last executing test programs:

6m31.623650917s ago: executing program 32 (id=89):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_IDENTITY_MAP_ADDR(r0, 0x4008ae48, &(0x7f0000000440)=0xeeee8000)

6m30.964206281s ago: executing program 1 (id=97):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x70, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0xf, 0xf}, {}, {0x7, 0xd}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x40, 0x2, [@TCA_CGROUP_EMATCHES={0x3c, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x800, 0x7, 0x1}, {{0x0, 0x0, 0x1}, {0x3, 0x1, 0x1}}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0xe85, 0x6e4, 0xc}, {0x4, 0x80000000, 0x3, 0x1, 0xf, 0x1}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6e4}}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000006100)=@delchain={0x24, 0x65, 0x1, 0x70bd2e, 0x25dfdbff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff3}, {}, {0xb}}}, 0x51}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

6m30.044355618s ago: executing program 1 (id=103):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009e0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa1", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x4}, 0x18)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'veth0_to_team\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000080)={0x11, 0x4, r3, 0x1, 0x6}, 0x14)
bind$packet(r2, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x14)

6m29.767611423s ago: executing program 33 (id=102):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8931, &(0x7f0000000000)={'veth1_macvtap\x00'})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000", @ANYRES32=0x1], 0x48)
sendmsg$kcm(r0, &(0x7f0000003340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001ec0)=ANY=[@ANYBLOB="f0000000000000000600000009000000f31d117aaea10ec4e6f648807ab7d9b36f912e2e2a99aac8ad5c397b98128de9a8e09fe5074122b7b78d38ae672cfc0e593fbfa2c3d7bd1b36e8f087f5af7f84ed7a8fb87eea72a67e74c244a3b311f64fc70df3ff2aefb13696d0a99e4b65db563a1152c73f2adf2f74fe7f97155295ad020b21673f668d79302df0759e15017a962f2fca06062fdf4ab7f061f2f75e8cf1bd1f90fe129eba781d464265230a73f1367f9c711260eea4e235398f7878c8b9026a0fd1e0e31a1d5ed1dc485fa13a09aa7a9499e67e941886b74ca7790f26080f3d77514a8f90e0e286214cf600f0000000000000000401000007000000c8c62fcb7c37e570a3660974df927e35c51dad56f7ad0800977d64dff033dd99b61dc9170e2bf463bd305e4aa18c72505cec909ea79cf6b15eb69b05998b3012777b599e6ad458720e95b3e29d91b7aa28e68c360886a87819834084f5310aad13ba3b77c97ad2d4334ce4ea7508b7bc1050a8a62dc584bb9d8bf612430ff6832ece9feb462a5f103cb90cab5b51836d9be4a27834cd6aef43a7dd6e2de3b48459956aff733e7bc96e75b8421388e58ccc8164c33cc4e84918649a16456d55a793221bb19bafd4a8be872150bdf967f4ad43852edb61f4604200000000000000f00000000000000001010000010000001ad165003e1649ddc05a9df12629b88b71840d8a07708aec9907cade001028337ac40d8f95cc682447ff759cb4d48fd28795b1557ee3faa3557f756b89772fed2f0e1cf8cbbbe2fe44972af7a894cd76e1635c8759ff88856cd99e35f848920f4ad2003a68a9f46d8215b9403d6c4073e2a489bab88ffd92101f4fa7cf6eaf60e0ae3a1dae7c874415d687eccf236a2c1409a96defe6adfb85f93aefae0590cb6080e13516eacbb590bd0bbd53bda967b27830d240af22c04dce120810a6494ccf744227aaafe66bb52b48199d74e18a1a7ff72bf65926f4a2b5b9065a4e100008010000000000000f010000d5000000a3ec773dc0661677050eba104e607a9c29dcf32dda9b81710ff76b6429b1931ed212fa300d7d30d2e0966d4514e4c68a7d3cde191a7d68e29a7cc5901aebaba685561d576b999dce8181cc4c0496596064409609c861060d790e814e097536638f88e8490b358fb05701763677972a16bf102f4c191d5a72828f693d00d7b7682e15daceb35b408d1d86fea837d435f09208049b0cf01a8afa5d1e987272a29d846dec1c05588eb63ab52be0673449b321a3edec823b40fd0d2a2044f89d126b8b4b9b962f73fd769293cd86d14e1bee1d34ce1648d187d0a3e1d662045ddf85bd31f7337f55551dbb412df06a61e636f62d57b058540000101000000000000009010000080000007616abf7b652dd59eeb13b4d1ea7d5fd7ad2ba17280791758841c7c6bcaab2fd0ac4c096a50f69eb61529f48d2579448a32ca7642f80bcac9c4e0c2588276cac1649bd42dc5742512cb2e15fa66058004d18783808074871773f08ee9cc290c15512841c38a3c3f46ebbd0f27b9ace1730cf1fc764dd9b8fee6d4b53f6d2341c3ce8c8babd9e2be47af31a56d608a195683f3d0e487869d023eaee23f0374ad1a46697d622a1a16f08dd58c2eef2e80e27fc9cda4c13758681f6982a24ff5f405cb57163cde597c7570cb3a5b1d13b4763d3deaae0017437df3c873a09e6075b2b897542f9ed5b418932de697323ac87542ce058142e8f73cb37c8720540e8d205199783c461fe0141b20d3fc30ba49a1a7ca7765836331270d97df1dedbb29250377c22caa03864b6376387148abcbb0eb10e0d651a51909610380afdfda0ade5170d327eae77e8a3f57500c83de173066559e25ab18a560183be4525ad56fbecc555399f1f7e4d803150574f175eba9d483f5eb7b915d2ebd920faa30fb9a0292aff2c4594b07b265cb35f38bc5cb2581b01e2382681c5603f83354181ae26eb8597a9a7e647eb51f036f3b94998ae123b70603822af1b7e8a2c6137245677960f45a710dbc4cc88f82c10c14f151e508c018a8128571a56c149b37d683a6a5d3ea29205208f91bedde5bf0f3ed699642f2581331377559fa8ca51db15c130f44148e5b0a2e4ca28f71730a74ef40975f2061abe055f0b2c61f705ddd5762fe6b512d6ea55adc6a63d5f4e40f9c9d0c71f4dc4f45171db458c9a67e5f3107aec06e58e62bb370dd1c300a36be43496da3cc8658713004447e733876a73aa5889b15c0f35380a79073dd1dcecfaaad1cda7dc7d413095068f47f80d010115687f5edee56e20a576258a22f25137575ccdd18f2fad01414cc932823b87a46973fb165ddd397a77ad78419f2a959982fb3f64bea0b0f058be2a5aded3b54a0beec09657a904fc161dd74f7da7fb063b8647b5d7a985ab6bb239d34c22e3f66c52061846be29ac0dd10e71171fbb1efea3aa9b4dea0a6ff1b37bac00d5f759107b00fc064723d4837f33f76ab944c323e82d901c94f9252966c0c1223c2f068e51bfe656d4ff56ccb717e007a9d7191cda02c45ff2d85e8d8c032e7768344855f5593c6246b14f93fa0e24f50d8b917b65a6cc5ef9bcf12e0344993606e354b63ab072c08dc7851541f75427f6920f0dc4d43128b546694b7a52842eafb79e8dfb0849caa71e7a954b3ef3cf0c98bebc231a8e6b44ffbfb03b865e9520f0f2e53d74da040ede25e9e4423f334a7968176fd954f9b88fc3d078303686c4d7ec956fc0949e5dbf2e3ed8f07bb22eea1404a83600f50f6319ce02f7f74921b7b5a765b046e21c3e3527910eec3284df40a9c56d08fb7ee5aa726d1192a758a06a45ea294244f4d1515a42a3b29fba1f900823b6715c3e69d2f0010a5f59a2dd9a3bbaf872382c70bdf2b25fecd1e48c4525dfddc071d7fc567023786094841212837919a456651368f04b69e8ee87a70be2b9247ebe955a28a433a2d976d0234cc26fa7eeb20f9ca1bb57fb5ccadd54d75e2c2db68c7f92279142a3ef5a04cb083ef47ae608120bf32ff1b8b1d36ea8816e541a560ebef89055dad7d85bb400a838a92aff1cceff36cc81ff870101042488c07a3c408b21de6931cc75c69ebd23c1a12136642ef1993dd8b6021373bf82be63179d12df8e5434cd20e889b42fff7d830615e5632f088ff48d19e99b590f1174363f76901e7f82f0c49028b92849b3a4dbcbe634f95c58ebafb0bc3df12365844ee7e2f4e52910859d828655042a7ec9b90e1a613a80efc750870755a818208370cf1cbdd7db702b86ab0fb4dbf8972cf8237f9b8409287e948f8050a310b62e14668f61d5041b6cf86abee5e0b787e2b62ac6e16adda8d72a0d92ba944735ef00c383ac34c6087c181d98f9e4e3281e13838b8cd55edea922ab98321de8e341b8dad9e0719880331f301908b6fe76c8917d9dc00e8c8a64ffcce6e6467b0edf7688f8d9bf2d3a111b358de456bb5e38333ac9081136206185f36c58adcae895d24aebaa973c148f5de4b1cb114c7dc6ade144315a239f73c0eff52172ec2397117259e423e0441652223ad98d3e4c854f3a4d54b50864c430f7dba2223fb88cf8d48475f8c9d589213675942a87922619ec45a123230200014fb0716908d2b5c9ae1d7d7a0982e7be9aa8be0a507dd1ca53ec5bf3fe6c7f18b92feff484bd0534f3a26445f7773a113ce721bae9fadf70595b61b22f47bf1e9824dd75e8da3d5313692fb45adfb23784af6f55d0022d6238eff36a26786769ea01253f09c305de845b88e34681560ab62faa44a162fce60f3fec4861e4ea1b0db7c01499b79b474f12f7e8b2bf2d3d759d0a3208eab5ce2898957b7b85356de613e2bcb4e78cefc0b95c2fa278c450e0f73861ebbe627cda5df69ec72dcd4030535a4c80a1981dbb9f3dc1affe764c1ba4f5caab954e962e40591bf062439e53233ffe16fec6c190c56f331f39303af69698c5e4e1dac35d03750f35a28b8b34a93517e8eaa9c42cccd3f658f122e98a04e070e68cd9caaf124d850afd0f01a83601cd1bc5b41140e30adb75ef301041735838a82899d01a279bc19ee227ebcd79d944206e48c7524d408ac3b5e441a5ed2807f4b2944b6d74a3b0a321303a3ed95888765472fc7ff6c7ceda52fe13789fdc1dd635bb295e1fe0920cc516e58a06d3bafacf7763767015f063cddc54daf398789b7b6ec50e317dd5918aea3acf30325268f8ea7851d5cc5b84f79d5306e0f7c5e5d2fa0f7b4c8eba0d4c9a6fe8121420452d773c56bbce8f1ffa4cfd5a380a58c3493315ba7baeca4c13fd433202ea70d88a0bd78f08008756017d792b387afa5d4f32008b98d7a55480bf23a64f4363ae7ab424ae079ab124c500703c00bb8295af978a095e26f695cbb212deab76cd947d9d4c2493352dca204f323b82c43f1aa114ee5f9598133f3a2028ebe39598f135216e559020659727045e6062a360d64688350cf470648dc3b634f2165631daa97b4369ebeeac328be0cae2fde3a806471ec5e9daeac63b5a6bb842679360dbdc6aaeccc365d70946d652cdabc0bdb4da3fd0bed723443823ec7479b7698153d9cf812e3ee5d8b444c26eea3e850254955a2368453ff3d4ec6088552b1f0088ebb17f6b032fd53c6456519f9256b6834113877c4203307309165ab41b4da3105e908328b2646089795173e03d34f35a8d58346f25847c0c8b6f638c0df52fe1e93ff2bae8c77a1e18d09f1bdeb12f2110f68e81a4a662dff10630c3964c3c232dcc532a471fd6f40c17cdb7d3752262e314cc8d7daf268f0ebea3567b80da3ee063a5b4cec9b74d707516bf83a97979cbf87e72ca9f560822b3390796798b4b7f0bb402dfeac855b0ad4038d3873cbdb4732a55b671f9aa418c8800e3cbff6eba595fa8f33c8975ad84d6678404b93131a3cca6efe02bfda1921eff62e6fa1d649162a2bf5d33e8253df5d2ee89f9e57e004842c6fb57c692d91a2f141a46d3ffd9273249f6364315109e4b953b9a534ae058724d5185fba589f8913367fd505ef04d4c94e81f7e239eb4a688f6eb74b320a4128f9deb4506aa093c800873aadf754384d3db01dcf9ba3e49a2d5c6b887b8b130fff65c994d4d4a5033c55c2cee6069cdef0f85574387ced8116ceaf2504acfa1434eac6ebaa3d48d0405280d87eadcd075de2a70e1ef3d8b741d370c941c6602e657f42df0a6850c7cc31b0893f039c3180f3ae20a151329d6809307c28cecafa01cba5b0098be8be33b1af973c80ac423e5a083a8b8f44107f49bd6955690c1329171aae40214f6cd1b2bbd8f92066f07c627b333ae868e63efaab05157a7b8d39906ae2b8e28e47f2014daaf61fe2bebcc43758b7bb304f65075b18b4241bb9224d2a0f2e1d304229f8270a6178c1830012cc5cc63611bd66c8aeac5d7a7b6cde7c1eeff52dc997e3d3bade39d5e2915e43245696ef0492f55f5d43234a063855cc7b35b65bd6e1edf391c0a264b08e683387020c98f4e80a7ce7386"], 0x1468}, 0x20008000)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r1}, &(0x7f0000000a00), &(0x7f0000000a40)=r0}, 0x20)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000003380)={0xc, 0xe, &(0x7f0000000480)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xf4, 0x0, &(0x7f0000000100)="b9ff030f6044238cb89e14f065581bff88fbffff4000632f77fbac14142ce934a0a662079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7f", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0}, 0x50)
listen(0xffffffffffffffff, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)

6m29.674076965s ago: executing program 1 (id=107):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f0000000200)={@val={0xa, 0x88a8}, @void, @eth={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @remote, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "b7bdab", 0x0, 0x2b, 0xff, @dev={0xfe, 0x80, '\x00', 0x28}, @mcast2}}}}}, 0x3a)

6m29.033063818s ago: executing program 1 (id=108):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0xb500a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000540)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', 0x0, 0x2145499, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$tmpfs(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)

6m28.700552784s ago: executing program 1 (id=109):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xf, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000020000000000000060b4000818110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000dab7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000084000000b70000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r3, r1, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x102e, &(0x7f00000012c0)=ANY=[@ANYBLOB], 0x0)

6m27.204751223s ago: executing program 2 (id=111):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000001140)=@NCI_OP_NFCEE_MODE_SET_RSP={0x2, 0x1, 0x2, 0x1, 0x1, 0x1}, 0x4)

6m26.986043227s ago: executing program 2 (id=112):
unshare(0x26020480)
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect(r0, 0x0, 0x0)

6m26.946389558s ago: executing program 2 (id=113):
r0 = socket(0x2, 0x2, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r4, 0x0, 0x0)
dup(0xffffffffffffffff)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = memfd_create(&(0x7f0000000680)='\x103q}2\x9a\xce\xaf^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99\x18\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1f\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\tRJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd99C\x9fF\x9c[M=\xa0^\xa8\xed)\xe8Z\xe8\x9b&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xc9\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8ZmH\x98\xaeb\xa5B5)\x80m\xff\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6\x05\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa\x19\x06U)j!\x91\'\x98\xd2kFN\xfa\x80)O\xb9(!n\x9d\x13\x15\xf1\x1a\xb8y\x14l\xd1', 0x7)
ioctl$FS_IOC_RESVSP(r6, 0x402c5828, &(0x7f00000000c0)={0x0, 0x0, 0x1, 0x762})
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r6, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)

6m26.157418973s ago: executing program 1 (id=115):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x20000001, 0x0, 0x0, 0x0, 0xfffffffd}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
ppoll(&(0x7f0000000500)=[{r0}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0xc, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

6m25.382829028s ago: executing program 34 (id=115):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x20000001, 0x0, 0x0, 0x0, 0xfffffffd}, [@call={0x85, 0x0, 0x0, 0x22}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
ppoll(&(0x7f0000000500)=[{r0}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0xc, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

6m25.363274349s ago: executing program 2 (id=117):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0xb500a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000540)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', 0x0, 0x2145499, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)

6m25.045879864s ago: executing program 2 (id=119):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001280)=@newsa={0x13c, 0x10, 0x413, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@rand_addr=' \x01\x00', 0xfffd, 0x0, 0x4e24, 0x0, 0x2, 0x0, 0x20, 0x0, 0x0, 0xee00}, {@in=@rand_addr=0x64010100, 0x20, 0x32}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {0x0, 0x7, 0x0, 0x4, 0x2000000000000000, 0x4, 0x20000000008}, {0x100000001, 0x8, 0xcc}, {0xf6}, 0x0, 0x4, 0x2, 0x0, 0x1}, [@algo_aead={0x4c, 0x12, {{'rfc4309(ccm(aes))\x00'}, 0x0, 0x40}}]}, 0x13c}}, 0x804)

6m24.493002265s ago: executing program 2 (id=121):
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r1=>0x0]}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000480)=@assoc_value={r1, 0x3}, 0x8)

6m24.27453813s ago: executing program 35 (id=121):
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r1=>0x0]}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000480)=@assoc_value={r1, 0x3}, 0x8)

6m22.957752886s ago: executing program 4 (id=123):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='cdg', 0x3)
sendmmsg$inet(r0, &(0x7f0000001e40)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000ac0)="89e4192d92359cb3ee294530ae76ad6dc4ff20cc3ccc9d41018dd482ad1f395d4e38bd22b6fcae05c49fbdfdf66ae2994f191e9222effcb97205d0aaed4b29919f9e3bab7fdb276ca29501903c98de0b0cc8afca563f94fe69b6927ae594d1b53ad9f4a9f9f5c84a518d37939c84a5bd15048115ac421e9c56866ab6f91b0e8181d8999dd86c0177a971a39bf35b38eb0504bf70c02cc307c62d6f06c80b146153ca56a182831696c8cf46d2b065744e6dd4415ceff773e8d3a45aacc4fd8972cbe77878ce48d531066ec9e4790196e4a17b08ea09d4d3febf6721a44390383c7261e9e09f20c23f95e9c04d3c10220f3962d98b2bd98d5c3e50169a4c0c99f29c7a336489c26259957c4bdeae1c8cdf60d817db09336f680bbe954dc05669c9d48cb0a0488ed2385d935a7166b3187189e08d421903d546126289651db812f9c8754c0dc6f24a22ca988a2ac131cc52d724bb086a53a94e515e09fef354e9ca0daacaa347e96b3efd7c5c4063f6eb0cf55f08ff942780e6846d78410057ca2b845e69eeda4066de60a033e2f3c7e47b2f0c0c4c7da98b1d658c620f70dbe6eb8b5dd90216caa82c91db4c0f7ea02df5d5f8d6815d2d7868e6a6053f31a4fbe8732a1310ca7a79814177a981e5ab68dfeba4fe46ed4c51819be1308f73455e311f511ce4360cc7c24836c9b895ee5ce93cc42dd88f02d91b479c1748339024343700cce897087bbaae4fbd8e2ad5da016265ef097043acaf87504dde24216c805b40cf4d6edf2ae6564182acdf06580dde3fb66ab01625ffadc22f1ac7b97b9dec871edd96e86af127be1ef27548917a49476ce87f1719173369caf69d35d25637f0514e3e06069877968eb874a1c1adc92e760670e42b6cccd2fe0a5f9c543a44b382befc422d4486416b6fabe2f11944a3f08cded6fad9e3304a202d1c58841a6ab78b28a4162db2671d9ea74ee6f3b33a282f42abc911e3245531a34f5567cfcaa1cf762677c9f61d3aa2c4d76210edf440bf53e816d008ab2ea29cf42de9b88442d6b2eec4fbf23f7d23eaab316335dfc2dc10f9148df0b83d92c3a94fb0b49365af5ba599a1ea8e6fc7aea8df9208795cbbdf0af04f5f08fc828cb347a6e9daddbe514675b31e5134c7dfbb060dfc632ad82141ddea4e77e6c63c1843ca6fc820558b7355bae86e106c2be9c9b500c5134ab62444a8423d596bfe0e3b2df47dabf5abe271ae947f4878132915332e4fcc5b81ad6f12570de44f0fdd6a96397acebf95421c88ff274365be770edd1bd1f69bc2d2883fa70fa68828bddcb98f90b0b77e28f9c4726e5b0c52fa6f30a8d57321dfd2f2678bbc6511f39019f49d7dde6f19adeac78e4064b8288f5b4ac7d8ca35f7f70dfb376f5f3af98f02e76e57e21a00bac677703c8e2169816f5cf6c4d1bf803e0b2987544eeeffd197bcc10fe1d9a7b826a6693dc8bb32f19f25a88a15c3dcd30e7f48f0cda06ca99152bd1c892735598c32c6098ae12ef493334be720cb0ba3c710954fe0a80c3dec255f194761e5e904262118307bb49901808f9ca1af58648e9d57ffb744fd4f1d01b5ccaeaa5231def3f800cb8341d9109d93e3871c395892f8ffe25d6d9a7faa7073fd9c3b3aac94c554dab9c35667eb49d5f0e47fd6bb41ca4b2f420b1e3915fa653aaf8d842cc4b0fec5011bd0ba372601fb7930ce98402d2e3d64f8422550a621fa23b128e66b6afe1a74dab2b53de22214844e53441ab7998d4ac3557cca9ffe4997c778243c943ca2de0b1d", 0x4ed}], 0x1}}], 0x1, 0x40)
setsockopt$sock_int(r0, 0x1, 0x8, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

