last executing test programs:

24m29.06536749s ago: executing program 32 (id=576):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@delsa={0x48, 0x12, 0x1, 0x0, 0x0, {@in=@dev}, [@srcaddr={0x14, 0xd, @in6=@rand_addr=' \x01\x00'}, @mark={0xc}]}, 0x48}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x3, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x190, 0xf1f80502f07a58b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_PACKETS_PER_SLAVE={0x8, 0x14, 0xff}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40010}, 0x240080c1)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c"], 0x50}}, 0x0)

24m24.292889376s ago: executing program 33 (id=596):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'macvtap0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000030500"/18, @ANYRES32=0x0, @ANYBLOB="05030200157e0000140012800c0001006d61637674617000040002800800", @ANYRES32=r1, @ANYBLOB='\b'], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

23m55.714718784s ago: executing program 34 (id=691):
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0xffffffffffffffff, 0x9, 0x800, 0x0, 0x4, 0x10000000}, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)

20m42.140103391s ago: executing program 35 (id=1216):
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
userfaultfd(0x801)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r2, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r2, 0x84, 0x79, &(0x7f00000000c0)={0x0, 0x100, 0x9f7b}, 0x8)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000340)={0x0, 0x3}, 0x8)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r4, 0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sendmsg$nl_route(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=@ipv6_newrule={0x1c, 0x20, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1}}, 0x1c}}, 0x0)

20m37.024787666s ago: executing program 36 (id=1231):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000050000009500000000000000e6923b33b19a35d427f5e67496beeea639e2b7f2c14e7f99b7ecf39c93069d27164b045baa56262b38e43704f9b69a7a628f93ee62718c1331b374a2452f29c71f8e3e27cb5734add259f2c4045905f8a45ac0bcf54572565c58b6bc51b84b04df5211835b93aa87b5b652adc617b8d2831beec0b5c4bb871cdd0350b6121829a7e3576e9a0a486e0a97a0613343c8de3bec27990cdeb3bc92c681f68983ad2c81ef5a875b67598e7066cfd5b9a146c7204013ceb14c8297cd192f43aac1624b15d6a457d4dcf94f41e7526f1cf70961f9f3b48ca6de7b2fbc7a7f3e8f0d0924cb2f957bf60d51406d3a258af3d58e0380ae328a63434a74d406020076040044240835f3668a6896dbc8fcea250f4b0c297986b8acea238698844e0675d242a7d3acfd1ac46d85c8b23ad8279643d5e3e00a2d319882945b3d0aa8e9a54cbd1aeb90c55b295b9d6021217c70fc7cedba84dd598b53c8521f149b33cb95cae5df2ebf8b7103803aaaa8e7d68dcdfaa835bdb5a23bdbff8362d41a1126043b88f00fdc17ccd274999304c1dff6f4f4f8b219b418e09cf2c0e0cb2f9ad957fd859564f7ff6f28fb3b2d3a97df6f6f54c4ea794102494e1d56e88c1439ea086b1acc9fbc26c315246741cb722188846b1175178f6fa467be03e9f7cff922a1c78bbb28bdf7816bb27db7e86d988213dffd7f012721f2ec81ace497eeca313214f1d8c89ec824b5907e3ab7ec1d387cffbdb4d79ccb3c2e29275da223f5fa52525145684e10798d3de43fa175137b205fc7ccf3a4d0a237bf80bfd9acf1be2a56eecbbce4bc4708db946b1a1b989dc6b146853fea8deab55df9eaf759ffd08ff483103720ebfbc53be6a85fc1b610ba8e3ecb8a7351cf218073aecf3b631837846b703e7772626376aa84290a8b7b4f3472976f6688cb230ccd762d00fcf810ca0c3d20ccdcac10fe09cc5fccf31d9e16e899d32dee701d2b6fff95c1328f249878e6dde3ed840d4b5fb05cc1399dd151f59e53712285d5e9c4dba7e1eb9ff174487c74454f8f5e996e600c5740d21d7ac237d62bee06c1834b04e29c8ee7a5a56a386eca1b136904aeca3cbb85c7278fe202d286d45461d8c9e74654b95b8ebdfa7d9bbe7d5cc269d368efe9056060de9bcaa714bcc8429b623dd78d4fd6ebfaadb7bd35a3ff3da98e2164c8cc1d0d7017b8a7a0fef4f802d538e5bd40daba01aa97fa689d"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000fe000000081100000900000001000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB], 0x50)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0500000004000000080000000a"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x3, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050ff850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000500000000000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305d60500000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r5], 0x90}}, 0x0)

20m32.010408171s ago: executing program 37 (id=1244):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="01000000030000000200000004"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1e3900000613f207c4e8ed79bb5e9aa6000000015d2b51e85dc0893f8f8ae201553ec6e4a50f86eff6007772e76e19601ff1a9816108e4b4e8d3ce1b13cf8d59b55cd71c788aa9cfc760ad65c0e5ba06b84e7591d96dfbfced372c1b00253a3b37bca0a3eb46270d249b4ba48e853bdfac49c833fdc58e1b3832", @ANYRES32, @ANYBLOB="05000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0500000001000000010000000e"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x4, 0x6, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000890000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000007500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002400128009000100626f6e64000000001400028005000e0040"], 0x44}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

20m27.522015448s ago: executing program 38 (id=1255):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r5, 0x560a, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x2, 0x3, 0x3})

20m17.071111991s ago: executing program 39 (id=1270):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_VOICE(r1, 0x112, 0xb, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x7}, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1a3089, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

19m3.875659228s ago: executing program 40 (id=1439):
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x5a20}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = io_uring_setup(0x1fc4, &(0x7f0000000bc0)={0x0, 0x0, 0x12, 0x0, 0x320})
r3 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
r5 = memfd_create(&(0x7f0000000940)='y\x105\xfb\xf7u\x83%\b\x00\x00\x00\x00\x00\x00\x00\xea_\xccZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x10\x00\x00\x00\x04\x879\xa24\xa9a\b\x00\xb2\xd3\xcbZJ\x7fa\xc4\x1acB\xaa\xc1\xfb Q\x96\xd9xJ2\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea\b\x00\x00\x00\x00\x00\x00\x00\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9V\x01A\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\a\x00\x01vRk\xaabB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\x80\x81\xa0\xa2-g\b\x99\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecn\x02\xc8\xc4\f\x04\x99\xf6\xfc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc8L\xae\x1ff\xcf\xb3\xb65\x12\x89\x02\x82t\x0f\xb0\xe89\x16\fO\x19\x91\xfd\x10\x0e\xa7r\x12\xab\xd4\xd1d\xad\f\x11\xb3\xb3c\xe2\xfe\xcd\x9f7\xa1\x14\xfa\xe2\xdf\x7f\xf4NG\xe3\xeb\x18\xde|\xb3\xf5S\x9a\x04\xb4Lry\xa9\xd6\xfb\xbc\n+N\xf7\xf6\x87\x95\xd9+\xd2sc/\x06\xaa#K3,k\xf3(\xcc\xc7\xb47\xfa\xc3\x1c\x91!\xd3\xd2`-\xa2xrR\x1c\x81i\x87u|29Q\xdf\xed\x10\x9b\x930\xa8v\xa0\x88\xa4t\x17\xb2\xca9\x02\x03\xc9P\xcc\xe0\xb7\x9c\x82\xb4\x03\x83e\xee\x95\xccO\x1b\x83\f\n{\xf3\x12\x90\xcf\x10\xb5>\b3\x80\x8d\xb2%7\x10\xeee\xe4\xc3\xb2^\xad\xb6~\xa2\xbdE\xbf\x91\vqt\x81\xbd\x19\xde\x81\tw\xd4p\xd1\x8aNJ\xb3M\a\xc4\xfa\xb0,$\x81j\xb4Hs\x93>\x16U\xd0t\xe4\xca0T\xb7\xf7\x9d4\b\xd9\xdeps\xec\xa0\nJ\xa5\xfe\xda{(\xee\xb5\x11?\xc3I-\x8bc\xc9\xfb\a\xe5\xab\xf8v1\xdc\xc5\x8c\xebs1\x81\xca\x81l\xa12\xff<\xf5\x12\xcc+\xd4\xab\x84\x16\xa4+\x0e\xd4\x02\xe3\xaa1\xeam\x8ce\xb4r\x0eo&3wff\xe6\x91\x7f\xba\xad\x05\xdd\xc0+\"\xa5\x80\'#\xfd\x9dA&\xee \x18\xe5\x17\x1bd\xd0\xb9\x90\xde\xec\xe4M\xe5\x06\x03r\fc\x8c\x10\x99x\xec`e`\xc3F\xdf\xbc\xa8\xff\x05\xe6\xea\xc3u\xd7\t\x88<\"\xf7!\xd6\x0e\xbbE^\xcd\xb0\x15g\xe6\xf2?y1\x9f\xd3\x95\xc4E\xd0\xb4\x16`r\x14\xad\x02\x17\x9a\x86I]\x02f\xd3\xc9\xe1H\xd7c\xcaQ\x8cE7\xcc\xcf=\xf3\xf7\xb9\xf6s\x88\bZi\b*w\xc5;\x88\r\xab\xa1\t\xf1\x02)5\x00\x84', 0xb)
ftruncate(r5, 0xffff)
fcntl$addseals(r5, 0x409, 0x7)
r6 = ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f00000002c0)={r5, 0x0, 0x0, 0x8000})
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r7})
close_range(r2, 0xffffffffffffffff, 0x0)

18m52.720167632s ago: executing program 41 (id=1468):
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x5a20}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = io_uring_setup(0x1fc4, &(0x7f0000000bc0)={0x0, 0x0, 0x12, 0x0, 0x320})
r4 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
r5 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
r6 = memfd_create(&(0x7f0000000940)='y\x105\xfb\xf7u\x83%\b\x00\x00\x00\x00\x00\x00\x00\xea_\xccZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x10\x00\x00\x00\x04\x879\xa24\xa9a\b\x00\xb2\xd3\xcbZJ\x7fa\xc4\x1acB\xaa\xc1\xfb Q\x96\xd9xJ2\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea\b\x00\x00\x00\x00\x00\x00\x00\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9V\x01A\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\a\x00\x01vRk\xaabB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\x80\x81\xa0\xa2-g\b\x99\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecn\x02\xc8\xc4\f\x04\x99\xf6\xfc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc8L\xae\x1ff\xcf\xb3\xb65\x12\x89\x02\x82t\x0f\xb0\xe89\x16\fO\x19\x91\xfd\x10\x0e\xa7r\x12\xab\xd4\xd1d\xad\f\x11\xb3\xb3c\xe2\xfe\xcd\x9f7\xa1\x14\xfa\xe2\xdf\x7f\xf4NG\xe3\xeb\x18\xde|\xb3\xf5S\x9a\x04\xb4Lry\xa9\xd6\xfb\xbc\n+N\xf7\xf6\x87\x95\xd9+\xd2sc/\x06\xaa#K3,k\xf3(\xcc\xc7\xb47\xfa\xc3\x1c\x91!\xd3\xd2`-\xa2xrR\x1c\x81i\x87u|29Q\xdf\xed\x10\x9b\x930\xa8v\xa0\x88\xa4t\x17\xb2\xca9\x02\x03\xc9P\xcc\xe0\xb7\x9c\x82\xb4\x03\x83e\xee\x95\xccO\x1b\x83\f\n{\xf3\x12\x90\xcf\x10\xb5>\b3\x80\x8d\xb2%7\x10\xeee\xe4\xc3\xb2^\xad\xb6~\xa2\xbdE\xbf\x91\vqt\x81\xbd\x19\xde\x81\tw\xd4p\xd1\x8aNJ\xb3M\a\xc4\xfa\xb0,$\x81j\xb4Hs\x93>\x16U\xd0t\xe4\xca0T\xb7\xf7\x9d4\b\xd9\xdeps\xec\xa0\nJ\xa5\xfe\xda{(\xee\xb5\x11?\xc3I-\x8bc\xc9\xfb\a\xe5\xab\xf8v1\xdc\xc5\x8c\xebs1\x81\xca\x81l\xa12\xff<\xf5\x12\xcc+\xd4\xab\x84\x16\xa4+\x0e\xd4\x02\xe3\xaa1\xeam\x8ce\xb4r\x0eo&3wff\xe6\x91\x7f\xba\xad\x05\xdd\xc0+\"\xa5\x80\'#\xfd\x9dA&\xee \x18\xe5\x17\x1bd\xd0\xb9\x90\xde\xec\xe4M\xe5\x06\x03r\fc\x8c\x10\x99x\xec`e`\xc3F\xdf\xbc\xa8\xff\x05\xe6\xea\xc3u\xd7\t\x88<\"\xf7!\xd6\x0e\xbbE^\xcd\xb0\x15g\xe6\xf2?y1\x9f\xd3\x95\xc4E\xd0\xb4\x16`r\x14\xad\x02\x17\x9a\x86I]\x02f\xd3\xc9\xe1H\xd7c\xcaQ\x8cE7\xcc\xcf=\xf3\xf7\xb9\xf6s\x88\bZi\b*w\xc5;\x88\r\xab\xa1\t\xf1\x02)5\x00\x84', 0xb)
ftruncate(r6, 0xffff)
fcntl$addseals(r6, 0x409, 0x7)
r7 = ioctl$UDMABUF_CREATE(r5, 0x40187542, &(0x7f00000002c0)={r6, 0x0, 0x0, 0x8000})
r8 = fcntl$dupfd(r7, 0x0, r7)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r8})
close_range(r3, 0xffffffffffffffff, 0x0)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cgroups\x00', 0x0, 0x0)
r10 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/clear_refs\x00', 0x1, 0x0)
sendmsg$NLBL_UNLABEL_C_ACCEPT(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001800)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="010029bd7000fbdbdf2501c28a4bdb1dae4540dfbf1da35b5e77dc4429e71e4aae40a364bd6c8f55b23f1705cf0a5a3e83b5d4176b9813adec67e1fd5bd0517e8797ca3e099b19a40c691d7bbc24"], 0x1c}}, 0x20004080)
sendfile(r10, r9, &(0x7f0000002080)=0x68, 0x23b)

18m49.231100313s ago: executing program 2 (id=1508):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000140)={0x100, 0x640, &(0x7f0000000240)="02e19d2dfa8f6e35", 0x0, 0x8})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

18m47.881311866s ago: executing program 2 (id=1511):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/udp6\x00')
preadv(r2, &(0x7f0000000100)=[{&(0x7f0000000140)=""/189, 0xffffff4a}], 0x1, 0xff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
epoll_create(0x2)
r3 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x40009c0e, 0x10100}, &(0x7f0000000000), 0x0)
io_uring_enter(r3, 0x2df0, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010029bd7000fcdbdf25450000000e0001006e657464651273696d0000000f0002006e657464657673696d30000808008e0001000000"], 0x3c}, 0x1, 0x0, 0x0, 0x20004000}, 0x40004)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000000)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r7, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000200)=ANY=[], 0x8)

18m47.133533488s ago: executing program 2 (id=1513):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(sm4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r1)
sendmsg$kcm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000001c0)="73f639971451b0d576d709514d5572846d145883cecaefbf8414dbe575cadf7303b702a07d7f42ffc65c591a4b8bcdb40d5e7c52f0377222b3f57797cc373607aa0cf5c630611e29970f55c8c024920a1d3eff3b29e627b5aa1e0c142465cf4b08a73b3951309360af193f38e4eba8ce255a90dc36d24a9e980c982b0b28786b5b9bc0ffacdbefccaabda278a150c5cdf47287be", 0x94}, {&(0x7f0000001780)="705e5b0dc5f4095686a2dbbc46943ec9a944c97b1e2bca6b0583f82fbac3f1b1577dd483ff1e898a6d0fc35a6ed58b69995d565a82ad3d2ffa3d7fece0471a3cae637f7c5c1c8fe5def3cdcd179cbfc1a47e42525a95512a7fe9390f1f35861e70a6e7363e8ad0cd218d06e4a624829ad06e9a2e79954b7cda23fb2e945731d46633a16dd1cfd0753eed840fc272c64eba3fbf59885b58b772989a4c16ce0e26bf46a1957b48cea94ffbf626556c13825dbd3ea19684d60213fbbe1fcb606093", 0xc0}, {&(0x7f00000000c0)="5af9a0eddd1a718dfb4b4c672cc2747829a48d4fbbd1d2b213e6cc5e7fd10c4b2954060ddd36190d53bee4ce1727b20fd61f97db5508fc465cfaa102be83331efdbd2f74", 0x44}, {&(0x7f0000000300)="5b17a529b622af159b681e64b55f6070b1ac070c1b3564eda334eecb6a080e2e091ad19f3e1ef1f3b600710cbb96ee3dfaacfbd05470c7dc7a0b929ef63758ec862713c0dd7627635c2c54ff26fd938cb24932689543f2197b148719368f641c74516436ef3153ab8410d64e1a8dbc1eebf3c3defdceca9ca8cd64c012fb9866e0c068ec0a5e1167dbe30406967a00f0fdc08d26a19bbbe656f3df73cfe825aa63e19b29a2714b62838fc336ca15c8bfdbcee2a36037ef9901d46e10bc6b75093555331d10350a1ebe95a84f12724b2eca11c9163b27b1d6505d9f6f6cc2be88d45391650f5d452d656574e0d3c2eb95955f43", 0xf3}, {&(0x7f00000004c0)="cb1c29a7a356cee30014f20d8d5bc02c559289e6bee1c17f451df297408b516ccccd21af8d8333016707abeafd389f7be47d2cdc19da73392e69bee550a4e9dcb6fe8be20b9a8527f189fef958d6c0211b857ff3ade264c42bcb73445dbd814ed4837021205d56ad9f6f49f9de71313e88bb949a4051843b135c4b2f1456e847af272f832e60d8889c7f7859c84f47962c20f72a7ba1ef0d391752c0078329b8c191e4380093eb746dcdbe145d4ce74519fe39b088319e4fd15fba8216214713183398c11a9403eba3cea481f3643e31a589c77b69ba8c978e7138caac65f27768ab8b8f6478c5515fd03e8c839064f666", 0xf1}, {&(0x7f00000006c0)="be9c436f103421bf0a8ec26860f03308ce4e572c3c7cb524fe6e32a0b7b7c304df438f8f95fbf3c5425d90cbb3252b20ddbd640e4c88df4c89be3a7113c410d73127768616785951e299b09d8f2d8d684eb1de2cd0e8e5ceeb151367db7e22f9259f2f95d29a1e0a0bbbe3e2541fd069e931a29636aa9ffd8ea76dabf7c6bafd9fec961c61b6e9a33fe89aff732210872db86d780148caf0a2", 0x99}, {&(0x7f0000000780)="5c87ead6dd20411ee4a14f60a91e24a4bf80acfe85207912bad724bec93b1989a5758b1358080a5dd9e388fc2802c7c1b7302bd7c549333b1611e850c490854bea3edb95f39ada6c2d3605146d049c240233ced48d3fde968ed430ee4b19f462ae311896f32f52134efad35fb776c575a14d03c2ee2072d0e8bdbe3f83e88bb7a7875f29c579d3ce2b89ef3b502f3a23e1708595c37c8f23817060920072ee189b6a451e166eec40ead7b1ab434151935bd7290acae9901a1a64fc20861aa302cd5e32f1162c48e65c80744024dfc0cdcef58ba4b02e940e97eb7eda49486672b91536da190a5b8e5d8afa5764928e4b83955ee461cd445febd8a784fad46755ecd7bf92eb7899f25a2aa9aed7d3b26143626884c360a8edddc1932279e702cd5cd261f1f54c5e5651c0aa3fd95bf3754016fdbbbadaea31158336c3b8a5cce67dc8bff2ac70c41b2ba4352036bc2ce0e02e9315182fbdfc7770ed8cf78672b00432963ec01cc5b45345f181099c1fee08445d44877795fd6de264efd6d44418ea7a886aea8fb15cc6af83556cf713a878b7fb07564f4245a77483af7bb7b01e1d328ca353fbb4b6b4007180a9f1efe1a875cada30d838ab00ed42f85c62fa58e6f696c64d39f9c53cda6e8be3ef7b9436d62d81494268c49c807ee372c4977890d2d4ce3440c48f015c2edb6a15fb8b9ed9f2f43f2857e46eaa14b892d6a5535c5ac6865ae8e3bcb83dbb4035986394e354257071184881d82916bec23eaf30833c8807b35932420ce7cc4f055b3c219dc5bc92948b8208f54f4f52ad8553b92f3eb6ea52d63ca01bb8c21f5eb819eef705f6775f24720ce61b464b65aa108967cb0471365a4ea19ec7d097ab1c2b3231b1301b5e3a2f808c7803bbbd2325c4639358b64c91d56fe1f5de8cf19e96fc4816524eb41ecac76eafff47e6f142fde7544ceea131bc6f7bad88f1b317dbb251eb071ae23192428ae5eebd9a9e539d12c10cbe0a83eb86a6d34dfa6e21d89ba5eab884e7c00ae182fb1af1746ea6231b9600f2fa1c10944d8bbccf12ace878e81567984bc36445ff62ef2e4d592d96f6e4f709622b6842bb1f5658f9e369002a8564906fea03fe20b45d425bd89a31f316463b9cb9fea5024c693a9e830c7d260ee138364767ca2e8ac215976ccef536d4a0d59df019e093efa6b3e43cd0d64f8e2217b796362779c23dbcf4c60e05c6b698e2f0f817cd378fc91e1f180b53ebcf4fc8d1de482b6332e94a7faee9870492a32568bc90804036b7dd17b09866db614f129037c2ebf218b99731be8514c50808febf7839f56ba4cf360413d1232b7b69651e5e2e34df6939807826c8dfe4e829c736a8e6e5887b67f859b98d5ce270059335a08058680ac323ceb33ac3162e55a214981dd191065086e887171fda169d57423c61b808d13b3786c2cb05aa75b9ba94ff79194671e398203c3ad50cc1bf28e19ad7682ffe18b2bbf43b50f6c14bb2ca68af40d88e404131d66cd00721978f7e057e9b258030dcff35fb9c4ffbdd1579fbd668265c652c2b92f86dce28c8dffdf4d5878aa7a8388a898f2c3015147c009b52ee6535037255585bf159eb2609fa397af0f74d4e8b5dce498f9074d70221042154132f81efa6bbcf864cc12538b1eac585d08f8865636a69c8a4914ba1e9ccd8dda4b53817504aac7c19bc80682331851f10b2f034e0149c39ee30eca0bf6c00ccfbb001e59da358f991140488026529725e8b37241b7f7ef0ef3a2652240a0f624e4796b4c265b083d9687c09c1de608c80904d37772b84ff7327043e88ffacdd6591c2ee4f61741df1b18f9cec264203ff352e7d3774da4c96187fc9accc217d3c7cf887d3938fe13baf463273d54a323bf380b4afd8fa8866071391ab8f99cc27e24f4289e8ade4b2b79329d8de40d5cb168bb3855829ef51c6312b0b663690a7e1ffa21cf38abab295a68466039973a3c3785f4bef894e089f27c3c3f9de7c3d6188ed0f694c6f9e71ad0e4989ce50ded545185b74b1065aec96c328cbcb587577436ca13341b857c7a9023820f452a0e1722cdd5e507232b29e70603bffbdafdad00f4cec6888093df8bd7e079863fee5fa8093862a5d8c343a6c4592e669a916694ed4b4e65a523f4db68ae6f6027a07dfc8724779768be2673b82fad4cb304fc6524a494eb07add8c239db6338b469f123b15174159061b79c644d30cca7f662d8837c4d0bdbd9cabb4692d248a87ffa0c73a0e57a50f90525acb90a6dc388c79693bc7f7d49f045f56ce0d47a29d6219d50555ee58596b71272852f78746aeafacf0c02e35b010ef13c5e2ce668fc093ba965843817bfe4871ed16437202e304a936b8c0906f9f2ea6c8419504fc6d3d87220a059b6a7b87260920f2f5ac440270ab53e2802f23cb94b8fe5356001eafcdf6316072ce6b43aa9e8b0e5987a354c7843850a95e59bb99a9db2bf60afe662ddd967bf9fce03f1ac2a05cac937fd4a03c630d761eb26ceb570b18b7f9327bccb93e7d8aeb9de1378363c49ab7b21e2f121fc493320b4a8a6d081ae57e2084a767e7823de0677d4c8f9e832f3c4885afde6e11d26d0aa37b2c6e466a56b78a4907b5b5c0f7e3efd0bf798f72d21eb4632deb92310e8c9913392b1c266c85c3f195c0c66bfba343e7567aeaac34605168377972df0ae9075e4d6a55f6bc752be620cb0dc54e2fda9bdfe7600be38747674e26397e30c131bb4638487f658298b482304027988331da35620dbce64cb0c76fd0eeb852fda45f0449f5bd0b38f788c8d4423446614ed6faef8efa37ffc0ccc181eb120775f0aaad37feb21c00029fb60d875949861d7f938857685793eb75962905196aa9ee89a390f03b81d8982f15ee696863b57595b622638e2e3c9f1c00faf7d452959f195777b5657b29dffc8e6292f745d17cabc56cc5cac04e30d193cf6f8b7ad925fc542802811436c9183608cb9d06a777e90e13d7ef80bf065ffeed0f07ff449979b7b57b0979b1e627aba6611d1375c71c0e0df74c7533d80e3ae370414888c7e09d8906314c479b668078d278fa83af4c325935d55ce9fd62abf088ca61fae444c80471e70a844f8276a5cc490f821cfc4bec14800cdfecd37b7a04df2bf7da00e87c05ab1e0021b51c5d294823c425cdb2fcd03c6bbae4e848f60af345367414b9c9551dbbcaba56240402661050e6ddc1f1aa009621aa3957779ef7f8782ce6c0288c54d5951a0e809cc57095f1d0f7a996859c7f84494383f76e998b2f4a2d93097863acdd0a954e606cc640963f3ea565d13d09d0f06435df0cf150016b2686f162d0c8267c0d670ec86c6cb9f4e79cb0d49501e8d6057c437fea507393cef427cad022fb8cbf9e7b78fba4e17b1cdd7b4f32bc98e1f9476f3a94295e00342428f3756df9db3ff5bd2150a8c6d4567e21b94379d1f679d4924b40839effdbba78c48b8ce733041860b080ad51caa4bd58774405bfe77c6d08d6dad6a995552867128106d0d0819341e500836edf307bd2293a0b7069592f8e3d33312b23723808f28db197a104b355bb59221fd153fb19d439a50232087d5e833228410c2d15097110832ed52c69989e377b2a536148cee472", 0xa08}], 0x7}, 0x0)

