last executing test programs:

1m59.162372816s ago: executing program 0 (id=120):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r0, &(0x7f0000000580)={0x20e, 0x2, 0x0, {{0x500, 0xcd, 0x500, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x28, 'pg>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18x\x9b\xa9\x16c\x88\x14\xe5p\x81\x03\xb4\x94\xe1\x00\x00\x00\x00\x00\x00\x00\x00', 0x2, '\b\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x00'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300, 0x0, 0x0, 0xee01}}, 0x20e)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x3, [@const={0xc}, @func={0x8, 0x0, 0x0, 0xc, 0x5}, @func={0x6, 0x0, 0x0, 0xc, 0x2}]}, {0x0, [0x5f]}}, &(0x7f0000000380)=""/139, 0x3f, 0x8b, 0x0, 0x0, 0x0, @void, @value}, 0x28) (async)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x3, [@const={0xc}, @func={0x8, 0x0, 0x0, 0xc, 0x5}, @func={0x6, 0x0, 0x0, 0xc, 0x2}]}, {0x0, [0x5f]}}, &(0x7f0000000380)=""/139, 0x3f, 0x8b, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x7, 0x6, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000500000018110000", @ANYRES32=r2, @ANYRES8=0x0], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r3}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x0, <r4=>0x0}, 0x8)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r5, 0x0, 0x61, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)=0xf3)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000100)=r4, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000000)=@framed={{0x62, 0xa, 0x0, 0xffc4, 0x0, 0x71, 0x10, 0x3d}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) (async)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
socket$igmp(0x2, 0x3, 0x2) (async)
r6 = socket$igmp(0x2, 0x3, 0x2)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000001c0)={0x6}, 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000001c0)={0x6}, 0x8)
setsockopt$MRT_FLUSH(r6, 0x0, 0xd1, &(0x7f0000000000)=0x4, 0x4) (async)
setsockopt$MRT_FLUSH(r6, 0x0, 0xd1, &(0x7f0000000000)=0x4, 0x4)
r7 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_CAP_HYPERV_DIRECT_TLBFLUSH(r7, 0x4068aea3, &(0x7f0000000440))
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}], {0x14}}, 0x90}}, 0x0) (async)
sendmsg$NFT_BATCH(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}], {0x14}}, 0x90}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xf, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000180000003d030100000000009500f000000000007126000000000000bf67000000000000360602000fff07006706000020000000170200000ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad03000000000000720400000000000014000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56b8c2b84a800ea6553f304000000815dcf00c3eebc52267b042d19"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, r4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1m59.107949967s ago: executing program 0 (id=121):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x2d, &(0x7f0000000540)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0xd81}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x9}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x24}}, 0x0) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_POWER_SAVE(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)={0x24, r5, 0x1, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x88c0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r4) (async)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_CONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r9, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) (async)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=ANY=[@ANYBLOB="5000000008021100000108021100000008021100000000000000000000000000640001000006020202010182"], 0x2f) (async)
r11 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r11, &(0x7f00000000c0)=ANY=[], 0xff2e) (async)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) (async)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000000)=@mgmt_frame=@assoc_resp={{{}, {0x4000}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val, @void}, 0x20) (async)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000440)=ANY=[@ANYBLOB="8000000008021100000108021100000108021100000000"], 0x64) (async)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r12}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) (async)
r13 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed0000000109022400010000000009040000030300000009210000000122050009058103"], 0x0)
syz_usb_control_io(r13, 0x0, 0x0)
syz_usb_control_io(r13, &(0x7f0000000100)={0x2c, &(0x7f0000000280)=ANY=[@ANYBLOB="200617"], 0x0, 0x0, 0x0, 0x0}, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="b40503c8ed9d6595437792418a9f6ba43d99d486a4400000000066000000000013127a3b60eabf55cc319cfb29f62e8424d840ffd5701bb1aa9c2dbcfb473476b7fb577f79311a66434c8611bb6d27cc04f3add23d2aa9c76b2d149f2b7616a7810454a324ddd20eeb74378d06fc48c37ac89a863573ead0195158428e44b48afdc91db1b6a862300cff3608036107d8416f982428c66f872154be4e92c90b684bcaf7e338c4c5a630df83aa28c1434ed810bb96a91835667fe573493de059aecd3c144e680380755f9ce1375223fea0e81237fc786a2b61824ca0e4df8e03bc8d1b466fbbeefbf0b55ec9bcd282bd03bc36be0653133675818f737d4b1e7a877d2e20c9557358f3adb18cf1d98a3f6c64139e2a75ebaf7f4d7bfbacfbfefdd58a96e81bea"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r14 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$IP6T_SO_SET_REPLACE(r14, 0x29, 0x40, &(0x7f0000000a00)=@nat={'nat\x00', 0x1b, 0x5, 0x5e0, 0x2c0, 0x118, 0xffffffff, 0x3d8, 0x3d8, 0x518, 0x518, 0xffffffff, 0x518, 0x518, 0x5, &(0x7f00000004c0), {[{{@ipv6={@mcast1, @remote, [0xffffffff, 0x0, 0xff], [0xffffffff, 0xffffff00, 0xffffff00, 0xffffff00], 'pim6reg1\x00', 'veth0_virt_wifi\x00', {0xff}, {}, 0x3a, 0x80, 0x3, 0x48}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@inet=@l2tp={{0x2c}, {0x2, 0x2, 0x2, 0x1}}]}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x2, @ipv4=@dev={0xac, 0x14, 0x14, 0x1f}, @ipv4=@private=0xa010102, @gre_key=0xc, @port=0x4e22}}}, {{@ipv6={@remote, @remote, [0xffffff00, 0xff000000, 0xffffffff, 0xff], [0xffffff00, 0xff, 0xffffff00, 0xff000000], 'dvmrp0\x00', 'veth0_to_hsr\x00', {}, {0xff}, 0xcc, 0x0, 0x0, 0x50}, 0x0, 0x160, 0x1a8, 0x0, {}, [@common=@unspec=@conntrack2={{0xbc}, {{@ipv4=@local, [0xffffff00, 0xffffff00, 0xffffffff], @ipv4=@multicast1, [0xffffff00, 0x0, 0x0, 0xffffffff], @ipv4=@private=0xa010101, [0xff000000], @ipv6=@ipv4={'\x00', '\xff\xff', @empty}, [0xffffff00, 0xffffff00, 0xff, 0xff000000], 0x3, 0x4, 0xc, 0x4e21, 0x4e22, 0x4e23, 0x4e20, 0x44, 0x1000}, 0x100, 0x110}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x30, @ipv4=@empty, @ipv4=@multicast1, @port=0x4e24, @gre_key=0x8001}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [0xffffffff, 0xffffff00, 0xffffff00], [0xffffff00, 0xff, 0xffffffff, 0xffffff00], 'rose0\x00', 'tunl0\x00', {}, {0xff}, 0x3a, 0x5, 0x4, 0x63}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@inet=@udp={{0x2c}, {[0x4e23, 0x4e24], [0x4e20, 0x4e20], 0x3}}]}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x1d, @ipv4=@loopback, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}, @port=0x4e21, @gre_key=0x61}}}, {{@uncond, 0x0, 0xf8, 0x140, 0x0, {}, [@common=@frag={{0x30}, {[0xfff, 0x5], 0x8, 0x44, 0x1}}, @common=@hl={{0x24}, {0x3, 0x3c}}]}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x10, @ipv4=@broadcast, @ipv6=@loopback, @port=0x4e21, @port=0x4e24}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x63c)

1m59.074229224s ago: executing program 0 (id=124):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x41, 0x0, 0x2}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000240)={&(0x7f00000000c0)=@id, 0x10, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f00000002c0)=0x2, 0x4)
r4 = openat$nvram(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_enable(r4, &(0x7f0000000180)='0', 0x1)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x200, 0x0)
mount(&(0x7f0000000100)=@nullb, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080)='iso9660\x00', 0x0, 0x0) (fail_nth: 10)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
acct(0x0)
acct(0x0)
sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000200)={0x114, 0x1e, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x101, 0xe7, 0x0, 0x1, [@typed={0xb, 0x1, 0x0, 0x0, @binary="72dcce07c1ab48"}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0)

1m57.834209335s ago: executing program 0 (id=129):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0xab3, 0x2d0142)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000240)=0xffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
kcmp(0x0, 0x0, 0x4, 0xffffffffffffffff, r0)
r1 = getpid()
mkdir(&(0x7f0000000080)='./file1\x00', 0x1)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r3, {0x10}}, './file0\x00'})
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
socket$inet6_sctp(0xa, 0x5, 0x84)
mkdir(&(0x7f0000000080)='./bus\x00', 0x0)
chdir(&(0x7f00000001c0)='./bus\x00')
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000340)='./file0\x00', &(0x7f00000004c0), 0x700, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000080)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

1m56.791403299s ago: executing program 0 (id=135):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_DEV(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={0x0}, 0x1, 0x0, 0x0, 0x8}, 0x80)

1m56.500542103s ago: executing program 0 (id=137):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x41, 0x0, 0x2}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000240)={&(0x7f00000000c0)=@id, 0x10, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f00000002c0)=0x2, 0x4)
r4 = openat$nvram(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_enable(r4, &(0x7f0000000180)='0', 0x1)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x200, 0x0)
mount(&(0x7f0000000100)=@nullb, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080)='iso9660\x00', 0x0, 0x0) (fail_nth: 11)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
acct(0x0)
acct(0x0)
sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000200)={0x114, 0x1e, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x101, 0xe7, 0x0, 0x1, [@typed={0xb, 0x1, 0x0, 0x0, @binary="72dcce07c1ab48"}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0)

1m56.431525623s ago: executing program 32 (id=137):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x41, 0x0, 0x2}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000240)={&(0x7f00000000c0)=@id, 0x10, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f00000002c0)=0x2, 0x4)
r4 = openat$nvram(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_enable(r4, &(0x7f0000000180)='0', 0x1)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x200, 0x0)
mount(&(0x7f0000000100)=@nullb, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080)='iso9660\x00', 0x0, 0x0) (fail_nth: 11)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
acct(0x0)
acct(0x0)
sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000200)={0x114, 0x1e, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x101, 0xe7, 0x0, 0x1, [@typed={0xb, 0x1, 0x0, 0x0, @binary="72dcce07c1ab48"}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0)

1m53.46262579s ago: executing program 3 (id=159):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0xfdef}], 0x1)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000001240)={0x0, 0x2, 0x0, 0x0, 0x0, "001bf1000000000000002000"})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x40, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IE={0x11, 0x2a, [@random={0xdd, 0xb, 'abcdefghijk'}]}, @NL80211_ATTR_SCAN_SSIDS={0x10, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}]}]}, 0x40}}, 0x0)
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000040)=@mgmt_frame=@beacon={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x36)
nanosleep(&(0x7f0000000080)={0x0, 0x4c4b40}, &(0x7f00000000c0))
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000340)=@mgmt_frame=@probe_response={{{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r5 = syz_open_pts(r0, 0x101)
r6 = dup3(r5, r0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0xd)
write$UHID_INPUT(r6, &(0x7f00000001c0)={0xa, {"08c39ee52f329f1698b1c4865f8b540a5eee9f496a0809c3d20325867b6edda88489ab4c09fe0a7f1e8640aa8e344f412df0d69475a5d6570e21f31fac7dfb4aa7ade0e851582d5c1abdd809580cb34c9e48576b1c73ed76023256fca058ada3db47d86cc75b33cf762b67fe61f152618c49a40858f68794a4fc484ab73ccd254ba3d147f5feddaf91dacc238c0a8096f79597ca1e6da781fcf37a0141a335c6a7577d2d53c6e552a7be208381bb31d1d3e0e92ea651655217535734b286d3f19780a4c720075a36a734151f8c00e651cb3a6bbe30e3f6aee48750436da6471e965e81f38134674fcb697108fb7345010bb8fa15fba9b33355d7858327171ab9c68f6c21b2ffbff4eb061dab80bc77a4a7769e7ff73bcd98790e09415bfc5978cf5af45c3ec9ef9c1a39f766c59d59590281038dbcb765580ba2b3f141d5bbfc40910a0894cd1f22d2a8b6d4e4778debef99438b54d44b4b7568de2777431a5b2f3e8d1a45a60a468f5e33e8ef534f803dfb6798c270f52edf031ecd996bb78c4e92961c63c079676d77412ebc6074e5f235417785e7a14b14ce7626b015071c154cc2bf8f4499b93293e9997c23df4c7a1498cf12414fb31eb873728e4f613b540d22e7ca718f18da5b82ed24995e4309c3af4a2e1097465bf09728082d09e71ea365522035eb9772b8e072f8454777ee304dacd59d3eb9f933f151fa14f8c38eadbeba04810a2dea7a66824f09235c13a45f07870210d0d310ce3ae6284577bd4e65f32700f6723727926cb52e4f27776a1dab0f6668327ab5cf1893879a635261f2e0d9923ccecbf5b80f10a8275c1515f47930d614e787f14c105d3a4f8faf8e7f738cf4eae4fc39ef3db3cb87794ace87f7239b69dc4ab4e5ae57cdfbd309e847d99600ef14b51faead01e8ade57d24270bc13a1787896096eeacb8ab1c93d31d93cfb244bb09ecfecf336362a5656db7df327cbb9aeb898f8af229c7bb9452805f2b4510c5df86b6d564e01f000000167ade5205331523a6392af2bea9e6db0ba5480cbf1b202714233289c4017cb66e83c0c8b6e88bedb922162d0ceecf6c5da173bbefe6781ab7720d2be6cca378db650c69d4228141ae190922fbbaddb86c7f0fe138b704e8305b3bcc7910b2280d96d71dafdbfa876b0013fc4de586f85d9ee077b6349becbdca8bd989a51c4c76ed8a8cc691a65078e0272a62edec8236a779f0cbffeda49dcdccd4def7064e0d77ae5a8c64f3057b4a3a0d4457d33f2bc6c112378315411baa4bb126fe540d750491fc58fbb66911ef82bce5ed76872dbcd8e05dea2f3f347a653aa39ab5d75e71671bfeb924e71476134dbf91e3f287fd853cc34bf81e717edd41aa04b6fbeb43cf2074f0c8fe5350401b6cff801c147a3b58b972aa5652629a9fd8b1df2852708ce958d4e9974ec4383aa5da4e3f75fdc85981e97b75863546f67a8703673b6fe2c26f0e9eeb8c45c26f673adac55fa5d69b82ae7d032fd3b26866047e8c029b90a62794a89c11398944b398b4177b2dcc5a743c16d4a5333b1e30af678d3db8df849c1753db067a6f94bab00c0dd3c7e94a8675924c89bda98ac09e10bcdf83f5114b9b466c413477a5cdc48c857230798934bcc1f0eb3a2d2944b139e459af32e515785f46ed4e97cdcb23c7e4dc7c4f91b5b5ca5228344aeb6652fffaf31325c7429bc70a5f6beaaa98ef190dffdeccc94bd814b3edfdd48243bf34291076ab5438ee00e924a827d5b453df42d24144fe1a45bb6c84fcbb2143d0a561c1e867c1279bdf0a47061ea77a84f36c720aff785f0db10eda84c767b5f3874f9455c0f026735ded32f0403ef7dbcf97d2233d59c670114ddf89314ba74fc248bcbdbf43c24e46304e229b3cf583aa410f4dfd119152495da8737518ee2a05a8ca1f004be3c551408f2e4013e444b63bf2bb26ddeae505642dffcc989ee241c48741181b506e22fdc4530319522780c74bf786852dc66ebbb51f8ecbb1e35de09ef7afe589bb8a31c5d63477db5d5e7174694ea04cfa98057d39127a4e5eedb4897a491c6693acd0a036abf846f3b6f3006e5e5fd586f29a4a8a31abbccf732e4f1b88187a72d669c16302657e9cbbeb9322662e111edc7771526400b6123d0f8207bcaa38bee07043e36e223d418ac948d65e7acfe72cc3fdcf03a3e43ecfec8ae489ddba09126709c5c7968829e3504de8a5010c9372de09476a7b96b04d7aed2486d8f89f21f075321abe350024abe00a81f87df3dc372fc3206496776c26b6958243070bda4cace3e358da5d39a3945765c2ba4b002b06efd416af66f3343f218ed84550ea83f02f9a5c3fc677ea60987aa25f0406d6154081cfdc074814a2465accdfa102858f5a52c9eae293c56ddcaf8f6926d3dd0ccb51a30c960d6b7e473038ebd3702b5106f6bc040efdfd7169fd3f2dc42ff23de26a239e13b74278729fd7e843b38a35c55fd50181ac13a9cbbbfd8feb36afaeb1993349c0ac5a0c44ffd92919dfe272b0f8ed7df7198cd299715f021109a58dced4753d3c7ddd6e9ea01596f18b2fe7000000004ccfca57aed5b5cebdff65de480a56bd53f4c7f83ddef00d7c9686311d1fce76f320bb3222a11db30ba6ed31535d8fda61e694478ca9935d72719b8d6b9be88ae3df30b60ee251b919b4d1734b994c62accdf855488b351738331b462eccf27efdc5577d7a5548579dc90d227a42ac010f33a720dc3cf0a63454f8b07c775287495761a058ec1e28e6aaf8057241f4ef8b5de56e279355bb66630c4ddf35e7c2cfff26a4241b1df0379d2a1e9f959e46d3843f89844ead50aff44640fcbc4a1edb033afff7cc9e57c4f8d31900764233e11fa4c28e547788c1b00de4268df692ba3415a9ad90fa712f9618f5ecff57da32809380eeff040cd3b23f508614c72b303cec3bcd732708303b166193366a062b9cea536f28478c387e626744c6a611a8e7162d274efccc84eee8eb31d3310c86752777dd5b5ffe234e895c54909f19a4aabcf3c15b90c02170409e314fd90e766ec4ba93c8ec6321237a980ad3c32fb2fab69e57541ea7f5427a85c2c57d40f9ebe9de5572f46a4713fb28e0af42d0adef3e29195aa41a3ba318181512eebfadffede4e35ff7f975928edc5d4d9f2d931fb44b30e1df55e66c52e1648e9cdaf71221b57c6a6b087428ccc57ade5b1531341cba2be452b426c434c70fd8c493337d4995cbd76ea1dd545226e3eb59d5f94ffb5352f87a4a66cd7c5e88322404fd397c46e198646a9c819d0eb1f10e54d8a3ea912f1cb134ff1095aa7325287f6ea9af8c13b67d6abcbb70dbc06838ecb33e45b60f6cb832c3e72d1401770f66bd02f35a2d007815ab676099e31f5102000000c0e83d5e7107c8dc5830c9cddb9781185b94d7f2814c5058ba3ac54c268741c5728f4997a9628602c2a36090162379f3f37c47619b3e7c7397a5913b7060b51e0c7f7226ff1135444f866f89a4b74136cbd3acb7178bd63183b3fd9cd19fdeb6fcc6341910ad4605da76a9af4bfb8b75fcd666f8188902b380ae560d9aa04f8f9b0ac5c109d1824a470726e06a49d955f8f71c8a86081e75b13f62600deb941da181eaff544cd559c467d8dae432debd22e7a7b3e1ad731a5b9470f5f60423dda061ff899c07c79f3da34f38e1d8182d6ee0c36c602945509167be440382a8a8a759b20e41638fd57152029b190b5701d30a86f579e2d0cc53a2f809ca9bd3aba1eb2772a7acc35c4d983afa83a9baea35c0ed4931234719636cf8f5fe1884bde6cebbdf23bd62b1ebf0a5cb78c27295349bd7d5cf28c4ee4689497238fd3aa71a417914e6892667a56bd69dc2e5882cfb67df71494e9a9199e025892e4e7435f727636cd988cc7563d28db5133f649849c5b3973a3428de10ad39d96146b22acc50f50eee5a038876452b960686892de40efe30081ccdaa2bf64af78d5988026e529b36c62a21378ac42d220d0dd878010178e374e6dbb2b61206066d04e729ed03c6fd9a4e00547fe9304aec0925d85a0acd07fdc5d48c1a1cff656916f5d25952327792255e0d606a32517781cc3d737ec753eb95b5b5b95dabd8946907ab54cc85d05b475e2e5486c6fc070417198d3a50910e2949d20d3fa68fd327934cff5171224942b8f18d88947763a7c710d09c4b269bdf2d3e715329917fb70728a4a0530999b755ba8fc04deabf4bc4bcffc4d62d491538c65078122bf2c263ae0020af67cfc9cf19e5b929e086af281fb43d5504d728935c5cfac136eb81703d50fddb39a5a713b2914c6acd9b2d07819cf7bba495ac5734fe423e611d309b80eeafcf9053d51b0ab3c29d5ca5eb8861ffc1ebc4d53f361b8991baecb52860c15202f979e34054fcde869d018103ccd6d914a70f1840fc6aaf426beec975ddb980b19b0f4cc2ca393c0b9e6ebe5e7d1c9fc1ef7a1c91378f0b73262993fb80667ecf62bac3c47cbd002ae1b87b8dc3ec99d5c987765d778868eb55022cc3bed14b8f934a584bcc98fa0b4f6e6982ab8d8a2bb49f9074ef429dd7b8db332a96ccec6983a97be7c8634c02e7937ffc8d613b83aa375886bf40a87ec062090382f874bf2c8e5fbb58ac18a46c4d9e85af3ca21bdacb7755f49776b0eb3972ff682c84beb07d74cbe2764e378253e72128991b73d2730704a5448280e8a0fd8cc87d4cddcffbfe5525ae3d2304877a3988e33c8e12bf77793e753f25840e9af2ce56bdb999fc62623a2298b4244534f662eb398a2577c72f6cfd5174697dcee151d4f3a7293b11de3889c43744da4165aca4e4a1e926d37ae4d7471584a06f3641f2037a74a58c2397a594f29d142d59f91bb57e24e1a3f30f68c626033cc34895c1b16d62e3a375c3e09f5dbd9338cd3a500643143cd404b57019c648c3ec31d696233fe16efc3c4c84aca0830ca8b9fbf1144b98d82f41e4cf67631c74cdcf8d9c8b8556b876ff1592683ccac0b47a26cb3a2cb1b917f433bb54e0b53deae9ac4b1cd0594c1fa0e6744e7ed88fdac60901e3da989f3b0d7c12b140cc576fa1b0e8e705321d37c303691aafc9fed9c3dc419078d0925ead56455ea5f3cd57941e410c1c14c2e8972d7cca44fcaca1f64fc817f4a41b6d9fb237fed159cb09e788ae560726537f49cb64b9f60915d402e0931355c55ad792cde758548b1af54b196e414046d4af3579a6c30ceac3d68bbfd2adef309c064e759a9f0dd69d682a3880b8ff27b69abffaa45ee7e65d8f1f6e40c188f6249fdf72220b4c87243217ba0292b9e9b67ebeda4fb83406216a4d765812bafeff34cc57f7d2cd1608282079c076055b9cabffe5fa491b970291bc2672540ccc15ed877d7dbe3ef683724c715ace770905e48c2dc6a44e1fc095773676d070eac00ee3834b07590cba7093f56b678313870471c81599d34c53fc03ec6c913d8ba3f604ace8da12d2025cbb5000bc062f4db65a6feacaf3915206d1c15ce7e78c17dc2ea32cb57d6fab0a22d487c77118e75016006f812541ec8180a321287a2d57248d4ee4a19706a19d802c70e250c3b0fc400a0b5cdc06537d2f55fd5300be4eeeaab8cc481a84b6a5e17d8c47ec92fe40710d4ec3530a94ca16710ade2ec7562398106e0ddbb6c8af6412166afd99d45d29a3a967e58decd0d6fc5bebb98d639b5606efd358a43d635d50f0ccb8472197da604994e7fb700243d5f7e45700", 0x1000}}, 0x1006)

1m52.809696208s ago: executing program 3 (id=169):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
ppoll(&(0x7f0000000140)=[{r2}], 0x1, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000040)='./file0/../file0/../file0\x00', &(0x7f0000000100)='devpts\x00', 0x0, 0x0)
syz_io_uring_setup(0x10d, 0x0, 0x0, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="000000000000000000000080"], 0x125)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
chdir(&(0x7f0000000000)='./file0\x00')
openat$cgroup_root(0xffffff9c, &(0x7f0000000080)='./cgroup.net/syz0\x00', 0x200002, 0x0)
openat$binder_debug(0xffffff9c, &(0x7f0000000340)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
io_uring_setup(0x79aa, &(0x7f0000000340)={0x0, 0x1})
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="10000000171401"], 0x10}}, 0x0)
socket$inet6(0xa, 0x40000080806, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000020000000000000000000000850000000f0000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, r4}, 0x18)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)

1m51.928430364s ago: executing program 3 (id=174):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x41, 0x0, 0x2}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000240)={&(0x7f00000000c0)=@id, 0x10, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f00000002c0)=0x2, 0x4)
r4 = openat$nvram(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_enable(r4, &(0x7f0000000180)='0', 0x1)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x200, 0x0)
mount(&(0x7f0000000100)=@nullb, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080)='iso9660\x00', 0xefffffff, 0x0)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
acct(0x0)
acct(0x0)
sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000200)={0x114, 0x1e, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x101, 0xe7, 0x0, 0x1, [@typed={0xb, 0x1, 0x0, 0x0, @binary="72dcce07c1ab48"}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0)

1m51.001237664s ago: executing program 3 (id=183):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a44, 0x1700)
sendfile(0xffffffffffffffff, r0, 0x0, 0x10000)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
r1 = syz_clone(0x1000080, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$poke(0x5, r1, &(0x7f0000000080), 0x18)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f0000000440)=0x7fffffff, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setaffinity(r1, 0xfffffffffffffda8, &(0x7f0000000000)=0x7)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(crct10dif-generic)\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmsg$DEVLINK_CMD_SB_POOL_SET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x4c810)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4090}, 0x2400c0c0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="1cf6c559a5b085a62148307bcea3b41abbad682dd1358e736c31d6ac763f5b222a4ddb0aa0454a2d7c59254494384b762bacf4a238c96941ffb4dccda4815f20d59454cdd4a3997c5e612db79c7e8f5a589da15d8887989f04084e44b3ee84ff012ec0242f8a5460709cb1aa4ba628a88c85fc4b1c4728714f4db550295b4570961acd700d3f306291e048f0fc8b2e276b8381c52f06912cadc6fcf85a4ff4371d1d520fc3f827f6a4610923e2248663ecf9982170c9c25b", @ANYRES16=r6, @ANYBLOB="01000000000000000000020000000800010000000000"], 0x1c}}, 0x0)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f00000004c0), r5)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x33, &(0x7f0000000040)=0x80000001, 0x4)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000000, &(0x7f0000000500)={0x2, 0x4e22, @remote}, 0x10)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000500)=<r8=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000540)=<r9=>0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000580)=<r10=>0x0)
sendmsg$NFC_CMD_DEP_LINK_DOWN(r5, &(0x7f0000000680)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000640)={&(0x7f0000000340)=ANY=[@ANYBLOB="4c0000002d12ea2883cd262e14173021aed597a119c751fe723f15b6ee1ee55648a813537f0eaa273eb6fdc71c8dd20b3bcebbeff3", @ANYRES16=r7, @ANYBLOB="02002bbd7000ffdbdf250500000008000100", @ANYRES32=r8, @ANYRES32=0x0, @ANYRES32=r9, @ANYBLOB="0800040000000000080004000000000008000400ffffffff08000100", @ANYRES32=r10, @ANYBLOB="0800040001000000"], 0x4c}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
read$char_usb(0xffffffffffffffff, &(0x7f0000000800)=""/135, 0x87)

