last executing test programs:

15m55.731015547s ago: executing program 32 (id=79):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x7, [@fwd={0x5}, @func_proto={0x0, 0x0, 0x0, 0x2, 0x3}, @func_proto]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x61]}}, 0x0, 0x43, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r0 = syz_usb_connect$uac1(0x2, 0xa5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902930003010000000904000000010100000a240100000002010213240600000600000000000000dfff000000000924030000000000000924050000f8431cfd0924030000030004020624050400"], 0x0)
syz_usb_control_io(r0, &(0x7f00000009c0)={0x2c, &(0x7f00000007c0)={0x20, 0xc, 0x10, {0x10, 0x23, "ee93b2411557a118fc4b379e5717"}}, &(0x7f0000000880)={0x0, 0x3, 0x3, @string={0x3, 0x3, 'u'}}, &(0x7f00000008c0)=ANY=[@ANYBLOB="000f55000000050f5500060710020c1101800b10010c110001030500020b1001080000fd070700040b10010c6c004004fdffc614100409ed8e324761e2ebced1ddae762701d8130f42bc3231ec2bd3c2b1e6000000000000"], &(0x7f0000000940)={0x20, 0x29, 0xf, {0xf, 0x29, 0x2, 0x1f, 0x22, 0x9, "8f07ce92", "3b9195a2"}}, &(0x7f0000000980)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0xc0, 0x81, 0x9, 0x6, 0x9, 0xf3d2, 0x13}}}, 0x0)
syz_usb_control_io(r0, &(0x7f0000000280)={0x2c, 0x0, &(0x7f0000000140)={0x0, 0x3, 0x28, @string={0x28, 0x3, "ccb458ec9da8a8aca170d4729af805ca7592f4878aeefc580bf2e58ed574ab6281dc2c8820e8"}}, 0x0, 0x0, 0x0}, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f00000004c0)=@xdp={0x2c, 0x0, 0x0, 0x24}, 0x80, 0x0}, 0x50)
socketpair(0x28, 0x80000, 0x8e, &(0x7f0000000000))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r1, &(0x7f0000000540), &(0x7f0000000000)=""/7, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r1, &(0x7f0000000100), &(0x7f0000000000)=""/8, 0x2}, 0x20)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000000340)={r1, &(0x7f0000000400), 0x20000000}, 0x20)
open(&(0x7f00000004c0)='./file1/file0\x00', 0x0, 0x0)

14m9.172414292s ago: executing program 1 (id=487):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',privport,access=', @ANYRESDEC=r0])
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

14m8.783285506s ago: executing program 1 (id=490):
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6(0xa, 0x80002, 0x0)
syz_io_uring_setup(0x10d, 0x0, 0x0, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r1, 0x0, 0x0)

14m7.42850176s ago: executing program 1 (id=498):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$netlink(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r2, @ANYBLOB="01000000000000000000010000000c0005006c000000000000000c0002000000000000000000040007800c000800000000000000000008000100000000004400078008000100", @ANYRES32, @ANYBLOB="38000100", @ANYRES32=r3, @ANYBLOB="64800400", @ANYRES32, @ANYBLOB="08000100", @ANYBLOB="06"], 0x90}}, 0x0)

14m7.030514837s ago: executing program 1 (id=501):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f0000000180)='./file0\x00')
mount(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f0000000340)='devpts\x00', 0x0, 0x0)
chroot(&(0x7f0000000040)='./file0/../file0/../file0\x00')
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000100)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

14m6.934426188s ago: executing program 1 (id=502):
r0 = socket(0x1e, 0x2, 0x0)
mq_open(0x0, 0x40, 0x0, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r2, 0x2c9ab000)
r3 = epoll_create1(0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000000)={0xe000202b})
epoll_pwait(r4, &(0x7f00008c9fc4)=[{}], 0x1, 0xfffffff3, 0x0, 0x0)
r5 = dup3(r0, r4, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r5, &(0x7f0000000300)={0x200f})

14m6.604818474s ago: executing program 1 (id=504):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000480)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000580)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x100000}, @ptr={0x70742a85, 0x0, 0x0}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x1, 0x14}}, &(0x7f0000001280)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})

14m5.552738436s ago: executing program 33 (id=504):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000480)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000580)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x100000}, @ptr={0x70742a85, 0x0, 0x0}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x1, 0x14}}, &(0x7f0000001280)={0x0, 0x28, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})

7m27.182326857s ago: executing program 6 (id=1792):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001300)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
socket$tipc(0x1e, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
getpeername$packet(r2, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r1, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r3}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

7m25.302458009s ago: executing program 6 (id=1796):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x10, &(0x7f0000001a00)=ANY=[@ANYRESOCT=0x0], &(0x7f00000000c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f000019f000/0x1000)=nil, 0x1000, 0xe)
syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000400)='net/dev_mcast\x00')
preadv(r0, &(0x7f0000000100), 0x0, 0x0, 0x5)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e04004220"], 0x7)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0xfff}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000057c0)=[{{0x0, 0x0, &(0x7f0000000440)=[{0x0}, {0x0}], 0x2}, 0x8}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000004f00)=""/120, 0x78}, 0xffffffb9}, {{&(0x7f0000004f80)=@qipcrtr, 0x80, &(0x7f00000003c0)=[{0x0}], 0x1, &(0x7f0000005040)=""/22, 0x16}, 0x1}, {{0x0, 0x0, &(0x7f0000005380)}, 0x4}, {{&(0x7f0000005500)=@hci, 0x80, &(0x7f0000005700), 0x0, &(0x7f0000005740)=""/118, 0x76}, 0x8}], 0x5, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)

7m24.462327934s ago: executing program 6 (id=1799):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002400000024000000020000000000000001000084040000000000000002"], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000000c00000002000000002000000000001304000080"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8936, &(0x7f0000000000)={'nicvf0\x00', 0x0})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
bind$xdp(0xffffffffffffffff, &(0x7f0000000000)={0x2}, 0x10)
ioctl$TCFLSH(r0, 0x404c4701, 0x20000000)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0xf9)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000280)=0xfd)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000005c0)=0x3f)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000300)=0x7)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0xb)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000240)=0x5)

7m20.351991975s ago: executing program 6 (id=1807):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1fea4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
write$vga_arbiter(r4, &(0x7f0000000040)=@target={'target ', {'PCI:', '0', ':', '7', ':', '2', '.', '0'}}, 0x13)

7m19.069592107s ago: executing program 6 (id=1812):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x1f, 0x4, 0x0, 0x0, 0x7c, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x4, 0x0, 0x0, 0x9}, @timestamp_prespec={0x44, 0x34, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1, 0x5}, {@remote}, {@empty, 0x3}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x24, 0x0, 0x3, 0x8, [{@dev={0xac, 0x14, 0x14, 0x80}, 0x20000}, {@multicast2, 0x7}, {@private=0xa010101}, {@broadcast, 0x52b1}]}, @noop, @noop, @noop, @lsrr={0x83, 0x7, 0xdc, [@multicast1]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

7m15.989428451s ago: executing program 6 (id=1823):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
dup(0xffffffffffffffff)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000000000))
readv(0xffffffffffffffff, &(0x7f00000018c0), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

7m0.791708589s ago: executing program 34 (id=1823):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
dup(0xffffffffffffffff)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000000000))
readv(0xffffffffffffffff, &(0x7f00000018c0), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

4m58.892806264s ago: executing program 7 (id=2187):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
close(0xffffffffffffffff)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x2, 0x40000007, &(0x7f0000006680))
sendmsg$NFNL_MSG_CTHELPER_GET(0xffffffffffffffff, 0x0, 0x0)
write$6lowpan_control(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r1, &(0x7f0000000080), 0x10)

4m57.304819769s ago: executing program 7 (id=2191):
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x8000, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
linkat(r0, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000240)='./file0\x00', 0x0)
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x0)
ftruncate(r3, 0x6000000)
getdents(r2, &(0x7f0000001fc0)=""/182, 0xb6)

4m57.207829475s ago: executing program 7 (id=2192):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_open_dev$vim2m(&(0x7f0000000080), 0x8, 0x2)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb7030000f3000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000380)={0x3ff}, 0x0, 0x0)

4m56.180777426s ago: executing program 7 (id=2194):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x40000, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
sendfile(r2, r1, &(0x7f00000000c0)=0x58, 0x7ffff000)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, 0x0, &(0x7f00000001c0))
setsockopt$inet_sctp_SCTP_AUTH_KEY(r1, 0x84, 0x17, 0x0, 0x0)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$vim2m_VIDIOC_STREAMON(0xffffffffffffffff, 0x40045612, &(0x7f0000000280)=0x7)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x7, &(0x7f0000000140)=0xfffffffd, 0x4)
mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00007fe000/0x800000)=nil)

4m48.997356148s ago: executing program 7 (id=2212):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x1, 0x8, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(r1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x19, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000010000e1250000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r6, 0x4)
sendmsg$unix(r5, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

4m47.578799037s ago: executing program 7 (id=2215):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000140)={{0x200002, 0x0, 0x81, 0x0, 'syz0\x00', 0x10000}, 0x3, 0x0, 0x3e, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f00000002c0)=['syz0\x00\x9cB\xd1}\xb7\xe2\xde\xb0\xc0\xab\x18]\xe5\xa1\x1anK\xadL\xe0\x00\xfd\xbc\xf2\x89\x8f\xe5)\xa8\xdeuYD\x14\x84\x01\xd3e?\xde/\x80y]\xa6\xb4^\xa66_\xb2RR\r\xc2\xa6\xb2\xa23\x1e\x880$\x87\xcdb\xa1\xf1\x19\x00d\xf1}\"\x9f#\x9a\xd2T\xfc\x84\xce\x8cW[AQ\xc4R\xec\xef7o\x03\x90\x8c\x01O\x89\xb7\r\x90\xd1\xde\xa6`\xbe\x93\xe96\xeei8\x8b~b+\x02\xbfy\x96\xb3h\x96R\xd18\b\b\xc5\v\xeac\x98\xd8\x95\xd3\x1f\x03\x00\x9d\x8f\xeb\x16 \xa0u\xad\xc2\xd4UH\x82\xbb\xe5\xd9\x19\xb7P\xfc\xf2\x02{\xba&\x0f/\xb2d\aC\xd0Q\x9e\xb2\x16\xea\xfe\x06\x92`\xdaV\xe3\xb0'], 0xbe})

4m32.270539619s ago: executing program 35 (id=2215):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000140)={{0x200002, 0x0, 0x81, 0x0, 'syz0\x00', 0x10000}, 0x3, 0x0, 0x3e, 0x0, 0x1, 0x0, 'syz1\x00', &(0x7f00000002c0)=['syz0\x00\x9cB\xd1}\xb7\xe2\xde\xb0\xc0\xab\x18]\xe5\xa1\x1anK\xadL\xe0\x00\xfd\xbc\xf2\x89\x8f\xe5)\xa8\xdeuYD\x14\x84\x01\xd3e?\xde/\x80y]\xa6\xb4^\xa66_\xb2RR\r\xc2\xa6\xb2\xa23\x1e\x880$\x87\xcdb\xa1\xf1\x19\x00d\xf1}\"\x9f#\x9a\xd2T\xfc\x84\xce\x8cW[AQ\xc4R\xec\xef7o\x03\x90\x8c\x01O\x89\xb7\r\x90\xd1\xde\xa6`\xbe\x93\xe96\xeei8\x8b~b+\x02\xbfy\x96\xb3h\x96R\xd18\b\b\xc5\v\xeac\x98\xd8\x95\xd3\x1f\x03\x00\x9d\x8f\xeb\x16 \xa0u\xad\xc2\xd4UH\x82\xbb\xe5\xd9\x19\xb7P\xfc\xf2\x02{\xba&\x0f/\xb2d\aC\xd0Q\x9e\xb2\x16\xea\xfe\x06\x92`\xdaV\xe3\xb0'], 0xbe})

3m51.339640827s ago: executing program 4 (id=2342):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019640)=""/102400, 0x19000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

3m49.413685117s ago: executing program 4 (id=2345):
openat$smackfs_access(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/fs/smackfs/access2\x00', 0x2, 0x0)
r0 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0x2a, &(0x7f00000000c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x1b, 0x0, "61a1ed8439cde8054f2ada6fcd5fe76b933e8bb0ac60081e33dffa158f35f7519d5f73b4f5d80eb4881a5b98cb9fb96d225d602392f816d09dcc09b5063087117502d8c24f1fe97f61fd27a06d6a38a7"}, 0xd8)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r0, 0xc1004111, 0x0)

3m46.801423306s ago: executing program 4 (id=2351):
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
rseq(0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000020c0)={'syztnl0\x00', 0x0, 0x2f, 0x9, 0x3, 0x7fffffe, 0x5b, @mcast1, @loopback={0xfec0ffff00000000, 0xffff8881114a4aa8}, 0x0, 0x0, 0x0, 0x7}})
setsockopt$inet6_int(r0, 0x29, 0x24, &(0x7f0000000200)=0x5, 0x4)
socket(0x15, 0x5, 0x0)
chdir(0x0)
syz_usb_connect(0x2, 0x3d, 0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$UHID_CREATE(r2, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120)
readv(r2, &(0x7f0000002980)=[{&(0x7f0000000700)=""/163, 0xa3}], 0x2)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0xc048aec8, 0x0)

3m41.677553909s ago: executing program 4 (id=2362):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg(r0, &(0x7f00000057c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000180)="ee", 0x1}], 0x1}}], 0x1, 0x0)
recvmmsg(r0, &(0x7f00000048c0)=[{{0x0, 0x0, &(0x7f0000004a00)=[{&(0x7f0000001a00)=""/4099, 0x1003}], 0x1}}], 0x1, 0x10122, 0x0)
sendmsg$sock(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000500)="c4", 0x1}], 0x1}, 0x0)
accept4$x25(0xffffffffffffffff, 0x0, 0x0, 0x80800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
write$khugepaged_scan(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xd, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086", 0x0, 0x5da0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

3m38.497360524s ago: executing program 4 (id=2369):
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r2 = gettid()
process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

3m37.095867454s ago: executing program 4 (id=2372):
socket$nl_sock_diag(0x10, 0x3, 0x4)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$igmp(0x2, 0x3, 0x2)
socket$inet6(0xa, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=r0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f"], 0x6c}}, 0x840)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x14, 0x0, 0x0, 0x0, 0x1, {{}, {@void, @void}}}, 0x14}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCBRDELBR(r1, 0x89a2, &(0x7f0000000000)='bridge0\x00')

3m21.968355516s ago: executing program 36 (id=2372):
socket$nl_sock_diag(0x10, 0x3, 0x4)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$igmp(0x2, 0x3, 0x2)
socket$inet6(0xa, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=r0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f"], 0x6c}}, 0x840)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x14, 0x0, 0x0, 0x0, 0x1, {{}, {@void, @void}}}, 0x14}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCBRDELBR(r1, 0x89a2, &(0x7f0000000000)='bridge0\x00')

2m46.6957927s ago: executing program 5 (id=2479):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a0300fef0ffffff79a4f0ff00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c850000005a000000b70000000000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000500000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac64d9c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccfd8b129258bb0a93cee1d44f8665172c06933d20f184b78b435462c52a85149451ffd564c56a7cbf11a1127c77242915e43b2bc"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x200000, 0x10, &(0x7f0000000000), 0x143, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000580))
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000440)={'tunl0\x00', &(0x7f0000000400)={'syztnl0\x00', <r4=>0x0, 0x0, 0x10, 0x0, 0xfffffffd, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x80, 0x4, 0x0, @loopback, @rand_addr=0x64010101}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r3, 0x89f3, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000040)={'ip_vti0\x00', r4, 0x0, 0x0, 0x4000002, 0x0, {{0x5, 0x4, 0x0, 0x2, 0x14, 0x64, 0x0, 0xfe, 0x4, 0x0, @loopback, @multicast1}}}})
write$binfmt_aout(r2, 0x0, 0x1000)
syz_open_dev$sndpcmp(&(0x7f0000000180), 0x0, 0xa2c65)

2m40.045185492s ago: executing program 5 (id=2490):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
ioctl$VIDIOC_S_HW_FREQ_SEEK(0xffffffffffffffff, 0x40305652, &(0x7f00000000c0)={0x3, 0x1, 0xf, 0x0, 0x3, 0x8fbe, 0x65f40})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r4, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0)

2m39.321874345s ago: executing program 5 (id=2493):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
shutdown(r3, 0x1)
connect$bt_rfcomm(r3, &(0x7f0000005dc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x15}, 0xa)
close(r3)

