last executing test programs:

31m6.868262467s ago: executing program 32 (id=406):
socket$inet_udplite(0x2, 0x2, 0x88)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x8002)
r2 = fcntl$dupfd(r1, 0x0, r1)
read$FUSE(r2, &(0x7f0000002500)={0x2020}, 0x2020) (fail_nth: 1)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffd, 0x6, 0xf9, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000180)='\x00\x00\x00\x00\x00\x00', 0x0, 0xb, 0x0, 0x80, 0x0})
write$tun(r2, &(0x7f0000000400)=ANY=[], 0xa2)

26m35.066904295s ago: executing program 33 (id=970):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x100)
r0 = syz_open_dev$dri(&(0x7f00000008c0), 0x1, 0x402)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, 0x0, <r1=>0x0})
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x8001, 0x0, 0x6, 0xffffffff})
ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000340)={r1, 0x5, 0x3, 0x0, 0x3, [], [0x4, 0x7, 0x7b], [0x7, 0xffff, 0x2, 0x10000], [0x0, 0x0, 0x1, 0xfff]})

19m58.529730964s ago: executing program 34 (id=1718):
r0 = mq_open(&(0x7f000084dff0)='rmdF\x17\x16\xbc\xec', 0x6e93ebbbcc0884f2, 0x0, 0x0)
r1 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3380, 0x2, 0x40024e}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_usb_connect$cdc_ecm(0x1, 0x4d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010003020000082505a1a440000102030109023b0001010550090904000403020600cd0524060000052400000005240f"], &(0x7f0000004fc0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r4 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000001780)={&(0x7f0000000540)=@generic={0x1, "ec0d9fd2520e6f8f57a1c6b079cb42c7e106a38502f5a4fbe2d9b73b28a180cf45601cbf27b89b8a57230ec9537bf1544b4ae74567216a585343e28f1a7bf4ae66c415e44d0a16808f4dfa7a08045ad909d18b9df31703264ddfbbf2e039b0f1371e176c2308250bfd68b60294038ffaf34d26096663ec4d90c513909136"}, 0x80, 0x0}, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0x6, 0x0, 0x0, 0x2, 0x1})
io_uring_enter(r1, 0x627, 0x4c1, 0x43, 0x0, 0x0)
mq_timedsend(r0, 0x0, 0x0, 0x4, 0x0)

19m0.606900431s ago: executing program 7 (id=2514):
r0 = socket$kcm(0x11, 0x2, 0x0)
close(r0)
socket$kcm(0x11, 0x2, 0x0)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r1, 0x107, 0x12, 0x0, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x0)
r3 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r3, 0x107, 0x12, &(0x7f00000000c0)=r2, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="020000000400"], 0x48)
r4 = socket$kcm(0x11, 0x2, 0x300)
setsockopt$sock_attach_bpf(r4, 0x107, 0x12, &(0x7f00000000c0)=r0, 0x8)

19m0.308860147s ago: executing program 7 (id=2519):
r0 = socket$kcm(0x1e, 0x1, 0x0)
sendmsg$kcm(r0, &(0x7f00000014c0)={&(0x7f00000003c0)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x80, 0x0}, 0x8010)
recvmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000001c0)=""/5, 0x63}], 0x1, 0xfffffffffffffffe, 0x19}, 0x0)
sendmsg$kcm(r0, 0x0, 0x4000844)

18m59.272877728s ago: executing program 7 (id=2539):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ac0)=ANY=[], 0xa0}}, 0x0)
close(r0)

18m59.124362832s ago: executing program 7 (id=2541):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000180), 0x4)
r2 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000240)={&(0x7f00000001c0)=@in6={0xa, 0x4e21, 0x0, @mcast2}, 0x80, 0x0}, 0x0)

18m58.985215952s ago: executing program 2 (id=2544):
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000640)={0x20, 0x3, 0x1, 0x201, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0xc, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000114}, 0x10000)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB], 0xb0}}, 0x74800)

18m58.887996923s ago: executing program 2 (id=2545):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x20050800)

18m58.878559056s ago: executing program 7 (id=2546):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB], 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1f, 0xf, &(0x7f0000001440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffdfffd}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @printk={@ld, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb0}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

18m58.729255042s ago: executing program 7 (id=2548):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x14a900, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'\x00', 0x2})
ioctl$TUNSETPERSIST(r1, 0x400454c9, 0x1)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x3)

18m58.728911762s ago: executing program 2 (id=2549):
r0 = socket$kcm(0x1e, 0x1, 0x0)
sendmsg$kcm(r0, &(0x7f00000014c0)={&(0x7f00000003c0)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x80, 0x0}, 0x8010)
recvmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000001c0)=""/5, 0x63}], 0x1, 0xfffffffffffffffe, 0x19}, 0x0)
sendmsg$kcm(r0, 0x0, 0x4000844)

18m57.808353712s ago: executing program 2 (id=2566):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x4004894}, 0xc000)

18m57.727052895s ago: executing program 2 (id=2567):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0a00000016000000b40000007f"], 0x48)
close(0x3)
socket$kcm(0x2a, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018100000", @ANYRES32=r0, @ANYBLOB="00000000000000006100ed9300000000180000000000000000000000000000009500000000000000b50a0000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x4, 0xee, &(0x7f0000000340)=""/238, 0x0, 0x0, '\x00', 0x0, 0x900}, 0x94)

18m57.648054531s ago: executing program 2 (id=2569):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x880, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x0, 0x0})

18m43.90490517s ago: executing program 35 (id=2525):
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
fstat(0xffffffffffffffff, &(0x7f00000001c0))
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0xa0b41, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="8fedcb5d07081175f37538e486dd6372ce22fdb911"], 0xfdef)

18m42.923687668s ago: executing program 36 (id=2548):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x14a900, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'\x00', 0x2})
ioctl$TUNSETPERSIST(r1, 0x400454c9, 0x1)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x3)

18m42.416302307s ago: executing program 37 (id=2569):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x880, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x0, 0x0})

11m45.995675558s ago: executing program 8 (id=3956):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c45, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x800, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x800400, &(0x7f0000000100)={[{@usrquota}, {@usrquota_block_hardlimit={'usrquota_block_hardlimit', 0x3d, [0x38]}}]})
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000140}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x44, 0x3, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0xc080}, 0x4801)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800e80010000d0428bd7000fcdbff2500008000", @ANYRES32=r2, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005"], 0x48}}, 0x4084)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0)
dup3(0xffffffffffffffff, r0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='numa_maps\x00')

11m44.988331761s ago: executing program 8 (id=3958):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc0800034000000004e00100000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000b4010380b00100800c00018006000100d1030000080003400000000120000780080001006e617400140002800800054000000017080006400000000a400006"], 0x278}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

11m43.545512011s ago: executing program 8 (id=3960):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x106)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x7, 0x0)
dup3(0xffffffffffffffff, r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000280)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
openat(0xffffffffffffff9c, 0x0, 0x2, 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000180)={0x1, 0x40c5ff, @name="47c7c39950407565a3c7fd736e1b3dfc86c78da6f2229dec2800"})
r1 = add_key$user(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x0}, &(0x7f0000000240)="bc30a071d8bcb8794f5d8e1334b133b0cc64874f1a44052e038135a56412a20d4363f5df40", 0x25, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r1, r2, r1}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)

11m42.897892516s ago: executing program 8 (id=3961):
setresgid(0xee00, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount$afs(&(0x7f0000000300), 0x0, &(0x7f0000000380), 0x18000, &(0x7f00000004c0)=ANY=[@ANYBLOB="666c6f636b6f63656c6c2c666c6f636b3d7374726963742c64796e2c736d61636b66736861743d002c726f6f74636f6e746578743d757365725f752c736d61636b66736861743d6374002c00000000000000000000000000000000002fc9cf85e81251a22845ff564fe0644660f657"])
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006300)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x20000000, 0x4041}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80001, 0x0)
r4 = syz_open_dev$loop(&(0x7f0000000000), 0x4, 0x1)
ioctl$LOOP_SET_FD(r4, 0x4c00, r3)
ioctl$LOOP_SET_FD(r4, 0x4c03, r4)
dup2(r3, r1)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x3)

11m42.3315275s ago: executing program 8 (id=3962):
syz_usb_connect(0x2, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000274c0340ab0560000611000000010902120001000d00000904"], 0x0)
syz_usb_connect$uac1(0x5, 0x71, &(0x7f00000000c0)=ANY=[@ANYBLOB="12011001000000086b1d010140000102030109025f0003010000de0904000000010100000abb01f8ff0309040100000102000009040101"], 0x0)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
syz_emit_vhci(0x0, 0xf8)

11m39.908586274s ago: executing program 8 (id=3972):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), r0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)={0x3c, r1, 0x917, 0x200, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @multicast2}]}, 0x3c}}, 0x4010)

11m39.47400648s ago: executing program 38 (id=3972):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), r0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)={0x3c, r1, 0x917, 0x200, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @multicast2}]}, 0x3c}}, 0x4010)

11m23.512505229s ago: executing program 9 (id=4008):
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000040))
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_open_dev$radio(&(0x7f0000000100), 0x2, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0x8, &(0x7f00000026c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000280)=ANY=[], 0x20)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @raw_data="dea233684c996156af0d4bd8e3300217e750b8c97b7123d48003e7e1d3be5f710c41a1db6719881876e9bcc6e2f73c67cc6b675eb43188b5b7f9f898868de9a9c5d536d418ba283121a73a5aba55a87d2a2525295f4492bbde02ad8bc8e88779f2de06f38e99172df4d45b6f13c813dee4230c204a93172922b778fef7a1f89ce876bb89d44cd705bbb28db4869dfac20d928950507acd92c02d17f51b0a627539f6e0a0bdb92004bc6252cd35e8cd100962db9a83ad63a4e7e1ca17c1b6aac63fefa9bebe429d00"})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x1ff, 0x1, 0x0, 0x1000, &(0x7f0000001000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x4)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000440)={"db4c1421593cb4d3f8fe6094dc821bbbe06520701fc6de7b0349f34b0f8c556a9e9aff1355aab8d6da26d74608530f150f127f9e3f0a2f1fff0be9774c95d6c007c91903f78616596487bf50017c56b15385ab264cba5b168c62d971e67e6f3e73d60b5a8adbaaf2af8610c6a91c0a116f619adce4aa91d5a68faf8ee98693d32d8d8244381b5720ef596600e39491d216c22d0725904bab7d90fa8afb8fa04b707410aa300ef098609b4fa6dd77b1b7c321b1fc6356564ce3f90826be3a9a5be186ffc48eb13824e9dae77ed212a0f802074ff4f1725c4ad88cf5bbd36e3406bc59d96e82047631d8be9462ee7e54e5b2897c3fff38eabf67e1e160c2b5e18be06457844d89c9a606b7d25fbde713f4759da0bee1fabe3f71dcca63540f113a2b5edc4b327d1f9610377b97265d4aa875b4bc3c44bf8110d5df1beb1fe54794a0aa52dfc80df1caf7d812b4f1cdba1a6836b45ea2180d08439d411ce8e0755868cc839eaeac73e5d28f9f1990584038cf5fa6bee0c4095a27cc8c7b59519bf2a9bf1fedf54cc2dc6aea6c42c32de40c291e5f422f5c7792a08926af160fb379576dd81bac746232fb246817fc3248097914b75e83cc5eb518ce8fb643b34ca69c3b61f0d94e7db62dd480198d41e0862f1ec4429ab637569884a5ba446a0b09edfd986a2b3e15ee35bbd18610dad6271681ed240b0ffab9199b541013c0aadc36484da57511896c14776a41602aa1426edfbb828897d9c218b7936a0572840ebbc796e888a439b24e640324b511deb6ed0b2ce2f7567447826944b4f34101e492e8d20a2deda950e96e78f86d6d4c976f0c99041c94944309e6ce08d84a7c96677d570d9a57ec0506a4321d9e049b55be883ca3648c27772fc5dbaea5e6c2ded2ce72fb68989ae381fe1394cf6966ab04285d5ff8256bc2e85462b8d89aeeebd5432157c945b5dc1960d9282c6cc007fe029325d6078aef94d4954f956c71bcdf846f41392ebe0d3b289438d24ec4bc073617459a6b232445dd636a9f21140e14b162fd5ef1d626b0ff84884fd63d22cc1b05befb77ea937f3045cc15b125479b262c1e32fca75a5468423288c5776efee744b1fccb5e6d661d9d287cfa8582c96ea34a33c1bbc29c0035657da66a87150bbb885be5ee123e431fd793ea179a0fc77aaee66d874c0616cb32324826b36d0e27d14217ad1131cace3bae4ef82dfbc790e78de53a9bfbdb468bf0eb3ff134073b380858965de2d108862daf3fc6b49ad46f20832238aeaa5d010cf08e37938f0bb7bbeaa970c39ce9327a16fe07565708266ce9ef639bfa08538693b456228aa1c370d64ef9795b7cc208a2c528d381a042d149ed5c7f34ed26a7d5a4401b86434f054389e5dac7a4ee896e406d7b27240d925d478e0eb2202797832d3e2c74f4925ad58377b0d6ae9b97034f94"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)

11m19.490831171s ago: executing program 9 (id=4020):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$kcm(0x2, 0x200000000000001, 0x106)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x7, 0x0)
dup3(0xffffffffffffffff, r0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc02c5625, &(0x7f0000000180)={0x1, 0x40c5ff, @name="47c7c39950407565a3c7fd736e1b3dfc86c78da6f2229dec2800"})
r1 = add_key$user(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x0}, &(0x7f0000000240)="bc30a071d8bcb8794f5d8e1334b133b0cc64874f1a44052e038135a56412a20d4363f5df40", 0x25, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r1, r2, r1}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)

11m19.123011705s ago: executing program 9 (id=4021):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0xf, 0x0, 0x0)

11m19.049104547s ago: executing program 9 (id=4022):
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x23, &(0x7f0000000000), 0x0)

11m19.029995s ago: executing program 9 (id=4023):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r4 = inotify_init()
r5 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS(r6, 0x4068aea3, &(0x7f0000000080)={0x74, 0x0, 0xf1})
ioctl$KVM_CAP_SPLIT_IRQCHIP(r6, 0x4068aea3, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a2c030000160a01010000000000000000010000040800074000000001a400038008000240000000ed0800014000000000900003801400010073697430000000000000000000000000140001006e6963766630000000000000000000001400010076657468315f6d616376746170000000140001006d61637365633000000800000000000014000100766972745f77696669300000000000001400010076657468315f746f5f7465616d00000014000100627269646765300000000000000000000c000540000000000000000378000380680003801400010073797a5f74756e000000000000000000140001007465616d5f736c6176655f3000000000140001006873723000000000000000000000000014e3000069703667726530000000000000000000140001007866726d30000000000000000000000004000380080001400000000048010380080001400000000018000380140001006e657464657673696d300000000000000800024000000004b8000380140001006d6163736563300000000000000000001400010069703667726574617030000000000000140001006d61637674617030000000000000000014000100767863616e310000000000000000000014000100640000000000000000070000010076657468315f746f5f687372000000001400010064756d6d7930000000000000000000001400010064766d727030000000000000000000001400010076657468305f6d61637674617000000008000240000000180800024000000009540003801400010067656e657665300000000000000000001400010064756d6d7930000000000000000000001400010070696d726567000000000000000000001400010067726530000000000000000000000000a000038008000140000000000800014000000000080002400000ff8b7c000380140001006272696467655f736c6176655f3100001400010076657468315f766c616e000000000000140001007465616d3000000000000000000000001400010070696d36726567310000000000000000140001006c6f0000000000000000000000000000140001000000000000000000000000000000000008000140000000004000e6ff0c0a03000000000000000000070000050900010073797a30000000000900020073797a31000000000900010073797a31000000000800044000000001140000001000010000000000000000000084000a00000000000046b1c4fa0c8b5a07aada84e23fe2622e5116a51c"], 0x394}, 0x1, 0x0, 0x0, 0x4040054}, 0x0)
mount(&(0x7f0000000140)=@nullb, 0x0, &(0x7f0000000080)='xfs\x00', 0x2208004, 0x0)
mount$cgroup(0x0, 0x0, &(0x7f00000001c0), 0x2010042, &(0x7f00000000c0)={[{@subsystem='cpu'}, {@subsystem='memory'}, {@xattr}]})
sendto$inet(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, 0x0, 0x0)

11m17.128037842s ago: executing program 9 (id=4024):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x28}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpgid(0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1, 0x11, r3, 0x800000000000)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x2000, 0x6, &(0x7f0000bdd000/0x2000)=nil)
sched_setattr(r2, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x4, 0x0, 0x806, 0x5, 0xffffffff}, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r5=>0x0, 0x0)
socket(0x10, 0x3, 0x0)
syz_io_uring_submit(r5, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r6, 0x4020aed2, &(0x7f00000000c0)={0xffff1000, 0x301000, 0x8})
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
r8 = socket$inet6(0xa, 0x80003, 0xff)
setsockopt$inet6_int(r8, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], 0x0, &(0x7f0000000000), 0x0)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r7, 0x4020aed2, 0x0)
unshare(0x6a040000)

11m16.95279344s ago: executing program 0 (id=4025):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000210018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018020000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000d000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r4, 0x0, 0x36, 0x0, &(0x7f0000000900)="c1dfb080cd21d308098ee68888a8", 0x0, 0xadf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

11m13.766859578s ago: executing program 0 (id=4033):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'ip6gre0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r1, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x3f1, 0x1400}, 0xa5, 0x8, 0xffffffe}}, @TCA_TBF_BURST={0x6, 0x6, 0x8057}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x44080)

11m13.337909178s ago: executing program 0 (id=4035):
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0xfffffffb)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x408, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)}, 0x0, 0x40000000})
r2 = syz_io_uring_setup(0x487, &(0x7f0000000100)={0x0, 0x59c4, 0x800, 0x1000, 0x5cc}, &(0x7f0000000300)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x10, 0x0, r0, 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x1})
io_uring_enter(r2, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

11m12.094309076s ago: executing program 0 (id=4037):
openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x5)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
write(r0, &(0x7f0000000280)="e8bd8a4c56281ba2ba42cfa5b9fe5fc6dcde2ee431f5595ceadb9a2c95e57f15ee4a83f9e7d78ea996f78bd588bedcdbc730d6d15df6d2a26ca4e55e97ed0522a190ce241a37bad3317fba7e4be3dbbfec5e2f401b5658cc8fda", 0xffffffe5)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0)=0x5)
r1 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000", @ANYBLOB="f7", @ANYRESOCT], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r1)
r2 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x7168, 0x3010, 0x2, 0x374}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000240)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r5, 0x1, 0x3f, &(0x7f0000000080), 0x4)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r6, &(0x7f00000001c0)='\\', 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r7 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r7, 0xa, 0x13)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r8, 0xffffffffffffffff, 0x0)

11m8.82524891s ago: executing program 0 (id=4043):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x20)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xb2, &(0x7f0000000140)=""/178, 0x2c8a4ed31704d5db, 0x6f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @empty}, 0x1c)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x100, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r4, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x7e)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x2, @loopback, 0xfffffffd}}, 0x0, 0x0, 0x500, 0x0, 0x54, 0xa}, 0x9c)
mount(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x2208004, 0x0)
r5 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
syz_fuse_handle_req(r5, &(0x7f000000c280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a", 0x2000, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x2000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r5, &(0x7f0000000380)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x0, 0x8412060, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10000}}, 0x50)
syz_open_dev$amidi(0x0, 0x2, 0x181)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x90)