1m50.932435013s ago: executing program 3 (id=184):
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x8}}, './file0\x00'})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x3)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="240000001000010700000000000000000a000000060001001300000008000a0005"], 0x24}}, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x8080000, 0xa, 0x1, 0x0, 0x0, 0x0, 0x6}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x3000, 0x0, 0xc}, {0x0, 0x0, 0xf, 0x0, 0x6, 0x0, 0x0, 0xfc}, {0x0, 0x0, 0x0, 0xb, 0x3, 0x1, 0x0, 0x0, 0x1}, {0x0, 0x10000, 0x1, 0x9, 0x0, 0xfc}, {0xf000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5, 0x9, 0x2}, {0x6000, 0xeeee8000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4}, {0x8000000}, {}, 0xddf8ffdb, 0x0, 0x0, 0x340030, 0x80000a, 0x8501, 0x3000, [0x800000000, 0x0, 0x1a7ff4f4]})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x526}, @TCA_SAMPLE_PARMS={0x18}]}, {0x4}, {0xc}, {0xc, 0x4}}}]}]}, 0x70}}, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x8140aecc, 0x0)
ioctl$PTP_PEROUT_REQUEST(r0, 0x40383d03, &(0x7f0000000040)={{0x80000001, 0x8}, {0x8, 0xcf}, 0x80000000})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{0x0, 0x0, 0x300}, 0x97, 0x0, [{}, {}]}, [{0x3}, {}, {}, {}, {}, {0x448eade7}, {0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {0x2}, {}, {0xfffbfffc}, {0x0, 0xe}, {}, {}, {0x0, 0x4, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {0xfffffffe}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x10}, {}, {}, {0x2, 0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x80000}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}, {0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xe10}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {0x100}, {}, {}, {0x0, 0x0, 0x0, 0xefa6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x4}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x5}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0)

1m50.529849284s ago: executing program 3 (id=186):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_clnt_new\x00', r0, 0x0, 0xb9b}, 0x18) (async)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_clnt_new\x00', r2, 0x0, 0xb9b}, 0x18) (async)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r4, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4) (async)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'veth0_to_batadv\x00', <r5=>0x0})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000002c0)=ANY=[], 0x24}}, 0x0) (async)
sendmsg$can_raw(r4, &(0x7f0000000140)={&(0x7f0000000200)={0x1d, r5}, 0x10, &(0x7f00000005c0)={&(0x7f00000000c0)=@can={{}, 0x82, 0x3, 0x4, 0x2, "0300"}, 0x210}, 0x1, 0x0, 0x0, 0xc4}, 0x0) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_usb_connect$hid(0x6, 0x3f, &(0x7f0000000240)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x20, 0x1e7d, 0x30d4, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x9, 0x70, 0x42, [{{0x9, 0x4, 0x0, 0x4e, 0x2, 0x3, 0x1, 0x1, 0x8, {0x9, 0x21, 0xd8a, 0xc4, 0x1, {0x22, 0x221}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0xee, 0x4, 0xf}}, [{{0x9, 0x5, 0x2, 0x3, 0x8, 0x3, 0x5, 0xf}}]}}}]}}]}}, &(0x7f00000008c0)={0xa, &(0x7f0000000300)={0xa, 0x6, 0x0, 0x8, 0xfa, 0x7, 0x10, 0x4}, 0x21, &(0x7f0000000340)={0x5, 0xf, 0x21, 0x1, [@ssp_cap={0x1c, 0x10, 0xa, 0xc, 0x4, 0x9, 0xf00, 0x9, [0x0, 0xc000, 0xc030, 0xffa000]}]}, 0x9, [{0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x1401}}, {0xb8, &(0x7f0000000440)=@string={0xb8, 0x3, "23ed8ce41e03c3f784d21b3635deeb0e352848ebbb7360ec97e9c1c5640fcbadbcc6a4b47297fadc3e6db6fe828527bc479b28ad3a794b6386c57db3024a6a0e967ef9d1c1b4efe81dc31525350267ba63db7c87622173a6fb069b7a5a0950e72591495e4690a08296beddc074a2e933c0031841b042b2468f196e801513e8dcab860f8a172b8c7907ca9d10052a545846fc92e21168d6b98958e93f43f19c729bb7bb6675fb8d5feef77ed0d3a568e62226764e1b16"}}, {0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x40b}}, {0x4, &(0x7f0000000540)=@lang_id={0x4, 0x3, 0x459}}, {0x4, &(0x7f0000000580)=@lang_id={0x4, 0x3, 0x424}}, {0x4, &(0x7f0000000600)=@lang_id={0x4, 0x3, 0x813}}, {0xbf, &(0x7f0000000640)=@string={0xbf, 0x3, "d3843ff735164963a48d93a27865d2ce41e6cdc51cec77efdaa7c7ab68150f648a2b57721520d8ed043c7224715d3509f2866cd5c42ba895defce9fe12d93f1be3eb6a2cc12a22d4ce0d0e385d5d967ee3bf8746a57f6590419d6a2b31f54d5e838958007bc93e204551ef65da410dc1a88485e3ca114195da4cb73e16d054a89cd4e447a4abb02a0e8f582ca3297bb9e255e2bffcdca3dfaa1b8d2d15b0cecd04f3e7ee06b0044aeb12c99eaf04b1b4fc2ea34802579412857cf01617"}}, {0xc8, &(0x7f0000000700)=@string={0xc8, 0x3, "e7917f6cc778b644dc53882bacd249f34b19395b56c2456b2de1f2868b8a0353839c770851628f8c15aacf347c1a5765519a5d2b67dcd09f4d2b91f63c291daf05fb578b823739c680da02e9474a07eb630d4a41b28e01919f1350725dea98c0c2e887fca045043089f413de7529eb567f5d007f4131fa50330faff25bfc8992280213721e636e73a875b12d709bee28d56e9c641ab9fadabe177a14729903cb66d645392f2247a8e9d26999631e09ff1fdb51545ae8aea97c6bd2037e35d6ff33f0c73dd928"}}, {0x16, &(0x7f0000000800)=@string={0x16, 0x3, "6bbe5d699634c0c1702cc2ae732292627462d908"}}]})
syz_usb_control_io$hid(r8, &(0x7f0000000b40)={0x14, &(0x7f0000000940)={0x20, 0xa, 0xb9, {0xb9, 0x0, "b98ca37948ff27297f7f9c318ad87144cacbf53cd1df760c426dca1afe04fd5f668a512d7b679e62a069ad60ae3a03572695c1bd7736eb67347d6de195daea7814e6d64ee1031223d4888fa81e048b2654b39edca98f162e6799120b4f12fa5b8c0be1a2adc4b2cd4a7712ee729f5f325fa02c531b65ba1af8fc90b64f870a5b7aa3ed719cd2641e8072e3b11b91d279a6d34f9b57f2229a4fea953c51866183f93bba882b9988db83c09a6b1d6e7367cca3b2ad7d5d88"}}, &(0x7f0000000a00)={0x0, 0x3, 0xe2, @string={0xe2, 0x3, "41dbea982cf332b11ffdee6f953b7ea8c8a9355792f0722c48edeb1ba0dc2f3988275d6c09b5f2e56f06be5913c145fe794d819fed839b4e977d8130cbbfd1f958ec254f5e23aa104791a1376d364440d74323d4c13555e29a8e51168e5ac1aaf3335df72794dd37d1ab2b2e4a583e1fc29bd8e1a70a36015889f7f68e439329199190e6162371659d22527895492d3baf99ced2671b96db99cd15dbc1838d415d1a322f6e560a32ef2f0c06457e4dacfa18f98bdaf9d25a58f1a106567523e53866ea796cbbf6ef9887939c0d7f881ab9a20aa7d382f5500128e80eedb4eefe"}}, &(0x7f0000000840)={0x0, 0x22, 0x9, {[@main=@item_012={0x1, 0x0, 0x19, "8c"}, @local=@item_012={0x1, 0x2, 0x3, "e5"}, @global=@item_4={0x3, 0x1, 0x2, "0efd9bbe"}]}}, &(0x7f0000000b00)={0x0, 0x21, 0x9, {0x9, 0x21, 0x6, 0x4d, 0x1, {0x22, 0xcb}}}}, &(0x7f0000000e00)={0x18, &(0x7f0000000b80)={0x0, 0x11, 0xa9, "ca92382bc21a50607f7bd35654e3af340a4031e0eda122f03b519d5449713c99aadf326afc2353fb949852cc57f07b74a0069a634ad763fe25168f3e91430abde892d9f681f2664ebe646e05f841c0da9909b6a7b5f75c9a52d4cde5757a1b596af11d9b8fe0a90e10c1dac169696356c888c3eed52a5a885e0b94dfdac0f6955b5eb51719ce5efdfb6493db11663b4e7410994cb0f87860162c274ec1f654417004d5d21f3cbd110f"}, &(0x7f0000000c40)={0x0, 0xa, 0x1, 0xe3}, &(0x7f0000000c80)={0x0, 0x8, 0x1, 0x5a}, &(0x7f0000000e40)=ANY=[@ANYBLOB="2000cd000000bc977d5c0d0295a6381f75aee4bb8325a7e73e5176d0535c1968bc276bb675bf64dbf05a7a84d33b3121de6172a76929f6984e8a3d52895e18760e9a2f4a1a6d06556725cc396698cf66a6ad8a964a336fe560ce89b2249d499b3904fff0ddbe32f4a5ac4f4e6009ef94eefe1bb2d1df9e298ac57445e6bc7fefc64971c9465f10b01fae620c7f2ef5ef9743d72b7c5faa9a18cb611dde5e6f03b14ade0cb79bd49cdf072ff43797491dee236562f7abe6183bea7587b52f0731bad122520aa0d08d0cc99a31f8fe1bbdb4ed2e4c2e7fd7b9ede385032dee64b022d3348193159177fd841148b510b8c476833a24856ba469ee0d4024beb92735c4158f29a89e13c7896b2635ea4c8ecade37123a17805c587b15d9ffd593e06f4ca8ec18cdfaf93a063676206844e05c31329b6b5e9b5832285bbb44652e4c1dd26fa1a0d21a81d6995fb50b1e288a3f8178ce592bc7f00a409c9efd8a1f581fe1bbfeeb30ad2ab06d9d7318544476e3b9dda8823effc15028e38361c743813512860722336b704c772a3dd2448e7b6e3eddebd7089ec2bceba614cdbff5d11728d29abb426dd79f9055c54ba6e799da24324df37eb0c4a083872912ce"], &(0x7f0000000dc0)={0x20, 0x3, 0x1, 0x96}}) (async)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="2000000043000900fffffffffddbdf25010000000c0003804e2c"], 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x44850) (async)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00000000c0)={0xa}) (async)
r9 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc)) (async)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020646c2700000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r10, 0x27, 0x0, 0x0, 0x0, 0x0, 0x200, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xe1}, 0x50) (async)
write$FUSE_NOTIFY_INVAL_INODE(r3, &(0x7f00000002c0)={0x28, 0x2, 0x0, {0x1, 0xc, 0x4}}, 0x28) (async)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

1m50.528645175s ago: executing program 33 (id=186):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_clnt_new\x00', r0, 0x0, 0xb9b}, 0x18) (async)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='rpc_clnt_new\x00', r2, 0x0, 0xb9b}, 0x18) (async)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r4, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4) (async)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'veth0_to_batadv\x00', <r5=>0x0})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000002c0)=ANY=[], 0x24}}, 0x0) (async)
sendmsg$can_raw(r4, &(0x7f0000000140)={&(0x7f0000000200)={0x1d, r5}, 0x10, &(0x7f00000005c0)={&(0x7f00000000c0)=@can={{}, 0x82, 0x3, 0x4, 0x2, "0300"}, 0x210}, 0x1, 0x0, 0x0, 0xc4}, 0x0) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_usb_connect$hid(0x6, 0x3f, &(0x7f0000000240)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x20, 0x1e7d, 0x30d4, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x9, 0x70, 0x42, [{{0x9, 0x4, 0x0, 0x4e, 0x2, 0x3, 0x1, 0x1, 0x8, {0x9, 0x21, 0xd8a, 0xc4, 0x1, {0x22, 0x221}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0xee, 0x4, 0xf}}, [{{0x9, 0x5, 0x2, 0x3, 0x8, 0x3, 0x5, 0xf}}]}}}]}}]}}, &(0x7f00000008c0)={0xa, &(0x7f0000000300)={0xa, 0x6, 0x0, 0x8, 0xfa, 0x7, 0x10, 0x4}, 0x21, &(0x7f0000000340)={0x5, 0xf, 0x21, 0x1, [@ssp_cap={0x1c, 0x10, 0xa, 0xc, 0x4, 0x9, 0xf00, 0x9, [0x0, 0xc000, 0xc030, 0xffa000]}]}, 0x9, [{0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x1401}}, {0xb8, &(0x7f0000000440)=@string={0xb8, 0x3, "23ed8ce41e03c3f784d21b3635deeb0e352848ebbb7360ec97e9c1c5640fcbadbcc6a4b47297fadc3e6db6fe828527bc479b28ad3a794b6386c57db3024a6a0e967ef9d1c1b4efe81dc31525350267ba63db7c87622173a6fb069b7a5a0950e72591495e4690a08296beddc074a2e933c0031841b042b2468f196e801513e8dcab860f8a172b8c7907ca9d10052a545846fc92e21168d6b98958e93f43f19c729bb7bb6675fb8d5feef77ed0d3a568e62226764e1b16"}}, {0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x40b}}, {0x4, &(0x7f0000000540)=@lang_id={0x4, 0x3, 0x459}}, {0x4, &(0x7f0000000580)=@lang_id={0x4, 0x3, 0x424}}, {0x4, &(0x7f0000000600)=@lang_id={0x4, 0x3, 0x813}}, {0xbf, &(0x7f0000000640)=@string={0xbf, 0x3, "d3843ff735164963a48d93a27865d2ce41e6cdc51cec77efdaa7c7ab68150f648a2b57721520d8ed043c7224715d3509f2866cd5c42ba895defce9fe12d93f1be3eb6a2cc12a22d4ce0d0e385d5d967ee3bf8746a57f6590419d6a2b31f54d5e838958007bc93e204551ef65da410dc1a88485e3ca114195da4cb73e16d054a89cd4e447a4abb02a0e8f582ca3297bb9e255e2bffcdca3dfaa1b8d2d15b0cecd04f3e7ee06b0044aeb12c99eaf04b1b4fc2ea34802579412857cf01617"}}, {0xc8, &(0x7f0000000700)=@string={0xc8, 0x3, "e7917f6cc778b644dc53882bacd249f34b19395b56c2456b2de1f2868b8a0353839c770851628f8c15aacf347c1a5765519a5d2b67dcd09f4d2b91f63c291daf05fb578b823739c680da02e9474a07eb630d4a41b28e01919f1350725dea98c0c2e887fca045043089f413de7529eb567f5d007f4131fa50330faff25bfc8992280213721e636e73a875b12d709bee28d56e9c641ab9fadabe177a14729903cb66d645392f2247a8e9d26999631e09ff1fdb51545ae8aea97c6bd2037e35d6ff33f0c73dd928"}}, {0x16, &(0x7f0000000800)=@string={0x16, 0x3, "6bbe5d699634c0c1702cc2ae732292627462d908"}}]})
syz_usb_control_io$hid(r8, &(0x7f0000000b40)={0x14, &(0x7f0000000940)={0x20, 0xa, 0xb9, {0xb9, 0x0, "b98ca37948ff27297f7f9c318ad87144cacbf53cd1df760c426dca1afe04fd5f668a512d7b679e62a069ad60ae3a03572695c1bd7736eb67347d6de195daea7814e6d64ee1031223d4888fa81e048b2654b39edca98f162e6799120b4f12fa5b8c0be1a2adc4b2cd4a7712ee729f5f325fa02c531b65ba1af8fc90b64f870a5b7aa3ed719cd2641e8072e3b11b91d279a6d34f9b57f2229a4fea953c51866183f93bba882b9988db83c09a6b1d6e7367cca3b2ad7d5d88"}}, &(0x7f0000000a00)={0x0, 0x3, 0xe2, @string={0xe2, 0x3, "41dbea982cf332b11ffdee6f953b7ea8c8a9355792f0722c48edeb1ba0dc2f3988275d6c09b5f2e56f06be5913c145fe794d819fed839b4e977d8130cbbfd1f958ec254f5e23aa104791a1376d364440d74323d4c13555e29a8e51168e5ac1aaf3335df72794dd37d1ab2b2e4a583e1fc29bd8e1a70a36015889f7f68e439329199190e6162371659d22527895492d3baf99ced2671b96db99cd15dbc1838d415d1a322f6e560a32ef2f0c06457e4dacfa18f98bdaf9d25a58f1a106567523e53866ea796cbbf6ef9887939c0d7f881ab9a20aa7d382f5500128e80eedb4eefe"}}, &(0x7f0000000840)={0x0, 0x22, 0x9, {[@main=@item_012={0x1, 0x0, 0x19, "8c"}, @local=@item_012={0x1, 0x2, 0x3, "e5"}, @global=@item_4={0x3, 0x1, 0x2, "0efd9bbe"}]}}, &(0x7f0000000b00)={0x0, 0x21, 0x9, {0x9, 0x21, 0x6, 0x4d, 0x1, {0x22, 0xcb}}}}, &(0x7f0000000e00)={0x18, &(0x7f0000000b80)={0x0, 0x11, 0xa9, "ca92382bc21a50607f7bd35654e3af340a4031e0eda122f03b519d5449713c99aadf326afc2353fb949852cc57f07b74a0069a634ad763fe25168f3e91430abde892d9f681f2664ebe646e05f841c0da9909b6a7b5f75c9a52d4cde5757a1b596af11d9b8fe0a90e10c1dac169696356c888c3eed52a5a885e0b94dfdac0f6955b5eb51719ce5efdfb6493db11663b4e7410994cb0f87860162c274ec1f654417004d5d21f3cbd110f"}, &(0x7f0000000c40)={0x0, 0xa, 0x1, 0xe3}, &(0x7f0000000c80)={0x0, 0x8, 0x1, 0x5a}, &(0x7f0000000e40)=ANY=[@ANYBLOB="2000cd000000bc977d5c0d0295a6381f75aee4bb8325a7e73e5176d0535c1968bc276bb675bf64dbf05a7a84d33b3121de6172a76929f6984e8a3d52895e18760e9a2f4a1a6d06556725cc396698cf66a6ad8a964a336fe560ce89b2249d499b3904fff0ddbe32f4a5ac4f4e6009ef94eefe1bb2d1df9e298ac57445e6bc7fefc64971c9465f10b01fae620c7f2ef5ef9743d72b7c5faa9a18cb611dde5e6f03b14ade0cb79bd49cdf072ff43797491dee236562f7abe6183bea7587b52f0731bad122520aa0d08d0cc99a31f8fe1bbdb4ed2e4c2e7fd7b9ede385032dee64b022d3348193159177fd841148b510b8c476833a24856ba469ee0d4024beb92735c4158f29a89e13c7896b2635ea4c8ecade37123a17805c587b15d9ffd593e06f4ca8ec18cdfaf93a063676206844e05c31329b6b5e9b5832285bbb44652e4c1dd26fa1a0d21a81d6995fb50b1e288a3f8178ce592bc7f00a409c9efd8a1f581fe1bbfeeb30ad2ab06d9d7318544476e3b9dda8823effc15028e38361c743813512860722336b704c772a3dd2448e7b6e3eddebd7089ec2bceba614cdbff5d11728d29abb426dd79f9055c54ba6e799da24324df37eb0c4a083872912ce"], &(0x7f0000000dc0)={0x20, 0x3, 0x1, 0x96}}) (async)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="2000000043000900fffffffffddbdf25010000000c0003804e2c"], 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x44850) (async)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00000000c0)={0xa}) (async)
r9 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc)) (async)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="180200000000000000000000000000001801000020646c2700000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r10, 0x27, 0x0, 0x0, 0x0, 0x0, 0x200, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xe1}, 0x50) (async)
write$FUSE_NOTIFY_INVAL_INODE(r3, &(0x7f00000002c0)={0x28, 0x2, 0x0, {0x1, 0xc, 0x4}}, 0x28) (async)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

1m30.471004298s ago: executing program 2 (id=352):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x14, 0x2, [@TCA_CODEL_LIMIT={0x8}, @TCA_CODEL_INTERVAL={0x8}]}}]}, 0x44}}, 0x0) (async)
r3 = socket$kcm(0x21, 0x7, 0x2)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)}, 0x20044800)

1m30.301624907s ago: executing program 2 (id=354):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f000081c000/0x1000)=nil, 0x1000, 0x8, 0x1010, 0xffffffffffffffff, 0xab880000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x7, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(0xffffffffffffffff, 0xc0205710, &(0x7f00000002c0)={0x1, 0xff, 0x1, 0x0, 0x5})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000240)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f0000000480)={0x4c, r4, 0x400, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0xea99, 0x6f}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @device_b}, @NL80211_ATTR_MAC={0xa}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000840}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2100, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='minix\x00', 0x208000, 0x0)
getresuid(&(0x7f0000000180)=<r6=>0x0, &(0x7f00000001c0), &(0x7f0000000200))
quotactl$Q_GETFMT(0xffffffff80000402, &(0x7f0000000100)=@loop={'/dev/loop', 0x0}, r6, &(0x7f0000000240))

1m29.302202685s ago: executing program 2 (id=358):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
openat$incfs(r0, &(0x7f0000000140)='.pending_reads\x00', 0x400001, 0x40)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000880}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRESDEC=r3, @ANYRES32, @ANYBLOB="00000000000000000000000000000000001000000000000000000000582a5331999cce9a98403730b7eabbdeb7e6099d330050aae33ac66f23e6f8a419e402e69e0da484d31eb6e6f2cfcf85b8ba417d694628e4bf6408901231e300da0082bba4eefbbab7206872170cef20536e76448268a59a143811e698e78ce6073c5ab5da10d6087e958fdde9bb7f53cac192dfe66bc80f557328", @ANYBLOB="a32319a8cf3619d6b52a2d76c16d2efac0fa2165483f4661d1fec875316d901fcf99b7becf9121dffe4e5108ce9610c4817504ab10f828614246d9e193da61583f106b9579dcebc90a2a693065892d925b6ad4ae41edc7792a4dfd7078a29e368804062d2705e8617a"], 0x48)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={@map=r5, 0x5, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sendmsg$nl_generic(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB], 0x18}}, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r6 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r6, &(0x7f00000002c0)='./file1\x00', 0xc000, 0x0)
ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f00000001c0)={{&(0x7f0000ffd000/0x2000)=nil, 0x2000}, 0x1})
r7 = syz_open_procfs(0x0, &(0x7f0000000180)='oom_adj\x00')
writev(r7, &(0x7f00000000c0)=[{&(0x7f0000000140)='15', 0x2}], 0x8)
getsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, &(0x7f0000000340)={{{@in=@initdev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in6=@mcast2}, 0x0, @in=@multicast1}}, &(0x7f0000000280)=0xe4)
ioprio_set$uid(0x0, r8, 0x0)
linkat(r6, 0x0, r6, &(0x7f0000000240)='./file0\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x0)
socket$packet(0x11, 0x2, 0x300)

1m28.831788904s ago: executing program 2 (id=360):
r0 = socket(0x8, 0x80000, 0x4000000)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x8607}, 0x10) (async)
sendmsg$nl_generic(r0, 0x0, 0x0) (async, rerun: 32)
socket$l2tp6(0xa, 0x2, 0x73) (async, rerun: 32)
r1 = getpid()
process_vm_readv(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0x2)
r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x3) (async)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) (async)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000800), 0xffffffffffffffff) (async)
syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/net\x00')
r6 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000700)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32, @ANYBLOB="28000e0080000000ffffffffffff0802110000000802110000000000000000000000000064000100080026006c09000008000c006400000008000d000000000004000e"], 0x60}}, 0x0) (async)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000ec0)={0x14, r5, 0x1}, 0x14}}, 0x4000010) (async)
write$FUSE_NOTIFY_INVAL_ENTRY(0xffffffffffffffff, 0x0, 0x0) (async)
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, 0x0)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x0, 0x2b8, 0xb0000010, 0x2, 0x5c8f0200, 0x388, 0x3a8, 0x3a8, 0x388, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private1, @local, [], [], 'vlan1\x00', 'veth0_to_team\x00'}, 0x0, 0x248, 0x290, 0x700, {}, [@common=@inet=@hashlimit3={{0x158}, {'geneve1\x00', {0xf1, 0x0, 0x33, 0x0, 0x0, 0x1, 0x7fffffff}}}, @common=@unspec=@limit={{0x48}, {0x0, 0x3}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x206, 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@CONNSECMARK={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8) (async)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)=0x80) (async, rerun: 32)
r9 = openat$fb0(0xffffff9c, &(0x7f0000000240), 0x40000, 0x0) (rerun: 32)
ioctl$FBIOPUT_VSCREENINFO(r9, 0x4601, &(0x7f00000002c0)={0x356, 0x240, 0x40, 0x80, 0xaa, 0x2, 0x1, 0x1, {0xffffffff, 0xaa8, 0x1}, {0x0, 0x8, 0x1}, {0xeebf, 0x5, 0x1}, {0xffffffff, 0x10001}, 0x0, 0x0, 0xffffffff, 0x9, 0x1, 0x200, 0x0, 0x7, 0x9000, 0x4c9d, 0x1, 0x400, 0x12}) (async)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5}) (async, rerun: 32)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x38}, 0x4, 0x700000000000000, 0x0, 0x4000050}, 0x0)