2m38.259376229s ago: executing program 5 (id=2494):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x0, 0x0)
ptrace$getregset(0x4205, r0, 0x1, 0x0)
ioperm(0x83, 0x6, 0x8)
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x1001, 0x0)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
pselect6(0x40, &(0x7f0000000180)={0x8, 0x7, 0x3, 0x7, 0x5, 0x4, 0x4, 0x2}, 0x0, 0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000080)=0xe)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240))
syz_clone(0x80008000, 0x0, 0x92eb, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
read$dsp(r1, &(0x7f0000000200)=""/115, 0x73)

2m34.403048469s ago: executing program 5 (id=2505):
r0 = socket$unix(0x1, 0x1, 0x0)
recvfrom$unix(r0, &(0x7f0000000000)=""/79, 0x4f, 0x0, &(0x7f0000000080)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000480), 0x28080, 0x0)
ioctl$RTC_UIE_OFF(r1, 0x7004)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
sendmmsg$inet6(r1, &(0x7f0000001640), 0x0, 0x1)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x80080, 0x0)
preadv(r0, 0x0, 0x0, 0x7fff, 0x1)
eventfd(0xffff8000)
r2 = openat$btrfs_control(0xffffffffffffff9c, 0x0, 0x40100, 0x0)
eventfd2(0x4, 0x1)
eventfd2(0x8e7e, 0x3)
io_submit(0x0, 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, 0x0)
ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, 0x0)

2m33.189254918s ago: executing program 5 (id=2506):
syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, 0x0, 0x8000)
r0 = syz_open_procfs(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f0000000300), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
lseek(r0, 0x7fffffffffffffff, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x4c, 0x0, 0x4)
mmap$dsp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000000, 0x40010, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000040)={0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x10, 0x8}, {}, {}, {}, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x2})

2m18.09931402s ago: executing program 37 (id=2506):
syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, 0x0, 0x8000)
r0 = syz_open_procfs(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f0000000300), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
lseek(r0, 0x7fffffffffffffff, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x4c, 0x0, 0x4)
mmap$dsp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000000, 0x40010, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000040)={0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x10, 0x8}, {}, {}, {}, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x2})

18.977482688s ago: executing program 2 (id=2782):
r0 = syz_open_dev$video(&(0x7f0000000000), 0x7ff, 0x0)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r0, 0xc034564b, &(0x7f0000000280)={0x0, 0x35315258, 0x100, 0xe, 0x0, @discrete={0x157, 0x1}})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x3, 0x300)
socket$can_bcm(0x1d, 0x2, 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
getpid()
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

17.014192311s ago: executing program 9 (id=2787):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_usb_connect(0x2, 0x52, &(0x7f0000000140)=ANY=[@ANYBLOB="120100036ffa680863070120ff2c0102030109024000021109400c0904080601ff8bbd020a240107000d020102052405039909"], 0x0)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000040), 0xc)
r2 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
pipe2$watch_queue(&(0x7f0000000580)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
r4 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r3, 0xd5)
pipe2$watch_queue(&(0x7f0000000180)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r5, 0xbc)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r3, 0xb5)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=ANY=[@ANYBLOB="e261a8527ea4fd71aa359edc525d1d75e5e9eff8ba0263bc794d57723f49c0431cceda0b4291ed93eb5890092d5be281e51e6b65581b0d6cdd4bab0a58f681a709ec964e1f22e01ac0e53fd9ed0ce603ebce9958431f36abe3e86af1dae8229a58f923de396444c56b812497028c5a7e0e0aa52d6097f8582794dce8cdb3bc9fef84aadac945af880bfa", @ANYRES16=r6, @ANYBLOB="01002cbd7000000000001400000008000300", @ANYRES32, @ANYBLOB="0600360006000000"], 0x24}}, 0x0)
write$binfmt_aout(r2, &(0x7f00000001c0)=ANY=[@ANYBLOB="03010000b5"], 0xc8)
writev(r1, &(0x7f0000000180)=[{&(0x7f0000002680)="1e", 0xfdef}], 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

16.564929451s ago: executing program 2 (id=2790):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
pipe(0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x8000f28, 0x0)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x20182)
ioctl$USBDEVFS_ALLOW_SUSPEND(r1, 0x5522)
ioctl$USBDEVFS_BULK(r1, 0x5523, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r2, 0x5522, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
ioctl$USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522)
ioctl$USBDEVFS_SETINTERFACE(0xffffffffffffffff, 0x80045510, &(0x7f0000000000))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=@deltaction={0x84, 0x31, 0x4, 0x70bd28, 0x25dfdbff, {}, [@TCA_ACT_TAB={0x54, 0x1, [{0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0x10, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0xc, 0x81d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0x10, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}]}, @TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x440c1}, 0x8000)

15.520897784s ago: executing program 3 (id=2792):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCFLSH(r2, 0x540b, 0x2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$dupfd(r3, 0x0, r3)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
mq_open(&(0x7f0000000140)='*{\x00', 0x40, 0x0, 0x0)
semctl$IPC_STAT(0x0, 0x0, 0x2, 0x0)

14.221055525s ago: executing program 3 (id=2793):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$packet(0x11, 0x2, 0x300)

14.182880042s ago: executing program 0 (id=2794):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r0, 0x5607, 0x30)
ioctl$VT_ACTIVATE(r0, 0x5606, 0x4)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup.net/syz1\x00', 0x200002, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000240)=0x3)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000007000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000280)="0f7963520f01d1b8ad0e8ed0640f16c866b9b20100000bca368336830066edba420066ed0f20e06635801900000f22e066b97808000066b84402000066ba000000000f30baf80c66b842a08c8166efbafc0ced", 0x53}], 0x1, 0x19, 0x0, 0x0)
ioctl$VT_RELDISP(r0, 0x5605)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/profiling', 0x0, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0)=@o_path={&(0x7f0000000180)='./file0\x00', 0x0, 0x4000, r2}, 0x18)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='net\x00')
statx(r4, 0x0, 0x1000, 0x400, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r3, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000001a0001000000000000000a0080002000", @ANYRES32=0x0, @ANYBLOB="0000000008000200000000001400"], 0x38}}, 0x0)

12.547548509s ago: executing program 8 (id=2795):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/37, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
sendmsg$NFNL_MSG_CTHELPER_NEW(r2, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2, 0x0, 0x7}, 0x18)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

12.546875686s ago: executing program 2 (id=2796):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10)
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',cache=mmap'])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r4 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
ftruncate(r5, 0x2000009)
sendfile(r4, r5, 0x0, 0x7ffff000)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x50)

12.546477873s ago: executing program 3 (id=2797):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$int_in(r2, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
fcntl$setsig(r2, 0xa, 0x12)
ppoll(&(0x7f0000000100)=[{r3}], 0x1, 0x0, 0x0, 0x0)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r4, 0x227b, &(0x7f00000000c0)=0x1)
readv(r4, &(0x7f0000000580)=[{&(0x7f0000000100)=""/67, 0x43}], 0x1)
r5 = fcntl$dupfd(r4, 0x0, r4)
write$sndseq(r5, &(0x7f00000003c0)=[{0x0, 0x0, 0x0, 0x0, @tick=0xb, {0x0, 0xb8}, {}, @control={0x9, 0x0, 0xa}}, {0x0, 0x0, 0x0, 0x0, @time={0x0, 0x3ff}, {0x6, 0x4}, {}, @connect={{0x6, 0x2}, {0x0, 0xc}}}], 0x38)
dup2(r2, r3)
fcntl$setown(r3, 0x8, r1)
tkill(r1, 0x13)

12.496872897s ago: executing program 9 (id=2798):
r0 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r0}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18010000820004000800000000000c008500ebff0e0000009528ea6bcb88f75d547dabd26daae2ed7ba9b8550d66feb5bf855b8b4ed82e780bb06af0cc413f4a895fc6f9e421c85d7d5c9454e8591d64e5db3e6e2d79ffcfd0fe63f79d14828d21673a6e6e1d913835c8d8739d95fe0e65524dbe74bba0a3d718c05b70c4be1c0a93baafa7c8d2df0f8b2c6820ee5ec28ecabc43295a9bb98016b0c64636ecc99a3da639b0"], &(0x7f00000001c0)='syzkaller\x00', 0x8000, 0x0, 0x0, 0x41000, 0x46, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
tgkill(r1, r1, 0x3c)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(0xffffffffffffffff, 0x11, &(0x7f00000002c0), 0x2)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="560a00000000000061118000000000001800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

11.824548261s ago: executing program 8 (id=2799):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_io_uring_complete(0x0)
sendto$inet(r0, &(0x7f0000000300)="2c69d00c47dd3de7032f023d1cb885cb5711aa8964ab5898f33589afb072cceebf36d88ff2eaf8280b0f2fce5b4ac678b3e43a7f0c548b20f489cf038ce798b27ecd3e1cd2fa06312a6d5aa3c3a5e5db0fc3444b8accfed3f08aa10f03f217380db064ed355c40690e1453233368ab01d9a5c91c568b146c74f4958b5bd6bb6bcbee4a6234aaeb1133bf5e", 0x8b, 0x4000, &(0x7f0000000000)={0x2, 0x4e23, @private=0xa010102}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x11a, 0x3, &(0x7f00000001c0)=0xf3, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
kexec_load(0x0, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0x0, 0x10000}], 0x0)

11.636893843s ago: executing program 2 (id=2800):
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
getpid()
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
open_by_handle_at(r5, &(0x7f0000000100)=ANY=[@ANYBLOB="0c000000fe00010004"], 0x408100)

11.605165197s ago: executing program 9 (id=2801):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
creat(&(0x7f0000000240)='./file0/bus\x00', 0x0)
acct(&(0x7f0000000100)='./file0/bus\x00')
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f0000000280)='./file0\x00', 0x0)

10.885020962s ago: executing program 3 (id=2802):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000190c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r4, 0x2000009)
sendfile(r3, r4, 0x0, 0x7ffff004)
recvmsg(r3, &(0x7f0000000580)={0x0, 0x2, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700)

9.764341255s ago: executing program 0 (id=2803):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r3, &(0x7f0000000000)=0x12f, 0x12)
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={<r5=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f00000003c0)={'batadv0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x3c, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x4}]}}]}, 0x3c}}, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)

9.276175062s ago: executing program 9 (id=2804):
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000003dc0)={0x0, 0xa0}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$loop(0x0, 0x6, 0x80)
openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)
syz_open_dev$hidraw(0x0, 0x5, 0x400040)

8.812323986s ago: executing program 8 (id=2805):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000005700)=[@text32={0x20, 0x0}], 0x1, 0xe, 0x0, 0x0)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800}, 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$UFFDIO_COPY(r3, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000000)="0f79fa660f1049ef66b9790a00000f32ba4100b009eef30fa7e866b9080900000f32f30f1efb66b8189f00000f23c00f21f86635030009000f23f8bad004ec2e0f0d977147", 0x45}], 0x1, 0x8, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

8.775811257s ago: executing program 2 (id=2806):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r1, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000300))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000380)="67d8902400aa303e97380e908ddaa715f6a4bd8662cbc3cdb7c268e4fd703be2724807416378c9aaf67b61f51ed6ddc4a47116ec2dbf7ff6accd4ea5d271856e7237f334176dafb336aa6687af5e0ee989db3298e6b7280b17dd00f58cec1132dd82854b9c55d85624e7c739fcaf1ea3589d35627941658b4edc7079492c6cea33044b8a3ae0bd6a8fd57f9326950ae52162466c3aa56c056bae8e9dc64873ddefc0dd5ac347f69c08e3a9caad1f", 0xae}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df895d9907e4afb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b907e0974f1073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf4dee8512f3bac440f5d5e4bed6b897608b01eae26a54433e5f5c74a2ee3c2fc50067be05a677ff52a7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6", 0x2de}], 0x2}, 0x0)
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000680)=0x1, 0x4)
sendmsg$NL80211_CMD_JOIN_MESH(r0, 0x0, 0x40)

8.408675201s ago: executing program 3 (id=2807):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000500)=ANY=[@ANYBLOB='\b\x00\x00\x00'])
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x12, 0xc, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

5.156678048s ago: executing program 9 (id=2808):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
socket$packet(0x11, 0x2, 0x300)

5.07076127s ago: executing program 0 (id=2809):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRESHEX=r1, @ANYRES32, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32, @ANYRESHEX], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
openat$fuse(0xffffffffffffff9c, &(0x7f00000002c0), 0x42, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x19, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}, {}, {0x85, 0x0, 0x0, 0x10}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

5.015473392s ago: executing program 2 (id=2810):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_open_dev$dri(0x0, 0x1ff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=@newlink={0x3c, 0x10, 0x403, 0x70bd27, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8}]}, 0x3c}}, 0x0)

4.832218073s ago: executing program 9 (id=2811):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r0, &(0x7f0000000000)="c5", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x80, 0x0, @local, 0x13}, 0x1c)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, 0x0, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$getregset(0x4205, r1, 0x202, &(0x7f0000000240)={0x0})
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000040))
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r3, 0xc058560f, &(0x7f00000000c0)=@mmap={0x1, 0x1, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "bf631e4b"}})
ioctl$vim2m_VIDIOC_QBUF(r3, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0x0, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "a730b801"}, 0x0, 0x1, {0x0}})
ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f0000000000)=0x1)

3.935129982s ago: executing program 0 (id=2812):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0)
socket$inet6(0xa, 0x1, 0x3)
setreuid(0xee01, 0xee01)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)

3.090653065s ago: executing program 8 (id=2813):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x2, 0x1002, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000003c0))
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)={{}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {}, 0x2c, {}, 0x2c, {[], [{@smackfsroot={'smackfsroot', 0x3d, 'user_id'}}, {@smackfsroot={'smackfsroot', 0x3d, 'user_id'}}]}})

2.720924092s ago: executing program 0 (id=2814):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x0, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000000)={@mcast2={0xff, 0x5}, 0x0, 0x0, 0x2, 0x3}, 0x20)

2.719456607s ago: executing program 3 (id=2815):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000140)={0x15, 0x110, 0xfa00, {r1, 0x0, 0x30, 0x30, 0x0, @in6={0x1b, 0x0, 0x0, @empty}, @ib={0x1b, 0x0, 0x0, {"0e000000000000000000000004000001"}}}}, 0x118)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000040)={0x13, 0x10, 0xfa00, {0x0, r1, 0x2}}, 0x18)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000006400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x5}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x801, 0x0, 0x0, {0x1, 0x0, 0x7}}], {0x14}}, 0x70}}, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000000))
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f00000000c0)={[{0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0x40000000}, {0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0xcd, 0x0, 0x9, 0xff, 0x0, 0x0, 0x8}, {0x3fe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f00000000c0)="832a0a65bd8c002b0304000e0580a7b6070d63e2", 0x14)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1.438296321s ago: executing program 8 (id=2816):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r1, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044000)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)={0x28, r3, 0x9, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1d}]}]}, 0x28}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r5, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x14, r5, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)

1.266197826s ago: executing program 0 (id=2817):
r0 = socket$unix(0x1, 0x5, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_RESET(0xffffffffffffffff, 0x4141, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r2, &(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
bind$unix(r0, &(0x7f0000000280)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
syz_usb_connect(0x2, 0x0, 0x0, 0x0)

0s ago: executing program 8 (id=2818):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x0, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x38, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}, @NFTA_SET_FLAGS={0x8}]}, @NFT_MSG_NEWSETELEM={0x40, 0xe, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}], {0x14, 0x10}}, 0xc0}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
fsetxattr(r1, &(0x7f0000000000)=@random={'user.', 'cgroup.controllers\x00'}, 0x0, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)=0xd)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
rseq(&(0x7f0000000040), 0xfffffffffffffdb2, 0x0, 0x0)
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
r3 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f0000001040)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f70c9b3e6ee7ff7fc6e5539b9b3b0e8b9b411b5d30091b080d29428f0e1ac6e7049b3468959b4c9a242a9b67f3988f7ef319520200ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x100d}}, 0xfffffdef)
mmap$xdp(&(0x7f00009eb000/0x4000)=nil, 0x4000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

