660a00000000df0061114c0000000000850000005400000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)

7.952501696s ago: executing program 3 (id=2034):
syz_open_dev$radio(&(0x7f0000000140), 0x1, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x9, 0x81, 0x3, 0xffffffff, 0x116, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x181480, 0x0)
r1 = socket$inet(0xa, 0x801, 0x84)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r3, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r4, 0x0, 0x0, 0x30, 0x0, @in={0x1b, 0x0, @local}, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}}}}, 0x118)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {&(0x7f00000006c0), r4}}, 0x18)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r1, 0x8000)
r5 = accept4(r1, 0x0, 0x0, 0x0)
sendto$inet(r5, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f0000000100)={0x3}, 0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, 0x0, 0x0)
sendto$inet(r5, &(0x7f0000000300)="b3", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x1}, 0x8)
socket$nl_route(0x10, 0x3, 0x0)

7.909723445s ago: executing program 4 (id=2035):
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
sigaltstack(&(0x7f0000000040)={0x0, 0x0, 0xfffffffffffffed8}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f0000000380)=0x1b, 0x4)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MIF(r2, 0x29, 0xca, &(0x7f0000000000), 0xc)
setsockopt$MRT6_DEL_MIF(r2, 0x29, 0xcb, &(0x7f0000000540), 0xc)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000900)='T', 0x1}], 0x1}, 0x4048841)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000180)}, 0x1)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCADDRT(r3, 0x8917, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x10002)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYRESHEX=r4, @ANYBLOB="010000000000000000001400000018"], 0x44}}, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000200), 0x802, 0x0)
ioctl$UI_SET_ABSBIT(r6, 0x40045567, 0x0)
syz_open_dev$vim2m(0x0, 0x0, 0x2)
ioctl$FS_IOC_GETFSLABEL(r5, 0x400452c8, 0x0)
ioctl$FS_IOC_GETFSLABEL(r4, 0x400452c9, &(0x7f0000000100))

6.550155816s ago: executing program 0 (id=2036):
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x4, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(0xffffffffffffffff, 0x3ba0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet(0x2, 0x802, 0x1)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)

6.479154276s ago: executing program 4 (id=2037):
getpgid(0xffffffffffffffff)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x4, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000005c0)=ANY=[@ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB="3600a0c264b0befa36"], 0x6c)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r1, 0x3ba0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet(0x2, 0x802, 0x1)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
read$FUSE(r3, &(0x7f0000000540)={0x2020}, 0x2020)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000003b000701000000000ce2aa66027c00000400000014000180066ea6d0"], 0x2c}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r2, &(0x7f0000000100)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x81)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card1/oss_mixer\x00', 0x80400, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r4, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000000000/0x400000)=nil, 0x800000})

6.422582482s ago: executing program 3 (id=2038):
getpgid(0xffffffffffffffff)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x4, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000005c0)=ANY=[@ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB="3600a0c264b0befa36"], 0x6c)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet(0x2, 0x802, 0x1)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
read$FUSE(r2, &(0x7f0000000540)={0x2020}, 0x2020)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000003b000701000000000ce2aa66027c00000400000014000180066ea6d0"], 0x2c}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r1, &(0x7f0000000100)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x81)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card1/oss_mixer\x00', 0x80400, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000000000/0x400000)=nil, 0x800000})

5.916607413s ago: executing program 2 (id=2039):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r1 = socket(0x18, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0x1, [{0x557a, 0x1}, {0x10}, {}, {0x0, 0xfffffffd}, {}, {}, {}, {0x2}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$uinput(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
io_uring_enter(0xffffffffffffffff, 0x567d, 0x8536, 0x4, &(0x7f0000000040)={[0x6]}, 0x8)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000900)={0x0, 0x0, 0x2, 0x7, 0x2000, 0x2}, 0x14)
listen(r3, 0x1ff)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
sendto$inet(r4, &(0x7f0000000700)="ab12bb6929ab1095cfd2d48c5915d65c5958fd4b334ecfcf7d3951358f037de295949345fcc993bda36a12ec6446582a02510df8a7df07d2e7308cecee9a0493b586fcf682a7eca970173842bc037c0d89d8635b35d3157ba69447f1a85723596b954709c95f29bd2c47bc31332b444c41be32ecf98716a5bccda8def16e", 0x7e, 0x44, &(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x10)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0x8, &(0x7f0000000100)=0x5, 0x4)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'ipvlan1\x00'})
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000280)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x800}}, './file0\x00'})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x12, 0x0, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$pppoe(r1, 0x0, 0x0)

5.882254035s ago: executing program 1 (id=2040):
r0 = syz_open_dev$sndctrl(&(0x7f0000000140), 0xf, 0x30041)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000180)={{0x7, 0x5, 0x200000, 0xa, 'syz0\x00', 0x8001}, 0x1, [0xffffffffffffffff, 0xfffffffffffffffa, 0x1, 0xffffffff, 0x4fa, 0xffffffff, 0x8000000000000000, 0x8, 0xd9, 0x0, 0xffc00000, 0x8, 0x8000, 0x4, 0x3, 0x6, 0xffffffffffff7fff, 0x7, 0x4, 0x8, 0xeb, 0xfff, 0x5, 0x8, 0x8, 0x6, 0x8, 0x7, 0x8, 0x0, 0x0, 0xffffffff, 0x1, 0xfffffffffffffffb, 0x2, 0x9, 0x5, 0x3, 0x2, 0x8, 0x2, 0xe, 0xfffffffffffffffa, 0xa, 0x3, 0x3, 0x9, 0xb, 0xa00, 0x0, 0x1, 0xfffffffffffffffe, 0x1, 0x9, 0x306e, 0xb, 0x64, 0x8e, 0x7, 0xff, 0x7fcd, 0x0, 0x9, 0xffffffffffffffff, 0x2, 0x0, 0x2, 0x7fffffff, 0x0, 0x1, 0x81, 0xffff, 0xc50c, 0x81, 0x80000000, 0x1, 0x5, 0x9, 0xc470, 0xc769, 0x80000000, 0x2, 0x1, 0x9, 0xffffffff, 0x4, 0xcdcd, 0xffc, 0x4, 0x3, 0xfffffffffffffffb, 0x8000000, 0x9, 0x8001, 0x2, 0x8000000000000000, 0x6, 0x8, 0xffffffffffffffed, 0x2, 0x0, 0x2, 0xd, 0x7, 0xfffffffffffff801, 0x5, 0xbef, 0x1, 0x1, 0x2, 0x80000001, 0x2, 0x9, 0x75ee, 0x80, 0x8, 0x5b, 0xfffffffffffffff9, 0x9, 0x5000000, 0xf, 0x0, 0x7, 0xffffffffffffffff, 0x33ea, 0x167b, 0x9, 0x101]})
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r1, &(0x7f0000001600)=""/233, 0xe9)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000080), 0x68a140, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x14d002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x2a, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x80000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
open(0x0, 0x143142, 0x0)
close(0xffffffffffffffff)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r7, &(0x7f00000002c0)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
sendfile(0xffffffffffffffff, r2, 0x0, 0x80006)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c000000000061138c0000000000bfa0000000000000150300000a004e002d35010000000000950041000000000069163a0000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x0, 0x0, &(0x7f0000000ac0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket(0x10, 0x3, 0x0)

5.431058497s ago: executing program 4 (id=2041):
syz_open_dev$radio(&(0x7f0000000140), 0x1, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x9, 0x81, 0x3, 0xffffffff, 0x116, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x181480, 0x0)
r1 = socket$inet(0xa, 0x801, 0x84)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r3, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r4, 0x0, 0x0, 0x30, 0x0, @in={0x1b, 0x0, @local}, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}}}}, 0x118)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {&(0x7f00000006c0), r4}}, 0x18)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x44, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x44}}, 0x0)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r1, 0x8000)
r5 = accept4(r1, 0x0, 0x0, 0x0)
sendto$inet(r5, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f0000000100)={0x3}, 0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, 0x0, 0x0)
sendto$inet(r5, &(0x7f0000000300)="b3", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x1}, 0x8)
socket$nl_route(0x10, 0x3, 0x0)

5.322020513s ago: executing program 3 (id=2042):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r2=>r0, {0x1a3}}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'})
lsm_get_self_attr(0x67, 0x0, &(0x7f0000000080), 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000440)='fdinfo/4\x00')
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000100)={0x2000001c})
ioctl$UI_SET_MSCBIT(r3, 0x40045568, 0x2)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r4}, 0x10)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
mlockall(0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(0x0, r5)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_PMKSA(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000012c0)={0x54, r6, 0x623, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x3}}}}, [@NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0xff}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0xa}, @NL80211_ATTR_FILS_CACHE_ID={0x6}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x80000001}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0x54}, 0x1, 0x0, 0x0, 0x40040}, 0x4004000)
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r2, &(0x7f0000001200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000011c0)={&(0x7f0000001180)={0x2c, r6, 0x300, 0x70bd28, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x1, 0x66}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x59}]}, 0x2c}}, 0x4000)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
r9 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r9, 0x0, &(0x7f00000000c0))
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, 0x0)
sendmsg$NFC_CMD_ENABLE_SE(0xffffffffffffffff, &(0x7f0000002240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10880}, 0x800)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4458c}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_NET_NS_PID={0x8, 0x13, r1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4015}, 0x0)
syz_open_dev$vcsu(&(0x7f0000000000), 0x7, 0x52d882)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000002200)={'wlan0\x00'})

4.657835645s ago: executing program 1 (id=2043):
r0 = syz_io_uring_setup(0x237, &(0x7f0000000240)={0x0, 0x9399, 0x0, 0x0, 0x24f}, &(0x7f0000000040), &(0x7f0000000600))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
semop(0x0, &(0x7f0000000240)=[{0x2, 0x7fff, 0x1000}], 0x1)
semop(0x0, &(0x7f0000000100)=[{0x2, 0xd5db}], 0x1)
semtimedop(0x0, &(0x7f0000000040)=[{0x3, 0x9, 0x1000}, {0x2, 0x800, 0x1800}], 0x2, 0x0)
timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f00000000c0)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000000)={{}, {0x77359400}}, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r4 = userfaultfd(0x0)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000000))
r5 = socket$xdp(0x2c, 0x3, 0x0)
r6 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x20, &(0x7f00000002c0)=[@in={0x2, 0x0, @private=0xa010101}, @in={0x2, 0x4e23, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r7=>0x0]}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x76, &(0x7f0000000480)={r7}, &(0x7f00000004c0)=0x8)
r8 = syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
tgkill(r8, r8, 0x21)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f00000023c0)=""/241, 0x1115000, 0x0, 0x0, 0x2}, 0x1c)
ioctl$sock_SIOCBRDELBR(r2, 0x89a1, 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f00000001c0)={&(0x7f0000001000), 0x0, 0x1}, 0x1)
ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, 0x0)

2.791023496s ago: executing program 4 (id=2044):
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00')
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, 0x0, &(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x100000}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b39090987f70e06d038e7ff7fc6e5539b0d650e8b089b3f3b006d090890e0878f0e1ac6e7049b336d959b6c9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074b0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffe}}, 0x10)
socket$netlink(0x10, 0x3, 0x4)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x0, 0x45, &(0x7f0000000300)='c\xa7\xcf0up\x00\xf6]\a\xf2\x1cd\xad\x00\xcf\xfd\x9f\xceG\xc9\x88\xc2\x86\xb4\x13\xb5\xaf>\xff2l\x95U\b\xb3\xa0\xd3\xe8[N\x0f2\xd3\x85\xcb\xbf`Dpf]\xaa\x8b3\t\x8a\xf5\xfe\x9a\xb1\xef\x90\xea\v\xa2U\xd2/'}, 0x30)
r6 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000480)='cgroup.threads\x00', 0x2, 0x0)
sendfile(r6, r6, 0x0, 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)

2.630902435s ago: executing program 1 (id=2045):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x14, &(0x7f0000000340)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}, @printk={@lli, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
setrlimit(0xc, &(0x7f00000001c0)={0x1ff, 0x223})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@ipv6_getaddrlabel={0x30, 0x4a, 0x1, 0x0, 0x25dfdbfb, {0xa, 0x0, 0x80, 0x0, 0x0, 0x8}, [@IFAL_ADDRESS={0x14, 0x1, @private2}]}, 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x0)
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x34000, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000340)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r7, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r8, 0x0, 0x0, 0x0, <r9=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r10=>0x0})
ioctl$IOMMU_HWPT_ALLOC$TEST(r7, 0x3b89, &(0x7f00000002c0)={0x18, 0x3, r9, r10, <r11=>0x0, 0x0, 0xdead, 0x4, &(0x7f0000000280)})
set_mempolicy(0x4003, &(0x7f0000000080)=0x7, 0x3)
ioctl$IOMMU_HWPT_GET_DIRTY_BITMAP(r7, 0x3b8c, &(0x7f0000000300)={0x30, r11, 0x1, 0x0, 0x0, 0x0, 0x1000, 0x0})

1.473962699s ago: executing program 1 (id=2046):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_emit_ethernet(0x5e, 0x0, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x22)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000240)={0x48})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="ae29ace5bffbc200dcef2baf5bbc28ac204007cc4c0784e23101dc35cce21e5a5715d965b5a69a59cb035e5c23e652aadca701e62946a0674a7656ae3a6b4405dc1bed87d00942fe0b2a51a2ccf301cc8535a94dd879801de36f7d241b90f38b5e1d807b220645", @ANYRES32=0x0, @ANYRESHEX=r1], 0x70}, 0x1, 0x0, 0x0, 0x20008010}, 0x4)
sendmsg$nl_route(r1, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000680)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x8000)
ioctl$IOMMU_TEST_OP_ACCESS_RW$syz(0xffffffffffffffff, 0x3ba0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r2=>0x0})
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48801}, 0x4)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000800000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000a0000000bf090000000000005509010000030000950000000000000085100000f5ffffffbf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @sk_reuseport, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000140)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r4}, 0x18)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"})
flock(0xffffffffffffffff, 0x2)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x20008014, &(0x7f0000000340)={0x11, 0x2, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14)
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='befs\x00', 0x109, 0x0)
socket$inet(0x2, 0x2, 0x7)

1.460278074s ago: executing program 2 (id=2047):
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
sigaltstack(&(0x7f0000000040)={0x0, 0x0, 0xfffffffffffffed8}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f0000000380)=0x1b, 0x4)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MIF(r2, 0x29, 0xca, &(0x7f0000000000), 0xc)
setsockopt$MRT6_DEL_MIF(r2, 0x29, 0xcb, &(0x7f0000000540), 0xc)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000900)='T', 0x1}], 0x1}, 0x4048841)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000180)}, 0x1)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCADDRT(r3, 0x8917, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x10002)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYRESHEX=r4, @ANYBLOB="010000000000000000001400000018"], 0x44}}, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000200), 0x802, 0x0)
ioctl$UI_SET_ABSBIT(r6, 0x40045567, 0x0)
syz_open_dev$vim2m(0x0, 0x0, 0x2)
ioctl$FS_IOC_GETFSLABEL(r5, 0x400452c8, 0x0)
ioctl$FS_IOC_GETFSLABEL(r4, 0x400452c9, &(0x7f0000000100))

743.103276ms ago: executing program 2 (id=2048):
syz_open_dev$radio(&(0x7f0000000140), 0x1, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x9, 0x81, 0x3, 0xffffffff, 0x116, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x181480, 0x0)
r1 = socket$inet(0xa, 0x801, 0x84)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r3, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r4, 0x0, 0x0, 0x30, 0x0, @in={0x1b, 0x0, @local}, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}}}}, 0x118)
write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {&(0x7f00000006c0), r4}}, 0x18)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r1, 0x8000)
r5 = accept4(r1, 0x0, 0x0, 0x0)
sendto$inet(r5, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f0000000100)={0x3}, 0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, 0x0, 0x0)
sendto$inet(r5, &(0x7f0000000300)="b3", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x1}, 0x8)
socket$nl_route(0x10, 0x3, 0x0)