11m7.555365052s ago: executing program 0 (id=4045):
unshare(0x66000080)
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f071, 0x19})
r1 = socket$netlink(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100009dea7840b418fbff7bdc010203010902"], 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'macsec0\x00'})
gettid()
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
shutdown(r2, 0x0)

11m1.857885827s ago: executing program 39 (id=4024):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x28}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpgid(0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1, 0x11, r3, 0x800000000000)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x2000, 0x6, &(0x7f0000bdd000/0x2000)=nil)
sched_setattr(r2, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x4, 0x0, 0x806, 0x5, 0xffffffff}, 0x0)
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r5=>0x0, 0x0)
socket(0x10, 0x3, 0x0)
syz_io_uring_submit(r5, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x1)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r6, 0x4020aed2, &(0x7f00000000c0)={0xffff1000, 0x301000, 0x8})
r7 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
r8 = socket$inet6(0xa, 0x80003, 0xff)
setsockopt$inet6_int(r8, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], 0x0, &(0x7f0000000000), 0x0)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r7, 0x4020aed2, 0x0)
unshare(0x6a040000)

10m52.525952834s ago: executing program 40 (id=4045):
unshare(0x66000080)
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f071, 0x19})
r1 = socket$netlink(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100009dea7840b418fbff7bdc010203010902"], 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'macsec0\x00'})
gettid()
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
shutdown(r2, 0x0)

3m9.590594862s ago: executing program 6 (id=4570):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x82200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r3 = syz_io_uring_setup(0x10d, &(0x7f00000000c0)={0x0, 0x8d2dc, 0x0, 0xffffffff, 0x3}, 0x0, &(0x7f0000000140)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, r4, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r2, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r3, 0x47f5, 0x0, 0x0, 0x0, 0x0)

3m8.497424041s ago: executing program 6 (id=4571):
openat$rdma_cm(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(r1, 0x891c, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r4, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900038073797a3200000000140000001100014707a082b178795ad1fcc02173fc70f8"], 0x7c}, 0x1, 0x0, 0x0, 0x25}, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x300, @empty}}, 0x300, 0x0, 0x318, 0x1, 0x24}, 0x9c)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x2f, &(0x7f0000000000)=0x102, 0x4)
socket$netlink(0x10, 0x3, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)

3m3.50517073s ago: executing program 6 (id=4578):
r0 = syz_open_dev$video4linux(&(0x7f0000000280), 0x6f9, 0x8000)
ioctl$VIDIOC_G_STD(r0, 0x80085617, 0x0)
syz_emit_ethernet(0x16, &(0x7f0000000340)=ANY=[], 0x0)
userfaultfd(0x80001)
memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xb0c4, 0x0, 0x2, 0x5a}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000500)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}})
io_uring_enter(r2, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0x0, r5, 0x0, 0x5, &(0x7f00000001c0)=':.#\'\x00'}, 0x30)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

3m1.38035065s ago: executing program 6 (id=4581):
r0 = syz_open_dev$loop(0x0, 0xd79, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$UHID_INPUT(r1, &(0x7f00000010c0)={0x8, {"eddd025b60fdc30a063f172d718c2bd6b3645eadae0f767eb61f2421975b0064d30faba72ba63ab33c4ee2a6cb2f0cb187830255738dd670e8e178672a7473488a157b83ca0ed9657299e98243c15b6b8e08f34570dda445b526949a9b3aebdb97dda475e54a098f1ae57c4774c8ef81d36c77d309e0c817fba3415591dd26a637e43bec5f0fb193d8671889d89ac77bd90ee5efac63bf9eafc61f393e33aaa503760afad0e395042048defbc27ecc254790f419072feb3d5fb4815364072248a42bb88952f316952ea727ae850143819fb80a77407a2309c90ee7894bee7c5862bf14672cc9036bf0ccba7769b5d57b757b550180000000000000a7f0840d7040084b449eb5445ea40b3b9811a66d5228839907fba91ba8a5ca95b4600fcd98f93af794a412e97404d6f40a61e802f6112ff259a29ca8fb98ffce8fd12509883e812e7edb4a643fe4aac56bb01f69823bd6f4ebd618d81cb3d463eea2c9bae30b888a824043a71d5f3319b146848d63a5415f5ed47b33cafa473cc2c91c425a2d24bf5d8e627e6fc63f58a7b08180ce16e5aa7015478cfbebba3045ec5dd620f69659f3fe11af23b095b43ced6a48afaf3d9a78762d40ada3b1fead7884620e213f28a9a2e6bcda0b88347c8eb3f6be8be3fc2d507eaae0430ccd836d4790038d25d65091e6e7ee9bec612b4a5d90e9e878c9c57fd1aa28ee9fab64d2d3bec12ae68a974c0f64365548a5db8a1d8fc9e32b38df32e826a3d2a88ae824a5faa87d7a25373728da5322ebc73db3d9ac8c64db9c90b18d67b7770966a3b8a1079f5b83f21482ff8b1cc1c699a0a5a135b6fe2791abb556603e3255e89922de5bca02d57ace9f6d486a363891b6c15e3c0000000047e9617351e98a040f2e7019ddee08f2d6cdc9de2f7a32ea65d266513fa7821c24c90ae39268757eefacfe94d53c740747c86429eadbead0a3576549442f4f77d846df8d54b37fc280bd5b9320f872756706357b9813318a6bfeb77d4ddec55ab5592da2c6d05b3c021182485b96a634013c5ad5ba55f07d07211c0db03ccb5981f5955df2e86cd0f62f6ba66fe4abf695ebc6629e42f6ce96a132883f148eeeacdff13b1cbfa73cbc70b8c5b677682d7c60d1a1311b1222aef1edb4e231c869a18f9ae8eeba4eb4cba8a4a56703cd90710b2208bce8e9a18aaf4e7c47474c08ff85c307d660607bddfe49ac714e0fcdfefedddafa452dfe0341c8a8f07e62e4486699a740feda4b7b2bc635308eb6990f3dfa9065aa8b26ad0ac66fe86dbf2dfb5f0c4b0cad557d4fa4b61116aa57a285a705e1d87d3f8d560b5fd3f8c5df3dc22bd4edb36c1c2e78c0b69863f576d3053ceb21ecb287faf64bb7a3cfe3c28eb7c2335a3af5a29308dac5f7d6f48f46da8370124c37e5a3c9fdfd3d78a082030b2233f02fae54012d2ad2b1c1ec2a35a130a5d3f76b5f9a10a4d31ca41c5c2f58a40c058a48e5dd8a71adbabcbca341e46a6ad538491025e79db3c59350b229ae433537e54b62968ff582f041080719fb88778884da1c79ff28398d8edfcd931043b64bf75b944e735d6d0fa62ed1e3550fe9fa5c1f063b06fb8e13909c87efffe72481ada2d01522a93c70266aa3991c7141ecca2bc618fe54d7529a0c2a46469ca4b2086e112fdf4e1266ca6b5fd4b0fbea280dd246f622f0da6d0f3e3b0357dc0744132e66d8b035662ad5cd3faedd2f743e24ecfed2efd6fd3aed1402bdbc66af3c0b77b7962966649591d7d5985c81a063d46ddf07656f2b049f5811b310e567027bc1b6d44fc892d37aeda8cacc704c1dcc1a7ef759937416e01163027b81befa86772ddf576c37f3151792c4358d1fa418bcd250dc41effa988116589b110d31a59486123769e50f5b3985b4660919f08dd5c96ab8ab03322d0c61890f90e56970f0aa13a96bcfa97139d5627ed6a5558dee292bf0a6e5ad23341c7dc3464a05b9045cc3abbfc0448bf9ca044fd188569cc0c57e07105d1fa1efd44529b6592fa718e092c1a3fa3e56689c9c5168a5619bf2109bde2dca59ad16735e597402c1896d4e24f56c9d4bbc1f0b3a0135b7028a402c6a1a78de57a838b1871477d7b43dff3779fdb50b2ec9a3ae11fab7f715e7979e64a0f0d54d025105d1f768cdad112aeb2eac1c8042aff6fb975a16c64080ba4e0de0af9b8a975a2b6af6a05dff8ae848f6b80f2bd80c56e4683e67a3aaad0e72242b0f0f07d7d7a64a8669e75a99ba4fdb2ba239c5ef28c8f1dc0b2459698b374f1035a75eafde3d90d69afa489ee2d7f7958a5cc51e574203bab464ddd4d08abbb77c8874c6ce692d078bdc309d73ccb49c9d60a269c77601e82e1c824fca2a43605f8453943d23794785096da2ff56547389009e27a908cfcea03ede09c392e0bafa30891e23fbacdf08b49cbd2f4083f94c3c71877ffac86d426e5fe08fa9541f837f2de8440e0b2226b664a45a564f1357e804c24cd2cef95564a1e0041736ced508a63af4e9f4ae9f690084f8c67db3b3569fb86225b6cce291da8057200d1f86899081ebfa5274625ada6ee793fe4246d97157d608099a6adf81eb88bb37cdb64a18ed0e13a0cfeea3af2164a59b8a90a4a1dfad6f03cc27ccbcc879c2b54a57a6d81e01dbd9d7440e9f1a1f608617a308214b58a9090022b7c6631cda308a0aa13dd68159bd8578afeb5402b0e227ef709d8c58929fba262ff4ec70c3a8f68b98f92380201112f560c216d5dc61ad466ee08c1af18982617597436c6a0e0077bb2dab8932175fb30aafceb4d63b4b8aa4a1c2f3867a83855d418ae75b3029dff960a5a4fcbe0fb84828633d535413e0c70a26b2485dddaa7c52256ad85d5f71778af39692fb8553850bbac096d8d9c9145e0ed7903b5d530005f29493a5aa7e0c04b62cc07f2bcfa31a48ce7c167abdd145af8c25fb882b64e41a9b51ae77209d82a9095e1d80711e1c802302b92ad8e413bc9b200e57c6038a46bfc9468b5fdda7f3e57e676c99d4dde6b3a86ed2cb9a55cf199835ef9d858f5a692c4036b32ea07c76c29faa5e2241afab129340b6e2ad94baea982429225cfac726dbf137f6477432a31808a281c9af3c4bef4a2f508721ec71fc1c374fca4d4e25ed9754a41ebfcaaac7637caa13791a64ff995d3cd984ed8cecccc491de80596f8db8d3fe6a6f2b208d065fb6fbb5569bf7cd8a8162271ca5e5ed2b3b98f28d81b3b498345c48492c8fe2e6181f527bbe4ce6600f9e33fb65609bc4318ecf4ca151d3095232820a84704311f0bd3532178cf1e6ef9483b1f52ec2992e84aaf1239c99faeab989bd9848223e90093e71eb650660255fce7bd85872e413fe219859d18ef67f1f07a590ceadc1c687820c3c7cf9e2ff9609199c4b49fd74553507c1c7f45b5b1b40c96c0c984977f476ed686f8710248677847f5c0989df0eca6be3df498acfcfbca85bb986c8d844c19f62b06b95d8d6f4e4367040d45e494271f29546f1086f88fdc549402bd669e9aed5fe000000ef7668d3abeadb430d30534aef0a3a9a125bdeaa11647bafe6e1303b967d29718ac301cadbb43654a36b78ff91836584a5e3472db8db4ded526ecfef2efa2279c17639d3aef1587d5b8bbc8abec3a28dba276613c514a50fe243a588ecdb77ab1525088507f5a0537ba59062416beb479538806f04e70bc192c1fd46377c6105116cd21b75f29f91b67317ce4bd67dea18f560765dabf8f0cebfb770339aa2558df698e1ee22adc7b81b16b2e7fb06e7b5c2ca98c71aec18bc23b11d3b84c6a10aa866c5f438fc2d928fc89ce0902492cd79d6a1ffce27a66031cc24d1b82e9e8b6bdcb6b37f89531e048ae5ee10483dccbb734ba20a15b145fdeadfc461e146d8882133b4e6c6ba30d316ee0bf0bf40f26639077d090d1df3b943e78ba5ece82fcd4576cf3a87d7a9ad080b2cce7371e5bd671ad37e35ff03dfb6684ac0d4eda69154444aef2a173ba093bc87839e41388b2101f72a9b6cf675efbb231b007c11a7b452df89a584f459b23340c0dae21a4146968b66ac9b08d2408830ccec4e6fb1dd665c3023a3b32042b1facfb0bd4d5b9861fe5b0abee3313264b5abe61b1e145bc11121dc87bf1a6008433dedd4d7977b082400136bfceb33a2a3ceea9a6b67b8f85b604970c3ad474db7356f802bc840afe833c9056c037b2ea240b5846149682e14e4e126c7f88b9eb2c7384da631fbab63754611d52b4107dfd10fdf46e557be95a07e6ae64cbeb2d420bcfd87a2f52ecbfe5eba301e3c86761c1545b876e5951106e91be75e9d22301674bca4d729fffd9812cb984910b976c2a74966caf3d75ba7dc7f4275d24caf3bc94376a3579e8575c69401ea75d14e27f98eb7a05eccebd36ea89c4ac0dec65eb613d7f052c6b75b398c65249449b0693164a51c0c224ac1bb4f0781d2d10b96519131b6df9541aa1e7511820f71ab1d497234862f475356d9664a9fbbf0285738a143842820d5b795dcca64a24de4bae802fae01d82fec5548e108c4e750e8f1580d2ebd6bde06622db32c1f47eca183a81ecfde3b6a187c47f7984d2c6051f2ace7ac2bfc5da0cd4b0e57e69bf39551cc5443e12e9ce113cff2cecdd2802e5b9c5a1107e1ed982b93b8e986afa379ac1c6a5ee67e966c72bf149f9ba1c169bafe3d58e18e56438ad4a4db4826edb5eb4ff27808ddd7f87eb31cf232effc9bfff7305d91696e17058217d2d5596ae9082a1cc98d60b854b2ff76718d981c20d68ecf4f1a8dcd5f9f06162df324b84b246e5e11d6722003f32e3396e30c11724db17210c37dfa080c1be2fbeea1c92e084f72386fb29856bc25a16a53f97f44a5e81fd55872772eebdd0db3a5bdf0c28d34a48f8d707a97a3b89367c98e30dbe9c02444177a8fbaa605c6051157e41fade8432af5233ee030ad6fb7572ee4e7bd687dd855fe112ac46a7b1abe88771eb3b49e3d583efe7b79394ca4687acfc262af45dbf4736e9e17d39ea5f8e81f6ed7f242c5a09da7f22f37ce9d5e6222fa71aed8ee69e501d30cd98f5c5275d5dcc1f112c3dbd2cca465f7442d952353613ac5b30222cf153c598c15c102b0dd0d99e45595d98ab365fda3f6e3bdf29b66a8d0a43c1c6a109e3056015a49e4f9ed7522163da86b9e2bf14d7c0ff026261f96feabc0b1c64ba130acb2c4927a783bed9f4e1d38f0a1351000334010b99585c24fb9a7a24809e4bffc3448c778dbeeed816225b2173fae0975e1b9c19213dc33bab3a9bbe8f62e306a1aecac5484d3f23421f5064c16aa4fa67de32222115928c0f3b114593dd0c791c590be61e0b97ed0b0e0dcdb238eb1290466d9c10dfaa8c7fcd0bf659897d945df86d936c67e42924d47a4245fb3d6f8ec538d59c100c6e52100317ea41a1fd253ddd54b13b6a2807ea729d3fd7e1b0461cc78b2c7c889b9ad3ec0398399ff645f3ab988b8a52d9f09a430cfa0390c4c5ad3a392ef28a9f4056d77b712df09b69d7d93617c4783133f9abab2d6935d54f59d0c1b5ea4dba28af7bbfeaf29009618c436ddec116f8966b4ae89ceca545daef5a48f1668231731af7abc502df9f7d308998b92adbfdf0937186a9cbcd4267dc1d0e399b27dacc07ca37f76ceb42f13e4de89dd484a91dc8a2bebece95c6400fde8bdc6d2857454f562f04422b632925c84fb501998ab096363acafea06790c298a76267ca63d81763343fa1fbbbeecba24ca939b3f4d577a5129fd3c407cada9151a12b04e76d664b232cf05c9ad000", 0x1000}}, 0x1006)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x201, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fcffffffffffffff2000b8785d960000000000000000000000000f00000000000100000000000000000000000000000200", "2809e897bdb2128bfc82525edd665240f45f819e01982861ac00000000000100", "90be8b1c551265406c7f306003d8a0f4bd00", [0x4, 0xfffffffffffffffc]}})

3m0.068461227s ago: executing program 6 (id=4585):
r0 = dup(0xffffffffffffffff)
write$6lowpan_enable(r0, &(0x7f0000000000)='0', 0xfffffd2c)
write$ppp(r0, &(0x7f0000000440)="5ff89328b82f502b53567721ee0fc4cb7ef364ef287ab9ddc307236a8e497b3eaff358719b666e04a54e1785a92b89bb7320ca0efb0ad17c6676a5c6d5278e15fff32a0f61a063fb07990a8064c3ad1851e8d7860fa92c105c6cdabe25ffa6f3c37f1cb27bcccd0cd1d1bc699dc73bcfac29df9e9d96b699fb5478cbef5c335997cd482302517ae498040259ced53d9a4ae742346cbacc874de1f5a60d28461bb98283b7b14e679b567cf85d6125c54a1888409b098d5296020fa82cd44730b20f30592074d54bb393cbd39a06d06645261a3d3f6777ca3195a9179c7bef917bcfa2eb4ce7483b5704d3ee8b2d205a2c04c2b598b291bcf8", 0xf8)

2m58.33621703s ago: executing program 6 (id=4589):
r0 = syz_open_dev$video4linux(&(0x7f0000000280), 0x6f9, 0x8000)
ioctl$VIDIOC_G_STD(r0, 0x80085617, 0x0)
syz_emit_ethernet(0x16, &(0x7f0000000340)=ANY=[], 0x0)
userfaultfd(0x80001)
memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xb0c4, 0x0, 0x2, 0x5a}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000500)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}})
io_uring_enter(r2, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0x0, r5, 0x0, 0x5, &(0x7f00000001c0)=':.#\'\x00'}, 0x30)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

2m53.432638424s ago: executing program 4 (id=4602):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x801, 0x0)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x34014c40, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
prlimit64(0x0, 0x3, &(0x7f0000000280)={0x2, 0x2}, &(0x7f00000003c0))
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4814)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='iso9660\x00', 0x208000, 0x0)
r3 = syz_io_uring_setup(0x496, &(0x7f0000000f80)={0x0, 0x79b3, 0x3180, 0x7ffc, 0x400246}, &(0x7f0000000140)=<r4=>0x0, &(0x7f0000000080))
r5 = eventfd(0x401)
syz_io_uring_setup(0x641a, &(0x7f0000000300)={0x0, 0x235d, 0x8, 0x0, 0x400002d8}, &(0x7f0000000200), &(0x7f00000001c0))
io_uring_register$IORING_REGISTER_EVENTFD(r3, 0x4, &(0x7f0000000040)=r5, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x80, &(0x7f0000000100)=0xffb, 0x0, 0x4)
io_uring_enter(r3, 0x627, 0x4c1, 0x43, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
openat$rfkill(0xffffff9c, &(0x7f0000000040), 0x8080, 0x0)
epoll_create1(0x80000)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000080)=0x74000000)
write$dsp(r1, &(0x7f0000002000)='`', 0x88020)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(streebog256-generic)\x00'}, 0x58)