: batadv0: Removing interface: batadv_slave_1
[  496.792965][T11219] veth7: left allmulticast mode
[  496.812078][T11219] veth7: left promiscuous mode
[  496.820521][T11219] bridge1: port 1(veth7) entered disabled state
[  496.844888][T11219] veth9: left allmulticast mode
[  496.851206][T11219] veth9: left promiscuous mode
[  496.856561][T11219] bridge1: port 2(veth9) entered disabled state
[  496.929263][T11228] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  496.983324][T11227] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  499.439609][    T8] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  499.606109][    T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  499.616631][    T8] usb 6-1: New USB device found, idVendor=04d5, idProduct=0001, bcdDevice= 0.00
[  499.662134][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  499.692070][    T8] usb 6-1: config 0 descriptor??
[  499.700234][    T8] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  500.436108][    T8] usb 6-1: USB disconnect, device number 12
[  501.682803][T11280] ISOFS: Unable to identify CD-ROM format.
[  501.908733][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  501.931017][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  502.482680][T11292] syz.3.1539[11292] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  502.482790][T11292] syz.3.1539[11292] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  502.494758][T11292] syz.3.1539[11292] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  503.797438][T11302] use of bytesused == 0 is deprecated and will be removed in the future,
[  503.818021][T11302] use the actual size instead.
[  505.233434][T11315] xt_nat: multiple ranges no longer supported
[  510.971925][   T29] audit: type=1804 audit(1735914425.884:286): pid=11375 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.3.1561" name="/newroot/314/file1" dev="fuse" ino=1 res=1 errno=0
[  510.992503][   T29] audit: type=1800 audit(1735914425.934:287): pid=11375 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.1561" name="/" dev="fuse" ino=1 res=0 errno=0
[  515.143250][   T95] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  515.312076][   T95] usb 4-1: Using ep0 maxpacket: 32
[  515.446180][   T95] usb 4-1: config 4 has an invalid interface number: 51 but max is 0
[  515.455842][   T95] usb 4-1: config 4 has no interface number 0
[  515.543262][   T95] usb 4-1: config 4 interface 51 has no altsetting 0
[  516.437367][   T95] usb 4-1: New USB device found, idVendor=0c72, idProduct=000c, bcdDevice=c4.ee
[  516.446545][   T95] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  516.454803][   T95] usb 4-1: Product: syz
[  516.458993][   T95] usb 4-1: Manufacturer: syz
[  516.463842][   T95] usb 4-1: SerialNumber: syz
[  517.819937][   T95] peak_usb 4-1:4.51 can0: sending cmd f=0x6 n=0x1 failure: -22
[  517.847368][   T95] peak_usb 4-1:4.51: unable to read PCAN-USB serial number (err -22)
[  517.913095][T11451] netlink: 'syz.2.1584': attribute type 1 has an invalid length.
[  517.920877][T11451] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1584'.
[  518.885725][   T95] peak_usb 4-1:4.51: probe with driver peak_usb failed with error -22
[  518.906102][   T95] usb 4-1: USB disconnect, device number 21
[  521.548831][T11492] loop4: detected capacity change from 0 to 16384
[  521.709240][T11497] I/O error, dev loop4, sector 0 op 0x1:(WRITE) flags 0x8800 phys_seg 16 prio class 0
[  521.719156][T11497] I/O error, dev loop4, sector 0 op 0x1:(WRITE) flags 0x8800 phys_seg 16 prio class 0
[  527.570065][T11552] input: syz0 as /devices/virtual/input/input25
[  527.586176][T11552] input: failed to attach handler leds to device input25, error: -6
[  530.274903][T11567] bond0: entered promiscuous mode
[  530.302235][   T29] audit: type=1804 audit(1735914445.254:288): pid=11573 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.1620" name="/newroot/328/bus/file1" dev="overlay" ino=1797 res=1 errno=0
[  533.501596][T11605] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  533.967489][T11617] loop7: detected capacity change from 0 to 16384
[  535.252216][T11619] loop7: detected capacity change from 16384 to 16383
[  536.389425][T11617] I/O error, dev loop7, sector 3072 op 0x0:(READ) flags 0x80700 phys_seg 31 prio class 0
[  536.456632][T11617] I/O error, dev loop7, sector 3328 op 0x0:(READ) flags 0x80700 phys_seg 31 prio class 0
[  536.466930][T11617] I/O error, dev loop7, sector 3072 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  536.476525][T11617] Buffer I/O error on dev loop7, logical block 384, async page read
[  536.791517][T11615] I/O error, dev loop7, sector 1024 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  536.845837][T11615] Buffer I/O error on dev loop7, logical block 128, lost async page write
[  536.868477][T11615] Buffer I/O error on dev loop7, logical block 129, lost async page write
[  536.891565][T11615] Buffer I/O error on dev loop7, logical block 130, lost async page write
[  536.900609][T11615] Buffer I/O error on dev loop7, logical block 131, lost async page write
[  536.909644][T11615] Buffer I/O error on dev loop7, logical block 132, lost async page write
[  536.918419][T11615] Buffer I/O error on dev loop7, logical block 133, lost async page write
[  536.928678][T11615] Buffer I/O error on dev loop7, logical block 134, lost async page write
[  536.950412][T11615] Buffer I/O error on dev loop7, logical block 135, lost async page write
[  537.049486][T11615] Buffer I/O error on dev loop7, logical block 136, lost async page write
[  537.472397][T11615] I/O error, dev loop7, sector 2048 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  537.644152][T11648] kvm: pic: non byte write
[  537.665384][T11615] I/O error, dev loop7, sector 3072 op 0x1:(WRITE) flags 0x800 phys_seg 16 prio class 0
[  537.683830][T11641] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3832186367 (7664372734 ns) > initial count (4194322 ns). Using initial count to start timer.
[  539.075913][T11667] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  539.087012][T11667] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  539.426725][T11667] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  539.436851][T11667] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  539.885091][T11667] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  539.891082][T11667] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  540.315565][T11680] xt_cluster: you have exceeded the maximum number of cluster nodes (16128 > 32)
[  541.102331][   T53] Bluetooth: hci2: command 0x0406 tx timeout
[  541.502749][   T53] Bluetooth: hci3: command 0x0406 tx timeout
[  541.982376][   T53] Bluetooth: hci1: command 0x0406 tx timeout
[  543.267150][   T53] Bluetooth: hci2: command 0x0406 tx timeout
[  543.609719][   T53] Bluetooth: hci3: command 0x0406 tx timeout
[  544.062240][   T53] Bluetooth: hci1: command 0x0406 tx timeout
[  544.498750][T11726] ntfs3(nullb0): Primary boot signature is not NTFS.
[  544.506725][T11726] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  549.443013][T11761] team0: Port device virt_wifi0 added
[  550.047259][T11779] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  550.930349][T11789] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1684'.
[  551.221927][    T8] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  551.380079][    T8] usb 3-1: config 0 interface 0 has no altsetting 0
[  551.398838][    T8] usb 3-1: New USB device found, idVendor=0451, idProduct=f430, bcdDevice=42.7a
[  552.133388][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  552.148893][    T8] usb 3-1: config 0 descriptor??
[  552.159638][    T8] ti_usb_3410_5052 3-1:0.0: required endpoints missing
[  554.305006][T11818] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1690'.
[  554.346734][   T95] usb 3-1: USB disconnect, device number 17
[  554.382136][T11818] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1690'.
[  557.435441][T11845] [U] 
[  557.438708][T11845] [U] 
[  557.441446][T11845] [U] 
[  557.444159][T11845] [U] 
[  557.446969][T11845] [U] 
[  557.449698][T11845] [U] 
[  557.452415][T11845] [U] 
[  557.455120][T11845] [U] 
[  557.457907][T11845] [U] 
[  557.460610][T11845] [U] 
[  557.463365][T11845] [U] 
[  557.466076][T11845] [U] 
[  557.468860][T11845] [U] 
[  557.471567][T11845] [U] 
[  557.474272][T11845] [U] 
[  557.476977][T11845] [U] 
[  557.479859][T11845] [U] 
[  557.482567][T11845] [U] 
[  557.485269][T11845] [U] 
[  557.487971][T11845] [U] 
[  557.491242][T11845] [U] 
[  557.493962][T11845] [U] 
[  557.496677][T11845] [U] 
[  557.499379][T11845] [U] 
[  557.502204][T11845] [U] 
[  557.504910][T11845] [U] 
[  557.507612][T11845] [U] 
[  557.510319][T11845] [U] 
[  557.513120][T11845] [U] 
[  557.515826][T11845] [U] 
[  557.518525][T11845] [U] 
[  557.521228][T11845] [U] 
[  557.524021][T11845] [U] 
[  557.526732][T11845] [U] 
[  557.529434][T11845] [U] 
[  557.532141][T11845] [U] 
[  557.534938][T11845] [U] 
[  557.537649][T11845] [U] 
[  557.540353][T11845] [U] 
[  557.543058][T11845] [U] 
[  557.545841][T11845] [U] 
[  557.548547][T11845] [U] 
[  557.551249][T11845] [U] 
[  557.553963][T11845] [U] 
[  557.556767][T11845] [U] 
[  557.559484][T11845] [U] 
[  557.562187][T11845] [U] 
[  557.564888][T11845] [U] 
[  557.567688][T11845] [U] 
[  557.570396][T11845] [U] 
[  557.573097][T11845] [U] 
[  557.575800][T11845] [U] 
[  557.578576][T11845] [U] 
[  557.581283][T11845] [U] 
[  557.583990][T11845] [U] 
[  557.586698][T11845] [U] 
[  557.590003][T11845] [U] 
[  557.592720][T11845] [U] 
[  557.595426][T11845] [U] 
[  557.598127][T11845] [U] 
[  557.600910][T11845] [U] 
[  557.603620][T11845] [U] 
[  557.606331][T11845] [U] 
[  557.609036][T11845] [U] 
[  557.611871][T11845] [U] 
[  557.614617][T11845] [U] 
[  557.617339][T11845] [U] 
[  557.620047][T11845] [U] 
[  557.622808][T11845] [U] 
[  557.625511][T11845] [U] 
[  557.628200][T11845] [U] 
[  557.630883][T11845] [U] 
[  557.633717][T11845] [U] 
[  557.636436][T11845] [U] 
[  557.639136][T11845] [U] 
[  557.641850][T11845] [U] 
[  557.644609][T11845] [U] 
[  557.647318][T11845] [U] 
[  557.650024][T11845] [U] 
[  557.652731][T11845] [U] 
[  557.655549][T11845] [U] 
[  557.658258][T11845] [U] 
[  557.660968][T11845] [U] 
[  557.663677][T11845] [U] 
[  557.666499][T11845] [U] 
[  557.669207][T11845] [U] 
[  557.671917][T11845] [U] 
[  557.674661][T11845] [U] 
[  557.677435][T11845] [U] 
[  557.680145][T11845] [U] 
[  557.682856][T11845] [U] 
[  557.685566][T11845] [U] 
[  557.688869][T11845] [U] 
[  557.691599][T11845] [U] 
[  557.694311][T11845] [U] 
[  557.697018][T11845] [U] 
[  557.699809][T11845] [U] 
[  557.702528][T11845] [U] 
[  557.705240][T11845] [U] 
[  557.707943][T11845] [U] 
[  557.710727][T11845] [U] 
[  557.713443][T11845] [U] 
[  557.716173][T11845] [U] 
[  557.718885][T11845] [U] 
[  557.721704][T11845] [U] 
[  557.724424][T11845] [U] 
[  557.727135][T11845] [U] 
[  557.729844][T11845] [U] 
[  557.732626][T11845] [U] 
[  557.735345][T11845] [U] 
[  557.738057][T11845] [U] 
[  557.740771][T11845] [U] 
[  557.743544][T11845] [U] 
[  557.746254][T11845] [U] 
[  557.748966][T11845] [U] 
[  557.751689][T11845] [U] 
[  557.754455][T11845] [U] 
[  557.757165][T11845] [U] 
[  557.759872][T11845] [U] 
[  557.762587][T11845] [U] 
[  557.765422][T11845] [U] 
[  557.768137][T11845] [U] 
[  557.770845][T11845] [U] 
[  557.773555][T11845] [U] 
[  557.776313][T11845] [U] 
[  557.779055][T11845] [U] 
[  557.781775][T11845] [U] 
[  557.801964][T11844] [U] 
[  558.005753][T11850] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  558.059046][T11850] kvm: pic: non byte read
[  558.067264][T11850] pic_ioport_write: 200 callbacks suppressed
[  558.067300][T11850] kvm: pic: level sensitive irq not supported
[  558.074234][T11850] kvm: pic: non byte read
[  558.150695][   T29] audit: type=1107 audit(1735914473.104:289): pid=11853 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=''
[  560.519847][    T9] usb 3-1: new full-speed USB device number 18 using dummy_hcd
[  561.075283][    T9] usb 3-1: unable to get BOS descriptor or descriptor too short
[  561.087040][    T9] usb 3-1: not running at top speed; connect to a high speed hub
[  561.098328][    T9] usb 3-1: config 3 has an invalid interface number: 106 but max is 0
[  561.112107][    T9] usb 3-1: config 3 has no interface number 0
[  561.118634][    T9] usb 3-1: config 3 interface 106 altsetting 10 endpoint 0xF has invalid maxpacket 1024, setting to 64
[  561.477672][    T9] usb 3-1: config 3 interface 106 has no altsetting 0
[  561.500182][    T9] usb 3-1: New USB device found, idVendor=0d46, idProduct=2011, bcdDevice=e8.8a
[  561.510387][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  561.537488][    T9] usb 3-1: Product: syz
[  561.579693][    T9] usb 3-1: Manufacturer: syz
[  561.585981][    T9] usb 3-1: SerialNumber: syz
[  561.599233][T11882] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  561.837406][    T9] kobil_sct 3-1:3.106: KOBIL USB smart card terminal converter detected
[  561.848416][    T9] usb 3-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[  561.877936][    T9] usb 3-1: USB disconnect, device number 18
[  561.900594][    T9] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[  561.921385][    T9] kobil_sct 3-1:3.106: device disconnected
[  561.969213][T11903] netlink: 11 bytes leftover after parsing attributes in process `syz.5.1717'.
[  561.996791][T11903] netlink: 7 bytes leftover after parsing attributes in process `syz.5.1717'.
[  562.142473][   T29] audit: type=1326 audit(1735914477.094:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11908 comm="syz.4.1719" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6655b85d29 code=0x0
[  562.582623][   T29] audit: type=1326 audit(1735914477.474:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11907 comm="syz.3.1718" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff907385d29 code=0x0
[  564.043009][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  564.049533][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  565.127931][T11935] kvm: pic: non byte write
[  565.133570][T11935] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3832186367 (7664372734 ns) > initial count (4194322 ns). Using initial count to start timer.
[  565.163972][T11924] xt_socket: unknown flags 0xc
[  566.611626][T11961] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1732'.
[  566.680504][T11957] netlink: 188 bytes leftover after parsing attributes in process `syz.2.1732'.
[  566.701072][T11957] netlink: 'syz.2.1732': attribute type 1 has an invalid length.
[  569.738605][T11984] loop7: detected capacity change from 0 to 16384
[  569.922988][T11986] loop7: detected capacity change from 16384 to 16383
[  569.996260][T11984] I/O error, dev loop7, sector 640 op 0x0:(READ) flags 0x80700 phys_seg 17 prio class 0
[  570.033291][T11984] I/O error, dev loop7, sector 640 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  570.057972][T11984] buffer_io_error: 263 callbacks suppressed
[  570.058023][T11984] Buffer I/O error on dev loop7, logical block 80, async page read
[  570.565763][   T41] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 16 prio class 0
[  570.585143][   T41] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  570.596298][   T41] Buffer I/O error on dev loop7, logical block 1, lost async page write
[  570.607491][   T41] Buffer I/O error on dev loop7, logical block 2, lost async page write
[  570.620247][   T41] Buffer I/O error on dev loop7, logical block 3, lost async page write
[  570.685333][T11983] I/O error, dev loop7, sector 472 op 0x1:(WRITE) flags 0x800 phys_seg 21 prio class 0
[  570.708961][   T41] Buffer I/O error on dev loop7, logical block 4, lost async page write
[  570.723836][   T41] Buffer I/O error on dev loop7, logical block 5, lost async page write
[  570.738090][   T41] Buffer I/O error on dev loop7, logical block 6, lost async page write
[  570.835353][   T41] Buffer I/O error on dev loop7, logical block 7, lost async page write
[  570.890970][   T41] Buffer I/O error on dev loop7, logical block 8, lost async page write
[  570.900370][   T41] I/O error, dev loop7, sector 352 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  570.910812][   T41] I/O error, dev loop7, sector 360 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  570.920852][   T41] I/O error, dev loop7, sector 368 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  570.930797][   T41] I/O error, dev loop7, sector 376 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  570.941566][   T41] I/O error, dev loop7, sector 384 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  570.964338][   T41] I/O error, dev loop7, sector 392 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  571.423127][T11996] syz.2.1742 (11996): drop_caches: 2
[  572.705488][T12011] ISOFS: Unable to identify CD-ROM format.
[  573.047352][T12005] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1743'.
[  576.273168][T12038] loop7: detected capacity change from 0 to 16384
[  576.851986][T12040] loop7: detected capacity change from 16384 to 16383
[  576.917494][T12038] blk_print_req_error: 9 callbacks suppressed
[  576.917515][T12038] I/O error, dev loop7, sector 2056 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[  576.944410][T12038] I/O error, dev loop7, sector 2056 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  576.959670][T12038] buffer_io_error: 43 callbacks suppressed
[  576.959687][T12038] Buffer I/O error on dev loop7, logical block 257, async page read
[  576.977722][T12038] I/O error, dev loop7, sector 2056 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  576.987920][T12038] Buffer I/O error on dev loop7, logical block 257, async page read
[  577.065312][T12035] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 16 prio class 0
[  577.075885][ T5831] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  577.119173][T12035] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  577.239919][T12035] Buffer I/O error on dev loop7, logical block 1, lost async page write
[  577.768049][ T5831] usb 3-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[  577.772754][T12035] Buffer I/O error on dev loop7, logical block 2, lost async page write
[  577.777251][ T5831] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  577.785599][T12035] Buffer I/O error on dev loop7, logical block 3, lost async page write
[  577.802023][T12035] Buffer I/O error on dev loop7, logical block 4, lost async page write
[  577.810449][T12035] Buffer I/O error on dev loop7, logical block 5, lost async page write
[  577.818950][T12035] Buffer I/O error on dev loop7, logical block 6, lost async page write
[  577.827560][T12035] Buffer I/O error on dev loop7, logical block 7, lost async page write
[  577.862442][T12035] I/O error, dev loop7, sector 768 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  577.890369][T12035] I/O error, dev loop7, sector 776 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  577.901919][ T5831] usb 3-1: config 0 descriptor??
[  577.915145][ T5831] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input28
[  577.942606][T12035] I/O error, dev loop7, sector 784 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  577.991904][T12035] I/O error, dev loop7, sector 792 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  578.029093][T12035] I/O error, dev loop7, sector 800 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  578.051447][T12035] I/O error, dev loop7, sector 808 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  578.328771][ T5831] usb 3-1: USB disconnect, device number 19
[  579.203727][T12064] team0: Port device bond0 removed
[  579.209826][T12064] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  579.724687][    T9] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  580.546536][    T9] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  580.555961][    T9] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  580.565156][T12078] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1767'.
[  580.575342][T12078] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1767'.
[  580.584639][T12078] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1767'.
[  580.593939][T12078] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1767'.