142.797351ms ago: executing program 3 (id=2049):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_emit_ethernet(0x5e, 0x0, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x22)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000240)={0x48})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="ae29ace5bffbc200dcef2baf5bbc28ac204007cc4c0784e23101dc35cce21e5a5715d965b5a69a59cb035e5c23e652aadca701e62946a0674a7656ae3a6b4405dc1bed87d00942fe0b2a51a2ccf301cc8535a94dd879801de36f7d241b90f38b5e1d807b220645", @ANYRESHEX=r1], 0x70}, 0x1, 0x0, 0x0, 0x20008010}, 0x4)
sendmsg$nl_route(r1, &(0x7f0000000640)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000680)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x8000)
ioctl$IOMMU_TEST_OP_ACCESS_RW$syz(0xffffffffffffffff, 0x3ba0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080))
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000440)={0xffffffffffffffff, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x48801}, 0x4)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000800000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000a0000000bf09000000"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @sk_reuseport, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000140)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r3}, 0x18)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r4, 0x40186f40, 0x20000502)
socketpair(0x1, 0x3, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="02000000000a"})
flock(0xffffffffffffffff, 0x2)
renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='befs\x00', 0x109, 0x0)
socket$inet(0x2, 0x2, 0x7)

3.591874ms ago: executing program 1 (id=2050):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, &(0x7f0000000340)="0fc79fc83766b95e0b000066b813c1000066ba000000000f30f20f2db00000b89c000f00d866b92409000066b89fc9000066ba000000000f300f684b00670fdf12baa000b085ee9ab600640036f30f1efa", 0x51}], 0x1, 0x24, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x6e, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000008c0)}, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000480)={0x0, &(0x7f0000000180)}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x80000400000bce)
r3 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r3, &(0x7f0000007e00), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/wireless\x00')
preadv(r5, &(0x7f0000000100)=[{&(0x7f0000000280)=""/254, 0xfe}], 0x1, 0x1fc, 0x0)
futex(0x0, 0x8c, 0x1, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
semget$private(0x0, 0x4000, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x19, &(0x7f00000000c0)=0xfffffffc, 0x4)
r6 = shmget$private(0x0, 0x3000, 0x54001800, &(0x7f000010d000/0x3000)=nil)
shmat(r6, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffdfff)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xf, 0x4, &(0x7f0000000080)=ANY=[], 0x0, 0x8, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400, @void, @value}, 0x94)

0s ago: executing program 2 (id=2051):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002e00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021840000000c0a0101000000000000d955070000000900020073797a31000000000900010073797a30000000005800038054000080080003400000000248000b80340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000009"], 0x108}}, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
mount(&(0x7f0000000540)=@filename='./file1\x00', &(0x7f0000000580)='./file1\x00', &(0x7f00000005c0)='erofs\x00', 0x200000, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0xfffffffd)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
r4 = openat$smackfs_change_rule(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$binfmt_script(r4, &(0x7f0000000200)={'#! ', './file0', [{0x20, 'axt^'}, {0x20, 'llTR'}], 0xa, "d606c6c21972f23b8af1a66cc395734a719a5fd6316956da1595ba554c210d89372a9289b4d8321ef96f0959d95868c58f1aa23db066886b5f80cc10f98ff4012bd01c9a5e38a097cea7a41afb240e655b4ca1334c9234f5653f38d2d453c71ac02fe71f6b733f355120fde9f921d66400"}, 0x86)
r5 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x77, 0x141301)
ioctl$USBDEVFS_FREE_STREAMS(r5, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200a000100007006000000002000020d3"])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x9, 0x4008032, 0xffffffffffffffff, 0x0)
ioctl$USBDEVFS_RELEASE_PORT(r5, 0x4004550d, 0x0)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)

kernel console output (not intermixed with test programs):