2m49.974763948s ago: executing program 4 (id=4608):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x13, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1, 0x0, 0xc}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0xf}, 0x94)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
creat(&(0x7f0000000340)='./file0/file0\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000002540))
close_range(r0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty, 0xffffffff}, 0x1c)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
listen(r3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001500add427323b470c45b45602067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r5, 0x4b52, &(0x7f00000001c0)={0x2, 0x1000, 0xf, 0x1e, 0x0, 0x0})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000800)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
write$cgroup_int(r6, &(0x7f0000000040)=0x3, 0x12)

2m48.604430954s ago: executing program 4 (id=4611):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x82200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r3 = syz_io_uring_setup(0x10d, &(0x7f00000000c0)={0x0, 0x8d2dc, 0x0, 0xffffffff, 0x3}, &(0x7f00000003c0)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r2, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r3, 0x47f5, 0x0, 0x0, 0x0, 0x0)

2m47.608501961s ago: executing program 4 (id=4614):
setresgid(0xee00, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mount$afs(&(0x7f0000000300), 0x0, &(0x7f0000000380), 0x18000, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000006300)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x20000000, 0x4041}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80001, 0x0)
r4 = syz_open_dev$loop(&(0x7f0000000000), 0x4, 0x1)
ioctl$LOOP_SET_FD(r4, 0x4c00, r3)
ioctl$LOOP_SET_FD(r4, 0x4c03, r4)
dup2(r3, r1)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x3)

2m43.914272768s ago: executing program 4 (id=4622):
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
write$ppp(r1, &(0x7f0000000440)="5ff89328b82f502b53567721ee0fc4cb7ef364ef287ab9ddc307236a8e497b3eaff358719b666e04a54e1785a92b89bb7320ca0efb0ad17c6676a5c6d5278e15fff32a0f61a063fb07990a8064c3ad1851e8d7860fa92c105c6cdabe25ffa6f3c37f1cb27bcccd0cd1d1bc699dc73bcfac29df9e9d96b699fb5478cbef5c335997cd482302517ae498040259ced53d9a4ae742346cbacc874de1f5a60d28461bb98283b7b14e679b567cf85d6125c54a1888409b098d5296020fa82cd44730b20f30592074d54bb393cbd39a06d06645261a3d3f6777ca3195a9179c7bef917bcfa2eb4ce7483b5704d3ee8b2d205a2c04c2b598b291bcf8", 0xf8)

2m39.156165808s ago: executing program 4 (id=4633):
pipe2(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',cache=fscach'])
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x3f)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x1c1840, 0x92)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r5, &(0x7f00000001c0)="f1", 0x1)
sendfile(r5, r3, 0x0, 0x40001)
sendfile(r5, r4, 0x0, 0x7ffff000)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x16, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)

2m38.662219947s ago: executing program 41 (id=4633):
pipe2(&(0x7f00000003c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',cache=fscach'])
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x3f)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x1c1840, 0x92)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r5, &(0x7f00000001c0)="f1", 0x1)
sendfile(r5, r3, 0x0, 0x40001)
sendfile(r5, r4, 0x0, 0x7ffff000)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x16, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)

1m11.524867715s ago: executing program 1 (id=4785):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
write$ppp(r1, &(0x7f0000000440)="5ff89328b82f502b53567721ee0fc4cb7ef364ef287ab9ddc307236a8e497b3eaff358719b666e04a54e1785a92b89bb7320ca0efb0ad17c6676a5c6d5278e15fff32a0f61a063fb07990a8064c3ad1851e8d7860fa92c105c6cdabe25", 0x5d)

1m11.09584554s ago: executing program 1 (id=4788):
socket$alg(0x26, 0x5, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x801, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000008340)={0x2020, 0x0, <r0=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0xfffffffffffffffe, r0, {0x7, 0x1f, 0x0, 0x24054c40, 0x0, 0x49, 0xfba, 0x0, 0x0, 0x0, 0x10}}, 0x50)
socket$inet6(0xa, 0x6, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
prlimit64(0x0, 0x3, &(0x7f0000000280)={0x2, 0x2}, &(0x7f00000003c0))
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
mount$cgroup2(0x0, &(0x7f0000000240)='./cgroup\x00', &(0x7f0000000300), 0x4006, 0x0)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4814)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='nfs4\x00', 0x208000, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x4)
io_setup(0x2007, &(0x7f0000000980)=<r3=>0x0)
r4 = eventfd2(0x0, 0x0)
io_submit(r3, 0x1, &(0x7f0000000280)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x1, r4}])
close_range(r4, r4, 0x0)
shutdown(r2, 0x0)

1m9.569132633s ago: executing program 1 (id=4791):
r0 = syz_io_uring_setup(0x10d2, &(0x7f0000000280)={0x0, 0x80003734, 0x100, 0xfffffffe, 0x280}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22b9a, 0x0, 0x0, 0x0, 0x12345})
io_uring_enter(r0, 0x47bc, 0x0, 0x4000000000000000, 0x0, 0x0)

1m8.54488719s ago: executing program 1 (id=4792):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @empty}, 0x1c)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)={0x2, 0x1, 0x48, 0x0, 0x20, 0x0, 0x70bd28, 0x25dfdbfd, [@sadb_x_nat_t_type={0x1, 0x14, 0x2}, @sadb_x_filter={0x5, 0x1a, @in=@local, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x18, 0x4, 0x10}, @sadb_key={0x18, 0x8, 0x598, 0x0, "778c89d9e10722bd8c89e8e66c426d9b94ec66c004cff729365cbd4e03099095fc5f879251785f25a439c4723dac22f52fa11f60a4a2deb2afd2f51830b743819235ef71db34a78009b24a34629c90d1ed61594b691f0d76d6b36e59843f0e6cd837a43c19c56eb7837aa3af04cbc5778ccf03a992af48b12f603b6ba39be0f10cd7edcb80698c9f1151df3469aa3a999966e0efbcfb774a49d3d4beb99511f04167c58bf330559ea884abd3b318682fcd0661"}]}, 0x100}}, 0x20000800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x9)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000280)={{{@in=@broadcast, @in=@broadcast, 0x0, 0x0, 0x4e21, 0x0, 0xa, 0x0, 0x0, 0x5c}, {0x76, 0x324, 0x3, 0xfffffffffffffffd, 0x9, 0x6, 0x73a, 0x40000000000000}, {0x7, 0x1000000000, 0x53e5, 0x20}, 0xfffffff7, 0x1, 0x1, 0x0, 0x2}, {{@in6=@private1, 0xffffffff, 0x32}, 0x2, @in6=@local, 0x1504, 0x0, 0x3, 0x0, 0xc36, 0xfffffffd}}, 0xe4)

1m6.043824602s ago: executing program 1 (id=4797):
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001740)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='netfs_failure\x00', r0, 0x0, 0x2}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000000540)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xc, 0xb9, &(0x7f0000000140)=""/185, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r4 = openat$binfmt_register(0xffffff9c, &(0x7f0000000080), 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000100)=ANY=[], 0x32600)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
write$binfmt_register(r4, &(0x7f00000000c0)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x8, 0x3a, '', 0x3a, '[$(.[(', 0x3a, './file0'}, 0x2d)
socket$inet_mptcp(0x2, 0x1, 0x106)

1m5.108326786s ago: executing program 1 (id=4798):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
mkdir(0x0, 0x0)
acct(0x0)

49.781696155s ago: executing program 42 (id=4798):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
mkdir(0x0, 0x0)
acct(0x0)

11.201599674s ago: executing program 5 (id=4902):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x2, 0x0, @loopback, 0x47}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000340)='G', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois', 0x51)
sched_setaffinity(0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[], 0x28}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
prlimit64(0x0, 0xe, 0x0, 0x0)
shutdown(r0, 0x1)

11.028979717s ago: executing program 5 (id=4903):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000100)=0xbc2, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendto$packet(r0, 0x0, 0x0, 0x40000, &(0x7f0000000240)={0x11, 0xf7, r1, 0x1, 0x20, 0x6, @remote}, 0x14)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000080)={0x0, 0x1, 0x6, @remote}, 0x10)

10.900873275s ago: executing program 3 (id=4905):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
mkdir(0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
acct(0x0)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
geteuid()
r3 = socket(0x10, 0x3, 0x0)
socket$igmp(0x2, 0x3, 0x2)
write(r3, &(0x7f00000000c0)="240000001e005f0214fffffffffffff807000000a600000000a60000080008001d000000", 0x24)
socket$inet6_sctp(0xa, 0x1, 0x84)

10.632879795s ago: executing program 5 (id=4906):
socket$pppl2tp(0x18, 0x1, 0x1)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f00000005c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000cbd70100400000005000000080009000200000008000c00a80a000008000b000000000006000100070000000c0010"], 0x40}, 0x1, 0x0, 0x0, 0x40811}, 0x20)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x56, &(0x7f0000000040)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x34}, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "910100", 0x1c, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x1c, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, '\x00\x00\x00\x00\x00\x00\x00\x00`\x00\x00@'}}}}}}}, 0x0)

9.880456991s ago: executing program 3 (id=4907):
socket$inet6_mptcp(0xa, 0x1, 0x106)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
write$binfmt_format(0xffffffffffffffff, &(0x7f0000000080)='1\x00', 0x2)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r0 = socket(0xa, 0x3, 0x3a)
getsockopt$inet6_buf(r0, 0x29, 0xcd, 0x0, 0x0)

9.79648706s ago: executing program 3 (id=4908):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), 0xffffffffffffffff)
syz_io_uring_setup(0x4b3a, 0x0, 0x0, &(0x7f00000000c0))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0})
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x38)
syz_clone3(&(0x7f0000000300)={0xd0280f80, 0x0, 0x0, 0x0, {0x100003c}, 0x0, 0x0, 0x0, 0x0}, 0x58)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
iopl(0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0x0, 0x5, 0x1, 0x4, 0x2, 0x7}})
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x6, &(0x7f0000000240)=0x1, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r1, 0x8800000)
socket$inet6(0xa, 0x2, 0x3a)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmmsg(r3, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r2, r1, 0x0, 0x578410eb)
pipe(0x0)

905.451047ms ago: executing program 5 (id=4909):
syz_open_dev$video4linux(0x0, 0x6f9, 0x8000)
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xb0c4, 0x0, 0x2, 0x5a}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000500)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}})
io_uring_enter(r0, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f00000001c0)=':.#\'\x00'}, 0x30)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))

784.608658ms ago: executing program 3 (id=4910):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x2, 0x0, @loopback, 0x47}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000340)='G', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois', 0x51)
sched_setaffinity(0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000040))
timer_settime(0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[], 0x28}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
prlimit64(0x0, 0xe, 0x0, 0x0)
shutdown(r0, 0x1)

636.152259ms ago: executing program 3 (id=4911):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x20, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xe, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x6, 0xffffffffffffffff, 0x4}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0xa0100)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0x465c, 0x800, 0x3, 0x287}, &(0x7f00000004c0)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0})
io_uring_enter(r1, 0x40f9, 0x217, 0xa5, 0x0, 0xf5)

585.010049ms ago: executing program 5 (id=4912):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x7, 0x9)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x11c0, 0x80000)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file4\x00', &(0x7f0000000240)={0x0, 0x0, 0x12}, 0x18)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x80002, 0x0)

181.015568ms ago: executing program 5 (id=4913):
add_key(&(0x7f0000000000)='keyring\x00', 0x0, 0x0, 0x0, 0x0)
io_uring_setup(0x2255, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x50, 0xffffffffffffffff, 0x80000)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x23)
userfaultfd(0x80001)
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x6f)
r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$dsp(r1, &(0x7f00000002c0)=""/4096, 0x1000)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

0s ago: executing program 3 (id=4914):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
mkdir(0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
acct(0x0)
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
geteuid()
r3 = socket(0x10, 0x3, 0x0)
socket$igmp(0x2, 0x3, 0x2)
write(r3, &(0x7f00000000c0)="240000001e005f0214fffffffffffff807000000a600000000a60000080008001d000000", 0x24)
socket$inet6_sctp(0xa, 0x1, 0x84)

kernel console output (not intermixed with test programs):