[  580.597217][    T9] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  580.630745][    T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  580.757499][    T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  580.788844][    T9] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  580.812590][    T9] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  580.820635][    T9] usb 6-1: Product: syz
[  580.857369][    T9] usb 6-1: Manufacturer: syz
[  580.862195][ T5883] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[  580.885275][    T9] cdc_wdm 6-1:1.0: skipping garbage
[  580.891056][    T9] cdc_wdm 6-1:1.0: skipping garbage
[  580.905239][    T9] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  580.916527][    T9] cdc_wdm 6-1:1.0: Unknown control protocol
[  580.962018][ T5831] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  580.991968][ T5883] usb 5-1: device descriptor read/64, error -71
[  581.121970][ T5831] usb 3-1: Using ep0 maxpacket: 32
[  581.142390][ T5831] usb 3-1: New USB device found, idVendor=0b95, idProduct=2791, bcdDevice= d.2d
[  581.159446][ T5831] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  581.179014][ T5831] usb 3-1: Product: syz
[  581.187215][ T5831] usb 3-1: Manufacturer: syz
[  581.200887][ T5831] usb 3-1: SerialNumber: syz
[  581.282598][    C0] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  581.289543][    C0] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  581.296203][    C0] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  581.302830][    C0] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  581.309155][    C0] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  581.315780][    C0] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  581.322442][    C0] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  581.329064][    C0] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  581.335432][    T8] usb 6-1: USB disconnect, device number 13
[  581.341983][    C0] cdc_wdm 6-1:1.0: nonzero urb status received: -71
[  581.348616][    C0] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes
[  581.354714][    C0] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  581.441001][ T5831] aqc111 3-1:1.0: probe with driver aqc111 failed with error -22
[  581.676483][ T5831] usb 3-1: USB disconnect, device number 20
[  583.042281][T12104] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  589.841501][T12185] x_tables: duplicate underflow at hook 3
[  590.263745][   T53] Bluetooth: hci1: unexpected event for opcode 0x2042
[  591.122154][ T5921] IPVS: starting estimator thread 0...
[  591.232086][T12208] IPVS: using max 19 ests per chain, 45600 per kthread
[  592.011901][ T5883] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  592.205023][ T5883] usb 3-1: Using ep0 maxpacket: 8
[  592.358404][ T5883] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  592.470437][ T5883] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  592.592616][ T5883] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  593.391990][ T5883] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  593.456489][ T5883] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  593.498794][ T5883] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  594.508226][   T53] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  594.521900][   T53] Bluetooth: hci1: Injecting HCI hardware error event
[  594.532881][   T53] Bluetooth: hci1: hardware error 0x00
[  594.552400][ T5883] usb 3-1: GET_CAPABILITIES returned 0
[  594.569977][ T5883] usbtmc 3-1:16.0: can't read capabilities
[  594.961885][ T5920] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  595.151195][ T5920] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  595.248024][ T5920] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  595.458485][ T5920] usb 4-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  595.766498][   T58] usb 3-1: USB disconnect, device number 21
[  595.767934][ T5920] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  595.793293][ T5920] usb 4-1: config 0 descriptor??
[  596.045974][T12273] bridge0: port 2(bridge_slave_1) entered disabled state
[  596.053333][T12273] bridge0: port 1(bridge_slave_0) entered disabled state
[  596.087937][T12273] bridge0: entered allmulticast mode
[  596.110832][T12275] bridge_slave_1: left allmulticast mode
[  596.132070][T12275] bridge_slave_1: left promiscuous mode
[  596.156247][T12275] bridge0: port 2(bridge_slave_1) entered disabled state
[  596.248564][T12275] bridge_slave_0: left allmulticast mode
[  596.265005][T12275] bridge_slave_0: left promiscuous mode
[  596.281593][T12275] bridge0: port 1(bridge_slave_0) entered disabled state
[  596.311181][ T5920] hid-thrustmaster 0003:044F:B65D.0010: unknown main item tag 0x0
[  596.329400][ T5920] hid-thrustmaster 0003:044F:B65D.0010: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.3-1/input0
[  596.347003][ T5920] hid-thrustmaster 0003:044F:B65D.0010: Wrong number of endpoints?
[  596.534299][    C1] hid-thrustmaster 0003:044F:B65D.0010: URB to get model id failed with error -32
[  596.537278][   T58] usb 4-1: USB disconnect, device number 22
[  596.552094][   T53] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  598.770143][T12297] block device autoloading is deprecated and will be removed.
[  598.784618][T12297] syz.4.1818: attempt to access beyond end of device
[  598.784618][T12297] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  600.682130][ T5831] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  600.872158][ T5831] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  600.926653][ T5831] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  600.999015][ T5831] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  601.056170][ T5831] usb 6-1: config 0 descriptor??
[  601.089798][ T5831] pwc: Askey VC010 type 2 USB webcam detected.
[  601.917541][T12331] loop6: detected capacity change from 0 to 524287999
[  601.926967][    C0] blk_print_req_error: 27 callbacks suppressed
[  601.926985][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  601.942386][    C0] buffer_io_error: 169 callbacks suppressed
[  601.942398][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  601.959155][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  601.968419][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  601.984914][ T5831] pwc: recv_control_msg error -32 req 02 val 2b00
[  601.994364][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  602.003566][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  602.016555][ T5831] pwc: recv_control_msg error -32 req 02 val 2700
[  602.023376][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  602.032546][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  602.047099][ T5831] pwc: recv_control_msg error -32 req 02 val 2c00
[  602.055080][ T5831] pwc: recv_control_msg error -32 req 04 val 1000
[  602.062662][ T5831] pwc: recv_control_msg error -32 req 04 val 1300
[  602.073758][ T5831] pwc: recv_control_msg error -32 req 04 val 1400
[  602.080959][ T5831] pwc: recv_control_msg error -32 req 02 val 2000
[  602.091043][ T5831] pwc: recv_control_msg error -32 req 02 val 2100
[  602.099407][ T5831] pwc: recv_control_msg error -32 req 04 val 1500
[  602.106714][ T5831] pwc: recv_control_msg error -32 req 02 val 2500
[  602.121722][ T5831] pwc: recv_control_msg error -32 req 02 val 2400
[  602.179598][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  602.188860][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  602.263620][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  602.272933][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  602.281291][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  602.290560][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  602.298895][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  602.308090][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  602.317255][T12331] ldm_validate_partition_table(): Disk read failed.
[  602.324288][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  602.333569][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  602.343627][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  602.352815][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  602.385621][ T5831] pwc: recv_control_msg error -71 req 02 val 2900
[  602.393602][ T5831] pwc: recv_control_msg error -71 req 02 val 2800
[  602.403141][ T5831] pwc: recv_control_msg error -71 req 04 val 1100
[  602.415788][ T5831] pwc: recv_control_msg error -71 req 04 val 1200
[  602.428482][ T5831] pwc: Registered as video103.
[  602.440315][ T5831] input: PWC snapshot button as /devices/platform/dummy_hcd.5/usb6/6-1/input/input29
[  602.451955][T12331] Dev loop6: unable to read RDB block 0
[  602.462053][T12331]  loop6: unable to read partition table
[  602.468465][T12331] loop_reread_partitions: partition scan of loop6 (_á) failed (rc=-5)
[  602.491008][ T5831] usb 6-1: USB disconnect, device number 14
[  602.512756][T12332] ldm_validate_partition_table(): Disk read failed.
[  602.556989][T12332] Dev loop6: unable to read RDB block 0
[  602.570349][T12332]  loop6: unable to read partition table
[  602.577520][T12332] loop_reread_partitions: partition scan of loop6 (_á) failed (rc=-5)
[  602.655191][ T5197] ldm_validate_partition_table(): Disk read failed.
[  602.679613][ T5197] Dev loop6: unable to read RDB block 0
[  602.708134][ T5197]  loop6: unable to read partition table
[  608.671433][T12381] binder_alloc: 12380: binder_alloc_buf, no vma
[  612.492843][   T58] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  613.157261][   T58] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  613.177483][   T58] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  613.223827][   T58] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  613.254481][   T58] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  613.270505][   T58] usb 6-1: SerialNumber: syz
[  613.939776][   T58] usb 6-1: 0:2 : does not exist
[  613.948112][   T58] usb 6-1: unit 255 not found!
[  614.092004][   T58] usb 6-1: USB disconnect, device number 15
[  614.215063][T12438] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1857'.
[  614.224226][T12438] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1857'.
[  614.233537][T12438] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1857'.
[  615.130529][ T6181] udevd[6181]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  615.962254][T12238] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  615.990240][T12238] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  616.011196][T12238] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  616.568540][T12238] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  616.577709][T12238] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  616.585967][T12238] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  618.599915][T12451] chnl_net:caif_netlink_parms(): no params data found
[  618.631890][T12238] Bluetooth: hci5: command tx timeout
[  620.760351][T12238] Bluetooth: hci5: command tx timeout
[  622.460513][T12451] bridge0: port 1(bridge_slave_0) entered blocking state
[  622.468053][T12451] bridge0: port 1(bridge_slave_0) entered disabled state
[  622.808855][T12238] Bluetooth: hci5: command tx timeout
[  622.826595][T12451] bridge_slave_0: entered allmulticast mode
[  622.871339][T12451] bridge_slave_0: entered promiscuous mode
[  622.912371][T12520] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  622.929482][T12520] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  623.006227][T12451] bridge0: port 2(bridge_slave_1) entered blocking state
[  623.029962][T12451] bridge0: port 2(bridge_slave_1) entered disabled state
[  623.065799][T12451] bridge_slave_1: entered allmulticast mode
[  623.073447][T12451] bridge_slave_1: entered promiscuous mode
[  623.108089][T12451] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  623.125573][T12451] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  623.343244][T12451] team0: Port device team_slave_0 added
[  623.367718][T12451] team0: Port device team_slave_1 added
[  623.528627][T12451] batman_adv: batadv0: Adding interface: batadv_slave_0
[  623.548660][T12451] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  623.586841][T12451] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  623.599791][T12451] batman_adv: batadv0: Adding interface: batadv_slave_1
[  623.607291][T12451] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  623.646915][T12535] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  623.655944][T12451] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  623.920391][T12451] hsr_slave_0: entered promiscuous mode
[  623.972584][T12451] hsr_slave_1: entered promiscuous mode
[  623.985285][T12451] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  624.004369][T12451] Cannot create hsr debugfs directory
[  624.833015][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  624.839764][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  624.865099][T12238] Bluetooth: hci5: command tx timeout
[  625.340863][T12451] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  626.252965][T12451] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  626.305969][T12451] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  626.338415][T12552] vivid-000: disconnect
[  626.349805][T12451] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  626.489880][T12550] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  626.498836][T12550] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  626.507723][T12550] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  626.516290][T12550] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  626.582014][T12550] vxlan0: entered promiscuous mode
[  626.587276][T12550] vxlan0: entered allmulticast mode
[  626.611734][T12550] netdevsim netdevsim5 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  626.620239][T12550] netdevsim netdevsim5 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  626.628816][T12550] netdevsim netdevsim5 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  626.637298][T12550] netdevsim netdevsim5 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  628.915870][T12451] 8021q: adding VLAN 0 to HW filter on device bond0
[  629.735764][T12451] 8021q: adding VLAN 0 to HW filter on device team0
[  630.118508][   T54] bridge0: port 1(bridge_slave_0) entered blocking state
[  630.125716][   T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[  631.397641][   T54] bridge0: port 2(bridge_slave_1) entered blocking state
[  631.404864][   T54] bridge0: port 2(bridge_slave_1) entered forwarding state
[  631.863068][   T58] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  632.022448][   T58] usb 5-1: Using ep0 maxpacket: 32
[  632.048059][   T58] usb 5-1: New USB device found, idVendor=0cde, idProduct=0023, bcdDevice=21.32
[  632.147113][   T58] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  632.257667][T12604] 9pnet_fd: Insufficient options for proto=fd
[  632.292854][   T58] usb 5-1: Product: syz
[  632.297065][   T58] usb 5-1: Manufacturer: syz
[  632.301693][   T58] usb 5-1: SerialNumber: syz
[  632.399570][   T58] usb 5-1: config 0 descriptor??
[  633.795045][T12451] 8021q: adding VLAN 0 to HW filter on device batadv0
[  634.125265][ T5921] usb 3-1: new full-speed USB device number 22 using dummy_hcd
[  634.169303][T12451] veth0_vlan: entered promiscuous mode
[  634.196901][T12451] veth1_vlan: entered promiscuous mode
[  634.205184][   T29] audit: type=1800 audit(1735914549.154:292): pid=12629 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.1905" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  634.247832][T12451] veth0_macvtap: entered promiscuous mode
[  634.258893][T12451] veth1_macvtap: entered promiscuous mode
[  634.307713][T12451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  634.319063][T12451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  634.330426][T12451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  634.333796][ T5921] usb 3-1: config 2 has an invalid interface number: 186 but max is 0
[  634.341409][T12451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  634.351819][ T5831] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  634.361132][T12451] batman_adv: batadv0: Interface activated: batadv_slave_0
[  634.377929][ T5921] usb 3-1: config 2 has no interface number 0
[  634.383698][T12451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  634.395250][T12451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  634.403195][T12631] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  634.409347][T12451] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  634.427773][T12451] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  634.451810][ T5921] usb 3-1: config 2 interface 186 has no altsetting 0
[  634.475164][ T5921] usb 3-1: New USB device found, idVendor=0423, idProduct=000a, bcdDevice=8c.8f
[  634.484266][T12451] batman_adv: batadv0: Interface activated: batadv_slave_1
[  634.501033][T12451] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  634.534892][T12451] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  634.538091][ T5921] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  634.552072][ T5831] usb 6-1: Using ep0 maxpacket: 8
[  634.557265][T12451] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  634.564825][ T5921] usb 3-1: Product: syz
[  634.575990][ T5831] usb 6-1: config 0 has an invalid interface number: 143 but max is 0
[  634.591938][ T5921] usb 3-1: Manufacturer: syz
[  634.596593][ T5921] usb 3-1: SerialNumber: syz
[  634.599729][T12451] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  634.611888][ T5831] usb 6-1: config 0 has no interface number 0
[  634.618039][ T5831] usb 6-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b
[  634.629128][   T58] usb 5-1: USB disconnect, device number 18
[  634.657620][ T5831] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  634.694154][ T5831] usb 6-1: config 0 descriptor??
[  634.796881][   T69] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  634.815358][   T69] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  634.843413][ T5831] viperboard 6-1:0.143: version 0.00 found at bus 006 address 016
[  634.871156][ T3571] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  634.880311][ T3571] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  634.920168][ T5921] catc 3-1:2.186: Can't set altsetting 1.
[  634.937696][ T5831] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100
[  634.950156][ T5921] catc 3-1:2.186: probe with driver catc failed with error -5
[  634.967584][ T5831] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5
[  634.986384][ T5921] usb 3-1: USB disconnect, device number 22
[  635.024265][ T5831] usb 6-1: USB disconnect, device number 16
[  636.110984][T12657] cifs: Unknown parameter 'no'‘a�£Nð[G¶zob,erèèµ;%j¸¼
[  636.110984][T12657] ‡üzæ,€@q¬Ú÷ôÐåéJ#³"ŽÚh/.�W1ȱ¨nNCº"†CÙ׈¡E)Ð8+€î¶á÷'
[  636.929240][T12658] netlink: 'syz.4.1916': attribute type 29 has an invalid length.
[  638.682006][T12658] netlink: 'syz.4.1916': attribute type 29 has an invalid length.
[  638.700256][T12658] netlink: 'syz.4.1916': attribute type 29 has an invalid length.
[  638.873099][T12658] netlink: 'syz.4.1916': attribute type 29 has an invalid length.
[  638.913043][T12658] netlink: 'syz.4.1916': attribute type 29 has an invalid length.
[  638.945276][T12658] netlink: 'syz.4.1916': attribute type 29 has an invalid length.
[  638.982270][T12658] netlink: 'syz.4.1916': attribute type 29 has an invalid length.
[  639.478108][T12683] netlink: 216 bytes leftover after parsing attributes in process `syz.5.1922'.
[  639.487418][T12683] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1922'.
[  651.730510][T12238] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  651.791897][   T58] usb 4-1: new full-speed USB device number 23 using dummy_hcd
[  652.014040][   T58] usb 4-1: config 2 has an invalid interface number: 186 but max is 0
[  652.028401][   T58] usb 4-1: config 2 has no interface number 0
[  652.085573][   T58] usb 4-1: config 2 interface 186 has no altsetting 0
[  652.229206][   T58] usb 4-1: New USB device found, idVendor=0423, idProduct=000a, bcdDevice=8c.8f