1m28.781786322s ago: executing program 2 (id=363):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
ioctl$TIOCL_SETVESABLANK(r0, 0x541c, &(0x7f0000000300))
syz_open_dev$loop(0x0, 0x3, 0x4104c0)
syz_usb_connect$hid(0x5, 0x0, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x10d240, 0x0)
close(r2)
socketpair(0x27, 0x1, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'veth1\x00', @random="e5a21a1ed48c"})
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x0, 0x7, @remote}, 0xc)
close(r1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$9p_virtio(0x0, 0x0, 0x0, 0x202000, &(0x7f00000002c0)=ANY=[@ANYBLOB="7072616e733d76690100"])
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c00018014000300ff01000000000000000000000000000114000400ff0100000000000000000000000000010c00028005000100000000004700028005000100010000000600064000000000060005"], 0xe4}}, 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x10, 0x0)
r6 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000240)={'vxcan0\x00', <r7=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000540)={0xffffffffffffffff, r7, 0x25, 0x8, @val=@uprobe_multi={&(0x7f0000000380)='./file0\x00', &(0x7f0000000440)=[0xfffffffffffffff9], &(0x7f0000000500)=[0x2, 0x1, 0x0, 0x0, 0x0, 0x0], 0x2, 0x1, 0x1}}, 0x3c)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc01cf509, &(0x7f0000000040)={<r8=>r6, 0xc83d, 0x4, 0xfff})
openat$cgroup_int(r8, &(0x7f0000000140)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0)

1m28.14518829s ago: executing program 2 (id=368):
r0 = creat(&(0x7f0000000440)='./file0\x00', 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)={0x24, r3, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x24}}, 0x0)
mprotect(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x200000b)
ioctl$VHOST_VDPA_GET_STATUS(r0, 0x8001af71, &(0x7f0000000040))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
munmap(&(0x7f0000fff000/0x1000)=nil, 0x1000)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWRULE={0x34, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x3}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x5c}}, 0x4048014)
prctl$PR_SET_IO_FLUSHER(0x39, 0x0)
r6 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNDEL(r6, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1})
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000000)='adfs\x00', 0x0, 0x0)

1m12.899042681s ago: executing program 34 (id=368):
r0 = creat(&(0x7f0000000440)='./file0\x00', 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)={0x24, r3, 0x1, 0x0, 0x0, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x24}}, 0x0)
mprotect(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x200000b)
ioctl$VHOST_VDPA_GET_STATUS(r0, 0x8001af71, &(0x7f0000000040))
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
munmap(&(0x7f0000fff000/0x1000)=nil, 0x1000)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWRULE={0x34, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x3}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x5c}}, 0x4048014)
prctl$PR_SET_IO_FLUSHER(0x39, 0x0)
r6 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNDEL(r6, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1})
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000000)='adfs\x00', 0x0, 0x0)

8.097185634s ago: executing program 5 (id=1045):
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r0 = socket$igmp(0x2, 0x3, 0x2) (async)
r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0x3fe, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000440)={0x7, 0x2, 0x4}) (async)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000480)={0x2, @sdr})
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x24c, 0x0, 0x11, 0x148, 0x120, 0x10, 0x1b8, 0x2a8, 0x2a8, 0x1b8, 0x2a8, 0xac, 0x0, {[{{@ip={@empty, @multicast2, 0x0, 0x0, 'veth1_vlan\x00', 'rose0\x00'}, 0x10, 0xd8, 0x120, 0x1c, {}, [@common=@unspec=@helper={{0x44}, {0x0, 'irc-20000\x00'}}, @common=@unspec=@connlabel={{0x24}, {0x0, 0x7}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@local, 'ip6gre0\x00'}}}, {{@ip={@private, @multicast2, 0x0, 0x0, 'wlan0\x00', 'ip_vti0\x00'}, 0x0, 0x70, 0x98}, @common=@inet=@SET1={0x28}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x2a8)
r2 = fsopen(&(0x7f0000000040)='nfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000180)='/proc/bus/input/handlers\x00', &(0x7f00000001c0)='.)\'}-\'\x00', 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) (async)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0) (async)
r5 = eventfd(0x401)
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240)=r5)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x0, r5}) (async)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000380)={0x1, 0x0, 0x0, &(0x7f0000000280)=""/233, 0x0}) (async)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000780)={0x0, 0x1, 0x0, &(0x7f0000000700)=""/88, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000640)) (async)
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000000)=0x20000) (async)
write$eventfd(r5, &(0x7f00000000c0)=0xfffffffffffffffe, 0x8) (async)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r6, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x34, 0x0, 0x9, 0x201, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x6}}, @NFCTH_STATUS={0x8}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xe}}]}, 0x34}, 0x1, 0x0, 0x0, 0xc040}, 0x800) (async)
r7 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000cc0)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000d00)=0x1c, 0x0)
getsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000fc0)={@broadcast, @loopback, <r8=>0x0}, &(0x7f0000001000)=0xc)
sendmmsg$inet6(r7, &(0x7f0000001040)=[{{&(0x7f0000000d40)={0xa, 0x4e21, 0xa, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8}, 0x1c, &(0x7f0000000f80)=[{&(0x7f0000000d80)="2a39738dc08bcf2d01a3931e39ebe05c9151df14e8daa6ab9ab87cc757f232475121e51b3f9fc5303dd1bb7984c620b736a34c0cc227cb70ec4a86ac207ec0b0d499fb93754dff49dc7209931defda63451572eeaf719c40ee9cf57cd351d26995", 0x61}, {&(0x7f0000000e00)="9dfdc188b948dee1ddb12a14a0ee5e083331195473f9b44dc1dec53bedae1cb85ce1d3b4817ab9ff99d0945ea2a29ea36437bd117eca5e5ab5ed370f2bf8617347c886644f429585bca2318eb60a6635acf1d06de2bb68178cae2b56da3a3029e80fbf6b941c7eca0f5bce1f3212ef12c7", 0x71}, {&(0x7f0000000e80)="f4d0bfbd24fe9f029385fcbe869cab494b813955695c629e4b1652ac8eecdf1afd35fe054f6553680706113c0bd3eac1266f61a43f3100a59595844e257b2bc159e1328e398bc8f741b18701deca18b6e5d61c35a167c483cc82c3606a0197217f546c1f72b983cef2378b1966313b9540ee0964a8f0c3f544eebe84574b066370075914130a33a0bee1dbae119d87d19037d0f4f94a693d7b9d745fa9d88ef5694accde03478a196faa5f297bd070daabd8a65ef5be6d5f62c5ac439a76a91ca8e7c521cfb9bc3b01", 0xc9}], 0x3, &(0x7f00000010c0)=[@rthdrdstopts={{0x1c, 0x29, 0x37, {0x2, 0x0, '\x00', [@ra={0x5, 0x2, 0x1}]}}}, @pktinfo={{0x20, 0x29, 0x32, {@local, r8}}}, @rthdr_2292={{0x94, 0x29, 0x39, {0x2b, 0x10, 0x1, 0x6, 0x0, [@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private1={0xfc, 0x1, '\x00', 0x1}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, @dev={0xfe, 0x80, '\x00', 0x3f}, @loopback, @remote, @empty]}}}, @dstopts={{0x1c, 0x29, 0x37, {0x32, 0x0, '\x00', [@pad1]}}}], 0xec}}], 0x1, 0x40) (async)
r9 = openat$procfs(0xffffff9c, &(0x7f0000000000)='/proc/bus/input/handlers\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000240)={'veth1_vlan\x00'}) (async)
lstat(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0))

8.010772635s ago: executing program 5 (id=1046):
socket(0x10, 0x2, 0x0) (async)
socket(0x10, 0x2, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0) (async)
r1 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0) (async)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000280)={0x0, 0x1, 0x0, 0x1000, &(0x7f0000700000/0x1000)=nil})
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000000100)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {0x4000, 0x0, 0x0, 0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0xd000, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4}, {}, {}, {0xb000}, 0xddf8ffdb, 0x0, 0x0, 0x0, 0x0, 0x1800})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0xb, 0x200000005c831, 0xffffffffffffffff, 0x0)
ioctl$KVM_TRANSLATE(r5, 0xc018ae85, &(0x7f0000000040))
getsockname$packet(r2, &(0x7f0000000040)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r6, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x300, 0x3, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x2507c, 0x52782041d79ee78a}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x3c}}, 0x4) (async)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x300, 0x3, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x2507c, 0x52782041d79ee78a}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x3c}}, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="000000008000"/20, @ANYRES32=r6, @ANYRES32, @ANYBLOB="03000000070000000500"/28], 0x50)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x38, 0x2, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x7}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000007}, 0x4000)
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r8 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
r9 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r9, 0xc0045006, &(0x7f0000000000)=0x5)
read$dsp(r9, &(0x7f0000001300)=""/4096, 0x1000)
write$dsp(r8, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) (async)
write$dsp(r8, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
write$uinput_user_dev(r7, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x45c)
ioctl$F2FS_IOC_FLUSH_DEVICE(r2, 0x4008f50a, &(0x7f0000000500)={0x135, 0x8}) (async)
ioctl$F2FS_IOC_FLUSH_DEVICE(r2, 0x4008f50a, &(0x7f0000000500)={0x135, 0x8})
ioctl$UI_SET_PROPBIT(r7, 0x5501, 0x0)
write$input_event(r7, &(0x7f00000005c0), 0x200005d8) (async)
write$input_event(r7, &(0x7f00000005c0), 0x200005d8)
io_uring_setup(0x104c, &(0x7f0000001440)) (async)
r10 = io_uring_setup(0x104c, &(0x7f0000001440))
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, 0x0) (async)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r7, 0xc01064b5, 0x0)
close(r10)

3.756629775s ago: executing program 5 (id=1073):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x6a05, &(0x7f0000000380)={0x0, 0x1ffffb, 0x22358, 0x0, 0x0, 0x0, r1}, &(0x7f0000000300)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
write$dsp(r1, &(0x7f0000000200)="8a911d014b7bae50ccdbc29bd80a0dc276b1dc575ee96374b247b07ec9853b4d7e8b612efd2f0b98ac4b1bc834af6d13f2522503c23ce6b70de66f2365c4c37f50b76c812fad104d6e53a6f56fed60847324d0804647185a595602ad1a", 0x5d)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
prctl$PR_SET_NAME(0x59616d61, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
r6 = io_uring_setup(0x5981, &(0x7f0000000280)={0x0, 0x9daa, 0x800, 0xffffffff, 0x3e0})
io_uring_register$IORING_REGISTER_PBUF_RING(r6, 0x16, &(0x7f0000000740)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r6, 0x17, &(0x7f0000002080)={0x0}, 0x1)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[])
setsockopt$inet6_group_source_req(r1, 0x29, 0x2c, &(0x7f0000000400)={0x6, {{0xa, 0x4e26, 0x8, @private2, 0x1}}, {{0xa, 0x4e21, 0x3, @mcast1, 0x8}}}, 0x104)
read$FUSE(r5, &(0x7f0000006840)={0x2020}, 0x2020)
memfd_create(&(0x7f0000000080)='\x00', 0x1)
syz_fuse_handle_req(r5, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
open(0x0, 0x1800, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
r7 = socket(0x0, 0x2, 0x0)
setsockopt$inet6_group_source_req(r7, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000540)={0x10000000, {{0xa, 0x0, 0x0, @local, 0xffffffff}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x2, 0x0}}}}}, 0x104)
sched_getparam(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x1001006}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

3.419806534s ago: executing program 5 (id=1075):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @win={{0x8, 0x9, 0x41a99bbc, 0x25}, 0x0, 0x8, &(0x7f00000008c0)={{0xdb, 0x3, 0x7f}, &(0x7f0000000400)={{0x9, 0x7fffffff, 0x240000, 0xd9c1}, &(0x7f00000003c0)={{0x1c0, 0x1, 0x3, 0x3}}}}, 0x7f, &(0x7f0000000900)="f2a83e12e01edabdfa07a179a9cd3b2b2799a4be0398c0f3c068567766717f2d2c2f", 0x2c}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd, 0x6}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setscheduler(0x0, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x110, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = openat$nullb(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000001040)={0x2020}, 0x2020)
r2 = gettid()
ioprio_set$pid(0x1, r2, 0x4)
ioctl$BLKTRACESETUP(r1, 0xc0401273, &(0x7f0000000280)={'\x00', 0x6, 0x2, 0x7f, 0x8, 0x1})
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x40204706, 0x20000000)
ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f0000000480)={0x0, 0x5, 0x0, [0x6, 0x1000000000000, 0xfffffffffffffffd, 0xa, 0x1ff], [0x8000, 0xf, 0x2, 0xa, 0x3, 0x72, 0x9, 0xe7f, 0xfffffffffffffffb, 0x6, 0x8, 0x4, 0x9, 0x4, 0xffffffffffffffff, 0x4, 0x1, 0x8000008, 0x0, 0x6, 0x3, 0x1000, 0x7, 0x1, 0x6, 0x3, 0x5, 0x3, 0x2, 0x5, 0x1, 0x2, 0x4b4e, 0x1, 0x4, 0x7, 0x8, 0x6, 0x6, 0x3, 0x9, 0x5, 0x3, 0x9, 0x71eb, 0x8, 0x1, 0x0, 0xdab, 0xe, 0xdb68, 0x7, 0xd, 0x7fffffff, 0x9, 0x9, 0x5, 0xfffffffffffffff9, 0x7ff, 0x2, 0x1, 0x3, 0x6, 0xffffffffffffffff, 0x3, 0xfdff, 0x8, 0x7fffffffffffffff, 0x5, 0xffffffffffffff00, 0x9, 0x9, 0x6, 0x595, 0x800, 0x7, 0x70e, 0x0, 0x6, 0x7, 0x3, 0x7, 0x61, 0x9, 0x8, 0x7, 0x8, 0x3b, 0x2, 0xb, 0x40, 0x6, 0xfffffffffffffff6, 0x7, 0x3, 0x0, 0x9, 0x9, 0x8, 0x1d66, 0xb, 0x7, 0x1, 0x8, 0x1, 0x7, 0x1d6, 0xffffffff, 0x4, 0x9, 0x6, 0x2, 0x10001, 0x6, 0x3, 0x0, 0x0, 0x1, 0x4, 0xce7a, 0x685c]})
socket(0x1d, 0x80000, 0x3)
r3 = syz_io_uring_setup(0x5c2, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x3, 0x2ce}, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000340)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x0, &(0x7f0000000300)=0xfffffff8, 0x0, 0x4)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x38, 0x13, r3, 0x0, 0x0, 0x0, 0x1, 0x1, {0x5}})
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="0080000000000000df251700000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x20008090)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000940)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100fdffffff00000000010000001400020077673100000000000000000000000000080007006c090000d2d3f70cc8f6eb87cb0c6fbe2f7a81a1d2a1591c6d8d3c4db07e8ac5b36182d653435f40cd9766d6f0d019f667c7cb840c3d2907280cacd754af58bca824582aa8f42353dc6b89ffa1f7341da72fcb155f5a154fdf579a28029315bb658f3d144a8f59b3cf5dd4876839c64123b52b3071a79271a50d124e37054b5096d6b1785a7aad11314a8574e532e45a91915b1df92aff4eed8fc0f5f06d61531683386d3396b7302ee7774fe07da6994b17737fa40c10d38ffba9a3749c66eaa66501364af639a8929ed65d4ec1c4bdf56ac400a5670d7f76347ffac4b3556ec0a9e88f4dd48c"], 0x30}, 0x1, 0x0, 0x0, 0x4080}, 0x20000010)

2.520791284s ago: executing program 5 (id=1080):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x56, 0x0, 0x0, 0x1, 0x0, @void, @value}, 0x28)

2.518965507s ago: executing program 5 (id=1083):
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x4000001, 0x13, 0xffffffffffffffff, 0x20)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mkdir(&(0x7f0000000140)='./file0\x00', 0xe8)
move_mount(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0/../file0\x00', 0x123)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000040)={0x0})
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r1, 0xc01064c7, &(0x7f0000000240)={0x0, 0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='percpu_alloc_percpu\x00'}, 0x10)
r2 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x102)
ioctl$DRM_IOCTL_SET_MASTER(r2, 0x641e)
syz_usb_connect(0x2, 0x3d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000084ffffffff000000000300000000000000000000000200000000000000000000000000000d030000000000000000000002"], 0x0, 0x56, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
writev(r3, &(0x7f0000000000)=[{&(0x7f0000000100)="fa", 0x1}, {&(0x7f0000000080)="ea", 0x1}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ptrace$poke(0x5, r0, 0x0, 0xffffffff)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)

2.266308315s ago: executing program 6 (id=1087):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10, 0x6}, {0x0, 0x9}, {0xd97e}, {}, {}, {0xfffffffc}, {0x400000}], 0x0, 0x4, 0x0, 0x0, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
eventfd(0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
unshare(0x26020280)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(0x0, 0x0, 0x40000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

2.000156544s ago: executing program 4 (id=1088):
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, 0x0, 0x0)
unshare(0x22020400)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r0, &(0x7f0000000040), 0x8) (async)
listen(r0, 0x0) (async)
r1 = dup2(r0, r0)
connect$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x1, @none, 0x4, 0x1}, 0xe)
r2 = syz_io_uring_setup(0x24f8, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x94}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x76}}, 0x20050800)
syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_SEND={0x1a, 0x40, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r2, 0x5b43, 0x0, 0x2, 0x0, 0x0)

1.93080329s ago: executing program 4 (id=1089):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001000"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c00128009000100626f6e64000000000c00028008"], 0x3c}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'netdevsim0\x00', <r2=>0x0})
socket$inet_udp(0x2, 0x2, 0x0)
openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = syz_open_dev$usbfs(0x0, 0x77, 0x101301)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
getsockopt$MRT6(r3, 0x29, 0xcf, &(0x7f0000000200), &(0x7f0000000280)=0x4)
r5 = dup(r4)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x71f9, &(0x7f0000000300)={0x0, 0x1fffff, 0x10101}, &(0x7f0000000380)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r4})
io_uring_enter(r6, 0x2def, 0x4000, 0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
open(0x0, 0x60840, 0x1d2)
fchmod(r5, 0x1)
truncate(0x0, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='syscall\x00')
syz_io_uring_submit(0x0, 0x0, 0x0)
r9 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r9, 0x40046f41, 0x20000502)
r10 = userfaultfd(0x1)
ioctl$UFFDIO_API(r10, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r10, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_io_uring_setup(0x46a8, &(0x7f0000000000)={0x0, 0x0, 0x4}, &(0x7f0000000100), &(0x7f0000000140))
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000055000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="20000100", @ANYRES32=r2, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], 0x38}}, 0x0)

1.368470175s ago: executing program 6 (id=1090):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a64000000060a010400000000000000000200000038000480340001800c0001007061796c6f6164002400028008000440000000000800034000000000080002400000120008000140000000080900010073797a30000000000900020073797a32"], 0x8c}}, 0x4000)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$BTRFS_IOC_SCRUB_CANCEL(r1, 0x941c, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x19, &(0x7f0000000040)=0x3, 0x4)
syz_extract_tcp_res(&(0x7f0000000000)={<r2=>0x41424344}, 0x80000001, 0xab)
syz_emit_ethernet(0x149, &(0x7f0000000340)=ANY=[@ANYBLOB="bbbbbbbbbbbbffffffffffff08004519013b0067000070069078e0000002ac1414bb0044149a2100000000000000027f00000100000005444c632164010102000000010a01010100000189ac14142b00000009ac1e010100000003e0000001000080010a010100000000010a010100000000097f00000100000007ac1e00010000000300441040300000003e00000001fffffffb01440c4323ac14142000000800004e204e23", @ANYRES32=r2, @ANYRES32=0x41424344, @ANYBLOB="b10207ff9078fff7080a000007ff0000000f050e000001000000b77100000005fe06e2d4c3d9220f597b6b9f499633cb03923bd751fe12f98904e586a83cdcf39b5ba5a64e23cffe06e2d4c3d91312db5c515aa4e6e0bbebd02934ce0e68db007daf8160c08df79857f5ea198c6e01870aa2365dda0b3dc084d1440640c48957abac25ff10488199ad553dfb4245ad27c5d71a811e2637ccf079dc05f6391d23caa8f9bcc523b344178c0d636abae9a5146d83b989bdf4d44a500917e5e679acc80764986e2925cc9c20d02a309fe6afafdf4f6e239df0ab8747d1d7feb5b4a6cc59aa0bf6f0e17756498ac1c580ad1a59c8d7ca0697ea19e04162ba528d629a4c"], 0x0)

1.329835557s ago: executing program 6 (id=1091):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, 0x0)

1.260844046s ago: executing program 6 (id=1093):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000041}, 0x40084)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x400084, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000200)={0x0, r2}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls=0x37, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffffffffffffff90)

1.259939568s ago: executing program 6 (id=1095):
socket$kcm(0x11, 0x3, 0x0) (async)
socket$kcm(0x11, 0x3, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324153, 0x0, 0x0, [{}, {}, {}, {0x1, 0xffffffff}, {}, {0xfffffff8, 0x6}, {0x0, 0x40}], 0x0, 0x7, 0x8, 0x0, 0x1}}) (async)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324153, 0x0, 0x0, [{}, {}, {}, {0x1, 0xffffffff}, {}, {0xfffffff8, 0x6}, {0x0, 0x40}], 0x0, 0x7, 0x8, 0x0, 0x1}})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')
read$FUSE(r1, &(0x7f0000000400)={0x2020}, 0x2020)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000300)={{{@in6=@dev, @in6=@private2}}, {{@in6=@loopback}, 0x0, @in6=@private2}}, &(0x7f0000000400)=0xe4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = socket$kcm(0x2, 0x200000000000001, 0x106)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xfffffffffffffffe}) (async)
select(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xfffffffffffffffe})
r5 = add_key$user(&(0x7f0000000200), &(0x7f0000000580)={'syz', 0x3}, &(0x7f0000000400)="f4", 0x1, 0xfffffffffffffffe)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) (async)
r6 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f00000000c0)={r5, r6, r6}, &(0x7f0000000480)=""/234, 0xea, &(0x7f00000001c0)={&(0x7f0000000080)={'sha256-generic\x00'}})
writev(r4, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff810500000200000058000b480400945f64009400050038925a01000000000000008004000000ffe809000000fff5dd0000000800030006010000418e01", 0x53}], 0x1) (async)
writev(r4, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff810500000200000058000b480400945f64009400050038925a01000000000000008004000000ffe809000000fff5dd0000000800030006010000418e01", 0x53}], 0x1)
bind$alg(r2, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x5a)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
shutdown(r8, 0x0) (async)
shutdown(r8, 0x0)
r9 = dup3(r8, r7, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r3, &(0x7f0000000000)={0x8}) (async)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r3, &(0x7f0000000000)={0x8})
recvmmsg(r9, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}}], 0xf00, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
unshare(0x64000600)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) (async)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
unshare(0x22020500)
socket$nl_sock_diag(0x10, 0x3, 0x4)
getsockopt$IP6T_SO_GET_INFO(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000000c0)={'filter\x00', 0x0, [0x7, 0x800, 0x3, 0xfffffbfb, 0x4]}, &(0x7f0000000040)=0x54) (async)
getsockopt$IP6T_SO_GET_INFO(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000000c0)={'filter\x00', 0x0, [0x7, 0x800, 0x3, 0xfffffbfb, 0x4]}, &(0x7f0000000040)=0x54)

1.210763496s ago: executing program 1 (id=1096):
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000280)={0x77359400}, &(0x7f0000048000), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x11, 0x80a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00'}, 0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @empty}}}, 0x9c)
r3 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000001c0)=ANY=[@ANYBLOB='3'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r3, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r7=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r7}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bond={{0x9}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8, 0x3, 0x4}, @IFLA_BOND_USE_CARRIER={0x5}, @IFLA_BOND_UPDELAY={0x8, 0x4, 0x5}]}}}]}, 0x4c}}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140604000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

1.059881693s ago: executing program 1 (id=1097):
r0 = openat$vsock(0xffffff9c, &(0x7f0000000100), 0x21c002, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x38, r1, 0x20, 0x70bd29, 0x25dfdbfe, {}, [@ETHTOOL_A_COALESCE_PKT_RATE_HIGH={0x8, 0x12, 0x2}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_IRQ={0x8, 0x5, 0xffffffff}, @ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES={0x8, 0x3, 0x50de}]}, 0x38}, 0x1, 0x0, 0x0, 0x8080}, 0x20004001)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r3 = socket$nl_route(0x10, 0x3, 0x0)
flistxattr(r3, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00')
mount$9p_fd(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r5}})
r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
msync(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xc)
ioctl$KVM_HYPERV_EVENTFD(r4, 0x4018aebd, &(0x7f00000000c0)={0x1, 0xffffffffffffffff, 0x1})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x8010, r7, 0xa00c000)
r8 = accept4$llc(0xffffffffffffffff, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000040)=0x10, 0x80800)
connect$llc(r8, &(0x7f0000000080)={0x1a, 0x335, 0xf3, 0x0, 0x9, 0xda, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1d}}, 0x10)