 stack depth: 19056 bytes left
[   89.513481][ T6062] atomic_op ffff8880261e5998 conn xmit_atomic 0000000000000000
[   90.926879][ T6064] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   91.213852][ T6051] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[   91.220587][ T6051] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   91.230836][ T6051] vhci_hcd vhci_hcd.0: Device attached
[   91.374169][ T6065] vhci_hcd: connection closed
[   91.377084][   T35] vhci_hcd: stop threads
[   91.647503][   T35] vhci_hcd: release socket
[   91.652060][   T35] vhci_hcd: disconnect device
[   95.404552][ T6096] netlink: 8 bytes leftover after parsing attributes in process `syz.0.47'.
[   96.343294][ T6096] wireguard0: entered promiscuous mode
[   96.399268][ T6094] syz.0.47 (6094) used greatest stack depth: 18816 bytes left
[   96.834093][    T8] libceph: connect (1)[c::]:6789 error -101
[   96.877206][ T6085] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[   96.886396][    T8] libceph: mon0 (1)[c::]:6789 connect error
[   97.568978][ T6120] mkiss: ax0: crc mode is auto.
[   98.031556][    T8] libceph: connect (1)[c::]:6789 error -101
[   98.040589][    T8] libceph: mon0 (1)[c::]:6789 connect error
[   98.197851][ T6101] ceph: No mds server is up or the cluster is laggy
[  101.164871][ T6149] netlink: 'syz.3.53': attribute type 1 has an invalid length.
[  102.102673][ T6151] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[  102.111733][ T6151] netdevsim netdevsim0: Falling back to sysfs fallback for: ./file0
[  103.951854][ T6163] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  106.780413][ T6180] netlink: 8 bytes leftover after parsing attributes in process `syz.2.60'.
[  107.992109][ T6189] capability: warning: `syz.0.70' uses deprecated v2 capabilities in a way that may be insecure
[  108.665199][ T6180] wireguard0: entered promiscuous mode
[  113.733973][ T5821] Bluetooth: hci4: command 0x0405 tx timeout
[  117.630041][ T6249] process 'syz.0.73' launched '/dev/fd/7' with NULL argv: empty string added
[  120.260323][ T6265] xt_socket: unknown flags 0x50
[  122.936466][ T6269] sctp: failed to load transform for md5: -2
[  125.768600][ T6311] overlayfs: failed to resolve './file0': -2
[  128.186588][ T6318] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  131.348473][ T6327] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  131.925112][ T6348] netlink: 'syz.1.95': attribute type 1 has an invalid length.
[  132.567396][ T6359] netlink: 'syz.0.99': attribute type 6 has an invalid length.
[  133.609118][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  138.750569][ T6396] loop7: detected capacity change from 0 to 16384
[  138.865113][ T6396] loop7: detected capacity change from 16384 to 16383
[  138.917153][ T6396] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  138.926957][ T6396] Buffer I/O error on dev loop7, logical block 0, async page read
[  138.937502][ T6396] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  138.946837][ T6396] Buffer I/O error on dev loop7, logical block 0, async page read
[  138.956646][ T6396] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  138.966097][ T6396] Buffer I/O error on dev loop7, logical block 0, async page read
[  138.976199][ T6396] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  138.985499][ T6396] Buffer I/O error on dev loop7, logical block 0, async page read
[  138.996284][ T6396] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  139.005783][ T6396] Buffer I/O error on dev loop7, logical block 0, async page read
[  139.017991][ T6396] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  139.027389][ T6396] Buffer I/O error on dev loop7, logical block 0, async page read
[  139.037770][ T6396] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  139.047043][ T6396] Buffer I/O error on dev loop7, logical block 0, async page read
[  139.057498][ T6396] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  139.066772][ T6396] Buffer I/O error on dev loop7, logical block 0, async page read
[  139.075645][ T6396] ldm_validate_partition_table(): Disk read failed.
[  139.083622][ T6396] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  139.092955][ T6396] Buffer I/O error on dev loop7, logical block 0, async page read
[  139.103398][ T6396] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  139.112661][ T6396] Buffer I/O error on dev loop7, logical block 0, async page read
[  139.127700][ T6396] Dev loop7: unable to read RDB block 0
[  139.143898][ T6396]  loop7: unable to read partition table
[  139.152659][ T6396] loop_reread_partitions: partition scan of loop7 (R%0���T�$7�)]W����?�18��;9��C?��-��z׌����	������97d���) failed (rc=-5)
[  140.253366][ T6409] netlink: 'syz.0.109': attribute type 1 has an invalid length.
[  140.757962][ T6410] IPVS: ovf: UDP 0.0.0.0:0 - no destination available
[  141.115141][ T5867] IPVS: starting estimator thread 0...
[  141.203952][ T6411] IPVS: using max 19 ests per chain, 45600 per kthread
[  149.660388][ T6473] netlink: 'syz.0.125': attribute type 9 has an invalid length.
[  151.947571][ T6483] netlink: 20 bytes leftover after parsing attributes in process `syz.2.130'.
[  152.420066][ T6483] netlink: 20 bytes leftover after parsing attributes in process `syz.2.130'.
[  152.431756][ T6486] warning: `syz.2.130' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  153.650698][ T6496] 8021q: adding VLAN 0 to HW filter on device bond0
[  153.654765][ T5868] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  153.661956][ T6496] bond0: (slave rose0): Enslaving as an active interface with an up link
[  154.768307][ T5134] Bluetooth: hci0: unexpected event for opcode 0x0c13
[  155.515656][ T5868] usb 5-1: device descriptor read/all, error -71
[  158.345367][ T6529] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check.
[  158.574955][ T6529] capability: warning: `syz.1.139' uses 32-bit capabilities (legacy support in use)
[  158.718253][ T6539] libceph: resolve '
[  158.718253][ T6539] -&���f�Y�ǝ�a���2i�
[  158.718253][ T6539] .���?��&�*��&' (ret=-3): failed
[  158.966245][  T976] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  159.513921][  T976] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  163.289997][ T6570] netlink: 16 bytes leftover after parsing attributes in process `syz.0.146'.
[  169.970217][ T6621] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  169.977694][ T6621] overlayfs: failed to set xattr on upper
[  169.983496][ T6621] overlayfs: ...falling back to redirect_dir=nofollow.
[  169.990480][ T6621] overlayfs: ...falling back to index=off.
[  169.996394][ T6621] overlayfs: ...falling back to uuid=null.
[  172.717023][ T6640] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  172.730886][ T6640] Error validating options; rc = [-22]
[  173.960892][ T6652] libceph: resolve '
[  173.960892][ T6652] -&���f�Y�ǝ�a���2i�
[  173.960892][ T6652] .���?��&�*��&' (ret=-3): failed
[  175.223097][   T29] audit: type=1326 audit(1738087281.279:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6653 comm="syz.4.165" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5b1638cda9 code=0x0
[  179.217797][ T6696] xt_socket: unknown flags 0x50
[  179.352426][ T6697] tipc: Started in network mode
[  179.357778][ T6697] tipc: Node identity 4, cluster identity 4711
[  179.365242][ T6697] tipc: Node number set to 4
[  179.376870][ T6697] netlink: 44 bytes leftover after parsing attributes in process `syz.3.174'.
[  181.741329][ T5868] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  181.748505][ T6717] Bluetooth: MGMT ver 1.23
[  182.158089][ T6718] netlink: 36 bytes leftover after parsing attributes in process `syz.3.176'.
[  186.308111][ T6753] misc userio: Invalid payload size
[  186.327855][ T6753] misc userio: No port type given on /dev/userio
[  186.468157][ T6754] misc userio: Invalid payload size
[  186.527950][ T6754] misc userio: Invalid payload size
[  186.682407][ T5829] Bluetooth: hci4: command 0x0405 tx timeout
[  186.703907][ T5829] Bluetooth: hci3: command 0x0406 tx timeout
[  186.710353][ T5829] Bluetooth: hci2: command 0x0406 tx timeout
[  186.717594][ T5829] Bluetooth: hci1: command 0x0406 tx timeout
[  189.857398][ T6770] tty tty24: ldisc open failed (-12), clearing slot 23
[  192.984583][ T6790] program syz.2.193 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  195.355630][ T6787] netlink: 8 bytes leftover after parsing attributes in process `syz.1.194'.
[  195.407524][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  195.425747][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  197.084675][ T6826] xt_socket: unknown flags 0x50
[  198.825890][ T6833] tty tty22: ldisc open failed (-12), clearing slot 21
[  199.010301][   T29] audit: type=1400 audit(1738087303.823:3): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=6823 comm="syz.0.203" saddr=172.30.0.1 daddr=172.20.20.170
[  199.980712][ T6847] netlink: 20 bytes leftover after parsing attributes in process `syz.2.204'.
[  202.139649][ T6853] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  202.283587][ T6863] netlink: 277 bytes leftover after parsing attributes in process `syz.3.208'.
[  202.874490][ T6256] Bluetooth: hci5: Frame reassembly failed (-84)
[  202.888757][ T6853] netlink: 8 bytes leftover after parsing attributes in process `syz.2.206'.
[  202.901679][ T6256] Bluetooth: hci5: Frame reassembly failed (-84)
[  202.961119][ T6853] netlink: 12 bytes leftover after parsing attributes in process `syz.2.206'.
[  203.113091][ T6853] netlink: 16 bytes leftover after parsing attributes in process `syz.2.206'.
[  203.151466][ T6853] netlink: 12 bytes leftover after parsing attributes in process `syz.2.206'.
[  203.184054][ T6853] netlink: 8 bytes leftover after parsing attributes in process `syz.2.206'.
[  204.414886][ T5134] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  205.113161][ T6875] can0: slcan on ttyS3.
[  205.561479][ T6865] can0 (unregistered): slcan off ttyS3.
[  209.743755][ T6930] netlink: 24 bytes leftover after parsing attributes in process `syz.1.218'.
[  212.093972][ T6936] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  212.677057][ T6936] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  212.704326][ T6936] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  213.237637][ T6936] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  213.270622][ T6936] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  213.298099][ T6936] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  213.327516][ T6936] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  213.589491][ T6936] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  213.595566][ T6936] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  214.695290][ T6965] random: crng reseeded on system resumption
[  214.945198][   T54] Bluetooth: hci2: command 0x0406 tx timeout
[  215.405270][   T54] Bluetooth: hci1: command 0x0406 tx timeout
[  215.492025][   T54] Bluetooth: hci3: command 0x0406 tx timeout
[  215.753808][   T54] Bluetooth: hci4: command 0x0405 tx timeout
[  216.367605][ T6985] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[  217.115261][   T54] Bluetooth: hci2: command 0x0406 tx timeout
[  217.608850][ T6993] xt_hashlimit: max too large, truncated to 1048576
[  217.617863][ T6993] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  218.223634][   T54] Bluetooth: hci1: command 0x0406 tx timeout
[  218.223658][ T5134] Bluetooth: hci3: command 0x0406 tx timeout
[  218.231032][   T54] Bluetooth: hci4: command 0x0405 tx timeout
[  223.862055][ T7036] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  223.874602][ T7036] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  230.224718][ T7075] gre1: entered promiscuous mode
[  230.229743][ T7075] gre1: entered allmulticast mode
[  230.704258][ T7070] x_tables: unsorted underflow at hook 3
[  235.065976][ T7109] syz.2.261 uses obsolete (PF_INET,SOCK_PACKET)
[  235.388696][ T7112] NILFS (loop4): device size too small
[  235.422981][ T7112] 9p: Unknown access argument 18446744073709551615: -34
[  238.263658][ T7120] netlink: 8 bytes leftover after parsing attributes in process `syz.2.264'.
[  241.972509][ T7152] netlink: 'syz.1.270': attribute type 11 has an invalid length.
[  244.422790][ T7161] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.465049][    T8] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  245.027110][    T8] usb 2-1: Using ep0 maxpacket: 8
[  245.081588][    T8] usb 2-1: config 0 interface 0 has no altsetting 0
[  245.234046][    T8] usb 2-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=bc.76
[  245.246776][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.104194][    T8] usb 2-1: Product: syz
[  246.302759][ T7161] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.330076][    T8] usb 2-1: Manufacturer: syz
[  246.334756][    T8] usb 2-1: SerialNumber: syz
[  246.391626][    T8] usb 2-1: config 0 descriptor??
[  246.406235][    T8] usb 2-1: can't set config #0, error -71
[  246.569742][    T8] usb 2-1: USB disconnect, device number 2
[  248.893115][ T7198] befs: (nbd1): No write support. Marking filesystem read-only
[  248.910850][ T7198] syz.1.279: attempt to access beyond end of device
[  248.910850][ T7198] nbd1: rw=0, sector=0, nr_sectors = 2 limit=0
[  249.177588][ T7198] befs: (nbd1): unable to read superblock
[  250.206507][ T7161] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.565361][ T7208] IPVS: ovf: UDP 0.0.0.0:0 - no destination available
[  250.892732][ T5867] IPVS: starting estimator thread 0...
[  252.825611][ T7215] netlink: 187320 bytes leftover after parsing attributes in process `syz.1.282'.
[  252.835015][ T7215] netlink: zone id is out of range
[  252.840266][ T7215] netlink: zone id is out of range
[  252.845364][ T7215] netlink: zone id is out of range
[  252.850517][ T7215] netlink: zone id is out of range
[  252.855666][ T7215] netlink: zone id is out of range
[  252.860802][ T7215] netlink: zone id is out of range
[  252.865940][ T7215] netlink: zone id is out of range
[  252.871106][ T7215] netlink: zone id is out of range
[  252.876830][ T7215] netlink: zone id is out of range
[  253.306725][ T7211] IPVS: using max 20 ests per chain, 48000 per kthread
[  253.607664][ T7161] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.310307][ T7161] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  254.374541][ T7161] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  254.574749][ T7161] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  255.564753][ T7161] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  257.705541][ T7258] netlink: 12 bytes leftover after parsing attributes in process `syz.3.293'.
[  258.161309][ T7257] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  259.363295][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  260.294426][ T7274] netlink: 28 bytes leftover after parsing attributes in process `syz.0.299'.
[  263.473423][ T5868] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  263.987692][ T5868] usb 4-1: Using ep0 maxpacket: 8
[  264.008204][ T5868] usb 4-1: config 0 interface 0 has no altsetting 0
[  264.041176][ T5868] usb 4-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=bc.76
[  264.291620][ T5868] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.301667][ T5868] usb 4-1: Product: syz
[  264.306428][ T5868] usb 4-1: Manufacturer: syz
[  264.311059][ T5868] usb 4-1: SerialNumber: syz
[  264.326453][ T5868] usb 4-1: config 0 descriptor??
[  265.122111][   T54] Bluetooth: hci4: unexpected event for opcode 0x0c47
[  265.142097][ T7312] netlink: 8 bytes leftover after parsing attributes in process `syz.2.308'.
[  266.467152][ T5868] usb 4-1: can't set config #0, error -71
[  266.484602][ T5868] usb 4-1: USB disconnect, device number 2
[  268.211740][ T7342] tipc: Started in network mode
[  268.217272][ T7342] tipc: Node identity 7f000001, cluster identity 4711
[  268.243430][ T7342] tipc: Enabled bearer <udp:syz2>, priority 10
[  269.022366][   T54] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  269.032353][   T54] Bluetooth: hci4: Injecting HCI hardware error event
[  269.042513][ T5134] Bluetooth: hci4: hardware error 0x00
[  270.025354][ T5880] tipc: Node number set to 2130706433
[  270.973176][ T5134] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  271.078419][ T7361] Invalid source name
[  271.082457][ T7361] UBIFS error (pid: 7361): cannot open "./file0", error -22
[  272.197083][ T7371] evm: overlay not supported
[  272.239322][ T7371] Invalid ELF header magic: != ELF
[  272.317888][   T29] audit: type=1804 audit(1738087375.628:4): pid=7371 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.322" name="/newroot/70/bus/bus" dev="overlay" ino=392 res=1 errno=0
[  275.879267][ T7390] sp0: Synchronizing with TNC
[  276.921918][ T7394] No such timeout policy "syz1"
[  277.270974][ T7403] netlink: 12 bytes leftover after parsing attributes in process `syz.2.329'.
[  281.333984][ T7419] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  281.343738][ T7419] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  281.353102][ T7419] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  281.972668][ T7419] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  283.201947][ T7438] (unnamed net_device) (uninitialized): down delay (32768) is not a multiple of miimon (100), value rounded to 32700 ms
[  283.215106][ T7438] (unnamed net_device) (uninitialized): option use_carrier: invalid value (4)
[  283.820169][ T5134] Bluetooth: hci3: ACL packet for unknown connection handle 0
[  284.629795][ T7432] Cannot find map_set index 0 as target
[  287.608830][ T7464] No such timeout policy "syz1"
[  292.055623][ T7491] ceph: No mds server is up or the cluster is laggy
[  292.452132][ T5880] libceph: connect (1)[c::]:6789 error -101
[  292.623443][ T5880] libceph: mon0 (1)[c::]:6789 connect error
[  298.691232][   T29] audit: type=1800 audit(1738087403.458:5): pid=7549 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.362" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  308.387875][ T7640] fuse: Unknown parameter 'group_i00000000000000000000'
[  308.518387][ T7624] futex_wake_op: syz.1.379 tries to shift op by -1; fix this program
[  314.372410][ T7688] fuse: Unknown parameter 'group_i00000000000000000000'
[  315.206472][ T7685] loop2: detected capacity change from 0 to 7
[  315.591236][ T7685] Dev loop2: unable to read RDB block 7
[  315.622469][ T7685]  loop2: AHDI p1 p4
[  315.627371][ T7685] loop2: partition table partially beyond EOD, truncated
[  315.640999][ T7685] loop2: p1 size 10 extends beyond EOD, truncated
[  316.572965][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  316.621510][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  316.629365][ T7669] udevd[7669]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  316.739840][ T7685] syz.3.392: attempt to access beyond end of device
[  316.739840][ T7685] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  316.792517][ T7685] hpfs: hpfs_map_sector(): read error
[  317.699673][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  318.609380][ T7714] afs: Bad value for 'source'
[  318.822577][ T7714] libceph: resolve '0.0' (ret=-3): failed
[  321.229409][ T7733] syz.1.390 (7733): drop_caches: 0
[  321.397006][ T7737] =======================================================
[  321.397006][ T7737] WARNING: The mand mount option has been deprecated and
[  321.397006][ T7737]          and is ignored by this kernel. Remove the mand
[  321.397006][ T7737]          option from the mount to silence this warning.
[  321.397006][ T7737] =======================================================
[  321.438853][ T7737] overlayfs: conflicting options: userxattr,redirect_dir=on
[  322.010556][ T7749] fuse: Unknown parameter 'group_id00000000000000000000'
[  323.574474][ T7758] netlink: 40 bytes leftover after parsing attributes in process `syz.2.417'.
[  323.873912][ T7762] tipc: Enabled bearer <udp:syz2>, priority 10
[  324.685352][ T7760] netlink: 32 bytes leftover after parsing attributes in process `syz.1.407'.
[  327.272936][ T7771] delete_channel: no stack
[  327.454472][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  329.043950][ T7786] netlink: 16 bytes leftover after parsing attributes in process `syz.1.413'.
[  329.311371][ T7810] fuse: Unknown parameter 'group_id00000000000000000000'
[  331.985644][ T7819] syz.4.421 (7819): drop_caches: 2
[  331.996376][ T7819] syz.4.421 (7819): drop_caches: 2
[  333.463155][ T7835] ieee802154 phy1 wpan1: encryption failed: -22
[  334.153799][ T7832] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  334.161235][ T7832] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  334.167340][ T7832] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  334.173572][ T7832] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  336.145808][   T54] Bluetooth: hci3: command 0x0406 tx timeout
[  336.152364][ T5134] Bluetooth: hci1: command 0x0406 tx timeout
[  336.159930][ T5821] Bluetooth: hci2: command 0x0406 tx timeout
[  340.370081][ T7873] fuse: Unknown parameter 'group_id00000000000000000000'
[  341.689233][ T7882] fuse: Bad value for 'user_id'
[  341.694202][ T7882] fuse: Bad value for 'user_id'
[  342.147085][ T7890] netlink: 20 bytes leftover after parsing attributes in process `syz.4.434'.