18m46.396709617s ago: executing program 42 (id=1481):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090f04000000000000000000850000000f000000850000007d"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r0}, 0x10)
wait4(0x0, 0x0, 0x40000000, 0x0)

18m46.193981463s ago: executing program 2 (id=1517):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setresuid(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
r3 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r3, 0x4008af00, &(0x7f0000000140)=0x200000000)

18m43.963609164s ago: executing program 2 (id=1519):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_VOICE(r1, 0x112, 0xb, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x7}, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1a3089, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
setpgid(r5, 0x0)
mount(0x0, &(0x7f0000000300)='./file1\x00', &(0x7f0000000080)='tmpfs\x00', 0x800, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)

18m42.842026087s ago: executing program 2 (id=1521):
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x5a20}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = io_uring_setup(0x1fc4, &(0x7f0000000bc0)={0x0, 0x0, 0x12, 0x0, 0x320})
r4 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
r5 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
r6 = memfd_create(&(0x7f0000000940)='y\x105\xfb\xf7u\x83%\b\x00\x00\x00\x00\x00\x00\x00\xea_\xccZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x10\x00\x00\x00\x04\x879\xa24\xa9a\b\x00\xb2\xd3\xcbZJ\x7fa\xc4\x1acB\xaa\xc1\xfb Q\x96\xd9xJ2\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea\b\x00\x00\x00\x00\x00\x00\x00\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9V\x01A\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\a\x00\x01vRk\xaabB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\x80\x81\xa0\xa2-g\b\x99\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecn\x02\xc8\xc4\f\x04\x99\xf6\xfc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc8L\xae\x1ff\xcf\xb3\xb65\x12\x89\x02\x82t\x0f\xb0\xe89\x16\fO\x19\x91\xfd\x10\x0e\xa7r\x12\xab\xd4\xd1d\xad\f\x11\xb3\xb3c\xe2\xfe\xcd\x9f7\xa1\x14\xfa\xe2\xdf\x7f\xf4NG\xe3\xeb\x18\xde|\xb3\xf5S\x9a\x04\xb4Lry\xa9\xd6\xfb\xbc\n+N\xf7\xf6\x87\x95\xd9+\xd2sc/\x06\xaa#K3,k\xf3(\xcc\xc7\xb47\xfa\xc3\x1c\x91!\xd3\xd2`-\xa2xrR\x1c\x81i\x87u|29Q\xdf\xed\x10\x9b\x930\xa8v\xa0\x88\xa4t\x17\xb2\xca9\x02\x03\xc9P\xcc\xe0\xb7\x9c\x82\xb4\x03\x83e\xee\x95\xccO\x1b\x83\f\n{\xf3\x12\x90\xcf\x10\xb5>\b3\x80\x8d\xb2%7\x10\xeee\xe4\xc3\xb2^\xad\xb6~\xa2\xbdE\xbf\x91\vqt\x81\xbd\x19\xde\x81\tw\xd4p\xd1\x8aNJ\xb3M\a\xc4\xfa\xb0,$\x81j\xb4Hs\x93>\x16U\xd0t\xe4\xca0T\xb7\xf7\x9d4\b\xd9\xdeps\xec\xa0\nJ\xa5\xfe\xda{(\xee\xb5\x11?\xc3I-\x8bc\xc9\xfb\a\xe5\xab\xf8v1\xdc\xc5\x8c\xebs1\x81\xca\x81l\xa12\xff<\xf5\x12\xcc+\xd4\xab\x84\x16\xa4+\x0e\xd4\x02\xe3\xaa1\xeam\x8ce\xb4r\x0eo&3wff\xe6\x91\x7f\xba\xad\x05\xdd\xc0+\"\xa5\x80\'#\xfd\x9dA&\xee \x18\xe5\x17\x1bd\xd0\xb9\x90\xde\xec\xe4M\xe5\x06\x03r\fc\x8c\x10\x99x\xec`e`\xc3F\xdf\xbc\xa8\xff\x05\xe6\xea\xc3u\xd7\t\x88<\"\xf7!\xd6\x0e\xbbE^\xcd\xb0\x15g\xe6\xf2?y1\x9f\xd3\x95\xc4E\xd0\xb4\x16`r\x14\xad\x02\x17\x9a\x86I]\x02f\xd3\xc9\xe1H\xd7c\xcaQ\x8cE7\xcc\xcf=\xf3\xf7\xb9\xf6s\x88\bZi\b*w\xc5;\x88\r\xab\xa1\t\xf1\x02)5\x00\x84', 0xb)
ftruncate(r6, 0xffff)
fcntl$addseals(r6, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r5, 0x40187542, &(0x7f00000002c0)={r6, 0x0, 0x0, 0x8000})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000180))
close_range(r3, 0xffffffffffffffff, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cgroups\x00', 0x0, 0x0)
r8 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/clear_refs\x00', 0x1, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendfile(r8, r7, &(0x7f0000002080)=0x68, 0x23b)

18m26.759100404s ago: executing program 43 (id=1521):
sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x5a20}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = io_uring_setup(0x1fc4, &(0x7f0000000bc0)={0x0, 0x0, 0x12, 0x0, 0x320})
r4 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
r5 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
r6 = memfd_create(&(0x7f0000000940)='y\x105\xfb\xf7u\x83%\b\x00\x00\x00\x00\x00\x00\x00\xea_\xccZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x10\x00\x00\x00\x04\x879\xa24\xa9a\b\x00\xb2\xd3\xcbZJ\x7fa\xc4\x1acB\xaa\xc1\xfb Q\x96\xd9xJ2\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea\b\x00\x00\x00\x00\x00\x00\x00\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9V\x01A\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\a\x00\x01vRk\xaabB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\x80\x81\xa0\xa2-g\b\x99\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecn\x02\xc8\xc4\f\x04\x99\xf6\xfc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc8L\xae\x1ff\xcf\xb3\xb65\x12\x89\x02\x82t\x0f\xb0\xe89\x16\fO\x19\x91\xfd\x10\x0e\xa7r\x12\xab\xd4\xd1d\xad\f\x11\xb3\xb3c\xe2\xfe\xcd\x9f7\xa1\x14\xfa\xe2\xdf\x7f\xf4NG\xe3\xeb\x18\xde|\xb3\xf5S\x9a\x04\xb4Lry\xa9\xd6\xfb\xbc\n+N\xf7\xf6\x87\x95\xd9+\xd2sc/\x06\xaa#K3,k\xf3(\xcc\xc7\xb47\xfa\xc3\x1c\x91!\xd3\xd2`-\xa2xrR\x1c\x81i\x87u|29Q\xdf\xed\x10\x9b\x930\xa8v\xa0\x88\xa4t\x17\xb2\xca9\x02\x03\xc9P\xcc\xe0\xb7\x9c\x82\xb4\x03\x83e\xee\x95\xccO\x1b\x83\f\n{\xf3\x12\x90\xcf\x10\xb5>\b3\x80\x8d\xb2%7\x10\xeee\xe4\xc3\xb2^\xad\xb6~\xa2\xbdE\xbf\x91\vqt\x81\xbd\x19\xde\x81\tw\xd4p\xd1\x8aNJ\xb3M\a\xc4\xfa\xb0,$\x81j\xb4Hs\x93>\x16U\xd0t\xe4\xca0T\xb7\xf7\x9d4\b\xd9\xdeps\xec\xa0\nJ\xa5\xfe\xda{(\xee\xb5\x11?\xc3I-\x8bc\xc9\xfb\a\xe5\xab\xf8v1\xdc\xc5\x8c\xebs1\x81\xca\x81l\xa12\xff<\xf5\x12\xcc+\xd4\xab\x84\x16\xa4+\x0e\xd4\x02\xe3\xaa1\xeam\x8ce\xb4r\x0eo&3wff\xe6\x91\x7f\xba\xad\x05\xdd\xc0+\"\xa5\x80\'#\xfd\x9dA&\xee \x18\xe5\x17\x1bd\xd0\xb9\x90\xde\xec\xe4M\xe5\x06\x03r\fc\x8c\x10\x99x\xec`e`\xc3F\xdf\xbc\xa8\xff\x05\xe6\xea\xc3u\xd7\t\x88<\"\xf7!\xd6\x0e\xbbE^\xcd\xb0\x15g\xe6\xf2?y1\x9f\xd3\x95\xc4E\xd0\xb4\x16`r\x14\xad\x02\x17\x9a\x86I]\x02f\xd3\xc9\xe1H\xd7c\xcaQ\x8cE7\xcc\xcf=\xf3\xf7\xb9\xf6s\x88\bZi\b*w\xc5;\x88\r\xab\xa1\t\xf1\x02)5\x00\x84', 0xb)
ftruncate(r6, 0xffff)
fcntl$addseals(r6, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r5, 0x40187542, &(0x7f00000002c0)={r6, 0x0, 0x0, 0x8000})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000180))
close_range(r3, 0xffffffffffffffff, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cgroups\x00', 0x0, 0x0)
r8 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/clear_refs\x00', 0x1, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendfile(r8, r7, &(0x7f0000002080)=0x68, 0x23b)

17m24.699149263s ago: executing program 1 (id=1719):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000009501f3487374c32811644b6d03108e5bd93be6314518a859094034d6d75a946d014e7003cea14fb0d64605fd774d52cf60179c2ad7c28be3467d8a7639cf817d9a238e6e87c6ae940ad85267de60ac4248acf1546eb371a13664dd6455d879b8c70c7fd20d61276d7964c549e785df4dbdefffd33ac07e89df012994cf9bcf0bf788ba4665342d0523ca2eb462a4bdc6d75729a193df44cb74f5a69445957aba78b5cbecffc13ed367c13c946312e913532b9b6d858d2b1641000fb4d0c090606227a99daf3a9b3c6ed94a1f4f2108179df35e9e4082f5f1a68932ab7cb3fb3874"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2d9c, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000080)=0x2, 0x7f03)
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r6, 0x0, 0x0)
syz_usb_disconnect(r0)

17m20.17595055s ago: executing program 1 (id=1735):
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140), 0xc0100, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000740), 0xffffffffffffffff)
memfd_create(0x0, 0x5)
sendmsg$NL802154_CMD_NEW_INTERFACE(r1, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040000}, 0x4)

17m19.930629868s ago: executing program 1 (id=1738):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x104, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000240)=ANY=[@ANYBLOB="05000000000000006111a800000000008510000002000000850000002a00000095000012000000009500a505000000004e87a152e71078ed1284f64d37e6d2b8fe1eb973629b7ad2f80816178b10183babc0dea64e44433857d3a67e03d7b94c8b05a30f4740c5aea2cebc5af1a0e94cbe2b"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000009400000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000c40)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r4, 0x0)
preadv(r4, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="0000000000000000b702000014000000b7030000030000008500000005000000bf0900000000000055090100000000009500000000000000b7020000000000007b2af0ff000000003609080000000000c39af0ffa0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

17m19.516911908s ago: executing program 1 (id=1743):
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382)
memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r3 = socket$inet6(0xa, 0x3, 0x4)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, 0x0, 0x0)
r4 = getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x3, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendfile(r0, r0, 0x0, 0x1)
close(r0)

17m18.33675591s ago: executing program 1 (id=1747):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_VOICE(r1, 0x112, 0xb, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x10000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x7}, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1a3089, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
setpgid(r5, 0x0)
mount(0x0, &(0x7f0000000300)='./file1\x00', &(0x7f0000000080)='tmpfs\x00', 0x800, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)

17m15.875788055s ago: executing program 1 (id=1753):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)={0x5c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0xfffc}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11, 0x1, 0x0, 0x100}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x21}, 0x0)

17m0.723961068s ago: executing program 44 (id=1753):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)={0x5c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0xfffc}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11, 0x1, 0x0, 0x100}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x21}, 0x0)

14m17.35252415s ago: executing program 3 (id=2224):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmsg$unix(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000580)}, 0x40010000)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000640)={0x8, 0x420004008d}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_GET_NEXT_KEY(0x3, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(0xffffffffffffffff, 0x0, 0x0)
creat(0x0, 0x0)
mount(&(0x7f0000000200)=@nullb, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='nilfs2\x00', 0x1008001, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x60642, 0x0)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x2)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

14m16.242637125s ago: executing program 3 (id=2226):
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
userfaultfd(0x801)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003c40), 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r3, 0x84, 0x79, &(0x7f00000000c0)={0x0, 0x100, 0x9f7b}, 0x8)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000340)={0x0, 0x3}, 0x8)
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r5, 0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sendmsg$nl_route(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=@ipv6_newrule={0x1c, 0x20, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1}}, 0x1c}}, 0x0)

14m14.912439817s ago: executing program 3 (id=2231):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000140)={0x100, 0x640, &(0x7f0000000240)="02e19d2dfa8f6e35", 0x0, 0x8})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)

14m10.231704643s ago: executing program 3 (id=2238):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@ipv4_newroute={0x2c, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x6, 0x2000}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0x8, 0x16, 0x0, 0x1, @MPLS_IPTUNNEL_DST={0x4}}]}, 0x2c}}, 0x0)

14m7.57765845s ago: executing program 3 (id=2245):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_VOICE(r1, 0x112, 0xb, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x7}, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1a3089, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
setpgid(r5, 0x0)
mount(0x0, &(0x7f0000000300)='./file1\x00', &(0x7f0000000080)='tmpfs\x00', 0x800, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)

14m4.825663072s ago: executing program 3 (id=2248):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000140)={0x100, 0x640, &(0x7f0000000240)="02e19d2dfa8f6e35", 0x0, 0x8})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)

14m3.52754277s ago: executing program 6 (id=2252):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x44004)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000021c0)={0x18, 0x4, &(0x7f0000002180)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)

14m2.104857671s ago: executing program 6 (id=2253):
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
userfaultfd(0x801)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003c40)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r3, 0x84, 0x79, &(0x7f00000000c0)={0x0, 0x100, 0x9f7b}, 0x8)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000340)={0x0, 0x3}, 0x8)
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r5, 0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sendmsg$nl_route(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=@ipv6_newrule={0x1c, 0x20, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1}}, 0x1c}}, 0x0)

14m1.004273272s ago: executing program 6 (id=2255):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@sack_perm, @mss, @sack_perm, @sack_perm, @sack_perm, @timestamp, @timestamp, @sack_perm], 0x8)
sendto$inet(r0, &(0x7f00000004c0)='<', 0x1, 0x805, 0x0, 0x0)

14m0.835623968s ago: executing program 6 (id=2256):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xfffffffffffffffe}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
gettid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r4}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000)
r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000c00)=ANY=[@ANYBLOB="18080000feffff3f000000000000001c85100000060000008510000004000000660800000000000018000000000000000000000000000000950000000000000095000000000000009500"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000a334625215feb3080b8749a22377a1344fc773854ebebd3f3a36248532ae6e312c0080430c21b2dad957214289bae450fe07122ab3adfa15bc43243b8b204a1b8ada9bad1a51a7a2121dc92a5d20fb5794c0950b25b7333953d6d0b28b42e3b5b7e2d5e92e6a836efd91a594f992de1e21db4152d60815e732e0b3ac8f98ea0d503428c6ef534e0cde4015392b8dd7d0f5b9731d0e9486ba7fb278bff2f36fa210c86a76c34acf4006524c66fc130d54091552947ed3edfc8dd2b620b3a34f49c2a512af39c39ef812ce0ec919f1df875221a9dc638c", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000200)={'veth1\x00', <r8=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x80, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)

13m59.66636894s ago: executing program 6 (id=2258):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_VOICE(r1, 0x112, 0xb, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x7}, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1a3089, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
setpgid(r5, 0x0)
mount(0x0, &(0x7f0000000300)='./file1\x00', &(0x7f0000000080)='tmpfs\x00', 0x800, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)

13m58.157062306s ago: executing program 6 (id=2264):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@ipv4_newroute={0x2c, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x6, 0x2000}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0x8, 0x16, 0x0, 0x1, @MPLS_IPTUNNEL_DST={0x4}}]}, 0x2c}}, 0x0)

13m49.663461202s ago: executing program 45 (id=2248):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000140)={0x100, 0x640, &(0x7f0000000240)="02e19d2dfa8f6e35", 0x0, 0x8})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)

13m41.961732012s ago: executing program 46 (id=2264):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@ipv4_newroute={0x2c, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x6, 0x2000}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0x8, 0x16, 0x0, 0x1, @MPLS_IPTUNNEL_DST={0x4}}]}, 0x2c}}, 0x0)

8m31.53647713s ago: executing program 4 (id=3117):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x18, r1, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0x4}]}, 0x18}}, 0x400005c)

8m30.858799508s ago: executing program 4 (id=3119):
ioctl$BTRFS_IOC_START_SYNC(0xffffffffffffffff, 0x80089418, &(0x7f0000000000))
gettid()
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x10, &(0x7f00000008c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sysvipc/shm\x00', 0x0, 0x0)
r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r2, 0x90009427, &(0x7f0000000180))
lseek(r1, 0x164, 0x0)
r3 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="540000001200010000000000000000000a00000000004e2200000000ffffffff00"/56, @ANYRES32=0x0, @ANYBLOB="20c91c498118b7e2030000004832c54e9683f5c65ef10c5f"], 0x54}}, 0x20004010)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r4=>r1}, './file0\x00'})
read$FUSE(r4, &(0x7f00000005c0)={0x2020}, 0x2020)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000001c0)=@filter={'filter\x00', 0x42, 0x4, 0x370, 0xffffffff, 0x0, 0xf8, 0x1b8, 0xffffffff, 0xffffffff, 0x2d8, 0x2d8, 0x2d8, 0xffffffff, 0x4, 0x0, {[{{@ip={@empty, @loopback, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x11}, 0x0, 0xd0, 0xf8, 0x0, {0x100000000000000}, [@common=@inet=@l2tp={{0x30}, {0x40000, 0x0, 0x2, 0x0, 0xc}}, @common=@unspec=@connmark={{0x30}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@unspec=@state={{0x28}, {0x7}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@uncond, 0x0, 0xe0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00', 0x0, 0x9}}, @common=@socket0={{0x20}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3d0)
r5 = dup(0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x11, r5, 0x4000)

8m29.949514899s ago: executing program 4 (id=3120):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000080)={0xf0f041})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000ff0000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c000280050003001b000000080002400000001108000440000000040900010073797a30000000000900020073797a32"], 0x80}}, 0x0)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount(&(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='udf\x00', 0x1000000, 0x0)
r2 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$NBD_CLEAR_SOCK(r2, 0x1261)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, &(0x7f0000000440))
fstat(0xffffffffffffffff, 0x0)
msgctl$IPC_SET(0x0, 0x1, 0x0)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0)
socket$key(0xf, 0x3, 0x2)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000200)={@rand_addr, @multicast1}, &(0x7f0000000300)=0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x28}}, 0x14)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

8m27.302319641s ago: executing program 4 (id=3129):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x2895018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
umount2(&(0x7f0000000040)='.\x00', 0x2)

8m26.985982138s ago: executing program 4 (id=3131):
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x1020041, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x0, &(0x7f0000000280)}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$phonet(0xffffffffffffffff, &(0x7f0000000040)={0x23, 0x6, 0xff, 0x5}, 0x10)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(0xffffffffffffffff, 0xc0045520, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='veno\x00', 0x5)
sendmmsg$inet(r0, &(0x7f0000001900)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000500)="93bffce623851797a8dc79018d7716840ffc6941c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff91765770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac30538beb5d3ad7830b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e554046d55927c96dcce1609b9c4f8424b9da760270a470f95b99ebb6c7ffbe2876ad8d2f34d612e47b86630000", 0xa8}, {&(0x7f0000000480)="029993440c7a0c95d3bb8cf353fd63c588ffa39f0ff0fca247d0822475", 0x1d}], 0x2}}], 0x1, 0x40c0)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x5, 0x64}, 0x0)

8m21.866895094s ago: executing program 4 (id=3145):
ioctl$BTRFS_IOC_START_SYNC(0xffffffffffffffff, 0x80089418, &(0x7f0000000000))
gettid()
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x10, &(0x7f00000008c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sysvipc/shm\x00', 0x0, 0x0)
r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r2, 0x90009427, &(0x7f0000000180))
lseek(r1, 0x164, 0x0)
r3 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="540000001200010000000000000000000a00000000004e2200000000ffffffff00"/56, @ANYRES32=0x0, @ANYBLOB="20c91c498118b7e2030000004832c54e9683f5c65ef10c5f"], 0x54}}, 0x20004010)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000005c0)={0x2020}, 0x2020)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000001c0)=@filter={'filter\x00', 0x42, 0x4, 0x370, 0xffffffff, 0x0, 0xf8, 0x1b8, 0xffffffff, 0xffffffff, 0x2d8, 0x2d8, 0x2d8, 0xffffffff, 0x4, 0x0, {[{{@ip={@empty, @loopback, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x11}, 0x0, 0xd0, 0xf8, 0x0, {0x100000000000000}, [@common=@inet=@l2tp={{0x30}, {0x40000, 0x0, 0x2, 0x0, 0xc}}, @common=@unspec=@connmark={{0x30}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@unspec=@state={{0x28}, {0x7}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@uncond, 0x0, 0xe0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00', 0x0, 0x9}}, @common=@socket0={{0x20}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3d0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x11, 0xffffffffffffffff, 0x4000)

8m21.158666328s ago: executing program 47 (id=3145):
ioctl$BTRFS_IOC_START_SYNC(0xffffffffffffffff, 0x80089418, &(0x7f0000000000))
gettid()
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x10, &(0x7f00000008c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sysvipc/shm\x00', 0x0, 0x0)
r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r2, 0x90009427, &(0x7f0000000180))
lseek(r1, 0x164, 0x0)
r3 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="540000001200010000000000000000000a00000000004e2200000000ffffffff00"/56, @ANYRES32=0x0, @ANYBLOB="20c91c498118b7e2030000004832c54e9683f5c65ef10c5f"], 0x54}}, 0x20004010)
openat$cachefiles(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000005c0)={0x2020}, 0x2020)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f00000001c0)=@filter={'filter\x00', 0x42, 0x4, 0x370, 0xffffffff, 0x0, 0xf8, 0x1b8, 0xffffffff, 0xffffffff, 0x2d8, 0x2d8, 0x2d8, 0xffffffff, 0x4, 0x0, {[{{@ip={@empty, @loopback, 0x0, 0x0, 'veth0_to_batadv\x00', 'wlan0\x00', {}, {}, 0x11}, 0x0, 0xd0, 0xf8, 0x0, {0x100000000000000}, [@common=@inet=@l2tp={{0x30}, {0x40000, 0x0, 0x2, 0x0, 0xc}}, @common=@unspec=@connmark={{0x30}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@unspec=@state={{0x28}, {0x7}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@uncond, 0x0, 0xe0, 0x120, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00', 0x0, 0x9}}, @common=@socket0={{0x20}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3d0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x11, 0xffffffffffffffff, 0x4000)