783] debugfs: 'hsr0' already exists in 'hsr'
[ 1684.530768][T18783] Cannot create hsr debugfs directory
[ 1684.798764][T18617] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1685.126106][T18836] chnl_net:caif_netlink_parms(): no params data found
[ 1685.641370][ T5820] Bluetooth: hci0: command tx timeout
[ 1685.817124][T18617] 8021q: adding VLAN 0 to HW filter on device team0
[ 1686.144342][  T175] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1686.144788][  T175] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1686.295198][   T44] bridge_slave_1: left allmulticast mode
[ 1686.295229][   T44] bridge_slave_1: left promiscuous mode
[ 1686.295468][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1686.376463][   T44] bridge_slave_0: left allmulticast mode
[ 1686.376493][   T44] bridge_slave_0: left promiscuous mode
[ 1686.376754][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1686.448886][   T44] bridge_slave_1: left allmulticast mode
[ 1686.448916][   T44] bridge_slave_1: left promiscuous mode
[ 1686.449153][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1686.510346][   T44] bridge_slave_0: left allmulticast mode
[ 1686.510379][   T44] bridge_slave_0: left promiscuous mode
[ 1686.510681][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1687.694992][ T5820] Bluetooth: hci0: command tx timeout
[ 1690.028784][T18880] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5)
[ 1690.028908][T18880] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1690.051386][T18880] vhci_hcd vhci_hcd.0: Device attached
[ 1690.085424][   T44] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1690.125480][   T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1690.158877][   T44] bond0 (unregistering): Released all slaves
[ 1690.284577][T16458] usb 45-1: new low-speed USB device number 3 using vhci_hcd
[ 1690.496048][T18881] vhci_hcd: connection reset by peer
[ 1690.496747][ T8754] vhci_hcd vhci_hcd.6: stop threads
[ 1690.496769][ T8754] vhci_hcd vhci_hcd.6: release socket
[ 1690.496926][ T8754] vhci_hcd vhci_hcd.6: disconnect device
[ 1692.175138][   T44] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1692.266845][   T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1692.307184][   T44] bond0 (unregistering): Released all slaves
[ 1692.459003][ T9008] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1692.459152][ T9008] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1692.808080][T18836] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1692.808197][T18836] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1692.808387][T18836] bridge_slave_0: entered allmulticast mode
[ 1692.809836][T18836] bridge_slave_0: entered promiscuous mode
[ 1693.131710][ T5815] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1693.142022][ T5815] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1693.195689][ T5815] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1693.197885][ T5815] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1693.199095][ T5815] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1693.256334][T18836] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1693.256456][T18836] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1693.256715][T18836] bridge_slave_1: entered allmulticast mode
[ 1693.259297][T18836] bridge_slave_1: entered promiscuous mode
[ 1693.735797][   T44] hsr_slave_0: left promiscuous mode
[ 1693.754894][   T44] hsr_slave_1: left promiscuous mode
[ 1693.755616][   T44] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1693.806987][   T44] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1693.944628][   T44] hsr_slave_0: left promiscuous mode
[ 1693.964774][   T44] hsr_slave_1: left promiscuous mode
[ 1693.965442][   T44] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1694.010215][   T44] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1694.135853][   T44] veth1_vlan: left promiscuous mode
[ 1694.135967][   T44] veth0_vlan: left promiscuous mode
[ 1695.295119][ T5820] Bluetooth: hci3: command tx timeout
[ 1695.385093][T16458] vhci_hcd vhci_hcd.6: vhci_device speed not set
[ 1695.706611][   T44] team0 (unregistering): Port device team_slave_1 removed
[ 1696.047821][   T44] team0 (unregistering): Port device team_slave_0 removed
[ 1697.404798][ T5820] Bluetooth: hci3: command tx timeout
[ 1699.454753][ T5820] Bluetooth: hci3: command tx timeout
[ 1700.986309][   T44] team0 (unregistering): Port device team_slave_1 removed
[ 1701.275020][   T44] team0 (unregistering): Port device team_slave_0 removed
[ 1701.534611][ T5820] Bluetooth: hci3: command tx timeout
[ 1701.697478][ T3455] Bluetooth: Error in BCSP hdr checksum
[ 1701.989884][ T6181] Bluetooth: Error in BCSP hdr checksum
[ 1702.244886][ T1201] Bluetooth: Error in BCSP hdr checksum
[ 1702.505320][ T1201] Bluetooth: Error in BCSP hdr checksum
[ 1703.704884][ T5820] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1704.249235][T18836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1704.266668][T18836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1704.458346][T18836] team0: Port device team_slave_0 added
[ 1704.685865][T18836] team0: Port device team_slave_1 added
[ 1704.990352][T18836] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1704.990364][T18836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1704.990378][T18836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1705.036912][T18836] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1705.036924][T18836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1705.036939][T18836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1707.421765][T18836] hsr_slave_0: entered promiscuous mode
[ 1707.422560][T18836] hsr_slave_1: entered promiscuous mode
[ 1707.423105][T18836] debugfs: 'hsr0' already exists in 'hsr'
[ 1707.423121][T18836] Cannot create hsr debugfs directory
[ 1711.134890][T18888] chnl_net:caif_netlink_parms(): no params data found
[ 1711.712447][T18946] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(14)
[ 1711.712466][T18946] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1711.712558][T18946] vhci_hcd vhci_hcd.0: Device attached
[ 1711.737812][T18946] vhci_hcd vhci_hcd.0: pdev(6) rhport(1) sockfd(16)
[ 1711.737830][T18946] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1711.737872][T18946] vhci_hcd vhci_hcd.0: Device attached
[ 1711.739481][T18946] vhci_hcd vhci_hcd.0: pdev(6) rhport(2) sockfd(18)
[ 1711.739496][T18946] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1711.739537][T18946] vhci_hcd vhci_hcd.0: Device attached
[ 1711.740252][T18946] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1711.741584][T18946] vhci_hcd vhci_hcd.0: pdev(6) rhport(4) sockfd(22)
[ 1711.741598][T18946] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1711.741639][T18946] vhci_hcd vhci_hcd.0: Device attached
[ 1711.743010][T18946] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(24)
[ 1711.743023][T18946] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1711.743113][T18946] vhci_hcd vhci_hcd.0: Device attached
[ 1711.743767][T18946] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1711.775299][T18946] vhci_hcd vhci_hcd.0: pdev(6) rhport(6) sockfd(28)
[ 1711.775324][T18946] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1711.775460][T18946] vhci_hcd vhci_hcd.0: Device attached
[ 1711.776537][T18946] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1711.785217][T18957] vhci_hcd: connection closed
[ 1711.785650][  T175] vhci_hcd vhci_hcd.6: stop threads
[ 1711.785672][  T175] vhci_hcd vhci_hcd.6: release socket
[ 1711.785710][  T175] vhci_hcd vhci_hcd.6: disconnect device
[ 1711.789520][T18955] vhci_hcd: connection closed
[ 1711.789949][  T175] vhci_hcd vhci_hcd.6: stop threads
[ 1711.789974][  T175] vhci_hcd vhci_hcd.6: release socket
[ 1711.790012][  T175] vhci_hcd vhci_hcd.6: disconnect device
[ 1711.790578][T18953] vhci_hcd: connection closed
[ 1711.791466][  T175] vhci_hcd vhci_hcd.6: stop threads
[ 1711.791482][  T175] vhci_hcd vhci_hcd.6: release socket
[ 1711.791516][  T175] vhci_hcd vhci_hcd.6: disconnect device
[ 1711.793279][T18951] vhci_hcd: connection closed
[ 1711.793676][  T175] vhci_hcd vhci_hcd.6: stop threads
[ 1711.793693][  T175] vhci_hcd vhci_hcd.6: release socket
[ 1711.793729][  T175] vhci_hcd vhci_hcd.6: disconnect device
[ 1711.794182][T18949] vhci_hcd: connection closed
[ 1711.798793][  T175] vhci_hcd vhci_hcd.6: stop threads
[ 1711.798812][  T175] vhci_hcd vhci_hcd.6: release socket
[ 1711.798848][  T175] vhci_hcd vhci_hcd.6: disconnect device
[ 1711.799206][T18947] vhci_hcd: connection closed
[ 1711.800438][  T175] vhci_hcd vhci_hcd.6: stop threads
[ 1711.800454][  T175] vhci_hcd vhci_hcd.6: release socket
[ 1711.800488][  T175] vhci_hcd vhci_hcd.6: disconnect device
[ 1712.001239][T18888] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1712.001426][T18888] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1712.001661][T18888] bridge_slave_0: entered allmulticast mode
[ 1712.003325][T18888] bridge_slave_0: entered promiscuous mode
[ 1712.040377][T18888] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1712.040516][T18888] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1712.041048][T18888] bridge_slave_1: entered allmulticast mode
[ 1712.042791][T18888] bridge_slave_1: entered promiscuous mode
[ 1712.072150][T18763] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1712.205773][T18763] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1712.375732][T18763] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1712.525360][T18888] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1712.525458][T18763] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1712.593799][T18888] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1713.214935][T18888] team0: Port device team_slave_0 added
[ 1713.310460][T18888] team0: Port device team_slave_1 added
[ 1713.848488][T18888] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1713.848500][T18888] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1713.848514][T18888] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1713.853239][T18783] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1713.932584][T18888] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1713.932597][T18888] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1713.932612][T18888] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1713.933859][T18783] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1714.236663][T18783] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1714.262623][T18783] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1714.747721][   T37] audit: type=1326 audit(1714.587:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18980 comm="syz.6.4341" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe37819f749 code=0x0
[ 1714.803712][T18888] hsr_slave_0: entered promiscuous mode
[ 1714.804828][T18888] hsr_slave_1: entered promiscuous mode
[ 1714.806878][T18888] debugfs: 'hsr0' already exists in 'hsr'
[ 1714.806903][T18888] Cannot create hsr debugfs directory
[ 1715.759741][   T44] bridge_slave_1: left allmulticast mode
[ 1715.759770][   T44] bridge_slave_1: left promiscuous mode
[ 1715.763580][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1715.846870][   T44] bridge_slave_0: left allmulticast mode
[ 1715.846898][   T44] bridge_slave_0: left promiscuous mode
[ 1715.847144][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1715.917129][   T44] bridge_slave_1: left allmulticast mode
[ 1715.917149][   T44] bridge_slave_1: left promiscuous mode
[ 1715.917297][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1715.961879][T18990] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(14)
[ 1715.961898][T18990] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1715.969156][T18990] vhci_hcd vhci_hcd.0: Device attached
[ 1715.971586][T18990] vhci_hcd vhci_hcd.0: pdev(6) rhport(1) sockfd(16)
[ 1715.971611][T18990] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1715.971736][T18990] vhci_hcd vhci_hcd.0: Device attached
[ 1715.973740][T18990] vhci_hcd vhci_hcd.0: pdev(6) rhport(2) sockfd(18)
[ 1715.973762][T18990] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1715.973882][T18990] vhci_hcd vhci_hcd.0: Device attached
[ 1715.975558][T18990] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1715.977380][T18990] vhci_hcd vhci_hcd.0: pdev(6) rhport(4) sockfd(22)
[ 1715.977403][T18990] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1715.977518][T18990] vhci_hcd vhci_hcd.0: Device attached
[ 1715.979316][T18990] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(24)
[ 1715.979338][T18990] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1715.979628][T18990] vhci_hcd vhci_hcd.0: Device attached
[ 1715.980596][T18990] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1715.982399][T18990] vhci_hcd vhci_hcd.0: pdev(6) rhport(6) sockfd(28)
[ 1715.982421][T18990] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1715.982542][T18990] vhci_hcd vhci_hcd.0: Device attached
[ 1715.983431][T18990] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1715.991646][T19001] vhci_hcd: connection closed
[ 1715.992083][   T58] vhci_hcd vhci_hcd.6: stop threads
[ 1715.992106][   T58] vhci_hcd vhci_hcd.6: release socket
[ 1715.992143][   T58] vhci_hcd vhci_hcd.6: disconnect device
[ 1715.992950][T18999] vhci_hcd: connection closed
[ 1715.993330][   T58] vhci_hcd vhci_hcd.6: stop threads
[ 1715.993346][   T58] vhci_hcd vhci_hcd.6: release socket
[ 1715.993381][   T58] vhci_hcd vhci_hcd.6: disconnect device
[ 1715.993814][T18997] vhci_hcd: connection closed
[ 1715.994178][   T58] vhci_hcd vhci_hcd.6: stop threads
[ 1715.994193][   T58] vhci_hcd vhci_hcd.6: release socket
[ 1715.994226][   T58] vhci_hcd vhci_hcd.6: disconnect device
[ 1715.998438][T18995] vhci_hcd: connection closed
[ 1715.998846][   T58] vhci_hcd vhci_hcd.6: stop threads
[ 1715.998865][   T58] vhci_hcd vhci_hcd.6: release socket
[ 1715.998900][   T58] vhci_hcd vhci_hcd.6: disconnect device
[ 1716.002296][T18993] vhci_hcd: connection closed
[ 1716.002706][   T58] vhci_hcd vhci_hcd.6: stop threads
[ 1716.002723][   T58] vhci_hcd vhci_hcd.6: release socket
[ 1716.002758][   T58] vhci_hcd vhci_hcd.6: disconnect device
[ 1716.005845][T18991] vhci_hcd: connection closed
[ 1716.006104][   T58] vhci_hcd vhci_hcd.6: stop threads
[ 1716.006121][   T58] vhci_hcd vhci_hcd.6: release socket
[ 1716.006155][   T58] vhci_hcd vhci_hcd.6: disconnect device
[ 1716.146563][   T44] bridge_slave_0: left allmulticast mode
[ 1716.146581][   T44] bridge_slave_0: left promiscuous mode
[ 1716.146753][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1720.005182][   T44] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1720.085222][   T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1720.146360][   T44] bond0 (unregistering): Released all slaves
[ 1722.115166][   T44] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1722.205325][   T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1722.227043][   T44] bond0 (unregistering): Released all slaves
[ 1722.588398][T18836] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1722.655789][T18836] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1722.884796][   T44] hsr_slave_0: left promiscuous mode
[ 1722.924676][   T44] hsr_slave_1: left promiscuous mode
[ 1722.928385][   T44] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1722.964158][   T44] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1723.114747][   T44] hsr_slave_0: left promiscuous mode
[ 1723.134961][   T44] hsr_slave_1: left promiscuous mode
[ 1723.135737][   T44] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1723.186939][   T44] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1723.268965][  T806] kernel read not supported for file /dsp (pid: 806 comm: kworker/1:2)
[ 1723.331548][T19019] overlayfs: missing 'lowerdir'
[ 1723.517715][T19023] 9pnet_virtio: no channels available for device syz
[ 1724.197265][   T44] team0 (unregistering): Port device team_slave_1 removed
[ 1724.508333][   T44] team0 (unregistering): Port device team_slave_0 removed
[ 1726.541385][T11338] libceph: connect (1)[c::]:6789 error -101
[ 1726.541515][T11338] libceph: mon0 (1)[c::]:6789 connect error
[ 1726.545008][T11338] libceph: connect (1)[c::]:6789 error -101
[ 1726.545191][T11338] libceph: mon0 (1)[c::]:6789 connect error
[ 1726.804983][T11338] libceph: connect (1)[c::]:6789 error -101
[ 1726.805113][T11338] libceph: mon0 (1)[c::]:6789 connect error
[ 1727.074420][T19031] ceph: No mds server is up or the cluster is laggy
[ 1728.493200][T19038] tmpfs: Bad value for 'usrquota_block_hardlimit'
[ 1728.931039][ T5815] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1728.969668][ T5815] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1728.973310][ T5815] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1729.082901][ T5815] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1729.102963][ T5815] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1729.404797][T19046] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1730.395361][   T44] team0 (unregistering): Port device team_slave_1 removed
[ 1730.835669][   T44] team0 (unregistering): Port device team_slave_0 removed
[ 1731.298120][ T5815] Bluetooth: hci4: command tx timeout
[ 1732.722907][ T5820] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1732.737584][ T5820] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1732.744816][ T5820] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1732.747425][ T5820] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1732.748948][ T5820] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1733.450441][   T37] audit: type=1326 audit(1732.957:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19056 comm="syz.6.4360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe37819f749 code=0x7ffc0000
[ 1733.450496][   T37] audit: type=1326 audit(1732.957:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19056 comm="syz.6.4360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe37819f749 code=0x7ffc0000
[ 1733.450536][   T37] audit: type=1326 audit(1732.957:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19056 comm="syz.6.4360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fe37819f749 code=0x7ffc0000
[ 1733.450576][   T37] audit: type=1326 audit(1732.957:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19056 comm="syz.6.4360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe37819f749 code=0x7ffc0000
[ 1733.450616][   T37] audit: type=1326 audit(1732.957:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19056 comm="syz.6.4360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe37819f749 code=0x7ffc0000
[ 1733.450655][   T37] audit: type=1326 audit(1732.967:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19056 comm="syz.6.4360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fe37819f749 code=0x7ffc0000
[ 1733.465200][ T5815] Bluetooth: hci4: command tx timeout
[ 1733.536051][   T37] audit: type=1326 audit(1733.377:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19056 comm="syz.6.4360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe37819f749 code=0x7ffc0000
[ 1733.536114][   T37] audit: type=1326 audit(1733.377:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19056 comm="syz.6.4360" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe37819f749 code=0x7ffc0000
[ 1734.837491][ T5815] Bluetooth: hci6: command tx timeout
[ 1735.404973][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1735.405036][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1735.544577][ T5815] Bluetooth: hci4: command tx timeout
[ 1736.428581][T18836] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1736.462804][T18836] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1736.926008][ T5815] Bluetooth: hci6: command tx timeout
[ 1737.617166][ T5815] Bluetooth: hci4: command tx timeout
[ 1738.974645][ T5815] Bluetooth: hci6: command tx timeout
[ 1739.002136][T19085] tmpfs: Bad value for 'usrquota_block_hardlimit'
[ 1739.530260][T18888] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1739.724572][T18888] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1739.833947][T18888] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1739.929580][T19041] chnl_net:caif_netlink_parms(): no params data found
[ 1739.938186][T18888] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1740.003181][T19058] chnl_net:caif_netlink_parms(): no params data found
[ 1740.400601][ T5820] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1740.404327][ T5820] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1740.418467][T19100] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1740.432376][ T5820] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1740.450074][ T5820] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1740.451006][ T5820] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1741.054599][ T5820] Bluetooth: hci6: command tx timeout
[ 1741.144868][T19041] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1741.145129][T19041] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1741.145394][T19041] bridge_slave_0: entered allmulticast mode
[ 1741.148146][T19041] bridge_slave_0: entered promiscuous mode
[ 1741.150648][T19058] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1741.150773][T19058] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1741.150935][T19058] bridge_slave_0: entered allmulticast mode
[ 1741.153374][T19058] bridge_slave_0: entered promiscuous mode
[ 1741.163780][T19041] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1741.163923][T19041] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1741.164127][T19041] bridge_slave_1: entered allmulticast mode
[ 1741.166720][T19041] bridge_slave_1: entered promiscuous mode
[ 1741.169210][T19058] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1741.169347][T19058] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1741.169517][T19058] bridge_slave_1: entered allmulticast mode
[ 1741.171884][T19058] bridge_slave_1: entered promiscuous mode
[ 1741.903549][T19041] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1741.924967][T19058] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1742.083374][T19041] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1742.106311][T19058] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1742.495321][ T5820] Bluetooth: hci0: command tx timeout
[ 1742.750633][T19041] team0: Port device team_slave_0 added
[ 1742.772419][T19058] team0: Port device team_slave_0 added
[ 1743.709392][T19041] team0: Port device team_slave_1 added
[ 1743.722023][T19058] team0: Port device team_slave_1 added
[ 1743.832096][T19127] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1744.380999][T19135] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4372'.
[ 1744.402400][T19041] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1744.402419][T19041] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1744.402446][T19041] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1744.410468][T19058] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1744.410486][T19058] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1744.410512][T19058] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1744.452652][T19041] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1744.452670][T19041] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1744.452696][T19041] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1744.456436][T19058] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1744.456452][T19058] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1744.456478][T19058] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1744.574473][ T5820] Bluetooth: hci0: command tx timeout
[ 1744.887619][T19058] hsr_slave_0: entered promiscuous mode
[ 1744.888724][T19058] hsr_slave_1: entered promiscuous mode
[ 1745.158006][T19041] hsr_slave_0: entered promiscuous mode
[ 1745.181333][T19041] hsr_slave_1: entered promiscuous mode
[ 1745.191160][T19041] debugfs: 'hsr0' already exists in 'hsr'
[ 1745.191181][T19041] Cannot create hsr debugfs directory
[ 1745.787840][T19097] chnl_net:caif_netlink_parms(): no params data found
[ 1746.472295][T19097] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1746.472586][T19097] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1746.472764][T19097] bridge_slave_0: entered allmulticast mode
[ 1746.475714][T19097] bridge_slave_0: entered promiscuous mode
[ 1746.501597][T19097] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1746.501987][T19097] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1746.502196][T19097] bridge_slave_1: entered allmulticast mode
[ 1746.504838][T19097] bridge_slave_1: entered promiscuous mode
[ 1746.516711][T18888] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1746.692823][ T5820] Bluetooth: hci0: command tx timeout
[ 1747.202981][T19097] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1747.265712][T19097] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1747.586951][T19156] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1747.587425][T19097] team0: Port device team_slave_0 added
[ 1747.879108][T19097] team0: Port device team_slave_1 added
[ 1748.067546][T18888] 8021q: adding VLAN 0 to HW filter on device team0