1.059610527s ago: executing program 4 (id=1098):
memfd_create(&(0x7f0000000000)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb7\xc1\xef\xba!\x9d\rSt\xa24\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1dz\xd05\xe2e,\xb1\x84\xea\x91^%A\xe5\x9e\x13TdT\xc6^p\xb0#R\x04\x06\xd4\xc6\x90j\xac\xf9\xa4\xf9\xa5\x0f\x89\xdc\x80O\";\xae\xebA;X\x14\x97\xab\x86\xd1/\x84\x8a\x91$GY\xeb\x8f\xec\xb4\xf9\x1f\xb7\x04\xc2\xc0\xc6\x03\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2\x02\x00\x00\x00\x00\x00\x00\x006\x96\xffZ\\A@\x00\x00\x00\xc9\xdeY\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{x[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v2*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00\xb5M\x9a\x9dc\xaaAU\xec\xe06\xed\xb3\xbd\xe4\xfb\xdf\a\xd0lg\x13\xf9\x8b:s>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262<k\xa8\x88\x01\x00fhD\xe7\xb6\x17\x80\x95\xa8\x1e\t\xb01KF\xcb\x00\x1e\x7fE\x7f\x02\x00\x00\x00y<nGR\x94\x99\xb8\x89\x9b\x8f\xd5\xe6\x02\xb5C\xad\"u\xf4\x01\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x0f\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x10\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[\x00\x00\x00Q\xff}5\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x02?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3o-GU\xb0\x00F\xb3o(aI[\xd6\x9f\x80,y\xdf/\xaa\xe2i\x8cZ\x9c\xc3 \x90\xc6G\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\xc95\xcc\xb6\xf6\xe8o\xfd\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}1X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\xe6\xdf\xc0\xc5\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*}]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\xbb1] \xda\x19\xc5\x9b\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15%\xb0\'D#\xb6Q\x8f\x82]S>\x0fP\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xd3\x84d\xf4\x134\x00\x00\x00\x00h\xaa\x15\x9a\xf7\x03\x00%\x88p\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\x94\x06\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\xf9q\x12\xe3\x1a\xdc\xb7\x12\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\x10W\xbd\xa60k2\x03\xfa\x890\x86#\bQ\xcb)\x00]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1\t\x00\x00\x00 \xc1\xaf\x19?\x00\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\xbfJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa65\xe2D\xbe\xe1\xdfq\xdd68\xf37g\xab9m\xe7\xddO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16W\xbb\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xc6\x12\x8c_x\xa8\xfa\xb5K\x03\x85\x93k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98yA\xd8T\x85\x80A\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86&\xe4\xe2\xe7~\x92\xa2\xb2\x9b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdM\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\xe7]6+\\\x00\x00\x00\x00?#C.\x1dj\xd9\xc3\xdd&\x80g:N\xec\x06[\x8f\x92\xe2\xb01\xb0\xef\x10,\xde\xf3\x86D\x8b\xf7\xf1>AH\xef\\\xf9\x8b\a\xe0\xb2\xcb\xf0\x97\b\r\xd5`\xb9\xd6\xa4\x1e\xbe\x12-}\xc5\x84\xde@\x18\x87\f\x01O\xedS\x8f\x9en,\xbce\xb2\xe4\x82v\x1c\xed\x84-s\xab\x06b\x9c\xba\xec\xa5\xc9A\x84\xd0\xe0 S\xc8\xa2\xaf\x85\v\xad\xa5\x88\xcf\xb6}`\x14\'\xea\xbfN\xac)\xa1\xe8\xb2\x9f\x112TJ\x16\x8c9\xe9\xf5\x18\x15Dd\x8a%>\x91\x93\x80\xe9\x18\x82]\x9e&\xfa\xaa\xfa8Z2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\xb35\x00\xfb\xac8wAph\xb4\x9d\x14\xf6\xec+f\x84\xde\x1b\x11\xe8\\}\xf81\xe6U3\xf9~\xdfD[\x1a\x02\x1f\xd2\x1as-\x9c\x01\x86\xa7\xb8\xc5\xeeOg\x99j\xedu\xafO@\x8e\xf24w\xad\x130Z&\xcb\x81\xfc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00Lo\x12\x00\xa2\xa5$9\x05O\xfe\x0e\xd2N\x98\x84\x10\x01\x89\xaa)\x118\xcd\xf8>\xab\xd9\xbd\xcfH\xa5\x8e\x14\x12\xb0OF\x80\xbb\xb6B\x80Q \x85\'w\xc8D\xf9\xfa\fq\x9e\x83I\xe5\n\xae8\xb7\f\xab#\x85Y\xeeH\x98\x84\x8cRv\xdcZ<\x80\xbd\x8d~\n\x88-\xa1\x97\xaf2e\xa6\'\x8aQ\x85}\xf1\rJF\f\x8c_\x01\xbe\'\v1\xccL\x0e\x05\xbdIa\x85\xb8\x14\xe0;}\xb7\x11\xb5\xfa\xeb\x13\xd3\x92\x8a\xe47\xf9\x12\xd9\xd5\x99\xf4\t\xdf\x058\xc4]\xf7\x16J\xf9\xce\xf0zG\xe6i\xf1~\xaaL\xa5\xd5\xe5L\xban?\'\x11B', 0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000640)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
getsockopt$bt_BT_POWER(0xffffffffffffffff, 0x112, 0x9, 0x0, &(0x7f0000000180))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r4 = fcntl$dupfd(r3, 0x0, r3)
write$sndseq(r4, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick=0x2f, {}, {}, @raw32}, {0x0, 0x2, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x38)
syz_open_dev$rtc(0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r6, &(0x7f00000005c0)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r6, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x4000095, 0x0)
r7 = io_uring_setup(0xa10, &(0x7f0000000040)={0x0, 0x2c1, 0x800, 0x1, 0x307})
r8 = openat$null(0xffffffffffffff9c, &(0x7f0000002500), 0x1, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r7, 0x7, &(0x7f0000000180)=r8, 0x1)
sendmsg$kcm(r5, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000100081046881f782db44b904021d080b01000000e8fe55a11800150006001400000000120800040043000000a80016000a00014006000d00036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88ac417898516", 0x6c}], 0x1}, 0x0)

951.481898ms ago: executing program 1 (id=1099):
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, 0x0)
fcntl$dupfd(r0, 0x0, r0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000180), 0x0, 0x62, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0x19, 0x20000000, 0x0) (async)
io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0x19, 0x20000000, 0x0)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
socket$packet(0x11, 0x3, 0x300) (async)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r6=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r4, r6}, 0x10)
syz_emit_ethernet(0xfdef, 0x0, 0x0) (async)
syz_emit_ethernet(0xfdef, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x1)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='xfs\x00', 0x0, &(0x7f0000000140)='grpquota')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)

172.454861ms ago: executing program 6 (id=1100):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'vlan0\x00', @ifru_ivalue=0x7})
ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000040)={0x6, 0x5, 0x7f})
socket$netlink(0x10, 0x3, 0x10)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000380), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x9, 0x10, &(0x7f0000000300)=ANY=[], 0x0, 0x7, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, &(0x7f00000002c0)=[{0x5, 0x5, 0x3, 0x9}, {0x0, 0x407, 0x6, 0x5}, {0x0, 0x5, 0x10, 0xb}, {0x2, 0x3, 0x4}, {0x0, 0x3, 0x7, 0x7}, {0x4, 0x5, 0x8, 0x5}, {0x4, 0x2, 0x10, 0x2}], 0x10, 0x6, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x0, 0x4004040)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r5=>0x0})
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r5, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000080)=0x1)
socket$inet(0x2, 0xa, 0x9)
setsockopt$inet6_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000580)={@in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, 0x0, 0x0, 0x42, 0x0, "bd1c790806ed6dcd18899f9ea77ca9fb5184ff0ba54b7dfe784d2f6b7dcd9474d9b295588ac0b991d5c66461eca3f1ff5543acc6c970d0ad22d692e84d692972368e64c272da633a217b45fcc8b1ff3b"}, 0xd8)
r9 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r9, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0xb}})
accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x80800)

172.29262ms ago: executing program 4 (id=1101):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f0000000080))

81.093168ms ago: executing program 4 (id=1102):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f00000000c0)={0x54, 0x9, 0x6, 0x101, 0x0, 0x0, {0x5, 0x0, 0x3}, [@IPSET_ATTR_ADT={0x40, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e23}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAME={0x9, 0x12, 'syz2\x00'}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x4}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x40841}, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000000000000000200000095000000000000000000000000000000000056e784466031bc42d4586856fea8a5422128758d88b5f43ee3b332a35c3b4f0f8ff47260ea62853d6c32da7ab47bd1882e8a755a611da46443841e0d79fe0330b57fbc5ac7d4ca19fff93c4d5651a0958d43b5782b0bac60"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4004, 0x3, 0x4}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
openat$drirender128(0xffffff9c, 0x0, 0x0, 0x0) (async, rerun: 64)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async, rerun: 64)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) (async)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) (async, rerun: 64)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) (async, rerun: 64)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
r3 = openat$autofs(0xffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(r3, 0xc0189376, &(0x7f0000000380)={{0x1, 0x1, 0x18, r2, {0x5}}, './file0\x00'}) (async)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, &(0x7f0000000380)}) (async)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000180)=0x6) (async)
write$dsp(r4, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9, &(0x7f0000006680)) (async)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x0, 0x989680}, 0x0) (async)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x38, 0x3b, 0x107, 0x0, 0x0, {0x1, 0x7c}, [@nested={0x4, 0xfc}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x72}]}, @typed={0xc, 0x9, 0x0, 0x0, @u64=0x6}]}, 0x38}}, 0xc000)

80.896311ms ago: executing program 1 (id=1103):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c000000020000000000000002000084ffffffff00000000"], 0x0, 0x56, 0x0, 0x0, 0x1, 0x0, @void, @value}, 0x28)

77.000292ms ago: executing program 4 (id=1104):
openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000fd00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000a749d6d2090000000095000000000000005429fef864ebb77af9c3caf79bd089eb5139af41534341aacc474071eff906d336a9b7d8b38f6fff4e8f66f4ae6a9a0baa50b0d8cfd887986c056c5e37c92e343b0aa58ab46dbe1897f9093c647ea75cb2cac1596933"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
openat$full(0xffffff9c, &(0x7f0000000000), 0x400, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0xfffffffffffffefb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
openat$sysfs(0xffffff9c, &(0x7f0000000180)='/sys/power/pm_wakeup_irq', 0x10440, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-generic\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmmsg$inet(r4, &(0x7f0000001200)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000003c0)="ba", 0x1}, {&(0x7f00000005c0)='0', 0xcea40}], 0x2}}], 0x1, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x123f41, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000040)=0xd)
write$binfmt_aout(r5, &(0x7f0000000940)=ANY=[], 0xff2e)
r6 = syz_io_uring_setup(0x233, &(0x7f0000000280)={0x0, 0x0, 0x10100, 0x1}, &(0x7f0000000080)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r6, 0x7a98, 0x0, 0x0, 0x0, 0x0)

75.925221ms ago: executing program 1 (id=1105):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="0a0000001000010000000000000000000000000a20000000000a03000000000000e5ff00070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d24001280200001800e000100636f6e6e6c696d69740000000c00028008000140000000080800034000000110140000001000010000000000000000000084000a"], 0xb0}}, 0x20050800)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f0000000080))

0s ago: executing program 1 (id=1106):
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000380)={0x2, <r0=>0xffffffffffffffff, 0x2})
write$UHID_DESTROY(r0, &(0x7f0000000480), 0x4)
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x40, 0x0)
r1 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x20080)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x6, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x48}}, 0x20050800)
socket$netlink(0x10, 0x3, 0x4)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="090000004600000004000000fc0793011c5ee0d52d9981f4781c8449d9f9f35a2fc0b798db27e528ee5c998c1b23852f7eeacf8a68c006af378166c847454020522eefe88d44e7eb99be06677c1c22be1e"], 0x48)
r5 = syz_open_dev$vim2m(&(0x7f0000000240), 0x4, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000002c0)={0x4, 0x3, 0xda4f6ff633845490, 0x0, 0x7})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), 0x0, 0xce4, r4}, 0x38)
bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000600), 0x0, 0x3ff, r4, 0x0, 0x100000000000000}, 0x38)
r6 = openat$hwrng(0xffffff9c, &(0x7f0000000100), 0x0, 0x0)
r7 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r7, 0x2285, &(0x7f0000000440)={0x53, 0x0, 0x10f, 0x1, @scatter={0x0, 0x0, 0x0}, &(0x7f00000004c0)="851666ce20db96ab0c7d83e114e7ce1762249711e34f4ce12c6afeb7e6d77bd3b97644edd8e3a3b71fcd006b6237766e151f344afb2306455034ea7a31b1a48724e372a5a8a9ca040f5831f2eb11842a4b8ec9064fa439440f374355d9af754314ce445ac9bea7fac19c3ac58a131895c378ec497ffdf9a82032d9fa225397b92d2e2193de6fe2f6b6c0bd0f80de3dc72890b6900c5b86752639bf37ab325c16dc2f3d4d01b4c3b71ebbfd6fc9b316f76a07144538506a68ae00df22f2fa9cbb0c9fa73c1dcf3eb2eb4fe3534fcee01e9ca0c66f27b8e05e7545cbc3511b3d086f51d58f9acd52eab032468cc8075451bcd5c081a8db84ff509a2f874daf6b3ddff977834d87fc0de3220a4041526a", 0x0, 0x10, 0x5bb727690d5f0ff6, 0x0, 0x0})
r8 = syz_open_dev$ndb(&(0x7f0000000200), 0x0, 0x800)
ioctl$NBD_SET_SOCK(r8, 0xab00, r6)
ioctl$NBD_SET_SIZE_BLOCKS(r1, 0xab07, 0x200000a)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000040)='udf\x00', 0x8007, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000180)={0x0, 0xfffffffffffffe56, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x37, 0x301, 0x270bd24, 0x25dfdbf9, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4004004}, 0x20044804)

kernel console output (not intermixed with test programs):