6m22.785516469s ago: executing program 4 (id=124):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f00000001c0)={0x1d, r1}, 0x10)
recvmmsg(r0, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000003440)=[{&(0x7f0000003240)=""/205, 0xcd}, {0x0}], 0x2}, 0x1}], 0x1, 0x40000002, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, 0x0, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000300)=0x4, 0x4)
sendmsg$can_raw(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x0, 0x0, 0x0, "0000000000000003"}, 0x10}, 0x1, 0x0, 0x0, 0x80}, 0x854)

6m21.876531886s ago: executing program 4 (id=125):
r0 = socket(0x2, 0x2, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r4, 0x0, 0x0)
dup(0xffffffffffffffff)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = memfd_create(&(0x7f0000000680)='\x103q}2\x9a\xce\xaf^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99\x18\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1f\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\tRJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd99C\x9fF\x9c[M=\xa0^\xa8\xed)\xe8Z\xe8\x9b&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xc9\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8ZmH\x98\xaeb\xa5B5)\x80m\xff\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6\x05\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa\x19\x06U)j!\x91\'\x98\xd2kFN\xfa\x80)O\xb9(!n\x9d\x13\x15\xf1\x1a\xb8y\x14l\xd1', 0x7)
ioctl$FS_IOC_RESVSP(r6, 0x402c5828, &(0x7f00000000c0)={0x0, 0x0, 0x1, 0x762})
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r6, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)

6m20.236740928s ago: executing program 4 (id=126):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0xb500a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000540)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', 0x0, 0x2145499, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)

6m20.052076151s ago: executing program 4 (id=127):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a000000060001001700"], 0x1c}}, 0x0)
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="110000000400000004000000ff"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000980)={{r7}, 0x0, &(0x7f0000000940)}, 0x20)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000180)={0x84, @remote, 0x0, 0x0, 'lblc\x00'}, 0x2c)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x40, 0x6, 0x8}, 0x48)
setsockopt$IP_VS_SO_SET_DEL(r9, 0x0, 0x484, 0x0, 0x0)
splice(r6, 0x0, r8, 0x0, 0xf3a, 0x0)
write(r4, &(0x7f0000000240), 0x0)
ioctl$BTRFS_IOC_SPACE_INFO(r8, 0xc0109414, &(0x7f000000c300)={0xda0, 0x1, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
tee(r3, r8, 0x8f5, 0x100000000000000)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56d41, 0x2000, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}, {0xffe9}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x1, 0x6, 0x7fff, 0xffffffff, 0x2, 0x78, 0x8, 0x2}}, {0x8, 0x2, [0x9, 0x0]}}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x4000010)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x50}}, 0x60840)
write(r5, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@broadcast, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x64, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x2c}}, @time_exceeded={0x5, 0xea452954ff7d0934, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0xd, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x9a}, @empty}, "001863714ab99043"}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)

6m19.581530881s ago: executing program 4 (id=128):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000008bc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[], 0x18}}], 0x1, 0xc000)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000001a40)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, &(0x7f0000000000)="2e000300010000", 0x7)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0)
r4 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_control(r4, &(0x7f0000000080)='connect aa:aa:aa:aa:aa:10 0', 0x1b)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000340), r5)
sendmsg$NFC_CMD_LLC_GET_PARAMS(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000500)=ANY=[@ANYRES16=r6, @ANYBLOB="010026bd7000fddbdf250f00000092e812e34895b8bd6277a147a52029827958ae9da6510ec562f2026eff44347ba9c015faef4c1d8e5da6a8c8a41417cc4a1e0a24ee24f660e844637431766c34868a8752b3a7295a7ea0f5e9d6aa4d53a58c4eff725c460d0cb127b2d6330d6fdc524a7eae7f8f41dc50e27bb8c6dffb8bf46ccd0e06ecfacdd7691d4f661dcbd75898b2c0c738079d118417a5be830e3e1c15b8900e63dceb89f8534972f026d731fbfaba7a49ebac1cc58724e74eda0def35e28b8df3a0eb4fa5b85dc4e1834b77d3049da0d6e0a49eb95d2c08ca823b3d786a025a"], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x58, 0x2, 0x6, 0x201, 0xe4340000, 0x0, {0x0, 0x0, 0x8}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x100}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2c, 0x9, 0x6, 0x201, 0x0, 0x0, {0xa}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=@newtaction={0x68, 0x30, 0xffff, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x4}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x10}, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r4)
r11 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_opts(r11, 0x0, 0x1a, &(0x7f0000000000)="89", 0x1)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r9, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[], 0x14c}, 0x1, 0x0, 0x0, 0x20000000}, 0x200408d0)
r12 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="34859321", @ANYRES16=r12, @ANYBLOB="010700000000fcdbdf25410000000e0001006e657464657673696d0000000f0002006e657464657673696d300000"], 0x34}}, 0x24000040)
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000001e000100fdffffff000000000200000001000007000000000c"], 0x30}, 0x1, 0x0, 0x0, 0x2}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

6m19.312763636s ago: executing program 36 (id=128):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000008bc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[], 0x18}}], 0x1, 0xc000)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000001a40)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, &(0x7f0000000000)="2e000300010000", 0x7)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0)
r4 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_control(r4, &(0x7f0000000080)='connect aa:aa:aa:aa:aa:10 0', 0x1b)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000340), r5)
sendmsg$NFC_CMD_LLC_GET_PARAMS(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000500)=ANY=[@ANYRES16=r6, @ANYBLOB="010026bd7000fddbdf250f00000092e812e34895b8bd6277a147a52029827958ae9da6510ec562f2026eff44347ba9c015faef4c1d8e5da6a8c8a41417cc4a1e0a24ee24f660e844637431766c34868a8752b3a7295a7ea0f5e9d6aa4d53a58c4eff725c460d0cb127b2d6330d6fdc524a7eae7f8f41dc50e27bb8c6dffb8bf46ccd0e06ecfacdd7691d4f661dcbd75898b2c0c738079d118417a5be830e3e1c15b8900e63dceb89f8534972f026d731fbfaba7a49ebac1cc58724e74eda0def35e28b8df3a0eb4fa5b85dc4e1834b77d3049da0d6e0a49eb95d2c08ca823b3d786a025a"], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x58, 0x2, 0x6, 0x201, 0xe4340000, 0x0, {0x0, 0x0, 0x8}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x100}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x2c, 0x9, 0x6, 0x201, 0x0, 0x0, {0xa}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=@newtaction={0x68, 0x30, 0xffff, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x4}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x10}, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r4)
r11 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_opts(r11, 0x0, 0x1a, &(0x7f0000000000)="89", 0x1)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r9, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[], 0x14c}, 0x1, 0x0, 0x0, 0x20000000}, 0x200408d0)
r12 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="34859321", @ANYRES16=r12, @ANYBLOB="010700000000fcdbdf25410000000e0001006e657464657673696d0000000f0002006e657464657673696d300000"], 0x34}}, 0x24000040)
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000001e000100fdffffff000000000200000001000007000000000c"], 0x30}, 0x1, 0x0, 0x0, 0x2}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

6m13.109404376s ago: executing program 5 (id=130):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={0x0, 0x38}, 0x300, 0x0, 0x101000000000000}, 0x0)

6m12.91290559s ago: executing program 5 (id=131):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x10f, 0x82, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000180)=0x20)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
setsockopt$SO_TIMESTAMP(r2, 0x1, 0x4c, &(0x7f0000000080)=0xcdb, 0x4)
r3 = socket(0xa, 0x5, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x6}, {0x0, [0x0, 0x0, 0x61, 0x2e]}}, 0x0, 0x1e}, 0x28)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f00000010c0)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f00000007c0)={r5, @in6={{0xa, 0x4e23, 0x6, @empty, 0x2}}, 0xfad, 0x4}, 0x90)

6m12.831971571s ago: executing program 5 (id=132):
r0 = socket(0x2, 0x2, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r4, 0x0, 0x0)
dup(0xffffffffffffffff)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = memfd_create(&(0x7f0000000680)='\x103q}2\x9a\xce\xaf^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99\x18\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1f\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\tRJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd99C\x9fF\x9c[M=\xa0^\xa8\xed)\xe8Z\xe8\x9b&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xc9\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8ZmH\x98\xaeb\xa5B5)\x80m\xff\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6\x05\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa\x19\x06U)j!\x91\'\x98\xd2kFN\xfa\x80)O\xb9(!n\x9d\x13\x15\xf1\x1a\xb8y\x14l\xd1', 0x7)
ioctl$FS_IOC_RESVSP(r6, 0x402c5828, &(0x7f00000000c0)={0x0, 0x0, 0x1, 0x762})
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r6, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)

6m10.962210927s ago: executing program 5 (id=133):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0xb500a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000540)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', 0x0, 0x2145499, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)

6m10.665104053s ago: executing program 5 (id=134):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x2c, 0x2b, 0x1, 0x0, 0x0, {0x8}, [@typed={0x4, 0x3}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x0, 0x0, 0x0, @str='\x88H'}]}, @typed={0x8, 0x2, 0x0, 0x0, @fd}]}, 0x2c}}, 0x40)

6m9.093481384s ago: executing program 5 (id=137):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r0, 0x8b22, &(0x7f0000000040))

6m8.684716691s ago: executing program 37 (id=137):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r0, 0x8b22, &(0x7f0000000040))

5m2.845659044s ago: executing program 8 (id=540):
socket$inet_tcp(0x2, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$uinput_user_dev(r5, &(0x7f0000000380)={'syz1\x00', {0xff, 0x6, 0x7fff, 0x8d5}, 0x24, [0x10000, 0xeba, 0x7, 0xe6a, 0x8, 0x1, 0x5, 0x7ff, 0x54, 0x7fffdfff, 0x2, 0xc, 0x8, 0x9, 0x9, 0xfffffff7, 0x7, 0x40000, 0xa, 0x23, 0x2, 0x5, 0xfffffffb, 0xfffffff4, 0x1, 0xda6, 0x3, 0xa7, 0xeb36, 0x2, 0x9, 0x76c9, 0x200, 0x1, 0x1, 0x1, 0x7, 0x9, 0xf, 0xb, 0x10, 0x80000000, 0x7, 0xb50, 0x0, 0x800, 0x3, 0x3, 0x6, 0xfffffffe, 0x5, 0x8, 0x24, 0x7fff, 0x8, 0x1, 0x200, 0x0, 0x0, 0x7f, 0x964e, 0x2d5, 0x149, 0x1], [0x66ac, 0xfffffff9, 0x4, 0x3, 0x8e, 0x7, 0x13e, 0x9, 0x4, 0x2, 0x0, 0x7, 0x7, 0x8001, 0x9, 0x8, 0x2, 0x5, 0x40, 0x7ff, 0x7ff, 0x5, 0x9, 0xc00, 0x89, 0x7ff, 0x0, 0x1, 0xfffffff7, 0x9, 0x9, 0x4d26, 0x10000, 0x8, 0x1, 0x6, 0x0, 0x4, 0x4c, 0x9, 0x8, 0x5, 0xe66, 0x8, 0x2, 0x81, 0x4b, 0x80, 0x6, 0xb, 0x4, 0x9, 0x1, 0x8d1, 0x8fd, 0xfffffffa, 0xe0, 0x8e, 0x10001, 0x4, 0x401, 0xade, 0x7f, 0x9], [0x8396, 0x7, 0x6, 0x9, 0x8000, 0x1, 0x9, 0xe88, 0x8, 0x6, 0x0, 0x400, 0x1000, 0x9, 0x6e, 0x8000, 0x7, 0x3, 0x6, 0x5, 0x3, 0xc9, 0x2, 0x3, 0x0, 0x2, 0x2, 0xc, 0x5, 0xb0f, 0x1e, 0x3, 0x800, 0x8, 0x9, 0x3, 0x4, 0xfffffff7, 0x4, 0xe, 0x464b, 0x6, 0x2e7, 0x7ff, 0x1ff, 0x7, 0x87ff, 0x2, 0x7fffffff, 0xffffffff, 0x4, 0xffff, 0x200d5d, 0xa0c787d, 0x1, 0x9, 0x4, 0x40, 0x3, 0x0, 0x1fc1, 0x9, 0x1, 0x3], [0x10000010, 0x7, 0x2, 0x2, 0xa5e, 0xfe, 0xff, 0x10000, 0x80000000, 0x0, 0xe, 0x2, 0x4, 0x7, 0x7, 0x0, 0xfffffffd, 0xfffffff8, 0xc, 0xf, 0x3, 0x103, 0x6, 0xcc, 0x6, 0x4000400, 0xffffffff, 0x5, 0x2, 0x80000000, 0x4, 0x7, 0xfff, 0x40, 0x9, 0x0, 0x9, 0x1, 0x0, 0x7, 0x8ac1, 0x3, 0x4, 0x80000002, 0x80000002, 0xff, 0x6, 0x3, 0xfffff801, 0xffffbfff, 0x37d, 0xfffffff8, 0xd, 0x7, 0xd, 0x9, 0x6eaf, 0x0, 0x401, 0x5e02, 0x2, 0x3, 0x5, 0x400]}, 0x45c)
ioctl$UI_DEV_CREATE(r5, 0x5501)

5m1.020026949s ago: executing program 8 (id=544):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
socket(0x1e, 0x4, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
socket$inet(0xa, 0x801, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002201c0000001f000000060001000000000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)

5m0.785593584s ago: executing program 8 (id=549):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet6(0xa, 0x1000080002, 0x100000000000088)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e23}, 0x1c)
recvmmsg(r2, &(0x7f0000003ac0)=[{{0x0, 0x0, 0x0}, 0x51}], 0x1, 0x20, 0x0)
r3 = socket$inet6(0xa, 0x802, 0x88)
sendto$inet6(r3, 0x0, 0x0, 0x40488c1, &(0x7f0000000180)={0xa, 0x4e23, 0x1001, @mcast1, 0x4}, 0x1c)
sendto$inet6(r3, 0x0, 0x0, 0x0, 0x0, 0x0)

5m0.515457339s ago: executing program 8 (id=554):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000480), 0x4, &(0x7f0000000280)={[{@xino_off}]})
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000a80)={{{@in=@broadcast, @in=@dev}}, {{@in=@empty}, 0x0, @in6=@empty}}, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000000)={[{@i_version}, {@nodioread_nolock}, {@discard}, {@debug}]}, 0x4, 0x511, &(0x7f0000000540)="$eJzs3cFvVE8dAPDv23Zp6a/8CspBjQoiioawbRdoCBfhojGExEg8eYDaLk3TXbbpLpFWDuXonUQST/onePNgwsmDN29684IHE1SioSYe1ry327K023b9dduF7ueTvL43M8t+Z7rMzL6B3QlgYJ2PiPWIOBERDyJiopWftI641TzSx71983Ru483TuSQajXv/SLLyNC/a/kzqk9ZzjkbED78X8ZNkZ9za6trSbLlcWmmlJ+uV5cna6tqVxVwrpzgzPTN14+r1Ys/aeq7ym9ffXbzzo9/99iuv/rj+7Z+l1Rr/+amsrL0dvdRsej7G2/KGI+LOYQTrk+HW3x8+Pmlv+1xEXMj6/0QMZa8mAHCcNRoT0ZhoTwMAx116/z8eSa7QWgsYj1yuUGiu4Z2NsVy5Wqtfnqg+fjQf2RrW6cjnHi6WS1OttcLTkU/S9HR2/S5dfC/9vHQ1Is5ExPORk1l5Ya5anu/nGx8AGGCfbJv//z3SnP8BgGNutN8VAACOnPkfAAaP+R8ABs//Mf/7dCAAHBPu/wFg8Jj/AWDw7Dv/PzuaegAAR+IHd++mR2Oj+f3Xm9/UfWW+VFsqVB7PFeaqK8uFhWp1oVwqzDUa+z1fuVpdnr62laytrt2vVB8/qt9frMwulO6X8ofZGACgK2fOvfxzOumv3zyZHdG2l4O5Go63XL8rAPTNUL8rAPSNz/PA4OriHt8yABxzHbbofc+u/0Xohc1f4WN16YvW/2FQHWT939oBfNw+2/r/d3peD+DomcNhcDUaiT3/AWDAWOMHDvTv/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADCgxrMjyRWyvcDX05+5QiHiVEScjnzycLFcmoqITyPiTyP5kTQ93e9KAwAHlPtb0tr/69LExfHtpSeS/4xk54j46S/v/eLJbL2+Mp3m/3Mrv/4izT9ZXyme6EcDAIB2t3ZmZfN3sXVuu5F/++bp3OZxlFV8fbu5uWgad6N1NEuGYzg7j0Y+Isb+lbTSTen7laEexF9/FhFf2Gz/aDxpizCerYE0dz7dHj+Nfarn8dt//9vj595rby4rS8/57Hfx+R7UBQbNy9vNcbLV99Iu3up/uTifnTv3/9FshDq4dPxL+/XGjvEvtzX+De2In2R9/vxWeu+avL72++/vyGxMNMueRXxpuFP8ZCt+0nn8zV/sso1/+fJXL+xW1vhVxKWO7d/ckbqSDbOT9cryZG117cpiZXahtFB6VCzOTM9M3bh6vTiZrVE3f/6hU4y/37z86W7x0/aP7RJ/dO/2xze6bP+v//vgx1/bI/63vt759T+7R/x0Tvxml/Fnx27tun13Gn9+l/bv8/rH5S7jv/rr2nyXDwUAjkBtdW1ptlwurexzkb7X3O8xLrq/SO/tP4BqZBexHtGrJ8wWJSKi42PSd9QfRpMP6yL5MKrRi4t+j0zAYXvX6ftdEwAAAAAAAAAAAAAAYDe11bWlkc6f1urZRb/bCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPH1vwAAAP//tBrD+w==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b7030000000000008500"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00'})
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
socket$packet(0x11, 0xa, 0x300)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0x10, 0x0)
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x400a8, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x104000, 0x0)