[ 1748.084265][T19097] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1748.084298][T19097] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1748.084325][T19097] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1748.138731][T19097] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1748.138748][T19097] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1748.138773][T19097] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1748.218768][  T175] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1748.218927][  T175] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1748.240831][  T175] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1748.241033][  T175] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1748.446722][T19097] hsr_slave_0: entered promiscuous mode
[ 1748.447741][T19097] hsr_slave_1: entered promiscuous mode
[ 1748.448565][T19097] debugfs: 'hsr0' already exists in 'hsr'
[ 1748.448582][T19097] Cannot create hsr debugfs directory
[ 1748.745043][ T5820] Bluetooth: hci0: command tx timeout
[ 1750.388793][T19177] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1751.333643][T18888] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1751.502219][   T44] bridge_slave_1: left allmulticast mode
[ 1751.502249][   T44] bridge_slave_1: left promiscuous mode
[ 1751.502513][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1751.622275][   T44] bridge_slave_0: left allmulticast mode
[ 1751.622313][   T44] bridge_slave_0: left promiscuous mode
[ 1751.622562][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1751.708871][   T44] bridge_slave_1: left allmulticast mode
[ 1751.708902][   T44] bridge_slave_1: left promiscuous mode
[ 1751.709151][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1751.885279][   T44] bridge_slave_0: left allmulticast mode
[ 1751.885301][   T44] bridge_slave_0: left promiscuous mode
[ 1751.885458][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1752.029545][   T44] bridge_slave_1: left allmulticast mode
[ 1752.029818][   T44] bridge_slave_1: left promiscuous mode
[ 1752.062602][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1752.355906][   T44] bridge_slave_0: left allmulticast mode
[ 1752.355936][   T44] bridge_slave_0: left promiscuous mode
[ 1752.356181][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1754.141543][ T5815] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1754.173779][ T5815] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1754.185023][ T5815] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1754.190231][ T5815] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1754.192608][ T5815] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1755.975275][   T44] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1756.075390][   T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1756.090389][T19212] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1756.160733][   T44] bond0 (unregistering): Released all slaves
[ 1756.337448][ T5820] Bluetooth: hci1: command tx timeout
[ 1757.195524][   T44] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1757.275011][   T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1757.428917][   T44] bond0 (unregistering): Released all slaves
[ 1759.497809][ T5820] Bluetooth: hci1: command tx timeout
[ 1759.855364][   T44] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1759.939984][   T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1760.010905][   T44] bond0 (unregistering): Released all slaves
[ 1761.544643][ T5820] Bluetooth: hci1: command tx timeout
[ 1762.454688][   T44] hsr_slave_0: left promiscuous mode
[ 1762.504678][   T44] hsr_slave_1: left promiscuous mode
[ 1762.505723][   T44] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1762.529392][   T44] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1762.624828][   T44] hsr_slave_0: left promiscuous mode
[ 1762.644541][   T44] hsr_slave_1: left promiscuous mode
[ 1762.645673][   T44] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1762.668536][   T44] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1762.784502][   T44] hsr_slave_0: left promiscuous mode
[ 1762.804560][   T44] hsr_slave_1: left promiscuous mode
[ 1762.805637][   T44] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1762.835623][   T44] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1763.614561][ T5820] Bluetooth: hci1: command tx timeout
[ 1763.715142][   T44] team0 (unregistering): Port device team_slave_1 removed
[ 1763.875311][   T44] team0 (unregistering): Port device team_slave_0 removed
[ 1765.365062][   T44] team0 (unregistering): Port device team_slave_1 removed
[ 1765.555209][   T44] team0 (unregistering): Port device team_slave_0 removed
[ 1766.014068][T19275] 9pnet_virtio: no channels available for device syz
[ 1768.035101][   T44] team0 (unregistering): Port device team_slave_1 removed
[ 1768.196021][   T44] team0 (unregistering): Port device team_slave_0 removed
[ 1769.148929][T19298] 9pnet_virtio: no channels available for device syz
[ 1769.966887][T19203] chnl_net:caif_netlink_parms(): no params data found
[ 1769.991059][T19302] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1771.340453][T19311] ceph: No mds server is up or the cluster is laggy
[ 1771.343952][T11338] libceph: connect (1)[c::]:6789 error -101
[ 1771.344144][T11338] libceph: mon0 (1)[c::]:6789 connect error
[ 1771.509422][T19203] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1771.509611][T19203] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1771.509837][T19203] bridge_slave_0: entered allmulticast mode
[ 1771.512475][T19203] bridge_slave_0: entered promiscuous mode
[ 1771.664995][T19203] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1771.665149][T19203] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1771.665347][T19203] bridge_slave_1: entered allmulticast mode
[ 1771.666791][T19203] bridge_slave_1: entered promiscuous mode
[ 1772.049755][T19203] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1772.065504][T19203] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1772.358497][T19203] team0: Port device team_slave_0 added
[ 1772.413335][T19203] team0: Port device team_slave_1 added
[ 1772.854177][T19203] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1772.854190][T19203] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1772.854205][T19203] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1772.868487][T19203] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1772.868507][T19203] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1772.868535][T19203] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1773.196273][T19041] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1773.277493][T19203] hsr_slave_0: entered promiscuous mode
[ 1773.278259][T19203] hsr_slave_1: entered promiscuous mode
[ 1773.278750][T19203] debugfs: 'hsr0' already exists in 'hsr'
[ 1773.278764][T19203] Cannot create hsr debugfs directory
[ 1773.335971][T19041] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1773.515127][T19041] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1773.608650][T19041] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1773.779424][T19058] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1773.856925][T19058] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1773.925338][T19058] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1774.148934][T19058] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1774.942475][T19340] 9pnet_virtio: no channels available for device syz
[ 1775.788214][T19344] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1775.791634][T19097] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1775.865887][T19097] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1776.137631][T19097] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1776.219145][T19097] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1776.836987][T19041] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1776.980272][T19041] 8021q: adding VLAN 0 to HW filter on device team0
[ 1777.040391][ T9270] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1777.040606][ T9270] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1777.120824][   T44] bridge_slave_1: left allmulticast mode
[ 1777.120855][   T44] bridge_slave_1: left promiscuous mode
[ 1777.121090][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1777.215588][   T44] bridge_slave_0: left allmulticast mode
[ 1777.215608][   T44] bridge_slave_0: left promiscuous mode
[ 1777.215775][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1782.040226][T19369] 9pnet_virtio: no channels available for device syz
[ 1783.831341][T19377] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1784.605054][   T44] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1784.695862][   T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1784.720082][   T44] bond0 (unregistering): Released all slaves
[ 1784.761367][ T1201] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1784.763764][ T1201] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1784.954044][T19058] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1785.164640][   T44] hsr_slave_0: left promiscuous mode
[ 1785.184573][   T44] hsr_slave_1: left promiscuous mode
[ 1785.187033][   T44] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1785.227800][   T44] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1786.335040][   T44] team0 (unregistering): Port device team_slave_1 removed
[ 1786.645090][   T44] team0 (unregistering): Port device team_slave_0 removed
[ 1789.319525][ T5815] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1789.329901][ T5815] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1789.336399][ T5815] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1789.397088][ T5815] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1789.397823][ T5815] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1789.639034][T19203] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1789.710267][T19203] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1789.751674][T19393] netlink: 666 bytes leftover after parsing attributes in process `syz.6.4437'.
[ 1789.751761][T19203] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1789.852958][T19203] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1789.880798][T19058] 8021q: adding VLAN 0 to HW filter on device team0
[ 1789.949286][T19097] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1789.965984][ T1354] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1789.966167][ T1354] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1790.038600][ T1354] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1790.038781][ T1354] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1790.126760][T19097] 8021q: adding VLAN 0 to HW filter on device team0
[ 1790.565369][T19407] 9pnet_virtio: no channels available for device syz
[ 1791.454561][ T5815] Bluetooth: hci3: command tx timeout
[ 1791.560853][ T1354] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1791.561062][ T1354] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1791.592156][ T1354] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1791.592397][ T1354] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1791.659155][T19390] chnl_net:caif_netlink_parms(): no params data found
[ 1791.884971][T19419] netlink: 36 bytes leftover after parsing attributes in process `syz.6.4442'.
[ 1792.219929][T19433] netlink: 666 bytes leftover after parsing attributes in process `syz.6.4444'.
[ 1792.223057][T19390] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1792.223265][T19390] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1792.223502][T19390] bridge_slave_0: entered allmulticast mode
[ 1792.266662][T19390] bridge_slave_0: entered promiscuous mode
[ 1792.281323][T19390] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1792.281447][T19390] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1792.281688][T19390] bridge_slave_1: entered allmulticast mode
[ 1792.307782][T19390] bridge_slave_1: entered promiscuous mode
[ 1792.666766][T19390] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1792.974788][T19390] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1793.072306][T19440] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1793.157687][ T5820] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1793.172971][ T5820] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1793.176386][ T5820] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1793.177611][ T5820] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1793.178935][ T5820] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1793.493223][T19446] 9pnet_virtio: no channels available for device syz
[ 1793.675080][ T5820] Bluetooth: hci3: command tx timeout
[ 1794.319720][T19203] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1794.593261][T19452] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1794.628073][T19390] team0: Port device team_slave_0 added
[ 1794.644339][T19390] team0: Port device team_slave_1 added
[ 1795.121699][T19390] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1795.121711][T19390] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1795.121726][T19390] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1795.171843][T19390] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1795.171855][T19390] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1795.171870][T19390] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1795.217378][ T5820] Bluetooth: hci4: command tx timeout
[ 1795.232644][T19203] 8021q: adding VLAN 0 to HW filter on device team0
[ 1795.557150][T11361] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1795.557912][T11361] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1795.691177][T19390] hsr_slave_0: entered promiscuous mode
[ 1795.691976][T19390] hsr_slave_1: entered promiscuous mode
[ 1795.692517][T19390] debugfs: 'hsr0' already exists in 'hsr'
[ 1795.692533][T19390] Cannot create hsr debugfs directory
[ 1795.694755][ T5820] Bluetooth: hci3: command tx timeout
[ 1795.758099][T11361] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1795.758266][T11361] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1795.763147][T19466] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1796.095532][T19470] 9pnet_virtio: no channels available for device syz
[ 1796.830420][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1796.830491][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1796.947439][T19097] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1797.294564][ T5820] Bluetooth: hci4: command tx timeout
[ 1797.775703][ T5820] Bluetooth: hci3: command tx timeout
[ 1798.484668][   T44] bridge_slave_1: left allmulticast mode
[ 1798.484697][   T44] bridge_slave_1: left promiscuous mode
[ 1798.484961][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1798.575434][   T44] bridge_slave_0: left allmulticast mode
[ 1798.575454][   T44] bridge_slave_0: left promiscuous mode
[ 1798.575631][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1799.285000][T19488] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1799.400552][ T5820] Bluetooth: hci4: command tx timeout
[ 1801.045884][T19496] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1801.141822][ T5815] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1801.148908][ T5815] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1801.150517][ T5815] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1801.168677][ T5815] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1801.175859][ T5815] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1801.176708][   T44] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1801.226744][   T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1801.264194][   T44] bond0 (unregistering): Released all slaves
[ 1801.474479][ T5815] Bluetooth: hci4: command tx timeout
[ 1801.881911][T19441] chnl_net:caif_netlink_parms(): no params data found
[ 1802.864606][   T44] hsr_slave_0: left promiscuous mode
[ 1802.925603][   T44] hsr_slave_1: left promiscuous mode
[ 1802.926231][   T44] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1802.948420][   T44] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1803.324558][ T5815] Bluetooth: hci5: command tx timeout
[ 1805.113490][T19513] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1805.374566][ T5815] Bluetooth: hci5: command tx timeout
[ 1805.525219][   T44] team0 (unregistering): Port device team_slave_1 removed
[ 1805.696060][   T44] team0 (unregistering): Port device team_slave_0 removed
[ 1806.084108][T19516] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4465'.
[ 1807.456789][ T5815] Bluetooth: hci5: command tx timeout
[ 1809.534785][ T5815] Bluetooth: hci5: command tx timeout
[ 1814.947657][T19441] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1814.948318][T19441] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1814.948487][T19441] bridge_slave_0: entered allmulticast mode
[ 1814.949868][T19441] bridge_slave_0: entered promiscuous mode
[ 1814.970808][T19441] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1814.970943][T19441] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1814.971150][T19441] bridge_slave_1: entered allmulticast mode
[ 1814.973593][T19441] bridge_slave_1: entered promiscuous mode
[ 1815.240103][T19539] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1815.348403][ T5820] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1815.351938][ T5820] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1815.353365][ T5820] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1815.361186][ T5820] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1815.362630][ T5820] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1815.721417][T19441] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1815.797512][T19441] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1816.022918][T19441] team0: Port device team_slave_0 added
[ 1816.044265][T19441] team0: Port device team_slave_1 added
[ 1816.235125][T19546] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4472'.
[ 1816.348873][T19441] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1816.348890][T19441] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1816.348957][T19441] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1816.440239][T19441] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1816.440251][T19441] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1816.440265][T19441] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1816.995884][T19499] chnl_net:caif_netlink_parms(): no params data found
[ 1817.358163][T19441] hsr_slave_0: entered promiscuous mode
[ 1817.358973][T19441] hsr_slave_1: entered promiscuous mode
[ 1817.359526][T19441] debugfs: 'hsr0' already exists in 'hsr'
[ 1817.359541][T19441] Cannot create hsr debugfs directory
[ 1817.484564][ T5820] Bluetooth: hci0: command tx timeout
[ 1817.545750][T19390] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1817.684497][T19390] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1817.824562][T19558] kvm: user requested TSC rate below hardware speed
[ 1817.846334][T19390] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1818.100906][T19390] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1819.534528][ T5820] Bluetooth: hci0: command tx timeout
[ 1821.362635][T19575] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1821.605785][T19499] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1821.605903][T19499] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1821.606106][T19499] bridge_slave_0: entered allmulticast mode
[ 1821.608589][T19499] bridge_slave_0: entered promiscuous mode
[ 1821.624690][ T5820] Bluetooth: hci0: command tx timeout
[ 1821.625468][T19499] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1821.625695][T19499] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1821.625897][T19499] bridge_slave_1: entered allmulticast mode
[ 1821.628357][T19499] bridge_slave_1: entered promiscuous mode
[ 1821.932704][T19499] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1821.966524][T19499] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1821.978946][T19542] chnl_net:caif_netlink_parms(): no params data found
[ 1822.191111][T19499] team0: Port device team_slave_0 added
[ 1823.305387][T19499] team0: Port device team_slave_1 added
[ 1823.328982][T19586] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4480'.
[ 1823.704721][ T5820] Bluetooth: hci0: command tx timeout
[ 1823.861971][T19499] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1823.861982][T19499] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1823.861996][T19499] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1823.923945][T19499] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1823.923957][T19499] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1823.923971][T19499] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1824.500780][T19542] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1824.500913][T19542] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1824.501110][T19542] bridge_slave_0: entered allmulticast mode
[ 1824.502588][T19542] bridge_slave_0: entered promiscuous mode
[ 1824.935572][T19542] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1824.935692][T19542] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1824.935884][T19542] bridge_slave_1: entered allmulticast mode
[ 1824.937474][T19542] bridge_slave_1: entered promiscuous mode
[ 1825.268909][T19499] hsr_slave_0: entered promiscuous mode
[ 1825.269803][T19499] hsr_slave_1: entered promiscuous mode
[ 1825.270411][T19499] debugfs: 'hsr0' already exists in 'hsr'
[ 1825.270427][T19499] Cannot create hsr debugfs directory
[ 1825.364756][T19542] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1825.661054][T19542] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1826.286194][T19605] netlink: 'syz.6.4484': attribute type 10 has an invalid length.
[ 1827.091643][T19605] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[ 1827.091809][T19605] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[ 1827.091821][T19605] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[ 1827.207206][T19607] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1827.313676][T19542] team0: Port device team_slave_0 added
[ 1827.350550][T19542] team0: Port device team_slave_1 added
[ 1827.547221][T19542] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1827.547239][T19542] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1827.547266][T19542] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1827.613153][T19542] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1827.613165][T19542] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1827.613180][T19542] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1827.906752][T19441] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1828.006555][T19441] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1828.090245][T19542] hsr_slave_0: entered promiscuous mode
[ 1828.091247][T19542] hsr_slave_1: entered promiscuous mode
[ 1828.091903][T19542] debugfs: 'hsr0' already exists in 'hsr'
[ 1828.091925][T19542] Cannot create hsr debugfs directory
[ 1828.095299][T19441] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1828.145252][T19441] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1828.427772][T19390] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1828.528722][   T44] bridge_slave_1: left allmulticast mode
[ 1828.528750][   T44] bridge_slave_1: left promiscuous mode
[ 1828.529002][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1828.606537][   T44] bridge_slave_0: left allmulticast mode
[ 1828.606568][   T44] bridge_slave_0: left promiscuous mode
[ 1828.606926][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1828.680217][   T44] bridge_slave_1: left allmulticast mode
[ 1828.680248][   T44] bridge_slave_1: left promiscuous mode
[ 1828.680486][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1828.765429][   T44] bridge_slave_0: left allmulticast mode
[ 1828.765448][   T44] bridge_slave_0: left promiscuous mode
[ 1828.765613][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1828.839998][   T44] bridge_slave_1: left allmulticast mode
[ 1828.840030][   T44] bridge_slave_1: left promiscuous mode
[ 1828.840276][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1828.915480][   T44] bridge_slave_0: left allmulticast mode
[ 1828.915501][   T44] bridge_slave_0: left promiscuous mode
[ 1828.915690][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1830.803197][T19619] loop9: detected capacity change from 0 to 7
[ 1830.854211][T19619] Dev loop9: unable to read RDB block 7
[ 1830.854256][T19619]  loop9: unable to read partition table
[ 1830.854649][T19619] loop9: partition table beyond EOD, truncated
[ 1830.854669][T19619] loop_reread_partitions: partition scan of loop9 (þ被xüÿÿÿÿÿÿÿ ) failed (rc=-5)
[ 1832.579380][   T44] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1832.665284][   T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1832.706851][   T44] bond0 (unregistering): Released all slaves