21][ T6769] batman_adv: batadv0: Interface activated: batadv_slave_0
[   74.652151][ T6769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.657023][ T6769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.660850][ T6769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.664912][ T6769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.668723][ T6769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.672757][ T6769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.677647][ T6769] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.683352][ T6769] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.686953][ T6769] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.690300][ T6769] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.693858][ T6769] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.697797][    T8] usb 7-1: config 1 has an invalid descriptor of length 46, skipping remainder of the config
[   74.701344][    T8] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[   74.705547][    T8] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   74.708632][    T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.716957][    T8] hub 7-1:1.0: bad descriptor, ignoring hub
[   74.718631][    T8] hub 7-1:1.0: probe with driver hub failed with error -5
[   74.720800][    T8] cdc_wdm 7-1:1.0: skipping garbage
[   74.722803][    T8] cdc_wdm 7-1:1.0: skipping garbage
[   74.724378][    T8] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22
[   74.766264][ T1073] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.768725][ T1073] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.777880][  T104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.781726][  T104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.955372][ T6880] ISOFS: Unable to identify CD-ROM format.
[   75.018513][ T6900] FAULT_INJECTION: forcing a failure.
[   75.018513][ T6900] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.022479][ T6900] CPU: 1 UID: 0 PID: 6900 Comm: syz.5.209 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   75.025727][ T6900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   75.028770][ T6900] Call Trace:
[   75.029754][ T6900]  <TASK>
[   75.030607][ T6900]  dump_stack_lvl+0x16c/0x1f0
[   75.031984][ T6900]  should_fail_ex+0x497/0x5b0
[   75.032481][ T5998] usb 7-1: USB disconnect, device number 2
[   75.033460][ T6900]  _copy_from_user+0x2e/0xd0
[   75.036994][ T6900]  video_usercopy+0xc64/0x1520
[   75.038879][ T6900]  ? __pfx___video_do_ioctl+0x10/0x10
[   75.040894][ T6900]  ? __pfx_video_usercopy+0x10/0x10
[   75.042328][ T6900]  v4l2_ioctl+0x1ba/0x250
[   75.043550][ T6900]  ? __fget_files+0x1a1/0x3a0
[   75.045192][ T6900]  v4l2_compat_ioctl32+0x214/0x2c0
[   75.047194][ T6900]  ? __pfx_v4l2_compat_ioctl32+0x10/0x10
[   75.049325][ T6900]  __do_compat_sys_ioctl+0x1cb/0x2c0
[   75.051297][ T6900]  __do_fast_syscall_32+0x73/0x120
[   75.052966][ T6900]  do_fast_syscall_32+0x32/0x80
[   75.054574][ T6900]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   75.056633][ T6900] RIP: 0023:0xf70ce579
[   75.057963][ T6900] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   75.063373][ T6900] RSP: 002b:00000000f50c055c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[   75.065812][ T6900] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0845657
[   75.068634][ T6900] RDX: 0000000020000380 RSI: 0000000000000000 RDI: 0000000000000000
[   75.071798][ T6900] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   75.074958][ T6900] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   75.078048][ T6900] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   75.081139][ T6900]  </TASK>
[   75.145602][ T6912] netlink: 'syz.1.208': attribute type 8 has an invalid length.
[   75.168934][ T6908] netlink: 4 bytes leftover after parsing attributes in process `syz.5.210'.
[   75.171535][ T6908] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   75.173875][ T6908] batman_adv: batadv0: Removing interface: batadv_slave_0
[   75.178259][ T6908] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   75.180416][ T6908] batman_adv: batadv0: Removing interface: batadv_slave_1
[   75.617912][ T6942] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   75.852098][ T6948] netlink: 12 bytes leftover after parsing attributes in process `syz.1.215'.
[   75.912464][ T6953] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[   75.912464][ T6953]    program syz.2.214 not setting count and/or reply_len properly
[   75.930122][ T6953] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   76.077785][ T6965] FAULT_INJECTION: forcing a failure.
[   76.077785][ T6965] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   76.081559][ T6965] CPU: 1 UID: 0 PID: 6965 Comm: syz.1.218 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   76.084535][ T6965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   76.087549][ T6965] Call Trace:
[   76.088513][ T6965]  <TASK>
[   76.089337][ T6965]  dump_stack_lvl+0x16c/0x1f0
[   76.090659][ T6965]  should_fail_ex+0x497/0x5b0
[   76.091984][ T6965]  _copy_to_user+0x32/0xd0
[   76.093231][ T6965]  simple_read_from_buffer+0xd0/0x160
[   76.094691][ T6965]  proc_fail_nth_read+0x198/0x270
[   76.096095][ T6965]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   76.097615][ T6965]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   76.099136][ T6965]  vfs_read+0x1df/0xbe0
[   76.100277][ T6965]  ? __fget_files+0x1fc/0x3a0
[   76.101609][ T6965]  ? __pfx___mutex_lock+0x10/0x10
[   76.103030][ T6965]  ? __pfx_vfs_read+0x10/0x10
[   76.104362][ T6965]  ? __fget_files+0x206/0x3a0
[   76.105800][ T6965]  ksys_read+0x12b/0x250
[   76.106961][ T6965]  ? __pfx_ksys_read+0x10/0x10
[   76.108284][ T6965]  __do_fast_syscall_32+0x73/0x120
[   76.109706][ T6965]  do_fast_syscall_32+0x32/0x80
[   76.111080][ T6965]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   76.112923][ T6965] RIP: 0023:0xf70ee579
[   76.114380][ T6965] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   76.120100][ T6965] RSP: 002b:00000000f50e0590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[   76.122448][ T6965] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50e0620
[   76.124613][ T6965] RDX: 000000000000000f RSI: 00000000f7423ff4 RDI: 0000000000000000
[   76.126764][ T6965] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   76.129089][ T6965] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[   76.131452][ T6965] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   76.133760][ T6965]  </TASK>
[   76.252456][ T5955] Bluetooth: hci2: command tx timeout
[   76.690640][ T6991] capability: warning: `syz.4.223' uses deprecated v2 capabilities in a way that may be insecure
[   76.935177][   T39] audit: type=1800 audit(1737015366.839:7): pid=7000 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.4.225" name="/dsp1" dev="devtmpfs" ino=1314 res=0 errno=0
[   77.049503][ T7008] netlink: 52 bytes leftover after parsing attributes in process `syz.5.226'.
[   77.721233][ T7022] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[   77.721233][ T7022]    program syz.5.228 not setting count and/or reply_len properly
[   77.779024][ T7022] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   77.858944][ T7028] dccp_invalid_packet: invalid packet type
[   78.171746][ T7053] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[   78.178878][ T7053] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   78.342442][ T5955] Bluetooth: hci2: command tx timeout
[   78.362433][ T5323] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[   78.451058][ T7060] netlink: 187320 bytes leftover after parsing attributes in process `syz.5.240'.
[   78.453872][ T7060] netlink: zone id is out of range
[   78.455452][ T7060] netlink: zone id is out of range
[   78.456984][ T7060] netlink: zone id is out of range
[   78.458461][ T7060] netlink: zone id is out of range
[   78.459945][ T7060] netlink: zone id is out of range
[   78.461476][ T7060] netlink: zone id is out of range
[   78.463016][ T7060] netlink: zone id is out of range
[   78.464455][ T7060] netlink: zone id is out of range
[   78.513632][ T5323] usb 9-1: config index 0 descriptor too short (expected 53411, got 18)
[   78.515846][ T5323] usb 9-1: config 23 has too many interfaces: 171, using maximum allowed: 32
[   78.518274][ T5323] usb 9-1: config 23 has an invalid descriptor of length 77, skipping remainder of the config
[   78.520970][ T5323] usb 9-1: config 23 has 0 interfaces, different from the descriptor's value: 171
[   78.523784][ T5323] usb 9-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[   78.526183][ T5323] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.631431][ T7065] netlink: 16 bytes leftover after parsing attributes in process `syz.5.242'.
[   78.737523][ T7072] random: crng reseeded on system resumption
[   78.756787][ T7072] 9pnet_fd: Insufficient options for proto=fd
[   78.834048][ T7083] netlink: 72 bytes leftover after parsing attributes in process `syz.5.248'.
[   78.873068][   T39] audit: type=1326 audit(1737015368.819:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7085 comm="syz.2.249" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f78579 code=0x7ffc0000
[   78.880864][   T39] audit: type=1326 audit(1737015368.829:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7085 comm="syz.2.249" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f785a7 code=0x7ffc0000
[   78.889728][   T39] audit: type=1326 audit(1737015368.829:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7085 comm="syz.2.249" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f78579 code=0x7ffc0000
[   78.898776][   T39] audit: type=1326 audit(1737015368.829:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7085 comm="syz.2.249" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f785a7 code=0x7ffc0000
[   78.907051][   T39] audit: type=1326 audit(1737015368.829:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7085 comm="syz.2.249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[   78.917946][   T39] audit: type=1326 audit(1737015368.829:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7085 comm="syz.2.249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[   78.923767][   T39] audit: type=1326 audit(1737015368.829:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7085 comm="syz.2.249" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7f78579 code=0x7ffc0000
[   78.929328][   T39] audit: type=1326 audit(1737015368.829:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7085 comm="syz.2.249" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f78579 code=0x7ffc0000
[   78.937474][   T39] audit: type=1326 audit(1737015368.839:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7085 comm="syz.2.249" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f78579 code=0x7ffc0000
[   78.972921][ T5323] usb 9-1: string descriptor 0 read error: -71
[   78.975517][ T5323] usb 9-1: USB disconnect, device number 3
[   78.986874][ T7094] netlink: 16 bytes leftover after parsing attributes in process `syz.5.251'.
[   79.002206][ T7092] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   79.027261][ T7092] evm: overlay not supported
[   79.088701][ T7099] netlink: 'syz.2.253': attribute type 27 has an invalid length.
[   79.109342][ T7099] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.111858][ T7099] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.159589][ T7099] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   79.165483][ T7099] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   79.210885][ T7099] ipvlan1: left allmulticast mode
[   79.222483][ T7099] veth0_vlan: left allmulticast mode
[   79.232766][ T7099] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   79.235503][ T7099] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   79.238094][ T7099] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   79.240613][ T7099] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   79.363859][ T7102] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.368435][ T7102] 8021q: adding VLAN 0 to HW filter on device team0
[   79.380763][ T7101] netlink: 80 bytes leftover after parsing attributes in process `syz.5.252'.
[   79.387097][ T7104] netlink: 'syz.5.252': attribute type 4 has an invalid length.
[   79.707543][ T7112] netlink: 24 bytes leftover after parsing attributes in process `syz.2.254'.
[   79.826017][ T7109] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[   79.924723][ T7118] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[   79.924723][ T7118]    program syz.4.255 not setting count and/or reply_len properly
[   80.266737][ T7107] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[   80.557860][ T5955] Bluetooth: hci1: unknown advertising packet type: 0x73
[   80.557892][ T5955] Bluetooth: hci1: unknown advertising packet type: 0xb0
[   80.560609][ T5955] Bluetooth: hci1: Dropping invalid advertising data
[   80.565760][ T5955] Bluetooth: hci1: Malformed LE Event: 0x02
[   81.074330][   T30] cfg80211: failed to load regulatory.db
[   81.114274][ T7154] netlink: 8 bytes leftover after parsing attributes in process `syz.2.267'.
[   81.221060][ T7158] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[   81.229030][ T7158] UDF-fs: Scanning with blocksize 2048 failed
[   81.232212][ T7158] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[   81.234378][ T7158] UDF-fs: Scanning with blocksize 4096 failed
[   81.441598][ T7163] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[   81.441598][ T7163]    program syz.4.269 not setting count and/or reply_len properly
[   82.104415][ T7180] input: syz0 as /devices/virtual/input/input8
[   82.243760][ T7188] netlink: 8 bytes leftover after parsing attributes in process `syz.4.277'.
[   82.364657][   T35] usb 10-1: new low-speed USB device number 2 using dummy_hcd
[   82.517580][   T35] usb 10-1: No LPM exit latency info found, disabling LPM.
[   82.863209][   T35] usb 10-1: config 14 has an invalid interface number: 129 but max is 2
[   82.866177][ T7167] block nbd1: shutting down sockets
[   82.866608][   T35] usb 10-1: config 14 has an invalid interface number: 7 but max is 2
[   82.866629][   T35] usb 10-1: config 14 has an invalid interface number: 140 but max is 2
[   82.866647][   T35] usb 10-1: config 14 has no interface number 0
[   82.866662][   T35] usb 10-1: config 14 has no interface number 1
[   82.866677][   T35] usb 10-1: config 14 has no interface number 2
[   82.866711][   T35] usb 10-1: config 14 interface 129 altsetting 128 has an invalid descriptor for endpoint zero, skipping
[   82.886642][   T35] usb 10-1: config 14 interface 129 altsetting 128 endpoint 0x5 has invalid maxpacket 64, setting to 8
[   82.890903][   T35] usb 10-1: config 14 interface 129 altsetting 128 has an invalid descriptor for endpoint zero, skipping
[   82.896474][   T35] usb 10-1: config 14 interface 129 altsetting 128 has a duplicate endpoint with address 0x5, skipping
[   82.900682][   T35] usb 10-1: config 14 interface 129 altsetting 128 has a duplicate endpoint with address 0x5, skipping
[   82.904950][   T35] usb 10-1: config 14 interface 129 altsetting 128 endpoint 0x2 has invalid maxpacket 512, setting to 8
[   82.909638][   T35] usb 10-1: config 14 interface 129 altsetting 128 has a duplicate endpoint with address 0x5, skipping
[   82.913936][   T35] usb 10-1: config 14 interface 129 altsetting 128 has a duplicate endpoint with address 0x5, skipping
[   82.918251][   T35] usb 10-1: config 14 interface 7 altsetting 6 endpoint 0xF has invalid maxpacket 512, setting to 8
[   82.922638][   T35] usb 10-1: config 14 interface 7 altsetting 6 endpoint 0x8 has invalid maxpacket 32, setting to 8
[   82.926704][   T35] usb 10-1: config 14 interface 7 altsetting 6 has a duplicate endpoint with address 0x8, skipping
[   82.930644][   T35] usb 10-1: config 14 interface 7 altsetting 6 has an invalid descriptor for endpoint zero, skipping
[   82.934805][   T35] usb 10-1: config 14 interface 7 altsetting 6 has an invalid descriptor for endpoint zero, skipping
[   82.938900][   T35] usb 10-1: config 14 interface 7 altsetting 6 endpoint 0x9 has an invalid bInterval 0, changing to 4
[   82.943115][   T35] usb 10-1: config 14 interface 7 altsetting 6 endpoint 0x9 has invalid maxpacket 16, setting to 0
[   82.947337][   T35] usb 10-1: config 14 interface 7 altsetting 6 endpoint 0x4 has invalid maxpacket 512, setting to 8
[   82.952067][   T35] usb 10-1: config 14 interface 7 altsetting 6 has a duplicate endpoint with address 0x2, skipping
[   82.956226][   T35] usb 10-1: config 14 interface 7 altsetting 6 endpoint 0xA has an invalid bInterval 105, changing to 4
[   82.960437][   T35] usb 10-1: config 14 interface 7 altsetting 6 endpoint 0xA has invalid maxpacket 1023, setting to 0
[   82.964698][   T35] usb 10-1: config 14 interface 7 altsetting 6 has a duplicate endpoint with address 0x5, skipping
[   82.968800][   T35] usb 10-1: config 14 interface 7 altsetting 6 endpoint 0xD has invalid maxpacket 88, setting to 8
[   82.974127][   T35] usb 10-1: config 14 interface 140 altsetting 244 endpoint 0x89 is Bulk; changing to Interrupt
[   82.978172][   T35] usb 10-1: config 14 interface 140 altsetting 244 endpoint 0x3 has invalid maxpacket 1024, setting to 8
[   82.982562][   T35] usb 10-1: config 14 interface 140 altsetting 244 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[   82.987645][   T35] usb 10-1: config 14 interface 129 has no altsetting 0
[   82.990297][   T35] usb 10-1: config 14 interface 7 has no altsetting 0
[   82.993570][   T35] usb 10-1: config 14 interface 140 has no altsetting 0
[   83.443782][ T7202] mmap: syz.2.280 (7202) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   83.478024][ T7204] bridge_slave_0: left allmulticast mode
[   83.479687][ T7204] bridge_slave_0: left promiscuous mode
[   83.481387][ T7204] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.487769][ T7204] bridge_slave_1: left allmulticast mode
[   83.489528][ T7204] bridge_slave_1: left promiscuous mode
[   83.491504][ T7204] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.497120][ T7204] bond0: (slave bond_slave_0): Releasing backup interface
[   83.502101][ T7204] bond0: (slave bond_slave_1): Releasing backup interface
[   83.519068][ T7204] team0: Port device team_slave_0 removed
[   83.527807][ T7204] team0: Port device team_slave_1 removed
[   83.530498][ T7204] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   83.534191][ T7204] batman_adv: batadv0: Removing interface: batadv_slave_0
[   83.537578][ T7204] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   83.540316][ T7204] batman_adv: batadv0: Removing interface: batadv_slave_1
[   83.629275][ T7213] fuse: Unknown parameter '00000000000000000003'
[   83.640303][ T7216] netlink: 60 bytes leftover after parsing attributes in process `syz.1.284'.
[   83.645865][ T7215] netlink: 928 bytes leftover after parsing attributes in process `syz.1.284'.
[   83.668427][ T7215] 9pnet_fd: Insufficient options for proto=fd
[   84.014692][ T7221] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[   84.014692][ T7221]    program syz.1.285 not setting count and/or reply_len properly
[   84.065828][ T7221] net_ratelimit: 689 callbacks suppressed
[   84.065844][ T7221] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   84.857708][ T7238] ISOFS: Unable to identify CD-ROM format.
[   84.910041][ T7243] netlink: 72 bytes leftover after parsing attributes in process `syz.1.291'.
[   85.061829][   T35] usb 10-1: string descriptor 0 read error: -71
[   85.068656][   T35] usb 10-1: Dual-Role OTG device on HNP port
[   85.075885][   T35] usb 10-1: can't set HNP mode: -71
[   85.601197][ T7272] netlink: 4 bytes leftover after parsing attributes in process `syz.1.300'.
[   85.604707][ T7272] netlink: 12 bytes leftover after parsing attributes in process `syz.1.300'.
[   85.794203][ T7280] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[   85.794203][ T7280]    program syz.2.299 not setting count and/or reply_len properly
[   85.815879][ T7280] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   86.271703][ T7289] ISOFS: Unable to identify CD-ROM format.
[   86.851433][ T7301] netlink: 20 bytes leftover after parsing attributes in process `syz.4.307'.
[   87.071269][ T7334] qnx6: unable to set blocksize
[   87.095537][   T39] kauditd_printk_skb: 17 callbacks suppressed
[   87.095546][   T39] audit: type=1326 audit(1737015377.049:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7335 comm="syz.4.315" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x0
[   87.162542][   T62] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[   87.229858][ T7346] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[   87.229858][ T7346]    program syz.1.313 not setting count and/or reply_len properly
[   87.257238][ T7346] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   87.292487][   T62] usb 10-1: device descriptor read/64, error -71
[   87.540637][   T39] audit: type=1800 audit(1737015377.489:35): pid=7353 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.319" name="bus" dev="overlay" ino=519 res=0 errno=0
[   87.542707][   T62] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[   87.550908][   T39] audit: type=1804 audit(1737015377.499:36): pid=7353 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.319" name="/newroot/92/bus/file0" dev="overlay" ino=520 res=1 errno=0
[   87.672403][   T62] usb 10-1: device descriptor read/64, error -71
[   87.782775][   T62] usb usb10-port1: attempt power cycle
[   88.132362][   T62] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[   88.153305][   T62] usb 10-1: device descriptor read/8, error -71
[   88.200178][ T7379] ISOFS: Unable to identify CD-ROM format.
[   88.392691][   T62] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[   88.413429][   T62] usb 10-1: device descriptor read/8, error -71
[   88.523204][   T62] usb usb10-port1: unable to enumerate USB device
[   88.855197][ T7392] vivid-000: =================  START STATUS  =================
[   88.857480][ T7392] vivid-000: Test Pattern: 75% Colorbar
[   88.859073][ T7392] vivid-000: Fill Percentage of Frame: 100
[   88.860665][ T7392] vivid-000: Horizontal Movement: No Movement
[   88.862789][ T7392] vivid-000: Vertical Movement: No Movement
[   88.864591][ T7392] vivid-000: OSD Text Mode: All
[   88.866296][ T7392] vivid-000: Show Border: false
[   88.868239][ T7392] vivid-000: Show Square: false
[   88.870241][ T7392] vivid-000: Sensor Flipped Horizontally: false
[   88.873259][ T7392] vivid-000: Sensor Flipped Vertically: false
[   88.875719][ T7392] vivid-000: Insert SAV Code in Image: false
[   88.878126][ T7392] vivid-000: Insert EAV Code in Image: false
[   88.880535][ T7392] vivid-000: Insert Video Guard Band: false
[   88.883611][ T7392] vivid-000: Reduced Framerate: false
[   88.885955][ T7392] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator
[   88.888234][ T7392] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator
[   88.890497][ T7392] vivid-000: Enable Capture Cropping: true
[   88.892193][ T7392] vivid-000: Enable Capture Composing: true
[   88.894158][ T7392] vivid-000: Enable Capture Scaler: true
[   88.896525][ T7392] vivid-000: Timestamp Source: End of Frame
[   88.899006][ T7392] vivid-000: Colorspace: sRGB
[   88.901000][ T7392] vivid-000: Transfer Function: Default
[   88.903565][ T7392] vivid-000: Y'CbCr Encoding: Default
[   88.905859][ T7392] vivid-000: HSV Encoding: Hue 0-179
[   88.908726][ T7392] vivid-000: Quantization: Default
[   88.910871][ T7392] vivid-000: Apply Alpha To Red Only: false
[   88.913776][ T7392] vivid-000: Standard Aspect Ratio: 4x3
[   88.916058][ T7392] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[   88.919180][ T7392] vivid-000: DV Timings: 640x480p59 inactive
[   88.921664][ T7392] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[   88.925226][ T7392] vivid-000: Maximum EDID Blocks: 2
[   88.927441][ T7392] vivid-000: Limited RGB Range (16-235): false
[   88.930019][ T7392] vivid-000: Rx RGB Quantization Range: Automatic
[   88.933045][ T7392] vivid-000: Power Present: 0x00000001
[   88.935342][ T7392] tpg source WxH: 320x180 (R'G'B)
[   88.937278][ T7392] tpg field: 1
[   88.938355][ T7392] tpg crop: 320x180@0x0
[   88.939601][ T7392] tpg compose: 320x180@0x0
[   88.940969][ T7392] tpg colorspace: 8
[   88.942143][ T7392] tpg transfer function: 0/2
[   88.943923][ T7392] tpg quantization: 0/2
[   88.945198][ T7392] tpg RGB range: 0/2
[   88.946401][ T7392] vivid-000: ==================  END STATUS  ==================
[   89.288860][ T7411] fuse: Unknown parameter 'grou00000000000000000000'
[   90.095546][ T7426] netlink: 12 bytes leftover after parsing attributes in process `syz.4.337'.
[   90.114655][ T7426] ISOFS: Unable to identify CD-ROM format.
[   90.867090][ T7463] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[   90.867090][ T7463]    program syz.2.342 not setting count and/or reply_len properly
[   90.881759][ T7463] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   91.118017][ T7471] random: crng reseeded on system resumption
[   91.135007][ T7472] netlink: 64 bytes leftover after parsing attributes in process `syz.5.345'.
[   91.203122][ T7473] 9pnet_fd: Insufficient options for proto=fd
[   92.325991][ T7504] netlink: 'syz.5.351': attribute type 5 has an invalid length.
[   92.929293][ T7521] 9pnet_fd: Insufficient options for proto=fd
[   93.242201][ T7528] overlayfs: failed to resolve './file1': -2
[   93.706097][ T7544] 9pnet_fd: Insufficient options for proto=fd
[   93.727173][ T7541] kvm: kvm [7539]: vcpu0, guest rIP: 0x166 Unhandled WRMSR(0xc1) = 0x60000000000
[   93.730230][ T7541] kvm: kvm [7539]: vcpu0, guest rIP: 0x166 Unhandled WRMSR(0xc2) = 0x60000000400
[   93.746429][ T7541] kvm: kvm [7539]: vcpu0, guest rIP: 0x166 Unhandled WRMSR(0x11e) = 0x60000000400
[   93.764306][ T7541] kvm: kvm [7539]: vcpu0, guest rIP: 0x166 Unhandled WRMSR(0x186) = 0x60000000400
[   93.767229][ T7547] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[   93.767229][ T7547]    program syz.1.355 not setting count and/or reply_len properly
[   93.767491][ T7541] kvm: kvm [7539]: vcpu0, guest rIP: 0x166 Unhandled WRMSR(0x187) = 0x60000000000
[   93.776772][ T7547] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   93.784457][ T7546] netlink: 44 bytes leftover after parsing attributes in process `syz.2.363'.
[   93.788052][ T7546] netlink: 43 bytes leftover after parsing attributes in process `syz.2.363'.
[   93.790744][ T7546] netlink: 'syz.2.363': attribute type 6 has an invalid length.
[   93.794440][ T7546] netlink: 'syz.2.363': attribute type 5 has an invalid length.
[   93.796805][ T7546] netlink: 43 bytes leftover after parsing attributes in process `syz.2.363'.
[   94.019366][ T7551] netlink: 12 bytes leftover after parsing attributes in process `syz.1.365'.
[   94.043588][ T7551] ubi0: attaching mtd0
[   94.045693][ T7551] ubi0: scanning is finished
[   94.047067][ T7551] ubi0: empty MTD device detected
[   94.107666][ T7551] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[   94.109916][ T7551] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[   94.112168][ T7551] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[   94.114890][ T7551] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[   94.117858][ T7551] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   94.120538][ T7551] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[   94.123834][ T7551] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 111965981
[   94.127752][ T7551] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   94.131880][ T7552] ubi0: background thread "ubi_bgt0d" started, PID 7552
[   95.345577][ T7573] netlink: 'syz.4.370': attribute type 2 has an invalid length.
[   95.662666][ T7575] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[   95.662666][ T7575]    program syz.1.372 not setting count and/or reply_len properly
[   95.707195][ T7575] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   96.252696][ T5953] Bluetooth: hci2: command 0x0405 tx timeout
[   96.933977][ T7588] FAULT_INJECTION: forcing a failure.
[   96.933977][ T7588] name failslab, interval 1, probability 0, space 0, times 0
[   96.937560][ T7588] CPU: 0 UID: 0 PID: 7588 Comm: syz.1.377 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   96.940555][ T7588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   96.943621][ T7588] Call Trace:
[   96.944600][ T7588]  <TASK>
[   96.945477][ T7588]  dump_stack_lvl+0x16c/0x1f0
[   96.946891][ T7588]  should_fail_ex+0x497/0x5b0
[   96.948297][ T7588]  ? fs_reclaim_acquire+0xae/0x150
[   96.949798][ T7588]  should_failslab+0xc2/0x120
[   96.951166][ T7588]  __kmalloc_noprof+0xce/0x4f0
[   96.952632][ T7588]  ? __pfx___mutex_trylock_common+0x10/0x10
[   96.954328][ T7588]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[   96.956404][ T7588]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[   96.958426][ T7588]  genl_family_rcv_msg_doit+0xbf/0x2f0
[   96.960011][ T7588]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[   96.961855][ T7588]  ? genl_get_cmd+0x195/0x580
[   96.963217][ T7588]  ? bpf_lsm_capable+0x9/0x10
[   96.964606][ T7588]  ? security_capable+0x7e/0x260
[   96.966048][ T7588]  genl_rcv_msg+0x565/0x800
[   96.967405][ T7588]  ? __pfx_genl_rcv_msg+0x10/0x10
[   96.968857][ T7588]  ? __pfx_nl802154_pre_doit+0x10/0x10
[   96.970479][ T7588]  ? __pfx_nl802154_add_llsec_dev+0x10/0x10
[   96.972197][ T7588]  ? __pfx_nl802154_post_doit+0x10/0x10
[   96.973838][ T7588]  ? __pfx___lock_acquire+0x10/0x10
[   96.975316][ T7588]  netlink_rcv_skb+0x165/0x410
[   96.976697][ T7588]  ? __pfx_genl_rcv_msg+0x10/0x10
[   96.978140][ T7588]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   96.979677][ T7588]  ? down_read+0xc9/0x330
[   96.981166][ T7588]  ? __pfx_down_read+0x10/0x10
[   96.982569][ T7588]  ? netlink_deliver_tap+0x1ae/0xca0
[   96.984128][ T7588]  genl_rcv+0x28/0x40
[   96.985350][ T7588]  netlink_unicast+0x53c/0x7f0
[   96.986744][ T7588]  ? __pfx_netlink_unicast+0x10/0x10
[   96.988332][ T7588]  ? __phys_addr_symbol+0x30/0x80
[   96.989810][ T7588]  ? __check_object_size+0x488/0x710
[   96.991355][ T7588]  netlink_sendmsg+0x8b8/0xd70
[   96.992781][ T7588]  ? __pfx_netlink_sendmsg+0x10/0x10
[   96.994309][ T7588]  ____sys_sendmsg+0x9ae/0xb40
[   96.995713][ T7588]  ? __pfx_____sys_sendmsg+0x10/0x10
[   96.997309][ T7588]  ? get_compat_msghdr+0x11b/0x170
[   96.998807][ T7588]  ___sys_sendmsg+0x135/0x1e0
[   97.000182][ T7588]  ? __pfx____sys_sendmsg+0x10/0x10
[   97.001743][ T7588]  ? __pfx_lock_release+0x10/0x10
[   97.003217][ T7588]  ? trace_lock_acquire+0x14e/0x1f0
[   97.004784][ T7588]  ? __fget_files+0x206/0x3a0
[   97.006155][ T7588]  __sys_sendmsg+0x16e/0x220
[   97.007503][ T7588]  ? __pfx___sys_sendmsg+0x10/0x10
[   97.009057][ T7588]  __do_fast_syscall_32+0x73/0x120
[   97.010560][ T7588]  do_fast_syscall_32+0x32/0x80
[   97.012002][ T7588]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   97.013894][ T7588] RIP: 0023:0xf70ee579
[   97.015078][ T7588] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   97.020684][ T7588] RSP: 002b:00000000f50e055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   97.023125][ T7588] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200016c0
[   97.025416][ T7588] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[   97.027688][ T7588] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   97.030032][ T7588] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   97.032386][ T7588] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   97.034697][ T7588]  </TASK>
[   97.082459][ T7586] lo speed is unknown, defaulting to 1000
[   97.087177][ T7586] lo speed is unknown, defaulting to 1000
[   97.089662][ T7586] lo speed is unknown, defaulting to 1000
[   97.100818][ T7594] FAULT_INJECTION: forcing a failure.
[   97.100818][ T7594] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.105781][ T7594] CPU: 3 UID: 0 PID: 7594 Comm: syz.1.379 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[   97.109135][ T7594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   97.112343][ T7594] Call Trace:
[   97.113624][ T7594]  <TASK>
[   97.114899][ T7594]  dump_stack_lvl+0x16c/0x1f0
[   97.116930][ T7594]  should_fail_ex+0x497/0x5b0
[   97.118826][ T7594]  _copy_from_iter+0x29b/0x1400
[   97.120811][ T7594]  ? trace_lock_acquire+0x14e/0x1f0
[   97.122878][ T7594]  ? __alloc_skb+0x200/0x380
[   97.124326][ T7594]  ? __pfx__copy_from_iter+0x10/0x10
[   97.125861][ T7594]  ? __virt_addr_valid+0x1a4/0x590
[   97.127350][ T7594]  ? __virt_addr_valid+0x5e/0x590
[   97.128823][ T7594]  ? __phys_addr_symbol+0x30/0x80
[   97.130266][ T7594]  ? __check_object_size+0x488/0x710
[   97.131800][ T7594]  netlink_sendmsg+0x813/0xd70
[   97.133293][ T7594]  ? __pfx_netlink_sendmsg+0x10/0x10
[   97.135364][ T7594]  ____sys_sendmsg+0x9ae/0xb40
[   97.137305][ T7594]  ? __pfx_____sys_sendmsg+0x10/0x10
[   97.139429][ T7594]  ? get_compat_msghdr+0x11b/0x170
[   97.139587][ T7586] infiniband s
z1: set active
[   97.141497][ T7594]  ___sys_sendmsg+0x135/0x1e0
[   97.144341][ T5323] lo speed is unknown, defaulting to 1000
[   97.145170][ T7594]  ? __pfx____sys_sendmsg+0x10/0x10
[   97.147069][ T7586] infiniband s
z1: added lo
[   97.149106][ T7594]  ? __pfx_lock_release+0x10/0x10
[   97.152427][ T7594]  ? trace_lock_acquire+0x14e/0x1f0
[   97.154548][ T7594]  ? __fget_files+0x206/0x3a0
[   97.156454][ T7594]  __sys_sendmsg+0x16e/0x220
[   97.158376][ T7594]  ? __pfx___sys_sendmsg+0x10/0x10
[   97.160302][ T7594]  __do_fast_syscall_32+0x73/0x120
[   97.162104][ T7594]  do_fast_syscall_32+0x32/0x80
[   97.164034][ T7594]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[   97.166535][ T7594] RIP: 0023:0xf70ee579
[   97.167925][ T7594] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[   97.175094][ T7594] RSP: 002b:00000000f50e055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[   97.178315][ T7594] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[   97.181382][ T7594] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   97.184511][ T7594] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[   97.187573][ T7594] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[   97.190612][ T7594] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   97.193743][ T7594]  </TASK>
[   97.200316][ T7586] RDS/IB: s
z1: added
[   97.201805][ T7586] smc: adding ib device s
z1 with port count 1
[   97.203718][ T7586] smc:    ib device s
z1 port 1 has pnetid 
[   97.207553][ T7586] lo speed is unknown, defaulting to 1000
[   97.212964][ T5323] lo speed is unknown, defaulting to 1000
[   97.248601][ T7586] lo speed is unknown, defaulting to 1000
[   97.287698][ T7586] lo speed is unknown, defaulting to 1000
[   97.325380][ T7586] lo speed is unknown, defaulting to 1000
[   97.561054][ T7604] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[   97.561054][ T7604]    program syz.1.381 not setting count and/or reply_len properly
[   97.578179][ T7604] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   97.642879][ T7606] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   97.645074][ T7606] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   97.647206][ T7606] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   97.649330][ T7606] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   97.664276][ T7606] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   97.667304][ T7606] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   97.673981][ T7606] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   97.682292][ T7606] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   98.250910][ T7615] lo speed is unknown, defaulting to 1000
[   98.699901][ T7625] random: crng reseeded on system resumption
[   98.765321][ T7626] 9pnet_fd: Insufficient options for proto=fd
[   99.189798][ T7629] netdevsim netdevsim4: Direct firmware load for .
[   99.189798][ T7629]  failed with error -2
[   99.193370][ T7629] netdevsim netdevsim4: Falling back to sysfs fallback for: .
[   99.193370][ T7629] 
[   99.366093][ T7630] infiniband syz1: set down
[   99.367649][ T7630] infiniband syz1: added syzkaller0
[   99.423067][ T7630] RDS/IB: syz1: added
[   99.424621][ T7630] smc: adding ib device syz1 with port count 1
[   99.426573][ T7633] netlink: 'syz.1.388': attribute type 11 has an invalid length.
[   99.426933][ T7630] smc:    ib device syz1 port 1 has pnetid 
[   99.429266][ T7633] netlink: 132 bytes leftover after parsing attributes in process `syz.1.388'.
[   99.438909][ T7634] netlink: 'syz.1.388': attribute type 11 has an invalid length.
[   99.441207][ T7634] netlink: 132 bytes leftover after parsing attributes in process `syz.1.388'.
[   99.692438][ T5953] Bluetooth: hci2: command 0x0405 tx timeout
[   99.692728][ T5955] Bluetooth: hci3: command 0x0c1a tx timeout
[   99.694219][ T5953] Bluetooth: hci0: command 0x0c1a tx timeout
[   99.698203][ T5940] Bluetooth: hci1: command 0x0c1a tx timeout
[   99.836667][ T7639] /dev/sg0: Can't lookup blockdev
[   99.954947][  T104] smc: removing ib device syz1
[  100.064284][ T7644] nbd1: detected capacity change from 0 to 22
[  100.068293][ T7643] block nbd1: shutting down sockets
[  100.068349][ T7014] blk_print_req_error: 25 callbacks suppressed
[  100.068358][ T7014] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  100.074405][ T7014] buffer_io_error: 25 callbacks suppressed
[  100.074413][ T7014] Buffer I/O error on dev nbd1, logical block 0, async page read
[  100.080795][ T1254] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  100.083868][ T1254] Buffer I/O error on dev nbd1, logical block 0, async page read
[  100.086571][ T7014] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  100.089310][ T7014] Buffer I/O error on dev nbd1, logical block 0, async page read
[  100.091588][ T7014] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  100.095811][ T7014] Buffer I/O error on dev nbd1, logical block 0, async page read
[  100.098204][ T7014] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  100.100820][ T7014] Buffer I/O error on dev nbd1, logical block 0, async page read
[  100.103834][ T7014] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  100.106716][ T7014] Buffer I/O error on dev nbd1, logical block 0, async page read
[  100.109018][ T7014] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  100.111608][ T7014] Buffer I/O error on dev nbd1, logical block 0, async page read
[  100.114287][ T7014] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  100.116901][ T7014] Buffer I/O error on dev nbd1, logical block 0, async page read
[  100.119129][ T7014] ldm_validate_partition_table(): Disk read failed.
[  100.121065][ T7014] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  100.124344][ T7014] Buffer I/O error on dev nbd1, logical block 0, async page read
[  100.126685][ T7014] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  100.129377][ T7014] Buffer I/O error on dev nbd1, logical block 0, async page read
[  100.131658][ T7014] Dev nbd1: unable to read RDB block 0
[  100.133918][ T7014]  nbd1: unable to read partition table
[  100.135680][ T7014] nbd1: partition table beyond EOD, truncated
[  100.138527][ T7014] ldm_validate_partition_table(): Disk read failed.
[  100.140637][ T7014] Dev nbd1: unable to read RDB block 0
[  100.142650][ T7014]  nbd1: unable to read partition table
[  100.144388][ T7014] nbd1: partition table beyond EOD, truncated
[  100.424404][ T7651] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  100.424404][ T7651]    program syz.1.392 not setting count and/or reply_len properly
[  100.437970][ T7651] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  101.095611][ T7653] netlink: 28 bytes leftover after parsing attributes in process `syz.1.394'.
[  101.106346][ T7653] 9pnet: p9_errstr2errno: server reported unknown error �è½FcÇgåKIeÎÿB$·
[  101.772356][ T5953] Bluetooth: hci2: command 0x0405 tx timeout
[  101.774803][ T5940] Bluetooth: hci3: command 0x0c1a tx timeout
[  102.193355][ T7670] raw_sendmsg: syz.4.400 forgot to set AF_INET. Fix it!
[  102.513327][ T7677] ISOFS: Unable to identify CD-ROM format.
[  102.682912][ T7682] netlink: 132 bytes leftover after parsing attributes in process `syz.4.404'.
[  102.979574][ T7688] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  102.979574][ T7688]    program syz.5.402 not setting count and/or reply_len properly
[  103.036401][ T7688] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  103.123235][ T7696] 9pnet_virtio: no channels available for device syz
[  103.852366][ T5953] Bluetooth: hci3: command 0x0c1a tx timeout
[  103.852377][ T5948] Bluetooth: hci2: command 0x0405 tx timeout
[  104.456060][ T7730] 9pnet_fd: Insufficient options for proto=fd
[  104.790315][ T7739] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  104.790315][ T7739]    program syz.4.419 not setting count and/or reply_len properly
[  104.839565][ T7739] infiniband s
z1: set active
[  104.860403][ T7739] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  104.882740][   T30] lo speed is unknown, defaulting to 1000
[  105.460301][ T7743] netlink: 20 bytes leftover after parsing attributes in process `syz.1.421'.
[  105.559796][ T7731] ISOFS: Unable to identify CD-ROM format.
[  105.596651][ T7726] ISOFS: Unable to identify CD-ROM format.
[  105.813038][ T7752] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  105.932531][ T5940] Bluetooth: hci2: command 0x0405 tx timeout
[  105.958057][ T7760] batadv_slave_0: entered allmulticast mode
[  107.010178][ T7781] lo speed is unknown, defaulting to 1000
[  107.045022][ T7784] lo speed is unknown, defaulting to 1000
[  107.072847][   T35] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  107.152718][ T7789] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  107.152718][ T7789]    program syz.1.432 not setting count and/or reply_len properly
[  107.184530][ T7789] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  107.255210][   T35] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  107.259047][   T35] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  107.272400][   T35] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  107.276638][   T35] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  107.281498][   T35] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  107.302303][   T35] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.313149][   T35] usb 9-1: config 0 descriptor??
[  107.316356][ T7776] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  107.525771][ T7791] FAULT_INJECTION: forcing a failure.
[  107.525771][ T7791] name failslab, interval 1, probability 0, space 0, times 0
[  107.530631][ T7791] CPU: 1 UID: 0 PID: 7791 Comm: syz.5.433 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[  107.534617][ T7791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  107.538611][ T7791] Call Trace:
[  107.539868][ T7791]  <TASK>
[  107.540997][ T7791]  dump_stack_lvl+0x16c/0x1f0
[  107.542801][ T7791]  should_fail_ex+0x497/0x5b0
[  107.544598][ T7791]  should_failslab+0xc2/0x120
[  107.546391][ T7791]  kmem_cache_alloc_noprof+0x6e/0x3b0
[  107.548393][ T7791]  ? skb_clone+0x190/0x3f0
[  107.550086][ T7791]  skb_clone+0x190/0x3f0
[  107.551704][ T7791]  netlink_deliver_tap+0xafd/0xca0
[  107.553846][ T7791]  netlink_unicast+0x6b4/0x7f0
[  107.555679][ T7791]  ? __pfx_netlink_unicast+0x10/0x10
[  107.557680][ T7791]  netlink_ack+0x6a5/0xb20
[  107.559367][ T7791]  netlink_rcv_skb+0x327/0x410
[  107.561170][ T7791]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  107.563192][ T7791]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  107.565176][ T7791]  ? __pfx_aa_get_newest_label+0x10/0x10
[  107.567240][ T7791]  ? bpf_lsm_capable+0x9/0x10
[  107.569009][ T7791]  ? security_capable+0x7e/0x260
[  107.570868][ T7791]  ? ns_capable+0xd7/0x110
[  107.572663][ T7791]  nfnetlink_rcv+0x1b4/0x430
[  107.574042][ T7791]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  107.575609][ T7791]  ? netlink_deliver_tap+0x1ae/0xca0
[  107.577169][ T7791]  netlink_unicast+0x53c/0x7f0
[  107.578520][ T7791]  ? __pfx_netlink_unicast+0x10/0x10
[  107.580087][ T7791]  ? __phys_addr_symbol+0x30/0x80
[  107.581591][ T7791]  ? __check_object_size+0x488/0x710
[  107.583159][ T7791]  netlink_sendmsg+0x8b8/0xd70
[  107.584641][ T7791]  ? __pfx_netlink_sendmsg+0x10/0x10
[  107.586781][ T7791]  ____sys_sendmsg+0x9ae/0xb40
[  107.588744][ T7791]  ? __pfx_____sys_sendmsg+0x10/0x10
[  107.590802][ T7791]  ? get_compat_msghdr+0x11b/0x170
[  107.592291][ T7791]  ___sys_sendmsg+0x135/0x1e0
[  107.593640][ T7791]  ? __pfx____sys_sendmsg+0x10/0x10
[  107.595089][ T7791]  ? __pfx_lock_release+0x10/0x10
[  107.596515][ T7791]  ? trace_lock_acquire+0x14e/0x1f0
[  107.598007][ T7791]  ? __fget_files+0x206/0x3a0
[  107.599374][ T7791]  __sys_sendmsg+0x16e/0x220
[  107.600715][ T7791]  ? __pfx___sys_sendmsg+0x10/0x10
[  107.602222][ T7791]  __do_fast_syscall_32+0x73/0x120
[  107.603688][ T7791]  do_fast_syscall_32+0x32/0x80
[  107.605125][ T7791]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  107.606919][ T7791] RIP: 0023:0xf70ce579
[  107.608091][ T7791] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  107.613563][ T7791] RSP: 002b:00000000f50c055c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  107.616049][ T7791] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  107.618305][ T7791] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  107.620544][ T7791] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  107.622783][ T7791] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  107.625039][ T7791] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  107.627281][ T7791]  </TASK>
[  107.732877][   T35] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  107.735122][   T35] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  107.737338][   T35] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  107.739444][   T35] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  107.741544][   T35] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  107.743735][   T35] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  107.745870][   T35] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  107.747994][   T35] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  107.750107][   T35] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  107.752217][   T35] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  107.754368][   T35] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  107.756457][   T35] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  107.758572][   T35] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  107.760676][   T35] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  107.762867][   T35] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  107.765197][   T35] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  107.772010][   T35] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  108.183466][ T7801] netlink: 80 bytes leftover after parsing attributes in process `syz.1.436'.
[  108.191489][ T7801] netlink: 'syz.1.436': attribute type 16 has an invalid length.
[  108.258506][ T7805] openvswitch: netlink: Port -1 exceeds max allowable 65535
[  108.353822][ T7809] netlink: 4 bytes leftover after parsing attributes in process `syz.1.438'.
[  108.356719][ T7809] netlink: 28 bytes leftover after parsing attributes in process `syz.1.438'.
[  108.444489][   T35] usb 9-1: USB disconnect, device number 4
[  109.106790][ T7813] netlink: 'syz.4.439': attribute type 1 has an invalid length.
[  109.118711][ T7813] 8021q: adding VLAN 0 to HW filter on device bond1
[  109.447517][ T7818] syzkaller1: entered promiscuous mode
[  109.449160][ T7818] syzkaller1: entered allmulticast mode
[  109.456040][ T7818] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  109.459262][ T7818] batman_adv: batadv0: Adding interface: gretap1
[  109.461086][ T7818] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.468413][ T7818] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  109.688212][ T5948] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  109.702329][ T5948] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  109.705918][ T5948] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  109.713120][ T5948] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  109.719203][ T5948] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  109.722849][ T5948] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  109.741523][ T7824] lo speed is unknown, defaulting to 1000
[  109.865062][ T7824] chnl_net:caif_netlink_parms(): no params data found
[  109.919397][ T7837] netlink: 'syz.4.445': attribute type 3 has an invalid length.
[  109.944116][ T7839] netlink: 'syz.4.445': attribute type 3 has an invalid length.
[  109.973721][ T7824] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.976415][ T7824] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.979478][ T7824] bridge_slave_0: entered allmulticast mode
[  109.982012][ T7824] bridge_slave_0: entered promiscuous mode
[  109.986239][ T7828] syzkaller1: entered allmulticast mode
[  109.988051][ T7824] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.990343][ T7824] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.992568][ T7824] bridge_slave_1: entered allmulticast mode
[  109.994711][ T7824] bridge_slave_1: entered promiscuous mode
[  110.034985][ T7824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  110.038828][ T7824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.041299][ T7841] netlink: 80 bytes leftover after parsing attributes in process `syz.4.446'.
[  110.049448][ T7841] netlink: 'syz.4.446': attribute type 16 has an invalid length.
[  110.087600][ T7824] team0: Port device team_slave_0 added
[  110.092090][ T7824] team0: Port device team_slave_1 added
[  110.113663][ T7824] batman_adv: batadv0: Adding interface: batadv_slave_0
[  110.115704][ T7824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.123461][ T7824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  110.127165][ T7824] batman_adv: batadv0: Adding interface: batadv_slave_1
[  110.128997][ T7824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.135955][ T7824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  110.158367][ T7824] hsr_slave_0: entered promiscuous mode
[  110.160414][ T7824] hsr_slave_1: entered promiscuous mode
[  110.165114][ T7824] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  110.167344][ T7824] Cannot create hsr debugfs directory
[  110.279647][ T7824] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  110.297136][ T7824] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  110.301932][ T7824] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  110.308110][ T7824] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  110.345300][ T7849] random: crng reseeded on system resumption
[  110.352552][ T7824] 8021q: adding VLAN 0 to HW filter on device bond0
[  110.359426][ T7824] 8021q: adding VLAN 0 to HW filter on device team0
[  110.364169][  T104] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.367046][  T104] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.387487][ T1134] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.389936][ T1134] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.394992][ T7849] lo speed is unknown, defaulting to 1000
[  110.431164][ T7850] ebtables: wrong size: *len 120, entries_size 48, replsz 48
[  110.446268][ T1073] bridge_slave_1: left allmulticast mode
[  110.447972][ T1073] bridge_slave_1: left promiscuous mode
[  110.449627][ T1073] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.461013][ T1073] bridge_slave_0: left allmulticast mode
[  110.464337][ T1073] bridge_slave_0: left promiscuous mode
[  110.466356][ T1073] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.643859][ T5982] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  110.783263][ T1073] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  110.787127][ T1073] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  110.791097][ T1073] bond0 (unregistering): Released all slaves
[  110.812471][ T5982] usb 9-1: Using ep0 maxpacket: 32
[  110.824201][ T5982] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  110.833045][ T5982] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  110.836609][ T5982] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  110.839816][ T5982] usb 9-1: Product: syz
[  110.841477][ T5982] usb 9-1: Manufacturer: syz
[  110.843522][ T5982] usb 9-1: SerialNumber: syz
[  110.847938][ T5982] usb 9-1: config 0 descriptor??
[  110.850216][ T7845] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  110.917829][ T7824] 8021q: adding VLAN 0 to HW filter on device batadv0
[  111.064690][ T7845] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  111.076334][ T7845] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  111.084651][ T7845] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  111.087200][ T7845] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  111.093573][ T7870] netlink: 8 bytes leftover after parsing attributes in process `syz.4.447'.
[  111.100103][ T7870] netlink: 12 bytes leftover after parsing attributes in process `syz.4.447'.
[  111.176070][ T7824] veth0_vlan: entered promiscuous mode
[  111.187016][ T7824] veth1_vlan: entered promiscuous mode
[  111.189379][ T7871] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  111.196510][ T7871] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  111.202135][ T6003] usb 9-1: USB disconnect, device number 5
[  111.207154][ T7824] veth0_macvtap: entered promiscuous mode
[  111.212489][ T7824] veth1_macvtap: entered promiscuous mode
[  111.218834][ T7824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  111.222141][ T7824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.227132][ T7824] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.231331][ T7824] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  111.236299][ T7824] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.239650][ T7824] batman_adv: batadv0: Interface activated: batadv_slave_1
[  111.248630][ T7824] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.251204][ T7824] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.254367][ T7824] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.257104][ T7824] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.305211][ T1073] hsr_slave_0: left promiscuous mode
[  111.307572][ T1073] hsr_slave_1: left promiscuous mode
[  111.311143][ T1073] batman_adv: batadv0: Removing interface: batadv_slave_0
[  111.314528][ T1073] batman_adv: batadv0: Removing interface: batadv_slave_1
[  111.353384][ T7872] random: crng reseeded on system resumption
[  111.411044][ T7873] ebtables: wrong size: *len 120, entries_size 48, replsz 48
[  111.782381][ T5948] Bluetooth: hci4: command tx timeout
[  111.896051][ T7883] Bluetooth: MGMT ver 1.23
[  111.957358][ T1073] team0 (unregistering): Port device team_slave_1 removed
[  112.054544][ T1073] team0 (unregistering): Port device team_slave_0 removed
[  112.294350][ T6003] kernel write not supported for file bpf-map (pid: 6003 comm: kworker/0:4)
[  112.591481][ T7872] lo speed is unknown, defaulting to 1000
[  112.614828][ T7892] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.618721][ T7892] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.619110][ T7892] bridge0: entered allmulticast mode
[  112.625751][ T7893] bridge_slave_1: left allmulticast mode
[  112.625785][ T7893] bridge_slave_1: left promiscuous mode
[  112.625993][ T7893] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.639026][ T7893] bridge_slave_0: left allmulticast mode
[  112.643866][ T7893] bridge_slave_0: left promiscuous mode
[  112.645600][ T7893] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.711950][  T104] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.716384][  T104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.870086][ T7905] netlink: 12 bytes leftover after parsing attributes in process `syz.4.460'.
[  112.942419][ T6003] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  112.946539][ T7909] 9pnet_fd: p9_fd_create_unix (7909): address too long: ./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  113.092406][ T6003] usb 10-1: Using ep0 maxpacket: 8
[  113.139906][ T6003] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  113.148858][ T6003] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  113.152568][ T6003] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  113.155608][ T6003] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  113.159511][ T6003] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  113.162339][ T6003] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.374433][ T6003] usb 10-1: GET_CAPABILITIES returned 0
[  113.379350][ T6003] usbtmc 10-1:16.0: can't read capabilities
[  113.604826][ T5983] usb 10-1: USB disconnect, device number 8
[  113.609202][ T7918] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  113.609202][ T7918]    program syz.1.464 not setting count and/or reply_len properly
[  113.676920][ T7918] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  113.932893][ T5948] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  113.942513][ T5948] Bluetooth: hci0: command 0x0c1a tx timeout
[  114.073742][ T7926] netlink: 24 bytes leftover after parsing attributes in process `syz.1.467'.
[  114.093121][ T7926] trusted_key: encrypted_key: master key parameter 'der:syz' is invalid
[  114.528112][   T63] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.627413][ T5940] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  114.631541][ T5940] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  114.634993][ T5940] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  114.637564][ T5940] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  114.639933][ T5940] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  114.643736][ T5940] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  114.661282][ T7946] lo speed is unknown, defaulting to 1000
[  114.744636][ T7946] chnl_net:caif_netlink_parms(): no params data found
[  114.779483][ T7946] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.781595][ T7946] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.784426][ T7946] bridge_slave_0: entered allmulticast mode
[  114.786696][ T7946] bridge_slave_0: entered promiscuous mode
[  114.789838][ T7946] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.791944][ T7946] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.794712][ T7946] bridge_slave_1: entered allmulticast mode
[  114.796844][ T7946] bridge_slave_1: entered promiscuous mode
[  114.866913][ T7946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  114.872017][ T7946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  114.902428][ T7946] team0: Port device team_slave_0 added
[  114.906071][ T7946] team0: Port device team_slave_1 added
[  114.927093][ T7946] batman_adv: batadv0: Adding interface: batadv_slave_0
[  114.929244][ T7946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  114.936845][ T7946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  114.942359][ T7946] batman_adv: batadv0: Adding interface: batadv_slave_1
[  114.944481][ T7946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  114.951952][ T7946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  114.996781][ T7946] hsr_slave_0: entered promiscuous mode
[  114.999743][ T7946] hsr_slave_1: entered promiscuous mode
[  115.003779][ T7946] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  115.007530][ T7946] Cannot create hsr debugfs directory
[  115.173440][   T63] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.246825][ T7968] netlink: 'syz.4.475': attribute type 4 has an invalid length.
[  115.254901][ T7968] infiniband s
z1: set down
[  115.257781][ T5982] lo speed is unknown, defaulting to 1000
[  115.260311][ T5982] lo speed is unknown, defaulting to 1000
[  115.276893][   T63] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.346558][   T63] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.366000][ T7971] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  115.366000][ T7971]    program syz.5.474 not setting count and/or reply_len properly
[  115.376590][ T7972] overlayfs: overlapping lowerdir path
[  115.388385][ T7972] overlayfs: overlapping lowerdir path
[  115.390077][ T7971] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  115.538961][   T63] bridge_slave_1: left allmulticast mode
[  115.542299][   T63] bridge_slave_1: left promiscuous mode
[  115.544483][   T63] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.553713][   T63] bridge_slave_0: left allmulticast mode
[  115.555259][   T63] bridge_slave_0: left promiscuous mode
[  115.557026][   T63] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.820699][ T5323] libceph: connect (1)[c::]:6789 error -101
[  115.823550][ T5323] libceph: mon0 (1)[c::]:6789 connect error
[  115.911264][   T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  115.926452][   T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  115.934090][   T63] bond0 (unregistering): Released all slaves
[  116.102603][ T5323] libceph: connect (1)[c::]:6789 error -101
[  116.104513][ T5323] libceph: mon0 (1)[c::]:6789 connect error
[  116.129735][ T7985] netlink: 'syz.5.478': attribute type 1 has an invalid length.
[  116.167905][ T7991] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  116.170820][ T7991] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  116.324244][   T63] hsr_slave_0: left promiscuous mode
[  116.326964][   T63] hsr_slave_1: left promiscuous mode
[  116.329627][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  116.333628][   T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[  116.336978][   T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  116.339854][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[  116.377221][ T7991] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  116.377751][ T7980] ceph: No mds server is up or the cluster is laggy
[  116.380469][ T7991] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  116.412462][ T5983] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  116.445398][   T63] veth1_macvtap: left promiscuous mode
[  116.447712][   T63] veth0_macvtap: left promiscuous mode
[  116.450106][   T63] veth1_vlan: left promiscuous mode
[  116.456029][   T63] veth0_vlan: left promiscuous mode
[  116.612593][ T5983] usb 10-1: Using ep0 maxpacket: 8
[  116.624632][ T5983] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  116.628052][ T5983] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 2
[  116.633319][ T5983] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  116.638141][ T5983] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  116.650914][ T5983] usb 10-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  116.655632][ T5940] Bluetooth: hci1: command tx timeout