[  652.257280][   T58] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  652.311460][   T58] usb 4-1: Product: syz
[  652.320719][   T58] usb 4-1: Manufacturer: syz
[  652.326530][   T58] usb 4-1: SerialNumber: syz
[  653.152653][T12789] syz.7.1949 (12789): drop_caches: 2
[  655.450017][   T58] catc 4-1:2.186: Can't set altsetting 1.
[  655.458192][   T58] catc 4-1:2.186: probe with driver catc failed with error -5
[  655.494321][   T58] usb 4-1: USB disconnect, device number 23
[  657.131892][   T46] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  657.147427][T12818] netlink: 550 bytes leftover after parsing attributes in process `syz.7.1959'.
[  657.303986][   T46] usb 6-1: Using ep0 maxpacket: 8
[  657.372877][   T46] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  657.418185][   T46] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  658.325543][   T46] usb 6-1: Product: syz
[  658.329914][   T46] usb 6-1: Manufacturer: syz
[  658.464331][   T46] usb 6-1: SerialNumber: syz
[  658.519582][   T46] usb 6-1: config 0 descriptor??
[  659.087648][   T46] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  659.644716][   T29] audit: type=1804 audit(1735914574.604:293): pid=12840 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.7.1966" name="/newroot/14/file1" dev="fuse" ino=1 res=1 errno=0
[  659.709828][   T29] audit: type=1800 audit(1735914574.604:294): pid=12840 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.7.1966" name="/" dev="fuse" ino=1 res=0 errno=0
[  659.757949][   T29] audit: type=1804 audit(1735914574.624:295): pid=12840 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.7.1966" name="/newroot/14/file1" dev="fuse" ino=1 res=1 errno=0
[  660.113025][   T29] audit: type=1804 audit(1735914574.624:296): pid=12840 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.7.1966" name="/newroot/14/file1" dev="fuse" ino=1 res=1 errno=0
[  660.172835][   T29] audit: type=1800 audit(1735914574.624:297): pid=12840 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.7.1966" name="/" dev="fuse" ino=1 res=0 errno=0
[  660.697098][T12855] netlink: 'syz.3.1969': attribute type 12 has an invalid length.
[  661.480915][   T46] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  661.743729][   T46] usb 6-1: USB disconnect, device number 17
[  662.255000][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  663.203084][T12877] netlink: 'syz.7.1975': attribute type 1 has an invalid length.
[  666.260981][T12909] kAFS: unable to lookup cell '/yz1'
[  666.805282][T12910] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  670.131948][ T5920] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  670.187383][T12955] syz.3.1995[12955] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  670.187479][T12955] syz.3.1995[12955] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  670.220344][T12955] syz.3.1995[12955] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  670.295080][ T5920] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  670.318790][ T5920] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  670.328875][ T5920] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  670.370508][T12947] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  670.406566][ T5920] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  670.465394][T12955] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  670.484972][T12955] syzkaller0: entered promiscuous mode
[  670.542272][T12955] syzkaller0: entered allmulticast mode
[  671.378749][   T58] usb 8-1: USB disconnect, device number 2
[  671.970642][T12965] pim6reg1: entered promiscuous mode
[  671.987783][T12965] pim6reg1: entered allmulticast mode
[  674.356968][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  674.412176][T12981] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2003'.
[  674.462229][T12981] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2003'.
[  675.439601][T12996] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2004'.
[  675.449763][T12996] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2004'.
[  678.654348][   T29] audit: type=1326 audit(1735914593.114:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13010 comm="syz.2.2012" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f967b585d29 code=0x0
[  679.801856][ T5921] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  679.995268][T13041] syzkaller0: entered allmulticast mode
[  680.003694][ T5921] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  680.021849][ T5921] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  680.072694][ T5921] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  680.278997][ T5921] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  680.288687][ T5921] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  680.334182][ T5921] usb 4-1: config 0 descriptor??
[  680.520415][T13048] veth5: entered promiscuous mode
[  680.525643][T13048] veth5: entered allmulticast mode
[  680.766432][T13047] Attempt to restore checkpoint with obsolete wellknown handles
[  681.198906][ T5921] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0
[  681.207075][ T5921] plantronics 0003:047F:FFFF.0011: No inputs registered, leaving
[  681.225664][ T5921] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  681.687087][T13060] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2013'.
[  681.701867][   T29] audit: type=1804 audit(1735914596.644:299): pid=13057 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.2023" name="/newroot/418/file1" dev="fuse" ino=1 res=1 errno=0
[  682.952202][ T5880] usb 4-1: reset high-speed USB device number 24 using dummy_hcd
[  683.559600][T13076] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  684.021646][   T58] usb 4-1: USB disconnect, device number 24
[  686.223987][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  686.230613][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  686.967922][T13115] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2034'.
[  689.055683][T13108] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2033'.
[  689.950933][T13142] loop7: detected capacity change from 0 to 16384
[  690.083912][T13130] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2033'.
[  690.097879][T13130] nbd: device at index 64 is going down
[  691.214076][T13148] loop7: detected capacity change from 16384 to 16383
[  691.502159][T13142] blk_print_req_error: 169 callbacks suppressed
[  691.502208][T13142] I/O error, dev loop7, sector 2304 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[  691.724197][T13142] I/O error, dev loop7, sector 2560 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[  691.806682][   T29] audit: type=1800 audit(1735914606.744:300): pid=13157 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.2045" name="bus" dev="overlay" ino=2443 res=0 errno=0
[  691.839551][T13142] I/O error, dev loop7, sector 2304 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  691.881336][T13142] buffer_io_error: 168 callbacks suppressed
[  691.881355][T13142] Buffer I/O error on dev loop7, logical block 288, async page read
[  692.045712][T13142] I/O error, dev loop7, sector 128 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  692.101322][T13142] Buffer I/O error on dev loop7, logical block 16, lost async page write
[  692.112079][T13142] Buffer I/O error on dev loop7, logical block 17, lost async page write
[  692.120585][T13142] Buffer I/O error on dev loop7, logical block 18, lost async page write
[  692.129906][T13142] Buffer I/O error on dev loop7, logical block 19, lost async page write
[  692.187594][T13142] Buffer I/O error on dev loop7, logical block 20, lost async page write
[  692.196845][T13142] Buffer I/O error on dev loop7, logical block 21, lost async page write
[  692.205774][T13142] Buffer I/O error on dev loop7, logical block 22, lost async page write
[  692.214340][T13142] Buffer I/O error on dev loop7, logical block 23, lost async page write
[  692.223631][T13142] Buffer I/O error on dev loop7, logical block 24, lost async page write
[  692.240259][T13142] I/O error, dev loop7, sector 1152 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  692.256289][T13142] I/O error, dev loop7, sector 2176 op 0x1:(WRITE) flags 0x800 phys_seg 16 prio class 0
[  693.713476][T13170] tap0: tun_chr_ioctl cmd 35111
[  694.123852][    T8] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  694.357442][    T8] usb 3-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  694.371760][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  694.381229][    T8] usb 3-1: Product: syz
[  694.394065][    T8] usb 3-1: Manufacturer: syz
[  694.398701][    T8] usb 3-1: SerialNumber: syz
[  694.412073][    T8] r8152-cfgselector 3-1: Unknown version 0x0000
[  694.418565][    T8] r8152-cfgselector 3-1: config 0 descriptor??
[  694.566934][T13192] binder: 13191:13192 ioctl 890c 200012c0 returned -22
[  694.584268][T13192] binder: 13191:13192 ioctl c0306201 20000580 returned -14
[  695.483965][ T5880] r8152-cfgselector 3-1: USB disconnect, device number 23
[  695.686847][T13199] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  698.205601][T13217] netlink: 'syz.2.2065': attribute type 2 has an invalid length.
[  699.000472][T13225] SET target dimension over the limit!
[  701.035555][T13240] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2074'.
[  702.229396][   T58] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  702.418903][   T29] audit: type=1804 audit(1735914617.374:301): pid=13262 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.2079" name="/newroot/434/bus/file1" dev="overlay" ino=2379 res=1 errno=0
[  702.447426][   T58] usb 6-1: Using ep0 maxpacket: 32
[  702.468495][   T58] usb 6-1: config 0 has no interfaces?
[  702.476546][   T58] usb 6-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  702.496609][   T58] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  702.511102][   T58] usb 6-1: Product: syz
[  702.516492][    T8] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  702.531807][   T58] usb 6-1: Manufacturer: syz
[  702.538254][   T58] usb 6-1: SerialNumber: syz
[  702.555156][   T58] usb 6-1: config 0 descriptor??
[  702.962413][    T8] usb 8-1: Using ep0 maxpacket: 32
[  703.760803][    T8] usb 8-1: config 67 has too many interfaces: 229, using maximum allowed: 32
[  703.769748][    T8] usb 8-1: config 67 has 1 interface, different from the descriptor's value: 229
[  703.779184][    T8] usb 8-1: config 67 has no interface number 0
[  703.803087][    T8] usb 8-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  703.812495][    T8] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  703.820773][    T8] usb 8-1: Product: syz
[  703.841808][    T8] usb 8-1: Manufacturer: syz
[  703.846453][    T8] usb 8-1: SerialNumber: syz
[  703.858278][ T5921] usb 6-1: USB disconnect, device number 18
[  703.885634][    T8] usb 8-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  703.926447][    T8] usb 8-1: selecting invalid altsetting 1
[  703.946721][    T8] usb 8-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  703.965451][    T8] usb 8-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  703.982337][    T8] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  703.999618][    T8] usb 8-1: media controller created
[  704.035759][    T8] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  704.522753][T13294] infiniband syz2: set down
[  704.527778][T13294] infiniband syz2: added team_slave_1
[  704.667381][T13294] RDS/IB: syz2: added
[  704.673595][T13294] smc: adding ib device syz2 with port count 1
[  704.680449][T13294] smc:    ib device syz2 port 1 has pnetid SYZ0 (user defined)
[  705.114610][T13260] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  705.154913][T13260] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  705.914565][T13260] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  705.970538][T13260] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  706.060087][    T8] usb 8-1: dvb_usb_ce6230: usb_control_msg() failed=-32
[  706.070525][    T8] zl10353_read_register: readreg error (reg=127, ret==-32)
[  706.085405][    T8] usb 8-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  706.180135][    T8] usb 8-1: USB disconnect, device number 3
[  707.720804][T13322] kAFS: unable to lookup cell '/yz1'
[  707.790856][T13322] netdevsim netdevsim3: Direct firmware load for .
[  707.790856][T13322]  failed with error -2
[  707.802475][T13322] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[  707.802475][T13322] 
[  710.744774][T13361] loop7: detected capacity change from 0 to 16384
[  711.302362][T13365] loop7: detected capacity change from 16384 to 16383
[  711.346477][T13361] I/O error, dev loop7, sector 256 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[  711.392300][T13361] I/O error, dev loop7, sector 136 op 0x0:(READ) flags 0x80700 phys_seg 15 prio class 0
[  711.436491][T13368] Bluetooth: MGMT ver 1.23
[  711.447507][T13361] I/O error, dev loop7, sector 136 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  711.485403][T13361] buffer_io_error: 263 callbacks suppressed
[  711.485421][T13361] Buffer I/O error on dev loop7, logical block 17, async page read
[  711.519135][T13361] I/O error, dev loop7, sector 136 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  711.529078][T13361] Buffer I/O error on dev loop7, logical block 17, async page read
[  711.930004][T13360] I/O error, dev loop7, sector 40 op 0x1:(WRITE) flags 0x800 phys_seg 12 prio class 0
[  712.129958][T13360] Buffer I/O error on dev loop7, logical block 5, lost async page write
[  712.308532][T13360] Buffer I/O error on dev loop7, logical block 6, lost async page write
[  712.369876][T13360] Buffer I/O error on dev loop7, logical block 7, lost async page write
[  712.471947][T13360] Buffer I/O error on dev loop7, logical block 8, lost async page write
[  712.480403][T13360] Buffer I/O error on dev loop7, logical block 9, lost async page write
[  712.531059][T13360] Buffer I/O error on dev loop7, logical block 10, lost async page write
[  712.547102][T13360] Buffer I/O error on dev loop7, logical block 11, lost async page write
[  712.571871][T13360] Buffer I/O error on dev loop7, logical block 12, lost async page write
[  712.602770][T13379] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  712.962159][ T5920] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  713.155052][ T5920] usb 4-1: Using ep0 maxpacket: 32
[  713.174872][ T5920] usb 4-1: unable to get BOS descriptor or descriptor too short
[  713.189408][ T5920] usb 4-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  713.200114][ T5920] usb 4-1: config 2 has 0 interfaces, different from the descriptor's value: 2
[  713.231699][ T5920] usb 4-1: string descriptor 0 read error: -22
[  713.239899][ T5920] usb 4-1: New USB device found, idVendor=0781, idProduct=0100, bcdDevice= 1.00
[  713.269099][ T5920] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  714.148188][T13383] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2110'.
[  714.159567][ T5920] usb 4-1: USB disconnect, device number 25
[  714.186052][T13397] xt_CT: No such helper "snmp_trap"
[  716.133295][T13431] syz.4.2123: attempt to access beyond end of device
[  716.133295][T13431] nbd4: rw=0, sector=0, nr_sectors = 8 limit=0
[  716.148377][T13431] hpfs: hpfs_map_sector(): read error
[  721.713817][ T5921] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  721.721907][    T8] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  721.881995][ T5921] usb 8-1: Using ep0 maxpacket: 16
[  721.921901][    T8] usb 5-1: Using ep0 maxpacket: 8
[  721.937694][ T5921] usb 8-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[  721.950405][    T8] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  721.951071][ T5921] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  721.971852][ T5921] usb 8-1: Product: syz
[  721.981191][    T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  721.982739][ T5921] usb 8-1: Manufacturer: syz
[  721.999377][ T5921] usb 8-1: SerialNumber: syz
[  722.031190][ T5921] usb 8-1: config 0 descriptor??
[  722.033980][    T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  722.134431][    T8] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  722.140806][ T5921] usb 8-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  722.158241][    T8] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  722.169329][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  722.627590][    T8] usb 5-1: GET_CAPABILITIES returned 0
[  722.712555][    T8] usbtmc 5-1:16.0: can't read capabilities
[  722.963796][    T8] usb 5-1: USB disconnect, device number 19
[  723.252667][   T69] usb 8-1: Failed to submit usb control message: -110
[  723.295157][   T69] usb 8-1: unable to send the bmi data to the device: -110
[  723.445094][   T69] usb 8-1: unable to get target info from device
[  723.878984][   T69] usb 8-1: could not get target info (-110)
[  723.927838][   T69] usb 8-1: could not probe fw (-110)
[  724.079660][    T8] usb 8-1: USB disconnect, device number 4
[  726.379228][T13558] uprobe: syz.5.2163:13558 failed to unregister, leaking uprobe
[  727.259873][T13571] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2167'.
[  727.353767][T13573] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  728.661819][T12238] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  728.670626][T12238] Bluetooth: hci5: Injecting HCI hardware error event
[  728.679498][T12238] Bluetooth: hci5: hardware error 0x00
[  732.608358][T13621] syz.5.2179 (13621): drop_caches: 2
[  732.617662][T13621] syz.5.2179 (13621): drop_caches: 2
[  732.742001][T12238] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  735.790933][T13637] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  736.951845][    T8] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  737.513358][    T8] usb 5-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  737.531939][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  737.585602][    T8] usb 5-1: Product: syz
[  737.589822][    T8] usb 5-1: Manufacturer: syz
[  737.625104][    T8] usb 5-1: SerialNumber: syz
[  737.654220][T13660] xt_CT: No such helper "syz0"
[  737.675297][    T8] r8152-cfgselector 5-1: Unknown version 0x0000
[  737.689616][    T8] r8152-cfgselector 5-1: config 0 descriptor??
[  738.526192][ T5920] r8152-cfgselector 5-1: USB disconnect, device number 20
[  738.768117][T13678] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2196'.
[  738.874356][T13678] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2196'.
[  740.445311][T13691] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2200'.
[  744.730523][T13714] team_slave_0: entered promiscuous mode
[  744.736904][T13714] team_slave_1: entered promiscuous mode
[  744.772640][T13714] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  744.795772][T13714] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  745.629227][T13717] bond0: entered promiscuous mode
[  745.713671][T13717] bond_slave_0: entered promiscuous mode
[  745.720008][T13717] bond_slave_1: entered promiscuous mode
[  745.762876][T13717] macvlan2: entered promiscuous mode
[  745.768216][T13717] team0: entered promiscuous mode
[  748.089085][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  748.095619][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  748.227142][   T29] audit: type=1326 audit(1735914663.174:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13741 comm="syz.2.2214" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f967b585d29 code=0x0
[  749.210339][T13752] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  756.452545][T13816] input: syz1 as /devices/virtual/input/input31
[  759.412464][T13839] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[  761.996547][T13872] o2cb: This node has not been configured.
[  762.002886][T13872] o2cb: Cluster check failed. Fix errors before retrying.
[  762.010197][T13872] (syz.4.2251,13872,1):user_dlm_register:674 ERROR: status = -22
[  762.018092][T13872] (syz.4.2251,13872,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file1"
[  762.730249][T13868] syz.2.2252 (13868): drop_caches: 2