[  347.483147][ T7906] netlink: 68 bytes leftover after parsing attributes in process `syz.2.437'.
[  351.620307][   T29] audit: type=1800 audit(1738087458.804:6): pid=7939 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.445" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  352.575891][ T7942] overlayfs: failed to resolve './file1': -2
[  353.788740][ T7951] fuse: Bad value for 'user_id'
[  353.788763][ T7951] fuse: Bad value for 'user_id'
[  357.786435][ T7979] befs: (nbd4): No write support. Marking filesystem read-only
[  357.796035][ T7979] syz.4.454: attempt to access beyond end of device
[  357.796035][ T7979] nbd4: rw=0, sector=0, nr_sectors = 2 limit=0
[  357.808837][ T7979] befs: (nbd4): unable to read superblock
[  358.631163][ T7981] vivid-000: kernel_thread() failed
[  361.390531][ T8001] loop2: detected capacity change from 0 to 7
[  361.484673][ T8007] fuse: Bad value for 'user_id'
[  361.489683][ T8007] fuse: Bad value for 'user_id'
[  362.164019][ T8001] Dev loop2: unable to read RDB block 7
[  362.175043][ T8001]  loop2: AHDI p1 p4
[  362.180235][ T8001] loop2: partition table partially beyond EOD, truncated
[  362.194991][ T8001] loop2: p1 size 10 extends beyond EOD, truncated
[  362.884272][ T8009] syz.2.461: attempt to access beyond end of device
[  362.884272][ T8009] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0
[  362.898834][ T8009] hpfs: hpfs_map_sector(): read error
[  364.296341][ T8018] bridge0: entered allmulticast mode
[  366.523556][ T8031] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  366.523613][ T8031] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  366.523697][ T8031] vhci_hcd vhci_hcd.0: Device attached
[  367.421207][    T8] vhci_hcd: vhci_device speed not set
[  367.548258][ T8038] befs: (nbd2): No write support. Marking filesystem read-only
[  367.556147][ T8038] syz.2.470: attempt to access beyond end of device
[  367.556147][ T8038] nbd2: rw=0, sector=0, nr_sectors = 2 limit=0
[  367.568828][ T8038] befs: (nbd2): unable to read superblock
[  367.596394][    T8] usb 41-1: new low-speed USB device number 2 using vhci_hcd
[  367.721658][ T8033] vhci_hcd: connection reset by peer
[  367.749482][ T5990] vhci_hcd: stop threads
[  367.755034][ T5990] vhci_hcd: release socket
[  367.783875][ T5990] vhci_hcd: disconnect device
[  369.543238][ T8054] fuse: Bad value for 'fd'
[  373.515924][    T8] vhci_hcd: vhci_device speed not set
[  376.342980][ T8101] bridge0: port 3(gretap0) entered blocking state
[  376.382786][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  376.383016][ T8101] bridge0: port 3(gretap0) entered disabled state
[  376.421883][ T8101] gretap0: entered allmulticast mode
[  376.493851][ T8101] gretap0: entered promiscuous mode
[  376.594330][ T8101] bridge0: port 3(gretap0) entered blocking state
[  376.601092][ T8101] bridge0: port 3(gretap0) entered forwarding state
[  377.191685][ T8110] F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  377.199568][ T8110] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  377.208564][ T8110] F2FS-fs (loop3): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  377.216419][ T8110] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  377.534993][ T8110] netlink: 'syz.1.487': attribute type 1 has an invalid length.
[  377.542865][ T8110] netlink: 224 bytes leftover after parsing attributes in process `syz.1.487'.
[  377.637791][ T8109] fuse: Bad value for 'fd'
[  378.340620][   T54] Bluetooth: hci3: command 0x0406 tx timeout
[  383.906200][ T8147] syz.0.496 (8147) used greatest stack depth: 18720 bytes left
[  386.471516][ T8164] overlay: Bad value for 'workdir'
[  386.530863][ T8167] netlink: 84 bytes leftover after parsing attributes in process `syz.0.498'.
[  386.540838][ T8167] netlink: 48 bytes leftover after parsing attributes in process `syz.0.498'.
[  389.507439][ T8185] ubi0: attaching mtd0
[  389.527938][ T8185] ubi0: scanning is finished
[  389.532593][ T8185] ubi0: empty MTD device detected
[  391.255273][ T8195] Bluetooth: MGMT ver 1.23
[  392.032596][ T8185] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  392.161865][ T8185] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  392.169278][ T8185] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  392.176842][ T8185] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  392.184275][ T8185] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  392.191370][ T8185] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  392.199636][ T8185] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3162571447
[  393.163238][   T54] Bluetooth: hci2: unexpected event for opcode 0x2060
[  393.210349][ T8185] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  394.031834][ T8203] ubi0: background thread "ubi_bgt0d" started, PID 8203
[  395.153718][   T54] Bluetooth: hci2: unexpected event for opcode 0x0c47
[  396.005210][ T8229] netlink: 1 bytes leftover after parsing attributes in process `syz.1.515'.
[  399.036346][   T54] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  399.047801][   T54] Bluetooth: hci2: Injecting HCI hardware error event
[  399.057298][ T5134] Bluetooth: hci2: hardware error 0x00
[  399.379645][ T8246] netlink: 44 bytes leftover after parsing attributes in process `syz.2.517'.
[  399.985803][ T8253] program syz.1.518 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  401.018370][ T5134] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  402.594095][ T8262] Invalid option length (155) for dns_resolver key
[  402.791512][ T8259] kAFS: unable to lookup cell '/yz1'
[  402.795735][ T8259] netdevsim netdevsim2: Direct firmware load for .
[  402.795735][ T8259]  failed with error -2
[  402.795773][ T8259] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  402.795773][ T8259] 
[  403.294553][ T8269] libceph: resolve '0.0' (ret=-3): failed
[  404.579883][ T8281] netlink: 830 bytes leftover after parsing attributes in process `syz.3.526'.
[  405.564681][ T5134] Bluetooth: hci0: unexpected event for opcode 0x0c47
[  409.579925][ T5880] libceph: connect (1)[c::]:6789 error -101
[  410.547861][ T5880] libceph: mon0 (1)[c::]:6789 connect error
[  411.135471][ T7345] libceph: connect (1)[c::]:6789 error -101
[  411.142228][ T7345] libceph: mon0 (1)[c::]:6789 connect error
[  411.893918][ T7345] libceph: connect (1)[c::]:6789 error -101
[  411.905550][ T8307] ceph: No mds server is up or the cluster is laggy
[  412.063204][ T7345] libceph: mon0 (1)[c::]:6789 connect error
[  413.212521][ T8340] block device autoloading is deprecated and will be removed.
[  413.622182][ T8345] fuse: Bad value for 'fd'
[  414.738599][ T8349] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  415.899336][ T8358] sctp: [Deprecated]: syz.1.544 (pid 8358) Use of struct sctp_assoc_value in delayed_ack socket option.
[  415.899336][ T8358] Use struct sctp_sack_info instead
[  416.968594][ T8374] mkiss: ax0: crc mode is auto.
[  417.211692][ T8377] netlink: 'syz.3.547': attribute type 1 has an invalid length.
[  417.219539][ T8377] netlink: 228 bytes leftover after parsing attributes in process `syz.3.547'.
[  417.318175][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  417.327923][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  417.784256][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  417.792736][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  417.824707][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  418.571131][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  418.579588][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  418.851448][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  419.537276][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  419.545486][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  419.553468][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  419.561481][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  419.569767][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  419.577779][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  419.585749][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  419.617512][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  419.737835][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  419.746051][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  419.761974][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  419.769912][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  419.777437][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  419.791346][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  419.808565][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  419.833378][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  420.083775][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  420.092281][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  420.102366][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  420.850275][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  420.857828][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  420.865677][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  420.873890][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  420.881788][  T973] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  421.130983][  T973] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  424.904504][ T8427] fuse: Invalid rootmode
[  425.128214][ T8433] net_ratelimit: 17 callbacks suppressed
[  425.128280][ T8433] IPVS: ovf: UDP 0.0.0.0:0 - no destination available
[  427.880511][ T8449] netlink: 8 bytes leftover after parsing attributes in process `syz.0.567'.
[  428.005091][ T8449] netlink: 8 bytes leftover after parsing attributes in process `syz.0.567'.
[  428.867782][ T8454] netlink: 16 bytes leftover after parsing attributes in process `syz.1.568'.
[  428.947157][ T8455] netlink: 194488 bytes leftover after parsing attributes in process `syz.1.568'.
[  430.935592][ T8468] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  436.879617][ T8487] fuse: Invalid rootmode
[  436.972457][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  439.033867][ T8511] xt_CT: You must specify a L4 protocol and not use inversions on it
[  439.137758][ T8514] batman_adv: batadv0: Adding interface: dummy0
[  439.291093][ T8514] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  439.379126][ T8514] batman_adv: batadv0: Interface activated: dummy0
[  439.640477][ T8516] batadv0: mtu less than device minimum
[  439.669795][ T8516] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  439.682952][ T8516] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  439.695516][ T8516] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  439.708132][ T8516] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  439.720697][ T8516] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  439.733223][ T8516] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  439.745800][ T8516] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  439.758375][ T8516] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  439.770935][ T8516] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  446.303947][ T8565] fuse: Bad value for 'rootmode'
[  446.368220][ T8576] ALSA: mixer_oss: invalid OSS volume ''
[  447.659211][ T8586] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  447.669035][ T8586] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  453.139979][ T8620] fuse: Bad value for 'rootmode'
[  455.567450][ T8633] program syz.3.611 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  459.353643][ T8659] net_ratelimit: 10 callbacks suppressed
[  459.353657][ T8659] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  460.280777][ T8662] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  460.287665][ T8662] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  460.294825][ T8662] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  461.459405][ T8683] Smack: duplicate mount options
[  461.518398][ T8684] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  461.526965][ T8684] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  461.535517][ T8684] netdevsim netdevsim4: Falling back to sysfs fallback for: .
[  462.618434][ T5134] Bluetooth: hci3: command 0x0406 tx timeout
[  462.625523][   T54] Bluetooth: hci1: command 0x0406 tx timeout
[  463.285394][ T8698] netlink: 'syz.0.623': attribute type 9 has an invalid length.
[  474.354365][ T8762] No such timeout policy "syz1"
[  475.418504][ T8776] misc userio: No port type given on /dev/userio
[  476.456864][ T8772] netlink: 830 bytes leftover after parsing attributes in process `syz.2.639'.
[  480.806589][ T8816] netlink: 194488 bytes leftover after parsing attributes in process `syz.1.650'.
[  484.499981][ T8845] befs: (nbd1): No write support. Marking filesystem read-only
[  484.510448][ T8845] syz.1.655: attempt to access beyond end of device
[  484.510448][ T8845] nbd1: rw=0, sector=0, nr_sectors = 2 limit=0
[  484.523761][ T8845] befs: (nbd1): unable to read superblock
[  486.629645][ T8863] netlink: 84 bytes leftover after parsing attributes in process `syz.2.660'.
[  489.384945][ T8880] netlink: 16 bytes leftover after parsing attributes in process `syz.1.665'.
[  489.876507][ T8884] No such timeout policy "syz1"
[  491.120228][ T8892] netlink: 20 bytes leftover after parsing attributes in process `syz.0.667'.
[  496.219149][ T8904] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  496.330554][ T8904] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  496.338994][ T8904] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  498.861650][ T8940] netlink: 4 bytes leftover after parsing attributes in process `syz.2.677'.
[  499.147539][ T5134] Bluetooth: hci3: command 0x0406 tx timeout
[  499.224366][ T5134] Bluetooth: hci1: command 0x0406 tx timeout
[  500.872787][ T8966] netlink: 16 bytes leftover after parsing attributes in process `syz.1.679'.
[  502.932274][ T8980] No control pipe specified
[  503.290505][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  506.412537][ T9010] tipc: Started in network mode
[  506.417996][ T9010] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  506.428624][ T9010] tipc: Enabled bearer <eth:team0>, priority 0
[  507.150293][ T9018] serio: Serial port ptm0
[  507.519638][ T9017] netlink: 8 bytes leftover after parsing attributes in process `syz.0.690'.
[  507.555626][ T5898] tipc: Node number set to 11578026
[  509.250814][   T29] audit: type=1400 audit(1738087613.893:7): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=9026 comm="syz.2.695" saddr=172.30.0.3 daddr=172.20.20.170
[  509.529148][ T9034] 9pnet_fd: Insufficient options for proto=fd
[  513.040422][   T29] audit: type=1326 audit(1738087617.205:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9059 comm="syz.3.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  513.618981][   T29] audit: type=1326 audit(1738087617.205:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9059 comm="syz.3.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  514.823181][   T29] audit: type=1326 audit(1738087617.223:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9059 comm="syz.3.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  514.864975][   T29] audit: type=1326 audit(1738087617.233:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9059 comm="syz.3.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  515.046714][   T29] audit: type=1326 audit(1738087617.233:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9059 comm="syz.3.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  515.074290][   T29] audit: type=1326 audit(1738087617.270:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9059 comm="syz.3.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  515.136849][   T29] audit: type=1326 audit(1738087617.270:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9059 comm="syz.3.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  515.224034][   T29] audit: type=1326 audit(1738087617.270:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9059 comm="syz.3.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  516.489141][   T29] audit: type=1326 audit(1738087617.289:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9059 comm="syz.3.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  516.506293][ T9084] trusted_key: syz.4.708 sent an empty control message without MSG_MORE.
[  516.510545][   T29] audit: type=1326 audit(1738087617.289:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9059 comm="syz.3.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  517.450149][   T29] audit: type=1326 audit(1738087617.298:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9059 comm="syz.3.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  517.450189][   T29] audit: type=1326 audit(1738087617.308:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9059 comm="syz.3.702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  517.819283][ T9093] /dev/nullb0: Can't open blockdev
[  517.916770][ T9093] program syz.3.709 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  518.768003][ T9099] x_tables: unsorted underflow at hook 3
[  518.787427][ T9099] netlink: 16 bytes leftover after parsing attributes in process `syz.2.712'.
[  518.834073][ T9099] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  522.214747][ T9124] openvswitch: netlink: nsh attribute has 65532 unknown bytes.
[  522.222786][ T9124] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  524.905333][ T9141] netlink: 'syz.0.723': attribute type 1 has an invalid length.
[  525.646123][ T9145] /dev/nullb0: Can't open blockdev
[  526.535783][ T9150] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  526.872615][ T9158] netlink: 16 bytes leftover after parsing attributes in process `syz.4.727'.
[  534.225950][ T9212] netlink: 52 bytes leftover after parsing attributes in process `syz.1.736'.
[  534.246444][ T9212] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING
[  535.048482][ T9218] netlink: 16 bytes leftover after parsing attributes in process `syz.1.739'.
[  537.485038][ T9245] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  537.495010][ T9245] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  540.405629][ T9261] Cannot find set identified by id 65534 to match
[  546.825672][ T9314] syz.3.758 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  547.565162][ T9323] delete_channel: no stack
[  548.813149][ T9341] fuse: Bad value for 'fd'
[  549.528441][ T9343] ax25_connect(): syz.2.760 uses autobind, please contact jreuter@yaina.de
[  549.576102][ T9343] hub 6-0:1.0: USB hub found
[  549.583074][ T9343] hub 6-0:1.0: 1 port detected
[  550.345911][ T9358] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  553.105306][ T9383] fuse: Bad value for 'fd'
[  553.872979][ T9384] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  555.695508][ T9395] fuse: Bad value for 'fd'
[  556.768583][ T9404] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  556.794894][ T9404] CIFS mount error: No usable UNC path provided in device string!
[  556.794894][ T9404] 
[  556.805789][ T9404] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  557.466154][ T9402] netlink: 16 bytes leftover after parsing attributes in process `syz.2.780'.
[  559.720362][ T9412] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  560.660489][ T9425] fuse: Bad value for 'fd'
[  563.441657][   T29] kauditd_printk_skb: 11 callbacks suppressed
[  563.441684][   T29] audit: type=1400 audit(1738087664.152:31): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=9435 comm="syz.1.790" saddr=172.30.0.2 daddr=172.20.20.170
[  564.053436][ T9449] Process accounting resumed
[  566.571581][   T29] audit: type=1326 audit(1738087667.520:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9469 comm="syz.3.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  567.364876][   T29] audit: type=1326 audit(1738087667.520:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9469 comm="syz.3.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  567.410583][   T29] audit: type=1326 audit(1738087667.772:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9469 comm="syz.3.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  567.469757][ T9477] No such timeout policy "syz1"
[  567.975731][   T29] audit: type=1326 audit(1738087668.259:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9469 comm="syz.3.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  568.273346][   T29] audit: type=1326 audit(1738087668.259:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9469 comm="syz.3.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  568.327948][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  568.402600][   T29] audit: type=1326 audit(1738087668.259:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9469 comm="syz.3.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  568.693908][   T29] audit: type=1326 audit(1738087668.259:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9469 comm="syz.3.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  569.023137][   T29] audit: type=1326 audit(1738087668.259:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9469 comm="syz.3.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  569.050841][   T29] audit: type=1326 audit(1738087668.259:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9469 comm="syz.3.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  569.832547][ T9491] blktrace: Concurrent blktraces are not allowed on loop8