17.826375158s ago: executing program 7 (id=4636):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r5, 0x560a, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x2, 0x3, 0x3})
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000680)={'wlan0\x00'})
r6 = add_key$user(&(0x7f0000000240), &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000200)="1d", 0x1, 0xfffffffffffffffe)
r7 = add_key$user(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x0}, &(0x7f0000000740)="69bf05d40ff7e03db3ddca537c6c5612321b25d32064e9ed643d462211406432e87c4d40383939ab8276bfc0294ba021d1ccf9b6b32d1b6c9e8c9737ca2d08305301693ef20a414ca24bed3736d182271d197fc2146a9f55070f3f31155b9081ecbd0fcc0296c88eac143394a776955e8a075194717757c9e085976cac66fd4c5bc83183df2db8205863d7f803e302420e7fc5315861803024f921932a49a4283f6a7d8ab2cbd629e984582467fd6ca63598d554677517903644dc2ef01f8dec", 0xc0, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000280)={r6, r7, r7}, &(0x7f00000002c0)=""/46, 0x2e, &(0x7f0000000380)={&(0x7f0000000300)={'sha1-avx\x00'}})
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000380)={0x0, 0x8c}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280), 0x0)
sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000500)=[{0x0}], 0x1}}], 0x1, 0x34000811)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000002c0)={0x0, 0x9}, 0x8)

17.824600372s ago: executing program 9 (id=4637):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$rxrpc(0x21, 0x2, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r3 = getpid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r3, r2, 0x0, 0x47, 0x0}, 0x30)
socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x210002, 0x0)
socket$inet(0x2, 0x9, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)

16.191808405s ago: executing program 7 (id=4640):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
ptrace$ARCH_GET_MAX_TAG_BITS(0x1e, r1, 0x0, 0x4003)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1d00000007"], 0x50)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xd)

12.682961897s ago: executing program 7 (id=4643):
openat$audio1(0xffffffffffffff9c, &(0x7f00000000c0), 0x20000, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0xc0002, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x7079, 0x400, 0x3, 0x288}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$RNDZAPENTCNT(0xffffffffffffffff, 0x5204, 0x0)
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)

12.645793133s ago: executing program 9 (id=4644):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x50)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0xfffffffe, @loopback}, 0x1c)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x304}, "0400", "0dd12f0d004fcf0000e8bfff1a8600", "cf0f00", "8657e2b7e63b34e4"}, 0x28)
write$binfmt_script(r0, &(0x7f0000001300), 0x8f)
recvmmsg(r0, 0x0, 0x0, 0x40000002, 0x0)
writev(r0, &(0x7f00000030c0)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000013c0)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000001380)=0x40)
writev(r0, &(0x7f0000000080)=[{&(0x7f0000000380)="ac", 0x1}], 0x1)

12.506507604s ago: executing program 9 (id=4647):
io_setup(0xa42, &(0x7f00000000c0))
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000200)={0x2, 0x3, 0x0, 0x3, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x6c}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x6, 0xb}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e24, @remote}}]}, 0x50}, 0x1, 0x7}, 0x20000800)

12.435097602s ago: executing program 0 (id=4648):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[], 0x60}}, 0x0)

12.34271733s ago: executing program 0 (id=4649):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee6, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000240)={0x8, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r4, 0x29, 0x30, &(0x7f0000000480)={0x8, {{0xa, 0x0, 0x0, @mcast1}}, 0x0, 0x20}, 0x5000)

11.011735552s ago: executing program 9 (id=4651):
r0 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab190c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}, 0xa}, 0x1c)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14)
fcntl$setsig(r1, 0xa, 0x13)
fcntl$setlease(r1, 0x400, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x1000000)

8.934331886s ago: executing program 5 (id=4653):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
ptrace$ARCH_GET_MAX_TAG_BITS(0x1e, r1, 0x0, 0x4003)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1d00000007"], 0x50)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xd)

8.771740813s ago: executing program 8 (id=4654):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$rxrpc(0x21, 0x2, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r3 = getpid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r3, r2, 0x0, 0x47, 0x0}, 0x30)
socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x210002, 0x0)
socket$inet(0x2, 0x9, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)

7.734482299s ago: executing program 5 (id=4655):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010002000000000000000000000a04020000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000002cc0010980f40002802c000180080001400000007f0800014000000003080001400000001b0800014000000000080001400000000234000180080001400000000008000140fffffffd080001400000000c08000140000008000800014000010000"], 0x22c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f080003"], 0xf0}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c000180060006006558000004050280ff0411"], 0x528}}, 0xc000)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c0000001100010000000000ecd700224c8a62119372667cb79a3034ffdbdf2500000000000000000000000000000001000000000200000014000d00e000000100"/76], 0x3c}}, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
syz_io_uring_setup(0x1b43, &(0x7f0000000000)={0x0, 0xfffffffe, 0x1000, 0x3, 0x333}, &(0x7f0000000080), &(0x7f0000ff4000))
ioctl$UFFDIO_WAKE(r3, 0x8010aa02, &(0x7f0000000200)={&(0x7f0000fff000/0x1000)=nil, 0x1000})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0xf4d4)
socket$inet_tcp(0x2, 0x1, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x3bf, 0x4, 0x14a}})
ioctl$TCSETS2(r4, 0x402c542b, &(0x7f0000000080)={0xffff7523, 0x81, 0xefcc, 0xa, 0x5, "f06fca79266e82a74b6c5e443a04683cc267a0", 0x7, 0xc})
ioctl$TIOCL_PASTESEL(r4, 0x541c, &(0x7f0000000000))

7.151179455s ago: executing program 9 (id=4656):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee2, 0x8031, 0xffffffffffffffff, 0x1f829000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000940)=[{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000280)="922f51c2652f6ebeb647ba19a7f202a8e9581eee20d85e47931757ced80465193b100f4661504be508b7065d2f6645766dc27d58a5b95c59b6347e126556a5485fb463cd253f62db7af4f59c7c64c64e9b22b1a210fe3a6653b2f8d7da", 0x5d}, {0x0}, {&(0x7f0000000340)="b4abc39e98609540014d02b6c143faecf4206078bb0d", 0x16}, {&(0x7f0000000300)="1b385f11fcb13aa8807cc5e4567a69934d8c78540c7d7c4c51e2260efad685f3a4dc046d04eee6e955d808dcc6398d5bcfda426b8cc9a4b1d7b96c03", 0x3c}, {&(0x7f0000000380)="d0ea5f4d272901aa9bfadbfed5c82f32b5a68216a8108c3f0ebb0a06f79f284facb25bf779074f9c65cf303e5c2ae0f17a7458b0a54cdc1dc2bd6eb7c16dbc21494a531a9771458693372ab595ead33317", 0x51}], 0x5}], 0x1, 0x4c8d0)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)

6.341123894s ago: executing program 8 (id=4657):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ptrace$ARCH_GET_MAX_TAG_BITS(0x1e, 0x0, &(0x7f0000000300), 0x4003)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000004900), r4)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="8b3300000000000000000500"], 0x38}}, 0x0)

6.160049995s ago: executing program 5 (id=4658):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$xdp(0x2c, 0x3, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000180)={0x0, 0x3b, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020002000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00000000000000000014000000110001"], 0x80}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x0)

6.102607334s ago: executing program 0 (id=4659):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[], 0x60}}, 0x0)

4.999211391s ago: executing program 8 (id=4660):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r3, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100), ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[0x0], 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440), 0x8, 0x3c, 0x8, 0x0, 0x0}}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x68, 0x30, 0x9, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x8, {0x10}}, @TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc, 0xa}, {0xc, 0x9, {0x3b}}}}]}]}, 0x68}}, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x101a02, 0x0)

4.673138537s ago: executing program 0 (id=4661):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a876d839240d29c035055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7e8dc34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bb44b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334583239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bf4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc508afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd360000000000000000ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c97a088a22e8b15c3e233db00002e30d46a0024d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c29c5c0ed5bcdf510c3c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ced92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f68fa8d7c2dfb28e1f05e46b0933c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d588afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda6900002a070886df42b27098773b45198b4a34ac97febd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d63521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07afef12ef060cd4403a099f32468f658000b4082d43e12186195cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea209b53b230ef0f2ab85cbdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bd3339403004b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab900000000000000000000d71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdbf24a0c5441ce046078492b53467cfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89cb349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb15f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c00c57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137df47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b558982016b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8b49e3d0168bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85a3009a5d30f479e293a3302e11350ea857b37e76ca3f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c8ffe0d508dcee3070e8b42ac38545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f98117919472b61b20026d7e646174b55d251f7f8ca5ccc22a5efb33b217eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4444e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24000000000000000000000000000000000000cd3211b3842b68a4eddca2eae28529e97a98d7ec3fd902df1ba8fc2ad2377e72d4e7aeacbbccef5614cd965511558f40720025c022bc9c213e407f6bc4b673c55aa8e729299a37fd6339acd906ac861ba56c9fa9b8b12b5e68a3cdadb906355e1f1d336a243172affe50d0fb36c3718a7498eed3d398f405a34d494414e87ef1ce1845510d43d00171d6b4b762f89564c22d542a119878709cd6822c3a3eb47a849b0737929fe9e1eecd1bff5a2b9880e2a6d8a3b3b7e88a673c96cda4455eff1c530db0e6598a2686aa09aeaf0f1aed95aeb8b0a2cc5ca31c0f56285cc05f7090a0e0583cf540d18cd8817e685c7b4ff176178ac1234f23e54445ec20b2689832d78409897a0307e89ebcd5f4ba042a3d10237a5a8a9a6eda36d2f337dc54537b80e8433341b135b4c5bb0173ffde46ccd260e1d4f2c51e8b07bb256f1317912cb1fc9e491e0bb9109e475cc795c23ad9f4f0042c5e9c655a4d865bc4a266e6a1d3d2b7ee53be9efb33a98933b5ba74ee3ac8d34b6af8c1fdbffade3abc80842b74354162f5b994ab5254cb068bc5e2ae242a1d37d0d49947c9317fa1a46c9e259ce0e1f9db992c53f7830a5e8f4fac6b187eb9f15ba61f730f86d7d7b63bbc7a1d9ff37e87a90a14e0655304da069f9009b62717649b6c6af94fcba713f8ee6fcce25aef44d009966614b61be9369ffc589a79051b0a0000000000000003ebd34c41afe268c33c9322c3a783772aec998f51a6e70fb932a8019e72ef5ab127bb30c79ebfd867441083546305fb39449c40a166ea389a6b77b7c87f66e8bf5806726b8fc50b943627314803a12c33312dce0a10f852da3e000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x8, 0x0, &(0x7f0000000480)="b9ff03076844268c", 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50)

4.625362782s ago: executing program 8 (id=4662):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r5, 0x560a, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x2, 0x3, 0x3})
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000680)={'wlan0\x00'})
r6 = add_key$user(&(0x7f0000000240), &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000200)="1d", 0x1, 0xfffffffffffffffe)
r7 = add_key$user(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x0}, &(0x7f0000000740)="69bf05d40ff7e03db3ddca537c6c5612321b25d32064e9ed643d462211406432e87c4d40383939ab8276bfc0294ba021d1ccf9b6b32d1b6c9e8c9737ca2d08305301693ef20a414ca24bed3736d182271d197fc2146a9f55070f3f31155b9081ecbd0fcc0296c88eac143394a776955e8a075194717757c9e085976cac66fd4c5bc83183df2db8205863d7f803e302420e7fc5315861803024f921932a49a4283f6a7d8ab2cbd629e984582467fd6ca63598d554677517903644dc2ef01f8dec", 0xc0, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000280)={r6, r7, r7}, &(0x7f00000002c0)=""/46, 0x2e, &(0x7f0000000380)={&(0x7f0000000300)={'sha1-avx\x00'}})
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000380)={0x0, 0x8c}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280), 0x0)
sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000500)=[{&(0x7f0000000140)}], 0x1}}], 0x1, 0x34000811)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000002c0)={0x0, 0x9}, 0x8)

4.540457924s ago: executing program 5 (id=4663):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a00)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01071fb7761a88cf7a2501000000040001801c0002800c000180080001000f0000000c000180080001"], 0x34}}, 0x2000c050)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x9000)
r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r5, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0xa02, 0x870, 0x1, 0x2, 0xd59f80, 0x19f2, 0x3f, 0x19ef, 0x3, 0x8, 0x2800, 0x6, 0x2, 0xba2, 0xc, 0x30, {0x8, 0xffffffff}, 0xd0, 0x9}})

4.487866344s ago: executing program 7 (id=4664):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'macvtap0\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newtaction={0x44, 0x30, 0xcac229faa96ee7df, 0x0, 0x0, {}, [{0x30, 0x1, [@m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc, 0x4, {0x1}}, {0xc}}}]}]}, 0x44}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r1, @ANYBLOB="800202000a0002"], 0x48}}, 0x0)

3.10700395s ago: executing program 0 (id=4665):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
ptrace$ARCH_GET_MAX_TAG_BITS(0x1e, r1, 0x0, 0x4003)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1d00000007"], 0x50)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xd)

2.532760819s ago: executing program 5 (id=4666):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x101a02, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0x14, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$radio(&(0x7f0000000200), 0x1, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
mount$9p_rdma(&(0x7f0000000240), &(0x7f0000000280)='./file1\x00', &(0x7f0000000300), 0x1000800, &(0x7f0000000440)=ANY=[@ANYBLOB="7472616e733d72646d612c706f72743d3078303030303030303030303030346532302c00d46748fe5b3584e6f344a2f1dd649b2dbe34080e4d12e38ce67a2af1e4947cf7a622cf8e"])
openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189378, 0x0)
copy_file_range(r1, &(0x7f0000000000)=0x7, r1, 0x0, 0x7, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$EVIOCGRAB(r4, 0x40044590, 0x0)
getsockopt$inet_int(r5, 0x0, 0x16, 0x0, &(0x7f0000000240))
r6 = syz_open_dev$video(&(0x7f0000000540), 0x0, 0xe0901)
ioctl$VIDIOC_G_SELECTION(r6, 0xc040565e, &(0x7f0000000000)={0x2, 0x2, 0x0, {0x9, 0x9, 0x80000005, 0x6}})
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x1638, 0x1408, 0x1408, 0x12d0, 0x12d0, 0x12d0, 0x1568, 0x1568, 0x1568, 0x1568, 0x1568, 0x6, 0x0, {[{{@ipv6={@loopback, @local, [0x100fffe00, 0xffffff00, 0x0, 0xffffffff], [0xff, 0xff, 0xff, 0xffffff00], 'netpci0\x00', 'ip6tnl0\x00', {}, {0xff}, 0x4, 0x8, 0x3, 0x2}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00'}, 0x0, 0xa8, 0xd0}, @HL={0x28, 'HL\x00', 0x0, {0x1, 0x6f}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00', {}, {}, 0x0, 0x0, 0x7}, 0x0, 0x1108, 0x1130, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x1, 0x1, 0x1, './cgroup.cpu/syz1\x00', 0x7, {0x5}}}, @common=@inet=@l2tp={{0x30}, {0x2, 0x3, 0x3, 0x1, 0x4}}]}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0xf8, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x5}}, @inet=@rpfilter={{0x28}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x3, 0x10, @ipv4=@remote, 0x4e20}}}, {{@uncond, 0x0, 0x118, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@dst={{0x48}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x4]}}]}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv4=@broadcast, @ipv4=@loopback, 0x9, 0xb, 0x9}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x1698)

2.274362946s ago: executing program 8 (id=4667):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$rxrpc(0x21, 0x2, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = getpid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r2, r1, 0x0, 0x47, 0x0}, 0x30)
socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x210002, 0x0)
socket$inet(0x2, 0x9, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)

2.273381209s ago: executing program 7 (id=4668):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x60)
write$binfmt_script(r0, &(0x7f0000000380)={'#! ', './file0', [{0x20, '('}, {0x20, '/dev/adsp1\x00'}, {0x20, '\xeb\xf2/\x85\xeb\xafOfe!d\xee\x021u\xd4i>/\xdb&\xb67\"\xff\x96\xca\xe9\x90\x13U\xd5\xa3\x87\xf8+\xb4Q\x94\n^s\x03PJ\xd8\xb3\r|\xd1I\'\x99=\x1d\xc9!Aqs\x97\xa6\xe5\xf6\xe9\xeaeH;`\xf3\xddQ\xba\xa2\x16kW\x11\xfa\x1c\xc4\x95JT\xcb8\xdb\x88^%NT6\xfc\xe7.\xef\xc7P\xa6\xfd\xd0\xd6\x92U\xd2A\xcb\xd7\xb8\f%\xfc\xac\x1a\x0f\x8a=\xf0\xcc<g\xbe\xc6UZU\xe4x\xc6\xfd\xe0>\x7f\x06\x01:\xb0o\x9f\xef\xc6#z\x8e\xabWE\x9f'}, {0x20, '/dev/adsp1\x00'}, {0x20, '[^$:+'}]}, 0xc2)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
write$binfmt_script(r0, &(0x7f0000000b00)={'#! ', './bus', [{0x20, ','}, {0x20, '\t\x1b\x1c\x1e\xc3h$\xb0^\x05\xdfn{q\xac\xca\'\xef\xb0*\x11\xdb\xecb\xfd$pY\x1cD\xd4\xf3\x98\xc6\xa1\x88\x9c\xe4\r9!\a\x12\xa9\x18\x93C\v79?L\x98e\f\xb5\x0f8\tH\xa8l\r\xfb\xd6>G\xf5\x0f\x04\x00\xc9ty\xdaJ\x00\x00\x00\x00\x00\x00\x00\x00\xb7kb%\x9b\x1c\xd3\xd2yb8\x99\x8d/WM\x0eL\x1b\xb7\xa0\xc4\xfb)\xf7J$\xa6O\x9d\xe7\x8c\x16s\xa8\xad\xc4\xd6\x94K\f\xb1U\xd2\'\xa3\xc3\x98~\x13X\x98X\x86\xdf\v\xf6\xf2\xa3\xc0#%b\x98r)\x83\xa2\x8b&\xbe-\x05\x89\x15l\x05.d\xe8h\xec\xd2\xc0\xa2\x99\xff]\xdd)A\x10\\\beM \xf0\x7f\"\x8c\xf0\xa6*\\WAV\x9d\x00\x15x\xe0~8\xfc\x95\x1eM\xe4JO\v\x18\xa9Z7\xb6\xa0{\x00)\'\xc3\x82@\x92\x97Q\xb1?\b\xdat\xae\xcc\xc3?\x96i\x17\xcf\x9f^\xf8!A4}\t\x97`\xe1\xf4\x05b\x8c\xb4\xa5\xd0\xfa\xeb;\x142\t\xbb\xbf\xf2\xa5D\xc6q\x10\xdb\xed\xe2\x85JWw\x13\xa1\xb0\x1b\xbe\x8a,C\x99\xd2K\xf3\xb2\x82\x99\x8e\xd4\x8e\xa2\xf2b\x15\xb4\x89\xbf\x8ao@\xab\xb9\xad\xd6\xcc\xa5\x84R\x1e\xb4\n\xe0\xec\xa9\x1d,X\xd3o\x8a\xd8\xa7Z\xe7\x82\xcc6\x04\vT\x1d\xd3\xd9\x94sw\b\xa5\x12\xb1\xa4\x0e\x00\x7fm6\x9b\x1cD$\xfd\xccF\xae\xc9\xde\t\x03\xcd\xed\x89\xc6\xe4\x12\xa8Q%\xe2\x8a\x96\xd3\x86\xe3\xb0\xbc\x06u\x15\xabO-+\x0fR\xfdO\xee\xd8\x19i\xf5\xf7\xbe\x19\xe1\xd0\x11\xe1\xc0I\xe8\x89KZ\x82\x04'}, {0x20, '\x00{aU<7*g\xa0W\x110\xba\'\xd8\xad\xe4\x87\x0f\xbd\x0f\x1d\xfd\xbf]8\x0e\x1d\t\x12\xa2L\xb6i\x03\r\bYK8\xc9c\x99S\xc9\xed\x8b|\xc8r\n\x80\x04!\x80j\x9f\xb6s\xed1\x96\xc5\x16\x0f|hw\xd7z<\xe3\xaa\aKMP\xf8\xc7\xea\xcf\x90\xad\xbf\xc1:\x96\xa1\x8a\xb7)m\x9e\xc81\x85qL\x06\x81\x85\x1d\xd2\xc7\xe9\xe8V\xc4\x88I\xdb\xdd\xb1\x98yC\v\x9d\x1e\xad\xcbQA\x83\xd2e\xfekH\xe2\x86\x01;+\xea,a\x94\xce\xb0h<!^\xe9I\xf2\n\xe1{B#uTb\xdb\xdc<\x00\x8d\xc6\xdc\x86)\xa5\xa9D5\xe9\x8a\xc3\xcc\xad\xa5\xd1\xef\xb3\xe7\x8cZ\xdb(\xbb\tV\xda%Kz\x04\xbe\xf1^\xe7%\x0e\xf1[|\x16f\x97\x8d\x02d\x96w\xb5\xd2\x9d\xb0GO\x06Q\x12F\xf9\xae\xda\xcbI\x16\xfbA\xe4\\\xba\x1c\xe7\xd2G\xdbC\x18\xbc'}, {0x20, 'ext4\x00\xf1\xecs\xfa8\x8b;\xaf\xe3\xf3\xa1\xb1\xf4\x81,\xd5\xce\xdf\xa2\xf0/\xb6\xa2\x8c\x7f\x0f\x1c|\x12\xc8@\xab\x11\x04\xdc\xae\xf5\xee\xb8\xbc\b$\x9fO\x84\x10\x99N\xb4W\xc4\x18\xb1\xa1\xfc\x93~\xe0.\x8b\x91\x0f\xc7\x95\x95\xcf\f\x02G\xba|6\x99\xe5\xb1\x03\xa0\xfc2\xb4\xe5\x00<\xba4\x1a[\xa4\xdd@\x95\x95\x00\xfc\x9b\xeelPFP\x00F'}, {0x20, '@\xe4\x9e\x8d\x8a\r\xf7\xc5\x17\xee\x95\x7f\xa9H[\xa9\x02xjx\x1a\x9f\xe1\x03\xf3\xec\xfdx\x92\x92\x850;-_\xa2SDCCz;\xa2\xf0\xed\xcc\\Y\xf3\x8f\xdb\n\xb1\xfd\xab\xd3\xce\\\xa0\x82\x81\x91|\xe8\xe4\xfd\xdf\\\xb5J\xd4\bB\x1e\xac\xb8\x8e\xac{>cP,'}], 0xa, "9c609c2caa0a9e1aa09c22ad1ac17bf2a77c69a6a2a2cceda93ae379452a59967c7ed17b780362a3806ebd6125884f375a8567c933feceebb6f719d8817d6301bf5998f9a3159ac4c1"}, 0x39b)
mq_open(0x0, 0x6e93ebbbcc0884f5, 0x4, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000580)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x40)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r3, 0xffffffffffffffff, 0x0)

2.180356302s ago: executing program 9 (id=4669):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0xe133, 0x10100}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1e0000007f000000c1ffffff000000002e2200", @ANYRES32], 0x48)
r3 = syz_init_net_socket$ax25(0x3, 0x3, 0x7)
setsockopt$ax25_int(r3, 0x101, 0xc, &(0x7f0000000080)=0x10000, 0x4)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x200)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, 0x0, 0x1, 0x70bd2b, 0x8, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}}, 0x20000004)
connect$ax25(r3, &(0x7f0000000100)={{0x3, @bcast, 0x1}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x48)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)