[ 1833.938389][T19636] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1834.875575][   T44] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1834.882605][   T37] audit: type=1326 audit(1834.717:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19641 comm="syz.6.4494" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe37819f749 code=0x0
[ 1834.955151][   T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1834.997337][   T44] bond0 (unregistering): Released all slaves
[ 1836.956238][   T44] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1837.015406][   T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1837.037130][   T44] bond0 (unregistering): Released all slaves
[ 1837.717182][T19390] 8021q: adding VLAN 0 to HW filter on device team0
[ 1837.860520][   T71] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1837.860656][   T71] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1838.024745][   T44] hsr_slave_0: left promiscuous mode
[ 1838.066525][   T44] hsr_slave_1: left promiscuous mode
[ 1838.067316][   T44] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1838.118727][   T44] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1838.254673][   T44] hsr_slave_0: left promiscuous mode
[ 1838.275645][   T44] hsr_slave_1: left promiscuous mode
[ 1838.276303][   T44] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1838.277046][T19649] ptrace attach of ""[19650] was attempted by "./syz-executor exec"[19649]
[ 1838.336320][   T44] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1838.363164][T19649] hub 8-0:1.0: USB hub found
[ 1838.369334][T19649] hub 8-0:1.0: 1 port detected
[ 1838.504812][   T44] hsr_slave_0: left promiscuous mode
[ 1838.525241][   T44] hsr_slave_1: left promiscuous mode
[ 1838.535333][   T44] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1838.575026][   T44] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1839.935090][   T44] team0 (unregistering): Port device team_slave_1 removed
[ 1840.336692][   T44] team0 (unregistering): Port device team_slave_0 removed
[ 1840.644552][T16847] usb 7-1: new high-speed USB device number 54 using dummy_hcd
[ 1840.844504][T16847] usb 7-1: Using ep0 maxpacket: 16
[ 1840.846119][T16847] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1840.846154][T16847] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[ 1840.846166][T16847] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1840.856895][T16847] usb 7-1: config 0 descriptor??
[ 1840.868901][T16847] input: bcm5974 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input46
[ 1841.253362][T19658] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1841.253996][T19658] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1841.376725][ T5158] bcm5974 7-1:0.0: could not read from device
[ 1841.452517][T16847] usb 7-1: USB disconnect, device number 54
[ 1841.857092][T19661] binder: 19659:19661 ioctl 84009422 0 returned -22
[ 1844.975348][   T44] team0 (unregistering): Port device team_slave_1 removed
[ 1845.267006][   T44] team0 (unregistering): Port device team_slave_0 removed
[ 1849.076168][   T44] team0 (unregistering): Port device team_slave_1 removed
[ 1849.385342][   T44] team0 (unregistering): Port device team_slave_0 removed
[ 1850.490260][ T5815] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1850.544159][ T5815] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1850.555671][ T5815] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1850.556933][ T5815] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1850.558258][ T5815] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1852.220572][ T1410] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1852.231707][ T1410] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1852.337047][T19668] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1852.683988][ T5820] Bluetooth: hci1: command tx timeout
[ 1852.752226][T19441] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1853.808707][T19665] chnl_net:caif_netlink_parms(): no params data found
[ 1854.124038][   T37] audit: type=1326 audit(1853.957:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19675 comm="syz.6.4501" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe37819f749 code=0x0
[ 1854.250074][ T5815] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1854.267733][ T5815] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1854.269237][ T5815] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1854.273911][ T5815] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1854.306669][ T5815] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1854.664800][T19665] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1854.665211][T19665] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1854.665458][T19665] bridge_slave_0: entered allmulticast mode
[ 1854.667898][T19665] bridge_slave_0: entered promiscuous mode
[ 1854.670842][T19665] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1854.670974][T19665] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1854.671148][T19665] bridge_slave_1: entered allmulticast mode
[ 1854.673347][T19665] bridge_slave_1: entered promiscuous mode
[ 1854.759971][ T5820] Bluetooth: hci1: command tx timeout
[ 1854.933241][T19665] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1854.954251][T19665] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1855.225822][T19665] team0: Port device team_slave_0 added
[ 1855.258790][T19665] team0: Port device team_slave_1 added
[ 1855.522947][T19665] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1855.522961][T19665] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1855.522975][T19665] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1855.589913][T19665] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1855.590006][T19665] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1855.590023][T19665] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1855.643986][T19499] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1855.906174][T19499] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1855.984715][T19499] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1856.127101][T19499] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1856.277840][T19665] hsr_slave_0: entered promiscuous mode
[ 1856.278640][T19665] hsr_slave_1: entered promiscuous mode
[ 1856.414705][ T5820] Bluetooth: hci3: command tx timeout
[ 1856.593737][T19542] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1856.623253][T19677] chnl_net:caif_netlink_parms(): no params data found
[ 1856.641424][T19542] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1856.692593][T19542] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1856.736838][T19542] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1856.814609][ T5820] Bluetooth: hci1: command tx timeout
[ 1857.883360][T16847] usb 7-1: new high-speed USB device number 55 using dummy_hcd
[ 1857.935552][T19677] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1857.935673][T19677] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1857.935930][T19677] bridge_slave_0: entered allmulticast mode
[ 1857.937545][T19677] bridge_slave_0: entered promiscuous mode
[ 1857.972936][T19677] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1857.973047][T19677] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1857.973238][T19677] bridge_slave_1: entered allmulticast mode
[ 1857.986549][T19677] bridge_slave_1: entered promiscuous mode
[ 1858.054534][T16847] usb 7-1: Using ep0 maxpacket: 16
[ 1858.056423][T16847] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1858.056474][T16847] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[ 1858.056486][T16847] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1858.059434][T16847] usb 7-1: config 0 descriptor??
[ 1858.063961][T16847] input: bcm5974 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input47
[ 1858.280540][T19710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1858.280973][T19710] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1858.283911][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1858.283956][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1858.495862][ T5820] Bluetooth: hci3: command tx timeout
[ 1858.905127][ T5820] Bluetooth: hci1: command tx timeout
[ 1859.033379][T19677] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1859.083291][T19677] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1859.901835][T19677] team0: Port device team_slave_0 added
[ 1859.923181][T19677] team0: Port device team_slave_1 added
[ 1860.342414][T19677] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1860.342427][T19677] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1860.342442][T19677] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1860.450968][T19677] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1860.450979][T19677] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1860.450994][T19677] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1860.574917][ T5820] Bluetooth: hci3: command tx timeout
[ 1860.747969][ T5158] bcm5974 7-1:0.0: could not read from device
[ 1860.811537][T19677] hsr_slave_0: entered promiscuous mode
[ 1860.812271][T19677] hsr_slave_1: entered promiscuous mode
[ 1860.825230][T16847] usb 7-1: USB disconnect, device number 55
[ 1860.830698][T19677] debugfs: 'hsr0' already exists in 'hsr'
[ 1860.830724][T19677] Cannot create hsr debugfs directory
[ 1861.107912][   T44] bridge_slave_1: left allmulticast mode
[ 1861.107941][   T44] bridge_slave_1: left promiscuous mode
[ 1861.108171][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1861.165439][   T44] bridge_slave_0: left allmulticast mode
[ 1861.165461][   T44] bridge_slave_0: left promiscuous mode
[ 1861.165633][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1861.262689][   T44] bridge_slave_1: left allmulticast mode
[ 1861.262710][   T44] bridge_slave_1: left promiscuous mode
[ 1861.262859][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1861.336105][   T44] bridge_slave_0: left allmulticast mode
[ 1861.336125][   T44] bridge_slave_0: left promiscuous mode
[ 1861.336305][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1861.969762][T19716] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1862.050791][ T5815] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1862.112362][ T5815] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1862.113793][ T5815] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1862.130508][ T5815] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1862.131176][ T5815] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1862.654495][ T5815] Bluetooth: hci3: command tx timeout
[ 1862.904925][   T37] audit: type=1326 audit(1862.737:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19721 comm="syz.6.4508" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe37819f749 code=0x0
[ 1863.575111][   T44] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1863.696684][   T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1863.778730][   T44] bond0 (unregistering): Released all slaves
[ 1864.254617][ T5815] Bluetooth: hci4: command tx timeout
[ 1865.705076][   T44] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1865.805832][   T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1865.866761][   T44] bond0 (unregistering): Released all slaves
[ 1866.218947][T19665] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1866.342336][ T5815] Bluetooth: hci4: command tx timeout
[ 1866.407799][T19665] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1866.566522][T19665] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1868.025365][T19665] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1868.082147][T19542] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1868.238162][T19740] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1868.252383][   T44] hsr_slave_0: left promiscuous mode
[ 1868.303856][   T44] hsr_slave_1: left promiscuous mode
[ 1868.310711][   T44] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1868.414496][ T5815] Bluetooth: hci4: command tx timeout
[ 1868.416434][   T44] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1868.594559][   T44] hsr_slave_0: left promiscuous mode
[ 1868.634966][   T44] hsr_slave_1: left promiscuous mode
[ 1868.635998][   T44] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1868.668462][   T44] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1869.267732][   T37] audit: type=1326 audit(1869.107:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19744 comm="syz.6.4515" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe37819f749 code=0x0
[ 1869.475281][   T44] team0 (unregistering): Port device team_slave_1 removed
[ 1869.655368][   T44] team0 (unregistering): Port device team_slave_0 removed
[ 1870.537261][ T5815] Bluetooth: hci4: command tx timeout
[ 1870.778732][T19759] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1871.805016][   T44] team0 (unregistering): Port device team_slave_1 removed
[ 1871.965014][   T44] team0 (unregistering): Port device team_slave_0 removed
[ 1874.550891][T19542] 8021q: adding VLAN 0 to HW filter on device team0
[ 1874.636589][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1874.636717][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1874.720017][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1874.720176][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1874.780197][T19775] block nbd6: NBD_DISCONNECT
[ 1874.848625][T19775] block nbd6: Disconnected due to user request.
[ 1874.876799][T19775] block nbd6: shutting down sockets
[ 1875.353771][T19718] chnl_net:caif_netlink_parms(): no params data found
[ 1876.223751][ T5820] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1876.244875][ T5820] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1876.246644][ T5820] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1876.259956][ T5820] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1876.261442][ T5820] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1876.326371][T19718] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1876.326500][T19718] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1876.326689][T19718] bridge_slave_0: entered allmulticast mode
[ 1876.328111][T19718] bridge_slave_0: entered promiscuous mode
[ 1876.365431][T19718] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1876.365553][T19718] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1876.365751][T19718] bridge_slave_1: entered allmulticast mode
[ 1876.368116][T19718] bridge_slave_1: entered promiscuous mode
[ 1876.451739][T19792] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1876.742362][T19718] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1876.853546][T19718] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1876.907568][T19665] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1877.043989][T19677] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1877.165610][T19677] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1877.236402][T19718] team0: Port device team_slave_0 added
[ 1877.236486][T19677] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1877.316857][T19718] team0: Port device team_slave_1 added
[ 1877.316946][T19677] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1877.567661][T19806] 9p: Unknown Cache mode or invalid value fscach
[ 1877.569955][T19806] 9pnet_virtio: no channels available for device syz
[ 1877.681538][T19718] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1877.681550][T19718] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1877.681565][T19718] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1877.718280][T19718] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1877.718297][T19718] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1877.718323][T19718] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1877.747117][T19665] 8021q: adding VLAN 0 to HW filter on device team0
[ 1877.897207][T18469] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1877.897426][T18469] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1878.205169][T19718] hsr_slave_0: entered promiscuous mode
[ 1878.210719][T19718] hsr_slave_1: entered promiscuous mode
[ 1878.216820][T19718] debugfs: 'hsr0' already exists in 'hsr'
[ 1878.216847][T19718] Cannot create hsr debugfs directory
[ 1878.228967][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1878.229135][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1878.335316][ T5820] Bluetooth: hci0: command tx timeout
[ 1879.624653][T19826] netlink: 36 bytes leftover after parsing attributes in process `syz.6.4536'.
[ 1880.937106][ T5820] Bluetooth: hci0: command tx timeout
[ 1881.219992][T19788] chnl_net:caif_netlink_parms(): no params data found
[ 1881.338916][T19852] netlink: 36 bytes leftover after parsing attributes in process `syz.6.4543'.
[ 1881.540219][   T37] audit: type=1326 audit(1881.377:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19858 comm="syz.6.4544" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe37819f749 code=0x0
[ 1882.170265][T19788] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1882.170459][T19788] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1882.170733][T19788] bridge_slave_0: entered allmulticast mode
[ 1882.172800][T19788] bridge_slave_0: entered promiscuous mode
[ 1882.198271][T19788] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1882.198392][T19788] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1882.198588][T19788] bridge_slave_1: entered allmulticast mode
[ 1882.200973][T19788] bridge_slave_1: entered promiscuous mode
[ 1882.713430][T19875] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1883.030430][ T5820] Bluetooth: hci0: command tx timeout
[ 1883.145975][T19788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1883.171097][T19788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1883.557342][T19883] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4549'.
[ 1883.635840][T19788] team0: Port device team_slave_0 added
[ 1883.662891][T19788] team0: Port device team_slave_1 added
[ 1883.987319][T19788] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1883.987331][T19788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1883.987346][T19788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1884.060527][T19788] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1884.060539][T19788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1884.060565][T19788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1884.065208][T19677] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1884.135594][T19665] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1884.297746][   T44] bridge_slave_1: left allmulticast mode
[ 1884.297774][   T44] bridge_slave_1: left promiscuous mode
[ 1884.298004][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1884.372706][   T44] bridge_slave_0: left allmulticast mode
[ 1884.372726][   T44] bridge_slave_0: left promiscuous mode
[ 1884.372878][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1884.418346][   T44] bridge_slave_1: left allmulticast mode
[ 1884.418366][   T44] bridge_slave_1: left promiscuous mode
[ 1884.418525][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1884.495519][   T44] bridge_slave_0: left allmulticast mode
[ 1884.495540][   T44] bridge_slave_0: left promiscuous mode
[ 1884.495691][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1884.939536][   T37] audit: type=1326 audit(1884.777:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19887 comm="syz.6.4551" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe37819f749 code=0x0
[ 1889.054849][T19898] netlink: 36 bytes leftover after parsing attributes in process `syz.6.4553'.
[ 1889.265221][   T44] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1889.451740][T19908] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1889.455183][   T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1889.877408][   T44] bond0 (unregistering): Released all slaves
[ 1890.240909][T19914] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4556'.
[ 1890.869732][   T44] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1890.965175][   T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1891.029182][   T44] bond0 (unregistering): Released all slaves
[ 1891.078394][T19677] 8021q: adding VLAN 0 to HW filter on device team0
[ 1891.083411][T19788] hsr_slave_0: entered promiscuous mode
[ 1891.084203][T19788] hsr_slave_1: entered promiscuous mode
[ 1891.103771][T19788] debugfs: 'hsr0' already exists in 'hsr'
[ 1891.103797][T19788] Cannot create hsr debugfs directory
[ 1891.631095][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1891.631188][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1891.733423][   T71] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1891.744097][   T71] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1891.852396][   T37] audit: type=1326 audit(1891.687:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19919 comm="syz.6.4558" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe37819f749 code=0x0
[ 1891.945366][   T44] hsr_slave_0: left promiscuous mode
[ 1891.964634][   T44] hsr_slave_1: left promiscuous mode
[ 1891.965274][   T44] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1892.005222][   T44] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1892.144739][   T44] hsr_slave_0: left promiscuous mode
[ 1892.164701][   T44] hsr_slave_1: left promiscuous mode
[ 1892.165393][   T44] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1892.206331][   T44] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1893.427903][   T44] team0 (unregistering): Port device team_slave_1 removed
[ 1893.807460][   T44] team0 (unregistering): Port device team_slave_0 removed
[ 1894.018608][T19931] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1895.966719][T19940] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4564'.
[ 1897.222880][   T37] audit: type=1326 audit(1897.057:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19943 comm="syz.6.4565" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe37819f749 code=0x0
[ 1899.117140][   T44] team0 (unregistering): Port device team_slave_1 removed
[ 1899.319333][   T44] team0 (unregistering): Port device team_slave_0 removed
[ 1899.583195][T19958] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5)
[ 1899.583212][T19958] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1899.600189][T19958] vhci_hcd vhci_hcd.0: Device attached
[ 1899.834523][T17379] usb 45-1: new low-speed USB device number 4 using vhci_hcd
[ 1900.085087][T19959] vhci_hcd: connection reset by peer
[ 1900.085519][ T3455] vhci_hcd vhci_hcd.6: stop threads
[ 1900.085542][ T3455] vhci_hcd vhci_hcd.6: release socket
[ 1900.085917][ T3455] vhci_hcd vhci_hcd.6: disconnect device
[ 1900.289998][T19718] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1900.330858][T19718] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1900.394121][T19718] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1900.468958][T19718] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1900.534216][T19665] veth0_vlan: entered promiscuous mode
[ 1900.778161][T19665] veth1_vlan: entered promiscuous mode
[ 1902.024730][T19665] veth0_macvtap: entered promiscuous mode
[ 1902.195428][T19665] veth1_macvtap: entered promiscuous mode
[ 1902.241201][T19665] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1902.270659][T19665] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1902.301455][ T1354] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1902.301505][ T1354] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1902.301540][ T1354] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1902.301572][ T1354] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1902.402481][T19977] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4571'.
[ 1902.696751][T19718] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1902.766929][T19677] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1903.026612][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1903.026633][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1903.031058][T19718] 8021q: adding VLAN 0 to HW filter on device team0
[ 1903.088196][ T1354] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1903.088323][ T1354] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1903.130969][ T1354] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1903.131096][ T1354] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1903.180873][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1903.180888][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1903.196908][T19788] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1903.270128][T19677] veth0_vlan: entered promiscuous mode
[ 1903.355350][T19788] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1903.401828][T19788] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1903.460964][T19677] veth1_vlan: entered promiscuous mode
[ 1903.479918][T19788] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1903.748122][   T37] audit: type=1326 audit(1903.587:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19989 comm="syz.3.4572" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7f5709f749 code=0x0
[ 1903.890637][T19677] veth0_macvtap: entered promiscuous mode
[ 1903.910798][T19677] veth1_macvtap: entered promiscuous mode