[  570.383273][   T29] audit: type=1326 audit(1738087668.259:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9469 comm="syz.3.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  570.809512][   T29] audit: type=1326 audit(1738087668.259:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9469 comm="syz.3.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  570.945373][   T29] audit: type=1326 audit(1738087668.259:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9469 comm="syz.3.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  570.972691][   T29] audit: type=1326 audit(1738087668.259:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9469 comm="syz.3.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  571.000857][   T29] audit: type=1326 audit(1738087668.259:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9469 comm="syz.3.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  571.124315][   T29] audit: type=1326 audit(1738087668.259:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9469 comm="syz.3.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  571.317464][   T29] audit: type=1326 audit(1738087668.259:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9469 comm="syz.3.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  571.457387][ T9507] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  572.093072][   T29] audit: type=1326 audit(1738087668.259:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9469 comm="syz.3.800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7ffc0000
[  572.348660][ T9510] delete_channel: no stack
[  573.860243][ T9520] 9pnet_fd: Insufficient options for proto=fd
[  574.872752][   T29] kauditd_printk_skb: 40 callbacks suppressed
[  575.243371][   T29] audit: type=1326 audit(1738087675.069:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9518 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[  575.360897][   T29] audit: type=1326 audit(1738087675.069:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9518 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[  575.403695][   T29] audit: type=1326 audit(1738087675.069:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9518 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[  575.451493][   T29] audit: type=1326 audit(1738087675.069:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9518 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[  575.680317][   T29] audit: type=1326 audit(1738087675.069:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9518 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[  575.778663][ T9531] sp0: Synchronizing with TNC
[  575.997997][   T29] audit: type=1326 audit(1738087675.078:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9518 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=203 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[  576.323181][   T29] audit: type=1326 audit(1738087675.078:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9518 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[  576.357752][ T5898] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  576.373584][   T29] audit: type=1326 audit(1738087675.078:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9518 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[  576.398137][   T29] audit: type=1326 audit(1738087675.078:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9518 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[  577.193390][   T29] audit: type=1326 audit(1738087675.078:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9518 comm="syz.0.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[  577.308337][ T5898] usb 4-1: device descriptor read/64, error -71
[  578.407886][ T5898] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  578.417718][ T5134] Bluetooth: hci1: unexpected event for opcode 0x0c03
[  578.579081][ T5898] usb 4-1: device descriptor read/64, error -71
[  579.350624][ T5898] usb usb4-port1: attempt power cycle
[  582.875568][ T5134] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  582.885548][ T5134] Bluetooth: hci1: Injecting HCI hardware error event
[  582.896052][ T5134] Bluetooth: hci1: hardware error 0x00
[  585.026838][ T9603] netlink: 16 bytes leftover after parsing attributes in process `syz.2.835'.
[  585.072694][ T9603] netlink: 194488 bytes leftover after parsing attributes in process `syz.2.835'.
[  585.111449][ T5134] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  585.976088][   T29] kauditd_printk_skb: 25 callbacks suppressed
[  585.982838][   T29] audit: type=1326 audit(1738087685.648:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9610 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1638cda9 code=0x7ffc0000
[  586.642055][   T29] audit: type=1326 audit(1738087685.648:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9610 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1638cda9 code=0x7ffc0000
[  586.664042][   T29] audit: type=1326 audit(1738087685.648:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9610 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f5b1638cda9 code=0x7ffc0000
[  586.688306][   T29] audit: type=1326 audit(1738087685.648:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9610 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1638cda9 code=0x7ffc0000
[  586.709881][   T29] audit: type=1326 audit(1738087685.648:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9610 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1638cda9 code=0x7ffc0000
[  586.744607][   T29] audit: type=1326 audit(1738087685.648:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9610 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5b1638cda9 code=0x7ffc0000
[  586.857948][ T9617] netlink: 16 bytes leftover after parsing attributes in process `syz.2.840'.
[  586.882288][ T9617] netlink: 194488 bytes leftover after parsing attributes in process `syz.2.840'.
[  587.010621][   T29] audit: type=1326 audit(1738087685.648:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9610 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1638cda9 code=0x7ffc0000
[  587.272190][   T29] audit: type=1326 audit(1738087685.648:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9610 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1638cda9 code=0x7ffc0000
[  587.340356][   T29] audit: type=1326 audit(1738087685.648:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9610 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f5b1638cda9 code=0x7ffc0000
[  588.358761][   T29] audit: type=1326 audit(1738087685.648:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9610 comm="syz.4.839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  590.231653][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  592.124700][ T9670] netlink: 16 bytes leftover after parsing attributes in process `syz.0.855'.
[  592.208510][ T9672] netlink: 194488 bytes leftover after parsing attributes in process `syz.0.855'.
[  592.818775][ T9680] sctp: [Deprecated]: syz.3.856 (pid 9680) Use of int in maxseg socket option.
[  592.818775][ T9680] Use struct sctp_assoc_value instead
[  593.527377][ T9687] serio: Serial port ptm0
[  598.020337][ T9717] 9pnet_fd: Insufficient options for proto=fd
[  600.762326][ T6705] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  602.522062][ T9750] netlink: 'syz.1.875': attribute type 1 has an invalid length.
[  602.540917][ T9750] bond1: entered promiscuous mode
[  603.092607][ T9750] 8021q: adding VLAN 0 to HW filter on device bond1
[  603.114590][ T9759] netlink: 3 bytes leftover after parsing attributes in process `syz.1.875'.
[  603.138056][ T9754] CIFS mount error: No usable UNC path provided in device string!
[  603.138056][ T9754] 
[  603.148124][ T9754] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  603.349288][ T9759] batadv1: entered promiscuous mode
[  603.354573][ T9759] batadv1: entered allmulticast mode
[  604.237338][ T9759] 8021q: adding VLAN 0 to HW filter on device batadv1
[  604.245640][ T9759] bond1: (slave batadv1): making interface the new active one
[  604.383122][ T9759] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  604.571222][ T9750] netlink: 48 bytes leftover after parsing attributes in process `syz.1.875'.
[  605.026111][ T9773] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  605.834489][ T9787] binder: Bad value for 'stats'
[  606.026871][ T9787] netlink: 12 bytes leftover after parsing attributes in process `syz.0.884'.
[  606.511272][ T9800] netlink: 20 bytes leftover after parsing attributes in process `syz.1.886'.
[  607.100990][ T9800] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  607.110478][ T9800] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  607.119256][ T9800] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  607.128036][ T9800] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  608.188483][ T9795] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  610.194446][ T9828] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  611.115318][ T9826] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[  614.425401][ T9855] ALSA: mixer_oss: invalid OSS volume ''
[  617.521470][ T9886] No such timeout policy "syz1"
[  617.729508][ T9889] netlink: 'syz.1.905': attribute type 9 has an invalid length.
[  621.437488][   T29] kauditd_printk_skb: 36 callbacks suppressed
[  621.437507][   T29] audit: type=1326 audit(1738087718.836:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9921 comm="syz.2.913" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6a2138cda9 code=0x0
[  621.464449][    C1] vkms_vblank_simulate: vblank timer overrun
[  621.674457][ T9934] netlink: 'syz.2.913': attribute type 33 has an invalid length.
[  621.913900][ T9934] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.913'.
[  623.595796][ T9963] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  625.863928][ T9979] block device autoloading is deprecated and will be removed.
[  625.873196][ T9979] syz.2.924: attempt to access beyond end of device
[  625.873196][ T9979] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  628.978059][ T9988] Invalid ELF header magic: != ELF
[  629.000796][   T29] audit: type=1804 audit(1738087725.889:171): pid=9988 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.927" name="/newroot/190/bus/bus" dev="overlay" ino=1045 res=1 errno=0
[  631.039967][T10014] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  634.081361][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  636.228790][ T5134] Bluetooth: hci3: unexpected event for opcode 0x2023
[  637.639883][   T29] audit: type=1326 audit(1738087733.653:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10048 comm="syz.2.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2138cda9 code=0x7ffc0000
[  637.894716][   T29] audit: type=1326 audit(1738087733.653:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10048 comm="syz.2.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2138cda9 code=0x7ffc0000
[  638.469824][   T29] audit: type=1326 audit(1738087733.681:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10048 comm="syz.2.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f6a2138cda9 code=0x7ffc0000
[  638.491345][   T29] audit: type=1326 audit(1738087733.681:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10048 comm="syz.2.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2138cda9 code=0x7ffc0000
[  638.514421][   T29] audit: type=1326 audit(1738087733.681:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10048 comm="syz.2.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2138cda9 code=0x7ffc0000
[  638.559841][   T29] audit: type=1326 audit(1738087733.915:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10048 comm="syz.2.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6a2138cda9 code=0x7ffc0000
[  638.586173][   T29] audit: type=1326 audit(1738087733.924:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10048 comm="syz.2.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2138cda9 code=0x7ffc0000
[  639.095564][   T29] audit: type=1326 audit(1738087733.924:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10048 comm="syz.2.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2138cda9 code=0x7ffc0000
[  639.329661][   T29] audit: type=1326 audit(1738087733.971:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10048 comm="syz.2.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6a2138cda9 code=0x7ffc0000
[  640.147817][   T29] audit: type=1326 audit(1738087733.971:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10048 comm="syz.2.942" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2138cda9 code=0x7ffc0000
[  640.621989][T10080] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  641.508410][T10082] bridge0: port 3(erspan0) entered blocking state
[  641.516761][T10082] bridge0: port 3(erspan0) entered disabled state
[  641.528147][T10082] erspan0: entered allmulticast mode
[  641.546519][T10082] erspan0: entered promiscuous mode
[  641.556222][T10082] bridge0: port 3(erspan0) entered blocking state
[  641.565021][T10082] bridge0: port 3(erspan0) entered forwarding state
[  641.868316][  T973] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  642.527875][ T5134] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  642.766862][  T973] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  642.785403][  T973] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  642.795912][  T973] usb 5-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  642.805258][  T973] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  642.818871][  T973] usb 5-1: config 0 descriptor??
[  643.462020][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  643.468441][   T29] audit: type=1800 audit(1738087739.387:183): pid=10098 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.954" name="file1" dev="tmpfs" ino=1084 res=0 errno=0
[  643.849057][T10077] netlink: 'syz.3.950': attribute type 1 has an invalid length.
[  644.458286][  T973] hid-led 0003:0FC5:B080.0002: item fetching failed at offset 0/3
[  644.499503][  T973] hid-led 0003:0FC5:B080.0002: probe with driver hid-led failed with error -22
[  644.677855][  T973] usb 5-1: USB disconnect, device number 5
[  649.072711][  T973] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  649.544709][  T973] usb 2-1: config 0 interface 0 altsetting 86 endpoint 0x81 has invalid wMaxPacketSize 0
[  649.564536][  T973] usb 2-1: config 0 interface 0 altsetting 86 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  649.578776][  T973] usb 2-1: config 0 interface 0 has no altsetting 0
[  649.585454][  T973] usb 2-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  649.616446][  T973] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  649.755467][  T973] usb 2-1: config 0 descriptor??
[  649.767680][  T973] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  650.483621][T10151] can0: slcan on ttyS3.
[  650.605417][T10149] vivid-000: =================  START STATUS  =================
[  650.613204][T10149] vivid-000: Generate PTS: true
[  650.618894][T10149] vivid-000: Generate SCR: true
[  650.623936][T10149] tpg source WxH: 320x180 (Y'CbCr)
[  650.629112][T10149] tpg field: 1
[  650.632504][T10149] tpg crop: 320x180@0x0
[  650.636740][T10149] tpg compose: 320x180@0x0
[  650.641179][T10149] tpg colorspace: 8
[  650.645121][T10149] tpg transfer function: 0/0
[  650.649775][T10149] tpg Y'CbCr encoding: 0/0
[  650.654271][T10149] tpg quantization: 0/0
[  650.658546][T10149] tpg RGB range: 0/2
[  650.662508][T10149] vivid-000: ==================  END STATUS  ==================
[  650.703032][ T5880] usb 2-1: USB disconnect, device number 3
[  650.997409][T10146] can0 (unregistered): slcan off ttyS3.
[  651.005332][T10146] syz.3.964 (10146) used greatest stack depth: 17744 bytes left
[  651.886695][T10163] mkiss: ax0: crc mode is auto.
[  653.614550][T10177] infiniband syz2: set active
[  653.619690][T10177] infiniband syz2: added team_slave_1
[  653.754178][T10177] RDS/IB: syz2: added
[  653.759632][T10177] smc: adding ib device syz2 with port count 1
[  653.766664][T10177] smc:    ib device syz2 port 1 has pnetid 
[  655.814444][T10192] netlink: 32 bytes leftover after parsing attributes in process `syz.0.974'.
[  655.886248][T10193] netlink: 36 bytes leftover after parsing attributes in process `syz.0.974'.
[  655.994134][T10191] No such timeout policy "syz1"
[  660.828374][T10234] netlink: 64 bytes leftover after parsing attributes in process `syz.1.982'.
[  663.746447][T10243] netlink: 8 bytes leftover after parsing attributes in process `syz.0.988'.
[  663.758942][T10243] IPVS: Error joining to the multicast group
[  666.627431][T10253] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  669.609419][   T25] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  669.769826][   T25] usb 5-1: device descriptor read/64, error -71
[  671.633833][   T25] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  671.709651][T10304] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  672.225184][T10312] ALSA: mixer_oss: invalid OSS volume ''
[  676.355858][T10354] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  677.911675][T10370] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  678.151882][T10374] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  678.309764][T10375] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1023'.
[  678.424403][T10375] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1023'.
[  678.443808][T10375] netlink: 'syz.1.1023': attribute type 10 has an invalid length.
[  678.731288][T10382] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2
[  678.740594][T10382] netdevsim netdevsim4: Falling back to sysfs fallback for: ./file0
[  680.327541][T10393] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1029'.
[  680.465019][T10394] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  682.641911][T10404] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  683.788505][T10412] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1036'.
[  683.828090][T10412] netlink: 194488 bytes leftover after parsing attributes in process `syz.0.1036'.
[  684.612963][T10422] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  686.348196][T10427] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  689.992368][T10466] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  690.070984][T10470] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1050'.
[  690.082002][T10470] netlink: 194488 bytes leftover after parsing attributes in process `syz.1.1050'.
[  692.103789][T10490] No such timeout policy "syz1"
[  692.976375][T10495] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  695.519607][T10516] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1064'.
[  698.079227][T10540] 9pnet_fd: Insufficient options for proto=fd
[  699.595230][T10541] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  699.702904][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  701.407687][T10553] serio: Serial port ptm0
[  705.154451][T10581] kvm: MONITOR instruction emulated as NOP!
[  705.221316][T10583] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1080'.
[  705.232340][T10583] netlink: 194488 bytes leftover after parsing attributes in process `syz.0.1080'.
[  708.634084][T10591] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1083'.
[  713.016167][T10630] No such timeout policy "syz1"
[  714.625701][T10642] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1093'.
[  714.636316][T10642] netlink: 194488 bytes leftover after parsing attributes in process `syz.4.1093'.
[  718.906292][T10663] delete_channel: no stack
[  718.948046][T10669] Option '                                                                                      ��P����i�	' to dns_resolver key: bad/missing value
[  721.667233][T10684] No such timeout policy "syz1"
[  722.196749][T10689] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1104'.
[  722.208036][T10689] netlink: 194488 bytes leftover after parsing attributes in process `syz.3.1104'.
[  728.729976][T10731] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1114'.
[  728.838861][T10731] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  730.960143][T10745] Bluetooth: hci5: Frame reassembly failed (-84)
[  733.203299][ T5134] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  735.750571][T10826] trusted_key: encrypted_key: insufficient parameters specified
[  735.928983][T10823] ������: renamed from lo (while UP)
[  736.555656][T10830] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1127'.
[  736.693035][T10830] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  738.060518][T10836] block device autoloading is deprecated and will be removed.
[  739.512722][T10849] bridge1: entered promiscuous mode
[  739.518224][T10849] bridge1: entered allmulticast mode
[  739.922558][T10849] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1131'.
[  740.136865][T10852] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  740.728254][T10852] sch_tbf: burst 3635 is lower than device lo mtu (65550) !
[  740.746140][T10850] i2c i2c-0: Invalid block write size 34