[  116.658949][ T5983] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.715437][ T5983] hub 10-1:1.0: bad descriptor, ignoring hub
[  116.717815][ T5983] hub 10-1:1.0: probe with driver hub failed with error -5
[  116.720829][ T5983] cdc_wdm 10-1:1.0: skipping garbage
[  116.722436][ T5983] cdc_wdm 10-1:1.0: skipping garbage
[  116.725385][ T5983] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device
[  116.727535][ T5983] cdc_wdm 10-1:1.0: Unknown control protocol
[  117.101869][ T8006] random: crng reseeded on system resumption
[  117.163510][ T8007] ebtables: wrong size: *len 120, entries_size 48, replsz 48
[  117.173884][   T63] team0 (unregistering): Port device team_slave_1 removed
[  117.241976][   T63] team0 (unregistering): Port device team_slave_0 removed
[  117.532545][    T8] usb 10-1: USB disconnect, device number 9
[  117.625559][ T8012] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  117.630202][ T8012] overlayfs: missing 'lowerdir'
[  117.823128][ T8006] lo speed is unknown, defaulting to 1000
[  117.849691][ T7946] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  117.865778][ T7946] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  117.874017][ T7946] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  117.878706][ T7946] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  117.908940][ T7946] 8021q: adding VLAN 0 to HW filter on device bond0
[  117.917295][ T7946] 8021q: adding VLAN 0 to HW filter on device team0
[  117.923740][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  117.926454][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  117.934474][ T1073] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.936469][ T1073] bridge0: port 2(bridge_slave_1) entered forwarding state
[  118.107283][ T7946] 8021q: adding VLAN 0 to HW filter on device batadv0
[  118.246494][ T7946] veth0_vlan: entered promiscuous mode
[  118.250734][ T7946] veth1_vlan: entered promiscuous mode
[  118.264402][ T7946] veth0_macvtap: entered promiscuous mode
[  118.267457][ T7946] veth1_macvtap: entered promiscuous mode
[  118.275625][ T7946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  118.278859][ T7946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.282992][ T7946] batman_adv: batadv0: Interface activated: batadv_slave_0
[  118.287553][ T7946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  118.290554][ T7946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  118.294138][ T7946] batman_adv: batadv0: Interface activated: batadv_slave_1
[  118.298147][ T7946] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  118.300664][ T7946] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  118.303309][ T7946] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  118.305714][ T7946] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  118.337422][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.339699][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.350656][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  118.353502][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  118.422315][ T5982] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  118.592314][ T5982] usb 6-1: Using ep0 maxpacket: 8
[  118.595875][ T5982] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  118.598840][ T5982] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  118.601836][ T5982] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.605389][ T5982] usb 6-1: config 0 descriptor??
[  118.608115][ T5982] iowarrior 6-1:0.0: no interrupt-in endpoint found
[  118.719691][ T8046] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  118.719691][ T8046]    program syz.6.443 not setting count and/or reply_len properly
[  118.742489][ T5940] Bluetooth: hci1: command tx timeout
[  118.854659][ T8043] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  118.856809][ T8048] overlay: Unknown parameter 'defcontext'
[  118.864071][ T8048] loop6: detected capacity change from 0 to 524287999
[  118.868042][ T8048] blk_print_req_error: 25 callbacks suppressed
[  118.868051][ T8048] I/O error, dev loop6, sector 120 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  118.873273][ T8048] I/O error, dev loop6, sector 120 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  118.876108][ T8048] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 15 prio class 0
[  118.878921][ T8048] buffer_io_error: 25 callbacks suppressed
[  118.878929][ T8048] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  118.883139][ T8048] Buffer I/O error on dev loop6, logical block 1, lost async page write
[  118.885543][ T8048] Buffer I/O error on dev loop6, logical block 2, lost async page write
[  118.888168][ T8048] Buffer I/O error on dev loop6, logical block 3, lost async page write
[  118.890603][ T8048] Buffer I/O error on dev loop6, logical block 4, lost async page write
[  118.893453][ T8048] Buffer I/O error on dev loop6, logical block 5, lost async page write
[  118.895837][ T8048] Buffer I/O error on dev loop6, logical block 6, lost async page write
[  118.898325][ T8048] Buffer I/O error on dev loop6, logical block 7, lost async page write
[  118.900742][ T8048] Buffer I/O error on dev loop6, logical block 8, lost async page write
[  118.903171][ T8048] Buffer I/O error on dev loop6, logical block 9, lost async page write
[  119.702511][    T8] usb 11-1: new high-speed USB device number 2 using dummy_hcd
[  119.862448][    T8] usb 11-1: Using ep0 maxpacket: 8
[  119.866203][    T8] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  119.869911][    T8] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  119.874036][    T8] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  119.877808][    T8] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  119.882857][    T8] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  119.886426][    T8] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.098714][    T8] usb 11-1: GET_CAPABILITIES returned 0
[  120.100442][    T8] usbtmc 11-1:16.0: can't read capabilities
[  120.307816][ T5983] usb 11-1: USB disconnect, device number 2
[  120.361521][ T8082] input: syz1 as /devices/virtual/input/input9
[  120.656825][ T5940] Bluetooth: hci3: command 0x0c1a tx timeout
[  120.812413][ T5940] Bluetooth: hci1: command tx timeout
[  121.365937][ T8106] nbd: device at index 5 is going down
[  121.433690][   T30] usb 6-1: USB disconnect, device number 3
[  121.583015][ T8117] /dev/nullb0: Can't open blockdev
[  121.690640][ T8119] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  121.697978][ T8119] CIFS mount error: No usable UNC path provided in device string!
[  121.697978][ T8119] 
[  121.700874][ T8119] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  121.782415][   T30] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  121.933750][   T30] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  121.937133][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  121.940399][   T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  121.944151][   T30] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  121.947972][   T30] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  121.950608][   T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.953290][ T8127] xt_CT: No such helper "snmp_trap"
[  121.956079][   T30] usb 6-1: config 0 descriptor??
[  121.958533][ T8115] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  122.210741][ T8135] random: crng reseeded on system resumption
[  122.230026][ T8135] lo speed is unknown, defaulting to 1000
[  122.269303][ T8138] ebtables: wrong size: *len 120, entries_size 48, replsz 48
[  122.371517][   T30] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  122.373953][   T30] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  122.376727][   T30] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  122.378941][   T30] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  122.381780][   T30] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  122.385068][   T30] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  122.387483][   T30] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  122.389584][   T30] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  122.391661][   T30] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  122.393878][   T30] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  122.395985][   T30] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  122.398022][   T30] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  122.400761][   T30] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  122.403060][   T30] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  122.405251][   T30] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  122.407655][   T30] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[  122.411450][   T30] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  122.798242][ T8153] s
z1: rxe_newlink: already configured on lo
[  122.801116][ T8153] »»»»»»: renamed from lo
[  122.917173][ T8156] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  122.943253][ T5940] Bluetooth: hci1: command tx timeout
[  122.959837][ T5983] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  122.963543][ T5983] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  122.984596][ T8158] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  122.987903][   T12] wlan1: authenticated
[  122.991561][ T1232] wlan1: RX AssocResp from 08:02:11:00:00:00 (capab=0x1 status=0 aid=1)
[  122.996876][ T8158] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  122.998208][ T1232] wlan1: associated
[  123.008209][ T8158] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  123.243888][ T5983] usb 6-1: USB disconnect, device number 4
[  123.484279][ T8168] netlink: 'syz.4.524': attribute type 2 has an invalid length.
[  123.492915][ T8168] serio: Serial port ptm1
[  123.742000][ T8183] netlink: 256 bytes leftover after parsing attributes in process `syz.4.529'.
[  123.781996][   T39] audit: type=1326 audit(1737015413.729:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8184 comm="syz.4.530" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fdf579 code=0x0
[  124.072708][ T8200] netlink: 60 bytes leftover after parsing attributes in process `syz.5.533'.
[  124.077109][ T8200] netlink: 60 bytes leftover after parsing attributes in process `syz.5.533'.
[  124.323056][ T8209] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[  124.660751][ T8220] tracefs: Unknown parameter 'grpquota)õcöÔñWYVQ/	<fa¢e¬hðrèk<U
[  124.660751][ T8220] Ö*$n+†nö¹jízq¨i喢ݳۼýBÅ?ÊÚ춖†¶@ƒŸXu¼'
[  126.226220][ T8274] /dev/nullb0: Can't open blockdev
[  126.240314][   T39] audit: type=1800 audit(1737015416.189:38): pid=8278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.556" name="file0" dev="9p" ino=40239524 res=0 errno=0
[  126.311066][ T8281] »»»»»» speed is unknown, defaulting to 1000
[  126.347520][ T5940] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  126.628369][ T8294] Cannot find add_set index 0 as target
[  126.630716][ T8299] netlink: 1280 bytes leftover after parsing attributes in process `syz.1.563'.
[  126.633882][ T8299] openvswitch: netlink: Flow actions attr not present in new flow.
[  126.637985][ T8296] netlink: 20 bytes leftover after parsing attributes in process `syz.5.562'.
[  127.702105][ T8322] input: syz1 as /devices/virtual/input/input11
[  128.235460][ T8348] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  128.301384][ T8349] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  128.313560][ T8349] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  128.327687][ T8349] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  128.362547][    T8] usb 11-1: new high-speed USB device number 3 using dummy_hcd
[  128.522290][    T8] usb 11-1: Using ep0 maxpacket: 8
[  128.525068][    T8] usb 11-1: config 0 has an invalid interface number: 55 but max is 0
[  128.527570][    T8] usb 11-1: config 0 has no interface number 0
[  128.529462][    T8] usb 11-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  128.532740][    T8] usb 11-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  128.536101][    T8] usb 11-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  128.539333][    T8] usb 11-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  128.543221][    T8] usb 11-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  128.545898][    T8] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.549275][    T8] usb 11-1: config 0 descriptor??
[  128.554625][    T8] ldusb 11-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  128.790544][   T39] audit: type=1326 audit(1737015418.739:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8351 comm="syz.4.575" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  128.803477][   T39] audit: type=1326 audit(1737015418.739:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8351 comm="syz.4.575" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  128.821799][   T39] audit: type=1326 audit(1737015418.739:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8351 comm="syz.4.575" exe="/syz-executor" sig=0 arch=40000003 syscall=229 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  128.829008][   T39] audit: type=1326 audit(1737015418.739:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8351 comm="syz.4.575" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  128.836391][   T39] audit: type=1326 audit(1737015418.739:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8351 comm="syz.4.575" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  128.856256][ T8356] IPVS: Unknown mcast interface: lo
[  129.599591][ T8369] openvswitch: netlink: Port -1 exceeds max allowable 65535
[  129.653054][ T8371] netlink: 20 bytes leftover after parsing attributes in process `syz.1.580'.
[  129.802351][    T8] usb 10-1: new full-speed USB device number 10 using dummy_hcd
[  129.977619][    T8] usb 10-1: config index 0 descriptor too short (expected 31, got 27)
[  129.980984][    T8] usb 10-1: config 1 interface 0 altsetting 253 endpoint 0x1 has invalid wMaxPacketSize 0
[  129.984736][    T8] usb 10-1: config 1 interface 0 has no altsetting 0
[  130.058658][    T8] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= b.72
[  130.061296][    T8] usb 10-1: New USB device strings: Mfr=28, Product=37, SerialNumber=3
[  130.065704][    T8] usb 10-1: Product: syz
[  130.068165][    T8] usb 10-1: Manufacturer: syz
[  130.071299][    T8] usb 10-1: SerialNumber: syz
[  130.173829][ T8378] input: syz1 as /devices/virtual/input/input12
[  130.896468][    T8] usblp 10-1:1.0: usblp1: USB Unidirectional printer dev 10 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  130.901416][    T8] usb 10-1: USB disconnect, device number 10
[  130.905812][ T5998] usb 11-1: USB disconnect, device number 3
[  130.907559][    C0] ldusb 11-1:0.55: usb_submit_urb failed (-19)
[  130.909983][    T8] usblp1: removed
[  130.913982][ T5998] ldusb 11-1:0.55: LD USB Device #0 now disconnected
[  130.932813][   T35] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  131.092372][   T35] usb 6-1: Using ep0 maxpacket: 8
[  131.095933][   T35] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  131.099464][   T35] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  131.103067][   T35] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  131.106739][   T35] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  131.111482][   T35] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  131.114851][   T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.321940][   T35] usb 6-1: usb_control_msg returned -32
[  131.323687][   T35] usbtmc 6-1:16.0: can't read capabilities
[  131.612699][ T5940] Bluetooth: hci0: command 0x0c1a tx timeout
[  131.678006][ T8405] netlink: 132 bytes leftover after parsing attributes in process `syz.1.587'.
[  131.683626][ T8405] netlink: 72 bytes leftover after parsing attributes in process `syz.1.587'.
[  131.690573][ T8407] netlink: 72 bytes leftover after parsing attributes in process `syz.4.592'.
[  132.263994][ T1412] ieee802154 phy0 wpan0: encryption failed: -22
[  132.265956][ T1412] ieee802154 phy1 wpan1: encryption failed: -22
[  133.219600][ T8432] netlink: 52 bytes leftover after parsing attributes in process `syz.4.605'.
[  133.712528][ T5323] usb 6-1: USB disconnect, device number 5
[  134.310827][ T8450] syz.6.600: attempt to access beyond end of device
[  134.310827][ T8450] nbd6: rw=0, sector=0, nr_sectors = 1 limit=0
[  134.314766][ T8450] FAT-fs (nbd6): unable to read boot sector
[  135.083279][ T8489] Illegal XDP return value 4294967282 on prog  (id 105) dev N/A, expect packet loss!
[  135.091238][ T8488] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  135.097867][ T8488] overlayfs: missing 'lowerdir'
[  135.571140][ T8508] 9pnet_fd: Insufficient options for proto=fd
[  136.194308][ T8528] IPVS: length: 46 != 8
[  136.273676][ T8531] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  136.595729][ T8546] 9pnet_fd: Insufficient options for proto=fd
[  136.754489][ T8554] pim6reg1: entered promiscuous mode
[  137.090802][ T8572] random: crng reseeded on system resumption
[  137.130929][ T8572] »»»»»» speed is unknown, defaulting to 1000
[  137.180946][ T8575] ebtables: wrong size: *len 120, entries_size 48, replsz 48
[  137.607572][ T8591] netlink: 36 bytes leftover after parsing attributes in process `syz.5.643'.
[  137.611011][ T8591] netlink: 112 bytes leftover after parsing attributes in process `syz.5.643'.
[  137.613902][ T8592] netlink: 112 bytes leftover after parsing attributes in process `syz.5.643'.
[  137.798006][ T8608] netlink: 1264 bytes leftover after parsing attributes in process `syz.5.648'.
[  137.826624][ T8615] fuse: Unknown parameter ''
[  137.879978][ T8618] No control pipe specified
[  137.931563][ T8620] overlayfs: failed to clone upperpath
[  138.206298][ T8630] bridge0: entered allmulticast mode
[  138.339096][ T8634] netlink: 'syz.4.654': attribute type 21 has an invalid length.
[  138.415659][ T8640] overlayfs: failed to resolve './file1': -2
[  138.676250][ T8643] netlink: 24 bytes leftover after parsing attributes in process `syz.1.658'.
[  139.068077][ T8668] bond0: entered promiscuous mode
[  139.079638][ T8668] bond_slave_0: entered promiscuous mode
[  139.087726][ T8668] bond_slave_1: entered promiscuous mode
[  139.166619][ T8676] netlink: 36 bytes leftover after parsing attributes in process `syz.4.668'.
[  139.292565][ T5948] Bluetooth: hci1: command 0x0405 tx timeout
[  139.884390][ T8694] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3738224872 (478492783616 ns) > initial count (91121186304 ns). Using initial count to start timer.
[  140.415605][ T5940] Bluetooth: hci0: unexpected event for opcode 0x0c0d
[  140.418452][ T8715] xt_policy: neither incoming nor outgoing policy selected
[  140.455773][ T8717] netlink: 8 bytes leftover after parsing attributes in process `syz.1.680'.
[  140.634265][ T8726] »»»»»» speed is unknown, defaulting to 1000
[  140.736087][ T8726] netlink: 40 bytes leftover after parsing attributes in process `syz.6.683'.
[  140.891373][ T8732] misc userio: Invalid payload size
[  140.897124][ T8732] misc userio: No port type given on /dev/userio
[  140.952624][ T8735] hugetlbfs: Unknown parameter '00000´Û0000000'
[  141.101071][ T8737] syz.5.686 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  141.184239][ T8754] 9pnet_fd: Insufficient options for proto=fd
[  141.211424][ T8759] 9pnet_virtio: no channels available for device syz
[  141.216902][ T8759] netlink: 72 bytes leftover after parsing attributes in process `syz.4.691'.
[  141.544928][ T8778] »»»»»» speed is unknown, defaulting to 1000
[  142.043427][ T8793] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  142.086335][ T8793] gretap1: entered allmulticast mode
[  142.088412][ T8793] bridge0: port 1(gretap1) entered blocking state
[  142.090290][ T8793] bridge0: port 1(gretap1) entered disabled state
[  142.092747][ T8793] gretap1: entered promiscuous mode
[  142.198158][ T8805] Process accounting resumed
[  142.639846][ T8816] netlink: 'syz.4.712': attribute type 10 has an invalid length.
[  142.642584][ T8816] netlink: 4 bytes leftover after parsing attributes in process `syz.4.712'.
[  143.029553][ T8829] program syz.5.718 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  143.029576][ T8831] program syz.5.718 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  143.553694][ T8834] xt_CT: You must specify a L4 protocol and not use inversions on it
[  143.628346][ T8840] netlink: 4 bytes leftover after parsing attributes in process `syz.4.721'.
[  143.648709][ T8840] IPv6: sit1: Disabled Multicast RS
[  143.664998][ T8844] kAFS: unable to lookup cell ''
[  143.720892][ T8852] netlink: 12 bytes leftover after parsing attributes in process `syz.4.725'.
[  143.723663][ T8852] netlink: 72 bytes leftover after parsing attributes in process `syz.4.725'.
[  144.011787][ T8875] xt_addrtype: ipv6 does not support BROADCAST matching
[  144.680610][ T8881] netlink: 'syz.1.735': attribute type 1 has an invalid length.
[  144.827123][ T8890] »»»»»» speed is unknown, defaulting to 1000
[  144.869868][ T8896] netlink: 'syz.6.741': attribute type 5 has an invalid length.
[  145.018848][ T8905] netlink: 8 bytes leftover after parsing attributes in process `syz.1.743'.
[  145.207840][ T8912] »»»»»» speed is unknown, defaulting to 1000
[  145.801235][ T8933] pim6reg1: entered promiscuous mode
[  145.803422][ T8933] pim6reg1: entered allmulticast mode
[  146.366519][ T8964] netlink: 72 bytes leftover after parsing attributes in process `syz.1.763'.
[  146.867489][ T8983] binder: 8981:8983 unknown command 52881
[  146.869271][ T8983] binder: 8981:8983 ioctl c0306201 20000180 returned -22
[  146.977223][   T39] audit: type=1326 audit(1737015436.929:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8984 comm="syz.6.771" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fb6579 code=0x0
[  147.237699][ T8999] netlink: 36 bytes leftover after parsing attributes in process `syz.4.773'.
[  147.253107][ T8999] netlink: 'syz.4.773': attribute type 4 has an invalid length.
[  147.255353][ T8999] netlink: 17 bytes leftover after parsing attributes in process `syz.4.773'.
[  147.263499][ T8999] netlink: 12 bytes leftover after parsing attributes in process `syz.4.773'.
[  147.422947][ T9003] »»»»»» speed is unknown, defaulting to 1000
[  148.314253][ T9049] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  148.329469][ T9045] netlink: 4 bytes leftover after parsing attributes in process `syz.6.786'.
[  148.492892][ T9064] netlink: 'syz.4.791': attribute type 2 has an invalid length.
[  148.495747][ T9064] netlink: 'syz.4.791': attribute type 1 has an invalid length.
[  148.498621][ T9064] netlink: 112860 bytes leftover after parsing attributes in process `syz.4.791'.
[  148.501980][ T9064] nbd: couldn't find device at index 1568768
[  149.151042][ T9100] loop7: detected capacity change from 0 to 16384
[  150.328881][ T9124] netlink: 16 bytes leftover after parsing attributes in process `syz.5.804'.
[  150.887396][ T9146] bond_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[  151.041622][ T9153] overlayfs: failed to resolve './file0': -2
[  151.115084][ T9163] netlink: 44 bytes leftover after parsing attributes in process `syz.5.816'.
[  151.117678][ T9163] netlink: 43 bytes leftover after parsing attributes in process `syz.5.816'.
[  151.120221][ T9163] netlink: 'syz.5.816': attribute type 6 has an invalid length.
[  151.126328][ T9163] netlink: 'syz.5.816': attribute type 5 has an invalid length.
[  151.128728][ T9163] netlink: 43 bytes leftover after parsing attributes in process `syz.5.816'.
[  151.198695][ T9171] netlink: 12 bytes leftover after parsing attributes in process `syz.5.818'.
[  151.206963][ T9171] bond3: entered promiscuous mode
[  151.421167][   T39] audit: type=1804 audit(1737015441.369:45): pid=9177 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.820" name="/newroot/74/bus/bus" dev="overlay" ino=424 res=1 errno=0
[  151.448897][ T9177] pim6reg: entered allmulticast mode
[  151.451757][ T9177] pim6reg: left allmulticast mode
[  151.482406][   T30] usb 10-1: new low-speed USB device number 11 using dummy_hcd
[  151.654366][   T30] usb 10-1: config 168 descriptor has 1 excess byte, ignoring
[  151.657100][   T30] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[  151.660344][   T30] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  151.663273][   T30] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  151.666953][   T30] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  151.670644][   T30] usb 10-1: config 168 descriptor has 1 excess byte, ignoring
[  151.673160][   T30] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[  151.675945][   T30] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  151.678689][   T30] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  151.681874][   T30] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  151.685471][   T30] usb 10-1: config 168 descriptor has 1 excess byte, ignoring
[  151.687595][   T30] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[  151.690464][   T30] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  151.693276][   T30] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  151.696395][   T30] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  151.701323][   T30] usb 10-1: string descriptor 0 read error: -22
[  151.703219][   T30] usb 10-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  151.706002][   T30] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.711384][   T30] adutux 10-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  152.389450][ T9198] netlink: 224 bytes leftover after parsing attributes in process `syz.6.824'.
[  152.394213][ T9201] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode active-backup(1)
[  152.512713][ T9208] 9pnet_fd: Insufficient options for proto=fd
[  152.515046][ T9208] netlink: 'syz.6.828': attribute type 1 has an invalid length.
[  152.521946][ T9208] 8021q: adding VLAN 0 to HW filter on device bond1
[  152.531324][ T9208] 8021q: adding VLAN 0 to HW filter on device bond1
[  152.533580][ T9208] bond1: (slave vcan1): The slave device specified does not support setting the MAC address
[  152.536884][ T9208] bond1: (slave vcan1): Error -95 calling set_mac_address
[  152.572366][ T5940] Bluetooth: hci3: command 0x0c1a tx timeout
[  152.662418][   T35] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  152.792386][   T35] usb 6-1: device descriptor read/64, error -71
[  152.959295][ T9221] »»»»»» speed is unknown, defaulting to 1000
[  152.995477][ T9220] »»»»»» speed is unknown, defaulting to 1000
[  153.042405][   T35] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  153.172390][   T35] usb 6-1: device descriptor read/64, error -71
[  153.284928][   T35] usb usb6-port1: attempt power cycle
[  153.642382][   T35] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  153.672761][   T35] usb 6-1: device descriptor read/8, error -71
[  153.706092][ T9232] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  153.709395][ T9232] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  153.746359][ T9234] netlink: 'syz.6.834': attribute type 25 has an invalid length.
[  153.748648][ T9234] netlink: 'syz.6.834': attribute type 44 has an invalid length.
[  153.922319][   T35] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  153.942968][   T35] usb 6-1: device descriptor read/8, error -71
[  154.065512][   T35] usb usb6-port1: unable to enumerate USB device
[  154.272490][   T30] usb 10-1: USB disconnect, device number 11
[  154.652405][ T5940] Bluetooth: hci3: command 0x0c1a tx timeout
[  154.789796][ T9247] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(9)
[  154.791805][ T9247] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  154.797510][ T9247] vhci_hcd vhci_hcd.0: Device attached
[  155.019624][ T9252] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  155.082571][ T5998] vhci_hcd: vhci_device speed not set
[  155.144835][ T5998] usb 47-1: new full-speed USB device number 2 using vhci_hcd
[  155.475105][ T9249] vhci_hcd: connection reset by peer
[  155.480303][   T45] vhci_hcd: stop threads
[  155.481624][   T45] vhci_hcd: release socket
[  155.486391][   T45] vhci_hcd: disconnect device
[  155.584140][ T9269] netlink: 16 bytes leftover after parsing attributes in process `syz.1.845'.
[  156.818402][ T9285] kvm: user requested TSC rate below hardware speed
[  156.845227][ T9293] »»»»»» speed is unknown, defaulting to 1000
[  157.064180][ T9321] fuse: Unknown parameter 'groupyh¤&©Sv‹0¼ï.±00000000000000000024'
[  157.315573][ T9330] »»»»»» speed is unknown, defaulting to 1000
[  157.440133][ T9334] »»»»»» speed is unknown, defaulting to 1000
[  158.052513][ T9353] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.055875][ T9353] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.063769][ T9353] bond0: left promiscuous mode
[  158.065198][ T9353] bond_slave_0: left promiscuous mode
[  158.066796][ T9353] bond_slave_1: left promiscuous mode
[  158.222895][ T9353] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.225500][ T9353] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.228053][ T9353] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.230573][ T9353] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.248450][ T9353] bond3: left promiscuous mode
[  158.498517][ T9370] random: crng reseeded on system resumption
[  158.925977][   T39] audit: type=1326 audit(1737015448.879:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9394 comm="syz.4.874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  158.933014][   T39] audit: type=1326 audit(1737015448.879:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9394 comm="syz.4.874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  158.935728][ T9397] netlink: 8 bytes leftover after parsing attributes in process `syz.4.874'.
[  158.942089][ T9396] netlink: 8 bytes leftover after parsing attributes in process `syz.4.874'.
[  158.947184][   T39] audit: type=1326 audit(1737015448.889:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9394 comm="syz.4.874" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  158.953448][   T39] audit: type=1326 audit(1737015448.889:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9394 comm="syz.4.874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  158.959532][   T39] audit: type=1326 audit(1737015448.889:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9394 comm="syz.4.874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  158.965826][   T39] audit: type=1326 audit(1737015448.889:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9394 comm="syz.4.874" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  158.971709][   T39] audit: type=1326 audit(1737015448.889:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9394 comm="syz.4.874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  158.978044][   T39] audit: type=1326 audit(1737015448.889:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9394 comm="syz.4.874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  158.984055][   T39] audit: type=1326 audit(1737015448.889:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9394 comm="syz.4.874" exe="/syz-executor" sig=0 arch=40000003 syscall=364 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  158.992015][   T39] audit: type=1326 audit(1737015448.889:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9394 comm="syz.4.874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  159.079221][ T9401] netlink: 'syz.4.876': attribute type 10 has an invalid length.
[  159.086735][ T9401] syz_tun: entered promiscuous mode
[  159.095129][ T9401] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  159.253243][ T9406] netlink: 24 bytes leftover after parsing attributes in process `syz.4.878'.
[  159.313187][ T9410] sctp: [Deprecated]: syz.4.879 (pid 9410) Use of struct sctp_assoc_value in delayed_ack socket option.
[  159.313187][ T9410] Use struct sctp_sack_info instead
[  159.436405][ T9416] Cannot find add_set index 1 as target
[  159.795247][ T9439] syz.4.884[9439] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  159.795301][ T9439] syz.4.884[9439] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  159.798713][ T9439] syz.4.884[9439] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  159.859261][ T9441] netlink: 8 bytes leftover after parsing attributes in process `syz.1.887'.
[  159.865370][ T9441] openvswitch: netlink: Flow actions attr not present in new flow.
[  159.955442][ T9448] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  160.242455][ T5998] vhci_hcd: vhci_device speed not set
[  160.342378][ T5983] usb 6-1: new full-speed USB device number 10 using dummy_hcd
[  160.497852][ T5983] usb 6-1: config index 0 descriptor too short (expected 31, got 27)
[  160.500696][ T5983] usb 6-1: config 1 interface 0 altsetting 253 endpoint 0x1 has invalid wMaxPacketSize 0
[  160.504215][ T5983] usb 6-1: config 1 interface 0 has no altsetting 0
[  160.507919][ T5983] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= b.72
[  160.510816][ T5983] usb 6-1: New USB device strings: Mfr=28, Product=37, SerialNumber=3
[  160.513233][ T5983] usb 6-1: Product: syz
[  160.514458][ T5983] usb 6-1: Manufacturer: syz
[  160.515815][ T5983] usb 6-1: SerialNumber: syz
[  160.531385][ T9487] netlink: 'syz.5.898': attribute type 27 has an invalid length.
[  160.555490][ T9478] 8021q: adding VLAN 0 to HW filter on device bond0
[  160.557987][ T9478] 8021q: adding VLAN 0 to HW filter on device team0
[  160.561324][ T9478] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  160.572386][ T5948] Bluetooth: hci4: command 0x1003 tx timeout
[  160.572592][ T5940] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  160.870120][ T9497] overlayfs: missing 'lowerdir'
[  160.877942][ T9501] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  160.880117][ T9501] UDF-fs: Scanning with blocksize 2048 failed
[  160.882949][ T9501] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  160.885049][ T9501] UDF-fs: Scanning with blocksize 4096 failed
[  160.932311][  T832] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  160.981095][ T9504] overlayfs: failed to clone upperpath
[  161.083641][  T832] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  161.086873][  T832] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  161.089736][  T832] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  161.092485][  T832] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.097013][ T9493] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  161.104541][  T832] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  161.123272][ T5983] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 10 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  161.310088][  T832] usb 10-1: USB disconnect, device number 12
[  161.326254][ T5998] usb 6-1: USB disconnect, device number 10
[  161.635212][ T9533] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  161.780486][ T9536] netlink: 4 bytes leftover after parsing attributes in process `syz.4.915'.
[  161.784490][ T9537] netlink: 4 bytes leftover after parsing attributes in process `syz.4.915'.
[  161.794648][ T9536] netlink: 4 bytes leftover after parsing attributes in process `syz.4.915'.
[  161.919041][ T9548] netlink: 20 bytes leftover after parsing attributes in process `syz.5.917'.
[  162.090389][ T9555] »»»»»» speed is unknown, defaulting to 1000
[  162.180044][ T9560] Process accounting resumed
[  162.397635][ T9560] syz.5.921 (9560): drop_caches: 2
[  162.567616][ T9581] /dev/nullb0: Can't open blockdev
[  163.044453][ T9456] usblp0: removed
[  163.252772][ T9595] overlay: Unknown parameter 'smackfsdef'
[  163.508657][ T9592] overlayfs: failed to clone upperpath
[  164.009492][ T9621] netlink: 28 bytes leftover after parsing attributes in process `syz.5.937'.
[  164.012114][ T9621] netlink: 28 bytes leftover after parsing attributes in process `syz.5.937'.
[  164.803431][   T35] kernel write not supported for file [eventfd] (pid: 35 comm: kworker/3:0)
[  165.084955][   T39] kauditd_printk_skb: 123 callbacks suppressed
[  165.084967][   T39] audit: type=1326 audit(1737015455.039:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9660 comm="syz.1.958" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70ee579 code=0x0
[  165.880567][ T9690] openvswitch: netlink: Flow key attr not present in new flow.
[  165.932815][ T9695] »»»»»» speed is unknown, defaulting to 1000
[  166.407072][ T9726] netlink: 4 bytes leftover after parsing attributes in process `syz.6.970'.
[  166.408777][ T9716] »»»»»» speed is unknown, defaulting to 1000
[  166.409656][ T9726] bridge_slave_1: left allmulticast mode
[  166.413106][ T9726] bridge_slave_1: left promiscuous mode
[  166.414958][ T9726] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.418127][ T9726] bridge_slave_0: left allmulticast mode
[  166.419980][ T9726] bridge_slave_0: left promiscuous mode
[  166.420961][ T9728] netlink: 'syz.1.969': attribute type 1 has an invalid length.
[  166.421745][ T9726] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.553416][ T9726] netlink: 4 bytes leftover after parsing attributes in process `syz.6.970'.
[  166.556169][ T9726] netlink: 4 bytes leftover after parsing attributes in process `syz.6.970'.
[  166.559491][ T9726] netlink: 4 bytes leftover after parsing attributes in process `syz.6.970'.
[  166.606426][ T9739] batman_adv: batadv0: Removing interface: gretap1
[  166.874815][ T5323] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  167.022329][ T5323] usb 6-1: Using ep0 maxpacket: 8
[  167.025179][ T5323] usb 6-1: config index 0 descriptor too short (expected 74, got 45)
[  167.027623][ T5323] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  167.030867][ T5323] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  167.033884][ T5323] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  167.036887][ T5323] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  167.040903][ T5323] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  167.043760][ T5323] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.098860][ T9750] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  167.118378][ T9750] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  167.265290][ T5323] usb 6-1: usb_control_msg returned -32
[  167.267089][ T5323] usbtmc 6-1:16.0: can't read capabilities
[  167.617886][    C2] usbtmc 6-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  167.620736][ T9767] usbtmc 6-1:16.0: Unable to send data, error -71
[  167.707715][ T9773] __nla_validate_parse: 61 callbacks suppressed
[  167.707726][ T9773] netlink: 60 bytes leftover after parsing attributes in process `syz.6.980'.
[  167.739424][ T9775] »»»»»» speed is unknown, defaulting to 1000
[  168.853090][ T9794] »»»»»» speed is unknown, defaulting to 1000
[  168.911304][ T9795] netlink: 'syz.5.987': attribute type 5 has an invalid length.
[  168.918635][ T9795] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  168.923317][ T9795] openvswitch: netlink: ERSPAN option length err (len 4096, max 255).
[  169.257034][ T9791] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  169.341411][ T9802] netlink: 'syz.6.989': attribute type 1 has an invalid length.
[  169.360375][ T9802] 8021q: adding VLAN 0 to HW filter on device bond2
[  169.369268][ T9802] 8021q: adding VLAN 0 to HW filter on device bond2
[  169.371574][ T9802] bond2: (slave ip6tnl1): The slave device specified does not support setting the MAC address
[  169.375315][ T9802] bond2: (slave ip6tnl1): Error -95 calling set_mac_address
[  169.528785][ T9812] netlink: 16 bytes leftover after parsing attributes in process `syz.6.992'.
[  169.534374][ T9812] netlink: 20 bytes leftover after parsing attributes in process `syz.6.992'.
[  169.573582][ T9812] netlink: 32 bytes leftover after parsing attributes in process `syz.6.992'.
[  169.613619][ T5982] usb 6-1: USB disconnect, device number 11
[  170.742368][   T30] usb 10-1: new full-speed USB device number 13 using dummy_hcd
[  170.893498][   T30] usb 10-1: config index 0 descriptor too short (expected 31, got 27)
[  170.895891][   T30] usb 10-1: config 1 interface 0 altsetting 253 endpoint 0x1 has invalid wMaxPacketSize 0
[  170.898620][   T30] usb 10-1: config 1 interface 0 has no altsetting 0
[  170.902059][   T30] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= b.72
[  170.904661][   T30] usb 10-1: New USB device strings: Mfr=28, Product=37, SerialNumber=3
[  170.907229][   T30] usb 10-1: Product: syz
[  170.908611][   T30] usb 10-1: Manufacturer: syz
[  170.910666][   T30] usb 10-1: SerialNumber: syz
[  171.117567][ T9840] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  171.120591][ T9840] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.124759][ T9840] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  171.125076][ T9871] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  171.125076][ T9871]    program syz.1.1010 not setting count and/or reply_len properly
[  171.128146][ T9840] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.136043][ T9840] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  171.138874][ T9840] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.143003][ T9840] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  171.146509][ T9840] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.149950][ T9840] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  171.152616][ T9840] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  171.172757][   T30] usblp 10-1:1.0: usblp0: USB Unidirectional printer dev 13 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  171.180992][   T30] usb 10-1: USB disconnect, device number 13
[  171.184743][   T30] usblp0: removed
[  171.196156][ T9874] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1011'.
[  171.199425][ T9874] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1011'.
[  171.210903][ T9874] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1011'.
[  172.128301][   T39] audit: type=1326 audit(1737015462.079:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9899 comm="syz.5.1018" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  172.134888][   T39] audit: type=1326 audit(1737015462.079:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9899 comm="syz.5.1018" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  172.141098][   T39] audit: type=1326 audit(1737015462.079:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9899 comm="syz.5.1018" exe="/syz-executor" sig=0 arch=40000003 syscall=374 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  172.148066][   T39] audit: type=1326 audit(1737015462.079:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9899 comm="syz.5.1018" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  172.155271][   T39] audit: type=1326 audit(1737015462.079:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9899 comm="syz.5.1018" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  172.161311][   T39] audit: type=1326 audit(1737015462.079:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9899 comm="syz.5.1018" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  172.169038][   T39] audit: type=1326 audit(1737015462.079:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9899 comm="syz.5.1018" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  172.178449][   T39] audit: type=1326 audit(1737015462.079:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9899 comm="syz.5.1018" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  172.184843][   T39] audit: type=1326 audit(1737015462.079:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9899 comm="syz.5.1018" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  172.190986][   T39] audit: type=1326 audit(1737015462.079:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9899 comm="syz.5.1018" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000
[  172.369627][ T9912] netlink: 'syz.4.1022': attribute type 1 has an invalid length.
[  172.391049][ T9912] pim6reg: entered allmulticast mode
[  172.680467][ T9925] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  172.680467][ T9925]    program syz.5.1025 not setting count and/or reply_len properly
[  173.313852][ T9935] overlayfs: failed to clone upperpath
[  173.378610][ T9946] IPVS: Error connecting to the multicast addr
[  173.430665][ T9952] overlayfs: failed to clone upperpath
[  173.573418][ T9967] input: syz0 as /devices/virtual/input/input13
[  173.980211][ T9972] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  173.980211][ T9972]    program syz.1.1040 not setting count and/or reply_len properly
[  174.417005][ T9987] Unknown options in mask 7
[  174.471057][ T9996] netlink: 'syz.5.1046': attribute type 1 has an invalid length.
[  174.472064][ T9999] netlink: 'syz.1.1047': attribute type 1 has an invalid length.
[  174.495629][ T9996] 8021q: adding VLAN 0 to HW filter on device bond4
[  174.521270][ T9999] 8021q: adding VLAN 0 to HW filter on device bond3
[  174.582351][ T9997] input: syz0 as /devices/virtual/input/input14
[  174.663553][T10007] siw: device registration error -23
[  175.479015][T10015] vlan2: entered promiscuous mode
[  175.481010][T10015] vlan2: entered allmulticast mode
[  175.483345][T10015] hsr_slave_1: entered allmulticast mode
[  175.509481][T10015] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1050'.
[  175.597171][T10015] hsr_slave_1 (unregistering): left allmulticast mode
[  175.614337][T10015] hsr_slave_1 (unregistering): left promiscuous mode
[  176.464959][T10037] kAFS: unable to lookup cell '.,'
[  176.523958][T10045] netlink: 'syz.6.1059': attribute type 10 has an invalid length.
[  176.526418][T10045] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1059'.
[  176.530285][T10045] batman_adv: batadv0: Adding interface: virt_wifi0
[  176.532502][T10045] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.539698][T10045] batman_adv: batadv0: Interface activated: virt_wifi0
[  176.629605][T10051] netlink: 'syz.4.1056': attribute type 10 has an invalid length.
[  176.685487][T10053] netlink: 'syz.4.1056': attribute type 10 has an invalid length.
[  176.822410][T10053] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  176.846649][T10058] input: syz1 as /devices/virtual/input/input15
[  178.190427][T10095] siw: device registration error -23
[  178.332439][T10096] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073709551615)
[  178.344395][T10096] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647
[  178.990772][T10108] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1074'.
[  179.218117][T10114] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1076'.
[  179.225325][T10114] macsec0: entered promiscuous mode
[  179.347169][T10112] can: request_module (can-proto-3) failed.
[  180.007309][T10138] ip6_tunnel: non-ECT from 2001:0000:0000:0000:0000:0000:0000:0002 with DS=0x3
[  180.109453][T10144] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073709551615)
[  180.113123][T10144] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647
[  180.202911][T10146] xt_CT: No such helper "snmp"
[  180.262409][   T30] usb 10-1: new full-speed USB device number 14 using dummy_hcd
[  180.313391][   T39] kauditd_printk_skb: 121 callbacks suppressed
[  180.313406][   T39] audit: type=1326 audit(1737015470.269:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10153 comm="syz.6.1087" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  180.325305][   T39] audit: type=1326 audit(1737015470.269:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10153 comm="syz.6.1087" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  180.333926][   T39] audit: type=1326 audit(1737015470.279:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10153 comm="syz.6.1087" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  180.342556][   T39] audit: type=1326 audit(1737015470.279:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10153 comm="syz.6.1087" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fb65a7 code=0x7ffc0000
[  180.351104][   T39] audit: type=1326 audit(1737015470.279:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10153 comm="syz.6.1087" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  180.357881][   T39] audit: type=1326 audit(1737015470.279:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10153 comm="syz.6.1087" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  180.365625][   T39] audit: type=1326 audit(1737015470.279:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10153 comm="syz.6.1087" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fb65a7 code=0x7ffc0000
[  180.374494][   T39] audit: type=1326 audit(1737015470.279:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10153 comm="syz.6.1087" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  180.382840][   T39] audit: type=1326 audit(1737015470.289:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10153 comm="syz.6.1087" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  180.391077][   T39] audit: type=1326 audit(1737015470.289:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10153 comm="syz.6.1087" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb6579 code=0x7ffc0000
[  180.431625][   T30] usb 10-1: config 0 has an invalid interface number: 55 but max is 0
[  180.435120][   T30] usb 10-1: config 0 has no interface number 0
[  180.437704][   T30] usb 10-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  180.442192][   T30] usb 10-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  180.447159][   T30] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  180.451728][   T30] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 64
[  180.455202][   T30] usb 10-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  180.459102][   T30] usb 10-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  180.462369][   T30] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.469196][   T30] usb 10-1: config 0 descriptor??
[  180.472112][T10135] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  180.481571][   T30] ldusb 10-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  181.350179][T10176] »»»»»» speed is unknown, defaulting to 1000
[  181.410715][T10185] 9pnet_fd: Insufficient options for proto=fd
[  182.563030][T10213] ata1.00: invalid multi_count 1 ignored
[  182.615051][ T5982] 
[  182.615802][ T5982] ======================================================
[  182.617800][ T5982] WARNING: possible circular locking dependency detected
[  182.619789][ T5982] 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 Not tainted
[  182.622369][ T5982] ------------------------------------------------------
[  182.625275][ T5982] kworker/3:3/5982 is trying to acquire lock:
[  182.627021][ T5982] ffff888043f6bb90 (&q->q_usage_counter(queue)#51){++++}-{0:0}, at: blk_mq_alloc_request+0x59b/0x950
[  182.630113][ T5982] 
[  182.630113][ T5982] but task is already holding lock:
[  182.632236][ T5982] ffff888043f6c1a8 (&q->limits_lock){+.+.}-{4:4}, at: sd_revalidate_disk.isra.0+0x52c/0xa8d0
[  182.635167][ T5982] 
[  182.635167][ T5982] which lock already depends on the new lock.
[  182.635167][ T5982] 
[  182.638077][ T5982] 
[  182.638077][ T5982] the existing dependency chain (in reverse order) is:
[  182.640612][ T5982] 
[  182.640612][ T5982] -> #5 (&q->limits_lock){+.+.}-{4:4}:
[  182.642796][ T5982]        __mutex_lock+0x19b/0xa60
[  182.644331][ T5982]        __nbd_set_size+0x2c0/0x730
[  182.645813][ T5982]        nbd_start_device+0x8fd/0xd70
[  182.647341][ T5982]        nbd_ioctl+0x21a/0xfd0
[  182.648721][ T5982]        compat_blkdev_ioctl+0x2f7/0x750
[  182.650329][ T5982]        __do_compat_sys_ioctl+0x1cb/0x2c0
[  182.652004][ T5982]        __do_fast_syscall_32+0x73/0x120
[  182.653664][ T5982]        do_fast_syscall_32+0x32/0x80
[  182.655195][ T5982]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  182.657149][ T5982] 
[  182.657149][ T5982] -> #4 (&q->q_usage_counter(io)#52){++++}-{0:0}:
[  182.659576][ T5982]        blk_mq_submit_bio+0x1fb6/0x24c0
[  182.661200][ T5982]        __submit_bio+0x384/0x540
[  182.662640][ T5982]        submit_bio_noacct_nocheck+0x698/0xd70
[  182.664465][ T5982]        submit_bio_noacct+0x93a/0x1e20
[  182.666038][ T5982]        block_read_full_folio+0x812/0xa50
[  182.667700][ T5982]        filemap_read_folio+0xc6/0x2a0
[  182.669258][ T5982]        filemap_get_pages+0x155f/0x1be0
[  182.670865][ T5982]        filemap_read+0x3ca/0xd70
[  182.672318][ T5982]        blkdev_read_iter+0x187/0x480
[  182.673893][ T5982]        vfs_read+0x87f/0xbe0
[  182.675240][ T5982]        ksys_read+0x12b/0x250
[  182.676743][ T5982]        do_syscall_64+0xcd/0x250
[  182.678187][ T5982]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.680014][ T5982] 
[  182.680014][ T5982] -> #3 (mapping.invalidate_lock#2){++++}-{4:4}:
[  182.682433][ T5982]        down_read+0x9a/0x330
[  182.684097][ T5982]        filemap_fault+0x2e0/0x2820
[  182.686188][ T5982]        __do_fault+0x10a/0x490
[  182.687955][ T5982]        do_pte_missing+0xebd/0x3e00
[  182.689502][ T5982]        __handle_mm_fault+0x103c/0x2a40
[  182.691100][ T5982]        handle_mm_fault+0x3fa/0xaa0
[  182.692626][ T5982]        do_user_addr_fault+0x7a3/0x13f0
[  182.694435][ T5982]        exc_page_fault+0x5c/0xc0
[  182.695871][ T5982]        asm_exc_page_fault+0x26/0x30
[  182.697384][ T5982]        _copy_from_user+0x95/0xd0
[  182.698856][ T5982]        snd_rawmidi_kernel_write1+0x35e/0x860
[  182.700627][ T5982]        snd_rawmidi_write+0x267/0xbe0
[  182.702195][ T5982]        vfs_write+0x24c/0x1150
[  182.703849][ T5982]        ksys_write+0x207/0x250
[  182.705808][ T5982]        __do_fast_syscall_32+0x73/0x120
[  182.707822][ T5982]        do_fast_syscall_32+0x32/0x80
[  182.709354][ T5982]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  182.711311][ T5982] 
[  182.711311][ T5982] -> #2 (&mm->mmap_lock){++++}-{4:4}:
[  182.713660][ T5982]        __might_fault+0x11b/0x190
[  182.715449][ T5982]        _copy_from_user+0x29/0xd0
[  182.716933][ T5982]        compat_blk_trace_setup+0xc9/0x200
[  182.718604][ T5982]        blk_trace_ioctl+0x24a/0x290
[  182.720130][ T5982]        compat_blkdev_ioctl+0x13c/0x750
[  182.721739][ T5982]        __do_compat_sys_ioctl+0x1cb/0x2c0
[  182.723558][ T5982]        __do_fast_syscall_32+0x73/0x120
[  182.725378][ T5982]        do_fast_syscall_32+0x32/0x80
[  182.726947][ T5982]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  182.728943][ T5982] 
[  182.728943][ T5982] -> #1 (&q->debugfs_mutex){+.+.}-{4:4}:
[  182.731224][ T5982]        __mutex_lock+0x19b/0xa60
[  182.732741][ T5982]        blk_mq_init_sched+0x42b/0x640
[  182.734334][ T5982]        elevator_init_mq+0x2cd/0x420
[  182.735899][ T5982]        add_disk_fwnode+0x113/0x1300
[  182.737448][ T5982]        sd_probe+0xa66/0xfa0
[  182.738815][ T5982]        really_probe+0x23e/0xa90
[  182.740396][ T5982]        __driver_probe_device+0x1de/0x440
[  182.742115][ T5982]        driver_probe_device+0x4c/0x1b0
[  182.743811][ T5982]        __device_attach_driver+0x1df/0x310
[  182.745510][ T5982]        bus_for_each_drv+0x157/0x1e0
[  182.747059][ T5982]        __device_attach_async_helper+0x1d3/0x290
[  182.748939][ T5982]        async_run_entry_fn+0x9c/0x530
[  182.750614][ T5982]        process_one_work+0x958/0x1b30
[  182.752265][ T5982]        worker_thread+0x6c8/0xf00
[  182.753786][ T5982]        kthread+0x2c1/0x3a0
[  182.755140][ T5982]        ret_from_fork+0x45/0x80
[  182.756622][ T5982]        ret_from_fork_asm+0x1a/0x30
[  182.758079][ T5982] 
[  182.758079][ T5982] -> #0 (&q->q_usage_counter(queue)#51){++++}-{0:0}:
[  182.759509][T10218] /dev/nbd1: Can't open blockdev
[  182.760708][ T5982]        __lock_acquire+0x249e/0x3c40
[  182.760722][ T5982]        lock_acquire.part.0+0x11b/0x380
[  182.760730][ T5982]        blk_queue_enter+0x50f/0x640
[  182.760743][ T5982]        blk_mq_alloc_request+0x59b/0x950
[  182.760756][ T5982]        scsi_execute_cmd+0x20a/0xf30
[  182.770176][ T5982]        read_capacity_16+0x21a/0xe20
[  182.771773][ T5982]        sd_revalidate_disk.isra.0+0x1a06/0xa8d0
[  182.773605][ T5982]        scsi_rescan_device+0x243/0x340
[  182.775173][ T5982]        ata_scsi_dev_rescan+0x1cb/0x470
[  182.776781][ T5982]        process_one_work+0x958/0x1b30
[  182.778330][ T5982]        worker_thread+0x6c8/0xf00
[  182.779791][ T5982]        kthread+0x2c1/0x3a0
[  182.781157][ T5982]        ret_from_fork+0x45/0x80
[  182.782598][ T5982]        ret_from_fork_asm+0x1a/0x30
[  182.784178][ T5982] 
[  182.784178][ T5982] other info that might help us debug this:
[  182.784178][ T5982] 
[  182.787048][ T5982] Chain exists of:
[  182.787048][ T5982]   &q->q_usage_counter(queue)#51 --> &q->q_usage_counter(io)#52 --> &q->limits_lock
[  182.787048][ T5982] 
[  182.791347][ T5982]  Possible unsafe locking scenario:
[  182.791347][ T5982] 
[  182.793475][ T5982]        CPU0                    CPU1
[  182.795006][ T5982]        ----                    ----
[  182.796542][ T5982]   lock(&q->limits_lock);
[  182.797829][ T5982]                                lock(&q->q_usage_counter(io)#52);
[  182.800116][ T5982]                                lock(&q->limits_lock);
[  182.802099][ T5982]   rlock(&q->q_usage_counter(queue)#51);
[  182.803975][ T5982] 
[  182.803975][ T5982]  *** DEADLOCK ***
[  182.803975][ T5982] 
[  182.806471][ T5982] 5 locks held by kworker/3:3/5982:
[  182.807965][ T5982]  #0: ffff88801ac88948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12cd/0x1b30
[  182.810932][ T5982]  #1: ffffc90004507d80 ((work_completion)(&(&ap->scsi_rescan_task)->work)){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30
[  182.814573][ T5982]  #2: ffff888024d1c358 (&ap->scsi_scan_mutex){+.+.}-{4:4}, at: ata_scsi_dev_rescan+0x3e/0x470
[  182.817521][ T5982]  #3: ffff8880215c8378 (&dev->mutex){....}-{4:4}, at: scsi_rescan_device+0x27/0x340
[  182.820200][ T5982]  #4: ffff888043f6c1a8 (&q->limits_lock){+.+.}-{4:4}, at: sd_revalidate_disk.isra.0+0x52c/0xa8d0
[  182.823202][ T5982] 
[  182.823202][ T5982] stack backtrace:
[  182.824884][ T5982] CPU: 3 UID: 0 PID: 5982 Comm: kworker/3:3 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0
[  182.827931][ T5982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  182.830994][ T5982] Workqueue: events ata_scsi_dev_rescan
[  182.832627][ T5982] Call Trace:
[  182.833612][ T5982]  <TASK>
[  182.834466][ T5982]  dump_stack_lvl+0x116/0x1f0
[  182.835826][ T5982]  print_circular_bug+0x41c/0x610
[  182.837273][ T5982]  check_noncircular+0x31a/0x400
[  182.838702][ T5982]  ? __pfx_check_noncircular+0x10/0x10
[  182.840282][ T5982]  ? lockdep_lock+0xc6/0x200
[  182.841629][ T5982]  ? __pfx_lockdep_lock+0x10/0x10
[  182.843097][ T5982]  __lock_acquire+0x249e/0x3c40
[  182.844528][ T5982]  ? __pfx___lock_acquire+0x10/0x10
[  182.846019][ T5982]  lock_acquire.part.0+0x11b/0x380
[  182.847485][ T5982]  ? blk_mq_alloc_request+0x59b/0x950
[  182.849042][ T5982]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  182.850663][ T5982]  ? rcu_is_watching+0x12/0xc0
[  182.852051][ T5982]  ? trace_lock_acquire+0x14e/0x1f0
[  182.853558][ T5982]  ? blk_mq_alloc_request+0x59b/0x950
[  182.855088][ T5982]  ? lock_acquire+0x2f/0xb0
[  182.856393][ T5982]  ? blk_mq_alloc_request+0x59b/0x950
[  182.857874][ T5982]  blk_queue_enter+0x50f/0x640
[  182.859068][ T5982]  ? blk_mq_alloc_request+0x59b/0x950
[  182.860512][ T5982]  ? __pfx_blk_queue_enter+0x10/0x10
[  182.862020][ T5982]  ? save_trace+0x42/0xa10
[  182.863401][ T5982]  ? add_lock_to_list+0x17d/0x390
[  182.864863][ T5982]  ? lockdep_unlock+0x11a/0x290
[  182.866272][ T5982]  blk_mq_alloc_request+0x59b/0x950
[  182.867750][ T5982]  ? __pfx_blk_mq_alloc_request+0x10/0x10
[  182.869432][ T5982]  scsi_execute_cmd+0x20a/0xf30
[  182.870851][ T5982]  ? lock_acquire.part.0+0x155/0x380
[  182.872380][ T5982]  ? __mutex_trylock_common+0xea/0x250
[  182.873954][ T5982]  ? __pfx_scsi_execute_cmd+0x10/0x10
[  182.875482][ T5982]  ? sd_revalidate_disk.isra.0+0x52c/0xa8d0
[  182.877170][ T5982]  ? rcu_is_watching+0x12/0xc0
[  182.878548][ T5982]  read_capacity_16+0x21a/0xe20
[  182.879962][ T5982]  ? __pfx_read_capacity_16+0x10/0x10
[  182.881560][ T5982]  ? __pfx___mutex_lock+0x10/0x10
[  182.883029][ T5982]  ? __pfx_scsi_execute_cmd+0x10/0x10
[  182.884584][ T5982]  sd_revalidate_disk.isra.0+0x1a06/0xa8d0
[  182.886240][ T5982]  ? find_held_lock+0x2d/0x110
[  182.887611][ T5982]  ? mark_held_locks+0x9f/0xe0
[  182.889003][ T5982]  ? __pfx_sd_revalidate_disk.isra.0+0x10/0x10
[  182.890775][ T5982]  ? kasan_save_stack+0x42/0x60
[  182.892182][ T5982]  ? kasan_save_stack+0x33/0x60
[  182.893634][ T5982]  ? kasan_save_track+0x14/0x30
[  182.895028][ T5982]  ? kasan_save_free_info+0x3b/0x60
[  182.896533][ T5982]  ? __kasan_slab_free+0x51/0x70
[  182.897952][ T5982]  ? kfree+0x14f/0x4b0
[  182.899141][ T5982]  ? scsi_attach_vpd+0x4dc/0x580
[  182.900594][ T5982]  ? scsi_rescan_device+0xf5/0x340
[  182.902072][ T5982]  ? ata_scsi_dev_rescan+0x1cb/0x470
[  182.903572][ T5982]  ? process_one_work+0x958/0x1b30
[  182.905034][ T5982]  ? worker_thread+0x6c8/0xf00
[  182.906391][ T5982]  ? hlock_class+0x4e/0x130
[  182.907676][ T5982]  ? mark_lock+0xb5/0xc60
[  182.908914][ T5982]  ? mark_held_locks+0x9f/0xe0
[  182.910286][ T5982]  ? kasan_quarantine_put+0x10a/0x240
[  182.911818][ T5982]  ? lockdep_hardirqs_on+0x7c/0x110
[  182.913371][ T5982]  ? kfree+0x14f/0x4b0
[  182.914725][ T5982]  ? lockdep_hardirqs_on+0x7c/0x110
[  182.916217][ T5982]  ? scsi_attach_vpd+0x4dc/0x580
[  182.917608][ T5982]  ? scsi_attach_vpd+0x4dc/0x580
[  182.919002][ T5982]  ? __pfx_sd_rescan+0x10/0x10
[  182.920343][ T5982]  scsi_rescan_device+0x243/0x340
[  182.921734][ T5982]  ata_scsi_dev_rescan+0x1cb/0x470
[  182.923223][ T5982]  process_one_work+0x958/0x1b30
[  182.924652][ T5982]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  182.926242][ T5982]  ? __pfx_process_one_work+0x10/0x10
[  182.927774][ T5982]  ? rcu_is_watching+0x12/0xc0
[  182.929148][ T5982]  ? assign_work+0x1a0/0x250
[  182.930501][ T5982]  worker_thread+0x6c8/0xf00
[  182.931859][ T5982]  ? __kthread_parkme+0x148/0x220
[  182.933404][ T5982]  ? __pfx_worker_thread+0x10/0x10
[  182.935412][ T5982]  kthread+0x2c1/0x3a0
[  182.936844][ T5982]  ? _raw_spin_unlock_irq+0x23/0x50
[  182.938326][ T5982]  ? __pfx_kthread+0x10/0x10
[  182.939658][ T5982]  ret_from_fork+0x45/0x80
[  182.940966][ T5982]  ? __pfx_kthread+0x10/0x10
[  182.942293][ T5982]  ret_from_fork_asm+0x1a/0x30
[  182.943738][ T5982]  </TASK>
[  182.946351][ T2292] usb 10-1: USB disconnect, device number 14
[  182.948712][ T2292] ldusb 10-1:0.55: LD USB Device #0 now disconnected