2.179602223s ago: executing program 7 (id=4670):
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=@newtaction={0x384, 0x30, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x6a00}, [{0x370, 0x1, [@m_skbmod={0x124, 0x2020, 0x0, 0x0, {{0xb}, {0xb8, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24, 0x2, {{0x8, 0x1, 0x3000000a, 0x2, 0x80000003}, 0x4}}, @TCA_SKBMOD_SMAC={0xa, 0x4, @remote}, @TCA_SKBMOD_PARMS={0x24, 0x2, {{0x1, 0x7fff, 0x20000000, 0x1, 0x4}, 0x1}}, @TCA_SKBMOD_PARMS={0x24, 0x2, {{0x10, 0xa1, 0x2, 0xfffffffe, 0x2}, 0x8}}, @TCA_SKBMOD_SMAC={0xa, 0x4, @local}, @TCA_SKBMOD_SMAC={0xa, 0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, @TCA_SKBMOD_PARMS={0x24, 0x2, {{0x9, 0x62bc, 0x3, 0x5, 0x769}, 0x3}}]}, {0x44, 0x6, "3160690b954228cd51bf8b0f52b71a5696cf74a92524a5e399c933fbc4f926fe4a4c648bd6afeec803459a3b60e96271cd23bed30fdbae7a15104df846f86139"}, {0xc, 0x7, {0x67bdb80157c26324, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_mpls={0x4c, 0x2, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x7a, 0x725, 0x4, 0xf, 0x7ff}, 0x3}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_skbmod={0x120, 0x1d, 0x0, 0x0, {{0xb}, {0xc0, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6, 0x5, 0x5}, @TCA_SKBMOD_SMAC={0xa, 0x4, @remote}, @TCA_SKBMOD_PARMS={0x24, 0x2, {{0x47b, 0x1, 0x8, 0x91e3, 0x713d}, 0x4}}, @TCA_SKBMOD_SMAC={0xa, 0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1f}}, @TCA_SKBMOD_SMAC={0xa, 0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, @TCA_SKBMOD_PARMS={0x24, 0x2, {{0x200, 0xffffffff, 0x3, 0x800, 0x9}, 0xb}}, @TCA_SKBMOD_DMAC={0xa, 0x3, @multicast}, @TCA_SKBMOD_PARMS={0x24, 0x2, {{0x9, 0x5, 0xffffffffffffffff, 0x2007, 0x7}, 0xd}}, @TCA_SKBMOD_SMAC={0xa, 0x4, @multicast}, @TCA_SKBMOD_SMAC={0xa, 0x4, @multicast}]}, {0x37, 0x6, "fb6f4cdf36ebed2b00e98d6492a072d9bdb77ff68051d21e4bc45f4c40c02813febb8c841e3ecc61ddc0f8fc9ccb8e9998fcc1"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_ctinfo={0xdc, 0x4, 0x0, 0x0, {{0xb}, {0x4}, {0xb0, 0x6, "a48b78da95fc81ec59b32248081e7f11b0736da9d814ed35313a6db2b0305bef386938d00fe05f04fc65bccd8e276d45020a304e539fdabe1dc34e5acc64d62d0d31f166f9939079f83ebf09807faeda866f62b1a56386ba230775037435ccd77a06939c935946b859f9a4b57c24b1484ba22c1d02bb50dae9b4585ecb639cff05c3ef4024830bd9d3b6b35bc9eb26124391ebf3c0f86b835a3799d5cace0ad5cd1b3f2dc594d9843c5c4746"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x384}}, 0x4048880)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000240)='lp\x00', 0x54)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x23, &(0x7f0000000000), 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000406030000000000000000000000000005000100070000000900020073797a31"], 0x5c}}, 0x0)

1.357081s ago: executing program 0 (id=4671):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
ptrace$ARCH_GET_MAX_TAG_BITS(0x1e, r1, 0x0, 0x4003)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1d00000007"], 0x50)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r4, &(0x7f0000000000), 0xd)

599.16488ms ago: executing program 5 (id=4672):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={r3, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100), ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000340)=[0x0], 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440), 0x8, 0x3c, 0x8, 0x0, 0x0}}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x68, 0x30, 0x9, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x8, {0x10}}, @TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc, 0xa}, {0xc, 0x9, {0x3b}}}}]}]}, 0x68}}, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x101a02, 0x0)

0s ago: executing program 8 (id=4673):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xea100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000080)={[0x0, 0x100000000, 0x1, 0x0, 0x4, 0x0, 0x2004c8, 0x8000000, 0xca, 0x0, 0x259, 0x0, 0x0, 0x3, 0x6, 0x200004000000000], 0xeeef0000, 0x241641})
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x9, 0x6, 0x7, 0x8, 0x0, 0xffffffffffffffff, 0x40, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r3}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socket(0x2, 0x80805, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000))
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0)
r6 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[], 0x0)
r7 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r7, &(0x7f0000001300)="92", 0x2)
syz_usb_control_io$printer(r6, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmmsg(r5, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