[  740.786531][T10857] netlink: 'syz.0.1134': attribute type 8 has an invalid length.
[  741.397157][T10857] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1134'.
[  744.110860][T10886] netlink: 'syz.1.1144': attribute type 9 has an invalid length.
[  745.113359][T10894] tmpfs: Unknown parameter '01777777777777777777777'
[  745.655609][T10902] Invalid ELF header type: 0 != 1
[  745.836455][   T29] audit: type=1107 audit(1738087835.200:184): pid=10887 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='p?��v��&_q�	�<�,P�~1���wOB��i��Կ;̋��$e5��}rx�]X�f���?���G�iM�]4�0p���t֝���h`��~��
���Y��xeGǦ�<#u���-��]���\=G!�y-��
[  745.836455][   T29] h�'��d������A)�ׂ�s�7���y	��>|�3We�|���ܥ#1�z�_R�?='
[  746.807903][T10907] No such timeout policy "syz1"
[  746.989824][T10911] No such timeout policy "syz1"
[  749.425801][T10927] RDS: rds_bind could not find a transport for fe80::c, load rds_tcp or rds_rdma?
[  750.812427][T10937] sctp: [Deprecated]: syz.3.1146 (pid 10937) Use of struct sctp_assoc_value in delayed_ack socket option.
[  750.812427][T10937] Use struct sctp_sack_info instead
[  751.390073][T10939] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1154'.
[  752.452037][T10941] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1153'.
[  755.484587][T10968] No such timeout policy "syz1"
[  757.335620][T10980] No such timeout policy "syz1"
[  759.371171][T10993] input: syz1 as /devices/virtual/input/input40
[  759.394775][T10988] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1165'.
[  759.407013][T10988] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1165'.
[  759.507110][  T976] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  759.628621][ T5134] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  759.955697][  T976] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  760.117669][  T976] usb 3-1: config 0 has no interfaces?
[  760.147609][  T976] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  760.165018][T10998] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1169'.
[  760.201739][  T976] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  760.221606][  T976] usb 3-1: config 0 descriptor??
[  761.072457][ T5880] IPVS: starting estimator thread 0...
[  761.217368][T11010] IPVS: using max 25 ests per chain, 60000 per kthread
[  763.777040][T11030] No such timeout policy "syz1"
[  763.989566][  T976] usb 3-1: USB disconnect, device number 3
[  764.042592][T11037] No such timeout policy "syz1"
[  766.338829][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  767.112219][T11056] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  767.121023][T11056] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  767.129567][T11056] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  767.174959][T11057] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1180'.
[  769.022849][T11075] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1196'.
[  771.074375][T11092] ax25_connect(): syz.2.1188 uses autobind, please contact jreuter@yaina.de
[  771.862920][T11095] netlink: 136 bytes leftover after parsing attributes in process `syz.0.1189'.
[  772.166112][T11096] No such timeout policy "syz1"
[  773.215633][T11104] program syz.1.1184 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  773.336690][T11104] ntfs3(nullb0): Primary boot signature is not NTFS.
[  773.344361][T11104] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  777.001514][T11166] 9pnet_virtio: no channels available for device 
[  781.641078][T11178] Set syz1 is full, maxelem 65536 reached
[  781.936649][T11191] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1207'.
[  781.957168][T11191] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1207'.
[  781.966211][T11191] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1207'.
[  782.022120][T11192] No such timeout policy "syz1"
[  782.111182][T11191] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1207'.
[  782.338355][T11198] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  782.352859][T11198] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  783.825067][T11211] team0: MTU too low for tipc bearer
[  783.830598][T11211] tipc: Disabling bearer <eth:team0>
[  785.636671][T11221] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1212'.
[  788.759512][T11229] Bluetooth: hci5: Frame reassembly failed (-84)
[  789.441196][T11250] No such timeout policy "syz1"
[  789.586794][T11258] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1218'.
[  789.597843][T11258] netlink: 194488 bytes leftover after parsing attributes in process `syz.4.1218'.
[  790.959112][ T5134] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  790.960061][   T54] Bluetooth: hci5: command 0x1003 tx timeout
[  791.527838][T11268] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1224'.
[  792.760580][T11269] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  793.058218][T11275] netlink: 'syz.3.1226': attribute type 3 has an invalid length.
[  793.066196][T11275] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1226'.
[  797.784820][T11308] gre1: entered promiscuous mode
[  797.790583][T11308] gre1: entered allmulticast mode
[  798.073222][T11306] xt_CT: You must specify a L4 protocol and not use inversions on it
[  798.859195][T11312] loop6: detected capacity change from 0 to 524287999
[  798.959263][    C0] blk_print_req_error: 7 callbacks suppressed
[  798.959284][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  798.974729][    C0] buffer_io_error: 7 callbacks suppressed
[  798.974745][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  799.086162][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  799.095422][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  799.123747][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  799.133150][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  799.860102][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  799.869441][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  799.881481][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  799.890847][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  799.907823][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  799.917200][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  799.957564][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  799.966818][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  800.334487][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  800.343674][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  800.398928][T11312] ldm_validate_partition_table(): Disk read failed.
[  800.687049][T11323] loop6: detected capacity change from 524287999 to 0
[  800.687068][T11312] Dev loop6: unable to read RDB block 0
[  800.693930][T11312]  loop6: unable to read partition table
[  800.929260][T11312] loop6: partition table beyond EOD, truncated
[  800.943662][T11312] loop_reread_partitions: partition scan of loop6 (�_~w^@��#E!$�ཿ�/�@ڍ΁���z`�3r) failed (rc=-5)
[  801.363629][ T5898] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  801.799573][ T5898] usb 4-1: Using ep0 maxpacket: 32
[  801.834690][ T5898] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  801.863030][ T5898] usb 4-1: config 0 has no interfaces?
[  801.868693][ T5898] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  801.891046][ T5898] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  801.917229][ T5898] usb 4-1: config 0 descriptor??
[  803.495800][T11353] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  805.325564][ T5867] usb 4-1: USB disconnect, device number 6
[  805.453545][T11366] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1245'.
[  805.464460][T11366] netlink: 194488 bytes leftover after parsing attributes in process `syz.2.1245'.
[  805.973788][T11372] program syz.4.1247 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  808.568484][T11389] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma?
[  810.797952][T11386] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1251'.
[  811.041900][T11405] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1255'.
[  811.134332][T11393] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1253'.
[  811.144004][T11393] netlink: 'syz.1.1253': attribute type 25 has an invalid length.
[  812.897274][T11422] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1259'.
[  812.955851][T11422] netlink: 194488 bytes leftover after parsing attributes in process `syz.4.1259'.
[  813.642030][T11423] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  814.291138][T11420] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  815.241171][   T29] audit: type=1800 audit(1738087899.929:185): pid=11433 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.1260" name="bus" dev="overlay" ino=1475 res=0 errno=0
[  816.339890][T11446] __vm_enough_memory: pid: 11446, comm: syz.0.1261, bytes: 4503599627366400 not enough memory for the allocation
[  818.198825][T11454] libceph: resolve '0.0' (ret=-3): failed
[  820.911596][T11460] libceph: resolve '0' (ret=-3): failed
[  822.346307][T11475] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1269'.
[  822.809207][T11475] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  823.546353][T11474] kAFS: unable to lookup cell '�g�K�)�kJ�L+���}��	��T��/
pbΈ&����M���K��(��
�|F�k�q�2�J�$O�-7R�k�E1�ў
�LEB{���Nb�+*e�RM�����c��\�j�m�ԩ��Կ����O�����t�"�k��k�n�
z�HKu��6�MyS�H�IU��o��If����V��U��r&���c�N��<D�¼�[£�&�D\q4>�N�0�NB�c5?���7��c�#0*�k���<�9�mc�L�	0�7��뜖��Ctϒ
[  823.546353][T11474] j�y�H
ao�1.��B�$���&2�M�0�=�`;!�dφO���JI�X�!��J�˟BvU_Rc?��'
[  823.682790][T11483] No such timeout policy "syz1"
[  825.544793][T11492] overlay: ./file1 is not a directory
[  830.166516][T11526] Cannot find del_set index 29 as target
[  830.750091][T11536] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1283'.
[  831.150065][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  831.165861][  T973] IPVS: starting estimator thread 0...
[  831.359069][T11542] IPVS: using max 21 ests per chain, 50400 per kthread
[  831.673966][T11546] No such timeout policy "syz1"
[  835.885748][T11571] ntfs3(nullb0): Primary boot signature is not NTFS.
[  835.892767][T11571] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  839.765095][T11580] 9pnet: Could not find request transport: fd0x0000000000000003
[  842.883094][T11622] No such timeout policy "syz1"
[  844.733836][T11637] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1303'.
[  845.747891][T11644] overlay: Unknown parameter 'uid<00000000000000000000'
[  846.650949][T11652] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1306'.
[  846.684156][T11652] netlink: 194488 bytes leftover after parsing attributes in process `syz.3.1306'.
[  852.075483][T11697] No such timeout policy "syz1"
[  854.170813][T11713] tmpfs: Unknown parameter '01777777777777777777777'
[  854.768720][T11719] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1322'.
[  860.726811][T11754] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1328'.
[  860.919843][T11751] netlink: 194488 bytes leftover after parsing attributes in process `syz.0.1328'.
[  861.924618][T11758] overlay: Unknown parameter 'uid<00000000000000000000'
[  862.027124][   T29] audit: type=1800 audit(1738087943.884:186): pid=11756 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.1331" name="bus" dev="overlay" ino=1534 res=0 errno=0
[  865.181200][T11786] overlayfs: missing 'workdir'
[  867.109743][T11791] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1339'.
[  867.119853][T11791] bridge_slave_1: left allmulticast mode
[  867.125704][T11791] bridge_slave_1: left promiscuous mode
[  867.135316][T11791] bridge0: port 2(bridge_slave_1) entered disabled state
[  867.304411][T11791] bridge_slave_0: left allmulticast mode
[  867.310216][T11791] bridge_slave_0: left promiscuous mode
[  867.318311][T11791] bridge0: port 1(bridge_slave_0) entered disabled state
[  867.763312][T11797] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  869.406072][ T5134] Bluetooth: hci3: unexpected event for opcode 0x0419
[  872.252425][T11829] Mount JFS Failure: -22
[  872.257901][T11829] jfs_mount failed w/return code = -22
[  873.231460][T11838] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  873.684075][T11846] program syz.1.1353 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  873.737826][ T5134] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  873.746623][ T5134] Bluetooth: hci3: Injecting HCI hardware error event
[  873.824383][T11847] /dev/nullb0: Can't open blockdev
[  873.970836][   T54] Bluetooth: hci3: hardware error 0x00
[  874.850558][T11856] veth0_to_team: entered promiscuous mode
[  874.856461][T11856] veth0_to_team: entered allmulticast mode
[  876.214301][T11864] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1357'.
[  876.245298][T11864] netlink: 194488 bytes leftover after parsing attributes in process `syz.1.1357'.
[  876.271740][   T54] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  876.925206][T11872] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  880.786538][T11898] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  883.193217][T11920] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1371'.
[  883.282090][T11920] netlink: 194488 bytes leftover after parsing attributes in process `syz.4.1371'.
[  884.167046][T11931] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1374'.
[  884.313659][T11936] netlink: 194488 bytes leftover after parsing attributes in process `syz.2.1374'.
[  885.866186][T11944] Invalid option length (155) for dns_resolver key
[  887.790804][T11951] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  888.289698][T11967] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1383'.
[  888.343189][T11967] netlink: 194488 bytes leftover after parsing attributes in process `syz.4.1383'.
[  891.306894][T11976] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  891.313988][T11976] overlayfs: failed to set xattr on upper
[  891.319719][T11976] overlayfs: ...falling back to redirect_dir=nofollow.
[  891.326664][T11976] overlayfs: ...falling back to index=off.
[  891.332494][T11976] overlayfs: ...falling back to uuid=null.
[  891.430263][   T29] audit: type=1326 audit(1738087971.366:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11956 comm="syz.3.1381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cac98cda9 code=0x7fc00000
[  895.242033][T12009] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1395'.
[  895.244846][T12005] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  895.288242][T12009] netlink: 194488 bytes leftover after parsing attributes in process `syz.1.1395'.
[  896.766838][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  898.121556][T12030] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method
[  899.393499][   T29] audit: type=1800 audit(1738087978.821:188): pid=12024 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.1399" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  901.374911][T12038] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1401'.
[  902.738617][T12056] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1406'.
[  902.769930][T12056] netlink: 194488 bytes leftover after parsing attributes in process `syz.0.1406'.
[  904.916402][T12071] nfs: Unknown parameter 'ntext-smackfsroot'
[  905.945091][T12078] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1405'.
[  910.697836][ T5134] Bluetooth: hci5: sending frame failed (-49)
[  910.706651][   T54] Bluetooth: hci5: Opcode 0x1003 failed: -49
[  911.191751][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  911.302036][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  911.528655][T12135] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1419'.
[  911.537678][T12135] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1419'.
[  913.253522][T12152] binder: 12147:12152 ioctl c0306201 0 returned -14
[  920.230998][T12186] ubi0: detaching mtd0
[  921.358807][T12186] ubi0: mtd0 is detached
[  922.324478][T12199] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1437'.
[  924.520839][T12218] netlink: 164 bytes leftover after parsing attributes in process `syz.2.1441'.
[  925.551503][   T29] audit: type=1326 audit(1738088003.310:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12219 comm="syz.1.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fdcf8cda9 code=0x7ffc0000
[  925.853657][ T7345] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  925.925478][   T29] audit: type=1326 audit(1738088003.506:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12219 comm="syz.1.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fdcf8cda9 code=0x7ffc0000
[  925.991838][   T29] audit: type=1326 audit(1738088003.525:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12219 comm="syz.1.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f4fdcf8cda9 code=0x7ffc0000
[  926.027172][   T29] audit: type=1326 audit(1738088003.525:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12219 comm="syz.1.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fdcf8cda9 code=0x7ffc0000
[  926.130166][   T29] audit: type=1326 audit(1738088003.525:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12219 comm="syz.1.1442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fdcf8cda9 code=0x7ffc0000
[  926.175713][ T7345] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  926.202472][ T7345] usb 5-1: config 0 has no interfaces?
[  926.230229][ T7345] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  926.270979][ T7345] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  927.491179][ T7345] usb 5-1: config 0 descriptor??
[  929.255608][T12236] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1447'.
[  929.275571][T11884] usb 5-1: USB disconnect, device number 8
[  933.213035][T12262] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1453'.
[  933.269565][   T29] audit: type=1800 audit(1738088010.531:194): pid=12256 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.1451" name="bus" dev="overlay" ino=1564 res=0 errno=0
[  933.400364][T12264] usb usb8: usbfs: process 12264 (syz.4.1453) did not claim interface 8 before use
[  933.545616][T12262] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1453'.
[  933.873123][T12269] cifs: Unknown parameter 'no'�a��N�[G�zob,er��;%j��
[  933.873123][T12269] ��z�,�@q�������J#�"��h/.�W1ȱ�nNC�"�C�׈�E)�8+����'
[  936.446114][T12283] tmpfs: Unknown parameter 'q�oee'
[  938.232959][ T5898] IPVS: starting estimator thread 0...
[  938.403537][T12293] IPVS: using max 23 ests per chain, 55200 per kthread
[  938.527413][T12295] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1460'.
[  938.559765][T12295] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1460'.
[  939.044396][T12302] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1461'.
[  939.335750][T12302] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  939.345241][T12302] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  939.353952][T12302] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  939.362690][T12302] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  939.375897][T12302] vxlan0: entered promiscuous mode
[  940.116555][T12309] Bluetooth: MGMT ver 1.23
[  940.645205][T12311] No such timeout policy "syz1"
[  945.350397][T12334] random: crng reseeded on system resumption
[  945.650946][T12336] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  946.240575][ T7345] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  946.403566][   T29] audit: type=1804 audit(1738088022.785:195): pid=12343 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.1471" name="/newroot/288/file1" dev="fuse" ino=1 res=1 errno=0
[  946.622324][ T7345] usb 2-1: unable to get BOS descriptor or descriptor too short
[  946.727292][   T29] audit: type=1800 audit(1738088022.794:196): pid=12343 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.1471" name="/" dev="fuse" ino=1 res=0 errno=0
[  946.760190][ T7345] usb 2-1: not running at top speed; connect to a high speed hub
[  946.775243][ T7345] usb 2-1: config 17 has an invalid interface number: 8 but max is 1
[  946.784205][ T7345] usb 2-1: config 17 has 1 interface, different from the descriptor's value: 2
[  946.794015][   T29] audit: type=1804 audit(1738088022.803:197): pid=12343 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.1471" name="/newroot/288/file1" dev="fuse" ino=1 res=1 errno=0
[  946.828224][ T7345] usb 2-1: config 17 has no interface number 0
[  946.834462][ T7345] usb 2-1: config 17 interface 8 altsetting 6 endpoint 0x3 has an invalid bInterval 116, changing to 4
[  946.878377][   T29] audit: type=1804 audit(1738088022.803:198): pid=12343 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.1471" name="/newroot/288/file1" dev="fuse" ino=1 res=1 errno=0
[  946.899045][ T7345] usb 2-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid maxpacket 30307, setting to 1023
[  946.925922][ T7345] usb 2-1: config 17 interface 8 has no altsetting 0
[  946.937092][ T7345] usb 2-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff
[  946.946918][ T7345] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  946.955036][ T7345] usb 2-1: Product: syz
[  946.960499][   T29] audit: type=1800 audit(1738088022.803:199): pid=12343 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.1471" name="/" dev="fuse" ino=1 res=0 errno=0
[  946.979995][ T7345] usb 2-1: Manufacturer: syz