4m57.173464654s ago: executing program 8 (id=562):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
sendmsg(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000440)="80edc594bc89f6fccc47a77923908bebf2cc74da77afe62c50f37092a43e82235a709948ddfcbb56ffb698463b7b0c59abf14d23d9ec2e748230db6530390ed0c44127861f3f590b19c582976a0590c2a74e99593bff256db1a686d3bada395f23404ec48264b4", 0x67}, {&(0x7f0000000800)="2378899bd0fe6e891f021be9043a0d733117b658e5f33988c7460ab719909f8c4116fa30ba2fb86f3671f03e92717b7d26051e775db85f0783eec3a843626275c1e6473dd26a8f9f38c7b672bba552a4d3e7fb5e9fa1990e3ef390490458a5212444c01aa7f79851a48ac9e05042a69ef82c6d774c380c8a9efad5a55f780987721b05c4b1cb8ca6bb874bc8afef3eae5115a01b041c70b1019421d38c00acd443cb10a03cf30d289b930adeeb084e490908237f48a12f79bfee3d280b130b2f189eb88699fc5e48b3f95a775fbf85de89dc59cf805572290e2bfcba24c7490853d3e18698575b4ba9320bee103bc817405a958834d0f3af019fb93bca428253448e4d5fc4e185310f74f7f736f39ebc824a71e6b4c7d486e3459e93297dfc97c414a334d442696fb9a897ece5466e996ee679f1f98717cf00a0706cf986f552dd80ee2cdea555aa6d53f059a3a46043d6e8881e29a1391393ac61ab086978fa29cf3e0974b42b0cfb465c57aa96231b9bf3704bdf2bc1839279f996bd75adb4f760efea26c770480fe40b33e3df8e183ed48fd8aefae547a80a215f0a816b59935e3dd3a5bb5b7a0d31901ba9f7aaa2df28dfa2628da868b681bf154baa102210606f814eb6c19694a5e39509db19cc3041753c59c74729a9a084fe58e6c9283d22112ea40a1f0bf7b13c33452c4c98621117b6ee194520df65bc02eadc83709063eb2073279c6789794e9f681a35f3e5e9cdcf831f511e7aec71b24e36aa3703bdc67e3f60b922a9bc31cd07abadd7fcf44eb104998390f6d9e8f0f8ff0bf031d9eb09b3a1d6b1293ca095daab2d7c25985a288c02e5a36ef0b7a532c09484bb5f83581c972b5915ae9666e516dda911df2723fdae3cf25206fd75e84923643295232b7b979bf8f483b88b0838f3d3ba15d84da285cef436d38d4e96455450fe851161433d9a1e0e5f7ddd045c263e408ebcdc743fc9996d9d7b94734e18cfe69f438799fbde4cf280621058f248084f7ed7bbba5a4160906a4b420d13628be735052608e66d02b1f56833ed96951a3edd3e154a14bc21a01884c933f1008f6373b153a9fb41e1b3ea44a70a39258d79b4e333c2a2a05c56c6a159b2734a4e929e6f66cce1670418d464d072d31433145c8d46d3b289c74ea577569451b301aade7be7095fe42cc201c7f82cc1164c4bc76220daa750d750e2776ad85dfe710a73f71f091134f51766e7ee98d17d17ce2d453820f11e0e9eb342bfe3e1ada1beb513fc65661df59beaf2e3bc56e391", 0x390}, {0x0}], 0x3}, 0x40100)

4m54.512297095s ago: executing program 8 (id=577):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
openat$tun(0xffffffffffffff9c, 0x0, 0x20702, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)

4m53.560711974s ago: executing program 38 (id=577):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
openat$tun(0xffffffffffffff9c, 0x0, 0x20702, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)

6.873867897s ago: executing program 7 (id=1876):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
r1 = socket(0x1e, 0x805, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r6}, 0x10)
sendmsg$nl_route(r5, 0x0, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@id, 0x10)

5.852899116s ago: executing program 7 (id=1878):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)=@generic={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b000000050000000200000002000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYRES32=r1], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000280)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000040)='cubic', 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0x200000, 0x0, 0x0, 0xffffffff, 0x8003}}}}]}, 0x4c}}, 0x0)
sendto$inet(r2, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12)
recvfrom$inet(r2, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
ioctl$VT_RESIZE(r0, 0x5609, &(0x7f00000015c0)={0xf, 0xffff, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
write(0xffffffffffffffff, &(0x7f0000000040)="1c0000001a009b8a14e5f40700426e2400000000ff20000000000000", 0x23)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

5.6811292s ago: executing program 3 (id=1882):
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x00\x00\x00dn\x00\x00\x00', 0x0)
r3 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r3, 0x29, 0x39, 0x0, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback, 0x3}, 0x31)
sendmmsg$inet6(r3, &(0x7f0000002940), 0x40000000000017d, 0x811)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x53, 0x202, 0x1, 0xc})
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x7, 0x81, 0x0, 0x0)
sendto$inet6(r5, &(0x7f0000000180), 0x0, 0x40d4, &(0x7f0000000140)={0xa, 0x4e23, 0x4, @loopback, 0xffffffff}, 0x1c)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r6, 0x40045564, 0x3)
ioctl$UI_SET_ABSBIT(r6, 0x40045567, 0x0)
write$uinput_user_dev(r6, &(0x7f0000000ec0)={'syz0\x00', {}, 0x0, [0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d52c0], [0x0, 0x0, 0x2, 0xb16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0xf, 0x0, 0x2, 0x0, 0x0, 0x1, 0xfffffffe, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x8], [0x8000002, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x3, 0xe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4], [0x0, 0x0, 0xfffffffc, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x3, 0x1, 0x0, 0xe, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
ioctl$UI_DEV_CREATE(r6, 0x5501)

5.65014362s ago: executing program 9 (id=1883):
r0 = socket(0x200000100000011, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0\x00'})
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000240)={'batadv0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

5.436317654s ago: executing program 9 (id=1885):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYBLOB="e803121713e6db24ff9a83a4f0a8fc3f9ba24796c770589a71500ccecf6424b230cc0c5a00ddc0d7a056a77fe165e0cefd", @ANYRES64=0x0], 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0xc}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7b}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)

5.13912017s ago: executing program 9 (id=1887):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x34, r6, 0x1, 0x270bd2c, 0x5, {0x5}, [@L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaac}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0xe, &(0x7f0000000400)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), 0xffffffffffffffff)
write(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYRES32=0x1, @ANYBLOB="0400"/20, @ANYRES32, @ANYBLOB], 0x50)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="c40000001900674c0000000000000000fc000000000000000000000000000002e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="01000000000001000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000a0010000100"/120], 0xc4}}, 0x4c050)
r9 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r9, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0)

4.563597161s ago: executing program 7 (id=1889):
syz_usb_connect(0x2, 0x24, &(0x7f0000000100)=ANY=[], 0x0)
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x80402)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000340)={&(0x7f0000006080)=[{0x3, 0x9001, 0x0, 0x0}], 0x1})

3.63263932s ago: executing program 0 (id=1890):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00, 0x3, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)

3.517562041s ago: executing program 7 (id=1891):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x5031, 0xffffffffffffffff, 0xc2dcc000)
socket$packet(0x11, 0x3, 0x300)
futex(&(0x7f0000000040)=0x2, 0xb, 0x2, 0x0, &(0x7f0000000100)=0x1, 0x2)
r1 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = eventfd(0x3)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f00000003c0)={0xb03, 0x3000, 0x0, r2, 0x4})
close(r1)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x6c304000)
futex(&(0x7f0000000040)=0x1, 0x1, 0x0, &(0x7f0000000180)={0x77359400}, 0x0, 0x1)

3.422506334s ago: executing program 0 (id=1892):
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000140), 0x12)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r0, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000140)=ANY=[], 0xfffffdef)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001a80)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r3=>0xffffffffffffffff})
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x2, 0xf, &(0x7f0000000cc0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xe}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000d80)='syzkaller\x00', 0x6, 0xa6, &(0x7f0000000dc0)=""/166, 0x41100, 0x8, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x8, &(0x7f0000000f40)={0x7, 0x3}, 0x8, 0x10, &(0x7f0000000f80)={0x5, 0xe, 0x3ff, 0x8}, 0x10}, 0x94)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000c80)={@map=r0, r2, 0x13, 0x2010}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000880)='blkio.bfq.io_merged\x00', 0x100002, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc)

2.56405566s ago: executing program 3 (id=1893):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010018000000000000001c5e848008"], 0x0, 0x36}, 0x28)

2.481611602s ago: executing program 7 (id=1894):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000840)={@val={0x8, 0x800}, @val={0x6, 0x0, 0x6, 0x0, 0x14}, @ipv4=@generic={{0x5, 0x4, 0x2, 0x2, 0x14, 0x66, 0x0, 0xb, 0x89, 0x0, @rand_addr=0x64010102, @broadcast}}}, 0x22)

2.442423532s ago: executing program 0 (id=1895):
r0 = socket(0x200000100000011, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0\x00'})
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000240)={'batadv0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

2.329693035s ago: executing program 3 (id=1896):
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x80942, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="000000000000000044001200000034000280080003"], 0x64}}, 0x4000000)
open(&(0x7f00000000c0)='./bus\x00', 0x155c7c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
accept4(0xffffffffffffffff, 0x0, &(0x7f00000000c0), 0x80800)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x44}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.212306447s ago: executing program 0 (id=1897):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x9, 0x4, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
setsockopt$sock_attach_bpf(r0, 0x1, 0xf, &(0x7f0000000040)=r3, 0x4)

2.061623239s ago: executing program 3 (id=1898):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0xa, &(0x7f0000000180), 0x4)
recvmsg$unix(r0, &(0x7f00000017c0)={0x0, 0x0, 0x0}, 0x2121)

2.016424361s ago: executing program 6 (id=1899):
r0 = dup(0xffffffffffffffff)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(r0, &(0x7f0000000240)={'#! ', './file1', [{0x20, '\xd3\xf0@\x8bt\xcc\xd3\x1ah\xbe\x80\xd1\xac/\x99u\x7f\x92^?\x82\x98\x04D\x059\x9b\xf2.\xe9C\x99\rg\xd39\xbf\x177H\"\xc7vB5\x8f\xf8\f\xa4\xc7\xecEk\xa1\xf7\xb5\x04>$|\x99\xaf\xd8g\f\x00I\xc8\x93\xf2\xafI\xb0\xd02\x99\x87\xf3n\x81@KqE\x8a\x7f\xf7\xa7J\x9a\x93;\xc4\xa0\xf6\x8f\x05\xbf7\xb9\xba\xdb\xdaE\xffS\x9f\xdeC\x875:\xb6\xcb*\x02y4A\xdb\xbc\xff9\xe9\xa1\x97\xbd\xd9\xd90c\x17\x8c=E\xc1,\xea\xde\x98\x01p\xb5j6\xca\xc2\"B\x00\xba\xe9-\xd8Z\x8a0\xd8\x8a\xc3Y|\xb9\xcf\xa7b'}], 0xa, "63c39ca527956af877b295954bf0e0b3752a"}, 0xc4)
r1 = socket(0xa, 0x3, 0xff)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty, 0x4000002}, 0x1c)
syz_emit_ethernet(0x6e, &(0x7f00000001c0)={@random="cfb14e407d33", @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x9, 0x6, 'z&-', 0x38, 0x3a, 0xfe, @local, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x8001, {0x2, 0x6, "081331", 0x9, 0xff, 0x0, @loopback, @loopback, [@fragment={0x3b, 0x0, 0xa, 0x0, 0x0, 0x3, 0x65}]}}}}}}}, 0x0)

1.941352212s ago: executing program 0 (id=1900):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
r1 = socket(0x1e, 0x805, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r6}, 0x10)
sendmsg$nl_route(r5, 0x0, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@id, 0x10)

1.857561704s ago: executing program 3 (id=1901):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x6}, 0x1c)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
listen(r0, 0x3)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f00000002c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0xf, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000180)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x2, 0x0, 0x0, 0x1000, {[@timestamp={0x8, 0xa, 0x4, 0xf5}]}}}}}}}, 0x0)

1.619279078s ago: executing program 3 (id=1902):
syz_usb_connect(0x2, 0x24, &(0x7f0000000100)=ANY=[], 0x0)
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x80402)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000340)={&(0x7f0000006080)=[{0x3, 0x9001, 0x0, 0x0}], 0x1})

1.261536555s ago: executing program 6 (id=1903):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000ff0d1400bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r0, 0x2000012, 0xe, 0x0, &(0x7f0000000080)="8236fca008874827ccf1c8ed1e1f", 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

857.344503ms ago: executing program 0 (id=1904):
socket$igmp6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x00\x00\x00dn\x00\x00\x00', 0x0)
r3 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r3, 0x29, 0x39, 0x0, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback, 0x3}, 0x31)
sendmmsg$inet6(r3, &(0x7f0000002940), 0x40000000000017d, 0x811)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x53, 0x202, 0x1, 0xc})
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x7, 0x81, 0x0, 0x0)
sendto$inet6(r5, &(0x7f0000000180), 0x0, 0x40d4, &(0x7f0000000140)={0xa, 0x4e23, 0x4, @loopback, 0xffffffff}, 0x1c)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r6, 0x40045564, 0x3)
ioctl$UI_SET_ABSBIT(r6, 0x40045567, 0x0)
write$uinput_user_dev(r6, &(0x7f0000000ec0)={'syz0\x00', {}, 0x0, [0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d52c0], [0x0, 0x0, 0x2, 0xb16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0xf, 0x0, 0x2, 0x0, 0x0, 0x1, 0xfffffffe, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x8], [0x8000002, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x3, 0xe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4], [0x0, 0x0, 0xfffffffc, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x3, 0x1, 0x0, 0xe, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
ioctl$UI_DEV_CREATE(r6, 0x5501)

745.678345ms ago: executing program 7 (id=1905):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x5031, 0xffffffffffffffff, 0xc2dcc000)
socket$packet(0x11, 0x3, 0x300)
futex(&(0x7f0000000040)=0x2, 0xb, 0x2, 0x0, &(0x7f0000000100)=0x1, 0x2)
r1 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = eventfd(0x3)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f00000003c0)={0xb03, 0x3000, 0x0, r2, 0x4})
close(r1)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x6c304000)
futex(&(0x7f0000000040)=0x1, 0x1, 0x0, &(0x7f0000000180)={0x77359400}, 0x0, 0x1)

745.428635ms ago: executing program 6 (id=1906):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x4, 0x7, 0x5}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x37)

608.448418ms ago: executing program 9 (id=1907):
r0 = socket(0x200000100000011, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0\x00'})
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000240)={'batadv0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000008c0)}, 0x0)

475.81948ms ago: executing program 9 (id=1908):
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x80942, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="000000000000000044001200000034000280080003"], 0x64}}, 0x4000000)
open(&(0x7f00000000c0)='./bus\x00', 0x155c7c, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
accept4(0xffffffffffffffff, 0x0, &(0x7f00000000c0), 0x80800)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x44}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

429.628621ms ago: executing program 6 (id=1909):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
openat$tun(0xffffffffffffff9c, 0x0, 0x10800, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000200)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000000)={'c', ' *:* ', 'w\x00'}, 0x8)

173.432796ms ago: executing program 6 (id=1910):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="c40000001900674c0000000004000000fc000000000000000000000000000002e000000200000000000000000000000000000000000000000200200000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0100000000000000000000000000000000000000000000000000000000000000000000400000000000008000000000000000000000000000fcffffffffffffff0000000000000000020000000002000000000000000000000000000000000000000400000000000000000000000000000a001000"], 0xc4}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000700)=@updpolicy={0xb8, 0x15, 0x1, 0x0, 0x25dfdbfd, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x4e23, 0xfffc, 0xa, 0x10, 0x0, 0x33}, {0x8, 0x1, 0x0, 0x0, 0x0, 0x950, 0xffffffff, 0xffffffffffffffff}, {0x0, 0xfffffffffffffffa, 0xbc89, 0x3}, 0x4, 0x6e6bb5, 0x1, 0x1, 0x0, 0x3}}, 0xb8}, 0x1, 0x0, 0x0, 0x2000c810}, 0x4)

56.132749ms ago: executing program 9 (id=1911):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x51, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

0s ago: executing program 6 (id=1912):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0xa, 0x4, 0xfff, 0x7, 0x88, 0xffffffffffffffff, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc)

kernel console output (not intermixed with test programs):