VM DIAGNOSIS:
08:17:52  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=ffffffff84c830fb RCX=ffffffff84c830fb RDX=0000000000000000
RSI=ffffffff8bb17240 RDI=ffffffff8d830ce0 RBP=0000000000000000 RSP=ffffc90003997978
R8 =0000000000000000 R9 =fffffbfff2039eda R10=ffffffff901cf6d7 R11=00000000000a2001
R12=0000000000000000 R13=0000000000000000 R14=0000000000000001 R15=0000000000000000
RIP=ffffffff81765cde RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f3ca5890d00 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=00007fbb8167c440 CR3=000000004baf8000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000003400003 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 697270203a732500 7325207461206465 7269707865207972 746e65203a732500
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4c5755051f560000 5600055144054140 574c555d40055c57 514b40051f560000
ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004
ZMM21=be510dfabe510dfa be510dfabe510dfa be510dfabe510dfa be510dfabe510dfa be510dfabe510dfa be510dfabe510dfa be510dfabe510dfa be510dfabe510dfa
ZMM22=f3037e17f3037e17 f3037e17f3037e17 f3037e17f3037e17 f3037e17f3037e17 f3037e17f3037e17 f3037e17f3037e17 f3037e17f3037e17 f3037e17f3037e17
ZMM23=45acecf645acecf6 45acecf645acecf6 45acecf645acecf6 45acecf645acecf6 45acecf645acecf6 45acecf645acecf6 45acecf645acecf6 45acecf645acecf6
ZMM24=71a3b7b471a3b7b4 71a3b7b471a3b7b4 71a3b7b471a3b7b4 71a3b7b471a3b7b4 71a3b7b471a3b7b4 71a3b7b471a3b7b4 71a3b7b471a3b7b4 71a3b7b471a3b7b4
ZMM25=6f17e5636f17e563 6f17e5636f17e563 6f17e5636f17e563 6f17e5636f17e563 6f17e5636f17e563 6f17e5636f17e563 6f17e5636f17e563 6f17e5636f17e563
ZMM26=d3d682d6d3d682d6 d3d682d6d3d682d6 d3d682d6d3d682d6 d3d682d6d3d682d6 d3d682d6d3d682d6 d3d682d6d3d682d6 d3d682d6d3d682d6 d3d682d6d3d682d6
ZMM27=62b81db562b81db5 62b81db562b81db5 62b81db562b81db5 62b81db562b81db5 62b81db562b81db5 62b81db562b81db5 62b81db562b81db5 62b81db562b81db5
ZMM28=000000300000002f 0000002e0000002d 0000002c0000002b 0000002a00000029 0000002800000027 0000002600000025 0000002400000023 0000002200000021
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=3207000032070000 3207000032070000 3207000032070000 3207000032070000 3207000032070000 3207000032070000 3207000032070000 3207000032070000
info registers vcpu 1