 T3479] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1189.927219][ T3479] veth1_macvtap: left promiscuous mode
[ 1189.937106][ T3479] veth0_macvtap: left promiscuous mode
[ 1189.952526][ T3479] veth1_vlan: left promiscuous mode
[ 1189.957979][ T3479] veth0_vlan: left promiscuous mode
[ 1191.523535][ T5825] Bluetooth: hci0: command tx timeout
[ 1191.829459][T19924] kvm: pic: single mode not supported
[ 1191.829487][T19924] kvm: pic: level sensitive irq not supported
[ 1191.852406][T19924] kvm: pic: non byte read
[ 1191.875577][T19924] kvm: pic: non byte read
[ 1191.880520][T19924] kvm: pic: non byte read
[ 1191.902665][T19924] kvm: pic: non byte read
[ 1192.132438][T19924] kvm: pic: non byte read
[ 1192.179348][T19924] kvm: pic: non byte read
[ 1192.469648][T19924] kvm: pic: non byte read
[ 1192.475815][T19924] kvm: pic: non byte read
[ 1192.479025][ T3479] team0 (unregistering): Port device team_slave_1 removed
[ 1192.480613][T19924] kvm: pic: non byte read
[ 1192.573293][ T3479] team0 (unregistering): Port device team_slave_0 removed
[ 1193.748302][ T5825] Bluetooth: hci0: command tx timeout
[ 1194.167870][T19860] chnl_net:caif_netlink_parms(): no params data found
[ 1195.123361][T19860] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1195.143362][T19860] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1195.171892][T19860] bridge_slave_0: entered allmulticast mode
[ 1195.212365][T19860] bridge_slave_0: entered promiscuous mode
[ 1195.234524][T19860] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1195.242575][T19860] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1195.266729][T19860] bridge_slave_1: entered allmulticast mode
[ 1195.298833][T19860] bridge_slave_1: entered promiscuous mode
[ 1195.449709][T19860] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1195.500617][T19860] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1195.607521][T19959] qrtr: Invalid version 0
[ 1195.705528][T19860] team0: Port device team_slave_0 added
[ 1195.730488][T19860] team0: Port device team_slave_1 added
[ 1195.790853][T19860] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1195.815438][T19860] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1195.864850][T19860] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1195.943967][T19860] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1195.966377][T19860] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1195.995987][ T5825] Bluetooth: hci0: command tx timeout
[ 1196.003663][T19860] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1196.110747][T19963] netlink: 300 bytes leftover after parsing attributes in process `syz.0.3187'.
[ 1196.755703][T19860] hsr_slave_0: entered promiscuous mode
[ 1196.765103][T19860] hsr_slave_1: entered promiscuous mode
[ 1197.166840][T19860] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1197.201963][T19860] Cannot create hsr debugfs directory
[ 1198.326009][T19974] No control pipe specified
[ 1198.930329][T19988] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3193'.
[ 1198.939450][T19988] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3193'.
[ 1198.948645][T19988] netlink: 'syz.5.3193': attribute type 15 has an invalid length.
[ 1199.359550][T19986] Falling back ldisc for ptm0.
[ 1200.022932][T19997] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3196'.
[ 1200.724524][T19860] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1200.750984][T19860] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1200.765694][T19860] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1200.786008][T19860] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1201.320920][T19860] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1201.351286][ T5871] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1201.401573][T19860] 8021q: adding VLAN 0 to HW filter on device team0
[ 1201.515244][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1201.522437][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1201.541055][ T5871] usb 9-1: Using ep0 maxpacket: 8
[ 1201.553546][ T5871] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1201.574966][ T5871] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1201.589420][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1201.596609][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1201.624723][ T5871] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1201.685360][ T5871] usb 9-1: New USB device found, idVendor=046d, idProduct=c09b, bcdDevice= 0.00
[ 1201.697099][ T5871] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1201.711997][ T5871] usb 9-1: config 0 descriptor??
[ 1202.155979][ T5871] usbhid 9-1:0.0: can't add hid device: -71
[ 1202.176320][ T5871] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1202.204915][ T5871] usb 9-1: USB disconnect, device number 4
[ 1202.305379][T19860] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1202.811427][T19860] veth0_vlan: entered promiscuous mode
[ 1202.858707][T19860] veth1_vlan: entered promiscuous mode
[ 1202.980689][T19860] veth0_macvtap: entered promiscuous mode
[ 1203.177989][T19860] veth1_macvtap: entered promiscuous mode
[ 1203.220374][T19860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1204.205758][T19860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1204.216706][T19860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1204.227889][T19860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1204.238009][T19860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1204.259750][T19860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1204.506811][T19860] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1204.664686][T20062] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3207'.
[ 1205.063948][T19860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1205.104847][T19860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1205.114854][T19860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1205.147649][T19860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1205.157550][T19860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1205.203281][T19860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1205.266347][T19860] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1205.334344][T19860] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1205.351983][T19860] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1205.403119][T19860] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1205.439060][T19860] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1205.840898][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1205.881301][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1206.413078][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1206.451835][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1206.717229][T20091] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3206'.
[ 1206.726284][T20091] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3206'.
[ 1206.735476][T20091] netlink: 'syz.8.3206': attribute type 15 has an invalid length.
[ 1207.047226][T20085] xt_l2tp: invalid flags combination: 4
[ 1208.663306][ T5825] Bluetooth: hci2: unexpected event for opcode 0x0058
[ 1209.832734][T20131] sp0: Synchronizing with TNC
[ 1209.840444][T20131] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3225'.
[ 1209.849496][T20131] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3225'.
[ 1209.858651][T20131] netlink: 'syz.0.3225': attribute type 15 has an invalid length.
[ 1212.666412][T20153] netlink: 72 bytes leftover after parsing attributes in process `syz.7.3228'.
[ 1212.998278][ T5825] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 1213.007155][ T5825] Bluetooth: hci2: Injecting HCI hardware error event
[ 1213.017818][ T5825] Bluetooth: hci2: hardware error 0x00
[ 1213.697247][T20161] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1215.222245][ T5825] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1216.220969][T20177] netlink: 72 bytes leftover after parsing attributes in process `syz.9.3235'.
[ 1216.280258][T20177] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3235'.
[ 1216.577434][T20201] sp0: Synchronizing with TNC
[ 1216.598772][T20201] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3237'.
[ 1216.607806][T20201] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3237'.
[ 1216.617085][T20201] netlink: 'syz.5.3237': attribute type 15 has an invalid length.
[ 1217.474454][T20214] netlink: 72 bytes leftover after parsing attributes in process `syz.0.3242'.
[ 1220.121230][T20233] xt_l2tp: invalid flags combination: 4
[ 1220.520588][T20247] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1221.552626][   T30] audit: type=1326 audit(2000000107.517:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20255 comm="syz.5.3254" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f57adb8d169 code=0x0
[ 1221.616590][T20258] sp0: Synchronizing with TNC
[ 1221.638595][T20258] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3251'.
[ 1221.647581][T20258] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3251'.
[ 1221.657023][T20258] netlink: 'syz.9.3251': attribute type 15 has an invalid length.
[ 1222.907939][ T5825] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[ 1222.919992][ T5825] CPU: 1 UID: 0 PID: 5825 Comm: kworker/u9:3 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1222.920027][ T5825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1222.920043][ T5825] Workqueue: hci0 hci_rx_work
[ 1222.920077][ T5825] Call Trace:
[ 1222.920086][ T5825]  <TASK>
[ 1222.920096][ T5825]  dump_stack_lvl+0x241/0x360
[ 1222.920127][ T5825]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1222.920159][ T5825]  ? __wake_up_klogd+0xcc/0x110
[ 1222.920190][ T5825]  sysfs_create_dir_ns+0x2fd/0x3f0
[ 1222.920216][ T5825]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1222.920245][ T5825]  kobject_add_internal+0x435/0x8d0
[ 1222.920285][ T5825]  kobject_add+0x15b/0x230
[ 1222.920316][ T5825]  ? preempt_schedule_thunk+0x16/0x30
[ 1222.920348][ T5825]  ? device_add+0x3e7/0xbf0
[ 1222.920378][ T5825]  ? __pfx_kobject_add+0x10/0x10
[ 1222.920416][ T5825]  ? _raw_spin_unlock+0x3e/0x50
[ 1222.920443][ T5825]  ? get_device_parent+0x165/0x410
[ 1222.920476][ T5825]  device_add+0x4e5/0xbf0
[ 1222.920510][ T5825]  hci_conn_add_sysfs+0xe8/0x200
[ 1222.920546][ T5825]  le_conn_complete_evt+0xc6e/0x12a0
[ 1222.920574][ T5825]  ? __pfx_preempt_schedule_irq+0x10/0x10
[ 1222.920609][ T5825]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1222.920643][ T5825]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1222.920668][ T5825]  ? skb_pull_data+0x112/0x230
[ 1222.920695][ T5825]  hci_le_conn_complete_evt+0x18c/0x420
[ 1222.920727][ T5825]  hci_event_packet+0xa5c/0x1550
[ 1222.920752][ T5825]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1222.920781][ T5825]  ? __pfx_hci_event_packet+0x10/0x10
[ 1222.920812][ T5825]  ? kcov_remote_start+0x2e/0x7d0
[ 1222.920842][ T5825]  ? hci_send_to_monitor+0xdc/0x530
[ 1222.920873][ T5825]  hci_rx_work+0x3f3/0xdb0
[ 1222.920901][ T5825]  ? process_scheduled_works+0x9cb/0x18e0
[ 1222.920934][ T5825]  process_scheduled_works+0xac3/0x18e0
[ 1222.920989][ T5825]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1222.921026][ T5825]  ? assign_work+0x367/0x3d0
[ 1222.921060][ T5825]  worker_thread+0x870/0xd30
[ 1222.921105][ T5825]  ? __kthread_parkme+0x169/0x1d0
[ 1222.921129][ T5825]  ? __pfx_worker_thread+0x10/0x10
[ 1222.921161][ T5825]  kthread+0x7a9/0x920
[ 1222.921188][ T5825]  ? __pfx_worker_thread+0x10/0x10
[ 1222.921221][ T5825]  ? __pfx_kthread+0x10/0x10
[ 1222.921242][ T5825]  ? __pfx_kthread+0x10/0x10
[ 1222.921266][ T5825]  ? __pfx_kthread+0x10/0x10
[ 1222.921288][ T5825]  ? __pfx_kthread+0x10/0x10
[ 1222.921312][ T5825]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1222.921335][ T5825]  ? lockdep_hardirqs_on+0x9d/0x150
[ 1222.921362][ T5825]  ? __pfx_kthread+0x10/0x10
[ 1222.921385][ T5825]  ret_from_fork+0x4b/0x80
[ 1222.921495][ T5825]  ? __pfx_kthread+0x10/0x10
[ 1222.921528][ T5825]  ret_from_fork_asm+0x1a/0x30
[ 1222.921570][ T5825]  </TASK>
[ 1223.778611][ T5825] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1223.852060][ T5825] Bluetooth: hci0: failed to register connection device
[ 1225.283538][T20296] netlink: 72 bytes leftover after parsing attributes in process `syz.8.3261'.
[ 1226.086677][ T5825] Bluetooth: hci0: command tx timeout
[ 1227.246903][T20309] xt_l2tp: invalid flags combination: 4
[ 1227.606324][T20323] vivid-007: disconnect
[ 1227.971957][T20323] syz.7.3269: attempt to access beyond end of device
[ 1227.971957][T20323] nbd7: rw=0, sector=64, nr_sectors = 1 limit=0
[ 1228.012950][T20330] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3267'.
[ 1228.034871][T20330] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3267'.
[ 1228.044043][T20330] netlink: 'syz.8.3267': attribute type 15 has an invalid length.
[ 1228.134001][T20323] syz.7.3269: attempt to access beyond end of device
[ 1228.134001][T20323] nbd7: rw=0, sector=256, nr_sectors = 1 limit=0
[ 1228.249412][T20327] Falling back ldisc for ptm0.
[ 1228.316457][T20323] UDF-fs: error (device nbd7): udf_read_tagged: read failed, block=256, location=256
[ 1228.418853][T20323] syz.7.3269: attempt to access beyond end of device
[ 1228.418853][T20323] nbd7: rw=0, sector=512, nr_sectors = 1 limit=0
[ 1228.479601][T20323] UDF-fs: error (device nbd7): udf_read_tagged: read failed, block=512, location=512
[ 1228.545536][T20323] UDF-fs: warning (device nbd7): udf_load_vrs: No anchor found
[ 1228.553588][T20323] UDF-fs: Scanning with blocksize 512 failed
[ 1228.564404][T20323] syz.7.3269: attempt to access beyond end of device
[ 1228.564404][T20323] nbd7: rw=0, sector=64, nr_sectors = 2 limit=0
[ 1228.584032][T20323] syz.7.3269: attempt to access beyond end of device
[ 1228.584032][T20323] nbd7: rw=0, sector=512, nr_sectors = 2 limit=0
[ 1229.310005][T20323] UDF-fs: error (device nbd7): udf_read_tagged: read failed, block=256, location=256
[ 1229.311247][T20339] netlink: 'syz.7.3269': attribute type 4 has an invalid length.
[ 1229.328994][T20339] netlink: 'syz.7.3269': attribute type 1 has an invalid length.
[ 1229.336720][T20339] netlink: 168 bytes leftover after parsing attributes in process `syz.7.3269'.
[ 1229.346656][T20323] syz.7.3269: attempt to access beyond end of device
[ 1229.346656][T20323] nbd7: rw=0, sector=1024, nr_sectors = 2 limit=0
[ 1229.509737][T20323] UDF-fs: error (device nbd7): udf_read_tagged: read failed, block=512, location=512
[ 1229.520053][T20323] UDF-fs: warning (device nbd7): udf_load_vrs: No anchor found
[ 1229.527722][T20323] UDF-fs: Scanning with blocksize 1024 failed
[ 1229.535062][T20323] syz.7.3269: attempt to access beyond end of device
[ 1229.535062][T20323] nbd7: rw=0, sector=64, nr_sectors = 4 limit=0
[ 1229.548295][T20323] syz.7.3269: attempt to access beyond end of device
[ 1229.548295][T20323] nbd7: rw=0, sector=1024, nr_sectors = 4 limit=0
[ 1229.583828][T20323] UDF-fs: error (device nbd7): udf_read_tagged: read failed, block=256, location=256
[ 1229.595681][T20323] syz.7.3269: attempt to access beyond end of device
[ 1229.595681][T20323] nbd7: rw=0, sector=2048, nr_sectors = 4 limit=0
[ 1229.811135][T20353] tipc: Started in network mode
[ 1229.816083][T20353] tipc: Node identity 6a2301781e4d, cluster identity 4711
[ 1230.660188][T20353] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1230.667842][T20323] UDF-fs: error (device nbd7): udf_read_tagged: read failed, block=512, location=512
[ 1230.678290][T20323] UDF-fs: warning (device nbd7): udf_load_vrs: No anchor found
[ 1230.851548][T20322] vivid-007: reconnect
[ 1230.896411][T20323] UDF-fs: Scanning with blocksize 2048 failed
[ 1230.936453][T20353] syzkaller0: entered promiscuous mode
[ 1230.964072][T20353] syzkaller0: entered allmulticast mode
[ 1231.096701][T20323] syz.7.3269: attempt to access beyond end of device
[ 1231.096701][T20323] nbd7: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1231.185984][T20323] UDF-fs: error (device nbd7): udf_read_tagged: read failed, block=256, location=256
[ 1231.273443][T20353] tipc: Resetting bearer <eth:syzkaller0>
[ 1231.403629][T20323] UDF-fs: error (device nbd7): udf_read_tagged: read failed, block=512, location=512
[ 1231.455534][T20323] UDF-fs: warning (device nbd7): udf_load_vrs: No anchor found
[ 1231.487545][T20352] tipc: Resetting bearer <eth:syzkaller0>
[ 1231.494013][T20323] UDF-fs: Scanning with blocksize 4096 failed
[ 1231.502586][T20323] UDF-fs: warning (device nbd7): udf_fill_super: No partition found (1)
[ 1231.786502][ T5961] tipc: Node number set to 1953366392
[ 1232.053902][ T5833] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[ 1232.806955][ T5833] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1232.822822][ T5833] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1233.011894][ T5833] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1233.092590][ T5833] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1233.186867][T20368] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1233.201922][ T5833] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 1234.036311][ T5961] usb 10-1: USB disconnect, device number 2
[ 1234.103446][T20402] netlink: 'syz.8.3284': attribute type 14 has an invalid length.
[ 1234.139840][T20402] netlink: 20 bytes leftover after parsing attributes in process `syz.8.3284'.
[ 1236.550301][T20352] tipc: Disabling bearer <eth:syzkaller0>
[ 1236.560173][T20402] bond0: option xmit_hash_policy: invalid value (8)
[ 1236.980935][T20426] vivid-007: disconnect
[ 1237.010717][T20426] bio_check_eod: 2 callbacks suppressed
[ 1237.010733][T20426] syz.5.3290: attempt to access beyond end of device
[ 1237.010733][T20426] nbd5: rw=0, sector=64, nr_sectors = 1 limit=0
[ 1237.054989][T20426] syz.5.3290: attempt to access beyond end of device
[ 1237.054989][T20426] nbd5: rw=0, sector=256, nr_sectors = 1 limit=0
[ 1237.094191][T20426] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[ 1237.115941][T20426] syz.5.3290: attempt to access beyond end of device
[ 1237.115941][T20426] nbd5: rw=0, sector=512, nr_sectors = 1 limit=0
[ 1237.139734][T20426] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[ 1237.149857][T20426] UDF-fs: warning (device nbd5): udf_load_vrs: No anchor found
[ 1237.157805][T20426] UDF-fs: Scanning with blocksize 512 failed
[ 1237.209228][T20426] syz.5.3290: attempt to access beyond end of device
[ 1237.209228][T20426] nbd5: rw=0, sector=64, nr_sectors = 2 limit=0
[ 1237.227280][T20426] syz.5.3290: attempt to access beyond end of device
[ 1237.227280][T20426] nbd5: rw=0, sector=512, nr_sectors = 2 limit=0
[ 1237.242957][T20426] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[ 1237.255745][T20426] syz.5.3290: attempt to access beyond end of device
[ 1237.255745][T20426] nbd5: rw=0, sector=1024, nr_sectors = 2 limit=0
[ 1237.275142][T20426] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[ 1237.285443][T20426] UDF-fs: warning (device nbd5): udf_load_vrs: No anchor found
[ 1237.293123][T20426] UDF-fs: Scanning with blocksize 1024 failed
[ 1237.303012][T20426] syz.5.3290: attempt to access beyond end of device
[ 1237.303012][T20426] nbd5: rw=0, sector=64, nr_sectors = 4 limit=0
[ 1237.342361][T20426] syz.5.3290: attempt to access beyond end of device
[ 1237.342361][T20426] nbd5: rw=0, sector=1024, nr_sectors = 4 limit=0
[ 1238.360517][T20426] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[ 1238.386411][T20426] syz.5.3290: attempt to access beyond end of device
[ 1238.386411][T20426] nbd5: rw=0, sector=2048, nr_sectors = 4 limit=0
[ 1238.401338][T20426] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[ 1238.413639][T20426] UDF-fs: warning (device nbd5): udf_load_vrs: No anchor found
[ 1238.496640][T20426] UDF-fs: Scanning with blocksize 2048 failed
[ 1238.520161][T20426] syz.5.3290: attempt to access beyond end of device
[ 1238.520161][T20426] nbd5: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1238.521004][T20449] netlink: 'syz.5.3290': attribute type 4 has an invalid length.
[ 1238.533455][T20426] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[ 1238.556761][T20426] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[ 1238.566753][T20426] UDF-fs: warning (device nbd5): udf_load_vrs: No anchor found
[ 1238.575816][T20426] UDF-fs: Scanning with blocksize 4096 failed
[ 1238.581749][T20449] netlink: 'syz.5.3290': attribute type 1 has an invalid length.
[ 1238.582635][T20426] UDF-fs: warning (device nbd5): udf_fill_super: No partition found (1)
[ 1238.648539][T20449] netlink: 168 bytes leftover after parsing attributes in process `syz.5.3290'.
[ 1239.051435][T20448] netlink: 52 bytes leftover after parsing attributes in process `syz.7.3292'.
[ 1239.420536][T20425] vivid-007: reconnect
[ 1241.435919][T20474] overlayfs: missing 'lowerdir'
[ 1241.964931][T20485] No control pipe specified
[ 1242.423077][T20476] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1242.570091][T20475] tipc: Disabling bearer <eth:syzkaller0>
[ 1242.759894][T20496] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3305'.
[ 1245.491750][T20534] overlayfs: missing 'lowerdir'
[ 1245.927218][T20541] tipc: Started in network mode
[ 1245.932394][T20541] tipc: Node identity 427b4def789, cluster identity 4711
[ 1245.956283][T20541] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1246.098683][T20546] vivid-007: disconnect
[ 1246.110313][T20541] syzkaller0: entered promiscuous mode
[ 1246.117871][T20541] syzkaller0: entered allmulticast mode
[ 1246.124170][T20541] tipc: Resetting bearer <eth:syzkaller0>
[ 1246.132649][T20546] bio_check_eod: 2 callbacks suppressed
[ 1246.132669][T20546] syz.0.3318: attempt to access beyond end of device
[ 1246.132669][T20546] nbd0: rw=0, sector=64, nr_sectors = 1 limit=0
[ 1246.181090][T20546] syz.0.3318: attempt to access beyond end of device
[ 1246.181090][T20546] nbd0: rw=0, sector=256, nr_sectors = 1 limit=0
[ 1246.228705][T20546] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[ 1246.265352][T20546] syz.0.3318: attempt to access beyond end of device
[ 1246.265352][T20546] nbd0: rw=0, sector=512, nr_sectors = 1 limit=0
[ 1246.288042][ T6396] tipc: Resetting bearer <eth:syzkaller0>
[ 1246.296127][T20546] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[ 1246.308119][T20546] UDF-fs: warning (device nbd0): udf_load_vrs: No anchor found
[ 1246.318564][T20546] UDF-fs: Scanning with blocksize 512 failed
[ 1246.325776][T20546] syz.0.3318: attempt to access beyond end of device
[ 1246.325776][T20546] nbd0: rw=0, sector=64, nr_sectors = 2 limit=0
[ 1246.340604][T20546] syz.0.3318: attempt to access beyond end of device
[ 1246.340604][T20546] nbd0: rw=0, sector=512, nr_sectors = 2 limit=0
[ 1246.355662][T20546] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[ 1246.365865][T20546] syz.0.3318: attempt to access beyond end of device
[ 1246.365865][T20546] nbd0: rw=0, sector=1024, nr_sectors = 2 limit=0
[ 1246.376548][T20540] tipc: Resetting bearer <eth:syzkaller0>
[ 1246.386436][T20546] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[ 1246.397067][T20546] UDF-fs: warning (device nbd0): udf_load_vrs: No anchor found
[ 1246.404918][T20546] UDF-fs: Scanning with blocksize 1024 failed
[ 1246.429602][    T9] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[ 1246.446871][T20546] syz.0.3318: attempt to access beyond end of device
[ 1246.446871][T20546] nbd0: rw=0, sector=64, nr_sectors = 4 limit=0
[ 1246.464961][T20546] syz.0.3318: attempt to access beyond end of device
[ 1246.464961][T20546] nbd0: rw=0, sector=1024, nr_sectors = 4 limit=0
[ 1246.479757][T20546] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[ 1246.494914][T20546] syz.0.3318: attempt to access beyond end of device
[ 1246.494914][T20546] nbd0: rw=0, sector=2048, nr_sectors = 4 limit=0
[ 1246.509995][T20546] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[ 1246.520130][T20546] UDF-fs: warning (device nbd0): udf_load_vrs: No anchor found
[ 1246.528153][T20546] UDF-fs: Scanning with blocksize 2048 failed
[ 1246.550403][T20546] syz.0.3318: attempt to access beyond end of device
[ 1246.550403][T20546] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1246.563833][T20546] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[ 1246.576287][T20546] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[ 1246.585909][T20546] UDF-fs: warning (device nbd0): udf_load_vrs: No anchor found
[ 1246.593840][T20546] UDF-fs: Scanning with blocksize 4096 failed
[ 1246.600408][T20546] UDF-fs: warning (device nbd0): udf_fill_super: No partition found (1)
[ 1247.071270][T20546] netlink: 'syz.0.3318': attribute type 4 has an invalid length.
[ 1247.105529][T20546] netlink: 'syz.0.3318': attribute type 1 has an invalid length.
[ 1247.132639][T20546] netlink: 168 bytes leftover after parsing attributes in process `syz.0.3318'.
[ 1247.145160][    T9] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1247.166715][ T5833] tipc: Node number set to 988499439
[ 1247.524681][    T9] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1247.548638][T20545] vivid-007: reconnect
[ 1247.595064][    T9] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1247.663215][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1247.714124][T20550] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1247.730743][    T9] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 1248.995634][T20580] block device autoloading is deprecated and will be removed.
[ 1249.022744][ T6741] usb 6-1: USB disconnect, device number 20
[ 1250.215518][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1250.882115][T20611] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1255.780957][T20540] tipc: Disabling bearer <eth:syzkaller0>
[ 1255.790107][T20632] lo speed is unknown, defaulting to 1000
[ 1255.796002][T20632] lo speed is unknown, defaulting to 1000
[ 1255.804222][T20632] lo speed is unknown, defaulting to 1000
[ 1255.830742][T20632] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[ 1255.855897][T20632] lo speed is unknown, defaulting to 1000
[ 1255.884948][T20632] lo speed is unknown, defaulting to 1000
[ 1255.935750][T20632] lo speed is unknown, defaulting to 1000
[ 1255.977121][T20632] lo speed is unknown, defaulting to 1000
[ 1255.985178][T20632] lo speed is unknown, defaulting to 1000
[ 1258.109962][T20676] netlink: 52 bytes leftover after parsing attributes in process `syz.0.3347'.
[ 1260.850508][T20704] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1261.852574][T20704] syzkaller0: entered promiscuous mode
[ 1261.888780][T20704] syzkaller0: entered allmulticast mode
[ 1262.405157][T20704] tipc: Resetting bearer <eth:syzkaller0>
[ 1262.773610][T20700] tipc: Resetting bearer <eth:syzkaller0>
[ 1264.777144][T20734] netlink: 52 bytes leftover after parsing attributes in process `syz.9.3360'.
[ 1265.677237][    C1] hrtimer: interrupt took 26660 ns
[ 1265.761603][T20747] netlink: 44 bytes leftover after parsing attributes in process `syz.9.3363'.
[ 1270.168443][T20700] tipc: Disabling bearer <eth:syzkaller0>
[ 1270.201224][T20725] team_slave_0: entered promiscuous mode
[ 1270.207248][T20725] team_slave_1: entered promiscuous mode
[ 1270.255420][T20764] lo speed is unknown, defaulting to 1000
[ 1270.352627][T20725] Process accounting resumed
[ 1270.542071][T20774] overlayfs: failed to resolve './file0': -2
[ 1273.065465][T20820] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3383'.
[ 1273.328978][T20824] lo speed is unknown, defaulting to 1000
[ 1273.405185][T20827] netlink: 72 bytes leftover after parsing attributes in process `syz.5.3386'.
[ 1273.512749][   T30] audit: type=1326 audit(2000000156.105:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20826 comm="syz.5.3386" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f57adb8d169 code=0x0
[ 1273.569998][T20830] overlayfs: failed to resolve './file0': -2
[ 1278.307457][T20913] lo speed is unknown, defaulting to 1000
[ 1278.393898][T20897] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3400'.
[ 1280.433786][    T9] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[ 1281.331932][    T9] usb 10-1: Using ep0 maxpacket: 8
[ 1281.531071][    T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1281.844758][    T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1281.881638][    T9] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1281.895185][    T9] usb 10-1: New USB device found, idVendor=046d, idProduct=c09b, bcdDevice= 0.00
[ 1281.919574][    T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1281.946692][    T9] usb 10-1: config 0 descriptor??
[ 1282.881261][    C0] raw-gadget.0 gadget.9: ignoring, device is not running
[ 1282.891116][    T9] usbhid 10-1:0.0: can't add hid device: -71
[ 1282.897630][    T9] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1282.935477][    T9] usb 10-1: USB disconnect, device number 3
[ 1283.139484][ T5871] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1283.299786][ T5871] usb 9-1: Using ep0 maxpacket: 16
[ 1283.316811][ T5871] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 11
[ 1283.352748][ T5871] usb 9-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[ 1283.388250][ T5871] usb 9-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[ 1283.417998][ T5871] usb 9-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1283.443646][ T5871] usb 9-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[ 1283.468477][ T5871] usb 9-1: config 1 interface 0 has no altsetting 0
[ 1283.486635][ T5871] usb 9-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[ 1283.509895][ T5871] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1283.540056][ T5871] ums-sddr09 9-1:1.0: USB Mass Storage device detected
[ 1283.781118][ T5871] scsi host1: usb-storage 9-1:1.0
[ 1284.064166][ T5904] usb 9-1: USB disconnect, device number 5
[ 1286.042942][T21012] xt_socket: unknown flags 0x58
[ 1286.108199][T21024] lo speed is unknown, defaulting to 1000
[ 1287.281854][T21037] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1288.110470][T21050] bio_check_eod: 2 callbacks suppressed
[ 1288.110486][T21050] syz.8.3425: attempt to access beyond end of device
[ 1288.110486][T21050] nbd8: rw=0, sector=64, nr_sectors = 1 limit=0
[ 1288.202976][T21050] syz.8.3425: attempt to access beyond end of device
[ 1288.202976][T21050] nbd8: rw=0, sector=256, nr_sectors = 1 limit=0
[ 1288.293883][T21050] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=256, location=256
[ 1288.347546][T21050] syz.8.3425: attempt to access beyond end of device
[ 1288.347546][T21050] nbd8: rw=0, sector=512, nr_sectors = 1 limit=0
[ 1288.384601][T21050] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=512, location=512
[ 1288.407938][T21050] syz.8.3425: attempt to access beyond end of device
[ 1288.407938][T21050] nbd8: rw=0, sector=64, nr_sectors = 2 limit=0
[ 1288.566100][T21050] syz.8.3425: attempt to access beyond end of device
[ 1288.566100][T21050] nbd8: rw=0, sector=512, nr_sectors = 2 limit=0
[ 1288.730244][T21050] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=256, location=256
[ 1288.742432][T21050] syz.8.3425: attempt to access beyond end of device