1] usb 8-1: Product: syz
[  139.589452][ T4341] usb 8-1: Manufacturer: syz
[  139.599834][ T4341] usb 8-1: SerialNumber: syz
[  140.394691][ T4341] snd-usb-audio: probe of 8-1:222.0 failed with error -2
[  140.402766][ T5844] device pim6reg1 entered promiscuous mode
[  140.479401][ T4258] udevd[4258]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:222.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  140.518557][ T4341] usb 8-1: USB disconnect, device number 2
[  140.740116][ T5850] netlink: 8 bytes leftover after parsing attributes in process `syz.6.389'.
[  141.701994][   T26] audit: type=1326 audit(1759309772.414:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5852 comm="syz.3.388" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f280e38eec9 code=0x0
[  143.833143][ T5882] netlink: 12 bytes leftover after parsing attributes in process `syz.9.395'.
[  144.493508][ T5888] netlink: 8 bytes leftover after parsing attributes in process `syz.7.400'.
[  145.290037][ T5881] loop6: detected capacity change from 0 to 40427
[  145.386772][ T5881] F2FS-fs (loop6): Mismatch start address, segment0(0) cp_blkaddr(512)
[  145.434596][ T5881] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  145.462762][ T5881] F2FS-fs (loop6): Unrecognized mount option "no�uota" or missing value
[  145.751255][ T5902] input: syz1 as /devices/virtual/input/input15
[  146.664414][ T5906] input: syz0 as /devices/virtual/input/input16
[  147.383871][ T5920] netlink: 68 bytes leftover after parsing attributes in process `syz.3.410'.
[  147.524369][ T5922] loop6: detected capacity change from 0 to 256
[  147.551658][ T5922] =======================================================
[  147.551658][ T5922] WARNING: The mand mount option has been deprecated and
[  147.551658][ T5922]          and is ignored by this kernel. Remove the mand
[  147.551658][ T5922]          option from the mount to silence this warning.
[  147.551658][ T5922] =======================================================
[  147.632578][ T5922] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  151.333598][ T5982] input: syz0 as /devices/virtual/input/input17
[  152.736164][ T6013] hub 2-0:1.0: USB hub found
[  152.743432][ T6013] hub 2-0:1.0: 1 port detected
[  154.169459][ T6032] tipc: Started in network mode
[  154.220705][ T6032] tipc: Node identity ac1414aa, cluster identity 4711
[  154.270548][ T6032] tipc: New replicast peer: 100.1.1.1
[  154.283798][ T6032] tipc: Enabled bearer <udp:syz2>, priority 10
[  154.322283][ T6037] 8021q: VLANs not supported on caif0
[  154.561351][ T6042] hub 9-0:1.0: USB hub found
[  154.566703][ T6042] hub 9-0:1.0: 1 port detected
[  155.413218][ T4341] tipc: Node number set to 2886997162
[  155.445240][ T6039] input: syz0 as /devices/virtual/input/input18
[  155.919967][ T6048] netlink: 12 bytes leftover after parsing attributes in process `syz.7.455'.
[  156.248072][ T6061] loop6: detected capacity change from 0 to 128
[  156.342968][ T6061] FAT-fs (loop6): Unrecognized mount option "gid=0xffffffffffffffffέ҂��PP�Ր�L�I��7Ȓ��O��u���صf��O���Ɓ��V���'��6�y�b��u�U��`=\)`�N^�{$���*A�pg�?}�4@v." or missing value
[  156.676367][ T6063] netlink: 8 bytes leftover after parsing attributes in process `syz.3.462'.
[  156.994779][ T6070] Bluetooth: MGMT ver 1.22
[  157.153695][ T6070] loop9: detected capacity change from 0 to 512
[  157.182230][ T6070] FAT-fs (loop9): Unrecognized mount option "flush<quiet" or missing value
[  158.147651][ T6093] netlink: 8 bytes leftover after parsing attributes in process `syz.6.476'.
[  158.217636][ T6096] netlink: 8 bytes leftover after parsing attributes in process `syz.7.477'.
[  158.306933][ T6099] device geneve2 entered promiscuous mode
[  158.751467][ T6110] loop7: detected capacity change from 0 to 256
[  158.766090][ T6110] FAT-fs (loop7): Unrecognized mount option "" or missing value
[  159.041896][   T47] Bluetooth: hci0: command 0x1407 tx timeout
[  159.048672][ T4267] Bluetooth: hci0: Opcode 0x1407 failed: -110
[  159.871627][ T6113] netlink: 8 bytes leftover after parsing attributes in process `syz.9.481'.
[  160.441750][    C0] sched: RT throttling activated
[  162.956415][ T6160] netlink: 148 bytes leftover after parsing attributes in process `syz.8.500'.
[  164.084150][ T6173] netlink: 28 bytes leftover after parsing attributes in process `syz.6.503'.
[  164.368375][ T6178] netlink: 16 bytes leftover after parsing attributes in process `syz.6.506'.
[  164.649841][ T4281] Bluetooth: hci2: link tx timeout
[  164.655574][ T4281] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  164.885814][ T6165] loop9: detected capacity change from 0 to 40427
[  164.970502][ T6165] F2FS-fs (loop9): invalid crc value
[  165.186992][ T6165] F2FS-fs (loop9): Found nat_bits in checkpoint
[  165.201796][ T6201] netlink: 8 bytes leftover after parsing attributes in process `syz.6.516'.
[  165.903258][ T6165] F2FS-fs (loop9): Start checkpoint disabled!
[  166.038867][ T6165] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[  166.458135][ T6221] netlink: 16 bytes leftover after parsing attributes in process `syz.6.520'.
[  166.702863][ T4281] Bluetooth: hci2: command 0x0406 tx timeout
[  168.322326][ T6247] netlink: 160 bytes leftover after parsing attributes in process `syz.6.530'.
[  168.534462][ T4387] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  168.769915][ T4387] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  168.788601][ T4387] usb 10-1: config 0 has no interface number 0
[  168.819766][ T6255] loop3: detected capacity change from 0 to 512
[  169.871408][ T6255] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  171.573988][ T6255] EXT4-fs (loop3): 1 orphan inode deleted
[  171.579762][ T6255] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  171.589490][ T6255] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.811833][ T4387] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  171.838536][ T4387] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  171.851654][ T4387] usb 10-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  171.960734][ T4387] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.000551][ T5460] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  172.017685][ T5460] EXT4-fs error (device loop3): ext4_release_dquot:6852: comm kworker/u4:23: Failed to release dquot type 1
[  172.035513][ T5007] EXT4-fs (loop3): unmounting filesystem.
[  172.132908][ T4387] usb 10-1: config 0 descriptor??
[  172.156962][ T4387] usb 10-1: can't set config #0, error -71
[  172.184965][ T4387] usb 10-1: USB disconnect, device number 2
[  172.258747][ T6265] netlink: 8 bytes leftover after parsing attributes in process `syz.6.537'.
[  173.343512][ T6281] input: syz1 as /devices/virtual/input/input19
[  175.111186][ T6290] 8021q: VLANs not supported on caif0
[  175.271823][ T6295] netlink: 16 bytes leftover after parsing attributes in process `syz.7.546'.
[  175.419964][ T6302] netlink: 116 bytes leftover after parsing attributes in process `syz.9.550'.
[  175.667998][ T6314] loop8: detected capacity change from 0 to 512
[  175.678006][ T6314] EXT4-fs: Ignoring removed i_version option
[  175.935061][ T6314] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=e000c018, mo2=0002]
[  175.943529][ T6314] System zones: 0-2, 18-18, 34-35
[  176.016748][ T6314] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  176.026080][ T6314] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  177.770896][ T6329] bridge0: port 3(gretap0) entered blocking state
[  177.777730][ T6329] bridge0: port 3(gretap0) entered disabled state
[  177.791897][ T6329] device gretap0 entered promiscuous mode
[  177.799558][ T6329] bridge0: port 3(gretap0) entered blocking state
[  177.806088][ T6329] bridge0: port 3(gretap0) entered forwarding state
[  178.864948][ T4769] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  178.919044][ T4769] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  178.950581][ T4769] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  178.972581][ T4769] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  179.006633][ T4769] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  179.049175][ T4769] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  179.060712][ T4769] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  179.097567][ T4769] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  179.119274][ T4769] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  179.159306][ T4769] EXT4-fs error (device loop8): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  180.989992][ T6367] loop9: detected capacity change from 0 to 1024
[  181.019168][ T6367] ext3: Unknown parameter 'noacl'
[  181.247421][ T6372] netlink: 116 bytes leftover after parsing attributes in process `syz.6.572'.
[  181.269221][ T4769] EXT4-fs (loop8): unmounting filesystem.
[  181.415559][ T5460] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.240169][ T5460] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.679024][ T5460] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.031332][ T5460] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.117140][ T6402] input: syz0 as /devices/virtual/input/input20
[  183.771701][ T6417] loop9: detected capacity change from 0 to 4096
[  183.810385][ T6417] EXT4-fs (loop9): Test dummy encryption mode enabled
[  183.926862][ T6417] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  184.487700][ T4267] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  184.612099][ T4267] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  184.619847][ T4267] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  184.629693][ T4267] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  184.637291][ T4267] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  184.644905][   T47] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  184.702246][ T6425] lo speed is unknown, defaulting to 1000
[  184.948444][ T6428] fscrypt (loop9): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  185.072579][ T4849] EXT4-fs (loop9): unmounting filesystem.
[  185.112082][ T4796] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  185.292907][ T6446] netlink: 116 bytes leftover after parsing attributes in process `syz.9.591'.
[  185.395273][ T4796] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  185.395326][ T4796] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 33540, setting to 1024
[  185.395351][ T4796] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  185.395384][ T4796] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  185.395406][ T4796] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.397031][ T4796] usb 7-1: config 0 descriptor??
[  185.407652][ T6425] chnl_net:caif_netlink_parms(): no params data found
[  185.996928][ T4796] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving
[  186.218286][ T4796] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  186.240237][ T4796] usb 7-1: USB disconnect, device number 2
[  186.333076][ T6464] netlink: 12 bytes leftover after parsing attributes in process `syz.9.596'.
[  186.406928][ T5460] device hsr_slave_0 left promiscuous mode
[  186.425634][ T5460] device hsr_slave_1 left promiscuous mode
[  186.429674][ T6469] fido_id[6469]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  186.451053][ T5460] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  186.490317][ T5460] batman_adv: batadv0: Removing interface: batadv_slave_0
[  186.642123][ T5460] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  186.660768][ T5460] batman_adv: batadv0: Removing interface: batadv_slave_1
[  186.679653][ T5460] device bridge_slave_1 left promiscuous mode
[  186.686193][ T5460] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.702296][ T4267] Bluetooth: hci3: command 0x0409 tx timeout
[  186.710423][ T5460] device bridge_slave_0 left promiscuous mode
[  186.728569][ T5460] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.768482][ T5460] device veth1_macvtap left promiscuous mode
[  187.405494][ T5460] device veth0_macvtap left promiscuous mode
[  187.421704][ T5460] device veth1_vlan left promiscuous mode
[  187.429714][ T5460] device veth0_vlan left promiscuous mode
[  188.257192][ T6490] netlink: 116 bytes leftover after parsing attributes in process `syz.7.605'.
[  188.457208][ T6488] input: syz0 as /devices/virtual/input/input21
[  188.784248][ T4267] Bluetooth: hci3: command 0x041b tx timeout
[  189.287436][ T5460] team0 (unregistering): Port device team_slave_1 removed
[  189.389500][ T5460] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  189.460590][ T5460] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  189.867791][ T5460] bond0 (unregistering): Released all slaves
[  190.021268][ T6480] netlink: 8 bytes leftover after parsing attributes in process `syz.6.601'.
[  190.041191][ T6425] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.058584][ T6425] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.087137][ T6425] device bridge_slave_0 entered promiscuous mode
[  190.105735][ T6425] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.113077][ T6425] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.143048][ T6425] device bridge_slave_1 entered promiscuous mode
[  190.194205][ T6425] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  190.218099][   T26] audit: type=1326 audit(1759309821.114:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6502 comm="syz.7.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  190.221980][ T6425] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  190.240107][    C1] vkms_vblank_simulate: vblank timer overrun
[  190.289447][   T26] audit: type=1326 audit(1759309821.134:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6502 comm="syz.7.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  190.350227][   T26] audit: type=1326 audit(1759309821.144:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6502 comm="syz.7.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  190.372263][    C1] vkms_vblank_simulate: vblank timer overrun
[  190.385468][ T6425] team0: Port device team_slave_0 added
[  190.419380][   T26] audit: type=1326 audit(1759309821.144:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6502 comm="syz.7.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  190.423563][ T6425] team0: Port device team_slave_1 added
[  190.441391][    C1] vkms_vblank_simulate: vblank timer overrun
[  190.549377][   T26] audit: type=1326 audit(1759309821.154:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6502 comm="syz.7.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  190.599006][   T26] audit: type=1326 audit(1759309821.154:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6502 comm="syz.7.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  190.661423][ T6425] batman_adv: batadv0: Adding interface: batadv_slave_0
[  190.677610][   T26] audit: type=1326 audit(1759309821.154:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6502 comm="syz.7.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  190.691928][ T6425] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  190.759374][   T26] audit: type=1326 audit(1759309821.154:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6502 comm="syz.7.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  190.788082][   T26] audit: type=1326 audit(1759309821.294:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6502 comm="syz.7.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  190.811820][ T6425] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  190.861909][ T4267] Bluetooth: hci3: command 0x040f tx timeout
[  190.903170][   T26] audit: type=1326 audit(1759309821.294:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6502 comm="syz.7.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  190.980516][ T6425] batman_adv: batadv0: Adding interface: batadv_slave_1
[  191.621754][ T6425] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.959771][ T6518] overlayfs: failed to clone upperpath
[  191.963487][ T6425] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  192.079918][ T6425] device hsr_slave_0 entered promiscuous mode
[  192.092006][ T6425] device hsr_slave_1 entered promiscuous mode
[  192.094091][ T6425] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  192.094111][ T6425] Cannot create hsr debugfs directory
[  192.545777][ T6531] netlink: 116 bytes leftover after parsing attributes in process `syz.6.617'.
[  192.942564][ T4267] Bluetooth: hci3: command 0x0419 tx timeout
[  193.393330][ T6425] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  193.449099][ T6425] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  193.484580][ T6425] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  193.513102][ T6425] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  193.909152][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  194.701332][ T6425] 8021q: adding VLAN 0 to HW filter on device bond0
[  194.765576][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  194.850553][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  194.969043][ T6577] loop9: detected capacity change from 0 to 512
[  195.149684][ T6425] 8021q: adding VLAN 0 to HW filter on device team0
[  195.319412][ T6577] EXT4-fs (loop9): 1 orphan inode deleted
[  195.325308][ T6577] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback.
[  195.339318][ T6577] ext4 filesystem being mounted at /105/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  195.442848][ T6577] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  195.837312][ T6425] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  195.911822][ T6425] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  196.178814][   T26] audit: type=1326 audit(1759309827.044:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6584 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f280e38eec9 code=0x7ffc0000
[  196.731999][ T5439] Quota error (device loop9): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  196.977573][   T26] audit: type=1326 audit(1759309827.044:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6584 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f280e38eec9 code=0x7ffc0000
[  197.038823][ T5439] EXT4-fs error (device loop9): ext4_release_dquot:6852: comm kworker/u4:13: Failed to release dquot type 1
[  197.131908][   T26] audit: type=1326 audit(1759309827.044:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6584 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f280e38eec9 code=0x7ffc0000
[  197.177990][ T6591] netlink: 16 bytes leftover after parsing attributes in process `syz.6.629'.
[  197.250062][   T26] audit: type=1326 audit(1759309827.044:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6584 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f280e38eec9 code=0x7ffc0000
[  197.261158][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  197.281496][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  197.292050][ T4663] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.299146][ T4663] bridge0: port 1(bridge_slave_0) entered forwarding state
[  197.307559][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  197.311244][ T4849] EXT4-fs (loop9): unmounting filesystem.
[  197.321780][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  197.342553][ T4663] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.349652][ T4663] bridge0: port 2(bridge_slave_1) entered forwarding state
[  197.358787][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  197.367390][   T26] audit: type=1326 audit(1759309827.044:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6584 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f280e38eec9 code=0x7ffc0000
[  197.423685][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  197.442731][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  197.461933][   T26] audit: type=1326 audit(1759309827.054:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6584 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f280e38eec9 code=0x7ffc0000
[  197.505589][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  197.511125][ T6598] loop6: detected capacity change from 0 to 1024
[  197.532541][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  197.541435][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  197.554671][   T26] audit: type=1326 audit(1759309827.054:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6584 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f280e38eec9 code=0x7ffc0000
[  197.623156][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  197.639893][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  197.651235][   T26] audit: type=1326 audit(1759309827.054:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6584 comm="syz.3.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f280e38eec9 code=0x7ffc0000
[  197.827473][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  197.884921][ T6598] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  197.997038][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  198.207542][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  198.265149][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  198.291459][ T4663] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  198.331814][ T4689] EXT4-fs (loop6): unmounting filesystem.
[  198.742519][ T6614] netlink: 12 bytes leftover after parsing attributes in process `syz.9.635'.
[  199.001343][ T6625] device syzkaller0 entered promiscuous mode
[  199.030978][ T5432] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  199.056097][ T5432] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  201.292885][ T6425] 8021q: adding VLAN 0 to HW filter on device batadv0
[  201.392695][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  201.409046][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  201.512900][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  201.525823][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  201.565682][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  201.585260][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  201.605483][ T6425] device veth0_vlan entered promiscuous mode
[  201.795866][ T6425] device veth1_vlan entered promiscuous mode
[  201.813103][ T6660] netlink: 'syz.9.649': attribute type 1 has an invalid length.
[  201.842909][ T6660] 8021q: adding VLAN 0 to HW filter on device bond1
[  201.940034][ T6660] bond1: (slave ip6erspan0): making interface the new active one
[  201.961607][ T6660] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link
[  202.040440][ T4957] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  202.176238][ T4957] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  202.378998][ T4957] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  202.427339][ T4957] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  202.465027][ T4957] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  202.525052][ T6666] netlink: 8 bytes leftover after parsing attributes in process `syz.6.650'.
[  202.539435][ T6425] device veth0_macvtap entered promiscuous mode
[  202.556126][ T6425] device veth1_macvtap entered promiscuous mode
[  202.583333][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.604052][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.612105][ T6670] loop9: detected capacity change from 0 to 256
[  202.624288][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.651188][ T6670] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d)
[  202.656349][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.717949][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.767531][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.815763][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.841779][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.851610][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  202.862120][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.873487][ T6425] batman_adv: batadv0: Interface activated: batadv_slave_0
[  202.885164][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.895657][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  202.926012][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  202.964210][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.025911][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.071415][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.104579][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.141925][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.177064][ T6425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  203.217287][ T6425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  203.275879][ T6425] batman_adv: batadv0: Interface activated: batadv_slave_1