[  763.569825][   T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  763.659749][T13881] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  763.764185][T13881] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  764.046670][   T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  764.066081][   T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  764.078658][   T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  764.089231][   T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  764.100765][   T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  764.494580][T13874] chnl_net:caif_netlink_parms(): no params data found
[  764.642254][T13893] ip6gretap0: entered promiscuous mode
[  764.660146][T13893] batadv_slave_0: entered promiscuous mode
[  764.692809][T13893] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  764.726482][T13893] Cannot create hsr debugfs directory
[  764.867525][T13874] bridge0: port 1(bridge_slave_0) entered blocking state
[  764.996226][T13874] bridge0: port 1(bridge_slave_0) entered disabled state
[  765.035939][T13874] bridge_slave_0: entered allmulticast mode
[  765.099076][T13874] bridge_slave_0: entered promiscuous mode
[  765.320940][T13874] bridge0: port 2(bridge_slave_1) entered blocking state
[  765.361108][T13874] bridge0: port 2(bridge_slave_1) entered disabled state
[  765.413277][T13874] bridge_slave_1: entered allmulticast mode
[  765.441497][T13874] bridge_slave_1: entered promiscuous mode
[  766.242853][   T53] Bluetooth: hci1: command tx timeout
[  768.291232][T13874] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  768.305688][   T53] Bluetooth: hci1: command tx timeout
[  768.313065][T13874] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  768.369346][T13874] team0: Port device team_slave_0 added
[  768.425229][T13874] team0: Port device team_slave_1 added
[  768.633798][T13874] batman_adv: batadv0: Adding interface: batadv_slave_0
[  768.856519][T13874] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  769.742416][T13874] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  769.783604][T13874] batman_adv: batadv0: Adding interface: batadv_slave_1
[  770.175546][T12451] syz-executor (12451) used greatest stack depth: 18600 bytes left
[  770.182284][T13874] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  770.221831][T13874] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  770.382670][   T53] Bluetooth: hci1: command tx timeout
[  770.466477][   T29] audit: type=1800 audit(1735914685.414:303): pid=13944 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.5.2274" name="/" dev="9p" ino=2 res=0 errno=0
[  770.557905][   T12] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  770.782670][T13874] hsr_slave_0: entered promiscuous mode
[  770.808154][T13874] hsr_slave_1: entered promiscuous mode
[  770.830888][T13874] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  770.856583][T13874] Cannot create hsr debugfs directory
[  770.904497][   T12] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  770.941924][ T5880] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  771.264098][ T5880] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  771.315898][ T5880] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  771.577358][   T12] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  771.615849][ T5880] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  771.640133][ T5880] usb 5-1: config 0 descriptor??
[  771.651368][ T5880] pwc: Askey VC010 type 2 USB webcam detected.
[  771.871644][   T12] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  772.102037][ T5880] pwc: recv_control_msg error -32 req 02 val 2b00
[  772.154228][ T5880] pwc: recv_control_msg error -32 req 02 val 2700
[  772.402565][ T5880] pwc: recv_control_msg error -32 req 02 val 2c00
[  772.484605][   T53] Bluetooth: hci1: command tx timeout
[  772.497249][ T5880] pwc: recv_control_msg error -32 req 04 val 1000
[  772.504639][ T5880] pwc: recv_control_msg error -32 req 04 val 1300
[  772.511991][ T5880] pwc: recv_control_msg error -32 req 04 val 1400
[  772.554244][ T5880] pwc: recv_control_msg error -32 req 02 val 2000
[  772.593870][ T5880] pwc: recv_control_msg error -32 req 02 val 2100
[  772.626005][ T5880] pwc: recv_control_msg error -32 req 04 val 1500
[  772.642774][ T5880] pwc: recv_control_msg error -32 req 02 val 2500
[  772.762769][ T5880] pwc: recv_control_msg error -32 req 02 val 2400
[  772.787641][ T5880] pwc: recv_control_msg error -32 req 02 val 2600
[  773.023383][ T5880] pwc: recv_control_msg error -71 req 02 val 2800
[  773.066121][ T5880] pwc: recv_control_msg error -71 req 04 val 1100
[  773.110846][T13874] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  773.118952][ T5880] pwc: recv_control_msg error -71 req 04 val 1200
[  773.348735][ T5880] pwc: Registered as video103.
[  773.354798][ T5880] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input33
[  773.374347][T13874] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  773.375942][ T5880] usb 5-1: USB disconnect, device number 21
[  773.512122][   T12] bridge_slave_1: left allmulticast mode
[  773.518017][   T12] bridge_slave_1: left promiscuous mode
[  773.584853][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  773.877013][   T12] bridge_slave_0: left allmulticast mode
[  774.052678][   T12] bridge_slave_0: left promiscuous mode
[  774.058899][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  774.534875][T14000] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  775.432071][T14004] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2287'.
[  775.458050][T14004] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2287'.
[  776.637000][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  776.647857][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  777.441232][   T12] bond0 (unregistering): Released all slaves
[  777.454384][T13874] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  777.635459][T13874] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  781.530281][T14035] ip6gretap0: entered promiscuous mode
[  781.552069][T14035] macsec1: entered promiscuous mode
[  781.557439][T14035] macsec1: entered allmulticast mode
[  782.006629][T14053] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  782.091875][T14035] ip6gretap0: entered allmulticast mode
[  782.360940][T14035] ip6gretap0: left allmulticast mode
[  782.663628][T14035] ip6gretap0: left promiscuous mode
[  782.942013][T13874] 8021q: adding VLAN 0 to HW filter on device bond0
[  784.660837][T13874] 8021q: adding VLAN 0 to HW filter on device team0
[  784.876830][ T1097] bridge0: port 1(bridge_slave_0) entered blocking state
[  784.883970][ T1097] bridge0: port 1(bridge_slave_0) entered forwarding state
[  784.904123][ T1097] bridge0: port 2(bridge_slave_1) entered blocking state
[  784.911262][ T1097] bridge0: port 2(bridge_slave_1) entered forwarding state
[  785.097425][   T12] hsr_slave_0: left promiscuous mode
[  785.128461][   T12] hsr_slave_1: left promiscuous mode
[  785.142553][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  785.150601][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  785.175031][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  785.191956][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  785.261289][   T12] veth1_macvtap: left promiscuous mode
[  785.268875][   T12] veth0_macvtap: left promiscuous mode
[  785.282044][   T12] veth1_vlan: left promiscuous mode
[  785.292154][   T12] veth0_vlan: left promiscuous mode
[  785.991666][T14097] 9pnet: bogus RREAD count (69 > 41)
[  786.103501][   T29] audit: type=1800 audit(1735914701.064:304): pid=14097 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.2310" name="/" dev="9p" ino=2 res=0 errno=0
[  786.426593][T14102] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  790.397730][   T53] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  790.970912][   T12] team0 (unregistering): Port device team_slave_1 removed
[  791.130075][   T12] team0 (unregistering): Port device team_slave_0 removed
[  793.050982][T14100] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  794.287949][T13874] 8021q: adding VLAN 0 to HW filter on device batadv0
[  796.107951][T14179] sctp: [Deprecated]: syz.5.2329 (pid 14179) Use of int in max_burst socket option.
[  796.107951][T14179] Use struct sctp_assoc_value instead
[  798.768911][T13874] veth0_vlan: entered promiscuous mode
[  799.192274][T13874] veth1_vlan: entered promiscuous mode
[  799.406308][T13874] veth0_macvtap: entered promiscuous mode
[  799.416563][T13874] veth1_macvtap: entered promiscuous mode
[  799.431393][T13874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  799.441975][T13874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  799.451880][T13874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  799.462462][T13874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  799.473523][T13874] batman_adv: batadv0: Interface activated: batadv_slave_0
[  799.483229][T13874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  799.493751][T13874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  799.503903][T13874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  799.514661][T13874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  799.525631][T13874] batman_adv: batadv0: Interface activated: batadv_slave_1
[  799.535560][T13874] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  799.544459][T13874] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  799.553306][T13874] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  799.562474][T13874] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  800.813548][T14101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  800.907771][T14101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  801.959971][ T3500] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  801.976980][ T3500] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  805.319823][T14265] ubi1: attaching mtd0
[  809.105745][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  809.112797][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  809.315621][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.376408][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.424674][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.474683][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.621795][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.630673][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.638416][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.645910][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.653546][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.660940][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.668420][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.675844][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.683482][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.691082][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.699267][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.707351][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.714970][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.722820][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.730367][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.891745][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.900104][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.908401][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.916187][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.924047][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.932033][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.939809][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.947794][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.955581][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.963377][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.971079][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.978833][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.986602][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  809.994318][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  810.002514][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  810.010677][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  810.018376][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  810.026258][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  810.034026][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  810.041892][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  810.049665][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  810.057415][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  810.065321][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  810.073056][   T95] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  810.214593][   T95] hid-generic 0000:0000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  810.240455][   T12] dvmrp0 (unregistering): left allmulticast mode
[  812.714625][   T12] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  812.728930][   T12] bond0 (unregistering): Released all slaves
[  812.843519][   T95] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  812.930967][T14330] pim6reg: entered allmulticast mode
[  812.943391][T14334] pim6reg: left allmulticast mode
[  813.024240][   T12] tipc: Disabling bearer <udp:syz2>
[  813.040052][   T95] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  813.053514][   T12] tipc: Disabling bearer <eth:team0>
[  813.058930][   T95] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  813.079519][   T12] tipc: Left network mode
[  813.102366][   T95] usb 4-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  813.155503][   T95] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  813.193823][   T95] usb 4-1: config 0 descriptor??
[  814.918140][T14379] bridge0: port 3(vlan2) entered blocking state
[  814.977951][T14379] bridge0: port 3(vlan2) entered disabled state
[  814.989216][T14379] vlan2: entered allmulticast mode
[  815.061939][T14379] syz_tun: entered allmulticast mode
[  815.303586][T14379] vlan2: entered promiscuous mode
[  816.091836][T14379] syz_tun: entered promiscuous mode
[  816.126940][T14379] bridge0: port 3(vlan2) entered blocking state
[  816.136148][T14379] bridge0: port 3(vlan2) entered forwarding state
[  816.165629][   T95] usbhid 4-1:0.0: can't add hid device: -71
[  816.173325][   T95] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  816.193649][   T95] usb 4-1: USB disconnect, device number 26
[  817.828194][T14410] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2372'.
[  817.913335][T14410] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2372'.
[  818.780583][T14396] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2368'.
[  819.122148][   T12] hsr_slave_0: left promiscuous mode
[  819.143687][   T12] hsr_slave_1: left promiscuous mode
[  819.377901][T14429] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  820.276683][   T12] pimreg (unregistering): left allmulticast mode
[  822.246903][T14457] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2380'.
[  822.256176][T14457] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2380'.
[  822.382374][T14458] usb usb4: usbfs: process 14458 (syz.3.2379) did not claim interface 0 before use
[  822.885141][T14437] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  828.154673][T14501] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  830.485933][T14518] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  832.100436][T14524] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  832.146249][T14524] kvm: pic: non byte read
[  832.155605][T14524] kvm: pic: level sensitive irq not supported
[  832.155683][T14524] kvm: pic: non byte read
[  832.168411][T14524] kvm: pic: level sensitive irq not supported
[  832.168480][T14524] kvm: pic: non byte read
[  832.756542][T14413] bridge0: port 1(syz_tun) entered blocking state
[  832.763403][T14413] bridge0: port 1(syz_tun) entered disabled state
[  832.802433][T14413] syz_tun: entered allmulticast mode
[  832.809421][T14413] syz_tun: left allmulticast mode
[  833.215519][T14512] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2391'.
[  833.224636][T14512] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2391'.
[  834.779187][   T12] IPVS: stop unused estimator thread 0...
[  835.247116][T12238] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  835.260000][T12238] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  835.271818][T12238] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  835.286675][T12238] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  835.301319][T12238] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  835.323967][T12238] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  836.077040][T14571] netlink: 'syz.5.2404': attribute type 10 has an invalid length.
[  836.337035][T14571] veth0_vlan: left promiscuous mode
[  836.363698][T14571] veth0_vlan: entered promiscuous mode
[  836.377120][T14571] team0: Device veth0_vlan failed to register rx_handler
[  836.523972][T14560] chnl_net:caif_netlink_parms(): no params data found
[  836.531143][T14571] syz.5.2404 (14571) used greatest stack depth: 18320 bytes left
[  837.185902][   T29] audit: type=1326 audit(1735914752.124:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14603 comm="syz.8.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb3f85d29 code=0x7ffc0000
[  837.212010][   T29] audit: type=1326 audit(1735914752.124:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14603 comm="syz.8.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb3f85d29 code=0x7ffc0000
[  837.233872][   T29] audit: type=1326 audit(1735914752.144:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14603 comm="syz.8.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fccb3f85d29 code=0x7ffc0000
[  837.262062][   T29] audit: type=1326 audit(1735914752.144:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14603 comm="syz.8.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb3f85d29 code=0x7ffc0000
[  837.301761][   T29] audit: type=1326 audit(1735914752.144:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14603 comm="syz.8.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb3f85d29 code=0x7ffc0000
[  837.323690][   T29] audit: type=1326 audit(1735914752.144:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14603 comm="syz.8.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fccb3f85d29 code=0x7ffc0000
[  837.345578][   T29] audit: type=1326 audit(1735914752.144:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14603 comm="syz.8.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb3f85d29 code=0x7ffc0000
[  837.367284][   T29] audit: type=1326 audit(1735914752.144:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14603 comm="syz.8.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb3f85d29 code=0x7ffc0000
[  837.389209][   T29] audit: type=1326 audit(1735914752.144:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14603 comm="syz.8.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fccb3f85d29 code=0x7ffc0000
[  837.411081][   T29] audit: type=1326 audit(1735914752.144:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14603 comm="syz.8.2409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccb3f85d29 code=0x7ffc0000
[  837.553483][T14604] syz_tun: left allmulticast mode
[  837.559665][T14604] syz_tun: left promiscuous mode
[  837.595859][T14604] bridge0: port 3(vlan2) entered disabled state
[  837.678914][   T53] Bluetooth: hci5: command tx timeout
[  837.843844][T14604] vlan2 (unregistering): left allmulticast mode
[  837.882441][T14604] vlan2 (unregistering): left promiscuous mode
[  837.892129][T14604] bridge0: port 3(vlan2) entered disabled state
[  838.300177][T14611] syz.3.2412 (14611): drop_caches: 2
[  838.330609][T14560] bridge0: port 1(bridge_slave_0) entered blocking state
[  838.359515][T14611] syz.3.2412 (14611): drop_caches: 2
[  838.446579][T14560] bridge0: port 1(bridge_slave_0) entered disabled state
[  838.495204][T14560] bridge_slave_0: entered allmulticast mode
[  838.618565][T14560] bridge_slave_0: entered promiscuous mode
[  838.906781][T14618] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  839.023068][T14560] bridge0: port 2(bridge_slave_1) entered blocking state
[  839.052558][T14560] bridge0: port 2(bridge_slave_1) entered disabled state
[  839.078196][T14560] bridge_slave_1: entered allmulticast mode