[  946.984614][ T7345] usb 2-1: SerialNumber: syz
[  947.049760][T12346] No such timeout policy "syz1"
[  949.515709][ T7345] usb 2-1: selecting invalid altsetting 0
[  949.522384][ T7345] usb 2-1: 8:6 : no UAC_FORMAT_TYPE desc
[  949.528301][ T7345] usb 2-1: selecting invalid altsetting 0
[  950.174423][ T7345] usb 2-1: USB disconnect, device number 4
[  950.346049][T12360] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  951.748938][ T7345] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  952.097552][T12377] trusted_key: encrypted_key: insufficient parameters specified
[  952.296695][ T7345] usb 2-1: config 36 has an invalid descriptor of length 0, skipping remainder of the config
[  953.683590][ T7345] usb 2-1: config 36 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  954.393544][ T7345] usb 2-1: string descriptor 0 read error: -71
[  954.400086][ T7345] usb 2-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=26.29
[  954.414440][ T7345] usb 2-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16
[  954.946961][T12400] netlink: 'syz.2.1483': attribute type 10 has an invalid length.
[  954.957944][T12400] bridge0: port 2(bridge_slave_1) entered disabled state
[  954.965179][T12400] bridge0: port 1(bridge_slave_0) entered disabled state
[  955.020930][T12400] bridge0: port 2(bridge_slave_1) entered blocking state
[  955.028113][T12400] bridge0: port 2(bridge_slave_1) entered forwarding state
[  955.035533][T12400] bridge0: port 1(bridge_slave_0) entered blocking state
[  955.042779][T12400] bridge0: port 1(bridge_slave_0) entered forwarding state
[  955.058309][T12400] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  955.091615][T12397] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1483'.
[  955.100600][T12397] bridge_slave_1: left allmulticast mode
[  955.106296][T12397] bridge_slave_1: left promiscuous mode
[  955.111962][T12397] bridge0: port 2(bridge_slave_1) entered disabled state
[  955.127102][ T7345] usb 2-1: can't set config #36, error -71
[  955.147724][ T7345] usb 2-1: USB disconnect, device number 5
[  955.174228][T12397] bridge_slave_0: left allmulticast mode
[  955.181151][T12397] bridge_slave_0: left promiscuous mode
[  955.186837][T12397] bridge0: port 1(bridge_slave_0) entered disabled state
[  955.263640][T12397] bond0: (slave bridge0): Releasing backup interface
[  955.538994][T12406] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1485'.
[  956.815291][T12416] No such timeout policy "syz1"
[  961.405865][T12441] overlay: Unknown parameter 'uid<00000000000000000000'
[  962.448556][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  962.915902][T12447] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1495'.
[  964.030338][T12451] netlink: 'syz.0.1497': attribute type 10 has an invalid length.
[  964.112470][T12451] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  964.196642][T12451] sctp: [Deprecated]: syz.0.1497 (pid 12451) Use of int in max_burst socket option.
[  964.196642][T12451] Use struct sctp_assoc_value instead
[  964.232423][T12460] No such timeout policy "syz1"
[  964.408538][T12451] netlink: 164 bytes leftover after parsing attributes in process `syz.0.1497'.
[  969.135799][T12473] delete_channel: no stack
[  969.402769][T12491] netlink: 'syz.0.1502': attribute type 2 has an invalid length.
[  969.410964][T12491] netlink: 'syz.0.1502': attribute type 8 has an invalid length.
[  969.419201][T12491] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1502'.
[  970.918050][T12500] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1508'.
[  973.588314][T12522] No such timeout policy "syz1"
[  977.983458][T12549] netlink: 'syz.1.1515': attribute type 10 has an invalid length.
[  977.991356][T12549] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1515'.
[  978.002439][T12549] ipvlan1: entered promiscuous mode
[  978.007650][T12549] ipvlan1: entered allmulticast mode
[  978.012961][T12549] veth0_vlan: entered allmulticast mode
[  978.019965][T12549] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  979.750390][T12557] nfs4: Unknown parameter '
dev/cpu/#/msr'
[  981.054286][T12571] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  981.259030][T12573] netlink: 256 bytes leftover after parsing attributes in process `syz.0.1522'.
[  985.690499][T12604] netlink: 'syz.3.1531': attribute type 2 has an invalid length.
[  986.276443][T11884] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  986.336988][T12614] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1532'.
[  986.367231][T12614] netlink: 194488 bytes leftover after parsing attributes in process `syz.2.1532'.
[  989.214905][T12622] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  989.763486][T11884] usb 4-1: unable to read config index 0 descriptor/all
[  989.804610][T11884] usb 4-1: can't read configurations, error -71
[  989.848684][T12633] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  990.593020][T12639] binder: 12638:12639 ioctl c018620c 0 returned -14
[  991.185659][T12651] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[  992.756621][T12665] xt_CT: You must specify a L4 protocol and not use inversions on it
[  994.808621][T12681] geneve1: entered promiscuous mode
[  995.611105][T12691] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1549'.
[  996.086943][T12697] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1001.259631][T12738] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1559'.
[ 1001.269213][T12738] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1559'.
[ 1003.277563][T12760] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1003.773889][T12761] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1567'.
[ 1007.262052][T12787] netlink: 'syz.2.1571': attribute type 1 has an invalid length.
[ 1007.269841][T12787] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.1571'.
[ 1012.531515][   T29] audit: type=1804 audit(1738088084.671:200): pid=12823 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.1581" name="/newroot/312/bus/bus" dev="overlay" ino=1772 res=1 errno=0
[ 1012.619717][T12823] Invalid ELF header magic: != ELF
[ 1015.961614][T12851] No such timeout policy "syz1"
[ 1016.120194][T12856] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1017.032374][T12861] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1589'.
[ 1017.065144][T12861] netlink: 194488 bytes leftover after parsing attributes in process `syz.3.1589'.
[ 1018.996848][T12874] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1593'.
[ 1019.046862][T12869] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1019.105781][T12874] netlink: 194488 bytes leftover after parsing attributes in process `syz.2.1593'.
[ 1020.225274][   T29] audit: type=1326 audit(1738088091.873:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12881 comm="syz.0.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[ 1020.251365][   T29] audit: type=1326 audit(1738088091.892:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12881 comm="syz.0.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[ 1020.276714][   T29] audit: type=1326 audit(1738088091.892:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12881 comm="syz.0.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[ 1020.522225][   T29] audit: type=1326 audit(1738088091.892:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12881 comm="syz.0.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[ 1020.530964][T12886] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1597'.
[ 1020.544814][   T29] audit: type=1326 audit(1738088091.892:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12881 comm="syz.0.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[ 1020.602115][   T29] audit: type=1326 audit(1738088091.958:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12881 comm="syz.0.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0925d8b710 code=0x7ffc0000
[ 1020.629073][   T29] audit: type=1326 audit(1738088091.958:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12881 comm="syz.0.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0925d8c9ab code=0x7ffc0000
[ 1020.655815][   T29] audit: type=1326 audit(1738088091.958:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12881 comm="syz.0.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[ 1021.510577][   T29] audit: type=1326 audit(1738088091.958:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12881 comm="syz.0.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[ 1021.619715][   T29] audit: type=1326 audit(1738088091.958:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12881 comm="syz.0.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[ 1022.070971][T12903] random: crng reseeded on system resumption
[ 1023.859687][T12916] No such timeout policy "syz1"
[ 1024.726806][T12923] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1604'.
[ 1024.897526][T12923] netlink: 194488 bytes leftover after parsing attributes in process `syz.0.1604'.
[ 1026.030745][T12931] sctp: [Deprecated]: syz.2.1605 (pid 12931) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1026.030745][T12931] Use struct sctp_sack_info instead
[ 1027.114609][T12937] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1027.306837][T12939] netlink: 'syz.4.1609': attribute type 10 has an invalid length.
[ 1027.325820][T12939] netlink: 55 bytes leftover after parsing attributes in process `syz.4.1609'.
[ 1027.689153][T12948] futex_wake_op: syz.0.1610 tries to shift op by -1; fix this program
[ 1027.788879][T12944] fuse: root generation should be zero
[ 1027.802278][T12944] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1610'.
[ 1027.885366][T12936] delete_channel: no stack
[ 1028.548356][T12955] Invalid source name
[ 1029.619028][T12968] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1030.298807][T12972] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1618'.
[ 1033.911070][T12983] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1037.780132][T13019] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1038.499713][T13026] No such timeout policy "syz1"
[ 1039.757978][T13042] netlink: 'syz.2.1637': attribute type 10 has an invalid length.
[ 1039.766821][T13042] veth1_vlan: left promiscuous mode
[ 1039.798985][T13042] macvlan0: entered promiscuous mode
[ 1039.893061][T13042] macvlan0: entered allmulticast mode
[ 1039.922425][T13043] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1637'.
[ 1039.931373][T13043] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1637'.
[ 1039.989759][T13042] veth1_vlan: entered promiscuous mode
[ 1040.006263][T13042] veth1_vlan: entered allmulticast mode
[ 1040.051156][T13042] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[ 1043.205008][T13072] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1043.712962][T13085] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1043.831940][T13086] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1648'.
[ 1050.008644][T13118] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1050.016016][T13118] overlayfs: failed to set xattr on upper
[ 1050.021817][T13118] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1050.028829][T13118] overlayfs: ...falling back to index=off.
[ 1050.034802][T13118] overlayfs: ...falling back to uuid=null.
[ 1050.946409][T13116] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1051.437791][T13128] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1659'.
[ 1051.826230][T13128] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1051.834590][T13128] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1051.842865][T13128] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1051.851055][T13128] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1051.859434][T13128] vxlan0: entered promiscuous mode
[ 1052.205505][T13132] mkiss: ax0: crc mode is auto.
[ 1056.295172][T13163] vim2m vim2m.0: Fourcc format (0x56595559) invalid.
[ 1057.455478][T13169] loop9: detected capacity change from 0 to 6
[ 1059.884145][T13180] netlink: 194488 bytes leftover after parsing attributes in process `syz.1.1671'.
[ 1062.810263][T13216] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1679'.
[ 1063.405240][T13216] netlink: 268 bytes leftover after parsing attributes in process `syz.1.1679'.
[ 1063.666093][T13222] binder: 13218:13222 ioctl c0306201 0 returned -14
[ 1064.112316][T13215] vivid-000: kernel_thread() failed
[ 1065.622052][  T976] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[ 1066.127698][T13240] Can't find a SQUASHFS superblock on nullb0
[ 1066.163026][T13240] netlink: 'syz.3.1685': attribute type 10 has an invalid length.
[ 1066.171101][T13240] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1685'.
[ 1066.188324][T13240] bridge0: port 4(macvlan1) entered blocking state
[ 1066.195996][T13240] bridge0: port 4(macvlan1) entered disabled state
[ 1066.206700][T13240] macvlan1: entered allmulticast mode
[ 1066.212263][T13240] veth1_vlan: entered allmulticast mode
[ 1066.243884][T13240] macvlan1: entered promiscuous mode
[ 1066.266707][T13240] bridge0: port 4(macvlan1) entered blocking state
[ 1066.273335][T13240] bridge0: port 4(macvlan1) entered forwarding state
[ 1066.413122][  T976] usb 5-1: Using ep0 maxpacket: 16
[ 1066.564995][  T976] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1066.584015][  T976] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 96
[ 1066.594185][  T976] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8
[ 1066.636888][  T976] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[ 1066.658775][T13239] ALSA: mixer_oss: invalid OSS volume ''
[ 1067.125217][  T976] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1067.154213][  T976] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1067.170324][  T976] usb 5-1: SerialNumber: syz
[ 1067.180209][T13230] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1067.197114][T13230] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1067.226992][  T976] hub 5-1:1.0: bad descriptor, ignoring hub
[ 1067.232972][  T976] hub 5-1:1.0: probe with driver hub failed with error -5
[ 1067.261162][T13244] xt_cluster: node mask cannot exceed total number of nodes
[ 1067.947314][T13249] Invalid ELF header magic: != ELF
[ 1068.240444][T13251] Bluetooth: MGMT ver 1.23
[ 1068.310111][T13247] netlink: 194488 bytes leftover after parsing attributes in process `syz.3.1686'.
[ 1068.746912][  T976] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71
[ 1068.859158][  T976] usb 5-1: USB disconnect, device number 9
[ 1071.799318][T13282] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1695'.
[ 1072.499654][T13287] netlink: 'syz.0.1697': attribute type 7 has an invalid length.
[ 1072.550979][T13289] No such timeout policy "syz1"
[ 1072.885604][T13258] [U] ^C
[ 1074.379416][T13316] xt_NFQUEUE: number of total queues is 0
[ 1074.996118][T13316] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(13)
[ 1075.002767][T13316] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1075.010801][T13316] vhci_hcd vhci_hcd.0: Device attached
[ 1075.213717][T13321] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1702'.
[ 1075.241351][T13321] netlink: 194488 bytes leftover after parsing attributes in process `syz.0.1702'.
[ 1075.523388][    T8] usb 35-1: new low-speed USB device number 2 using vhci_hcd
[ 1075.824462][T13324] netlink: 'syz.4.1699': attribute type 1 has an invalid length.
[ 1075.832795][T13324] netlink: 'syz.4.1699': attribute type 4 has an invalid length.
[ 1075.840559][T13324] netlink: 212 bytes leftover after parsing attributes in process `syz.4.1699'.
[ 1077.424557][T13318] vhci_hcd: connection reset by peer
[ 1077.877807][ T5988] vhci_hcd: stop threads
[ 1077.887746][ T5988] vhci_hcd: release socket
[ 1077.892725][ T5988] vhci_hcd: disconnect device
[ 1078.092676][T13348] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1708'.
[ 1078.125789][T13348] netlink: 194488 bytes leftover after parsing attributes in process `syz.2.1708'.
[ 1080.046362][T13357] No such timeout policy "syz1"
[ 1080.691901][T13365] binder: 13364:13365 ioctl 4018620d 0 returned -22
[ 1081.444566][    T8] vhci_hcd: vhci_device speed not set
[ 1081.794447][T13378] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1713'.
[ 1081.917160][T13381] netlink: 194488 bytes leftover after parsing attributes in process `syz.1.1713'.
[ 1085.548277][T13407] sp0: Synchronizing with TNC
[ 1085.703874][T13407] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1721'.
[ 1085.735625][T13407] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1721'.
[ 1087.021199][T13415] No such timeout policy "syz1"
[ 1090.164270][T13442] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1730'.
[ 1090.646026][T13439] netlink: 194488 bytes leftover after parsing attributes in process `syz.4.1730'.
[ 1093.975036][T13467] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1093.984770][T13467] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1098.100797][T13488] netlink: 'syz.0.1742': attribute type 4 has an invalid length.
[ 1098.459766][T13505] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[ 1104.526624][T13558] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1759'.
[ 1105.912222][T13573] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1106.783804][T13580] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1761'.
[ 1106.797808][T13580] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1106.806642][T13580] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1106.815377][T13580] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1106.824132][T13580] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1106.835970][T13580] vxlan0: entered promiscuous mode
[ 1108.842910][T13601] binder: 13591:13601 ioctl c0306201 0 returned -14
[ 1118.468551][T13711] gfs2: not a GFS2 filesystem
[ 1119.345192][T13695] netlink: 'syz.0.1788': attribute type 9 has an invalid length.
[ 1119.484417][   T29] kauditd_printk_skb: 20 callbacks suppressed
[ 1119.503690][   T29] audit: type=1326 audit(1738088184.721:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13690 comm="syz.0.1788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[ 1119.634978][   T29] audit: type=1326 audit(1738088184.721:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13690 comm="syz.0.1788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[ 1119.657423][   T29] audit: type=1326 audit(1738088184.721:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13690 comm="syz.0.1788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[ 1119.679854][   T29] audit: type=1326 audit(1738088184.721:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13690 comm="syz.0.1788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[ 1120.846871][   T29] audit: type=1326 audit(1738088184.721:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13690 comm="syz.0.1788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0925d8cda9 code=0x7ffc0000
[ 1129.364641][T13802] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1136.037103][T13859] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1826'.
[ 1136.776249][T13865] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1826'.
[ 1137.484936][T13866] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1822'.
[ 1139.094663][T13884] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1828'.
[ 1141.993242][T13901] Invalid ELF header type: 0 != 1
[ 1143.971555][   T29] audit: type=1800 audit(1738088207.592:236): pid=13915 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.1834" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1144.490895][T13921] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1840'.
[ 1144.664038][T13924] No such timeout policy "syz1"
[ 1146.063927][T13937] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1842'.
[ 1150.399739][T13967] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1150.535309][T13963] x_tables: unsorted underflow at hook 3
[ 1150.543060][T13963] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1849'.
[ 1151.557105][   T29] audit: type=1800 audit(1738088214.719:237): pid=13984 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.1852" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1153.672353][T14001] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1153.683575][T14001] batadv_slave_0: entered promiscuous mode
[ 1154.328119][T14005] netlink: 187320 bytes leftover after parsing attributes in process `syz.4.1857'.
[ 1154.338027][T14005] netlink: zone id is out of range
[ 1154.343283][T14005] netlink: zone id is out of range
[ 1154.348569][T14005] netlink: zone id is out of range
[ 1154.353866][T14005] netlink: zone id is out of range
[ 1154.359091][T14005] netlink: zone id is out of range
[ 1154.364331][T14005] netlink: zone id is out of range
[ 1154.369670][T14005] netlink: zone id is out of range
[ 1154.374877][T14005] netlink: zone id is out of range
[ 1154.380133][T14005] netlink: zone id is out of range
[ 1154.385322][T14005] netlink: zone id is out of range
[ 1156.453199][   T29] audit: type=1800 audit(1738088219.303:238): pid=14023 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.1861" name="SYSV00000000" dev="tmpfs" ino=2 res=0 errno=0
[ 1158.480648][   T29] audit: type=1800 audit(1738088221.164:239): pid=14044 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.1864" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1158.852202][   T29] audit: type=1800 audit(1738088221.417:240): pid=14045 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.1866" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1160.535505][T14065] vlan2: entered allmulticast mode