[  203.297022][ T5439] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  203.310754][ T5439] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  203.334194][ T5439] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  203.355883][ T5439] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  203.387695][ T6425] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  203.408190][ T6425] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  203.461761][ T6425] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  203.497229][ T6425] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  204.276005][ T6698] netlink: 8 bytes leftover after parsing attributes in process `syz.6.658'.
[  204.511431][   T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.559178][ T5452] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.589057][ T5452] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.627878][   T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.699965][ T4957] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  204.711131][ T4957] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.743746][   T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.789786][ T4957] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.816241][ T4957] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  204.924562][   T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.981948][ T6713] netlink: 'syz.3.662': attribute type 1 has an invalid length.
[  205.097373][ T6713] 8021q: adding VLAN 0 to HW filter on device bond1
[  205.190981][ T6716] bond1: (slave ip6erspan0): making interface the new active one
[  205.276032][ T6716] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link
[  205.334253][ T4957] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  205.548782][   T11] tipc: Left network mode
[  206.119189][ T6725] 8021q: VLANs not supported on caif0
[  206.374792][ T6732] netlink: 8 bytes leftover after parsing attributes in process `syz.7.667'.
[  207.738871][ T6750] loop6: detected capacity change from 0 to 128
[  207.782441][ T6750] EXT4-fs: Ignoring removed nobh option
[  207.835782][ T6750] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  207.847671][ T6752] netlink: 8 bytes leftover after parsing attributes in process `syz.7.669'.
[  207.867012][ T6750] ext4 filesystem being mounted at /137/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  208.018090][ T6752] device dummy0 entered promiscuous mode
[  208.058507][ T6752] device dummy0 left promiscuous mode
[  208.243084][   T11] device hsr_slave_0 left promiscuous mode
[  208.311143][ T6760] overlayfs: missing 'lowerdir'
[  208.322360][   T11] device hsr_slave_1 left promiscuous mode
[  208.338462][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  208.390722][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  208.650083][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  208.753116][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  208.869787][   T11] device bridge_slave_1 left promiscuous mode
[  208.932068][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.002065][   T11] device bridge_slave_0 left promiscuous mode
[  209.008328][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.395119][   T11] device veth1_macvtap left promiscuous mode
[  209.411734][   T11] device veth0_macvtap left promiscuous mode
[  209.650014][   T11] device veth1_vlan left promiscuous mode
[  209.773527][   T11] device veth0_vlan left promiscuous mode
[  209.993708][ T4689] EXT4-fs (loop6): unmounting filesystem.
[  210.118703][ T6776] netlink: 8 bytes leftover after parsing attributes in process `syz.0.679'.
[  210.527606][ T6788] syz.3.676[6788] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  210.527706][ T6788] syz.3.676[6788] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  211.285131][   T11] team0 (unregistering): Port device team_slave_1 removed
[  211.348007][ T4267] Bluetooth: hci4: command 0x0406 tx timeout
[  211.356816][   T11] team0 (unregistering): Port device team_slave_0 removed
[  211.398596][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  211.449725][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  211.944521][   T11] bond0 (unregistering): Released all slaves
[  212.057238][ T6772] lo speed is unknown, defaulting to 1000
[  212.189956][ T6788] kthread_run failed with err -4
[  212.197964][ T6799] netlink: 'syz.6.684': attribute type 1 has an invalid length.
[  212.581282][ T6809] netlink: 8 bytes leftover after parsing attributes in process `syz.9.686'.
[  214.614142][ T6828] lo speed is unknown, defaulting to 1000
[  215.661246][ T6845] netlink: 8 bytes leftover after parsing attributes in process `syz.3.698'.
[  215.770723][ T6848] netlink: 'syz.6.697': attribute type 1 has an invalid length.
[  215.828287][ T6846] netlink: 12 bytes leftover after parsing attributes in process `syz.9.696'.
[  215.915923][ T6848] 8021q: adding VLAN 0 to HW filter on device bond2
[  215.946481][ T6851] device geneve2 entered promiscuous mode
[  216.019861][ T6854] bond2: (slave ip6erspan0): making interface the new active one
[  216.036127][ T6854] bond2: (slave ip6erspan0): Enslaving as an active interface with an up link
[  216.070327][ T5432] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  216.621834][ T4281] Bluetooth: hci0: command 0x0406 tx timeout
[  216.871893][ T4387] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  217.160673][ T6881] loop0: detected capacity change from 0 to 512
[  217.203365][ T4387] usb 7-1: New USB device found, idVendor=1235, idProduct=0018, bcdDevice=f0.ee
[  217.221791][ T4387] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.307820][ T6881] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.707: casefold flag without casefold feature
[  217.335907][ T6881] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.707: couldn't read orphan inode 15 (err -117)
[  217.379591][ T6881] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  217.383327][ T4387] usb 7-1: config 0 descriptor??
[  217.398898][ T6881] overlayfs: missing 'lowerdir'
[  217.484008][ T4387] usb 7-1: selecting invalid altsetting 1
[  217.637593][ T4387] snd-usb-audio: probe of 7-1:0.0 failed with error -22
[  217.690214][ T4387] usb 7-1: USB disconnect, device number 3
[  217.974256][ T4258] udevd[4258]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  218.894943][ T6896] netlink: 8 bytes leftover after parsing attributes in process `syz.7.710'.
[  218.958583][ T6896] device team0 entered promiscuous mode
[  219.022218][ T6896] device team_slave_0 entered promiscuous mode
[  219.047287][ T6896] device team_slave_1 entered promiscuous mode
[  219.093010][ T6896] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  219.104299][ T6425] EXT4-fs (loop0): unmounting filesystem.
[  219.138142][ T6896] device team0 left promiscuous mode
[  219.169853][ T6896] device team_slave_0 left promiscuous mode
[  219.211927][ T6896] device team_slave_1 left promiscuous mode
[  219.320493][ T6908] input: syz1 as /devices/virtual/input/input22
[  221.814655][ T4267] Bluetooth: hci1: command 0x0406 tx timeout
[  221.853572][ T6913] loop6: detected capacity change from 0 to 512
[  221.906303][ T6913] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  221.928721][ T6913] EXT4-fs (loop6): 1 truncate cleaned up
[  221.928747][ T6913] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  222.004300][ T6922] input: syz0 as /devices/virtual/input/input23
[  225.761003][ T4689] EXT4-fs (loop6): unmounting filesystem.
[  225.985631][ T6955] netlink: 8 bytes leftover after parsing attributes in process `syz.6.729'.
[  226.276642][ T6953] input: syz0 as /devices/virtual/input/input25
[  227.553143][ T6968] loop0: detected capacity change from 0 to 40427
[  227.597788][ T6968] F2FS-fs (loop0): invalid crc value
[  227.599247][ T6973] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  227.626681][ T6968] F2FS-fs (loop0): Found nat_bits in checkpoint
[  227.853788][ T6968] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  227.938976][ T6968] syz.0.732: attempt to access beyond end of device
[  227.938976][ T6968] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  228.478138][ T6982] input: syz0 as /devices/virtual/input/input26
[  231.363570][ T7010] lo speed is unknown, defaulting to 1000
[  232.602965][   T26] audit: type=1326 audit(1759309863.484:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7015 comm="syz.6.746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f204c78eec9 code=0x7ffc0000
[  233.085004][   T26] audit: type=1326 audit(1759309863.494:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7015 comm="syz.6.746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f204c78eec9 code=0x7ffc0000
[  233.151906][   T26] audit: type=1326 audit(1759309863.494:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7015 comm="syz.6.746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f204c78eec9 code=0x7ffc0000
[  233.236025][   T26] audit: type=1326 audit(1759309863.494:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7015 comm="syz.6.746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f204c78eec9 code=0x7ffc0000
[  233.239113][ T7021] usb usb5: usbfs: process 7021 (syz.3.750) did not claim interface 0 before use
[  233.263476][   T26] audit: type=1326 audit(1759309863.494:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7015 comm="syz.6.746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f204c78eec9 code=0x7ffc0000
[  233.310774][   T26] audit: type=1326 audit(1759309863.494:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7015 comm="syz.6.746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f204c78eec9 code=0x7ffc0000
[  234.571768][   T26] audit: type=1326 audit(1759309863.494:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7015 comm="syz.6.746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f204c78eec9 code=0x7ffc0000
[  234.845711][   T26] audit: type=1326 audit(1759309863.494:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7015 comm="syz.6.746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f204c78eec9 code=0x7ffc0000
[  234.912936][   T26] audit: type=1326 audit(1759309863.494:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7015 comm="syz.6.746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f204c78eec9 code=0x7ffc0000
[  235.064848][   T26] audit: type=1326 audit(1759309863.494:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7015 comm="syz.6.746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f204c78eec9 code=0x7ffc0000
[  236.657681][ T7055] netlink: 8 bytes leftover after parsing attributes in process `syz.9.759'.
[  236.792958][ T7062] device geneve2 entered promiscuous mode
[  239.010449][ T7067] loop0: detected capacity change from 0 to 40427
[  239.057573][ T7067] F2FS-fs (loop0): build fault injection attr: rate: 771, type: 0x3ffff
[  239.073170][ T7106] netlink: 'syz.6.778': attribute type 1 has an invalid length.
[  239.088674][ T7067] F2FS-fs (loop0): invalid crc value
[  239.097124][ T7067] F2FS-fs (loop0): Found nat_bits in checkpoint
[  239.144049][ T7067] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  239.148705][   T26] kauditd_printk_skb: 4 callbacks suppressed
[  239.148720][   T26] audit: type=1326 audit(1759309870.034:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7110 comm="syz.9.780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  239.207365][ T6425] syz-executor: attempt to access beyond end of device
[  239.207365][ T6425] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  239.240400][ T7106] 8021q: adding VLAN 0 to HW filter on device bond3
[  239.240573][   T26] audit: type=1800 audit(1759309870.054:36): pid=7067 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.764" name="file1" dev="loop0" ino=10 res=0 errno=0
[  239.361595][ T7107] 8021q: VLANs not supported on caif0
[  239.400193][   T26] audit: type=1326 audit(1759309870.074:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7110 comm="syz.9.780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  239.442825][   T26] audit: type=1326 audit(1759309870.074:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7110 comm="syz.9.780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  239.596786][   T26] audit: type=1326 audit(1759309870.074:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7110 comm="syz.9.780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  239.672989][   T26] audit: type=1326 audit(1759309870.074:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7110 comm="syz.9.780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  239.718351][ T7119] netlink: 8 bytes leftover after parsing attributes in process `syz.6.783'.
[  239.781374][   T26] audit: type=1326 audit(1759309870.074:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7110 comm="syz.9.780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  239.867357][   T26] audit: type=1326 audit(1759309870.074:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7110 comm="syz.9.780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  239.958993][   T26] audit: type=1326 audit(1759309870.084:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7110 comm="syz.9.780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  240.059648][   T26] audit: type=1326 audit(1759309870.084:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7110 comm="syz.9.780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  241.579207][ T7115] loop9: detected capacity change from 0 to 4096
[  241.600611][ T7115] EXT4-fs (loop9): Test dummy encryption mode enabled
[  241.672134][ T7141] hub 2-0:1.0: USB hub found
[  241.677121][ T7141] hub 2-0:1.0: 1 port detected
[  242.351883][ T7115] EXT4-fs: failed to create workqueue
[  242.408552][ T7115] EXT4-fs (loop9): mount failed
[  242.774749][ T7156] 8021q: VLANs not supported on caif0
[  242.803680][ T7157] loop3: detected capacity change from 0 to 512
[  245.636855][ T7157] EXT4-fs: error -4 creating inode table initialization thread
[  245.645131][ T7157] EXT4-fs (loop3): mount failed
[  245.992559][ T7165] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  247.031682][ T7167] loop9: detected capacity change from 0 to 256
[  248.273668][ T7171] netlink: 8 bytes leftover after parsing attributes in process `syz.6.796'.
[  248.541113][ T7182] netlink: 8 bytes leftover after parsing attributes in process `syz.0.798'.
[  248.665895][ T7191] device geneve2 entered promiscuous mode
[  249.235152][ T7201] 8021q: VLANs not supported on nlmon0
[  249.261112][ T7202] netlink: 16 bytes leftover after parsing attributes in process `syz.6.803'.
[  250.607093][ T7218] input: syz0 as /devices/virtual/input/input27
[  250.915622][ T7223] loop0: detected capacity change from 0 to 512
[  253.692119][ T7223] EXT4-fs: error -4 creating inode table initialization thread
[  253.692450][ T7223] EXT4-fs (loop0): mount failed
[  255.422484][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  258.241329][ T7278] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  259.682316][ T7279] netlink: 8 bytes leftover after parsing attributes in process `syz.6.828'.
[  259.794115][ T7286] netlink: 16 bytes leftover after parsing attributes in process `syz.0.829'.
[  259.938751][   T26] kauditd_printk_skb: 75 callbacks suppressed
[  259.938765][   T26] audit: type=1326 audit(1759309890.824:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7292 comm="syz.0.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  260.147053][   T26] audit: type=1326 audit(1759309890.864:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7292 comm="syz.0.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  260.260729][   T26] audit: type=1326 audit(1759309890.864:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7292 comm="syz.0.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  260.299191][   T26] audit: type=1326 audit(1759309890.874:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7292 comm="syz.0.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  260.322654][   T26] audit: type=1326 audit(1759309890.874:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7292 comm="syz.0.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  260.348603][   T26] audit: type=1326 audit(1759309890.874:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7292 comm="syz.0.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  260.378231][   T26] audit: type=1326 audit(1759309890.874:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7292 comm="syz.0.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  260.408932][   T26] audit: type=1326 audit(1759309890.874:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7292 comm="syz.0.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  260.436794][   T26] audit: type=1326 audit(1759309890.874:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7292 comm="syz.0.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  260.468889][   T26] audit: type=1326 audit(1759309890.874:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7292 comm="syz.0.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  261.675511][ T7315] netlink: 116 bytes leftover after parsing attributes in process `syz.0.839'.
[  263.318210][ T7318] loop9: detected capacity change from 0 to 256
[  263.841834][ T7318] exFAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  263.852502][ T7318] exFAT-fs (loop9): Medium has reported failures. Some data may be lost.
[  263.875343][ T7318] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x44ede5da, utbl_chksum : 0xe619d30d)
[  265.922012][ T7341] netlink: 8 bytes leftover after parsing attributes in process `syz.9.844'.
[  267.927344][ T7365] loop3: detected capacity change from 0 to 512
[  269.795581][ T7365] EXT4-fs (loop3): 1 orphan inode deleted
[  269.801436][ T7365] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  269.812485][ T7365] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  270.273193][ T4663] __quota_error: 3 callbacks suppressed
[  270.273207][ T4663] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  270.289131][ T4663] EXT4-fs error (device loop3): ext4_release_dquot:6852: comm kworker/u4:8: Failed to release dquot type 1
[  270.311438][ T5007] EXT4-fs (loop3): unmounting filesystem.
[  271.527075][ T7382] loop6: detected capacity change from 0 to 512
[  271.565860][ T7384] netlink: 116 bytes leftover after parsing attributes in process `syz.9.856'.
[  271.686568][ T7382] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  271.764584][ T7382] ext4 filesystem being mounted at /183/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  271.834232][ T7397] loop0: detected capacity change from 0 to 128
[  272.154385][ T7399] loop3: detected capacity change from 0 to 256
[  272.166741][ T4689] EXT4-fs (loop6): unmounting filesystem.
[  272.186057][ T7399] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d)
[  272.324548][ T4267] Bluetooth: hci3: link tx timeout
[  272.330096][ T4267] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  273.756418][ T7415] loop6: detected capacity change from 0 to 512
[  273.944194][ T7415] EXT4-fs (loop6): 1 orphan inode deleted
[  273.950064][ T7415] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  273.962643][ T7415] ext4 filesystem being mounted at /185/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  274.401748][ T4267] Bluetooth: hci3: command 0x0406 tx timeout
[  274.590355][ T5445] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  274.604171][ T5445] EXT4-fs error (device loop6): ext4_release_dquot:6852: comm kworker/u4:16: Failed to release dquot type 1
[  275.448275][ T4689] EXT4-fs (loop6): unmounting filesystem.
[  276.157514][ T7437] input: syz0 as /devices/virtual/input/input28
[  277.169734][ T7453] input: syz0 as /devices/virtual/input/input29
[  277.346709][ T7459] loop0: detected capacity change from 0 to 8192
[  279.258409][ T7486] loop6: detected capacity change from 0 to 512
[  280.256722][ T7486] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  280.265591][ T7486] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2
[  280.292124][ T7486] EXT4-fs (loop6): 1 truncate cleaned up
[  280.297873][ T7486] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  280.404350][ T7486] EXT4-fs error (device loop6): ext4_append:79: inode #2: comm syz.6.883: Logical block already allocated
[  280.481224][ T7486] lo speed is unknown, defaulting to 1000
[  280.961885][ T4267] Bluetooth: hci3: link tx timeout
[  280.967067][ T4267] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  281.237172][ T7495] loop0: detected capacity change from 0 to 256
[  281.353575][ T7495] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d)
[  281.402185][ T7498] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow
[  282.742720][ T4689] EXT4-fs (loop6): unmounting filesystem.
[  283.213800][ T7506] netlink: 8 bytes leftover after parsing attributes in process `syz.9.893'.
[  283.377498][ T7512] loop6: detected capacity change from 0 to 512
[  285.395271][ T7512] EXT4-fs (loop6): 1 orphan inode deleted
[  285.401137][ T7512] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  285.411254][ T7512] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  285.538103][ T7512] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  285.582229][ T4957] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  286.100628][ T4957] EXT4-fs error (device loop6): ext4_release_dquot:6852: comm kworker/u4:9: Failed to release dquot type 1
[  286.115100][ T4689] EXT4-fs (loop6): unmounting filesystem.
[  286.203505][ T4267] Bluetooth: hci3: link tx timeout
[  286.208705][ T4267] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  287.466922][ T7529] input: syz0 as /devices/virtual/input/input30
[  288.219612][ T7543] bridge0: port 3(gretap0) entered blocking state
[  288.226490][ T7543] bridge0: port 3(gretap0) entered disabled state
[  288.237594][ T7543] device gretap0 entered promiscuous mode
[  288.244639][ T7543] bridge0: port 3(gretap0) entered blocking state
[  288.251145][ T7543] bridge0: port 3(gretap0) entered forwarding state
[  288.461945][ T7546] device bridge2 entered promiscuous mode
[  288.474575][ T7546] overlayfs: failed to clone upperpath
[  288.732488][ T7547] overlayfs: failed to clone upperpath
[  291.246635][ T7555] loop3: detected capacity change from 0 to 512
[  291.271356][ T7555] EXT4-fs: Ignoring removed nomblk_io_submit option
[  291.289215][ T7556] netlink: 8 bytes leftover after parsing attributes in process `syz.7.904'.
[  291.328831][ T7555] EXT4-fs (loop3): Test dummy encryption mode enabled
[  291.355615][ T7556] device team0 entered promiscuous mode
[  291.371473][ T7556] device team_slave_0 entered promiscuous mode
[  291.380633][ T7556] device team_slave_1 entered promiscuous mode
[  291.397642][ T7556] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  291.406223][ T7556] device team0 left promiscuous mode
[  291.411536][ T7556] device team_slave_0 left promiscuous mode
[  291.417609][ T7556] device team_slave_1 left promiscuous mode
[  291.489196][ T7555] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c018, mo2=0002]
[  291.501204][ T7555] System zones: 2-12, 7-7
[  291.510200][ T7555] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2818: Unable to expand inode 17. Delete some EAs or run e2fsck.
[  291.605178][ T7555] EXT4-fs (loop3): 1 truncate cleaned up
[  291.628246][ T7555] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  291.758375][ T7564] loop0: detected capacity change from 0 to 512
[  292.542000][ T7562] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 7: invalid block bitmap
[  294.014108][ T7564] EXT4-fs (loop0): 1 orphan inode deleted
[  294.019959][ T7564] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  294.034681][ T7564] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  294.704297][ T7563] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  295.235689][ T5432] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  295.255988][ T5432] EXT4-fs error (device loop0): ext4_release_dquot:6852: comm kworker/u4:11: Failed to release dquot type 1
[  295.289604][ T5007] EXT4-fs (loop3): unmounting filesystem.
[  295.297349][ T6425] EXT4-fs (loop0): unmounting filesystem.