[ 1288.742432][T21050] nbd8: rw=0, sector=1024, nr_sectors = 2 limit=0
[ 1288.760212][T21050] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=512, location=512
[ 1288.804802][T21050] syz.8.3425: attempt to access beyond end of device
[ 1288.804802][T21050] nbd8: rw=0, sector=64, nr_sectors = 4 limit=0
[ 1288.853942][T21050] syz.8.3425: attempt to access beyond end of device
[ 1288.853942][T21050] nbd8: rw=0, sector=1024, nr_sectors = 4 limit=0
[ 1289.154758][T21050] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=256, location=256
[ 1289.476509][T21050] syz.8.3425: attempt to access beyond end of device
[ 1289.476509][T21050] nbd8: rw=0, sector=2048, nr_sectors = 4 limit=0
[ 1289.570542][T21050] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=512, location=512
[ 1289.647403][T21050] syz.8.3425: attempt to access beyond end of device
[ 1289.647403][T21050] nbd8: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1289.728712][T21050] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=256, location=256
[ 1289.740943][T21050] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=512, location=512
[ 1289.751047][T21050] UDF-fs: warning (device nbd8): udf_fill_super: No partition found (1)
[ 1289.953134][T21075] overlayfs: failed to clone upperpath
[ 1291.433305][T21106] veth0_vlan: entered allmulticast mode
[ 1291.530347][T21106] veth0_vlan: left promiscuous mode
[ 1291.544795][T21106] veth0_vlan: entered promiscuous mode
[ 1294.438596][T21128] block device autoloading is deprecated and will be removed.
[ 1295.379712][T21148] bio_check_eod: 2 callbacks suppressed
[ 1295.379733][T21148] syz.5.3443: attempt to access beyond end of device
[ 1295.379733][T21148] nbd5: rw=0, sector=64, nr_sectors = 1 limit=0
[ 1295.429772][T21148] syz.5.3443: attempt to access beyond end of device
[ 1295.429772][T21148] nbd5: rw=0, sector=256, nr_sectors = 1 limit=0
[ 1295.471682][T21148] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[ 1295.498704][T21148] syz.5.3443: attempt to access beyond end of device
[ 1295.498704][T21148] nbd5: rw=0, sector=512, nr_sectors = 1 limit=0
[ 1295.538835][T21152] xt_socket: unknown flags 0x58
[ 1295.555177][T21148] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[ 1295.577121][T21148] syz.5.3443: attempt to access beyond end of device
[ 1295.577121][T21148] nbd5: rw=0, sector=64, nr_sectors = 2 limit=0
[ 1295.619436][T21148] syz.5.3443: attempt to access beyond end of device
[ 1295.619436][T21148] nbd5: rw=0, sector=512, nr_sectors = 2 limit=0
[ 1295.652656][T21148] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[ 1295.699914][T21148] syz.5.3443: attempt to access beyond end of device
[ 1295.699914][T21148] nbd5: rw=0, sector=1024, nr_sectors = 2 limit=0
[ 1295.754915][T21148] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[ 1295.816768][T21148] syz.5.3443: attempt to access beyond end of device
[ 1295.816768][T21148] nbd5: rw=0, sector=64, nr_sectors = 4 limit=0
[ 1295.869206][T21148] syz.5.3443: attempt to access beyond end of device
[ 1295.869206][T21148] nbd5: rw=0, sector=1024, nr_sectors = 4 limit=0
[ 1295.886803][T21148] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[ 1296.795813][T21148] syz.5.3443: attempt to access beyond end of device
[ 1296.795813][T21148] nbd5: rw=0, sector=2048, nr_sectors = 4 limit=0
[ 1296.853620][T21148] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[ 1297.026708][T21148] syz.5.3443: attempt to access beyond end of device
[ 1297.026708][T21148] nbd5: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1297.121237][T21148] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=256, location=256
[ 1297.300635][T21181] vivid-007: disconnect
[ 1297.321103][T21148] UDF-fs: error (device nbd5): udf_read_tagged: read failed, block=512, location=512
[ 1298.004314][T21148] UDF-fs: warning (device nbd5): udf_fill_super: No partition found (1)
[ 1298.051917][T21184] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=256, location=256
[ 1298.122397][T21184] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=512, location=512
[ 1298.195561][T21184] UDF-fs: warning (device nbd8): udf_load_vrs: No anchor found
[ 1298.218519][T21184] UDF-fs: Scanning with blocksize 512 failed
[ 1298.263563][T21184] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=256, location=256
[ 1298.275809][T21184] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=512, location=512
[ 1298.286129][T21184] UDF-fs: warning (device nbd8): udf_load_vrs: No anchor found
[ 1298.293998][T21184] UDF-fs: Scanning with blocksize 1024 failed
[ 1298.309315][T21184] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=256, location=256
[ 1298.321603][T21184] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=512, location=512
[ 1298.331500][T21184] UDF-fs: warning (device nbd8): udf_load_vrs: No anchor found
[ 1298.339536][T21184] UDF-fs: Scanning with blocksize 2048 failed
[ 1298.350319][T21184] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=256, location=256
[ 1298.360766][T21184] UDF-fs: error (device nbd8): udf_read_tagged: read failed, block=512, location=512
[ 1298.371555][T21184] UDF-fs: warning (device nbd8): udf_load_vrs: No anchor found
[ 1298.379660][T21184] UDF-fs: Scanning with blocksize 4096 failed
[ 1298.385890][T21184] UDF-fs: warning (device nbd8): udf_fill_super: No partition found (1)
[ 1298.824029][T21181] netlink: 'syz.8.3448': attribute type 4 has an invalid length.
[ 1298.858770][T21181] netlink: 'syz.8.3448': attribute type 1 has an invalid length.
[ 1298.934050][T21181] netlink: 168 bytes leftover after parsing attributes in process `syz.8.3448'.
[ 1299.037698][T21179] vivid-007: reconnect
[ 1299.587538][T21220] veth0_vlan: left promiscuous mode
[ 1299.598013][T21220] veth0_vlan: entered promiscuous mode
[ 1299.684277][T21220] lo speed is unknown, defaulting to 1000
[ 1301.933564][T21244] bio_check_eod: 14 callbacks suppressed
[ 1301.933802][T21244] syz.9.3462: attempt to access beyond end of device
[ 1301.933802][T21244] nbd9: rw=0, sector=64, nr_sectors = 1 limit=0
[ 1301.952006][T21246] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1301.974514][T21244] syz.9.3462: attempt to access beyond end of device
[ 1301.974514][T21244] nbd9: rw=0, sector=256, nr_sectors = 1 limit=0
[ 1302.182815][T21244] UDF-fs: error (device nbd9): udf_read_tagged: read failed, block=256, location=256
[ 1302.390994][T21244] syz.9.3462: attempt to access beyond end of device
[ 1302.390994][T21244] nbd9: rw=0, sector=512, nr_sectors = 1 limit=0
[ 1302.457190][T21244] UDF-fs: error (device nbd9): udf_read_tagged: read failed, block=512, location=512
[ 1302.481710][T21244] syz.9.3462: attempt to access beyond end of device
[ 1302.481710][T21244] nbd9: rw=0, sector=64, nr_sectors = 2 limit=0
[ 1302.527389][T21251] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3463'.
[ 1302.547688][T21244] syz.9.3462: attempt to access beyond end of device
[ 1302.547688][T21244] nbd9: rw=0, sector=512, nr_sectors = 2 limit=0
[ 1302.598383][T21244] UDF-fs: error (device nbd9): udf_read_tagged: read failed, block=256, location=256
[ 1302.629999][T21244] syz.9.3462: attempt to access beyond end of device
[ 1302.629999][T21244] nbd9: rw=0, sector=1024, nr_sectors = 2 limit=0
[ 1302.665637][T21244] UDF-fs: error (device nbd9): udf_read_tagged: read failed, block=512, location=512
[ 1302.702599][T21244] syz.9.3462: attempt to access beyond end of device
[ 1302.702599][T21244] nbd9: rw=0, sector=64, nr_sectors = 4 limit=0
[ 1302.734489][T21244] syz.9.3462: attempt to access beyond end of device
[ 1302.734489][T21244] nbd9: rw=0, sector=1024, nr_sectors = 4 limit=0
[ 1302.816498][T21244] UDF-fs: error (device nbd9): udf_read_tagged: read failed, block=256, location=256
[ 1302.876016][T21244] syz.9.3462: attempt to access beyond end of device
[ 1302.876016][T21244] nbd9: rw=0, sector=2048, nr_sectors = 4 limit=0
[ 1303.080266][T21244] UDF-fs: error (device nbd9): udf_read_tagged: read failed, block=512, location=512
[ 1303.272906][T21244] syz.9.3462: attempt to access beyond end of device
[ 1303.272906][T21244] nbd9: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1303.493250][T21244] UDF-fs: error (device nbd9): udf_read_tagged: read failed, block=256, location=256
[ 1303.534472][T21244] UDF-fs: error (device nbd9): udf_read_tagged: read failed, block=512, location=512
[ 1303.638905][T21244] UDF-fs: warning (device nbd9): udf_fill_super: No partition found (1)
[ 1304.281436][ T5871] usb 9-1: new full-speed USB device number 6 using dummy_hcd
[ 1304.453499][ T5871] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1304.485591][ T5871] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1304.513270][ T5871] usb 9-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[ 1304.528858][ T5871] usb 9-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1304.537327][ T5871] usb 9-1: Manufacturer: syz
[ 1304.566983][ T5871] usb 9-1: config 0 descriptor??
[ 1305.170797][ T5833] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[ 1305.197932][T21302] No control pipe specified
[ 1305.373952][ T5871] cougar 0003:060B:700A.000B: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.8-1/input0
[ 1305.393853][ T5833] usb 6-1: Using ep0 maxpacket: 8
[ 1305.421622][ T5833] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[ 1305.457829][ T5833] usb 6-1: config 0 has no interface number 0
[ 1305.464002][ T5833] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1305.506219][ T5833] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1305.528266][ T5833] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1305.572101][ T5833] usb 6-1: config 0 descriptor??
[ 1305.741711][ T5833] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1305.905889][ T5833] usb 9-1: USB disconnect, device number 6
[ 1306.177895][T21325] fuse: Bad value for 'fd'
[ 1306.655272][T10942] usb 6-1: USB disconnect, device number 21
[ 1306.759879][T21334] overlayfs: missing 'workdir'
[ 1309.026997][T21373] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(9)
[ 1309.033596][T21373] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1309.072979][T21373] vhci_hcd vhci_hcd.0: Device attached
[ 1309.118231][T21373] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(11)
[ 1309.125002][T21373] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1309.217776][T21389] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1309.241315][T21373] vhci_hcd vhci_hcd.0: Device attached
[ 1309.266725][ T5871] vhci_hcd: vhci_device speed not set
[ 1309.295296][T21389] vhci_hcd vhci_hcd.0: pdev(5) rhport(3) sockfd(16)
[ 1309.301976][T21389] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1309.354494][ T5871] usb 43-1: new full-speed USB device number 2 using vhci_hcd
[ 1309.360348][T21389] vhci_hcd vhci_hcd.0: Device attached
[ 1309.402630][T21373] vhci_hcd vhci_hcd.0: pdev(5) rhport(4) sockfd(18)
[ 1309.409321][T21373] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1309.429552][T21373] vhci_hcd vhci_hcd.0: Device attached
[ 1309.496377][T21389] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1309.511590][T21373] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(20)
[ 1309.518267][T21373] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1309.578600][T21373] vhci_hcd vhci_hcd.0: Device attached
[ 1309.621706][T21373] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1309.681272][T21373] vhci_hcd vhci_hcd.0: pdev(5) rhport(7) sockfd(25)
[ 1309.687937][T21373] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1309.740665][T21373] vhci_hcd vhci_hcd.0: Device attached
[ 1309.909332][T21396] vhci_hcd: connection closed
[ 1309.909578][T21391] vhci_hcd: connection closed
[ 1309.909803][T21383] vhci_hcd: connection closed
[ 1309.923044][ T2888] vhci_hcd: stop threads
[ 1309.927911][T21404] vhci_hcd: connection closed
[ 1309.928860][T21399] vhci_hcd: connection closed
[ 1309.937932][T21377] vhci_hcd: connection reset by peer
[ 1309.967506][ T2888] vhci_hcd: release socket
[ 1309.989596][ T2888] vhci_hcd: disconnect device
[ 1310.007431][ T2888] vhci_hcd: stop threads
[ 1310.027133][ T2888] vhci_hcd: release socket
[ 1310.042970][ T2888] vhci_hcd: disconnect device
[ 1310.061861][ T2888] vhci_hcd: stop threads
[ 1310.066471][ T2888] vhci_hcd: release socket
[ 1310.071509][ T2888] vhci_hcd: disconnect device
[ 1310.081111][ T2888] vhci_hcd: stop threads
[ 1310.085513][ T2888] vhci_hcd: release socket
[ 1310.090454][ T2888] vhci_hcd: disconnect device
[ 1310.095485][ T2888] vhci_hcd: stop threads
[ 1310.102100][ T2888] vhci_hcd: release socket
[ 1310.107088][ T2888] vhci_hcd: disconnect device
[ 1310.125746][ T2888] vhci_hcd: stop threads
[ 1310.139382][ T2888] vhci_hcd: release socket
[ 1310.244777][ T2888] vhci_hcd: disconnect device
[ 1310.278641][T21416] netlink: 52 bytes leftover after parsing attributes in process `syz.9.3490'.
[ 1312.258982][T21431] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3494'.
[ 1312.313116][T21431] hsr_slave_0: left promiscuous mode
[ 1312.319306][T21431] hsr_slave_1: left promiscuous mode
[ 1312.618433][T21435] RDS: rds_bind could not find a transport for ::ffff:172.30.0.8, load rds_tcp or rds_rdma?
[ 1312.633249][T21435] ptrace attach of ""[21437] was attempted by "./syz-executor exec"[21435]
[ 1314.687171][T10942] IPVS: starting estimator thread 0...
[ 1314.932800][T21459] IPVS: using max 30 ests per chain, 72000 per kthread
[ 1314.975545][ T5871] vhci_hcd: vhci_device speed not set
[ 1315.814905][T21478] veth0_vlan: entered allmulticast mode
[ 1315.894371][T21487] veth0_vlan: left promiscuous mode
[ 1315.900571][T21487] veth0_vlan: entered promiscuous mode
[ 1315.924867][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1316.417783][T10866] usb usb44-port1: attempt power cycle
[ 1316.622395][T21503] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[ 1316.628990][T21503] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1316.675113][T21503] vhci_hcd vhci_hcd.0: Device attached
[ 1317.045305][T10866] usb usb44-port1: unable to enumerate USB device
[ 1317.178531][T16970] usb 43-1: new low-speed USB device number 3 using vhci_hcd
[ 1317.429125][T21505] vhci_hcd: connection reset by peer
[ 1317.617563][T20279] vhci_hcd: stop threads
[ 1318.108744][T20279] vhci_hcd: release socket
[ 1318.122678][T20279] vhci_hcd: disconnect device
[ 1318.140941][T21488] Bluetooth: hci0: command 0x0406 tx timeout
[ 1321.804792][T21565] veth0_vlan: entered allmulticast mode
[ 1322.245103][T21566] veth0_vlan: left promiscuous mode
[ 1322.256148][T21566] veth0_vlan: entered promiscuous mode
[ 1322.675580][T16970] vhci_hcd: vhci_device speed not set
[ 1326.660621][T21640] veth0_vlan: left promiscuous mode
[ 1326.673867][T21640] veth0_vlan: entered promiscuous mode
[ 1329.320153][T21664] xt_l2tp: invalid flags combination: 4
[ 1331.103741][T21701] veth0_vlan: left promiscuous mode
[ 1331.109974][T21701] veth0_vlan: entered promiscuous mode
[ 1335.390459][T21758] veth0_vlan: left promiscuous mode
[ 1335.401234][T21758] veth0_vlan: entered promiscuous mode
[ 1339.187271][ T5918] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[ 1339.385159][ T5918] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1339.406562][ T5918] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1339.453477][ T5918] usb 6-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1339.476668][T21808] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1339.498362][ T5918] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1339.531075][ T5918] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1339.540787][T21808] kvm: pic: non byte read
[ 1339.555869][T21808] kvm: pic: level sensitive irq not supported
[ 1339.555948][T21808] kvm: pic: non byte read
[ 1339.578381][ T5918] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 1339.600668][ T5918] usb 6-1: invalid MIDI out EP 0
[ 1339.690848][ T5918] snd-usb-audio 6-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 1339.859898][T21817] udevd[21817]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1340.620166][T21832] veth0_vlan: left promiscuous mode
[ 1340.631710][T21832] veth0_vlan: entered promiscuous mode
[ 1341.221191][    T9] usb 6-1: USB disconnect, device number 22
[ 1344.360076][T21878] netlink: 52 bytes leftover after parsing attributes in process `syz.0.3576'.
[ 1346.981163][T21935] sp0: Synchronizing with TNC
[ 1346.989769][T21935] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3588'.
[ 1346.998801][T21935] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3588'.
[ 1347.007819][T21935] netlink: 'syz.8.3588': attribute type 15 has an invalid length.
[ 1347.030239][T21935] lo speed is unknown, defaulting to 1000
[ 1348.235631][T21946] netlink: 52 bytes leftover after parsing attributes in process `syz.8.3591'.
[ 1355.805753][T22041] overlayfs: failed to resolve './file0': -2
[ 1357.691365][T22064] tmpfs: Unknown parameter 'func'
[ 1362.505160][T22145] QAT: failed to copy from user cfg_data.
[ 1363.348911][T22162] evm: overlay not supported
[ 1363.461146][T22167] overlayfs: failed to resolve './file0': -2
[ 1365.426471][T22211] lo speed is unknown, defaulting to 1000
[ 1369.131538][T22269] No source specified
[ 1370.567223][T22284] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1371.858799][T22295] overlayfs: failed to clone upperpath
[ 1372.033081][T22306] lo speed is unknown, defaulting to 1000
[ 1372.254297][T22319] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3687'.
[ 1374.822167][T22353] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1375.588772][T22369] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1376.465207][T22395] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3699'.
[ 1377.476817][T22407] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1377.738095][T22410] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1378.687974][T22424] veth0_vlan: left promiscuous mode
[ 1378.696860][T22424] veth0_vlan: entered promiscuous mode
[ 1378.755768][T22425] lo speed is unknown, defaulting to 1000
[ 1378.973770][T22429] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1379.200458][T22444] overlayfs: failed to clone upperpath
[ 1381.625111][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1382.290461][T22504] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1382.993468][T22522] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1383.158213][T22522] syzkaller0: entered promiscuous mode
[ 1383.185998][T22522] syzkaller0: entered allmulticast mode
[ 1383.193504][T22522] tipc: Resetting bearer <eth:syzkaller0>
[ 1383.232847][T22521] tipc: Resetting bearer <eth:syzkaller0>
[ 1383.574271][T22534] xt_socket: unknown flags 0x58
[ 1384.475105][T22553] netlink: 52 bytes leftover after parsing attributes in process `syz.7.3737'.
[ 1386.024482][T22521] tipc: Disabling bearer <eth:syzkaller0>
[ 1386.311200][T22560] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1387.482187][ T5871] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[ 1388.468477][T22577] random: crng reseeded on system resumption
[ 1388.647716][ T5871] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1388.663719][ T5871] usb 10-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1388.693978][ T5871] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1388.896967][ T5871] usb 10-1: config 0 descriptor??
[ 1388.913500][ T5871] pwc: Askey VC010 type 2 USB webcam detected.
[ 1389.204523][T22579] xt_l2tp: invalid flags combination: 4
[ 1389.389307][ T5871] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1389.397742][ T5871] pwc: recv_control_msg error -32 req 02 val 2700
[ 1389.405059][ T5871] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1389.439319][ T5871] pwc: recv_control_msg error -32 req 04 val 1000
[ 1389.454760][ T5871] pwc: recv_control_msg error -32 req 04 val 1300
[ 1389.477940][ T5871] pwc: recv_control_msg error -32 req 04 val 1400
[ 1389.508463][ T5871] pwc: recv_control_msg error -32 req 02 val 2000
[ 1389.535054][ T5871] pwc: recv_control_msg error -32 req 02 val 2100
[ 1389.543343][ T5871] pwc: recv_control_msg error -32 req 04 val 1500
[ 1389.570716][ T5871] pwc: recv_control_msg error -32 req 02 val 2500
[ 1389.614934][ T5871] pwc: recv_control_msg error -32 req 02 val 2400
[ 1390.382306][ T5871] pwc: recv_control_msg error -71 req 02 val 2900
[ 1390.418055][ T5871] pwc: recv_control_msg error -71 req 02 val 2800
[ 1390.427839][ T5871] pwc: recv_control_msg error -71 req 04 val 1100
[ 1390.441282][ T5871] pwc: recv_control_msg error -71 req 04 val 1200
[ 1390.470386][ T5871] pwc: Registered as video103.
[ 1390.487650][ T5871] input: PWC snapshot button as /devices/platform/dummy_hcd.9/usb10/10-1/input/input32
[ 1390.602950][ T5871] usb 10-1: USB disconnect, device number 4
[ 1396.101307][T22658] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3760'.
[ 1396.163582][T22693] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3768'.
[ 1396.545929][T10942] usb 10-1: new full-speed USB device number 5 using dummy_hcd
[ 1396.914543][T10942] usb 10-1: unable to get BOS descriptor or descriptor too short
[ 1396.945338][T10942] usb 10-1: not running at top speed; connect to a high speed hub
[ 1396.977433][T10942] usb 10-1: config 2 has an invalid interface number: 18 but max is 0
[ 1396.998735][T10942] usb 10-1: config 2 has no interface number 0
[ 1397.005279][T10942] usb 10-1: config 2 interface 18 has no altsetting 0
[ 1397.067370][T10942] usb 10-1: New USB device found, idVendor=0b48, idProduct=300d, bcdDevice=e6.a4
[ 1397.078966][T10942] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1397.098414][T10942] usb 10-1: Product: syz
[ 1397.102739][T10942] usb 10-1: Manufacturer: syz
[ 1397.121068][T10942] usb 10-1: SerialNumber: syz
[ 1397.386344][T10942] dvb-usb: found a 'Technotrend TT-connect CT-3650' in warm state.
[ 1397.414081][T10942] dvb-usb: bulk message failed: -22 (4/0)
[ 1397.434090][T10942] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1397.466489][T10942] dvb-usb: bulk message failed: -22 (5/0)
[ 1397.486838][T10942] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1397.575096][T10942] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[ 1397.627168][T10942] dvb-usb: Technotrend TT-connect CT-3650 error while loading driver (-19)
[ 1398.158172][T10942] usb 10-1: USB disconnect, device number 5
[ 1398.376086][T22742] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1399.327961][T22764] netlink: 52 bytes leftover after parsing attributes in process `syz.7.3788'.
[ 1399.389147][    T9] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[ 1399.813803][    T9] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1399.843320][    T9] usb 10-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1400.173208][    T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1400.339975][    T9] usb 10-1: config 0 descriptor??
[ 1400.377225][    T9] pwc: Askey VC010 type 2 USB webcam detected.
[ 1400.490404][T22749] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3784'.
[ 1400.695463][T22781] ubi31: attaching mtd0
[ 1400.707045][T22781] ubi31: scanning is finished
[ 1400.712265][T22781] ubi31: empty MTD device detected
[ 1400.838445][    T9] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1400.979540][    T9] pwc: recv_control_msg error -32 req 02 val 2700
[ 1401.123056][    T9] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1401.131182][    T9] pwc: recv_control_msg error -32 req 04 val 1000
[ 1401.152438][    T9] pwc: recv_control_msg error -32 req 04 val 1300
[ 1401.161295][    T9] pwc: recv_control_msg error -32 req 04 val 1400
[ 1401.174841][    T9] pwc: recv_control_msg error -32 req 02 val 2000
[ 1401.184835][    T9] pwc: recv_control_msg error -32 req 02 val 2100
[ 1401.200193][    T9] pwc: recv_control_msg error -32 req 04 val 1500
[ 1401.213067][    T9] pwc: recv_control_msg error -32 req 02 val 2500
[ 1401.229358][    T9] pwc: recv_control_msg error -32 req 02 val 2400
[ 1401.317140][T22781] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[ 1401.328358][T22781] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[ 1401.337385][T22781] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[ 1401.345251][T22781] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[ 1401.357601][T22781] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[ 1401.365942][T22781] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[ 1401.374912][T22781] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3412571986
[ 1401.387372][T22781] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[ 1401.402432][T22787] ubi31: background thread "ubi_bgt31d" started, PID 22787
[ 1401.444981][T22790] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1401.457686][T22789] tipc: Disabling bearer <eth:syzkaller0>
[ 1401.468401][    T9] pwc: recv_control_msg error -71 req 02 val 2900
[ 1401.477609][    T9] pwc: recv_control_msg error -71 req 02 val 2800
[ 1401.511660][    T9] pwc: recv_control_msg error -71 req 04 val 1100
[ 1401.532809][    T9] pwc: recv_control_msg error -71 req 04 val 1200
[ 1401.557842][    T9] pwc: Registered as video103.
[ 1401.563819][    T9] input: PWC snapshot button as /devices/platform/dummy_hcd.9/usb10/10-1/input/input33
[ 1401.587252][    T9] usb 10-1: USB disconnect, device number 6
[ 1402.623130][T22796] delete_channel: no stack
[ 1402.956563][T22815] netlink: 52 bytes leftover after parsing attributes in process `syz.7.3800'.
[ 1405.854408][T22865] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3803'.
[ 1405.981842][ T5918] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[ 1406.962900][ T5918] usb 9-1: Using ep0 maxpacket: 16
[ 1406.974179][ T5918] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1407.146231][T22882] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3816'.
[ 1407.189838][ T5918] usb 9-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[ 1407.206668][ T5918] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1407.232382][ T5918] usb 9-1: config 0 descriptor??
[ 1407.668979][T10942] IPVS: starting estimator thread 0...
[ 1407.821294][T22889] IPVS: using max 18 ests per chain, 43200 per kthread
[ 1407.954536][ T5918] input: bcm5974 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/input/input34
[ 1409.442242][ T5183] bcm5974 9-1:0.0: could not read from device
[ 1409.495785][ T5918] bcm5974 9-1:0.0: could not read from device
[ 1409.640212][T22921] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3826'.
[ 1409.673467][T22921] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3826'.
[ 1409.759069][ T5183] bcm5974 9-1:0.0: could not read from device
[ 1410.028303][ T5918] input: failed to attach handler mousedev to device input34, error: -5
[ 1410.535676][ T5183] bcm5974 9-1:0.0: could not read from device
[ 1410.567685][ T5918] usb 9-1: USB disconnect, device number 7
[ 1413.609880][ T5918] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[ 1413.820388][ T5918] usb 10-1: Using ep0 maxpacket: 16
[ 1414.516420][ T5918] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1414.548741][ T5918] usb 10-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[ 1414.557964][ T5918] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1414.589984][ T5918] usb 10-1: config 0 descriptor??
[ 1414.604870][ T5918] input: bcm5974 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/input/input35
[ 1416.173975][ T5183] bcm5974 10-1:0.0: could not read from device
[ 1416.188714][ T5918] bcm5974 10-1:0.0: could not read from device
[ 1416.247998][ T5183] bcm5974 10-1:0.0: could not read from device
[ 1416.276169][ T5918] input: failed to attach handler mousedev to device input35, error: -5
[ 1416.330579][ T5183] bcm5974 10-1:0.0: could not read from device
[ 1416.417096][ T5183] bcm5974 10-1:0.0: could not read from device
[ 1416.493969][ T5918] usb 10-1: USB disconnect, device number 7
[ 1420.647181][T23092] netlink: 52 bytes leftover after parsing attributes in process `syz.5.3865'.
[ 1422.087108][ T5825] Bluetooth: hci0: ACL packet for unknown connection handle 200
[ 1423.271471][T23111] sp0: Synchronizing with TNC
[ 1423.352043][T23111] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3870'.
[ 1423.501360][T23111] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3870'.
[ 1423.559091][T23112] lo speed is unknown, defaulting to 1000
[ 1423.637075][T23111] netlink: 'syz.5.3870': attribute type 15 has an invalid length.
[ 1424.803999][T23129] ubi: mtd0 is already attached to ubi31
[ 1427.460888][T23166] netlink: 52 bytes leftover after parsing attributes in process `syz.8.3880'.
[ 1430.361690][T23217] netlink: 52 bytes leftover after parsing attributes in process `syz.8.3892'.
[ 1430.838599][T23228] fuse: Bad value for 'fd'
[ 1431.802319][T23237] vivid-007: disconnect
[ 1431.896216][T23243] netlink: 236 bytes leftover after parsing attributes in process `syz.5.3897'.
[ 1432.556030][T23236] vivid-007: reconnect
[ 1434.654239][T23277] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3903'.
[ 1434.674694][T23277] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3903'.
[ 1434.683733][T23277] netlink: 'syz.7.3903': attribute type 15 has an invalid length.
[ 1434.913332][T23277] lo speed is unknown, defaulting to 1000
[ 1436.049809][T23296] fuse: Bad value for 'fd'
[ 1437.025403][T23317] vivid-007: disconnect
[ 1437.380567][T23320] netlink: 236 bytes leftover after parsing attributes in process `syz.5.3910'.
[ 1437.820048][T23316] vivid-007: reconnect
[ 1439.610467][T23362] netlink: 52 bytes leftover after parsing attributes in process `syz.7.3916'.
[ 1439.839417][T23372] overlayfs: failed to resolve './file0': -2
[ 1440.839743][   T30] audit: type=1804 audit(2000000004.638:19): pid=23381 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.8.3920" name="/newroot/317/file0" dev="tmpfs" ino=1762 res=1 errno=0
[ 1441.124687][T23393] xt_l2tp: invalid flags combination: 4
[ 1446.131357][T23428] overlayfs: failed to resolve './file0': -2
[ 1447.239595][T23444] xt_l2tp: invalid flags combination: 4
[ 1447.329467][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1450.537269][T23487] xt_l2tp: invalid flags combination: 4
[ 1452.044506][T23507] overlayfs: failed to resolve './file1': -2
[ 1452.093384][T23510] veth0_vlan: left promiscuous mode
[ 1452.101711][T23510] veth0_vlan: entered promiscuous mode
[ 1453.700130][T23543] netlink: 36 bytes leftover after parsing attributes in process `syz.7.3958'.
[ 1455.356198][ T5918] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[ 1455.561019][ T5918] usb 6-1: Using ep0 maxpacket: 16
[ 1455.715983][ T5918] usb 6-1: config 8 has an invalid interface number: 39 but max is 0
[ 1455.726114][ T5918] usb 6-1: config 8 has no interface number 0
[ 1455.733157][ T5918] usb 6-1: config 8 interface 39 altsetting 1 has an endpoint descriptor with address 0xDF, changing to 0x8F
[ 1455.745463][ T5918] usb 6-1: config 8 interface 39 altsetting 1 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1456.569932][ T5918] usb 6-1: config 8 interface 39 altsetting 1 bulk endpoint 0x8F has invalid maxpacket 0
[ 1456.580834][ T5918] usb 6-1: config 8 interface 39 has no altsetting 0
[ 1456.591923][ T5918] usb 6-1: New USB device found, idVendor=05ac, idProduct=c704, bcdDevice=62.77