[ 1160.540716][T14065] xfrm0: entered allmulticast mode
[ 1163.446356][T14086] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1877'.
[ 1164.951185][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1166.686118][T14106] ISOFS: Unable to identify CD-ROM format.
[ 1171.607118][T14137] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1891'.
[ 1171.972617][   T29] audit: type=1800 audit(1738088233.792:241): pid=14142 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.1890" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1172.027561][T14141] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1891'.
[ 1173.776874][T14169] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1173.784129][T14169] overlayfs: failed to set xattr on upper
[ 1173.789962][T14169] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1173.796887][T14169] overlayfs: ...falling back to index=off.
[ 1173.802830][T14169] overlayfs: ...falling back to uuid=null.
[ 1174.920677][T14170] IPVS: set_ctl: invalid protocol: 108 172.20.20.29:0
[ 1177.464028][T14193] netlink: 412 bytes leftover after parsing attributes in process `syz.3.1902'.
[ 1177.653253][T14194] ip6t_srh: unknown srh invflags 7863
[ 1178.215458][   T29] audit: type=1400 audit(1738088239.648:242): lsm=SMACK fn=smack_inode_setattr action=denied subject="y" object="_" requested=w pid=14184 comm="syz.1.1903" name="390" dev="tmpfs" ino=2124
[ 1178.727099][   T29] audit: type=1400 audit(1738088239.891:243): lsm=SMACK fn=smack_inode_permission action=denied subject="y" object="_" requested=wx pid=14198 comm="syz.1.1903" name="390" dev="tmpfs" ino=2124
[ 1179.732768][   T29] audit: type=1800 audit(1738088241.070:244): pid=14211 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.1908" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1181.116756][T14224] tipc: Started in network mode
[ 1181.122131][T14224] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[ 1181.131440][T14224] tipc: Enabled bearer <eth:team0>, priority 0
[ 1182.472071][ T7345] tipc: Node number set to 11578026
[ 1184.641838][T14254] netlink: 194488 bytes leftover after parsing attributes in process `syz.3.1917'.
[ 1189.546967][T14298] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1189.560236][T14298] vxcan1: tx drop: invalid da for name 0x0000000000000003
[ 1192.156032][T14320] netlink: 'syz.0.1931': attribute type 2 has an invalid length.
[ 1192.166622][T14320] netlink: 212912 bytes leftover after parsing attributes in process `syz.0.1931'.
[ 1192.343228][T14322] erofs (device nullb0): cannot find valid erofs superblock
[ 1195.728093][T14338] nvme_fabrics: missing parameter 'transport=%s'
[ 1195.735024][T14338] nvme_fabrics: missing parameter 'nqn=%s'
[ 1196.083080][T14354] net_ratelimit: 335 callbacks suppressed
[ 1196.083119][T14354] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1196.095581][T14354] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1199.576426][T14376] netlink: 1 bytes leftover after parsing attributes in process `syz.0.1946'.
[ 1199.783125][T14378] netlink: 268 bytes leftover after parsing attributes in process `syz.0.1946'.
[ 1202.514780][T14391] bridge0: port 4(macvlan1) entered disabled state
[ 1202.523322][T14391] bridge0: port 3(erspan0) entered disabled state
[ 1202.530017][T14391] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1202.538510][T14391] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1204.377644][T14403] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1952'.
[ 1206.571558][T14412] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1956'.
[ 1206.641231][T14412] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1206.930546][T11884] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[ 1207.254676][T11884] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1207.726188][T11884] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1207.739577][T11884] usb 5-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00
[ 1207.755027][T11884] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1207.765620][T11884] usb 5-1: config 0 descriptor??
[ 1207.806942][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1208.997263][T14412] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1209.011570][T14412] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1209.194755][T11884] usbhid 5-1:0.0: can't add hid device: -71
[ 1209.207665][T11884] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1209.217727][T11884] usb 5-1: USB disconnect, device number 10
[ 1212.629658][T14469] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1967'.
[ 1212.643950][T14469] netlink: 194488 bytes leftover after parsing attributes in process `syz.4.1967'.
[ 1214.589309][   T29] audit: type=1326 audit(1738088273.678:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14472 comm="syz.4.1970" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5b1638cda9 code=0x0
[ 1216.451066][T14493] siw: device registration error -23
[ 1217.246141][T14493] tty tty27: ldisc open failed (-12), clearing slot 26
[ 1219.350945][T14509] veth0_to_team: entered promiscuous mode
[ 1219.356874][T14509] veth0_to_team: entered allmulticast mode
[ 1220.011514][T14516] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1980'.
[ 1220.035338][T14516] netlink: 194488 bytes leftover after parsing attributes in process `syz.3.1980'.
[ 1227.024350][   T29] audit: type=1800 audit(1738088284.818:246): pid=14560 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.1987" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1227.161819][   T29] audit: type=1800 audit(1738088285.445:247): pid=14556 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.1989" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0
[ 1227.470818][T14567] cgroup: none used incorrectly
[ 1227.867207][T14567] orangefs_mount: mount request failed with -4
[ 1228.587191][T14571] binder: 14569:14571 ioctl c0306201 200002c0 returned -14
[ 1228.855747][T14581] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1994'.
[ 1228.888416][T14581] netlink: 194488 bytes leftover after parsing attributes in process `syz.2.1994'.
[ 1230.633354][T14590] xfrm0: mtu less than device minimum
[ 1231.079404][   T29] audit: type=1800 audit(1738088289.103:248): pid=14591 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.1997" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1236.057822][T14612] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1237.758455][T14616] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1239.577720][   T29] audit: type=1800 audit(1738088297.053:249): pid=14634 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.2006" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1239.797015][T14637] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2007'.
[ 1239.837855][T14637] netlink: 194488 bytes leftover after parsing attributes in process `syz.3.2007'.
[ 1240.059847][T14628] syz.3.2007 (14628) used greatest stack depth: 17088 bytes left
[ 1240.782748][T14647] netlink: 'syz.2.2008': attribute type 10 has an invalid length.
[ 1241.182203][T14647] bond0: (slave batadv0): Error -22 calling dev_set_mtu
[ 1241.404771][   T29] audit: type=1800 audit(1738088298.756:250): pid=14649 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.2009" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1242.616443][T14659] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2011'.
[ 1242.626237][T14659] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2011'.
[ 1242.647337][T12528] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[ 1242.658416][T14659] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2011'.
[ 1242.718885][T14659] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2011'.
[ 1242.829644][T12528] usb 3-1: device descriptor read/64, error -71
[ 1242.977082][T14665] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2013'.
[ 1243.290385][T14669] netlink: 'syz.4.2014': attribute type 1 has an invalid length.
[ 1243.743919][T12528] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[ 1243.968001][   T29] audit: type=1800 audit(1738088301.160:251): pid=14670 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.2015" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1244.005475][T12528] usb 3-1: device descriptor read/64, error -71
[ 1244.198360][T12528] usb usb3-port1: attempt power cycle
[ 1244.941805][T14673] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2016'.
[ 1245.672212][T14682] openvswitch: netlink: ufid size 20 bytes exceeds the range (1, 16)
[ 1245.680630][T14682] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1246.914878][T14695] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2020'.
[ 1248.863706][T14696] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2019'.
[ 1248.884524][T14696] netlink: 194488 bytes leftover after parsing attributes in process `syz.4.2019'.
[ 1251.877646][T14727] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2029'.
[ 1252.076177][T14729] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2029'.
[ 1252.086524][T14729] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2029'.
[ 1253.453592][T14742] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1254.428696][   T29] audit: type=1800 audit(1738088310.935:252): pid=14744 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.2032" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1254.496209][ T5868] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[ 1254.738652][ T5868] usb 3-1: device descriptor read/64, error -71
[ 1255.939044][ T5868] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[ 1260.264033][T14800] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1262.802029][T14814] ubi0: attaching mtd0
[ 1262.868419][T14814] ubi0: scanning is finished
[ 1262.885016][T14814] ==================================================================
[ 1262.893117][T14814] BUG: KASAN: slab-out-of-bounds in notifier_chain_register+0x141/0x3f0
[ 1262.901438][T14814] Read of size 4 at addr ffff88807e4358d8 by task syz.3.2049/14814
[ 1262.909312][T14814] 
[ 1262.911633][T14814] CPU: 0 UID: 0 PID: 14814 Comm: syz.3.2049 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[ 1262.911646][T14814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1262.911656][T14814] Call Trace:
[ 1262.911663][T14814]  <TASK>
[ 1262.911668][T14814]  dump_stack_lvl+0x241/0x360
[ 1262.911683][T14814]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1262.911692][T14814]  ? __pfx__printk+0x10/0x10
[ 1262.911706][T14814]  ? _printk+0xd5/0x120
[ 1262.911719][T14814]  ? __virt_addr_valid+0x183/0x530
[ 1262.911733][T14814]  ? __virt_addr_valid+0x183/0x530
[ 1262.911746][T14814]  print_report+0x169/0x550
[ 1262.911758][T14814]  ? __virt_addr_valid+0x183/0x530
[ 1262.911770][T14814]  ? __virt_addr_valid+0x183/0x530
[ 1262.911782][T14814]  ? __virt_addr_valid+0x45f/0x530
[ 1262.911794][T14814]  ? __phys_addr+0xba/0x170
[ 1262.911809][T14814]  ? notifier_chain_register+0x141/0x3f0
[ 1262.911819][T14814]  kasan_report+0x143/0x180
[ 1262.911830][T14814]  ? notifier_chain_register+0x141/0x3f0
[ 1262.911842][T14814]  notifier_chain_register+0x141/0x3f0
[ 1262.911854][T14814]  blocking_notifier_chain_register+0x61/0xc0
[ 1262.911866][T14814]  ubi_wl_init+0x3396/0x3720
[ 1262.911882][T14814]  ? ubi_attach+0x3de7/0x5b80
[ 1262.911901][T14814]  ubi_attach+0x3e01/0x5b80
[ 1262.911920][T14814]  ? __pfx_ubi_attach+0x10/0x10
[ 1262.911933][T14814]  ? __vmalloc_node_range_noprof+0xf65/0x1380
[ 1262.911950][T14814]  ubi_attach_mtd_dev+0x1a3a/0x3540
[ 1262.911970][T14814]  ctrl_cdev_ioctl+0x346/0x570
[ 1262.911985][T14814]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[ 1262.911999][T14814]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[ 1262.912012][T14814]  ? do_vfs_ioctl+0x152/0x2e40
[ 1262.912021][T14814]  ? __se_sys_ioctl+0x8e/0x170
[ 1262.912028][T14814]  ? __se_sys_ioctl+0xe6/0x170
[ 1262.912037][T14814]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[ 1262.912051][T14814]  __se_sys_ioctl+0xf5/0x170
[ 1262.912060][T14814]  do_syscall_64+0xf3/0x230
[ 1262.912073][T14814]  ? clear_bhb_loop+0x35/0x90
[ 1262.912087][T14814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1262.912100][T14814] RIP: 0033:0x7f7cac98cda9
[ 1262.912115][T14814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1262.912123][T14814] RSP: 002b:00007f7cad805038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1262.912136][T14814] RAX: ffffffffffffffda RBX: 00007f7cacba6080 RCX: 00007f7cac98cda9
[ 1262.912143][T14814] RDX: 0000000020000502 RSI: 0000000040186f40 RDI: 0000000000000006
[ 1262.912149][T14814] RBP: 00007f7caca0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1262.912156][T14814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1262.912162][T14814] R13: 0000000000000000 R14: 00007f7cacba6080 R15: 00007ffc04abf288
[ 1262.912172][T14814]  </TASK>
[ 1262.912175][T14814] 
[ 1263.180299][T14814] Allocated by task 5827:
[ 1263.184614][T14814]  kasan_save_track+0x3f/0x80
[ 1263.189273][T14814]  __kasan_kmalloc+0x98/0xb0
[ 1263.193841][T14814]  __kmalloc_noprof+0x285/0x4c0
[ 1263.198694][T14814]  tomoyo_realpath_from_path+0xcf/0x5e0
[ 1263.204232][T14814]  tomoyo_path_perm+0x2b7/0x740
[ 1263.209063][T14814]  security_inode_getattr+0x130/0x330
[ 1263.214419][T14814]  vfs_getattr+0x2a/0x3a0
[ 1263.218748][T14814]  vfs_statx+0x18c/0x490
[ 1263.222987][T14814]  vfs_fstatat+0xe5/0x130
[ 1263.227309][T14814]  __x64_sys_newfstatat+0x117/0x190
[ 1263.232513][T14814]  do_syscall_64+0xf3/0x230
[ 1263.236999][T14814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1263.242891][T14814] 
[ 1263.245198][T14814] Freed by task 5827:
[ 1263.249155][T14814]  kasan_save_track+0x3f/0x80
[ 1263.253832][T14814]  kasan_save_free_info+0x40/0x50
[ 1263.258841][T14814]  __kasan_slab_free+0x59/0x70
[ 1263.263592][T14814]  kfree+0x196/0x430
[ 1263.267467][T14814]  tomoyo_realpath_from_path+0x5a9/0x5e0
[ 1263.273094][T14814]  tomoyo_path_perm+0x2b7/0x740
[ 1263.277942][T14814]  security_inode_getattr+0x130/0x330
[ 1263.283299][T14814]  vfs_getattr+0x2a/0x3a0
[ 1263.287610][T14814]  vfs_statx+0x18c/0x490
[ 1263.291832][T14814]  vfs_fstatat+0xe5/0x130
[ 1263.296148][T14814]  __x64_sys_newfstatat+0x117/0x190
[ 1263.301330][T14814]  do_syscall_64+0xf3/0x230
[ 1263.305818][T14814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1263.311704][T14814] 
[ 1263.314011][T14814] The buggy address belongs to the object at ffff88807e434000
[ 1263.314011][T14814]  which belongs to the cache kmalloc-4k of size 4096
[ 1263.328054][T14814] The buggy address is located 2264 bytes to the right of
[ 1263.328054][T14814]  allocated 4096-byte region [ffff88807e434000, ffff88807e435000)
[ 1263.342891][T14814] 
[ 1263.345205][T14814] The buggy address belongs to the physical page:
[ 1263.351613][T14814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7e430
[ 1263.360357][T14814] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1263.368841][T14814] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1263.376814][T14814] page_type: f5(slab)
[ 1263.380811][T14814] raw: 00fff00000000040 ffff88801ac42140 0000000000000000 0000000000000001
[ 1263.389374][T14814] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[ 1263.397944][T14814] head: 00fff00000000040 ffff88801ac42140 0000000000000000 0000000000000001
[ 1263.406612][T14814] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[ 1263.415436][T14814] head: 00fff00000000003 ffffea0001f90c01 ffffffffffffffff 0000000000000000
[ 1263.424083][T14814] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[ 1263.432750][T14814] page dumped because: kasan: bad access detected
[ 1263.439173][T14814] page_owner tracks the page as allocated
[ 1263.444893][T14814] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 5817, tgid 5817 (syz-executor), ts 1204046545189, free_ts 1204015824634
[ 1263.467217][T14814]  post_alloc_hook+0x1f4/0x240
[ 1263.471975][T14814]  get_page_from_freelist+0x3651/0x37a0
[ 1263.477497][T14814]  __alloc_frozen_pages_noprof+0x292/0x710
[ 1263.483285][T14814]  alloc_pages_mpol+0x311/0x660
[ 1263.488124][T14814]  allocate_slab+0x8f/0x3a0
[ 1263.492614][T14814]  ___slab_alloc+0xc27/0x14a0
[ 1263.497275][T14814]  __slab_alloc+0x58/0xa0
[ 1263.501586][T14814]  __kmalloc_noprof+0x2e6/0x4c0
[ 1263.506415][T14814]  tomoyo_realpath_from_path+0xcf/0x5e0
[ 1263.511950][T14814]  tomoyo_path_perm+0x2b7/0x740
[ 1263.516786][T14814]  security_inode_getattr+0x130/0x330
[ 1263.522224][T14814]  vfs_getattr+0x2a/0x3a0
[ 1263.526536][T14814]  vfs_statx+0x18c/0x490
[ 1263.530755][T14814]  vfs_fstatat+0xe5/0x130
[ 1263.535064][T14814]  __x64_sys_newfstatat+0x117/0x190
[ 1263.540247][T14814]  do_syscall_64+0xf3/0x230
[ 1263.544734][T14814] page last free pid 5823 tgid 5823 stack trace:
[ 1263.551037][T14814]  free_frozen_pages+0xe04/0x10e0
[ 1263.556048][T14814]  __put_partials+0x160/0x1c0
[ 1263.560729][T14814]  put_cpu_partial+0x17c/0x250
[ 1263.565472][T14814]  __slab_free+0x290/0x380
[ 1263.569865][T14814]  qlist_free_all+0x9a/0x140
[ 1263.574433][T14814]  kasan_quarantine_reduce+0x14f/0x170
[ 1263.579871][T14814]  __kasan_slab_alloc+0x23/0x80
[ 1263.584707][T14814]  kmem_cache_alloc_noprof+0x1d9/0x380
[ 1263.590151][T14814]  vm_area_dup+0x27/0x290
[ 1263.594483][T14814]  copy_mm+0xce5/0x2110
[ 1263.598648][T14814]  copy_process+0x1845/0x3d50
[ 1263.603323][T14814]  kernel_clone+0x223/0x870
[ 1263.607808][T14814]  __x64_sys_clone+0x258/0x2a0
[ 1263.612549][T14814]  do_syscall_64+0xf3/0x230
[ 1263.617030][T14814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1263.622907][T14814] 
[ 1263.625211][T14814] Memory state around the buggy address:
[ 1263.630848][T14814]  ffff88807e435780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1263.638890][T14814]  ffff88807e435800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1263.646939][T14814] >ffff88807e435880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1263.654979][T14814]                                                     ^
[ 1263.661915][T14814]  ffff88807e435900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1263.669954][T14814]  ffff88807e435980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1263.678007][T14814] ==================================================================
[ 1263.688178][T14814] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1263.695384][T14814] CPU: 0 UID: 0 PID: 14814 Comm: syz.3.2049 Not tainted 6.13.0-syzkaller-08265-g9c5968db9e62 #0
[ 1263.705781][T14814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1263.715844][T14814] Call Trace:
[ 1263.719109][T14814]  <TASK>
[ 1263.722041][T14814]  dump_stack_lvl+0x241/0x360
[ 1263.726700][T14814]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1263.731984][T14814]  ? __pfx__printk+0x10/0x10
[ 1263.736560][T14814]  ? vscnprintf+0x5d/0x90
[ 1263.740870][T14814]  panic+0x349/0x880
[ 1263.744751][T14814]  ? check_panic_on_warn+0x21/0xb0
[ 1263.749851][T14814]  ? __pfx_panic+0x10/0x10
[ 1263.754263][T14814]  ? check_panic_on_warn+0x21/0xb0
[ 1263.759359][T14814]  ? check_panic_on_warn+0x72/0xb0
[ 1263.764452][T14814]  check_panic_on_warn+0x86/0xb0
[ 1263.769376][T14814]  ? notifier_chain_register+0x141/0x3f0
[ 1263.774994][T14814]  end_report+0x77/0x160
[ 1263.779221][T14814]  kasan_report+0x154/0x180
[ 1263.783706][T14814]  ? notifier_chain_register+0x141/0x3f0
[ 1263.789324][T14814]  notifier_chain_register+0x141/0x3f0
[ 1263.794855][T14814]  blocking_notifier_chain_register+0x61/0xc0
[ 1263.800910][T14814]  ubi_wl_init+0x3396/0x3720
[ 1263.805490][T14814]  ? ubi_attach+0x3de7/0x5b80
[ 1263.810173][T14814]  ubi_attach+0x3e01/0x5b80
[ 1263.814683][T14814]  ? __pfx_ubi_attach+0x10/0x10
[ 1263.819519][T14814]  ? __vmalloc_node_range_noprof+0xf65/0x1380
[ 1263.825580][T14814]  ubi_attach_mtd_dev+0x1a3a/0x3540
[ 1263.830801][T14814]  ctrl_cdev_ioctl+0x346/0x570
[ 1263.835555][T14814]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[ 1263.840832][T14814]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[ 1263.846103][T14814]  ? do_vfs_ioctl+0x152/0x2e40
[ 1263.850847][T14814]  ? __se_sys_ioctl+0x8e/0x170
[ 1263.855593][T14814]  ? __se_sys_ioctl+0xe6/0x170
[ 1263.860340][T14814]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[ 1263.865619][T14814]  __se_sys_ioctl+0xf5/0x170
[ 1263.870192][T14814]  do_syscall_64+0xf3/0x230
[ 1263.874681][T14814]  ? clear_bhb_loop+0x35/0x90
[ 1263.879343][T14814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1263.885217][T14814] RIP: 0033:0x7f7cac98cda9
[ 1263.889612][T14814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1263.909217][T14814] RSP: 002b:00007f7cad805038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1263.917617][T14814] RAX: ffffffffffffffda RBX: 00007f7cacba6080 RCX: 00007f7cac98cda9
[ 1263.925573][T14814] RDX: 0000000020000502 RSI: 0000000040186f40 RDI: 0000000000000006
[ 1263.933699][T14814] RBP: 00007f7caca0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1263.941651][T14814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1263.949609][T14814] R13: 0000000000000000 R14: 00007f7cacba6080 R15: 00007ffc04abf288
[ 1263.957571][T14814]  </TASK>
[ 1263.960856][T14814] Kernel Offset: disabled
[ 1263.965168][T14814] Rebooting in 86400 seconds..