[  295.414326][ T7579] tipc: Started in network mode
[  295.442621][ T7579] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  295.483124][ T7579] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  295.517456][ T7579] tipc: Enabled bearer <udp:syz0>, priority 10
[  296.230141][ T7593] overlayfs: failed to clone upperpath
[  296.710541][   T22] tipc: Node number set to 1
[  297.290388][ T7601] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  300.398425][ T7624] loop3: detected capacity change from 0 to 512
[  302.050074][ T7624] EXT4-fs: failed to create workqueue
[  302.055521][ T7624] EXT4-fs (loop3): mount failed
[  303.202698][ T7638] syz.6.927[7638] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  303.202824][ T7638] syz.6.927[7638] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  303.307568][ T7641] binfmt_misc: register: failed to install interpreter file ./file0
[  303.591832][   T14] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[  303.619208][ T7653] netlink: 8 bytes leftover after parsing attributes in process `syz.9.933'.
[  303.766578][ T7658] netlink: 12 bytes leftover after parsing attributes in process `syz.0.931'.
[  303.787439][   T14] usb 7-1: config 0 has an invalid interface number: 251 but max is 0
[  303.810199][   T14] usb 7-1: config 0 has no interface number 0
[  303.835347][   T14] usb 7-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  303.881016][   T14] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  303.924259][   T14] usb 7-1: Product: syz
[  303.945871][   T14] usb 7-1: Manufacturer: syz
[  303.968714][   T14] usb 7-1: SerialNumber: syz
[  304.009887][   T14] usb 7-1: config 0 descriptor??
[  304.472304][ T7666] lo speed is unknown, defaulting to 1000
[  305.218257][   T14] asix 7-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  305.272066][   T14] asix 7-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -71
[  305.319266][   T14] asix: probe of 7-1:0.251 failed with error -5
[  305.373310][   T14] usb 7-1: USB disconnect, device number 4
[  305.853229][ T7679] loop3: detected capacity change from 0 to 512
[  308.435029][ T7679] EXT4-fs (loop3): 1 orphan inode deleted
[  308.440801][ T7679] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  308.449891][ T7679] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  308.460536][ T5462] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  308.477022][ T7675] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  308.501591][ T5462] EXT4-fs error (device loop3): ext4_release_dquot:6852: comm kworker/u4:24: Failed to release dquot type 1
[  308.748102][ T5007] EXT4-fs (loop3): unmounting filesystem.
[  309.766271][ T4281] Bluetooth: hci2: command 0x0406 tx timeout
[  310.576666][ T7714] 8021q: VLANs not supported on caif0
[  310.826329][ T7687] loop6: detected capacity change from 0 to 40427
[  310.849781][ T7687] F2FS-fs (loop6): build fault injection attr: rate: 771, type: 0x3ffff
[  311.096897][ T7687] F2FS-fs (loop6): invalid crc value
[  311.649976][ T7687] F2FS-fs (loop6): Failed to start F2FS issue_checkpoint_thread (-12)
[  316.794141][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  317.066339][   T26] audit: type=1326 audit(1759309947.954:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.7.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  317.190090][   T26] audit: type=1326 audit(1759309947.994:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.7.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  317.241895][   T26] audit: type=1326 audit(1759309948.004:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.7.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  317.300726][   T26] audit: type=1326 audit(1759309948.004:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.7.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  317.402482][   T26] audit: type=1326 audit(1759309948.004:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.7.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  317.444449][   T26] audit: type=1326 audit(1759309948.014:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.7.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  317.528801][   T26] audit: type=1326 audit(1759309948.014:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.7.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  317.622387][   T26] audit: type=1326 audit(1759309948.014:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.7.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  317.751766][   T26] audit: type=1326 audit(1759309948.014:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.7.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  317.868765][   T26] audit: type=1326 audit(1759309948.014:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7773 comm="syz.7.969" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbda118eec9 code=0x7ffc0000
[  319.136925][ T7808] input: syz0 as /devices/virtual/input/input31
[  319.941284][ T7807] loop9: detected capacity change from 0 to 40427
[  319.978540][ T7807] F2FS-fs (loop9): build fault injection attr: rate: 771, type: 0x3ffff
[  320.021644][ T7807] F2FS-fs (loop9): invalid crc value
[  320.064245][ T7807] F2FS-fs (loop9): Found nat_bits in checkpoint
[  320.199538][ T7807] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  320.990401][ T4849] syz-executor: attempt to access beyond end of device
[  320.990401][ T4849] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  321.378797][ T7849] loop6: detected capacity change from 0 to 256
[  322.126627][ T7849] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  324.208302][ T7874] input: syz0 as /devices/virtual/input/input32
[  324.517526][ T7892] loop9: detected capacity change from 0 to 256
[  324.552012][ T7892] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  326.035262][   T14] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  326.253429][   T14] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  326.253459][   T14] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 33540, setting to 1024
[  326.253477][   T14] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  326.253500][   T14] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  326.253515][   T14] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  326.256065][   T14] usb 10-1: config 0 descriptor??
[  326.675496][   T14] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  326.691431][   T14] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0
[  326.946623][   T14] usb 10-1: USB disconnect, device number 3
[  327.189434][ T7916] fido_id[7916]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.9/usb10/report_descriptor': No such file or directory
[  327.989547][ T7928] 9p: Unknown Cache mode fsca
[  328.185206][ T7930] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1022'.
[  330.568498][ T7977] netlink: 'syz.7.1036': attribute type 10 has an invalid length.
[  330.568516][ T7977] netlink: 'syz.7.1036': attribute type 17 has an invalid length.
[  330.569393][ T7977] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  330.791575][ T7967] input: syz0 as /devices/virtual/input/input33
[  330.997092][ T7972] input: syz0 as /devices/virtual/input/input34
[  331.118120][ T7987] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1041'.
[  333.312792][ T8021] loop6: detected capacity change from 0 to 512
[  333.640317][ T8021] EXT4-fs (loop6): 1 orphan inode deleted
[  333.646275][ T8021] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  333.659205][ T8021] ext4 filesystem being mounted at /216/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  333.764492][ T8021] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  334.591904][ T5432] __quota_error: 8 callbacks suppressed
[  334.591919][ T5432] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  334.592076][ T5432] EXT4-fs error (device loop6): ext4_release_dquot:6852: comm kworker/u4:11: Failed to release dquot type 1
[  335.502528][ T8036] loop3: detected capacity change from 0 to 1024
[  335.546808][ T8036] ext4: Unknown parameter 'nouser_xattr'
[  335.557467][ T8039] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1056'.
[  335.932299][ T8043] netlink: 'syz.3.1055': attribute type 16 has an invalid length.
[  335.940211][ T8043] netlink: 'syz.3.1055': attribute type 17 has an invalid length.
[  335.954521][ T8043] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  335.961965][ T8043] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  335.979112][ T8043] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  337.065300][ T4689] EXT4-fs (loop6): unmounting filesystem.
[  337.741997][   T22] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  337.951949][   T22] usb 10-1: Using ep0 maxpacket: 16
[  337.969000][   T22] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  338.134513][   T22] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  338.325225][   T22] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  338.486946][   T22] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.526219][   T22] usb 10-1: Product: syz
[  338.541848][   T22] usb 10-1: Manufacturer: syz
[  338.546642][   T22] usb 10-1: SerialNumber: syz
[  338.838309][   T22] usb 10-1: cannot find UAC_HEADER
[  338.909387][   T22] snd-usb-audio: probe of 10-1:1.0 failed with error -22
[  339.092026][   T22] usb 10-1: USB disconnect, device number 4
[  339.395007][ T4258] udevd[4258]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  340.271924][ T4387] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  340.497903][ T4387] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  340.531320][ T4387] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 33540, setting to 1024
[  340.581956][ T4387] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  340.617894][ T4387] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  340.635445][ T4387] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  341.235391][ T4387] usb 4-1: config 0 descriptor??
[  341.706671][ T4387] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  341.732317][ T8111] lo speed is unknown, defaulting to 1000
[  342.212890][ T4387] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  342.319016][   T26] audit: type=1326 audit(1759309973.204:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.9.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  342.601576][   T26] audit: type=1326 audit(1759309973.204:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.9.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  342.626376][   T26] audit: type=1326 audit(1759309973.234:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.9.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  344.378261][   T26] audit: type=1326 audit(1759309973.234:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.9.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  344.525820][ T4387] usb 4-1: USB disconnect, device number 2
[  344.573203][   T26] audit: type=1326 audit(1759309973.234:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.9.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  344.605857][   T26] audit: type=1326 audit(1759309973.234:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.9.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=196 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  344.689061][   T26] audit: type=1326 audit(1759309973.234:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.9.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  344.785694][   T26] audit: type=1326 audit(1759309973.234:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.9.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  344.913081][   T26] audit: type=1326 audit(1759309973.244:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.9.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  344.950126][ T8120] fido_id[8120]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  345.043690][   T26] audit: type=1326 audit(1759309973.244:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.9.1079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f349238eec9 code=0x7ffc0000
[  345.455530][ T8132] loop0: detected capacity change from 0 to 512
[  345.522270][ T8132] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  345.554836][ T8132] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  345.576375][ T8132] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  345.629071][ T8132] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  345.642257][ T8132] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[  345.660294][ T8132] EXT4-fs (loop0): orphan cleanup on readonly fs
[  346.327248][ T8132] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1083: bg 0: block 34: padding at end of block bitmap is not set
[  346.413240][ T8132] EXT4-fs error (device loop0): ext4_acquire_dquot:6816: comm syz.0.1083: Failed to acquire dquot type 1
[  346.435881][ T8132] EXT4-fs (loop0): 1 truncate cleaned up
[  346.444538][ T8132] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  346.559841][ T8140] loop6: detected capacity change from 0 to 512
[  346.602135][ T8140] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  346.673799][ T8140] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  347.011858][ T8140] EXT4-fs (loop6): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  347.112429][ T8127] netlink: 16 bytes leftover after parsing attributes in process `syz.9.1082'.
[  347.137880][ T8140] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  347.181496][ T8140] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[  347.205981][ T6425] EXT4-fs (loop0): unmounting filesystem.
[  347.253650][ T8140] EXT4-fs (loop6): orphan cleanup on readonly fs
[  347.267317][ T8140] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.1086: bg 0: block 34: padding at end of block bitmap is not set
[  347.302389][ T8140] EXT4-fs error (device loop6): ext4_acquire_dquot:6816: comm syz.6.1086: Failed to acquire dquot type 1
[  347.340271][ T8140] EXT4-fs (loop6): 1 truncate cleaned up
[  347.358102][ T8140] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  347.551770][ T4324] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  347.741711][ T4324] usb 4-1: Using ep0 maxpacket: 16
[  347.748488][ T4324] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  347.777084][ T4324] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  347.803862][ T4324] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  347.818838][ T4324] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  347.835345][ T4324] usb 4-1: config 0 descriptor??
[  348.434031][ T8164] loop3: detected capacity change from 0 to 256
[  348.457519][ T8164] exfat: Deprecated parameter 'utf8'
[  348.563215][ T8164] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d)
[  349.452247][ T4324] usbhid 4-1:0.0: can't add hid device: -71
[  349.458699][ T4324] usbhid: probe of 4-1:0.0 failed with error -71
[  349.475885][ T4324] usb 4-1: USB disconnect, device number 3
[  350.328498][ T4689] EXT4-fs (loop6): unmounting filesystem.
[  350.353245][ T4281] Bluetooth: hci3: link tx timeout
[  350.359074][ T4281] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  350.367652][ T4281] Bluetooth: hci3: link tx timeout
[  350.374070][ T4281] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  351.013238][ T8205] lo speed is unknown, defaulting to 1000
[  351.344785][ T8207] bridge0: port 4(vlan2) entered blocking state
[  351.351184][ T8207] bridge0: port 4(vlan2) entered disabled state
[  352.332353][ T8220] 9pnet_fd: Insufficient options for proto=fd
[  352.429257][ T8219] loop6: detected capacity change from 0 to 512
[  352.461745][ T4281] Bluetooth: hci3: command 0x0406 tx timeout
[  352.493646][ T8219] EXT4-fs (loop6): 1 orphan inode deleted
[  352.499445][ T8219] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  352.511903][ T8219] ext4 filesystem being mounted at /223/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  352.529431][ T8225] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1112'.
[  352.552168][ T5454] __quota_error: 15 callbacks suppressed
[  352.552181][ T5454] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  352.567958][ T8219] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  352.586768][ T5454] EXT4-fs error (device loop6): ext4_release_dquot:6852: comm kworker/u4:20: Failed to release dquot type 1
[  355.294301][ T8270] netlink: 28 bytes leftover after parsing attributes in process `syz.9.1128'.
[  355.362349][ T5454] Bluetooth: hci5: Frame reassembly failed (-84)
[  355.375455][ T5454] Bluetooth: hci5: Frame reassembly failed (-84)
[  355.641415][ T8268] loop3: detected capacity change from 0 to 512
[  355.756209][ T8268] EXT4-fs (loop3): orphan cleanup on readonly fs
[  355.763707][ T8268] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  355.774663][ T8268] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  355.784090][ T8268] EXT4-fs error (device loop3): ext4_acquire_dquot:6816: comm syz.3.1126: Failed to acquire dquot type 1
[  355.798038][ T8268] EXT4-fs (loop3): 1 truncate cleaned up
[  355.814008][ T8279] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1130'.
[  355.853454][ T8279] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1130'.
[  355.914726][ T8279] device batadv0 entered promiscuous mode
[  355.934551][ T8279] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  355.977053][ T8280] lo speed is unknown, defaulting to 1000
[  356.587055][ T8268] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  356.904826][ T4689] EXT4-fs (loop6): unmounting filesystem.
[  357.423081][ T4267] Bluetooth: hci5: command 0x1003 tx timeout
[  357.451923][ T4281] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  359.008748][ T5007] EXT4-fs (loop3): unmounting filesystem.
[  359.193043][ T8317] netlink: 28 bytes leftover after parsing attributes in process `syz.9.1141'.
[  359.281025][ T8321] netlink: 'syz.3.1143': attribute type 1 has an invalid length.
[  359.331751][ T8321] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1143'.
[  360.870663][ T8340] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1148'.
[  360.898073][ T8342] 9pnet_fd: Insufficient options for proto=fd
[  361.141352][ T8350] netlink: 'syz.6.1154': attribute type 2 has an invalid length.
[  361.201749][ T8350] netlink: 'syz.6.1154': attribute type 8 has an invalid length.
[  361.232018][ T8350] netlink: 132 bytes leftover after parsing attributes in process `syz.6.1154'.
[  361.455715][ T8359] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1156'.
[  361.686491][ T8365] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1158'.
[  361.712933][ T8365] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1158'.
[  361.743364][ T8362] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1158'.
[  361.765469][ T8366] syz.0.1159[8366] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  361.765558][ T8366] syz.0.1159[8366] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  361.788594][ T8367] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1158'.
[  361.869934][ T8373] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1160'.
[  363.482669][ T8417] loop0: detected capacity change from 0 to 256
[  363.561304][ T8417] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  365.169588][ T8456] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  365.188018][ T8456] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  365.334711][ T8444] input: syz0 as /devices/virtual/input/input35
[  365.338938][ T8462] netlink: 'syz.7.1195': attribute type 1 has an invalid length.
[  365.966565][ T8480] netlink: 'syz.9.1203': attribute type 21 has an invalid length.
[  366.001730][ T8480] IPv6: NLM_F_CREATE should be specified when creating new route
[  366.025207][ T8480] IPv6: Can't replace route, no match found
[  366.651576][ T8495] __nla_validate_parse: 8 callbacks suppressed
[  366.651591][ T8495] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1210'.
[  367.048180][ T8510] 8021q: VLANs not supported on caif0
[  367.128449][ T8512] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  367.174502][ T8512] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  367.183630][ T8512] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  367.192738][ T8512] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  367.201835][ T8512] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  367.210892][ T8512] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  367.219993][ T8512] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  367.229088][ T8512] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  367.238218][ T8512] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  367.752720][ T8527] 9pnet_fd: Insufficient options for proto=fd
[  368.721928][ T8544] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1230'.
[  369.048468][ T8548] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1231'.
[  370.724777][ T8591] input: syz0 as /devices/virtual/input/input36
[  372.159602][ T8628] 9pnet_fd: Insufficient options for proto=fd
[  372.605124][ T8649] 9pnet_fd: Insufficient options for proto=fd
[  372.745862][ T8656] 9pnet_fd: Insufficient options for proto=fd
[  373.093411][ T8672] netlink: 1041 bytes leftover after parsing attributes in process `syz.6.1284'.
[  373.210854][ T8674] bridge0: port 3(gretap0) entered blocking state
[  373.217672][ T8674] bridge0: port 3(gretap0) entered disabled state
[  373.228122][ T8674] device gretap0 entered promiscuous mode
[  373.235072][ T8674] bridge0: port 3(gretap0) entered blocking state
[  373.242193][ T8674] bridge0: port 3(gretap0) entered forwarding state
[  374.388416][ T8699] 9pnet_fd: Insufficient options for proto=fd
[  377.557244][ T8715] bridge0: port 3(gretap0) entered blocking state
[  377.565445][ T8715] bridge0: port 3(gretap0) entered disabled state
[  377.572937][ T8715] device gretap0 entered promiscuous mode
[  377.579107][ T8715] bridge0: port 3(gretap0) entered blocking state
[  377.585610][ T8715] bridge0: port 3(gretap0) entered forwarding state
[  377.851143][ T8727] netlink: 'syz.3.1305': attribute type 10 has an invalid length.
[  378.815901][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  379.118528][ T8747] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1313'.
[  379.145496][ T8749] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1309'.
[  379.192573][ T8747] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1313'.
[  379.565712][ T8762] bridge0: port 3(gretap0) entered blocking state
[  379.572659][ T8762] bridge0: port 3(gretap0) entered disabled state
[  379.580248][ T8762] device gretap0 entered promiscuous mode
[  379.586557][ T8762] bridge0: port 3(gretap0) entered blocking state
[  379.593221][ T8762] bridge0: port 3(gretap0) entered forwarding state
[  380.436288][ T8768] netlink: 116 bytes leftover after parsing attributes in process `syz.7.1320'.
[  380.562215][ T8772] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1322'.
[  382.636348][ T8847] input: syz0 as /devices/virtual/input/input37
[  382.672072][ T8849] netlink: 116 bytes leftover after parsing attributes in process `syz.9.1339'.
[  383.176368][ T8867] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1345'.
[  383.333121][ T8867] device batadv0 entered promiscuous mode
[  383.339986][ T8867] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  383.527359][ T8879] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1347'.
[  383.549830][ T8874] bridge0: port 3(gretap0) entered disabled state
[  384.395900][ T8874] bridge0: port 1(bridge_slave_0) entered disabled state
[  385.555240][ T8874] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  385.657701][ T8874] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  386.577959][ T8874] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  386.587664][ T8874] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  386.597045][ T8874] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  386.606036][ T8874] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  386.615171][ T8874] device geneve2 left promiscuous mode
[  386.669353][ T8874] device bridge2 left promiscuous mode
[  387.044102][ T8919] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1360'.
[  387.134984][ T8917] netdevsim netdevsim9 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  387.151927][ T8917] netdevsim netdevsim9 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  387.161558][ T8917] netdevsim netdevsim9 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  387.174886][  T126] usb 7-1: new full-speed USB device number 5 using dummy_hcd