[  839.122793][T14560] bridge_slave_1: entered promiscuous mode
[  839.742982][   T53] Bluetooth: hci5: command tx timeout
[  839.798365][T14560] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  839.825779][T14560] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  840.359113][T14636] syz.3.2417: attempt to access beyond end of device
[  840.359113][T14636] nbd3: rw=6144, sector=128, nr_sectors = 8 limit=0
[  840.373007][T14636] gfs2: error -5 reading superblock
[  841.003324][T14560] team0: Port device team_slave_0 added
[  841.026653][T14632] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  841.187114][T14560] team0: Port device team_slave_1 added
[  841.513607][T14560] batman_adv: batadv0: Adding interface: batadv_slave_0
[  841.525031][T14560] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  841.842394][   T53] Bluetooth: hci5: command tx timeout
[  842.112948][T14560] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  842.219184][T14560] batman_adv: batadv0: Adding interface: batadv_slave_1
[  842.228684][T14560] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  842.279804][T14560] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  843.705720][T14678] input: syz0 as /devices/virtual/input/input35
[  843.729353][T14560] hsr_slave_0: entered promiscuous mode
[  843.800795][T14560] hsr_slave_1: entered promiscuous mode
[  843.830070][T14678] netlink: 'syz.5.2424': attribute type 1 has an invalid length.
[  843.851168][T14678] netlink: 83992 bytes leftover after parsing attributes in process `syz.5.2424'.
[  843.889488][T14560] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  843.923178][   T53] Bluetooth: hci5: command tx timeout
[  843.953391][T14689] hub 9-0:1.0: USB hub found
[  843.958318][T14689] hub 9-0:1.0: 1 port detected
[  844.036392][T14560] Cannot create hsr debugfs directory
[  845.602258][T14702] serio: Serial port ptm0
[  846.661855][ T5920] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  846.669605][    C1] raw-gadget.0 gadget.8: ignoring, device is not running
[  846.824662][ T5920] usb 9-1: device descriptor read/64, error -32
[  848.024949][ T5920] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  848.224623][ T5920] usb 9-1: Using ep0 maxpacket: 8
[  848.231636][ T5920] usb 9-1: config 0 has an invalid interface number: 186 but max is 0
[  848.240485][ T5920] usb 9-1: config 0 has no interface number 0
[  848.260778][ T5920] usb 9-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  848.283101][ T5920] usb 9-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  848.306131][ T5920] usb 9-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  848.321026][ T5920] usb 9-1: config 0 interface 186 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  848.334818][T14560] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  848.555033][ T5920] usb 9-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  848.570905][ T5920] usb 9-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  848.580330][ T5920] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  848.588826][ T5920] usb 9-1: Product: syz
[  848.593556][ T5920] usb 9-1: Manufacturer: syz
[  848.598197][ T5920] usb 9-1: SerialNumber: syz
[  848.606813][T14560] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  848.617000][ T5920] usb 9-1: config 0 descriptor??
[  848.629215][T14560] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  848.659340][T14560] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  848.827985][T14725] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  849.704901][T14730] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  851.306182][T14560] 8021q: adding VLAN 0 to HW filter on device bond0
[  851.325846][T14560] 8021q: adding VLAN 0 to HW filter on device team0
[  851.337131][   T54] bridge0: port 1(bridge_slave_0) entered blocking state
[  851.344301][   T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[  851.418575][ T3473] bridge0: port 2(bridge_slave_1) entered blocking state
[  851.425752][ T3473] bridge0: port 2(bridge_slave_1) entered forwarding state
[  851.434905][ T5920] iowarrior 9-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[  851.481136][ T5920] usb 9-1: USB disconnect, device number 3
[  851.535652][T14740] loop7: detected capacity change from 0 to 95
[  851.685143][T14560] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  851.730848][T14560] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  852.886439][T14771] xt_addrtype: both incoming and outgoing interface limitation cannot be selected
[  853.893819][T14560] 8021q: adding VLAN 0 to HW filter on device batadv0
[  855.810092][T14816] cifs: Unknown parameter 'mode'
[  856.097913][T14560] veth0_vlan: entered promiscuous mode
[  857.132248][T14560] veth1_vlan: entered promiscuous mode
[  857.737401][T14809] delete_channel: no stack
[  857.777810][T14560] veth0_macvtap: entered promiscuous mode
[  857.791139][T14560] veth1_macvtap: entered promiscuous mode
[  857.819129][T14560] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  857.851798][T14560] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  857.867845][T14560] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  857.881817][T14560] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  857.891928][T14560] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  857.902438][T14560] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  857.913945][T14560] batman_adv: batadv0: Interface activated: batadv_slave_0
[  857.925140][T14560] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  857.981874][T14560] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  857.991796][T14560] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  858.002296][T14560] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  858.012815][T14560] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  858.051025][T14560] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  858.072487][T14560] batman_adv: batadv0: Interface activated: batadv_slave_1
[  858.082950][T14560] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  858.091752][T14560] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  858.100599][T14560] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  858.109355][T14560] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  858.382728][T14827] netlink: 'syz.5.2453': attribute type 4 has an invalid length.
[  860.420326][ T1097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  860.453353][ T1097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  860.551033][ T1097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  860.561698][   T29] kauditd_printk_skb: 19 callbacks suppressed
[  860.561714][   T29] audit: type=1326 audit(1735914775.504:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14847 comm="syz.2.2459" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f967b585d29 code=0x0
[  860.607165][ T1097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  863.024906][T14894] sctp: [Deprecated]: syz.2.2465 (pid 14894) Use of int in max_burst socket option.
[  863.024906][T14894] Use struct sctp_assoc_value instead
[  865.172181][T14912] kvm: kvm [14911]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x204500000800
[  865.279684][T14912] kvm: kvm [14911]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x410000000000
[  865.303633][T14912] kvm: kvm [14911]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x414500000800
[  865.527325][T14925] netlink: 'syz.3.2471': attribute type 1 has an invalid length.
[  865.774635][T14930] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  865.793372][T14925] 8021q: adding VLAN 0 to HW filter on device bond1
[  865.811812][ T3673] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  866.123529][ T1097] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  866.565483][T14943] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2474'.
[  867.552230][T14958] sctp: [Deprecated]: syz.9.2476 (pid 14958) Use of int in max_burst socket option.
[  867.552230][T14958] Use struct sctp_assoc_value instead
[  868.702422][T14965] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  869.500407][T14975] ebtables: ebtables: counters copy to user failed while replacing table
[  870.742514][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  870.748852][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  878.599480][T14969] Bluetooth: hci5: command 0x0405 tx timeout
[  879.115980][   T29] audit: type=1804 audit(1735914794.074:335): pid=15054 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.2498" name="/newroot/538/bus/bus" dev="overlay" ino=3030 res=1 errno=0
[  880.577209][T15077] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  880.586385][ T5920] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  880.595676][    T8] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  880.794704][    T8] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  880.898949][    T8] usb 10-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  880.908660][ T5920] usb 9-1: Using ep0 maxpacket: 8
[  880.914760][ T5920] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  880.938212][    T8] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  881.159919][ T5920] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  881.556356][    T8] usb 10-1: config 0 descriptor??
[  881.625869][    T8] pwc: Askey VC010 type 2 USB webcam detected.
[  881.653901][ T5920] usb 9-1: New USB device found, idVendor=04d9, idProduct=a072, bcdDevice= 0.00
[  881.663402][ T5920] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  881.755399][ T5920] usb 9-1: config 0 descriptor??
[  882.078941][   T29] audit: type=1326 audit(1735914797.034:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15092 comm="syz.2.2507" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f967b585d29 code=0x0
[  882.655631][    T8] pwc: recv_control_msg error -32 req 02 val 2b00
[  882.671719][    T8] pwc: recv_control_msg error -32 req 02 val 2700
[  882.700005][    T8] pwc: recv_control_msg error -32 req 02 val 2c00
[  882.712970][    T8] pwc: recv_control_msg error -32 req 04 val 1000
[  883.344277][    T8] pwc: recv_control_msg error -32 req 04 val 1300
[  883.430889][    T8] pwc: recv_control_msg error -32 req 04 val 1400
[  883.470973][    T8] pwc: recv_control_msg error -32 req 02 val 2000
[  883.497571][    T8] pwc: recv_control_msg error -32 req 02 val 2100
[  883.713494][    T8] pwc: recv_control_msg error -32 req 04 val 1500
[  883.725231][    T8] pwc: recv_control_msg error -32 req 02 val 2500
[  883.736653][    T8] pwc: recv_control_msg error -32 req 02 val 2400
[  883.759348][    T8] pwc: recv_control_msg error -32 req 02 val 2600
[  884.692735][    T8] pwc: recv_control_msg error -71 req 02 val 2800
[  884.708233][    T8] pwc: recv_control_msg error -71 req 04 val 1100
[  884.732206][    T8] pwc: recv_control_msg error -71 req 04 val 1200
[  884.759685][    T8] pwc: Registered as video103.
[  884.791318][    T8] input: PWC snapshot button as /devices/platform/dummy_hcd.9/usb10/10-1/input/input36
[  884.885548][    T8] usb 10-1: USB disconnect, device number 2
[  885.741250][T15127] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  885.751024][T15127] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  885.760002][T15127] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  885.768951][T15127] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  885.943342][T15127] team0: Port device vxlan0 added
[  886.078784][T15133] Cache volume key already in use (9p,(null),)
[  888.351720][   T53] Bluetooth: hci1: command 0x0406 tx timeout
[  889.677022][ T5920] usbhid 9-1:0.0: can't add hid device: -32
[  889.683186][ T5920] usbhid 9-1:0.0: probe with driver usbhid failed with error -32
[  889.698113][T15154] block nbd2: shutting down sockets
[  890.561117][ T5920] usb 9-1: USB disconnect, device number 4
[  890.798199][T15174] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2520'.
[  892.396879][T15181] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2523'.
[  892.711538][T15198] Cache volume key already in use (9p,(null),)
[  893.869219][T15208] openvswitch: netlink: IP tunnel dst address not specified
[  894.961166][T15219] pim6reg: entered allmulticast mode
[  894.970221][T15219] pim6reg: left allmulticast mode
[  897.154422][T14969] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  897.174625][T14969] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  897.185197][T14969] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  897.199785][T14969] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  897.211028][T14969] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  897.220148][T14969] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  899.517806][   T53] Bluetooth: hci0: command tx timeout
[  902.331972][   T53] Bluetooth: hci0: command tx timeout
[  903.566740][T15324] netlink: 'syz.8.2550': attribute type 2 has an invalid length.
[  904.398996][   T53] Bluetooth: hci0: command tx timeout
[  904.432611][T15249] chnl_net:caif_netlink_parms(): no params data found
[  905.566855][T15334] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  906.186280][T15249] bridge0: port 1(bridge_slave_0) entered blocking state
[  906.203498][T15249] bridge0: port 1(bridge_slave_0) entered disabled state
[  906.255289][T15249] bridge_slave_0: entered allmulticast mode
[  906.276009][T15249] bridge_slave_0: entered promiscuous mode
[  906.298032][T15249] bridge0: port 2(bridge_slave_1) entered blocking state
[  906.817059][T15249] bridge0: port 2(bridge_slave_1) entered disabled state
[  906.826455][   T53] Bluetooth: hci0: command tx timeout
[  906.832603][T15249] bridge_slave_1: entered allmulticast mode
[  906.840161][T15249] bridge_slave_1: entered promiscuous mode
[  907.007258][T15249] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  907.038101][T15249] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  908.141568][T15249] team0: Port device team_slave_0 added
[  908.314585][T15249] team0: Port device team_slave_1 added
[  908.908256][T15386] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  909.324555][T15249] batman_adv: batadv0: Adding interface: batadv_slave_0
[  909.343078][T15249] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  909.384242][T15249] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  909.462336][T15249] batman_adv: batadv0: Adding interface: batadv_slave_1
[  909.501971][T15249] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  909.543055][T15249] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  909.856035][T15249] hsr_slave_0: entered promiscuous mode
[  909.870618][T15249] hsr_slave_1: entered promiscuous mode
[  910.849338][T15249] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  910.857245][T15249] Cannot create hsr debugfs directory
[  912.632104][   T58] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  912.813317][   T58] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[  912.825067][   T58] usb 9-1: New USB device found, idVendor=413c, idProduct=8186, bcdDevice=a0.a2
[  912.834649][   T58] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  912.853832][   T58] usb 9-1: Product: syz
[  912.858221][   T58] usb 9-1: Manufacturer: syz
[  912.873478][   T58] usb 9-1: SerialNumber: syz
[  912.889250][   T58] usb 9-1: config 0 descriptor??
[  912.932876][   T58] qmi_wwan 9-1:0.0: probe with driver qmi_wwan failed with error -22
[  913.215176][   T58] usb 9-1: USB disconnect, device number 5
[  914.602223][T15455] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  916.629127][T15451] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  918.206973][   T58] IPVS: starting estimator thread 0...
[  918.342145][T15487] IPVS: using max 21 ests per chain, 50400 per kthread
[  920.969942][T15249] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  921.006910][T15249] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  921.024603][T15249] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  921.076876][T15249] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  921.191878][T15249] 8021q: adding VLAN 0 to HW filter on device bond0
[  921.208652][T15249] 8021q: adding VLAN 0 to HW filter on device team0
[  921.234818][T13434] bridge0: port 1(bridge_slave_0) entered blocking state
[  921.241997][T13434] bridge0: port 1(bridge_slave_0) entered forwarding state
[  921.344102][   T29] audit: type=1326 audit(1735914836.294:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15517 comm="syz.2.2594" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f967b585d29 code=0x0
[  921.345562][T13434] bridge0: port 2(bridge_slave_1) entered blocking state
[  921.372352][T13434] bridge0: port 2(bridge_slave_1) entered forwarding state
[  921.570462][T15249] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  921.581163][T15249] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  923.878570][T15249] 8021q: adding VLAN 0 to HW filter on device batadv0
[  924.018852][T15249] veth0_vlan: entered promiscuous mode
[  924.065186][T15249] veth1_vlan: entered promiscuous mode
[  924.278364][T15249] veth0_macvtap: entered promiscuous mode
[  925.335888][T15567] trusted_key: encrypted_key: insufficient parameters specified
[  925.886196][T15249] veth1_macvtap: entered promiscuous mode
[  926.014118][T15249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  926.064785][T15249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  926.109433][T15249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  926.136016][T15249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  926.166477][T15249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  926.197494][T15249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  926.236935][T15249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  926.302406][T15249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  926.373104][T15249] batman_adv: batadv0: Interface activated: batadv_slave_0
[  927.338381][T15249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  927.372070][T15249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  927.429411][T15249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  927.477770][T15249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  927.528403][T15249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  927.539625][T15249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  927.563057][T15249] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  927.585138][T15249] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  927.610522][T15249] batman_adv: batadv0: Interface activated: batadv_slave_1
[  927.625788][T15249] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  927.637522][T15249] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  927.646664][T15249] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  927.656733][T15249] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  927.668143][   T53] Bluetooth: hci2: command 0x0406 tx timeout
[  927.904193][   T69] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  927.970111][   T69] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  928.465792][ T3673] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  928.501175][ T3673] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  932.850918][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  932.857343][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  935.582111][T15665] sg_write: data in/out 1048540/17 bytes for SCSI command 0x0-- guessing data in;
[  935.582111][T15665]    program syz.8.2619 not setting count and/or reply_len properly
[  942.421470][T15740] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  945.327473][T15768] input: syz0 as /devices/virtual/input/input37
[  947.467149][T15788] netlink: 'syz.0.2643': attribute type 17 has an invalid length.
[  951.176609][T15826] x_tables: unsorted underflow at hook 3
[  951.409149][T15826] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2653'.
[  952.428706][   T29] audit: type=1326 audit(1735914867.374:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15827 comm="syz.8.2645" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fccb3f85d29 code=0x0
[  955.301309][T15861] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  955.333199][T15861] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  956.395000][T15863] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  958.890481][T15894] x_tables: unsorted entry at hook 3