[ 1904.009945][T19677] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1904.040696][T19677] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1904.070165][   T44] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1904.083558][   T44] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1904.100238][   T44] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1904.116873][   T44] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1904.129057][T19788] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1904.466297][T19788] 8021q: adding VLAN 0 to HW filter on device team0
[ 1904.483592][ T9008] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1904.483605][ T9008] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1904.527408][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1904.527549][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1904.589491][ T9008] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1904.590363][ T9008] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1904.626083][T19718] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1904.643587][   T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1904.643607][   T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1904.968048][T17379] vhci_hcd vhci_hcd.6: vhci_device speed not set
[ 1906.182720][T19788] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1906.978630][T19718] veth0_vlan: entered promiscuous mode
[ 1907.016395][T19718] veth1_vlan: entered promiscuous mode
[ 1907.094193][T19718] veth0_macvtap: entered promiscuous mode
[ 1907.107446][T19718] veth1_macvtap: entered promiscuous mode
[ 1907.157606][T19718] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1907.194967][T19718] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1907.203342][   T44] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1907.203413][   T44] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1907.203466][   T44] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1907.203512][   T44] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1908.312985][ T1354] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1908.313006][ T1354] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1908.808796][   T37] audit: type=1326 audit(1908.647:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20039 comm="syz.3.4580" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7f5709f749 code=0x0
[ 1908.927837][T11361] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1908.927864][T11361] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1909.082005][T19788] veth0_vlan: entered promiscuous mode
[ 1909.108343][T19788] veth1_vlan: entered promiscuous mode
[ 1909.174043][T19788] veth0_macvtap: entered promiscuous mode
[ 1909.235731][T20047] binder: 20045:20047 ioctl 84009422 0 returned -22
[ 1910.051208][T19788] veth1_macvtap: entered promiscuous mode
[ 1910.353562][T19788] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1910.420918][T19788] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1910.443046][T20059] overlayfs: failed to resolve './file1': -2
[ 1910.480295][ T1274] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1910.532354][ T1274] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1910.579492][ T1274] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1910.579544][ T1274] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1913.221506][ T1201] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1913.221523][ T1201] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1913.317862][ T3455] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1913.317883][ T3455] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1913.412455][   T37] audit: type=1326 audit(1913.247:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20079 comm="syz.3.4591" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7f5709f749 code=0x0
[ 1913.627327][T20082] 9pnet_virtio: no channels available for device syz
[ 1914.245977][T20091] binder: 20089:20091 ioctl 84009422 0 returned -22
[ 1915.249043][T20097] overlayfs: failed to resolve './file1': -2
[ 1916.576004][ T5815] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1916.611782][ T5815] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1916.632817][ T5815] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1916.643046][ T5815] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1916.643575][ T5815] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1918.741693][ T5815] Bluetooth: hci5: command tx timeout
[ 1919.704063][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1919.704134][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1920.583244][   T37] audit: type=1326 audit(1920.417:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20136 comm="syz.1.4604" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f783307f749 code=0x0
[ 1920.711079][T20143] overlayfs: failed to resolve './file1': -2
[ 1920.814820][ T5815] Bluetooth: hci5: command tx timeout
[ 1921.810388][T20107] chnl_net:caif_netlink_parms(): no params data found
[ 1922.895489][ T5815] Bluetooth: hci5: command tx timeout
[ 1924.974891][ T5815] Bluetooth: hci5: command tx timeout
[ 1925.367571][   T37] audit: type=1326 audit(1925.207:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20179 comm="syz.1.4619" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f783307f749 code=0x0
[ 1926.392044][T20107] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1926.392464][T20107] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1926.392698][T20107] bridge_slave_0: entered allmulticast mode
[ 1926.412508][T20107] bridge_slave_0: entered promiscuous mode
[ 1926.559450][T20107] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1926.559540][T20107] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1926.559722][T20107] bridge_slave_1: entered allmulticast mode
[ 1926.567186][T20107] bridge_slave_1: entered promiscuous mode
[ 1928.104887][T20207] 9pnet_virtio: no channels available for device syz
[ 1933.643368][ T5820] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1933.673958][ T5820] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1933.692099][ T5820] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1933.709629][ T5820] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1933.712245][T20107] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1933.759824][ T5820] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1933.764225][T20107] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1934.220663][T10780] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1934.672207][T10780] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1934.745942][T20107] team0: Port device team_slave_0 added
[ 1934.785655][T20107] team0: Port device team_slave_1 added
[ 1935.077231][T10780] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1935.343549][T20107] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1935.343561][T20107] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1935.343576][T20107] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1935.345753][T20107] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1935.345768][T20107] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1935.345793][T20107] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1935.888151][ T5820] Bluetooth: hci0: command tx timeout
[ 1936.589447][T10780] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1937.122766][T20107] hsr_slave_0: entered promiscuous mode
[ 1937.125364][T20107] hsr_slave_1: entered promiscuous mode
[ 1937.130512][T20107] debugfs: 'hsr0' already exists in 'hsr'
[ 1937.130540][T20107] Cannot create hsr debugfs directory
[ 1937.149961][ T6354] libceph: connect (1)[c::]:6789 error -101
[ 1937.150157][ T6354] libceph: mon0 (1)[c::]:6789 connect error
[ 1937.404942][ T6354] libceph: connect (1)[c::]:6789 error -101
[ 1937.405142][ T6354] libceph: mon0 (1)[c::]:6789 connect error
[ 1937.662891][T20265] ceph: No mds server is up or the cluster is laggy
[ 1937.934590][ T5820] Bluetooth: hci0: command tx timeout
[ 1939.211390][T10780] bridge_slave_1: left allmulticast mode
[ 1939.211410][T10780] bridge_slave_1: left promiscuous mode
[ 1939.211557][T10780] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1939.265298][T10780] bridge_slave_0: left allmulticast mode
[ 1939.265317][T10780] bridge_slave_0: left promiscuous mode
[ 1939.265476][T10780] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1939.566735][T20282] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(14)
[ 1939.566765][T20282] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1939.569783][T20282] vhci_hcd vhci_hcd.0: Device attached
[ 1939.598708][T20282] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(16)
[ 1939.598734][T20282] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1939.598871][T20282] vhci_hcd vhci_hcd.0: Device attached
[ 1939.600070][T20282] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1939.602005][T20282] vhci_hcd vhci_hcd.0: pdev(5) rhport(3) sockfd(20)
[ 1939.602029][T20282] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1939.602239][T20282] vhci_hcd vhci_hcd.0: Device attached
[ 1939.604206][T20282] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(22)
[ 1939.604230][T20282] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1939.644872][T20282] vhci_hcd vhci_hcd.0: Device attached
[ 1939.687009][T20282] vhci_hcd vhci_hcd.0: pdev(5) rhport(4) sockfd(24)
[ 1939.687034][T20282] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1939.687120][T20282] vhci_hcd vhci_hcd.0: Device attached
[ 1939.705423][T20282] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1939.732235][T20291] vhci_hcd: connection closed
[ 1939.736262][ T8754] vhci_hcd vhci_hcd.5: stop threads
[ 1939.736288][ T8754] vhci_hcd vhci_hcd.5: release socket
[ 1939.736357][ T8754] vhci_hcd vhci_hcd.5: disconnect device
[ 1939.738308][T20289] vhci_hcd: connection closed
[ 1939.738548][T20287] vhci_hcd: connection closed
[ 1939.738840][ T8754] vhci_hcd vhci_hcd.5: stop threads
[ 1939.738858][ T8754] vhci_hcd vhci_hcd.5: release socket
[ 1939.738904][ T8754] vhci_hcd vhci_hcd.5: disconnect device
[ 1939.739383][ T8754] vhci_hcd vhci_hcd.5: stop threads
[ 1939.739398][ T8754] vhci_hcd vhci_hcd.5: release socket
[ 1939.739461][ T8754] vhci_hcd vhci_hcd.5: disconnect device
[ 1939.739591][T20285] vhci_hcd: connection closed
[ 1939.739640][T20283] vhci_hcd: connection closed
[ 1939.741667][ T8754] vhci_hcd vhci_hcd.5: stop threads
[ 1939.741696][ T8754] vhci_hcd vhci_hcd.5: release socket
[ 1939.741763][ T8754] vhci_hcd vhci_hcd.5: disconnect device
[ 1939.741923][ T8754] vhci_hcd vhci_hcd.5: stop threads
[ 1939.741937][ T8754] vhci_hcd vhci_hcd.5: release socket
[ 1939.741971][ T8754] vhci_hcd vhci_hcd.5: disconnect device
[ 1939.784613][T20130] vhci_hcd vhci_hcd.5: vhci_device speed not set
[ 1940.014554][ T5820] Bluetooth: hci0: command tx timeout
[ 1941.534001][T20094] libceph: connect (1)[c::]:6789 error -101
[ 1941.539725][T20094] libceph: mon0 (1)[c::]:6789 connect error
[ 1942.069015][T20306] ceph: No mds server is up or the cluster is laggy
[ 1942.094957][ T5820] Bluetooth: hci0: command tx timeout
[ 1942.358495][T20094] libceph: connect (1)[c::]:6789 error -101
[ 1942.358693][T20094] libceph: mon0 (1)[c::]:6789 connect error
[ 1945.905094][T20324] fuse: Bad value for 'fd'
[ 1946.308250][T20326] 9p: Bad value for 'rfdno'
[ 1946.341306][T20328] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 1946.727394][T10780] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1947.037753][T10780] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1947.198011][T10780] bond0 (unregistering): Released all slaves
[ 1947.769133][T20336] 9p: Unknown Cache mode or invalid value fscach
[ 1947.771532][T20336] 9pnet_virtio: no channels available for device syz
[ 1948.321762][T20107] netdevsim netdevsim6 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1948.321785][T20107] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1949.876233][T20107] netdevsim netdevsim6 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1949.876258][T20107] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1949.888185][T20355] 9p: Bad value for 'rfdno'
[ 1949.925224][T20241] chnl_net:caif_netlink_parms(): no params data found
[ 1952.632943][T20372] 9p: Unknown Cache mode or invalid value fscach
[ 1952.649405][T20372] 9pnet_virtio: no channels available for device syz
[ 1952.905046][T20107] netdevsim netdevsim6 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1952.905082][T20107] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1953.899898][T20389] 9p: Bad value for 'rfdno'
[ 1954.321134][T20107] netdevsim netdevsim6 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1954.321172][T20107] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1956.218176][T20401] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4679'.
[ 1956.304794][T10780] hsr_slave_0: left promiscuous mode
[ 1956.335363][T10780] hsr_slave_1: left promiscuous mode
[ 1956.336351][T10780] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1956.336375][T10780] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1956.395562][T10780] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1956.395591][T10780] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1956.598641][T10780] veth1_macvtap: left promiscuous mode
[ 1956.598707][T10780] veth0_macvtap: left promiscuous mode
[ 1956.598851][T10780] veth1_vlan: left promiscuous mode
[ 1956.598948][T10780] veth0_vlan: left promiscuous mode
[ 1962.120206][T20425] 9p: Bad value for 'rfdno'
[ 1963.698117][T20437] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4689'.
[ 1966.036920][T20457] 9p: Bad value for 'rfdno'
[ 1966.244807][T20053] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[ 1966.973642][T20053] usb 4-1: Using ep0 maxpacket: 32
[ 1966.977356][T20053] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1966.977382][T20053] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1966.980209][T20053] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1966.980236][T20053] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1966.980256][T20053] usb 4-1: Product: syz
[ 1966.980270][T20053] usb 4-1: Manufacturer: syz
[ 1966.980284][T20053] usb 4-1: SerialNumber: syz
[ 1967.087636][T20053] usb 4-1: config 0 descriptor??
[ 1969.678219][T16458] usb 4-1: USB disconnect, device number 49
[ 1969.936862][T20467] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4699'.
[ 1970.605805][T10780] team0 (unregistering): Port device team_slave_1 removed
[ 1972.371314][T10780] team0 (unregistering): Port device team_slave_0 removed
[ 1972.975782][ T5815] Bluetooth: hci1: command 0x0406 tx timeout
[ 1974.031081][T20488] 9p: Bad value for 'rfdno'
[ 1975.389368][T20496] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4708'.
[ 1975.921524][ T5815] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1975.949582][ T5815] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1975.951223][ T5815] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1975.954942][ T5815] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1975.957699][ T5815] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1978.812655][T14530] Bluetooth: hci3: command 0x0406 tx timeout
[ 1978.815183][T14530] Bluetooth: hci2: command tx timeout
[ 1979.125067][T20521] 9pnet_fd: Insufficient options for proto=fd
[ 1979.232409][T20523] l2tp_ppp: sess 2/0: no socket in recv
[ 1979.358755][T20525] fuse: Unknown parameter '0x0000000000000003'
[ 1980.934502][ T5815] Bluetooth: hci2: command tx timeout
[ 1981.138661][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1981.138706][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1982.538586][T20538] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4720'.
[ 1982.538698][T20538] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1982.538712][T20538] IPv6: NLM_F_CREATE should be set when creating new route
[ 1985.422843][ T5815] Bluetooth: hci2: command tx timeout
[ 1986.116346][T20552] 9pnet_fd: Insufficient options for proto=fd
[ 1986.468290][T20556] fuse: Unknown parameter '0x0000000000000003'
[ 1987.754530][ T5820] Bluetooth: hci2: command tx timeout
[ 1988.334488][ T5815] Bluetooth: hci4: command 0x0406 tx timeout
[ 1988.435246][T20241] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1988.435370][T20241] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1988.435567][T20241] bridge_slave_0: entered allmulticast mode
[ 1988.436998][T20241] bridge_slave_0: entered promiscuous mode
[ 1988.475494][T20241] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1988.475613][T20241] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1988.475862][T20241] bridge_slave_1: entered allmulticast mode
[ 1988.482213][T20241] bridge_slave_1: entered promiscuous mode
[ 1990.824760][T20241] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1990.835220][T20241] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1992.557769][T20587] 9pnet_fd: Insufficient options for proto=fd
[ 1992.777658][T20589] fuse: Unknown parameter '0x0000000000000003'
[ 1993.561357][ T5815] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1993.586845][ T5815] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1993.594888][ T5815] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1993.596730][ T5815] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1993.597547][ T5815] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1995.511630][T20504] chnl_net:caif_netlink_parms(): no params data found
[ 1995.694640][T14530] Bluetooth: hci6: command tx timeout
[ 1996.180682][T20618] block nbd3: NBD_DISCONNECT
[ 1997.006173][T20629] 9pnet_fd: Insufficient options for proto=fd
[ 1997.774716][T14530] Bluetooth: hci6: command tx timeout
[ 1999.007742][T20643] 9pnet_virtio: no channels available for device syz
[ 1999.814247][T10780] bridge_slave_1: left allmulticast mode
[ 1999.814277][T10780] bridge_slave_1: left promiscuous mode
[ 1999.829759][T10780] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1999.854544][T14530] Bluetooth: hci6: command tx timeout
[ 1999.920311][T10780] bridge_slave_0: left allmulticast mode
[ 1999.920340][T10780] bridge_slave_0: left promiscuous mode
[ 1999.920804][T10780] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1999.998834][T10780] bridge_slave_1: left allmulticast mode
[ 1999.998865][T10780] bridge_slave_1: left promiscuous mode
[ 1999.999124][T10780] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2000.095980][T10780] bridge_slave_0: left allmulticast mode
[ 2000.096009][T10780] bridge_slave_0: left promiscuous mode
[ 2000.096264][T10780] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2000.175132][T10780] bridge_slave_1: left allmulticast mode
[ 2000.175167][T10780] bridge_slave_1: left promiscuous mode
[ 2000.175987][T10780] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2000.224699][T18208] Bluetooth: Error in BCSP hdr checksum
[ 2000.485450][ T1179] Bluetooth: Error in BCSP hdr checksum
[ 2001.685481][T10780] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2001.765733][T10780] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2001.850899][T10780] bond0 (unregistering): Released all slaves
[ 2001.934461][ T5815] Bluetooth: hci6: command tx timeout
[ 2002.014515][T14530] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 2002.404111][T10780] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2002.653716][T10780] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2002.762542][T10780] bond0 (unregistering): Released all slaves
[ 2003.131603][T20670] 9pnet_virtio: no channels available for device syz
[ 2007.851389][T10780] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2008.147278][T10780] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2008.339127][T10780] bond0 (unregistering): Released all slaves
[ 2009.869028][T20702] 9pnet_virtio: no channels available for device syz
[ 2013.198399][T20726] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2013.475287][T10780] bond1 (unregistering): Released all slaves
[ 2013.823328][T20731] 9pnet_virtio: no channels available for device syz
[ 2013.898905][T20504] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2013.899063][T20504] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2013.899276][T20504] bridge_slave_0: entered allmulticast mode
[ 2013.901908][T20504] bridge_slave_0: entered promiscuous mode
[ 2013.906769][T20504] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2013.906968][T20504] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2013.907167][T20504] bridge_slave_1: entered allmulticast mode
[ 2013.952572][T20504] bridge_slave_1: entered promiscuous mode
[ 2014.074104][T20733] tmpfs: Bad value for 'mpol'
[ 2014.619156][T20504] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2014.640508][T20504] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2017.075924][T20504] team0: Port device team_slave_0 added
[ 2017.666908][T20504] team0: Port device team_slave_1 added
[ 2018.219015][T20504] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2018.219030][T20504] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2018.219051][T20504] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2018.344564][T10780] hsr_slave_0: left promiscuous mode
[ 2018.364504][T10780] hsr_slave_1: left promiscuous mode
[ 2018.365666][T10780] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2018.387897][T10780] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2018.534814][T10780] hsr_slave_0: left promiscuous mode
[ 2018.574534][T10780] hsr_slave_1: left promiscuous mode
[ 2018.575599][T10780] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2018.575626][T10780] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2018.598558][T10780] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2018.598586][T10780] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2018.750656][T10780] veth1_macvtap: left promiscuous mode
[ 2018.750721][T10780] veth0_macvtap: left promiscuous mode
[ 2018.750858][T10780] veth1_vlan: left promiscuous mode
[ 2018.750956][T10780] veth0_vlan: left promiscuous mode
[ 2018.791866][T20760] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2019.451447][T20773] 9pnet_virtio: no channels available for device syz
[ 2023.734688][T20798] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2024.202443][T20803] evm: overlay not supported
[ 2025.195487][T20805] 9pnet_virtio: no channels available for device syz
[ 2026.815255][T10780] team0 (unregistering): Port device team_slave_1 removed
[ 2027.005218][T10780] team0 (unregistering): Port device team_slave_0 removed
[ 2028.623988][T20829] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2031.507581][T20841] fuse: Bad value for 'fd'
[ 2031.989531][T20843] 9pnet_virtio: no channels available for device syz
[ 2034.255330][T10780] team0 (unregistering): Port device team_slave_1 removed
[ 2034.535317][T10780] team0 (unregistering): Port device team_slave_0 removed
[ 2036.120286][T20866] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2036.356574][ T5815] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2036.362818][ T5815] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2036.396877][ T5815] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2036.398686][ T5815] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2036.399835][ T5815] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2038.524011][ T5815] Bluetooth: hci0: command tx timeout
[ 2038.870943][T20878] 9pnet_virtio: no channels available for device syz
[ 2040.574433][ T5815] Bluetooth: hci0: command tx timeout
[ 2040.882760][T14530] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2040.913031][T14530] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2040.922206][T14530] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2040.937207][T14530] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2040.939395][T14530] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2042.067334][T20504] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2042.067349][T20504] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2042.067370][T20504] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2042.590497][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2042.590557][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2042.664675][ T5815] Bluetooth: hci0: command tx timeout
[ 2043.064540][ T5815] Bluetooth: hci5: command tx timeout
[ 2043.070192][T20595] chnl_net:caif_netlink_parms(): no params data found
[ 2043.219046][T20910] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2043.844914][T20914] 9pnet_virtio: no channels available for device syz
[ 2044.744508][ T5815] Bluetooth: hci0: command tx timeout
[ 2045.164705][ T5815] Bluetooth: hci5: command tx timeout
[ 2047.221496][ T5815] Bluetooth: hci5: command tx timeout
[ 2047.686746][T20595] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2047.687241][T20595] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2047.688041][T20595] bridge_slave_0: entered allmulticast mode
[ 2047.991704][T20595] bridge_slave_0: entered promiscuous mode
[ 2048.125458][T20595] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2048.125529][T20595] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2048.125686][T20595] bridge_slave_1: entered allmulticast mode