[  387.211797][ T8917] netdevsim netdevsim9 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  387.221520][ T8917] device geneve3 entered promiscuous mode
[  387.229977][ T8917] netdevsim netdevsim9 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  387.239378][ T8917] netdevsim netdevsim9 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  387.254214][ T8917] netdevsim netdevsim9 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  387.276486][ T8917] netdevsim netdevsim9 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  387.378976][  T126] usb 7-1: unable to get BOS descriptor or descriptor too short
[  387.390746][  T126] usb 7-1: not running at top speed; connect to a high speed hub
[  387.408887][  T126] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  387.429411][  T126] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  387.465929][  T126] usb 7-1: string descriptor 0 read error: -22
[  387.482539][  T126] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  387.497259][  T126] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  387.519145][  T126] usb 7-1: 0:2 : does not exist
[  388.337930][  T126] usb 7-1: 5:0: failed to get current value for ch 0 (-22)
[  388.358789][  T126] usb 7-1: Warning! Unlikely big volume range (=11002), cval->res is probably wrong.
[  388.378790][  T126] usb 7-1: [5] FU [Mic Capture Volume] ch = 1, val = -23808/-12806/1
[  388.402138][ T4341] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  388.412047][  T126] usb 7-1: 5:0: cannot get min/max values for control 3 (id 5)
[  388.435724][  T126] usb 7-1: 5:0: failed to get current value for ch 1 (-22)
[  388.468528][  T126] usb 7-1: 5:0: cannot get min/max values for control 3 (id 5)
[  388.493983][  T126] usb 7-1: USB disconnect, device number 5
[  388.613620][ T4341] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 245, setting to 64
[  388.629837][ T4341] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  388.653495][ T4341] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.665923][ T4341] usb 1-1: config 0 descriptor??
[  388.732954][ T4258] udevd[4258]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  388.811457][ T8949] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  388.819641][ T8949] device syzkaller0 entered promiscuous mode
[  388.869538][ T8949] tipc: Resetting bearer <eth:syzkaller0>
[  388.879708][ T4341] ath6kl: Failed to submit usb control message: -71
[  388.895920][ T4341] ath6kl: unable to send the bmi data to the device: -71
[  388.916440][ T4341] ath6kl: Unable to send get target info: -71
[  388.935799][ T8948] tipc: Resetting bearer <eth:syzkaller0>
[  388.942458][ T4341] ath6kl: Failed to init ath6kl core: -71
[  389.013366][ T4341] ath6kl_usb: probe of 1-1:0.0 failed with error -71
[  389.024975][ T4341] usb 1-1: USB disconnect, device number 2
[  389.054680][ T8948] tipc: Disabling bearer <eth:syzkaller0>
[  389.203773][ T8961] lo speed is unknown, defaulting to 1000
[  390.659335][ T8980] syz.0.1382 (8980): drop_caches: 2
[  390.717226][ T8991] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1388'.
[  390.801263][ T4281] Bluetooth: hci2: Unknown advertising packet type: 0xffff
[  390.801311][ T4281] Bluetooth: hci2: adv larger than maximum supported
[  390.809409][ T4281] Bluetooth: hci2: Malformed LE Event: 0x0d
[  391.221073][ T9001] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1393'.
[  391.839627][ T9022] netlink: 104 bytes leftover after parsing attributes in process `syz.9.1404'.
[  392.151842][ T4341] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  392.351945][ T4341] usb 1-1: Using ep0 maxpacket: 32
[  392.361811][ T4341] usb 1-1: too many configurations: 17, using maximum allowed: 8
[  392.382516][ T4341] usb 1-1: config 0 has an invalid interface number: 2 but max is 0
[  392.407695][ T4341] usb 1-1: config 0 has no interface number 0
[  392.418407][ T4341] usb 1-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  392.429721][ T4341] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  392.445010][ T4341] usb 1-1: config 0 has an invalid interface number: 2 but max is 0
[  392.456484][ T4341] usb 1-1: config 0 has no interface number 0
[  392.467477][ T4341] usb 1-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  392.484710][ T4341] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  392.504757][ T4341] usb 1-1: config 0 has an invalid interface number: 2 but max is 0
[  392.524210][ T4341] usb 1-1: config 0 has no interface number 0
[  392.534077][ T4341] usb 1-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  392.544327][ T4341] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  392.555232][ T4341] usb 1-1: config 0 has an invalid interface number: 2 but max is 0
[  392.563469][ T4341] usb 1-1: config 0 has no interface number 0
[  392.641760][ T4341] usb 1-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  392.671014][ T4341] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  392.696639][ T4341] usb 1-1: config 0 has an invalid interface number: 2 but max is 0
[  392.716380][ T4341] usb 1-1: config 0 has no interface number 0
[  392.731863][ T4341] usb 1-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  392.755835][ T4341] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  392.780223][ T4341] usb 1-1: config 0 has an invalid interface number: 2 but max is 0
[  392.797584][ T4341] usb 1-1: config 0 has no interface number 0
[  392.811938][ T4341] usb 1-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  392.979722][ T4341] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  393.821377][ T4341] usb 1-1: config 0 has an invalid interface number: 2 but max is 0
[  393.837910][ T4341] usb 1-1: config 0 has no interface number 0
[  393.844668][ T4341] usb 1-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  393.855803][ T4341] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  393.892068][ T9049] lo speed is unknown, defaulting to 1000
[  393.902307][ T4341] usb 1-1: config 0 has an invalid interface number: 2 but max is 0
[  393.926697][ T4341] usb 1-1: config 0 has no interface number 0
[  393.945342][ T4341] usb 1-1: config 0 interface 2 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  393.970898][ T4341] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  394.001503][ T4341] usb 1-1: New USB device found, idVendor=108c, idProduct=0168, bcdDevice=84.b2
[  394.028134][ T4341] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.061876][ T4341] usb 1-1: Product: syz
[  394.066071][ T4341] usb 1-1: Manufacturer: syz
[  394.097609][ T4341] usb 1-1: SerialNumber: syz
[  394.139313][ T4341] usb 1-1: config 0 descriptor??
[  394.183334][ T4341] etas_es58x 1-1:0.2: Starting syz syz (Serial Number syz)
[  394.380073][ T4341] etas_es58x 1-1:0.2: Product info: Я
[  394.590535][ T8880] usb 1-1: USB disconnect, device number 3
[  394.607148][ T8880] etas_es58x 1-1:0.2: Disconnecting syz syz
[  395.302383][ T9076] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1423'.
[  396.319843][ T9086] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1428'.
[  396.723313][ T9100] input: syz0 as /devices/virtual/input/input38
[  396.809458][ T9104] net_ratelimit: 3257 callbacks suppressed
[  396.809475][ T9104] TCP: MD5 Hash mismatch for [fe80::bb]:0->[ff02::1]:20002 L3 index 0
[  396.961845][ T8880] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  397.103944][ T9111] 9pnet: Could not find request transport: fd0x0000000000000003
[  397.175020][ T8880] usb 7-1: config 17 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  397.192800][ T8880] usb 7-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  397.203660][ T8880] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  397.225038][ T9099] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  397.252482][ T8880] aiptek 7-1:17.0: interface has no int in endpoints, but must have minimum 1
[  398.328770][ T4352] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  398.477628][ T9129] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  398.521930][ T4352] usb 1-1: Using ep0 maxpacket: 16
[  398.529815][ T4352] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  398.590139][ T4352] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  398.648217][ T4352] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  398.720656][ T4352] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  398.720676][ T4352] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  398.734700][ T4352] usb 1-1: config 0 descriptor??
[  398.939335][ T9130] input: syz0 as /devices/virtual/input/input40
[  399.143169][ T4352] microsoft 0003:045E:07DA.0004: ignoring exceeding usage max
[  399.161012][ T4352] microsoft 0003:045E:07DA.0004: ignoring exceeding usage max
[  399.190472][ T4352] microsoft 0003:045E:07DA.0004: report_id 12451851 is invalid
[  399.193103][ T9149] capability: warning: `syz.7.1448' uses deprecated v2 capabilities in a way that may be insecure
[  399.226524][ T4352] microsoft 0003:045E:07DA.0004: item 0 4 1 8 parsing failed
[  399.233034][ T9149] fuse: Bad value for 'fd'
[  399.277274][ T4352] microsoft 0003:045E:07DA.0004: parse failed
[  399.308014][ T4352] microsoft: probe of 0003:045E:07DA.0004 failed with error -22
[  399.361051][ T4352] usb 1-1: USB disconnect, device number 4
[  399.403932][ T9151] netlink: 116 bytes leftover after parsing attributes in process `syz.7.1449'.
[  399.705127][ T8880] usb 7-1: USB disconnect, device number 6
[  399.856415][ T9155] netlink: 'syz.6.1450': attribute type 1 has an invalid length.
[  400.048372][ T9155] 8021q: adding VLAN 0 to HW filter on device bond4
[  400.854740][ T9175] 9pnet_fd: Insufficient options for proto=fd
[  401.229349][ T9184] tipc: Started in network mode
[  401.241306][ T9184] tipc: Node identity 4e6afeb7489d, cluster identity 4711
[  401.249191][ T9184] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  401.278298][ T9184] device syzkaller0 entered promiscuous mode
[  401.364900][ T9184] tipc: Resetting bearer <eth:syzkaller0>
[  401.368747][ T9181] tipc: Resetting bearer <eth:syzkaller0>
[  401.412404][ T9181] tipc: Disabling bearer <eth:syzkaller0>
[  401.909561][ T9198] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1465'.
[  402.111519][ T9206] netlink: 116 bytes leftover after parsing attributes in process `syz.7.1467'.
[  402.330578][ T9208] input: syz0 as /devices/virtual/input/input41
[  403.781072][ T9221] 9pnet_fd: Insufficient options for proto=fd
[  403.927619][ T9229] device syzkaller1 entered promiscuous mode
[  404.116679][ T4324] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  404.143126][ T9236] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1479'.
[  404.311970][ T4324] usb 10-1: Using ep0 maxpacket: 16
[  404.319970][ T4324] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  404.361534][ T4324] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  404.428289][ T4324] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  404.514592][ T4324] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  404.665341][ T4324] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  404.685336][ T4324] usb 10-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  404.711892][ T4324] usb 10-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  404.720015][ T4324] usb 10-1: Manufacturer: syz
[  404.726750][ T4324] usb 10-1: config 0 descriptor??
[  405.811704][ T4324] rc_core: IR keymap rc-hauppauge not found
[  405.821951][ T4324] Registered IR keymap rc-empty
[  405.827229][ T4324] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  405.891754][ T4324] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  405.943419][ T4324] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/rc/rc0
[  405.986268][ T4324] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/rc/rc0/input42
[  406.006668][ T4324] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  406.041781][ T4324] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  406.085173][ T4324] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  406.122448][ T4324] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  406.161906][ T4324] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  406.201940][ T4324] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  406.241872][ T4324] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  406.281800][ T4324] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  406.321719][ T4324] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  406.361790][ T4324] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  406.394087][ T4324] mceusb 10-1:0.0: Registered  with mce emulator interface version 1
[  406.409062][ T4324] mceusb 10-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  406.422912][ T4324] usb 10-1: USB disconnect, device number 5
[  407.321899][ T4352] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  407.352042][ T9282] input: syz0 as /devices/virtual/input/input43
[  407.533873][ T4352] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  407.581910][ T4352] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  407.626754][ T4352] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.691490][ T4352] usb 10-1: config 0 descriptor??
[  407.933806][ T4352] usbhid 10-1:0.0: can't add hid device: -71
[  407.950148][ T4352] usbhid: probe of 10-1:0.0 failed with error -71
[  407.987812][ T4352] usb 10-1: USB disconnect, device number 6
[  408.167371][ T9306] Set syz1 is full, maxelem 6117 reached
[  408.542126][ T4352] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  408.741744][ T4352] usb 10-1: Using ep0 maxpacket: 32
[  408.762105][ T4352] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  408.806135][ T4352] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  408.815540][ T4352] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  408.846830][ T4352] usb 10-1: config 0 descriptor??
[  408.868634][ T4352] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  408.904346][ T4352] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  409.081461][ T9328] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1510'.
[  409.359221][ T8880] usb 10-1: USB disconnect, device number 7
[  409.380607][ T8880] ldusb 10-1:0.0: LD USB Device #0 now disconnected
[  409.591611][ T9332] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1511'.
[  409.807829][   T26] audit: type=1326 audit(1759310040.694:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9338 comm="syz.0.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  409.834805][   T26] audit: type=1326 audit(1759310040.714:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9338 comm="syz.0.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  409.863127][   T26] audit: type=1326 audit(1759310040.754:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9338 comm="syz.0.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  409.892972][   T26] audit: type=1326 audit(1759310040.754:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9338 comm="syz.0.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  409.986365][   T26] audit: type=1326 audit(1759310040.754:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9338 comm="syz.0.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  410.040042][   T26] audit: type=1326 audit(1759310040.824:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9338 comm="syz.0.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  410.231049][   T26] audit: type=1326 audit(1759310040.824:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9338 comm="syz.0.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  410.253418][    C0] vkms_vblank_simulate: vblank timer overrun
[  410.296054][   T26] audit: type=1326 audit(1759310040.834:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9338 comm="syz.0.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  410.325042][   T26] audit: type=1326 audit(1759310040.834:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9338 comm="syz.0.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  410.351759][   T26] audit: type=1326 audit(1759310040.834:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9338 comm="syz.0.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8a4b8eec9 code=0x7ffc0000
[  410.374024][    C0] vkms_vblank_simulate: vblank timer overrun
[  411.345924][ T9350] input: syz0 as /devices/virtual/input/input44
[  411.700459][ T9361] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1521'.
[  411.841876][ T4324] usb 10-1: new full-speed USB device number 8 using dummy_hcd
[  412.043001][ T4324] usb 10-1: config 5 has an invalid interface number: 3 but max is 0
[  412.059814][ T4324] usb 10-1: config 5 has no interface number 0
[  412.131887][ T4324] usb 10-1: New USB device found, idVendor=09fb, idProduct=602a, bcdDevice=fd.36
[  412.182035][ T4324] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  412.206021][ T4324] usb 10-1: Product: syz
[  412.215900][ T4324] usb 10-1: Manufacturer: syz
[  412.228572][ T4324] usb 10-1: SerialNumber: syz
[  412.280623][ T4324] ftdi_sio 10-1:5.3: FTDI USB Serial Device converter detected
[  412.309402][ T4324] ftdi_sio ttyUSB0: unknown device type: 0xfd36
[  412.487373][ T9356] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1520'.
[  412.563930][ T9356] device bond_slave_0 entered promiscuous mode
[  412.570141][ T9356] device bond_slave_1 entered promiscuous mode
[  412.634599][ T9356] device macvtap1 entered promiscuous mode
[  412.640566][ T9356] device bond0 entered promiscuous mode
[  412.677524][ T9356] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  412.720133][ T9367] device bond0 left promiscuous mode
[  412.748603][ T9367] device bond_slave_0 left promiscuous mode
[  412.754644][ T9367] device bond_slave_1 left promiscuous mode
[  412.826484][ T4387] usb 10-1: USB disconnect, device number 8
[  412.846239][ T9371] 9pnet_fd: Insufficient options for proto=fd
[  412.866873][ T4387] ftdi_sio 10-1:5.3: device disconnected
[  413.179255][ T9375] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1527'.
[  413.584264][ T9386] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1529'.
[  413.941717][ T4352] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  414.132015][ T4352] usb 10-1: Using ep0 maxpacket: 16
[  414.141324][ T4352] usb 10-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  414.160821][ T4352] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  414.179310][ T4352] usb 10-1: Product: syz
[  414.208129][ T4352] usb 10-1: Manufacturer: syz
[  414.213734][ T4352] usb 10-1: SerialNumber: syz
[  414.230732][ T4352] usb 10-1: config 0 descriptor??
[  414.254881][ T4352] as10x_usb: device has been detected
[  414.282315][ T4352] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  414.341467][ T4352] usb 10-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  414.450970][ T9391] random: crng reseeded on system resumption
[  414.474062][ T4352] as10x_usb: error during firmware upload part1
[  414.656629][ T4352] Registered device Sky IT Digital Key (green led)
[  416.139226][ T9423] 9pnet_fd: Insufficient options for proto=fd
[  417.389903][ T4352] usb 10-1: USB disconnect, device number 9
[  417.493150][ T4352] Unregistered device Sky IT Digital Key (green led)
[  417.515352][ T4352] as10x_usb: device has been disconnected
[  417.771796][ T4387] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  417.877734][ T9442] netlink: 232 bytes leftover after parsing attributes in process `syz.7.1550'.
[  417.973088][ T4387] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  418.031749][ T4387] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  418.078470][ T4387] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  418.150214][ T4387] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  418.190727][ T4387] usb 4-1: config 0 descriptor??
[  418.362100][ T9455] 9pnet_fd: Insufficient options for proto=fd
[  419.011873][ T4324] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  419.220171][ T4324] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  419.248721][ T4324] usb 1-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.00
[  419.317456][ T4324] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  419.380977][ T4387] usb 4-1: string descriptor 0 read error: -22
[  419.488173][ T4324] usb 1-1: config 0 descriptor??
[  419.585576][ T4387] uclogic 0003:256C:006D.0005: failed retrieving string descriptor #100: -71
[  419.607068][ T4387] uclogic 0003:256C:006D.0005: failed retrieving pen parameters: -71
[  419.624399][ T4387] uclogic 0003:256C:006D.0005: failed probing pen v1 parameters: -71
[  419.657049][ T4387] uclogic 0003:256C:006D.0005: failed probing parameters: -71
[  419.693778][ T4387] uclogic: probe of 0003:256C:006D.0005 failed with error -71
[  419.719917][ T4387] usb 4-1: USB disconnect, device number 4
[  419.880019][ T9485] 9pnet_fd: Insufficient options for proto=fd
[  419.902938][ T4324] usbhid 1-1:0.0: can't add hid device: -71
[  419.908959][ T4324] usbhid: probe of 1-1:0.0 failed with error -71
[  419.933368][ T4324] usb 1-1: USB disconnect, device number 5
[  420.395943][ T9500] input: syz0 as /devices/virtual/input/input45
[  421.831861][ T8880] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  421.940419][ T9524] 9pnet_fd: Insufficient options for proto=fd
[  422.033578][ T8880] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  422.061562][ T8880] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  422.076739][ T9526] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1580'.
[  422.104421][ T8880] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  422.149104][ T8880] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  422.164346][ T8880] usb 7-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  422.173825][ T8880] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  422.185240][ T8880] usb 7-1: Product: syz
[  422.192122][ T8880] usb 7-1: Manufacturer: syz
[  422.196997][ T8880] usb 7-1: SerialNumber: syz
[  422.230137][ T8880] usb 7-1: config 0 descriptor??
[  422.243468][ T8880] adutux 7-1:0.0: interrupt endpoints not found
[  422.425976][ T9533] tipc: Started in network mode
[  422.430966][ T9533] tipc: Node identity 8, cluster identity 4711
[  422.440546][ T9533] tipc: Node number set to 8
[  422.451356][ T8880] usb 7-1: USB disconnect, device number 7
[  423.143942][ T9552] 9pnet_fd: Insufficient options for proto=fd
[  423.361704][ T4324] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  423.579012][ T4324] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  423.668275][ T4324] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  423.789311][ T4324] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  423.885858][ T4324] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  423.942225][ T4324] usb 4-1: Manufacturer: syz
[  424.039427][ T4324] usb 4-1: config 0 descriptor??
[  424.345742][ T9572] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1595'.
[  424.400633][ T9573] netlink: 104 bytes leftover after parsing attributes in process `syz.7.1595'.
[  424.453668][ T4324] usbhid 4-1:0.0: can't add hid device: -32
[  424.461146][ T4324] usbhid: probe of 4-1:0.0 failed with error -32
[  424.493692][ T4324] usb 4-1: USB disconnect, device number 5
[  425.239860][ T9590] 9pnet_fd: Insufficient options for proto=fd
[  425.448450][ T9592] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  425.459124][ T9592] device syzkaller0 entered promiscuous mode
[  425.508198][ T9592] tipc: Resetting bearer <eth:syzkaller0>
[  425.524987][ T9591] tipc: Resetting bearer <eth:syzkaller0>
[  425.604400][ T9591] tipc: Disabling bearer <eth:syzkaller0>
[  426.104240][ T9621] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1616'.
[  426.318648][ T9625] device syzkaller0 entered promiscuous mode
[  429.157769][ T9635] tipc: Started in network mode
[  429.162792][ T9635] tipc: Node identity c279f2dd9934, cluster identity 4711
[  429.169980][ T9635] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  429.177010][ T9636] device syzkaller0 entered promiscuous mode
[  429.277580][ T9644] tipc: Resetting bearer <eth:syzkaller0>
[  429.394820][ T9644] tipc: Disabling bearer <eth:syzkaller0>
[  429.427881][ T9686] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1630'.
[  429.804898][ T9694] Set syz1 is full, maxelem 6117 reached