[  959.627032][T15906] tipc: Started in network mode
[  960.335579][T15906] tipc: Node identity 7f000001, cluster identity 4711
[  960.353051][T15906] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  960.491914][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  960.511979][   T53] Bluetooth: hci5: command 0x0405 tx timeout
[  960.631781][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  960.781741][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  960.931764][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  961.081750][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  961.195413][T15906] tipc: Enabled bearer <udp:syz2>, priority 10
[  961.221798][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  961.260635][T15910] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[  961.683207][T15920] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  961.804235][ T5831] tipc: Node number set to 2130706433
[  961.811766][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  962.091780][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  962.359861][T15929] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2673'.
[  962.382459][T15912] tipc: Enabled bearer <eth:team0>, priority 0
[  965.751940][    C1] net_ratelimit: 3 callbacks suppressed
[  965.751961][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  966.781798][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  967.822194][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  968.861801][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  969.460785][T15978] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2685'.
[  969.470402][T15978] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2685'.
[  969.479448][T15978] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2685'.
[  969.502887][T15975] Bluetooth: MGMT ver 1.23
[  969.774481][T15989] syz.8.2687 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  969.970024][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  971.081885][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  972.182968][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  973.305086][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  973.780009][T16030] netlink: 'syz.3.2697': attribute type 1 has an invalid length.
[  974.406606][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  975.518436][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  975.526848][T14969] Bluetooth: hci2: command 0x0406 tx timeout
[  975.664111][T16027] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[  975.670694][T16027] Bluetooth: hci2: Error when powering off device on rfkill (-110)
[  976.630249][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  976.996198][T16067] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2700'.
[  977.440778][T16027] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  977.447050][T16027] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  977.742062][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  978.049041][T14969] Bluetooth: hci1: command 0x0406 tx timeout
[  978.083509][T16027] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  978.089561][T16027] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[  978.165705][T16027] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  978.171707][T16027] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  978.853901][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  979.986472][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  980.506115][T16097] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  980.513447][T16097] IPv6: NLM_F_CREATE should be set when creating new route
[  980.520773][T16097] IPv6: NLM_F_CREATE should be set when creating new route
[  981.077559][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  982.189394][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  983.258561][   T29] audit: type=1326 audit(1735914897.073:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16153 comm="syz.9.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefb4b85d29 code=0x7ffc0000
[  983.301218][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  983.451110][   T29] audit: type=1326 audit(1735914897.073:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16153 comm="syz.9.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefb4b85d29 code=0x7ffc0000
[  984.022580][   T29] audit: type=1326 audit(1735914897.073:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16153 comm="syz.9.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fefb4b85d29 code=0x7ffc0000
[  984.265127][   T29] audit: type=1326 audit(1735914897.073:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16153 comm="syz.9.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefb4b85d29 code=0x7ffc0000
[  984.291724][   T29] audit: type=1326 audit(1735914897.073:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16153 comm="syz.9.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefb4b85d29 code=0x7ffc0000
[  984.313416][   T29] audit: type=1326 audit(1735914897.073:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16153 comm="syz.9.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7fefb4b85d29 code=0x7ffc0000
[  984.334961][    C0] vkms_vblank_simulate: vblank timer overrun
[  984.341523][   T29] audit: type=1326 audit(1735914897.073:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16153 comm="syz.9.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefb4b85d29 code=0x7ffc0000
[  984.363497][   T29] audit: type=1326 audit(1735914897.073:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16153 comm="syz.9.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefb4b85d29 code=0x7ffc0000
[  984.385336][   T29] audit: type=1326 audit(1735914897.073:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16153 comm="syz.9.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fefb4b85d29 code=0x7ffc0000
[  984.406881][    C0] vkms_vblank_simulate: vblank timer overrun
[  984.413432][   T29] audit: type=1326 audit(1735914897.073:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16153 comm="syz.9.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefb4b85d29 code=0x7ffc0000
[  984.423722][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  985.525299][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  985.945651][ T5920] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  986.252300][ T5920] usb 9-1: Using ep0 maxpacket: 8
[  986.647346][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  987.471141][ T5920] usb 9-1: config index 0 descriptor too short (expected 301, got 45)
[  987.480090][ T5920] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  987.489955][ T5920] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  987.499821][ T5920] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  987.509796][ T5920] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  987.522868][ T5920] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  987.532650][ T5920] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  987.759239][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  988.432796][ T5920] usb 9-1: can't set config #16, error -71
[  988.476022][ T5920] usb 9-1: USB disconnect, device number 6
[  988.860301][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  989.634559][T16232] ALSA: mixer_oss: invalid OSS volume ''
[  989.972136][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  991.083944][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  991.356498][T16238] xt_HMARK: spi-set and port-set can't be combined
[  992.195808][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  993.026760][T16253] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  993.318286][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  993.756531][   T29] kauditd_printk_skb: 10 callbacks suppressed
[  993.756551][   T29] audit: type=1326 audit(1735914907.091:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16252 comm="syz.0.2735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54edd85d29 code=0x7ffc0000
[  993.836298][   T29] audit: type=1326 audit(1735914907.091:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16252 comm="syz.0.2735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54edd85d29 code=0x7ffc0000
[  993.879195][   T29] audit: type=1326 audit(1735914907.091:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16252 comm="syz.0.2735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f54edd85d29 code=0x7ffc0000
[  993.930866][   T29] audit: type=1326 audit(1735914907.091:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16252 comm="syz.0.2735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54edd85d29 code=0x7ffc0000
[  994.044128][   T29] audit: type=1326 audit(1735914907.091:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16252 comm="syz.0.2735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f54edd85d29 code=0x7ffc0000
[  994.133924][   T29] audit: type=1326 audit(1735914907.363:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16252 comm="syz.0.2735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54edd85d29 code=0x7ffc0000
[  994.159445][   T29] audit: type=1326 audit(1735914907.363:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16252 comm="syz.0.2735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54edd85d29 code=0x7ffc0000
[  994.292248][T16282] xt_l2tp: unknown flags: 17
[  994.419422][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  995.132704][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  995.139355][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  995.531280][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  996.653787][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  997.765588][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  998.877413][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  999.978651][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1001.090426][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1002.202205][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1003.314060][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1004.425859][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1005.540650][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1006.282210][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1006.660181][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1007.761353][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1007.948009][T16395] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2765'.
[ 1008.311986][T16395] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2765'.
[ 1008.881159][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1009.995634][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1010.004140][T16405] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[ 1011.107502][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1012.219286][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1013.331122][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1014.432247][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1015.554785][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1015.929284][T16483] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1016.015322][T16483] netlink: 'syz.9.2784': attribute type 10 has an invalid length.
[ 1016.655904][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1016.717554][T16483] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1017.767715][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1018.684733][ T5880] usb 10-1: new full-speed USB device number 3 using dummy_hcd
[ 1018.890270][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1019.991418][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1021.103269][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1021.665844][ T5880] usb 10-1: unable to get BOS descriptor or descriptor too short
[ 1021.675207][ T5880] usb 10-1: unable to read config index 0 descriptor/start: -71
[ 1021.683176][ T5880] usb 10-1: can't read configurations, error -71
[ 1022.215005][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1023.326856][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1023.350868][T16563] Process accounting resumed
[ 1024.449367][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1025.561204][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1026.662327][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1027.774151][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1028.855348][T16600] block device autoloading is deprecated and will be removed.
[ 1028.886247][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1029.997864][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1031.109682][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1031.888384][T16625] batadv0: entered promiscuous mode
[ 1032.051535][T16625] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1032.236364][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1032.976788][T16640] Smack: duplicate mount options
[ 1033.333282][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1033.628849][T16621] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1033.651504][T16648] netlink: 36 bytes leftover after parsing attributes in process `syz.8.2816'.
[ 1033.682189][T16648] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2816'.
[ 1034.259568][T16648] netlink: 36 bytes leftover after parsing attributes in process `syz.8.2816'.
[ 1034.455788][    C1] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1034.544625][T16648] netlink: 36 bytes leftover after parsing attributes in process `syz.8.2816'.
[ 1034.833043][    C0] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI
[ 1034.845668][    C0] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[ 1034.854071][    C0] CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.13.0-rc5-syzkaller-00012-g0bc21e701a6f #0
[ 1034.864643][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1034.874685][    C0] RIP: 0010:put_page+0x23/0x260
[ 1034.879530][    C0] Code: 90 90 90 90 90 90 90 55 41 57 41 56 53 49 89 fe 48 bd 00 00 00 00 00 fc ff df e8 c8 09 1a f8 49 8d 5e 08 48 89 d8 48 c1 e8 03 <80> 3c 28 00 74 08 48 89 df e8 9f e6 7d f8 48 8b 1b 48 89 de 48 83
[ 1034.899135][    C0] RSP: 0000:ffffc90000156b90 EFLAGS: 00010202
[ 1034.905191][    C0] RAX: 0000000000000001 RBX: 0000000000000008 RCX: ffff88801bef5a00
[ 1034.913148][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 1034.921102][    C0] RBP: dffffc0000000000 R08: ffffffff8984fced R09: 1ffff1100499614c
[ 1034.929059][    C0] R10: dffffc0000000000 R11: ffffed100499614d R12: 0000000000000007
[ 1034.937021][    C0] R13: ffff888024cb0a42 R14: 0000000000000000 R15: 0000000000000000
[ 1034.944978][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[ 1034.953910][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1034.960501][    C0] CR2: 00007fccb4ca56c0 CR3: 000000007c02e000 CR4: 00000000003526f0
[ 1034.968474][    C0] Call Trace:
[ 1034.971748][    C0]  <TASK>
[ 1034.974670][    C0]  ? __die_body+0x5f/0xb0
[ 1034.978990][    C0]  ? die_addr+0xb0/0xe0
[ 1034.983135][    C0]  ? exc_general_protection+0x3dd/0x5d0
[ 1034.988673][    C0]  ? asm_exc_general_protection+0x26/0x30
[ 1034.994386][    C0]  ? skb_release_data+0x46d/0x8a0
[ 1034.999399][    C0]  ? put_page+0x23/0x260
[ 1035.003633][    C0]  skb_release_data+0x483/0x8a0
[ 1035.008475][    C0]  __kfree_skb+0x55/0x70
[ 1035.012709][    C0]  tcp_ack+0x2442/0x6bc0
[ 1035.016973][    C0]  ? __pfx_tcp_ack+0x10/0x10
[ 1035.021576][    C0]  ? __lock_acquire+0x1397/0x2100
[ 1035.026602][    C0]  tcp_rcv_state_process+0x8eb/0x44e0
[ 1035.031973][    C0]  ? __pfx_tcp_rcv_state_process+0x10/0x10
[ 1035.037772][    C0]  ? sk_filter_trim_cap+0x5bf/0xa80
[ 1035.042963][    C0]  ? do_raw_spin_lock+0x14f/0x370
[ 1035.047983][    C0]  ? __pfx_tcp_inbound_hash+0x10/0x10
[ 1035.053351][    C0]  tcp_v4_do_rcv+0x77d/0xc70
[ 1035.057933][    C0]  tcp_v4_rcv+0x2dc0/0x37f0
[ 1035.062440][    C0]  ? __pfx_tcp_v4_rcv+0x10/0x10
[ 1035.067282][    C0]  ? __pfx_tcp_v4_rcv+0x10/0x10
[ 1035.072129][    C0]  ? __pfx_tcp_v4_rcv+0x10/0x10
[ 1035.076972][    C0]  ip_protocol_deliver_rcu+0x22e/0x440
[ 1035.082426][    C0]  ? ip_local_deliver_finish+0x230/0x5f0
[ 1035.088057][    C0]  ip_local_deliver_finish+0x341/0x5f0
[ 1035.093529][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1035.099530][    C0]  NF_HOOK+0x3a4/0x450
[ 1035.103602][    C0]  ? NF_HOOK+0x9a/0x450
[ 1035.107753][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[ 1035.112339][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1035.118327][    C0]  ? ip_rcv_finish+0x406/0x560
[ 1035.123109][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 1035.128218][    C0]  NF_HOOK+0x3a4/0x450
[ 1035.132284][    C0]  ? __lock_acquire+0x1397/0x2100
[ 1035.137301][    C0]  ? NF_HOOK+0x9a/0x450
[ 1035.141447][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[ 1035.146036][    C0]  ? ip_rcv_core+0x801/0xd10
[ 1035.150636][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 1035.155759][    C0]  ? __pfx_ip_rcv+0x10/0x10
[ 1035.160260][    C0]  __netif_receive_skb+0x2bf/0x650
[ 1035.165367][    C0]  ? __pfx_lock_acquire+0x10/0x10
[ 1035.170381][    C0]  ? __pfx___netif_receive_skb+0x10/0x10
[ 1035.176006][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1035.181974][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1035.186985][    C0]  ? _raw_spin_lock_irq+0xdf/0x120
[ 1035.192090][    C0]  process_backlog+0x662/0x15b0
[ 1035.196934][    C0]  ? process_backlog+0x33b/0x15b0
[ 1035.201951][    C0]  ? __pfx_process_backlog+0x10/0x10
[ 1035.207228][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1035.213194][    C0]  ? __lock_acquire+0x1397/0x2100
[ 1035.218208][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1035.224524][    C0]  __napi_poll+0xcb/0x490
[ 1035.228843][    C0]  net_rx_action+0x89b/0x1240
[ 1035.233519][    C0]  ? __pfx_net_rx_action+0x10/0x10
[ 1035.238621][    C0]  ? sched_clock+0x4a/0x70
[ 1035.243032][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1035.249346][    C0]  ? __schedule+0x1803/0x4be0
[ 1035.254023][    C0]  handle_softirqs+0x2d4/0x9b0
[ 1035.258869][    C0]  ? run_ksoftirqd+0xca/0x130
[ 1035.263535][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 1035.268817][    C0]  run_ksoftirqd+0xca/0x130
[ 1035.273304][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[ 1035.278404][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[ 1035.283498][    C0]  smpboot_thread_fn+0x544/0xa30
[ 1035.288428][    C0]  ? smpboot_thread_fn+0x4e/0xa30
[ 1035.293446][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1035.298900][    C0]  kthread+0x2f0/0x390
[ 1035.302953][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1035.308401][    C0]  ? __pfx_kthread+0x10/0x10
[ 1035.312977][    C0]  ret_from_fork+0x4b/0x80
[ 1035.317377][    C0]  ? __pfx_kthread+0x10/0x10
[ 1035.321955][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1035.326714][    C0]  </TASK>
[ 1035.329718][    C0] Modules linked in:
[ 1035.333738][    C0] ---[ end trace 0000000000000000 ]---
[ 1035.339213][    C0] RIP: 0010:put_page+0x23/0x260
[ 1035.344102][    C0] Code: 90 90 90 90 90 90 90 55 41 57 41 56 53 49 89 fe 48 bd 00 00 00 00 00 fc ff df e8 c8 09 1a f8 49 8d 5e 08 48 89 d8 48 c1 e8 03 <80> 3c 28 00 74 08 48 89 df e8 9f e6 7d f8 48 8b 1b 48 89 de 48 83
[ 1035.363749][    C0] RSP: 0000:ffffc90000156b90 EFLAGS: 00010202
[ 1035.369869][    C0] RAX: 0000000000000001 RBX: 0000000000000008 RCX: ffff88801bef5a00
[ 1035.377887][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 1035.385898][    C0] RBP: dffffc0000000000 R08: ffffffff8984fced R09: 1ffff1100499614c
[ 1035.393883][    C0] R10: dffffc0000000000 R11: ffffed100499614d R12: 0000000000000007
[ 1035.401905][    C0] R13: ffff888024cb0a42 R14: 0000000000000000 R15: 0000000000000000
[ 1035.409921][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[ 1035.418893][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1035.425492][    C0] CR2: 00007fccb4ca56c0 CR3: 000000007c02e000 CR4: 00000000003526f0
[ 1035.433493][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[ 1035.440934][    C0] Kernel Offset: disabled
[ 1035.445245][    C0] Rebooting in 86400 seconds..