[ 1456.644232][ T5918] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1456.681669][ T5918] usb 6-1: Product: syz
[ 1456.702302][ T5918] usb 6-1: Manufacturer: syz
[ 1456.718912][ T5918] usb 6-1: SerialNumber: syz
[ 1457.020172][ T5918] ipheth 6-1:8.39: ipheth_get_macaddr: usb_control_msg: -71
[ 1457.045498][ T5918] ipheth 6-1:8.39: probe with driver ipheth failed with error -71
[ 1457.120974][ T5918] usb 6-1: USB disconnect, device number 23
[ 1458.764811][T23608] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3972'.
[ 1460.826374][T23634] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3979'.
[ 1464.528791][T23682] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1464.537791][T23682] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1466.326462][T23703] netlink: 60 bytes leftover after parsing attributes in process `syz.7.3996'.
[ 1466.699058][T23712] netlink: 36 bytes leftover after parsing attributes in process `syz.9.3998'.
[ 1467.518474][T23719] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[ 1470.287418][T23752] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4007'.
[ 1470.901670][   T30] audit: type=1800 audit(2000000032.756:20): pid=23742 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.4005" name="/" dev="9p" ino=2 res=0 errno=0
[ 1472.517701][T23746] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4006'.
[ 1474.952544][T23815] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4018'.
[ 1475.161542][T16970] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[ 1475.347263][T16970] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1475.462237][T23824] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4020'.
[ 1475.477878][T16970] usb 10-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1475.518224][T16970] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1475.848964][T16970] usb 10-1: config 0 descriptor??
[ 1475.932387][T16970] pwc: Askey VC010 type 2 USB webcam detected.
[ 1476.556812][T16970] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1476.576904][T16970] pwc: recv_control_msg error -32 req 02 val 2700
[ 1476.606791][T16970] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1476.627834][T16970] pwc: recv_control_msg error -32 req 04 val 1000
[ 1476.659128][T16970] pwc: recv_control_msg error -32 req 04 val 1300
[ 1476.676523][T16970] pwc: recv_control_msg error -32 req 04 val 1400
[ 1476.685703][T16970] pwc: recv_control_msg error -32 req 02 val 2000
[ 1476.901229][T16970] pwc: recv_control_msg error -32 req 02 val 2100
[ 1476.946798][T16970] pwc: recv_control_msg error -32 req 04 val 1500
[ 1477.880185][T16970] pwc: recv_control_msg error -32 req 02 val 2500
[ 1478.031382][T23850] xt_l2tp: invalid flags combination: 4
[ 1478.071755][T16970] pwc: recv_control_msg error -32 req 02 val 2400
[ 1478.467904][T16970] pwc: recv_control_msg error -71 req 02 val 2900
[ 1478.495288][T16970] pwc: recv_control_msg error -71 req 02 val 2800
[ 1478.515679][T16970] pwc: recv_control_msg error -71 req 04 val 1100
[ 1478.523038][T16970] pwc: recv_control_msg error -71 req 04 val 1200
[ 1478.554894][T16970] pwc: Registered as video103.
[ 1478.567781][T16970] input: PWC snapshot button as /devices/platform/dummy_hcd.9/usb10/10-1/input/input36
[ 1478.597868][T16970] usb 10-1: USB disconnect, device number 8
[ 1479.139648][   T30] audit: type=1804 audit(2000000040.461:21): pid=23875 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.9.4030" name="/newroot/140/file0" dev="tmpfs" ino=770 res=1 errno=0
[ 1479.623869][T23861] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4027'.
[ 1479.734497][T23885] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1480.009962][T23889] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4032'.
[ 1482.663100][T23917] xt_socket: unknown flags 0x58
[ 1483.095083][T23930] netlink: 52 bytes leftover after parsing attributes in process `syz.5.4041'.
[ 1487.258019][T23979] capability: warning: `syz.0.4054' uses deprecated v2 capabilities in a way that may be insecure
[ 1488.193115][T23988] netlink: 'syz.5.4057': attribute type 19 has an invalid length.
[ 1490.743630][   T30] audit: type=1804 audit(2000000051.308:22): pid=24016 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.4063" name="/newroot/355/file0" dev="tmpfs" ino=1883 res=1 errno=0
[ 1490.824892][T24017] netlink: 'syz.5.4064': attribute type 6 has an invalid length.
[ 1490.850453][T24017] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.4064'.
[ 1490.946779][T24024] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1491.342254][ T5918] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[ 1491.959634][ T5918] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1491.990065][ T5918] usb 10-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1492.029877][ T5918] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1492.091451][ T5918] usb 10-1: config 0 descriptor??
[ 1492.120102][ T5918] pwc: Askey VC010 type 2 USB webcam detected.
[ 1492.587644][ T5918] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1492.606118][ T5918] pwc: recv_control_msg error -32 req 02 val 2700
[ 1492.628638][ T5918] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1492.635978][ T5918] pwc: recv_control_msg error -32 req 04 val 1000
[ 1492.643509][ T5918] pwc: recv_control_msg error -32 req 04 val 1300
[ 1492.660412][ T5918] pwc: recv_control_msg error -32 req 04 val 1400
[ 1492.677274][ T5918] pwc: recv_control_msg error -32 req 02 val 2000
[ 1492.698899][ T5918] pwc: recv_control_msg error -32 req 02 val 2100
[ 1492.870341][ T5918] pwc: recv_control_msg error -32 req 04 val 1500
[ 1492.879205][ T5918] pwc: recv_control_msg error -32 req 02 val 2500
[ 1492.888554][ T5918] pwc: recv_control_msg error -32 req 02 val 2400
[ 1493.113931][ T5918] pwc: recv_control_msg error -71 req 02 val 2900
[ 1493.164401][ T5918] pwc: recv_control_msg error -71 req 02 val 2800
[ 1493.191053][ T5918] pwc: recv_control_msg error -71 req 04 val 1100
[ 1493.227571][ T5918] pwc: recv_control_msg error -71 req 04 val 1200
[ 1493.256787][T24065] ÿ: renamed from bond_slave_0 (while UP)
[ 1493.283564][ T5918] pwc: Registered as video103.
[ 1493.300547][ T5918] input: PWC snapshot button as /devices/platform/dummy_hcd.9/usb10/10-1/input/input37
[ 1493.336319][ T5918] usb 10-1: USB disconnect, device number 9
[ 1493.863090][T24083] netlink: 52 bytes leftover after parsing attributes in process `syz.7.4077'.
[ 1495.349886][T24113] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1495.892094][T24131] netlink: 52 bytes leftover after parsing attributes in process `syz.9.4091'.
[ 1497.177527][T24150] netlink: 9 bytes leftover after parsing attributes in process `syz.7.4096'.
[ 1497.288985][T24150] 0ªî{X¹¦: entered promiscuous mode
[ 1497.294631][T24150] 0ªî{X¹¦: left allmulticast mode
[ 1497.509877][T24157] lo speed is unknown, defaulting to 1000
[ 1498.902564][T24199] netlink: 52 bytes leftover after parsing attributes in process `syz.8.4104'.
[ 1499.598266][T24215] netlink: 9 bytes leftover after parsing attributes in process `syz.8.4110'.
[ 1499.618050][T24215] gretap0: entered promiscuous mode
[ 1501.288827][T24255] netlink: 52 bytes leftover after parsing attributes in process `syz.7.4120'.
[ 1501.564058][T24269] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1502.882535][   T30] audit: type=1326 audit(2000000062.632:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24278 comm="syz.7.4126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d6538d169 code=0x7ffc0000
[ 1502.904413][   T30] audit: type=1326 audit(2000000062.632:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24278 comm="syz.7.4126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d6538d169 code=0x7ffc0000
[ 1502.931667][   T30] audit: type=1326 audit(2000000062.642:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24278 comm="syz.7.4126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f3d6538d169 code=0x7ffc0000
[ 1503.004036][   T30] audit: type=1326 audit(2000000062.642:26): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=_ pid=24278 comm="syz.7.4126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d6538d169 code=0x7ffc0000
[ 1504.234939][T24322] tipc: Started in network mode
[ 1504.249699][T24322] tipc: Node identity c6257c20ff66, cluster identity 4711
[ 1504.319189][T24322] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1504.549521][T24324] syzkaller0: entered promiscuous mode
[ 1504.564750][T24324] syzkaller0: entered allmulticast mode
[ 1504.576892][T24324] tipc: Resetting bearer <eth:syzkaller0>
[ 1504.704940][  T198] tipc: Resetting bearer <eth:syzkaller0>
[ 1504.723503][T24321] tipc: Resetting bearer <eth:syzkaller0>
[ 1506.442026][T16970] tipc: Node number set to 960724000
[ 1507.301284][T24370] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1508.631379][T24396] netlink: 'syz.7.4155': attribute type 19 has an invalid length.
[ 1511.642412][T24321] tipc: Disabling bearer <eth:syzkaller0>
[ 1512.823975][T24440] xt_l2tp: invalid flags combination: 4
[ 1513.032258][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1515.223408][T24484] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1515.463129][T24484] syzkaller0: entered promiscuous mode
[ 1515.475087][T24484] syzkaller0: entered allmulticast mode
[ 1515.492292][T24484] tipc: Resetting bearer <eth:syzkaller0>
[ 1515.557863][T24476] tipc: Resetting bearer <eth:syzkaller0>
[ 1517.000447][T24507] IPVS: persistence engine module ip_vs_pe_À
 not found
[ 1517.096695][T24513] netlink: 'syz.7.4190': attribute type 19 has an invalid length.
[ 1518.731933][   T30] audit: type=1326 audit(2000000077.491:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24540 comm="syz.9.4195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaa638d169 code=0x7ffc0000
[ 1518.791207][   T30] audit: type=1326 audit(2000000077.529:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24540 comm="syz.9.4195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaa638d169 code=0x7ffc0000
[ 1518.848937][   T30] audit: type=1326 audit(2000000077.529:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24540 comm="syz.9.4195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7ffaa638d169 code=0x7ffc0000
[ 1518.883508][   T30] audit: type=1326 audit(2000000077.529:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24540 comm="syz.9.4195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaa638d169 code=0x7ffc0000
[ 1519.063982][   T30] audit: type=1326 audit(2000000077.529:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24540 comm="syz.9.4195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaa638d169 code=0x7ffc0000
[ 1519.849154][T24566] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4197'.
[ 1521.578664][T24476] tipc: Disabling bearer <eth:syzkaller0>
[ 1521.627730][T24544] lo speed is unknown, defaulting to 1000
[ 1523.530232][T24582] xt_socket: unknown flags 0x58
[ 1524.158689][T24600] overlayfs: failed to resolve './file0': -2
[ 1524.474498][T24606] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4209'.
[ 1524.743788][T24612] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1525.221231][T24614] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1525.387688][T24612] syzkaller0: entered promiscuous mode
[ 1525.393392][T24612] syzkaller0: entered allmulticast mode
[ 1525.399718][T24612] tipc: Resetting bearer <eth:syzkaller0>
[ 1525.466680][T24607] tipc: Resetting bearer <eth:syzkaller0>
[ 1525.848379][T24610] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4211'.
[ 1525.904909][    T9] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[ 1526.099489][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1526.110706][    T9] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1526.188650][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1526.222053][    T9] usb 6-1: config 0 descriptor??
[ 1526.235350][    T9] pwc: Askey VC010 type 2 USB webcam detected.
[ 1526.807632][    T9] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1526.844292][    T9] pwc: recv_control_msg error -32 req 02 val 2700
[ 1526.852941][    T9] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1526.868499][    T9] pwc: recv_control_msg error -32 req 04 val 1000
[ 1526.889156][    T9] pwc: recv_control_msg error -32 req 04 val 1300
[ 1526.917361][    T9] pwc: recv_control_msg error -32 req 04 val 1400
[ 1526.927220][    T9] pwc: recv_control_msg error -32 req 02 val 2000
[ 1526.946725][    T9] pwc: recv_control_msg error -32 req 02 val 2100
[ 1526.955277][    T9] pwc: recv_control_msg error -32 req 04 val 1500
[ 1526.970182][    T9] pwc: recv_control_msg error -32 req 02 val 2500
[ 1526.990059][    T9] pwc: recv_control_msg error -32 req 02 val 2400
[ 1527.224894][    T9] pwc: recv_control_msg error -71 req 02 val 2900
[ 1527.252388][    T9] pwc: recv_control_msg error -71 req 02 val 2800
[ 1527.287809][    T9] pwc: recv_control_msg error -71 req 04 val 1100
[ 1527.313145][    T9] pwc: recv_control_msg error -71 req 04 val 1200
[ 1527.358549][    T9] pwc: Registered as video103.
[ 1527.502944][    T9] input: PWC snapshot button as /devices/platform/dummy_hcd.5/usb6/6-1/input/input39
[ 1528.002184][    T9] usb 6-1: USB disconnect, device number 24
[ 1528.204876][T24645] netlink: 60 bytes leftover after parsing attributes in process `syz.9.4221'.
[ 1529.896879][T24654] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1530.287676][T24660] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1530.691592][   T30] audit: type=1800 audit(2000000088.656:32): pid=24671 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.0.4232" name="file1" dev="overlay" ino=2035 res=0 errno=0
[ 1531.961783][   T30] audit: type=1326 audit(2000000089.863:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24680 comm="syz.5.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57adb8d169 code=0x7ffc0000
[ 1531.994209][   T30] audit: type=1326 audit(2000000089.863:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24680 comm="syz.5.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57adb8d169 code=0x7ffc0000
[ 1532.027299][   T30] audit: type=1326 audit(2000000089.863:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24680 comm="syz.5.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57adb8d169 code=0x7ffc0000
[ 1532.050991][   T30] audit: type=1326 audit(2000000089.863:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24680 comm="syz.5.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57adb8d169 code=0x7ffc0000
[ 1532.076979][   T30] audit: type=1326 audit(2000000089.863:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24680 comm="syz.5.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57adb8d169 code=0x7ffc0000
[ 1532.133979][   T30] audit: type=1326 audit(2000000089.863:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24680 comm="syz.5.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57adb8d169 code=0x7ffc0000
[ 1532.160123][   T30] audit: type=1326 audit(2000000089.863:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24680 comm="syz.5.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57adb8d169 code=0x7ffc0000
[ 1532.186962][   T30] audit: type=1326 audit(2000000089.863:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24680 comm="syz.5.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f57adb8d169 code=0x7ffc0000
[ 1532.212471][   T30] audit: type=1326 audit(2000000089.863:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24680 comm="syz.5.4235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f57adb8d169 code=0x7ffc0000
[ 1532.641689][T24607] tipc: Disabling bearer <eth:syzkaller0>
[ 1532.656751][T24683] bridge0: entered allmulticast mode
[ 1533.022112][T24689] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1533.463077][T24691] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1533.815033][T24697] veth0_vlan: entered allmulticast mode
[ 1534.066002][T24704] overlayfs: failed to clone upperpath
[ 1534.115979][T24698] veth0_vlan: left promiscuous mode
[ 1534.122789][T24698] veth0_vlan: entered promiscuous mode
[ 1534.842087][T24710] netlink: 60 bytes leftover after parsing attributes in process `syz.9.4247'.
[ 1535.513410][T21488] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1535.568121][T21488] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1535.577674][T21488] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1535.594864][T21488] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1535.608814][T21488] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1535.618001][T21488] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1535.810005][  T198] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1535.820871][  T198] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1535.846927][T24723] lo speed is unknown, defaulting to 1000
[ 1535.878134][T24732] lo speed is unknown, defaulting to 1000
[ 1535.969884][  T198] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1535.984465][  T198] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1536.114127][  T198] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1536.156988][  T198] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1536.234166][T24740] veth0_vlan: left promiscuous mode
[ 1536.240731][T24740] veth0_vlan: entered promiscuous mode
[ 1536.379772][  T198] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1536.392748][  T198] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1536.476517][T24723] chnl_net:caif_netlink_parms(): no params data found
[ 1537.839309][T21488] Bluetooth: hci1: command tx timeout
[ 1537.855224][   T30] kauditd_printk_skb: 14 callbacks suppressed
[ 1537.855245][   T30] audit: type=1804 audit(2000000095.370:56): pid=24762 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.7.4262" name="file0" dev="tmpfs" ino=3075 res=1 errno=0
[ 1538.039482][T24723] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1538.064784][T24723] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1538.106873][T24723] bridge_slave_0: entered allmulticast mode
[ 1538.131204][T24723] bridge_slave_0: entered promiscuous mode
[ 1538.160929][T24723] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1538.183584][T24723] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1538.226686][T24723] bridge_slave_1: entered allmulticast mode
[ 1538.606251][T24723] bridge_slave_1: entered promiscuous mode
[ 1540.064148][T21488] Bluetooth: hci1: command tx timeout
[ 1540.423184][T24789] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4270'.
[ 1543.114412][T21488] Bluetooth: hci1: command tx timeout
[ 1544.145525][   T30] audit: type=1804 audit(2000000101.243:57): pid=24804 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.4275" name="/newroot/392/file0" dev="tmpfs" ino=2081 res=1 errno=0
[ 1544.267884][  T198] bond0 (unregistering): Released all slaves
[ 1544.474555][  T198] tipc: Left network mode
[ 1544.486966][T24723] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1544.563028][T24723] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1545.335702][T21488] Bluetooth: hci1: command tx timeout
[ 1545.426328][T24723] team0: Port device team_slave_0 added
[ 1545.479192][T24723] team0: Port device team_slave_1 added
[ 1546.827300][T24723] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1546.893417][T24723] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1547.048905][T24723] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1547.252062][T24723] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1547.259092][T24723] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1547.321928][T24723] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1547.812240][  T198] veth1_macvtap: left promiscuous mode
[ 1547.879722][  T198] veth0_macvtap: left promiscuous mode
[ 1547.890191][  T198] veth1_vlan: left promiscuous mode
[ 1547.902309][  T198] veth0_vlan: left promiscuous mode
[ 1548.719540][T24862] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4288'.
[ 1554.227573][T24723] hsr_slave_0: entered promiscuous mode
[ 1554.249915][T24723] hsr_slave_1: entered promiscuous mode
[ 1554.261343][T24723] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1554.287394][T24723] Cannot create hsr debugfs directory
[ 1554.301477][T10866] lo speed is unknown, defaulting to 1000
[ 1554.375286][T10866] infiniband syz2: ib_query_port failed (-19)
[ 1555.706707][T24935] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1556.648027][T24943] fuse: Bad value for 'fd'
[ 1557.170567][T24723] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1557.198479][T24723] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1557.238228][T24723] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1557.263469][T24723] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1557.429984][T24723] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1557.497741][T24723] 8021q: adding VLAN 0 to HW filter on device team0
[ 1557.535132][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1557.542389][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1557.556025][T24955] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4302'.
[ 1557.596456][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1557.603716][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1557.760810][T24967] netlink: 'syz.8.4307': attribute type 32 has an invalid length.
[ 1558.003142][T24723] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1559.015910][T24997] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4313'.
[ 1559.049141][T25001] fuse: Bad value for 'fd'
[ 1559.054654][T21488] Bluetooth: hci0: ACL packet for unknown connection handle 200
[ 1560.054478][T25014] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4316'.
[ 1560.125047][T24723] veth0_vlan: entered promiscuous mode
[ 1560.161970][T24723] veth1_vlan: entered promiscuous mode
[ 1560.976297][T24723] veth0_macvtap: entered promiscuous mode
[ 1561.063538][T24723] veth1_macvtap: entered promiscuous mode
[ 1561.080575][T24723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1561.104577][T24723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1561.125567][T24723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1561.149282][T24723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1561.169916][T25036] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1561.179979][T24723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1561.206283][T24723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1561.218571][T25036] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1561.231243][T25036] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1561.238271][T24723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1561.270751][T24723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1561.292785][T24723] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1561.330364][T24723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1562.135994][T24723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1562.145946][T24723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1562.731073][T24723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1562.856800][T24723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1562.916783][T24723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1562.928165][T24723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1562.940828][T25051] fuse: Bad value for 'fd'
[ 1562.947682][T24723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1562.958736][T24723] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1562.969316][T24723] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1562.991809][T24723] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1563.011481][T24723] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1563.032389][T24723] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1563.110250][T25055] overlayfs: failed to resolve './file0': -2
[ 1563.699459][T19504] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1563.775800][T19504] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1563.858519][  T198] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1563.951580][  T198] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1564.174162][T25071] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4329'.
[ 1564.217956][T25045] syz.9.4324: vmalloc error: size 100663296, failed to allocated page array size 196608, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1564.260266][T25045] CPU: 0 UID: 0 PID: 25045 Comm: syz.9.4324 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1564.260301][T25045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1564.260311][T25045] Call Trace:
[ 1564.260317][T25045]  <TASK>
[ 1564.260324][T25045]  dump_stack_lvl+0x241/0x360
[ 1564.260349][T25045]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1564.260369][T25045]  ? __pfx__printk+0x10/0x10
[ 1564.260386][T25045]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[ 1564.260405][T25045]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[ 1564.260423][T25045]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[ 1564.260441][T25045]  warn_alloc+0x27c/0x410
[ 1564.260462][T25045]  ? __pfx_warn_alloc+0x10/0x10
[ 1564.260484][T25045]  ? bpf_uprobe_multi_link_attach+0x49c/0xde0
[ 1564.260505][T25045]  ? __get_vm_area_node+0x1c8/0x2d0
[ 1564.260521][T25045]  ? __get_vm_area_node+0x25c/0x2d0
[ 1564.260541][T25045]  __vmalloc_node_range_noprof+0x634/0x1390
[ 1564.260574][T25045]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1564.260593][T25045]  ? preempt_schedule_notrace_thunk+0x16/0x30
[ 1564.260621][T25045]  ? bpf_uprobe_multi_link_attach+0x49c/0xde0
[ 1564.260641][T25045]  __kvmalloc_node_noprof+0x3b2/0x5a0
[ 1564.260657][T25045]  ? bpf_uprobe_multi_link_attach+0x49c/0xde0
[ 1564.260677][T25045]  ? bpf_uprobe_multi_link_attach+0x49c/0xde0
[ 1564.260696][T25045]  ? bpf_uprobe_multi_link_attach+0x47d/0xde0
[ 1564.260718][T25045]  bpf_uprobe_multi_link_attach+0x49c/0xde0
[ 1564.260737][T25045]  ? preempt_schedule+0xe4/0xf0
[ 1564.260760][T25045]  ? __pfx_preempt_schedule+0x10/0x10
[ 1564.260777][T25045]  ? lockdep_hardirqs_on+0x9d/0x150
[ 1564.260799][T25045]  ? __pfx_bpf_uprobe_multi_link_attach+0x10/0x10
[ 1564.260826][T25045]  ? bpf_prog_attach_check_attach_type+0x42c/0x4f0
[ 1564.260852][T25045]  link_create+0x6d7/0x870
[ 1564.260876][T25045]  __sys_bpf+0x559/0x850
[ 1564.260896][T25045]  ? __pfx___sys_bpf+0x10/0x10
[ 1564.260936][T25045]  __x64_sys_bpf+0x7c/0x90
[ 1564.260953][T25045]  do_syscall_64+0xf3/0x230
[ 1564.260974][T25045]  ? clear_bhb_loop+0x45/0xa0
[ 1564.260992][T25045]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1564.261007][T25045] RIP: 0033:0x7ffaa638d169
[ 1564.261033][T25045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1564.261047][T25045] RSP: 002b:00007ffaa41d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1564.261064][T25045] RAX: ffffffffffffffda RBX: 00007ffaa65a6080 RCX: 00007ffaa638d169
[ 1564.261076][T25045] RDX: 0000000000000040 RSI: 00002000000012c0 RDI: 000000000000001c
[ 1564.261086][T25045] RBP: 00007ffaa640e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1564.261096][T25045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1564.261105][T25045] R13: 0000000000000000 R14: 00007ffaa65a6080 R15: 00007fffd7e4cf68
[ 1564.261124][T25045]  </TASK>
[ 1564.261130][T25045] Mem-Info:
[ 1564.704215][T25045] active_anon:427 inactive_anon:12419 isolated_anon:0
[ 1564.704215][T25045]  active_file:17522 inactive_file:37714 isolated_file:0
[ 1564.704215][T25045]  unevictable:768 dirty:158 writeback:0
[ 1564.704215][T25045]  slab_reclaimable:11021 slab_unreclaimable:105828
[ 1564.704215][T25045]  mapped:34544 shmem:7212 pagetables:1271
[ 1564.704215][T25045]  sec_pagetables:0 bounce:0
[ 1564.704215][T25045]  kernel_misc_reclaimable:0
[ 1564.704215][T25045]  free:1297882 free_pcp:2820 free_cma:0
[ 1565.342288][T25045] Node 0 active_anon:1704kB inactive_anon:26588kB active_file:69820kB inactive_file:150856kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:115160kB dirty:668kB writeback:0kB shmem:4592kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11720kB pagetables:5124kB sec_pagetables:0kB all_unreclaimable? no
[ 1565.390559][T25045] Node 1 active_anon:0kB inactive_anon:0kB active_file:280kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:204kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1565.981000][T25045] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1566.039897][T25045] lowmem_reserve[]: 0 2491 2492 2492 2492
[ 1566.056817][T25045] Node 0 DMA32 free:1297204kB boost:0kB min:34184kB low:42728kB high:51272kB reserved_highatomic:0KB active_anon:1700kB inactive_anon:27484kB active_file:69292kB inactive_file:150804kB unevictable:1536kB writepending:708kB present:3129332kB managed:2551256kB mlocked:0kB bounce:0kB free_pcp:1212kB local_pcp:352kB free_cma:0kB
[ 1566.175301][T25045] lowmem_reserve[]: 0 0 0 0 0
[ 1566.209318][T25045] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:36kB active_file:528kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:624kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB
[ 1566.286913][T25045] lowmem_reserve[]: 0 0 0 0 0
[ 1566.300043][T25045] Node 1 Normal free:3912000kB boost:0kB min:55708kB low:69632kB high:83556kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:280kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1566.384864][T25045] lowmem_reserve[]: 0 0 0 0 0
[ 1566.400823][T25045] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1566.434161][T25045] Node 0 DMA32: 181*4kB (UE) 43*8kB (UME) 570*16kB (UME) 772*32kB (UM) 597*64kB (UME) 151*128kB (UME) 80*256kB (UME) 65*512kB (UM) 24*1024kB (UME) 13*2048kB (UME) 264*4096kB (UM) = 1278732kB
[ 1566.480284][T25045] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1566.540628][T25045] Node 1 Normal: 244*4kB (UM) 70*8kB (UME) 50*16kB (UME) 241*32kB (UME) 98*64kB (UME) 31*128kB (UME) 14*256kB (UE) 8*512kB (UM) 3*1024kB (UME) 7*2048kB (UME) 944*4096kB (M) = 3912000kB
[ 1566.593670][T25045] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1566.764809][T25045] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[ 1566.806088][T25045] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1566.862950][T25045] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1566.901265][T25045] 60857 total pagecache pages
[ 1566.909604][T25045] 0 pages in swap cache
[ 1566.925217][T25045] Free swap  = 124760kB
[ 1566.940957][T25045] Total swap = 124996kB
[ 1566.951265][T25045] 2097051 pages RAM
[ 1566.957487][T25045] 0 pages HighMem/MovableOnly
[ 1566.965761][T25045] 427449 pages reserved
[ 1566.972777][T25045] 0 pages cma reserved
[ 1567.415466][T25120] overlayfs: failed to resolve './file0': -2
[ 1567.561000][T25125] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4341'.
[ 1571.453789][T25177] netlink: 'syz.9.4351': attribute type 19 has an invalid length.
[ 1572.164370][T25184] overlayfs: failed to resolve './file0': -2
[ 1574.439250][T25206] netlink: 'syz.0.4357': attribute type 4 has an invalid length.
[ 1574.447228][T25206] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.4357'.
[ 1575.739654][T25229] netlink: 'syz.9.4364': attribute type 19 has an invalid length.
[ 1576.292789][T25241] fuse: Bad value for 'fd'