[  429.971489][ T9710] device syzkaller0 entered promiscuous mode
[  429.980675][ T9712] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1642'.
[  430.006207][ T9712] device erspan0 entered promiscuous mode
[  430.016443][ T9712] device macvtap2 entered promiscuous mode
[  430.300093][ T9723] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1647'.
[  430.315296][ T9723] netlink: 104 bytes leftover after parsing attributes in process `syz.7.1647'.
[  432.321113][ T9716] device erspan0 left promiscuous mode
[  432.509822][ T9751] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1659'.
[  432.527123][ T9751] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1659'.
[  432.707380][ T9760] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1660'.
[  433.051813][ T4324] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  433.256576][ T9776] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1666'.
[  433.256802][ T4324] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  433.306576][ T9776] device vlan2 entered promiscuous mode
[  433.328211][ T4324] usb 7-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  433.357605][ T4324] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  433.382728][ T4324] usb 7-1: config 0 descriptor??
[  433.437559][ T4324] pwc: Askey VC010 type 2 USB webcam detected.
[  433.717300][ T9781] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1667'.
[  433.802660][ T9781] device erspan0 entered promiscuous mode
[  433.831099][ T4324] pwc: recv_control_msg error -32 req 02 val 2b00
[  433.838126][ T9781] device macvtap1 entered promiscuous mode
[  433.844947][ T4324] pwc: recv_control_msg error -32 req 02 val 2700
[  433.911197][ T9782] device erspan0 left promiscuous mode
[  434.086857][ T4324] pwc: recv_control_msg error -71 req 04 val 1000
[  434.111941][ T4324] pwc: recv_control_msg error -71 req 04 val 1300
[  434.139146][ T4324] pwc: recv_control_msg error -71 req 04 val 1400
[  434.172792][ T4324] pwc: recv_control_msg error -71 req 02 val 2000
[  434.192064][ T4324] pwc: recv_control_msg error -71 req 02 val 2100
[  434.227483][ T4324] pwc: recv_control_msg error -71 req 04 val 1500
[  434.251723][ T4324] pwc: recv_control_msg error -71 req 02 val 2500
[  434.294952][ T4324] pwc: recv_control_msg error -71 req 02 val 2400
[  434.336730][ T4324] pwc: recv_control_msg error -71 req 02 val 2600
[  434.376570][ T4324] pwc: recv_control_msg error -71 req 02 val 2900
[  434.416310][ T4324] pwc: recv_control_msg error -71 req 02 val 2800
[  434.451725][ T4324] pwc: recv_control_msg error -71 req 04 val 1100
[  434.494815][ T4324] pwc: recv_control_msg error -71 req 04 val 1200
[  434.549070][ T4324] pwc: Registered as video103.
[  434.570825][ T4324] input: PWC snapshot button as /devices/platform/dummy_hcd.6/usb7/7-1/input/input46
[  434.669506][ T4324] usb 7-1: USB disconnect, device number 8
[  435.161590][ T9790] device syzkaller0 entered promiscuous mode
[  438.515776][ T9835] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1686'.
[  438.872874][ T9852] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1689'.
[  438.883703][ T9850] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1691'.
[  438.903067][ T9850] 8021q: VLANs not supported on caif0
[  438.923065][ T9852] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1689'.
[  439.328403][ T4317] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  439.635593][ T4317] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  439.654442][ T4317] usb 1-1: config 0 has no interface number 0
[  439.665186][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  439.686418][ T4317] usb 1-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  439.707644][ T4317] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.747426][ T4317] usb 1-1: config 0 descriptor??
[  439.777127][ T4317] usb 1-1: selecting invalid altsetting 1
[  439.820953][ T4317] dvb_ttusb_budget: ttusb_init_controller: error
[  439.831889][ T4387] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  439.854955][ T9878] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1700'.
[  439.866231][ T4317] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  440.046550][ T4387] usb 10-1: unable to get BOS descriptor or descriptor too short
[  440.098223][ T4387] usb 10-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  440.130693][ T4387] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  440.185854][ T4387] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  440.203461][ T4387] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  440.240496][ T4387] usb 10-1: Product: syz
[  440.245984][ T4387] usb 10-1: Manufacturer: syz
[  440.260339][ T4387] usb 10-1: SerialNumber: syz
[  440.260635][ T4317] DVB: Unable to find symbol cx22700_attach()
[  440.449124][ T4317] DVB: Unable to find symbol tda10046_attach()
[  440.484341][ T4317] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  440.530890][ T4317] usb 1-1: USB disconnect, device number 6
[  441.055537][ T9908] device syzkaller0 entered promiscuous mode
[  442.552454][ T4387] usb 10-1: 0:2 : does not exist
[  442.574640][ T4387] usb 10-1: USB disconnect, device number 10
[  443.193866][ T4387] usb 10-1: new full-speed USB device number 11 using dummy_hcd
[  443.434732][ T4387] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  443.442926][ T4387] usb 10-1: config 0 has no interface number 0
[  443.449145][ T4387] usb 10-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  443.458417][ T4387] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.469017][ T4387] usb 10-1: config 0 descriptor??
[  443.483151][ T4387] usb 10-1: selecting invalid altsetting 1
[  443.489110][ T4387] dvb_ttusb_budget: ttusb_init_controller: error
[  443.495839][ T4387] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  443.584148][ T4387] DVB: Unable to find symbol cx22700_attach()
[  443.642369][ T4387] DVB: Unable to find symbol tda10046_attach()
[  443.649646][ T4387] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  443.666226][ T4258] udevd[4258]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  443.699324][ T4317] usb 10-1: USB disconnect, device number 11
[  444.196100][ T9922] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1715'.
[  444.428370][ T9944] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1720'.
[  444.639049][ T9954] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1727'.
[  444.662603][ T9958] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1728'.
[  444.674624][ T9958] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1728'.
[  445.084488][ T9971] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1733'.
[  445.389027][ T9977] device syzkaller0 entered promiscuous mode
[  446.176835][ T4341] usb 7-1: new full-speed USB device number 9 using dummy_hcd
[  446.398930][ T4341] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  446.407127][ T4341] usb 7-1: config 0 has no interface number 0
[  446.414740][ T4341] usb 7-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  446.424034][ T4341] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  446.440064][ T4341] usb 7-1: config 0 descriptor??
[  446.456533][ T4341] usb 7-1: selecting invalid altsetting 1
[  446.464529][ T4341] dvb_ttusb_budget: ttusb_init_controller: error
[  446.471109][ T4341] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  446.613794][ T4341] DVB: Unable to find symbol cx22700_attach()
[  446.693667][ T4341] DVB: Unable to find symbol tda10046_attach()
[  446.700038][ T4341] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  446.726226][ T4341] usb 7-1: USB disconnect, device number 9
[  447.951946][T10007] input: syz0 as /devices/virtual/input/input47
[  448.341570][T10012] netlink: 116 bytes leftover after parsing attributes in process `syz.6.1744'.
[  448.625111][T10023] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1747'.
[  448.897747][T10016] Set syz1 is full, maxelem 6117 reached
[  449.162860][ T8885] usb 10-1: new full-speed USB device number 12 using dummy_hcd
[  449.331774][ T4317] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  449.363004][ T8885] usb 10-1: config 5 has an invalid interface number: 3 but max is 0
[  449.380118][ T8885] usb 10-1: config 5 has no interface number 0
[  449.528515][ T8885] usb 10-1: New USB device found, idVendor=09fb, idProduct=602a, bcdDevice=fd.36
[  449.560774][ T8885] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  449.759761][ T8885] usb 10-1: Product: syz
[  449.766613][ T4317] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  449.779759][ T4317] usb 4-1: config 0 has no interface number 0
[  449.796337][ T8885] usb 10-1: Manufacturer: syz
[  449.814321][ T8885] usb 10-1: SerialNumber: syz
[  449.821353][ T4317] usb 4-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  449.877563][ T8885] ftdi_sio 10-1:5.3: FTDI USB Serial Device converter detected
[  449.897540][ T4317] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  449.925751][ T8885] ftdi_sio ttyUSB0: unknown device type: 0xfd36
[  449.959236][ T4317] usb 4-1: config 0 descriptor??
[  449.961766][ T4317] usb 4-1: selecting invalid altsetting 1
[  449.961879][ T4317] dvb_ttusb_budget: ttusb_init_controller: error
[  449.961891][ T4317] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  450.067259][ T4387] usb 10-1: USB disconnect, device number 12
[  450.067728][ T4387] ftdi_sio 10-1:5.3: device disconnected
[  450.111331][ T4317] DVB: Unable to find symbol cx22700_attach()
[  450.501272][T10048] input: syz0 as /devices/virtual/input/input48
[  450.649198][ T4317] DVB: Unable to find symbol tda10046_attach()
[  450.663771][ T4317] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  450.745414][ T4317] usb 4-1: USB disconnect, device number 6
[  450.980708][T10070] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1760'.
[  451.126556][T10081] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1765'.
[  451.307579][T10086] netlink: 116 bytes leftover after parsing attributes in process `syz.0.1766'.
[  451.753941][T10101] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1767'.
[  452.141826][ T8885] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  452.343133][ T8885] usb 4-1: config 5 has an invalid interface number: 3 but max is 0
[  452.351442][ T8885] usb 4-1: config 5 has no interface number 0
[  452.369421][ T8885] usb 4-1: New USB device found, idVendor=09fb, idProduct=602a, bcdDevice=fd.36
[  452.391858][ T8885] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  452.417934][ T8885] usb 4-1: Product: syz
[  452.431705][ T8885] usb 4-1: Manufacturer: syz
[  452.456727][ T8885] usb 4-1: SerialNumber: syz
[  452.485976][ T8885] ftdi_sio 4-1:5.3: FTDI USB Serial Device converter detected
[  452.518103][ T8885] ftdi_sio ttyUSB0: unknown device type: 0xfd36
[  452.688034][ T8885] usb 4-1: USB disconnect, device number 7
[  452.700623][ T8885] ftdi_sio 4-1:5.3: device disconnected
[  452.942886][T10126] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1778'.
[  452.993426][T10126] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1778'.
[  453.577072][T10134] input: syz0 as /devices/virtual/input/input49
[  454.171371][T10135] Set syz1 is full, maxelem 6117 reached
[  454.501759][T10156] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1788'.
[  454.529014][T10156] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1788'.
[  455.396793][T10169] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1791'.
[  456.882922][T10201] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1804'.
[  457.379071][T10214] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1810'.
[  457.392166][T10214] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1810'.
[  458.279268][T10217] input: syz0 as /devices/virtual/input/input50
[  459.044364][T10232] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  459.060879][T10232] device syzkaller0 entered promiscuous mode
[  459.110777][T10232] tipc: Resetting bearer <eth:syzkaller0>
[  459.132511][T10234] netlink: 'syz.9.1816': attribute type 1 has an invalid length.
[  459.174994][T10234] 8021q: adding VLAN 0 to HW filter on device bond4
[  459.192603][T10231] tipc: Resetting bearer <eth:syzkaller0>
[  459.266140][T10231] tipc: Disabling bearer <eth:syzkaller0>
[  459.518426][T10244] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1819'.
[  460.086651][T10256] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1820'.
[  460.295720][T10267] netlink: 116 bytes leftover after parsing attributes in process `syz.0.1827'.
[  460.561364][T10273] netlink: 'syz.9.1828': attribute type 1 has an invalid length.
[  460.639904][T10273] 8021q: adding VLAN 0 to HW filter on device bond5
[  461.619885][T10282] input: syz0 as /devices/virtual/input/input51
[  461.903231][T10293] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  462.085302][T10299] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1834'.
[  462.109042][T10299] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1834'.
[  463.430797][T10321] input: syz0 as /devices/virtual/input/input52
[  463.814002][T10331] netlink: 116 bytes leftover after parsing attributes in process `syz.0.1842'.
[  464.952581][T10355] device syzkaller1 entered promiscuous mode
[  466.178726][T10374] input: syz0 as /devices/virtual/input/input53
[  466.745155][T10393] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1862'.
[  467.492725][T10401] device syzkaller1 entered promiscuous mode
[  468.029938][T10406] input: syz0 as /devices/virtual/input/input54
[  469.055405][T10427] netlink: 116 bytes leftover after parsing attributes in process `syz.6.1874'.
[  469.236679][T10436] device syzkaller1 entered promiscuous mode
[  471.335645][T10472] input: syz0 as /devices/virtual/input/input55
[  472.810332][T10489] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1887'.
[  475.402084][ T4352] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  475.591756][ T4352] usb 4-1: device descriptor read/64, error -71
[  475.788806][T10534] input: syz0 as /devices/virtual/input/input56
[  475.872028][ T4352] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  475.932244][T10538] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1910'.
[  476.262676][ T4352] usb 4-1: device descriptor read/64, error -71
[  583.031663][    C1] ------------[ cut here ]------------
[  583.038601][    C1] WARNING: CPU: 1 PID: 10520 at kernel/rcu/tree_stall.h:970 rcu_check_gp_start_stall+0x2dc/0x460
[  583.049175][    C1] Modules linked in:
[  583.053108][    C1] CPU: 1 PID: 10520 Comm: syz.0.1904 Not tainted syzkaller #0
[  583.060624][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  583.070709][    C1] RIP: 0010:rcu_check_gp_start_stall+0x2dc/0x460
[  583.077164][    C1] Code: ff ff ff 48 c7 c7 20 df c2 96 be 04 00 00 00 e8 7a 4c 65 00 48 89 df b8 01 00 00 00 87 05 bc 39 57 15 85 c0 0f 85 19 ff ff ff <0f> 0b 48 81 ff 40 01 b3 8c 74 47 48 c7 c0 e4 ab 1f 8e 48 c1 e8 03
[  583.096795][    C1] RSP: 0018:ffffc900001e0b78 EFLAGS: 00010046
[  583.102891][    C1] RAX: 0000000000000000 RBX: ffffffff8cb30140 RCX: ffffffff816ba556
[  583.110875][    C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8cb30140
[  583.118872][    C1] RBP: ffffc900001e0df0 R08: 0000000000000004 R09: 0000000000000003
[  583.126863][    C1] R10: fffffbfff2d85be4 R11: 1ffffffff2d85be4 R12: 0000000000002904
[  583.134848][    C1] R13: dffffc0000000000 R14: 0000000000000a06 R15: dffffc0000000000
[  583.142837][    C1] FS:  00007fe8a5ab86c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  583.151781][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  583.158389][    C1] CR2: 00007fe8a5ab8000 CR3: 000000004ff5c000 CR4: 00000000003506e0
[  583.166388][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  583.174372][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  583.182359][    C1] Call Trace:
[  583.185654][    C1]  <IRQ>
[  583.188519][    C1]  rcu_core+0x5d9/0x16a0
[  583.192826][    C1]  ? rcu_cpu_kthread_park+0x90/0x90
[  583.198056][    C1]  ? mark_lock+0x94/0x320
[  583.202422][    C1]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  583.208439][    C1]  ? lock_chain_count+0x20/0x20
[  583.213326][    C1]  handle_softirqs+0x2a1/0x920
[  583.218126][    C1]  ? __irq_exit_rcu+0x12f/0x220
[  583.223041][    C1]  ? do_softirq+0x200/0x200
[  583.227579][    C1]  __irq_exit_rcu+0x12f/0x220
[  583.232291][    C1]  ? irq_exit_rcu+0x20/0x20
[  583.236830][    C1]  irq_exit_rcu+0x5/0x20
[  583.241104][    C1]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  583.246768][    C1]  </IRQ>
[  583.249716][    C1]  <TASK>
[  583.252666][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  583.258667][    C1] RIP: 0010:lock_acquire+0x20f/0x490
[  583.263986][    C1] Code: 00 9c 8f 84 24 80 00 00 00 f6 84 24 81 00 00 00 02 0f 85 f5 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 44 3d 00 00 00 00 00 66 43 c7 44 3d 09 00 00 43 c6 44 3d 0b
[  583.283701][    C1] RSP: 0018:ffffc90017a07a60 EFLAGS: 00000206
[  583.289785][    C1] RAX: 0000000000000001 RBX: 0000000000000000 RCX: e6cf7aac5a023d00
[  583.297770][    C1] RDX: 0000000000000000 RSI: ffffffff8a8c1680 RDI: ffffffff8adefce0
[  583.305756][    C1] RBP: ffffc90017a07b80 R08: dffffc0000000000 R09: fffffbfff215c44f
[  583.313746][    C1] R10: fffffbfff215c44f R11: 1ffffffff215c44e R12: 0000000000000001
[  583.321731][    C1] R13: 1ffff92002f40f58 R14: 0000000000000246 R15: dffffc0000000000
[  583.329738][    C1]  ? __local_bh_enable_ip+0x12a/0x1b0
[  583.335137][    C1]  ? _local_bh_enable+0xa0/0xa0
[  583.340013][    C1]  ? read_lock_is_recursive+0x10/0x10
[  583.345433][    C1]  ? fpu__restore_sig+0x9a1/0x1190
[  583.350561][    C1]  ? __might_fault+0xa6/0x120
[  583.355266][    C1]  __might_fault+0xc2/0x120
[  583.359802][    C1]  ? __might_fault+0xa6/0x120
[  583.364504][    C1]  _copy_from_user+0x27/0x170
[  583.369226][    C1]  restore_altstack+0x9a/0x4a0
[  583.374014][    C1]  ? __ia32_sys_sigaltstack+0x270/0x270
[  583.379579][    C1]  ? __might_fault+0xc2/0x120
[  583.384303][    C1]  ? __might_fault+0xa6/0x120
[  583.389015][    C1]  __ia32_sys_rt_sigreturn+0x660/0x790
[  583.394499][    C1]  ? bpf_trace_run2+0xda/0x3b0
[  583.399292][    C1]  ? load_gs_index+0x120/0x120
[  583.404097][    C1]  ? lock_chain_count+0x20/0x20
[  583.409005][    C1]  ? trace_sys_enter+0x22/0x80
[  583.413818][    C1]  do_syscall_64+0x4c/0xa0
[  583.418262][    C1]  ? clear_bhb_loop+0x60/0xb0
[  583.422965][    C1]  ? clear_bhb_loop+0x60/0xb0
[  583.427664][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  583.433578][    C1] RIP: 0033:0x7fe8a4b8eec9
[  583.438031][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  583.457665][    C1] RSP: 002b:00007fe8a5ab80e8 EFLAGS: 00000246
[  583.463759][    C1] RAX: fffffffffffffffc RBX: 00007fe8a4de5fa8 RCX: 00007fe8a4b8eec9
[  583.471745][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe8a4de5fa8
[  583.479731][    C1] RBP: 00007fe8a4de5fa0 R08: 0000000000000000 R09: 0000000000000000
[  583.487716][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  583.495707][    C1] R13: 00007fe8a4de6038 R14: 00007ffd4e19f830 R15: 00007ffd4e19f918
[  583.503720][    C1]  </TASK>
[  583.506761][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  583.514049][    C1] CPU: 1 PID: 10520 Comm: syz.0.1904 Not tainted syzkaller #0
[  583.521514][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  583.531578][    C1] Call Trace:
[  583.534864][    C1]  <IRQ>
[  583.537717][    C1]  dump_stack_lvl+0x168/0x22e
[  583.542422][    C1]  ? memcpy+0x3c/0x60
[  583.546432][    C1]  ? show_regs_print_info+0x12/0x12
[  583.551647][    C1]  ? load_image+0x3b0/0x3b0
[  583.556189][    C1]  panic+0x2c9/0x710
[  583.560111][    C1]  ? bpf_jit_dump+0xd0/0xd0
[  583.564671][    C1]  __warn+0x2f8/0x4f0
[  583.568685][    C1]  ? rcu_check_gp_start_stall+0x2dc/0x460
[  583.574527][    C1]  ? rcu_check_gp_start_stall+0x2dc/0x460
[  583.580325][    C1]  report_bug+0x2ba/0x4f0
[  583.584672][    C1]  ? rcu_check_gp_start_stall+0x2dc/0x460
[  583.590439][    C1]  handle_bug+0x3a/0x70
[  583.594615][    C1]  exc_invalid_op+0x16/0x40
[  583.599153][    C1]  asm_exc_invalid_op+0x16/0x20
[  583.604020][    C1] RIP: 0010:rcu_check_gp_start_stall+0x2dc/0x460
[  583.610384][    C1] Code: ff ff ff 48 c7 c7 20 df c2 96 be 04 00 00 00 e8 7a 4c 65 00 48 89 df b8 01 00 00 00 87 05 bc 39 57 15 85 c0 0f 85 19 ff ff ff <0f> 0b 48 81 ff 40 01 b3 8c 74 47 48 c7 c0 e4 ab 1f 8e 48 c1 e8 03
[  583.630007][    C1] RSP: 0018:ffffc900001e0b78 EFLAGS: 00010046
[  583.636094][    C1] RAX: 0000000000000000 RBX: ffffffff8cb30140 RCX: ffffffff816ba556
[  583.644114][    C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8cb30140
[  583.652096][    C1] RBP: ffffc900001e0df0 R08: 0000000000000004 R09: 0000000000000003
[  583.660078][    C1] R10: fffffbfff2d85be4 R11: 1ffffffff2d85be4 R12: 0000000000002904
[  583.668094][    C1] R13: dffffc0000000000 R14: 0000000000000a06 R15: dffffc0000000000
[  583.676098][    C1]  ? rcu_check_gp_start_stall+0x2c6/0x460
[  583.681853][    C1]  ? rcu_check_gp_start_stall+0x2c6/0x460
[  583.687601][    C1]  rcu_core+0x5d9/0x16a0
[  583.691877][    C1]  ? rcu_cpu_kthread_park+0x90/0x90
[  583.697127][    C1]  ? mark_lock+0x94/0x320
[  583.701485][    C1]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  583.707489][    C1]  ? lock_chain_count+0x20/0x20
[  583.712372][    C1]  handle_softirqs+0x2a1/0x920
[  583.717175][    C1]  ? __irq_exit_rcu+0x12f/0x220
[  583.722052][    C1]  ? do_softirq+0x200/0x200
[  583.726587][    C1]  __irq_exit_rcu+0x12f/0x220
[  583.731286][    C1]  ? irq_exit_rcu+0x20/0x20
[  583.735822][    C1]  irq_exit_rcu+0x5/0x20
[  583.740102][    C1]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  583.745755][    C1]  </IRQ>
[  583.748704][    C1]  <TASK>
[  583.751664][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  583.757661][    C1] RIP: 0010:lock_acquire+0x20f/0x490
[  583.762971][    C1] Code: 00 9c 8f 84 24 80 00 00 00 f6 84 24 81 00 00 00 02 0f 85 f5 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 44 3d 00 00 00 00 00 66 43 c7 44 3d 09 00 00 43 c6 44 3d 0b
[  583.782592][    C1] RSP: 0018:ffffc90017a07a60 EFLAGS: 00000206
[  583.788680][    C1] RAX: 0000000000000001 RBX: 0000000000000000 RCX: e6cf7aac5a023d00
[  583.796671][    C1] RDX: 0000000000000000 RSI: ffffffff8a8c1680 RDI: ffffffff8adefce0
[  583.804657][    C1] RBP: ffffc90017a07b80 R08: dffffc0000000000 R09: fffffbfff215c44f
[  583.812642][    C1] R10: fffffbfff215c44f R11: 1ffffffff215c44e R12: 0000000000000001
[  583.820627][    C1] R13: 1ffff92002f40f58 R14: 0000000000000246 R15: dffffc0000000000
[  583.828648][    C1]  ? __local_bh_enable_ip+0x12a/0x1b0
[  583.834065][    C1]  ? _local_bh_enable+0xa0/0xa0
[  583.838942][    C1]  ? read_lock_is_recursive+0x10/0x10
[  583.844348][    C1]  ? fpu__restore_sig+0x9a1/0x1190
[  583.849482][    C1]  ? __might_fault+0xa6/0x120
[  583.854191][    C1]  __might_fault+0xc2/0x120
[  583.858720][    C1]  ? __might_fault+0xa6/0x120
[  583.863436][    C1]  _copy_from_user+0x27/0x170
[  583.868134][    C1]  restore_altstack+0x9a/0x4a0
[  583.872945][    C1]  ? __ia32_sys_sigaltstack+0x270/0x270
[  583.878513][    C1]  ? __might_fault+0xc2/0x120
[  583.883223][    C1]  ? __might_fault+0xa6/0x120
[  583.887961][    C1]  __ia32_sys_rt_sigreturn+0x660/0x790
[  583.893444][    C1]  ? bpf_trace_run2+0xda/0x3b0
[  583.898244][    C1]  ? load_gs_index+0x120/0x120
[  583.903058][    C1]  ? lock_chain_count+0x20/0x20
[  583.907954][    C1]  ? trace_sys_enter+0x22/0x80
[  583.912753][    C1]  do_syscall_64+0x4c/0xa0
[  583.917186][    C1]  ? clear_bhb_loop+0x60/0xb0
[  583.921877][    C1]  ? clear_bhb_loop+0x60/0xb0
[  583.926581][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  583.932485][    C1] RIP: 0033:0x7fe8a4b8eec9
[  583.936999][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  583.956636][    C1] RSP: 002b:00007fe8a5ab80e8 EFLAGS: 00000246
[  583.962730][    C1] RAX: fffffffffffffffc RBX: 00007fe8a4de5fa8 RCX: 00007fe8a4b8eec9
[  583.970717][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe8a4de5fa8
[  583.978710][    C1] RBP: 00007fe8a4de5fa0 R08: 0000000000000000 R09: 0000000000000000
[  583.986701][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  583.994684][    C1] R13: 00007fe8a4de6038 R14: 00007ffd4e19f830 R15: 00007ffd4e19f918
[  584.002687][    C1]  </TASK>
[  584.006009][    C1] Kernel Offset: disabled
[  584.010920][    C1] Rebooting in 86400 seconds..