CPU#1
RAX=ffff88802b43ed18 RBX=ffff88802b53ed00 RCX=1ffff92001bbbec4 RDX=0000000000000000
RSI=0000000000000000 RDI=ffff88802b43ed18 RBP=ffffc9000dddf620 RSP=ffffc9000dddf4f0
R8 =0000000000000001 R9 =fffffbfff2039eda R10=ffffffff901cf6d7 R11=000000000000005c
R12=ffffc9000dddf618 R13=ffff88802b53fb20 R14=ffff88802b43ed00 R15=ffff88802b53ed00
RIP=ffffffff81755890 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0000 0000000000000000 ffffffff 00c00000
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c442944 CR3=000000005b7f0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000001 RBX=ffff88802b43ed00 RCX=0000000000000100 RDX=0000000000000001
RSI=0000000000000004 RDI=ffff88802b43ed02 RBP=dffffc0000000000 RSP=ffffc9000d98f458
R8 =0000000000000001 R9 =ffffed1005687da0 R10=ffff88802b43ed03 R11=0000000000000000
R12=0000000000000000 R13=0000000000007fae R14=ffff88802b63fc40 R15=ffffed1005687da0
RIP=ffffffff8b1d1ef3 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
FS =0000 0000000000000000 ffffffff 00c00000
GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS   [-WA]
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=0000000000000000 CR3=000000005b7f0000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff85145e25 RDI=ffffffff9a66a200 RBP=ffffffff9a66a1c0 RSP=ffffc90004506a60
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d
R12=0000000000000000 R13=000000000000002d R14=ffffffff85145dc0 R15=0000000000000000
RIP=ffffffff85145e4f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 0000ffff
CR0=80050033 CR2=000000000c3d91aa CR3=00000000605b2000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 90d46fe459b47742 3f915eb52aad0612
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c2303d3134f957ca 07c3a4d19c2c9c91
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 bdb68268c3e1e90d 6cec1510b12a5a7f
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 831880b0fccbfa87 dc94ff93ddaa57d9
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000005d80
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a724008082a80080 006fb2ddb6560080
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100000001000000 010000003f0e0080
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 006fb2d901000000 03220080006fb2d6
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 01000000006fb2e4 006fb2df01000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7caedc4f0ffe312c 80a4c230522854e0
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 059bbcf60a6c6faf b25a0ec67aceb8f9
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000