[ 1576.685574][ T5825] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1576.700074][ T5825] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1576.708841][ T5825] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1576.720578][ T5825] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1576.729793][ T5825] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1576.739020][ T5825] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1576.897773][T16069] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[ 1577.553671][ T2888] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1577.713143][T16069] usb 6-1: Using ep0 maxpacket: 8
[ 1577.735757][ T2888] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1577.736012][T16069] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[ 1577.762112][T16069] usb 6-1: config 0 has no interface number 0
[ 1577.785039][T16069] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1577.823005][T16069] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1577.840106][T16069] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1577.850727][T16069] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1577.865726][T16069] usb 6-1: config 0 descriptor??
[ 1577.888564][T16069] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1577.945060][ T2888] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1578.034937][ T2888] bridge0: port 3(netdevsim0) entered disabled state
[ 1578.107368][T25242] iowarrior 6-1:0.1: Error -90 while submitting URB
[ 1578.153314][ T2888] netdevsim netdevsim7 netdevsim0 (unregistering): left allmulticast mode
[ 1578.184838][ T2888] netdevsim netdevsim7 netdevsim0 (unregistering): left promiscuous mode
[ 1578.207491][ T2888] bridge0: port 3(netdevsim0) entered disabled state
[ 1578.223517][ T2888] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1578.345342][T25244] chnl_net:caif_netlink_parms(): no params data found
[ 1578.736601][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1578.906568][ T5825] Bluetooth: hci3: command tx timeout
[ 1579.489228][T25244] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1579.502579][T25244] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1579.520998][T25244] bridge_slave_0: entered allmulticast mode
[ 1579.543147][T25244] bridge_slave_0: entered promiscuous mode
[ 1579.560763][ T2888] bridge_slave_1: left allmulticast mode
[ 1579.574647][ T2888] bridge_slave_1: left promiscuous mode
[ 1579.588169][ T2888] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1579.609464][ T2888] bridge_slave_0: left allmulticast mode
[ 1579.626448][ T2888] bridge_slave_0: left promiscuous mode
[ 1579.643169][ T2888] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1579.693871][ T5904] usb 6-1: USB disconnect, device number 25
[ 1581.142585][ T5825] Bluetooth: hci3: command tx timeout
[ 1583.379065][ T5825] Bluetooth: hci3: command tx timeout
[ 1583.729636][ T2888] bond0 (unregistering): (slave 
3
0ÿ): Releasing backup interface
[ 1583.740593][ T2888] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1583.749305][    T9] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[ 1583.761120][ T2888] bond0 (unregistering): Released all slaves
[ 1583.773061][T25244] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1583.780839][T25244] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1583.789338][T25244] bridge_slave_1: entered allmulticast mode
[ 1583.797319][T25244] bridge_slave_1: entered promiscuous mode
[ 1583.826292][T19131] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[ 1583.870149][T25244] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1583.925957][T25244] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1583.937116][    T9] usb 6-1: Using ep0 maxpacket: 8
[ 1583.947504][    T9] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[ 1583.966903][    T9] usb 6-1: config 0 has no interface number 0
[ 1584.616449][    T9] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1584.628603][    T9] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1584.639148][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1584.647378][T19131] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1584.658493][T19131] usb 10-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1584.667909][T19131] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1584.733740][    T9] usb 6-1: config 0 descriptor??
[ 1584.745601][T19131] usb 10-1: config 0 descriptor??
[ 1584.761465][    T9] iowarrior 6-1:0.1: no interrupt-in endpoint found
[ 1584.789308][T19131] pwc: Askey VC010 type 2 USB webcam detected.
[ 1584.906013][T25244] team0: Port device team_slave_0 added
[ 1584.928966][T25244] team0: Port device team_slave_1 added
[ 1584.980330][T19131] pwc: send_video_command error -71
[ 1584.987816][T19131] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 1585.009541][T19131] Philips webcam 10-1:0.0: probe with driver Philips webcam failed with error -71
[ 1585.041846][T19131] usb 10-1: USB disconnect, device number 10
[ 1585.082762][T25244] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1585.091765][T25244] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1585.119524][T25244] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1585.132142][T25244] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1585.141064][T25244] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1585.172953][T25244] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1585.270485][T25244] hsr_slave_0: entered promiscuous mode
[ 1585.277114][T25244] hsr_slave_1: entered promiscuous mode
[ 1585.289544][T25244] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1585.297253][T25244] Cannot create hsr debugfs directory
[ 1585.372688][ T2888] hsr_slave_0: left promiscuous mode
[ 1585.395288][ T2888] hsr_slave_1: left promiscuous mode
[ 1585.405008][ T2888] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1585.416485][ T2888] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1585.434955][ T2888] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1585.444284][ T2888] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1585.495209][ T2888] veth1_macvtap: left promiscuous mode
[ 1585.508886][ T2888] veth0_macvtap: left promiscuous mode
[ 1585.520702][ T2888] veth1_vlan: left promiscuous mode
[ 1585.533053][ T2888] veth0_vlan: left promiscuous mode
[ 1585.583107][ T5825] Bluetooth: hci3: command tx timeout
[ 1585.620547][T19131] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[ 1585.801668][T19131] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1585.820390][T19131] usb 10-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1585.847345][T19131] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1585.871715][T19131] usb 10-1: config 0 descriptor??
[ 1585.883034][T19131] pwc: Askey VC010 type 2 USB webcam detected.
[ 1586.349655][ T2888] team0 (unregistering): Port device team_slave_1 removed
[ 1586.350300][T19131] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1586.365528][T19131] pwc: recv_control_msg error -32 req 02 val 2700
[ 1586.377606][T19131] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1586.386845][T19131] pwc: recv_control_msg error -32 req 04 val 1000
[ 1586.398475][T19131] pwc: recv_control_msg error -32 req 04 val 1300
[ 1586.428089][ T2888] team0 (unregistering): Port device team_slave_0 removed
[ 1587.039321][T19131] pwc: recv_control_msg error -32 req 04 val 1400
[ 1587.089218][T16069] usb 6-1: USB disconnect, device number 26
[ 1587.112353][T19131] pwc: recv_control_msg error -32 req 02 val 2000
[ 1587.147819][T19131] pwc: recv_control_msg error -32 req 02 val 2100
[ 1587.168994][T19131] pwc: recv_control_msg error -32 req 04 val 1500
[ 1587.187925][T19131] pwc: recv_control_msg error -32 req 02 val 2500
[ 1587.241582][T25382] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1587.544450][T19131] pwc: recv_control_msg error -71 req 02 val 2600
[ 1587.698510][T19131] pwc: recv_control_msg error -71 req 02 val 2900
[ 1587.894940][T19131] pwc: recv_control_msg error -71 req 02 val 2800
[ 1587.902315][T19131] pwc: recv_control_msg error -71 req 04 val 1100
[ 1587.939879][T19131] pwc: recv_control_msg error -71 req 04 val 1200
[ 1587.963428][T19131] pwc: Registered as video103.
[ 1587.970285][T19131] input: PWC snapshot button as /devices/platform/dummy_hcd.9/usb10/10-1/input/input40
[ 1587.995545][T19131] usb 10-1: USB disconnect, device number 11
[ 1588.088414][T25391] netlink: 36 bytes leftover after parsing attributes in process `syz.8.4398'.
[ 1588.097797][T25391] netlink: 16 bytes leftover after parsing attributes in process `syz.8.4398'.
[ 1588.111916][T25391] netlink: 36 bytes leftover after parsing attributes in process `syz.8.4398'.
[ 1588.122873][T25391] netlink: 36 bytes leftover after parsing attributes in process `syz.8.4398'.
[ 1589.294463][T25400] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1589.354516][T25400] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1589.404448][T25400] iommufd_mock iommufd_mock2: Adding to iommu group 2
[ 1590.678416][T19131] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[ 1590.745416][T25419] vivid-007: disconnect
[ 1590.881556][T25422] netlink: 'syz.0.4406': attribute type 4 has an invalid length.
[ 1590.889715][T25422] netlink: 'syz.0.4406': attribute type 1 has an invalid length.
[ 1590.897910][T25422] netlink: 168 bytes leftover after parsing attributes in process `syz.0.4406'.
[ 1591.265084][T19131] usb 10-1: Using ep0 maxpacket: 8
[ 1591.280520][T19131] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[ 1591.304602][T19131] usb 10-1: config 0 has no interface number 0
[ 1591.321879][T25417] vivid-007: reconnect
[ 1591.343599][T19131] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1591.394427][T19131] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1591.446683][T19131] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1591.501556][T19131] usb 10-1: config 0 descriptor??
[ 1591.519811][T19131] iowarrior 10-1:0.1: no interrupt-in endpoint found
[ 1592.332941][ T2888] IPVS: stop unused estimator thread 0...
[ 1592.515734][T25244] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1592.569032][T25244] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1592.718843][T25244] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1592.757199][T25244] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1593.997113][T25244] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1594.013310][T25244] 8021q: adding VLAN 0 to HW filter on device team0
[ 1594.095779][T25244] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1594.145965][T25244] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1594.217119][T19504] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1594.224312][T19504] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1594.238830][T19504] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1594.246039][T19504] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1594.291849][ T5961] usb 10-1: USB disconnect, device number 12
[ 1594.452767][T25467] vivid-007: disconnect
[ 1594.782907][T25475] netlink: 'syz.5.4417': attribute type 4 has an invalid length.
[ 1594.791046][T25475] netlink: 'syz.5.4417': attribute type 1 has an invalid length.
[ 1594.799175][T25475] netlink: 168 bytes leftover after parsing attributes in process `syz.5.4417'.
[ 1595.328050][T25466] vivid-007: reconnect
[ 1595.850138][T25244] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1596.395108][T25496] overlayfs: failed to resolve './file0': -2
[ 1598.991275][T25244] veth0_vlan: entered promiscuous mode
[ 1599.002147][T25244] veth1_vlan: entered promiscuous mode
[ 1599.082996][T25244] veth0_macvtap: entered promiscuous mode
[ 1599.117128][T25244] veth1_macvtap: entered promiscuous mode
[ 1600.175751][T25536] netlink: 52 bytes leftover after parsing attributes in process `syz.8.4429'.
[ 1600.277993][T25244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1600.549803][T25244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1600.570099][T25244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1600.603247][T25244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1600.645259][T25244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1600.666737][T25244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1600.709620][T25244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1601.137888][T25244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1601.180938][T25244] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1601.209377][T25244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1601.239291][T25244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1601.261888][T25244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1601.305695][T25244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1601.336687][T25244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1601.422816][T25244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1601.474942][T25244] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1601.518940][T25244] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1601.534042][T25244] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1601.621030][T25244] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1601.693648][T25244] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1601.770964][T25244] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1601.890907][T25244] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1602.359110][ T2888] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1602.405803][ T2888] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1602.519441][  T198] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1602.548571][  T198] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1606.053816][T25611] vivid-007: disconnect
[ 1606.405851][T25614] netlink: 'syz.7.4445': attribute type 4 has an invalid length.
[ 1606.419565][T25614] netlink: 'syz.7.4445': attribute type 1 has an invalid length.
[ 1606.428441][T25614] netlink: 168 bytes leftover after parsing attributes in process `syz.7.4445'.
[ 1606.774642][T25610] vivid-007: reconnect
[ 1608.818192][T16069] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[ 1609.472874][T16069] usb 10-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1609.514725][T16069] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1609.558826][T16069] usb 10-1: config 0 descriptor??
[ 1609.598903][T16069] cp210x 10-1:0.0: cp210x converter detected
[ 1609.804257][T25673] vivid-007: disconnect
[ 1609.853087][T16069] cp210x 10-1:0.0: failed to get vendor val 0x370b size 1: -121
[ 1609.860837][T16069] cp210x 10-1:0.0: querying part number failed
[ 1609.906303][T16069] usb 10-1: cp210x converter now attached to ttyUSB0
[ 1610.164871][T25678] netlink: 'syz.7.4459': attribute type 4 has an invalid length.
[ 1610.172865][T25678] netlink: 'syz.7.4459': attribute type 1 has an invalid length.
[ 1610.182232][T25678] netlink: 168 bytes leftover after parsing attributes in process `syz.7.4459'.
[ 1610.189216][ T5904] usb 10-1: USB disconnect, device number 13
[ 1610.555083][ T5904] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1610.606887][T25609] udevd[25609]: setting owner of /dev/ttyUSB0 to uid=0, gid=18 failed: No such file or directory
[ 1610.667963][ T5904] cp210x 10-1:0.0: device disconnected
[ 1610.735966][T25672] vivid-007: reconnect
[ 1611.572684][T25699] netlink: 'syz.7.4464': attribute type 10 has an invalid length.
[ 1611.647159][T25699] veth0_vlan: left promiscuous mode
[ 1611.696262][T25699] veth0_vlan: entered promiscuous mode
[ 1611.874130][T25699] team0: Device veth0_vlan failed to register rx_handler
[ 1612.991911][T25733] vivid-007: disconnect
[ 1613.846001][T25738] netlink: 236 bytes leftover after parsing attributes in process `syz.5.4474'.
[ 1614.325486][T25731] vivid-007: reconnect
[ 1616.814107][T25778] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4486'.
[ 1617.958163][T25793] overlayfs: failed to resolve './file0': -2
[ 1618.027728][T25794] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4488'.
[ 1618.036958][T25794] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4488'.
[ 1618.065036][T25794] ipvlan2: entered allmulticast mode
[ 1618.679360][T25795] netlink: 68 bytes leftover after parsing attributes in process `syz.7.4489'.
[ 1620.650787][T25816] pimreg: entered allmulticast mode
[ 1621.748486][T16069] IPVS: starting estimator thread 0...
[ 1623.093610][T25843] IPVS: using max 45 ests per chain, 108000 per kthread
[ 1623.798286][T25861] usb usb6: usbfs: process 25861 (syz.0.4501) did not claim interface 0 before use
[ 1626.252943][T25875] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1626.810903][T25889] pimreg: entered allmulticast mode
[ 1626.825995][T19131] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[ 1627.043678][T19131] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1627.098566][T19131] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1627.296677][T19131] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1627.471854][T19131] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1628.224199][T19131] usb 6-1: config 0 descriptor??
[ 1628.561170][T25927] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1628.738783][ T5825] Bluetooth: hci0: command 0x0406 tx timeout
[ 1630.394140][ T5918] usb 6-1: USB disconnect, device number 27
[ 1630.927423][T25971] netlink: 40 bytes leftover after parsing attributes in process `syz.9.4526'.
[ 1630.948156][T25970] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4527'.
[ 1631.761175][T25970] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4527'.
[ 1631.890284][T25970] dummy0: entered promiscuous mode
[ 1631.972573][T25970] team0: entered promiscuous mode
[ 1631.987810][T25970] team_slave_0: entered promiscuous mode
[ 1632.013010][T25970] team_slave_1: entered promiscuous mode
[ 1635.538536][T26039] openvswitch: netlink: Message has 16 unknown bytes.
[ 1635.627300][T26039] openvswitch: netlink: Actions may not be safe on all matching packets
[ 1635.751639][T16970] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[ 1635.949769][T16970] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1635.981357][T16970] usb 6-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1636.010414][T16970] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1636.040179][T16970] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1636.059860][T26058] vivid-007: disconnect
[ 1636.078614][T16970] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 1636.113093][ T5904] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[ 1636.182871][T26061] netlink: 236 bytes leftover after parsing attributes in process `syz.8.4546'.
[ 1636.565047][T16970] usb 6-1: invalid MIDI out EP 0
[ 1636.727076][ T5904] usb 10-1: Using ep0 maxpacket: 32
[ 1637.220821][T26056] vivid-007: reconnect
[ 1637.269734][ T5904] usb 10-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[ 1637.321725][T16970] snd-usb-audio 6-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 1637.336601][ T5904] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1637.353398][ T5904] usb 10-1: config 0 descriptor??
[ 1637.359267][T16970] usb 6-1: USB disconnect, device number 28
[ 1637.396679][ T5904] usb 10-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state
[ 1637.741730][ T5904] usb 10-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1637.803233][ T5904] dvbdev: DVB: registering new adapter (HCW 126xxx)
[ 1637.842906][T26073] udevd[26073]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1637.866959][ T5904] usb 10-1: media controller created
[ 1637.937897][ T5904] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1638.028747][ T5904] usb 10-1: selecting invalid altsetting 1
[ 1638.054771][ T5904] set interface failed
[ 1638.057572][ T5904] usb 10-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[ 1638.097325][ T5904] error writing reg: 0xff, val: 0x00
[ 1638.169807][ T5904] dvb_usb_mxl111sf 10-1:0.0: probe with driver dvb_usb_mxl111sf failed with error -22
[ 1638.281141][T26083] 9pnet_fd: Insufficient options for proto=fd
[ 1638.461720][T26087] netlink: 68 bytes leftover after parsing attributes in process `syz.5.4550'.
[ 1639.776997][ T5904] usb 10-1: USB disconnect, device number 14
[ 1640.469997][T26120] vivid-007: disconnect
[ 1640.588638][T26121] netlink: 236 bytes leftover after parsing attributes in process `syz.0.4558'.
[ 1641.150981][T26117] vivid-007: reconnect
[ 1641.345514][T26130] 9pnet_fd: Insufficient options for proto=fd
[ 1641.628552][T26137] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4561'.
[ 1642.991388][T26161] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1643.017081][T26161] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1643.039494][T26161] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1643.561880][T26174] sp0: Synchronizing with TNC
[ 1643.590168][T26174] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4568'.
[ 1643.599381][T26174] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4568'.
[ 1643.609074][T26174] netlink: 'syz.0.4568': attribute type 15 has an invalid length.
[ 1644.429855][T26182] 9pnet_fd: Insufficient options for proto=fd
[ 1645.547164][    C0] dccp_v4_rcv: dropped packet with invalid checksum
[ 1645.554202][    C0] dccp_v4_rcv: dropped packet with invalid checksum
[ 1645.748411][T26222] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1645.793341][T26222] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1645.840762][T26222] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1647.361668][T26247] sp0: Synchronizing with TNC
[ 1647.383373][T26247] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4582'.
[ 1647.392481][T26247] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4582'.
[ 1647.401579][T26247] netlink: 'syz.7.4582': attribute type 15 has an invalid length.
[ 1648.417710][T26255] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1648.518112][T26255] mmap: syz.8.4584 (26255) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 1651.863861][T26280] tty tty2: ldisc open failed (-12), clearing slot 1
[ 1656.048921][   T30] audit: type=1804 audit(2000000004.675:58): pid=26343 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.4603" name="/newroot/456/file0" dev="tmpfs" ino=2417 res=1 errno=0
[ 1660.405338][   T30] audit: type=1804 audit(2000000008.752:59): pid=26400 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.8.4616" name="/newroot/457/file0" dev="tmpfs" ino=2497 res=1 errno=0
[ 1666.604421][   T30] audit: type=1804 audit(2000000014.540:60): pid=26476 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.5.4628" name="/newroot/58/file0" dev="tmpfs" ino=319 res=1 errno=0
[ 1669.305236][T26470] Bluetooth: hci1: command 0x0406 tx timeout
[ 1672.306076][T26538] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4641'.
[ 1678.913407][T26602] openvswitch: netlink: nsh attribute has 65524 unknown bytes.
[ 1678.921168][T26602] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1678.991224][T26604] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4655'.
[ 1680.141296][T26612] netlink: 'syz.5.4658': attribute type 39 has an invalid length.
[ 1680.949349][T26615] netlink: 36 bytes leftover after parsing attributes in process `syz.8.4657'.
[ 1681.855394][T26628] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4664'.
[ 1684.818057][T26644] xt_l2tp: invalid flags combination: 4
[ 1685.299645][T26648] ax25_connect(): syz.9.4669 uses autobind, please contact jreuter@yaina.de
[ 1685.495816][T26655] Bluetooth: MGMT ver 1.23
[ 1685.612369][T26657] netlink: 52 bytes leftover after parsing attributes in process `syz.7.4670'.
[ 1686.048195][T26647] ------------[ cut here ]------------
[ 1686.054094][T26647] refcount_t: decrement hit 0; leaking memory.
[ 1686.061417][T26647] WARNING: CPU: 1 PID: 26647 at lib/refcount.c:31 refcount_warn_saturate+0xfa/0x1d0
[ 1686.071274][T26647] Modules linked in:
[ 1686.075220][T26647] CPU: 1 UID: 0 PID: 26647 Comm: syz.9.4669 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1686.087503][T26647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1686.097909][T26647] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[ 1686.104204][T26647] Code: b2 00 00 00 e8 27 22 cf fc 5b 5d c3 cc cc cc cc e8 1b 22 cf fc c6 05 8e c5 31 0b 01 90 48 c7 c7 40 d0 7f 8c e8 17 3a 8e fc 90 <0f> 0b 90 90 eb d9 e8 fb 21 cf fc c6 05 6b c5 31 0b 01 90 48 c7 c7
[ 1686.124046][T26647] RSP: 0018:ffffc9000d75fb68 EFLAGS: 00010246
[ 1686.130594][T26647] RAX: b080c6764d267d00 RBX: ffff88807ca4664c RCX: ffff888021ad5a00
[ 1686.139074][T26647] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 1686.147205][T26647] RBP: 0000000000000004 R08: ffffffff81826ce2 R09: fffffbfff1d3a71c
[ 1686.155427][T26647] R10: dffffc0000000000 R11: fffffbfff1d3a71c R12: ffff88807c1e0830
[ 1686.163470][T26647] R13: 0000000000000000 R14: ffff88807ca4664c R15: ffff88807ca46608
[ 1686.171607][T26647] FS:  000055556a204500(0000) GS:ffff88812535a000(0000) knlGS:0000000000000000
[ 1686.180746][T26647] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1686.187547][T26647] CR2: 00007f47e74362c7 CR3: 000000006c4d8000 CR4: 00000000003526f0
[ 1686.195834][T26647] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1686.204077][T26647] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1686.212153][T26647] Call Trace:
[ 1686.215461][T26647]  <TASK>
[ 1686.218387][T26647]  ? __warn+0x165/0x4d0
[ 1686.222662][T26647]  ? refcount_warn_saturate+0xfa/0x1d0
[ 1686.228149][T26647]  ? report_bug+0x2b3/0x500
[ 1686.232732][T26647]  ? refcount_warn_saturate+0xfa/0x1d0
[ 1686.238487][T26647]  ? refcount_warn_saturate+0xfa/0x1d0
[ 1686.244306][T26647]  ? refcount_warn_saturate+0xfc/0x1d0
[ 1686.249786][T26647]  ? handle_bug+0x89/0x170
[ 1686.254323][T26647]  ? exc_invalid_op+0x1a/0x50
[ 1686.259067][T26647]  ? asm_exc_invalid_op+0x1a/0x20
[ 1686.264158][T26647]  ? __warn_printk+0x2a2/0x360
[ 1686.268946][T26647]  ? refcount_warn_saturate+0xfa/0x1d0
[ 1686.274661][T26647]  ? refcount_warn_saturate+0xf9/0x1d0
[ 1686.280134][T26647]  ref_tracker_free+0x6ab/0x7e0
[ 1686.285134][T26647]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1686.290645][T26647]  ? ax25_destroy_socket+0x551/0x5c0
[ 1686.296154][T26647]  ax25_release+0x368/0x960
[ 1686.300885][T26647]  sock_close+0xbc/0x240
[ 1686.305366][T26647]  ? __pfx_sock_close+0x10/0x10
[ 1686.310282][T26647]  __fput+0x3e9/0x9f0
[ 1686.314310][T26647]  task_work_run+0x251/0x310
[ 1686.319074][T26647]  ? _raw_spin_unlock+0x28/0x50
[ 1686.323978][T26647]  ? __pfx_task_work_run+0x10/0x10
[ 1686.329211][T26647]  ? syscall_exit_to_user_mode+0xa3/0x340
[ 1686.334984][T26647]  syscall_exit_to_user_mode+0x13f/0x340
[ 1686.340744][T26647]  do_syscall_64+0x100/0x230
[ 1686.345627][T26647]  ? clear_bhb_loop+0x45/0xa0
[ 1686.350633][T26647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1686.356550][T26647] RIP: 0033:0x7ffaa638d169
[ 1686.361113][T26647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1686.380855][T26647] RSP: 002b:00007fffd7e4d0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1686.389355][T26647] RAX: 0000000000000000 RBX: 00007ffaa65a7ba0 RCX: 00007ffaa638d169
[ 1686.397560][T26647] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1686.405809][T26647] RBP: 00007ffaa65a7ba0 R08: 000000000000102c R09: 0000000cd7e4d3bf
[ 1686.414032][T26647] R10: 00000000003fedb0 R11: 0000000000000246 R12: 0000000000191f2c
[ 1686.422250][T26647] R13: 00007fffd7e4d1c0 R14: ffffffffffffffff R15: 00007fffd7e4d1e0
[ 1686.430292][T26647]  </TASK>
[ 1686.433399][T26647] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1686.440710][T26647] CPU: 1 UID: 0 PID: 26647 Comm: syz.9.4669 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1686.452451][T26647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1686.462534][T26647] Call Trace:
[ 1686.465827][T26647]  <TASK>
[ 1686.468766][T26647]  dump_stack_lvl+0x241/0x360
[ 1686.473460][T26647]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1686.478680][T26647]  ? __pfx__printk+0x10/0x10
[ 1686.483293][T26647]  ? vscnprintf+0x5d/0x90
[ 1686.487633][T26647]  panic+0x349/0x880
[ 1686.491539][T26647]  ? __warn+0x174/0x4d0
[ 1686.495705][T26647]  ? __pfx_panic+0x10/0x10
[ 1686.500140][T26647]  __warn+0x344/0x4d0
[ 1686.504128][T26647]  ? refcount_warn_saturate+0xfa/0x1d0
[ 1686.509601][T26647]  report_bug+0x2b3/0x500
[ 1686.513939][T26647]  ? refcount_warn_saturate+0xfa/0x1d0
[ 1686.519410][T26647]  ? refcount_warn_saturate+0xfa/0x1d0
[ 1686.524879][T26647]  ? refcount_warn_saturate+0xfc/0x1d0
[ 1686.530347][T26647]  handle_bug+0x89/0x170
[ 1686.534607][T26647]  exc_invalid_op+0x1a/0x50
[ 1686.539124][T26647]  asm_exc_invalid_op+0x1a/0x20
[ 1686.543981][T26647] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[ 1686.550056][T26647] Code: b2 00 00 00 e8 27 22 cf fc 5b 5d c3 cc cc cc cc e8 1b 22 cf fc c6 05 8e c5 31 0b 01 90 48 c7 c7 40 d0 7f 8c e8 17 3a 8e fc 90 <0f> 0b 90 90 eb d9 e8 fb 21 cf fc c6 05 6b c5 31 0b 01 90 48 c7 c7
[ 1686.569672][T26647] RSP: 0018:ffffc9000d75fb68 EFLAGS: 00010246
[ 1686.575752][T26647] RAX: b080c6764d267d00 RBX: ffff88807ca4664c RCX: ffff888021ad5a00
[ 1686.583733][T26647] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 1686.591708][T26647] RBP: 0000000000000004 R08: ffffffff81826ce2 R09: fffffbfff1d3a71c
[ 1686.599683][T26647] R10: dffffc0000000000 R11: fffffbfff1d3a71c R12: ffff88807c1e0830
[ 1686.607661][T26647] R13: 0000000000000000 R14: ffff88807ca4664c R15: ffff88807ca46608
[ 1686.615643][T26647]  ? __warn_printk+0x2a2/0x360
[ 1686.620421][T26647]  ? refcount_warn_saturate+0xf9/0x1d0
[ 1686.625888][T26647]  ref_tracker_free+0x6ab/0x7e0
[ 1686.630755][T26647]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1686.636151][T26647]  ? ax25_destroy_socket+0x551/0x5c0
[ 1686.641446][T26647]  ax25_release+0x368/0x960
[ 1686.645960][T26647]  sock_close+0xbc/0x240
[ 1686.650209][T26647]  ? __pfx_sock_close+0x10/0x10
[ 1686.655066][T26647]  __fput+0x3e9/0x9f0
[ 1686.659063][T26647]  task_work_run+0x251/0x310
[ 1686.663660][T26647]  ? _raw_spin_unlock+0x28/0x50
[ 1686.668519][T26647]  ? __pfx_task_work_run+0x10/0x10
[ 1686.673643][T26647]  ? syscall_exit_to_user_mode+0xa3/0x340
[ 1686.679378][T26647]  syscall_exit_to_user_mode+0x13f/0x340
[ 1686.685023][T26647]  do_syscall_64+0x100/0x230
[ 1686.689627][T26647]  ? clear_bhb_loop+0x45/0xa0
[ 1686.694313][T26647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1686.700212][T26647] RIP: 0033:0x7ffaa638d169
[ 1686.704643][T26647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1686.724261][T26647] RSP: 002b:00007fffd7e4d0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1686.732697][T26647] RAX: 0000000000000000 RBX: 00007ffaa65a7ba0 RCX: 00007ffaa638d169
[ 1686.740679][T26647] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1686.748658][T26647] RBP: 00007ffaa65a7ba0 R08: 000000000000102c R09: 0000000cd7e4d3bf
[ 1686.756638][T26647] R10: 00000000003fedb0 R11: 0000000000000246 R12: 0000000000191f2c
[ 1686.764612][T26647] R13: 00007fffd7e4d1c0 R14: ffffffffffffffff R15: 00007fffd7e4d1e0
[ 1686.772598][T26647]  </TASK>
[ 1686.775933][T26647] Kernel Offset: disabled
[ 1686.780330][T26647] Rebooting in 86400 seconds..