[ 2048.127076][T20595] bridge_slave_1: entered promiscuous mode
[ 2048.147258][T20870] chnl_net:caif_netlink_parms(): no params data found
[ 2049.889099][ T5815] Bluetooth: hci5: command tx timeout
[ 2050.213411][T20944] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2050.226577][T20595] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2050.349206][T20595] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2051.428879][T20595] team0: Port device team_slave_0 added
[ 2051.429279][T20896] chnl_net:caif_netlink_parms(): no params data found
[ 2051.651799][T20595] team0: Port device team_slave_1 added
[ 2052.228503][T20870] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2052.228698][T20870] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2052.228897][T20870] bridge_slave_0: entered allmulticast mode
[ 2052.231526][T20870] bridge_slave_0: entered promiscuous mode
[ 2055.825546][T14530] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2055.931976][T14530] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2055.951090][T14530] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2055.956746][T14530] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2055.957622][T14530] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2056.031506][T20986] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2056.043447][T20870] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2056.043518][T20870] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2056.043721][T20870] bridge_slave_1: entered allmulticast mode
[ 2056.073123][T20870] bridge_slave_1: entered promiscuous mode
[ 2056.083179][T20595] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2056.083196][T20595] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2056.083221][T20595] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2056.970341][T20870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2058.046232][T14530] Bluetooth: hci2: command tx timeout
[ 2058.119467][T20870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2059.440995][T21027] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2059.588501][T20896] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2059.588748][T20896] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2059.588977][T20896] bridge_slave_0: entered allmulticast mode
[ 2059.614786][T20896] bridge_slave_0: entered promiscuous mode
[ 2059.631752][T20870] team0: Port device team_slave_0 added
[ 2059.996140][T20896] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2059.996297][T20896] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2059.996566][T20896] bridge_slave_1: entered allmulticast mode
[ 2059.999201][T20896] bridge_slave_1: entered promiscuous mode
[ 2060.094459][T14530] Bluetooth: hci2: command tx timeout
[ 2060.127803][T20870] team0: Port device team_slave_1 added
[ 2060.455741][T20983] chnl_net:caif_netlink_parms(): no params data found
[ 2062.184475][T14530] Bluetooth: hci2: command tx timeout
[ 2062.518019][T20896] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2062.522241][T20870] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2062.522259][T20870] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2062.522286][T20870] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2062.561520][T20896] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2062.998961][T20870] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2062.998978][T20870] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2062.999003][T20870] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2063.202327][T21062] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2063.589417][T10780] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2063.685996][T20896] team0: Port device team_slave_0 added
[ 2063.706930][T20896] team0: Port device team_slave_1 added
[ 2064.264612][T14530] Bluetooth: hci2: command tx timeout
[ 2065.606596][T10780] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2065.676452][T20870] hsr_slave_0: entered promiscuous mode
[ 2065.677831][T20870] hsr_slave_1: entered promiscuous mode
[ 2065.678778][T20870] debugfs: 'hsr0' already exists in 'hsr'
[ 2065.678802][T20870] Cannot create hsr debugfs directory
[ 2065.679171][T20983] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2065.679348][T20983] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2065.679527][T20983] bridge_slave_0: entered allmulticast mode
[ 2065.681197][T20983] bridge_slave_0: entered promiscuous mode
[ 2065.683389][T20896] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2065.683403][T20896] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2065.683428][T20896] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2065.684316][T20983] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2065.684999][T20983] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2065.685190][T20983] bridge_slave_1: entered allmulticast mode
[ 2065.688245][T20983] bridge_slave_1: entered promiscuous mode
[ 2065.963937][T10780] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2066.069184][T20896] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2066.069196][T20896] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2066.069212][T20896] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2066.336676][T10780] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2066.480788][T20983] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2066.482051][T21093] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2066.511856][T20983] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2067.117906][T20983] team0: Port device team_slave_0 added
[ 2067.141686][T20896] hsr_slave_0: entered promiscuous mode
[ 2067.142587][T20896] hsr_slave_1: entered promiscuous mode
[ 2067.143298][T20896] debugfs: 'hsr0' already exists in 'hsr'
[ 2067.143320][T20896] Cannot create hsr debugfs directory
[ 2067.161063][T20983] team0: Port device team_slave_1 added
[ 2067.434267][T20983] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2067.434279][T20983] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2067.434294][T20983] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2067.606307][T20983] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2067.606320][T20983] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2067.606335][T20983] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2068.674849][T10780] bridge_slave_1: left allmulticast mode
[ 2068.674880][T10780] bridge_slave_1: left promiscuous mode
[ 2068.675899][T10780] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2068.725857][T10780] bridge_slave_0: left allmulticast mode
[ 2068.725884][T10780] bridge_slave_0: left promiscuous mode
[ 2068.727231][T10780] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2068.820893][T10780] bridge_slave_1: left allmulticast mode
[ 2068.820915][T10780] bridge_slave_1: left promiscuous mode
[ 2068.821065][T10780] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2068.895828][T10780] bridge_slave_0: left allmulticast mode
[ 2068.895850][T10780] bridge_slave_0: left promiscuous mode
[ 2068.896010][T10780] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2068.957238][T10780] bridge_slave_1: left allmulticast mode
[ 2068.957259][T10780] bridge_slave_1: left promiscuous mode
[ 2068.957414][T10780] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2069.025572][T10780] bridge_slave_0: left allmulticast mode
[ 2069.025597][T10780] bridge_slave_0: left promiscuous mode
[ 2069.025763][T10780] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2069.245237][T21120] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2069.485340][T10780] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2069.605632][T10780] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2069.697133][T10780] bond0 (unregistering): Released all slaves
[ 2069.915425][T10780] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2070.015526][T10780] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2070.077360][T10780] bond0 (unregistering): Released all slaves
[ 2070.199805][T20094] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[ 2070.364668][T20094] usb 6-1: Using ep0 maxpacket: 16
[ 2070.366498][T20094] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2070.366555][T20094] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[ 2070.366570][T20094] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2070.369421][T20094] usb 6-1: config 0 descriptor??
[ 2070.372991][T20094] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[ 2070.644705][T21134] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2070.645103][T21134] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2071.016292][T19997] usb 6-1: USB disconnect, device number 21
[ 2073.498210][T21156] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 2073.498248][T21156] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 2074.026661][T10780] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2074.105860][T10780] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2074.131777][T10780] bond0 (unregistering): Released all slaves
[ 2074.181046][T20983] hsr_slave_0: entered promiscuous mode
[ 2074.181820][T20983] hsr_slave_1: entered promiscuous mode
[ 2074.182326][T20983] debugfs: 'hsr0' already exists in 'hsr'
[ 2074.182341][T20983] Cannot create hsr debugfs directory
[ 2074.918985][T21168] tmpfs: Unsupported parameter 'huge'
[ 2078.378260][T21194] binder: 21192:21194 ioctl 84009422 0 returned -22
[ 2079.326014][T20870] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 2079.363156][T20870] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 2079.491854][T21203] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 2079.491887][T21203] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 2079.527121][T20870] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 2079.576234][T20870] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 2080.497003][T10780] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2080.585319][T10780] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2080.625294][T10780] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2080.786159][T10780] hsr_slave_0: left promiscuous mode
[ 2080.824705][T10780] hsr_slave_1: left promiscuous mode
[ 2080.825369][T10780] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2080.825395][T10780] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2080.875263][T10780] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2080.875293][T10780] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2080.999082][T10780] veth1_macvtap: left promiscuous mode
[ 2080.999145][T10780] veth0_macvtap: left promiscuous mode
[ 2080.999287][T10780] veth1_vlan: left promiscuous mode
[ 2080.999412][T10780] veth0_vlan: left promiscuous mode
[ 2081.455681][T10780] team0 (unregistering): Port device team_slave_1 removed
[ 2081.645067][T10780] team0 (unregistering): Port device team_slave_0 removed
[ 2082.185079][T10780] team0 (unregistering): Port device team_slave_1 removed
[ 2082.355324][T10780] team0 (unregistering): Port device team_slave_0 removed
[ 2085.655294][T10780] team0 (unregistering): Port device team_slave_1 removed
[ 2086.015189][T10780] team0 (unregistering): Port device team_slave_0 removed
[ 2091.504619][T21239] ==================================================================
[ 2091.504632][T21239] BUG: KASAN: slab-use-after-free in rt_spin_lock+0x88/0x3e0
[ 2091.504654][T21239] Read of size 1 at addr ffff88803925b200 by task syz.5.4913/21239
[ 2091.504664][T21239] 
[ 2091.504673][T21239] CPU: 0 UID: 0 PID: 21239 Comm: syz.5.4913 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2091.504685][T21239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 2091.504694][T21239] Call Trace:
[ 2091.504699][T21239]  <TASK>
[ 2091.504704][T21239]  dump_stack_lvl+0xe8/0x150
[ 2091.504721][T21239]  print_report+0xca/0x240
[ 2091.504734][T21239]  ? rt_spin_lock+0x88/0x3e0
[ 2091.504747][T21239]  kasan_report+0x118/0x150
[ 2091.504758][T21239]  ? rt_spin_lock+0x88/0x3e0
[ 2091.504772][T21239]  ? __wake_up_common_lock+0x2f/0x1e0
[ 2091.504785][T21239]  __kasan_check_byte+0x2a/0x40
[ 2091.504801][T21239]  lock_acquire+0x84/0x340
[ 2091.504816][T21239]  ? rt_mutex_slowunlock+0x668/0x8a0
[ 2091.504829][T21239]  ? reacquire_held_locks+0x104/0x190
[ 2091.504846][T21239]  rt_spin_lock+0x88/0x3e0
[ 2091.504858][T21239]  ? __wake_up_common_lock+0x2f/0x1e0
[ 2091.504871][T21239]  ? __pfx_rt_spin_lock+0x10/0x10
[ 2091.504884][T21239]  ? rt_spin_unlock+0x161/0x200
[ 2091.504897][T21239]  ? __wake_up_common_lock+0x18a/0x1e0
[ 2091.504910][T21239]  __wake_up_common_lock+0x2f/0x1e0
[ 2091.504923][T21239]  ? snd_pcm_post_stop+0x14a/0x1e0
[ 2091.504934][T21239]  ? __pfx_snd_pcm_post_stop+0x10/0x10
[ 2091.504943][T21239]  snd_pcm_action+0x1f4/0x240
[ 2091.504958][T21239]  loopback_trigger+0xb82/0x1b60
[ 2091.504969][T21239]  ? rcu_is_watching+0x15/0xb0
[ 2091.504981][T21239]  snd_pcm_do_start+0xb7/0x180
[ 2091.504998][T21239]  snd_pcm_action+0xe7/0x240
[ 2091.505011][T21239]  __snd_pcm_lib_xfer+0x1762/0x1d00
[ 2091.505024][T21239]  ? __pfx_interleaved_copy+0x10/0x10
[ 2091.505035][T21239]  ? __pfx_default_write_copy+0x10/0x10
[ 2091.505047][T21239]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2091.505058][T21239]  ? __pfx___snd_pcm_lib_xfer+0x10/0x10
[ 2091.505068][T21239]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 2091.505081][T21239]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 2091.505098][T21239]  ? snd_pcm_oss_write3+0x1a2/0x350
[ 2091.505115][T21239]  snd_pcm_oss_write3+0x1bc/0x350
[ 2091.505131][T21239]  snd_pcm_plug_write_transfer+0x2cb/0x4c0
[ 2091.505145][T21239]  ? __pfx_snd_pcm_plug_write_transfer+0x10/0x10
[ 2091.505157][T21239]  ? snd_pcm_plug_client_channels_buf+0x490/0x640
[ 2091.505171][T21239]  snd_pcm_oss_write+0xa31/0xf20
[ 2091.505190][T21239]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[ 2091.505205][T21239]  ? __pfx_futex_wait+0x10/0x10
[ 2091.505217][T21239]  ? rw_verify_area+0x25b/0x4e0
[ 2091.505230][T21239]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[ 2091.505246][T21239]  vfs_write+0x287/0xb40
[ 2091.505261][T21239]  ? __pfx_vfs_write+0x10/0x10
[ 2091.505275][T21239]  ? __fget_files+0x2a/0x420
[ 2091.505286][T21239]  ? __fget_files+0x2a/0x420
[ 2091.505297][T21239]  ? __fget_files+0x3a6/0x420
[ 2091.505307][T21239]  ? __fget_files+0x2a/0x420
[ 2091.505318][T21239]  ksys_write+0x14b/0x260
[ 2091.505333][T21239]  ? __pfx_ksys_write+0x10/0x10
[ 2091.505356][T21239]  do_syscall_64+0xec/0xf80
[ 2091.505366][T21239]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2091.505377][T21239]  ? trace_irq_disable+0x37/0x100
[ 2091.505389][T21239]  ? clear_bhb_loop+0x60/0xb0
[ 2091.505401][T21239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2091.505412][T21239] RIP: 0033:0x7ffb8d0df749
[ 2091.505423][T21239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2091.505433][T21239] RSP: 002b:00007ffb8b31d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2091.505445][T21239] RAX: ffffffffffffffda RBX: 00007ffb8d336090 RCX: 00007ffb8d0df749
[ 2091.505453][T21239] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000008
[ 2091.505460][T21239] RBP: 00007ffb8d163f91 R08: 0000000000000000 R09: 0000000000000000
[ 2091.505467][T21239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2091.505473][T21239] R13: 00007ffb8d336128 R14: 00007ffb8d336090 R15: 00007ffde14efa58
[ 2091.505486][T21239]  </TASK>
[ 2091.505490][T21239] 
[ 2091.505493][T21239] Allocated by task 21238:
[ 2091.505504][T21239]  kasan_save_track+0x3e/0x80
[ 2091.505518][T21239]  __kasan_kmalloc+0x93/0xb0
[ 2091.505532][T21239]  __kmalloc_cache_noprof+0x1fb/0x6d0
[ 2091.505546][T21239]  snd_pcm_attach_substream+0x5b7/0xb30
[ 2091.505556][T21239]  snd_pcm_open_substream+0xb6/0x2410
[ 2091.505569][T21239]  snd_pcm_oss_open+0xf2a/0x1bd0
[ 2091.505577][T21239]  chrdev_open+0x4cf/0x5e0
[ 2091.505585][T21239]  do_dentry_open+0x7d0/0x1270
[ 2091.505595][T21239]  vfs_open+0x3b/0x350
[ 2091.505605][T21239]  path_openat+0x342a/0x3df0
[ 2091.505617][T21239]  do_filp_open+0x1fa/0x410
[ 2091.505629][T21239]  do_sys_openat2+0x121/0x200
[ 2091.505639][T21239]  __x64_sys_openat+0x138/0x170
[ 2091.505649][T21239]  do_syscall_64+0xec/0xf80
[ 2091.505657][T21239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2091.505666][T21239] 
[ 2091.505668][T21239] Freed by task 21238:
[ 2091.505674][T21239]  kasan_save_track+0x3e/0x80
[ 2091.505686][T21239]  kasan_save_free_info+0x46/0x50
[ 2091.505696][T21239]  __kasan_slab_free+0x5c/0x80
[ 2091.505709][T21239]  kfree+0x1bd/0x900
[ 2091.505720][T21239]  snd_pcm_detach_substream+0x1e1/0x290
[ 2091.505730][T21239]  snd_pcm_oss_release+0x184/0x250
[ 2091.505738][T21239]  __fput+0x45b/0xa80
[ 2091.505748][T21239]  task_work_run+0x1d4/0x260
[ 2091.505761][T21239]  get_signal+0x11c4/0x1310
[ 2091.505771][T21239]  arch_do_signal_or_restart+0x9a/0x7a0
[ 2091.505785][T21239]  exit_to_user_mode_loop+0x87/0x4e0
[ 2091.505797][T21239]  do_syscall_64+0x2b7/0xf80
[ 2091.505806][T21239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2091.505815][T21239] 
[ 2091.505818][T21239] The buggy address belongs to the object at ffff88803925b000
[ 2091.505818][T21239]  which belongs to the cache kmalloc-2k of size 2048
[ 2091.505827][T21239] The buggy address is located 512 bytes inside of
[ 2091.505827][T21239]  freed 2048-byte region [ffff88803925b000, ffff88803925b800)
[ 2091.505838][T21239] 
[ 2091.505840][T21239] The buggy address belongs to the physical page:
[ 2091.505852][T21239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803925a000 pfn:0x39258
[ 2091.505863][T21239] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 2091.505872][T21239] flags: 0x80000000000240(workingset|head|node=0|zone=1)
[ 2091.505885][T21239] page_type: f5(slab)
[ 2091.505896][T21239] raw: 0080000000000240 ffff88813ff27000 ffffea00014ea010 ffffea00016a9e10
[ 2091.505905][T21239] raw: ffff88803925a000 0000000000080006 00000000f5000000 0000000000000000
[ 2091.505916][T21239] head: 0080000000000240 ffff88813ff27000 ffffea00014ea010 ffffea00016a9e10
[ 2091.505925][T21239] head: ffff88803925a000 0000000000080006 00000000f5000000 0000000000000000
[ 2091.505935][T21239] head: 0080000000000003 ffffea0000e49601 00000000ffffffff 00000000ffffffff
[ 2091.505944][T21239] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000008
[ 2091.505950][T21239] page dumped because: kasan: bad access detected
[ 2091.505956][T21239] page_owner tracks the page as allocated
[ 2091.505963][T21239] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 13528, tgid 13528 (syz-executor), ts 1011061955216, free_ts 1010883252997
[ 2091.505982][T21239]  post_alloc_hook+0x234/0x290
[ 2091.505997][T21239]  get_page_from_freelist+0x28c0/0x2960
[ 2091.506008][T21239]  __alloc_frozen_pages_noprof+0x181/0x370
[ 2091.506017][T21239]  alloc_pages_mpol+0xd1/0x380
[ 2091.506026][T21239]  allocate_slab+0x86/0x3b0
[ 2091.506037][T21239]  ___slab_alloc+0xb10/0x13e0
[ 2091.506046][T21239]  __slab_alloc+0xc6/0x1f0
[ 2091.506055][T21239]  __kmalloc_node_track_caller_noprof+0x2bf/0x810
[ 2091.506069][T21239]  kmalloc_reserve+0x136/0x290
[ 2091.506079][T21239]  __alloc_skb+0x204/0x3a0
[ 2091.506088][T21239]  inet6_ifinfo_notify+0x70/0x120
[ 2091.506105][T21239]  addrconf_notify+0xca0/0x1050
[ 2091.506119][T21239]  notifier_call_chain+0x19d/0x3a0
[ 2091.506131][T21239]  __dev_notify_flags+0x18d/0x2e0
[ 2091.506142][T21239]  netif_change_flags+0xe8/0x1a0
[ 2091.506153][T21239]  do_setlink+0xc55/0x41c0
[ 2091.506166][T21239] page last free pid 14166 tgid 14166 stack trace:
[ 2091.506172][T21239]  __free_frozen_pages+0xfe1/0x1170
[ 2091.506186][T21239]  __put_partials+0x149/0x170
[ 2091.506195][T21239]  __slab_free+0x2af/0x330
[ 2091.506205][T21239]  qlist_free_all+0x97/0x100
[ 2091.506217][T21239]  kasan_quarantine_reduce+0x148/0x160
[ 2091.506229][T21239]  __kasan_slab_alloc+0x22/0x80
[ 2091.506242][T21239]  kmem_cache_alloc_noprof+0x18d/0x6c0
[ 2091.506255][T21239]  getname_flags+0xb8/0x540
[ 2091.506263][T21239]  user_path_at+0x24/0x60
[ 2091.506274][T21239]  do_faccessat+0x5d8/0xd90
[ 2091.506285][T21239]  __x64_sys_access+0x61/0x70
[ 2091.506299][T21239]  do_syscall_64+0xec/0xf80
[ 2091.506307][T21239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2091.506316][T21239] 
[ 2091.506319][T21239] Memory state around the buggy address:
[ 2091.506325][T21239]  ffff88803925b100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2091.506332][T21239]  ffff88803925b180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2091.506339][T21239] >ffff88803925b200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2091.506350][T21239]                    ^
[ 2091.506356][T21239]  ffff88803925b280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2091.506363][T21239]  ffff88803925b300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2091.506369][T21239] ==================================================================
[ 2091.506384][T21239] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 2091.506396][T21239] CPU: 0 UID: 0 PID: 21239 Comm: syz.5.4913 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2091.506408][T21239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 2091.506415][T21239] Call Trace:
[ 2091.506420][T21239]  <TASK>
[ 2091.506425][T21239]  vpanic+0x1e0/0x670
[ 2091.506440][T21239]  panic+0xb9/0xc0
[ 2091.506454][T21239]  ? __pfx_panic+0x10/0x10
[ 2091.506468][T21239]  ? rt_spin_lock+0x88/0x3e0
[ 2091.506482][T21239]  ? rcu_is_watching+0x15/0xb0
[ 2091.506494][T21239]  ? rt_spin_lock+0x88/0x3e0
[ 2091.506505][T21239]  check_panic_on_warn+0x89/0xb0
[ 2091.506521][T21239]  ? rt_spin_lock+0x88/0x3e0
[ 2091.506533][T21239]  end_report+0x6f/0x140
[ 2091.506541][T21239]  kasan_report+0x129/0x150
[ 2091.506551][T21239]  ? rt_spin_lock+0x88/0x3e0
[ 2091.506565][T21239]  ? __wake_up_common_lock+0x2f/0x1e0
[ 2091.506586][T21239]  __kasan_check_byte+0x2a/0x40
[ 2091.506602][T21239]  lock_acquire+0x84/0x340
[ 2091.506616][T21239]  ? rt_mutex_slowunlock+0x668/0x8a0
[ 2091.506629][T21239]  ? reacquire_held_locks+0x104/0x190
[ 2091.506647][T21239]  rt_spin_lock+0x88/0x3e0
[ 2091.506659][T21239]  ? __wake_up_common_lock+0x2f/0x1e0
[ 2091.506672][T21239]  ? __pfx_rt_spin_lock+0x10/0x10
[ 2091.506685][T21239]  ? rt_spin_unlock+0x161/0x200
[ 2091.506698][T21239]  ? __wake_up_common_lock+0x18a/0x1e0
[ 2091.506711][T21239]  __wake_up_common_lock+0x2f/0x1e0
[ 2091.506724][T21239]  ? snd_pcm_post_stop+0x14a/0x1e0
[ 2091.506734][T21239]  ? __pfx_snd_pcm_post_stop+0x10/0x10
[ 2091.506743][T21239]  snd_pcm_action+0x1f4/0x240
[ 2091.506757][T21239]  loopback_trigger+0xb82/0x1b60
[ 2091.506768][T21239]  ? rcu_is_watching+0x15/0xb0
[ 2091.506779][T21239]  snd_pcm_do_start+0xb7/0x180
[ 2091.506795][T21239]  snd_pcm_action+0xe7/0x240
[ 2091.506809][T21239]  __snd_pcm_lib_xfer+0x1762/0x1d00
[ 2091.506822][T21239]  ? __pfx_interleaved_copy+0x10/0x10
[ 2091.506833][T21239]  ? __pfx_default_write_copy+0x10/0x10
[ 2091.506845][T21239]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 2091.506855][T21239]  ? __pfx___snd_pcm_lib_xfer+0x10/0x10
[ 2091.506865][T21239]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 2091.506878][T21239]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 2091.506892][T21239]  ? snd_pcm_oss_write3+0x1a2/0x350
[ 2091.506908][T21239]  snd_pcm_oss_write3+0x1bc/0x350
[ 2091.506925][T21239]  snd_pcm_plug_write_transfer+0x2cb/0x4c0
[ 2091.506938][T21239]  ? __pfx_snd_pcm_plug_write_transfer+0x10/0x10
[ 2091.506950][T21239]  ? snd_pcm_plug_client_channels_buf+0x490/0x640
[ 2091.506964][T21239]  snd_pcm_oss_write+0xa31/0xf20
[ 2091.506982][T21239]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[ 2091.506997][T21239]  ? __pfx_futex_wait+0x10/0x10
[ 2091.507008][T21239]  ? rw_verify_area+0x25b/0x4e0
[ 2091.507021][T21239]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[ 2091.507036][T21239]  vfs_write+0x287/0xb40
[ 2091.507051][T21239]  ? __pfx_vfs_write+0x10/0x10
[ 2091.507064][T21239]  ? __fget_files+0x2a/0x420
[ 2091.507076][T21239]  ? __fget_files+0x2a/0x420
[ 2091.507102][T21239]  ? __fget_files+0x3a6/0x420
[ 2091.507113][T21239]  ? __fget_files+0x2a/0x420
[ 2091.507125][T21239]  ksys_write+0x14b/0x260
[ 2091.507140][T21239]  ? __pfx_ksys_write+0x10/0x10
[ 2091.507157][T21239]  do_syscall_64+0xec/0xf80
[ 2091.507167][T21239]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2091.507178][T21239]  ? trace_irq_disable+0x37/0x100
[ 2091.507189][T21239]  ? clear_bhb_loop+0x60/0xb0
[ 2091.507200][T21239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2091.507211][T21239] RIP: 0033:0x7ffb8d0df749
[ 2091.507220][T21239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2091.507230][T21239] RSP: 002b:00007ffb8b31d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2091.507241][T21239] RAX: ffffffffffffffda RBX: 00007ffb8d336090 RCX: 00007ffb8d0df749
[ 2091.507249][T21239] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000008
[ 2091.507256][T21239] RBP: 00007ffb8d163f91 R08: 0000000000000000 R09: 0000000000000000
[ 2091.507263][T21239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2091.507269][T21239] R13: 00007ffb8d336128 R14: 00007ffb8d336090 R15: 00007ffde14efa58
[ 2091.507280][T21239]  </TASK>
[ 2091.507675][T21239] Kernel Offset: disabled