last executing test programs:

2m49.780980441s ago: executing program 0 (id=467):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x200, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r1 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
listen(r1, 0x2)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000540)="ad52b6c58292ea54c7c1ef915db7f990c2004c7d155e3fa7f34a9c213d37e710", 0x20)
listen(r0, 0x80)
r3 = socket$inet(0x2, 0x80001, 0x84)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000280)=0x3, 0x4)
bind$inet(r3, &(0x7f0000000180)={0x2, 0xce20, @local}, 0x10)
listen(r3, 0x3a5)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48)
capset(&(0x7f00000004c0)={0x20071026}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffe})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x4)
syslog(0x3, &(0x7f0000000980)=""/4096, 0x1000)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r0}, 0x8)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0xf5adb196888ad17e, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r7}, 0x18)
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r8, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x200000)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)=ANY=[@ANYBLOB="ec0000002100390d0000000000000000fe8000000000000000000000000000aae000000200"/56, @ANYRES32=r4, @ANYRES32=0x0, @ANYBLOB], 0xec}}, 0x0)

2m49.132866399s ago: executing program 0 (id=470):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
setgroups(0x0, 0x0)
getgroups(0x0, &(0x7f0000000100))
setregid(0x0, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff)
socket$inet_smc(0x2b, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DAEMON(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)={0x14, r4, 0x6c04073ee59f7719, 0x0, 0x0, {0x4}}, 0x14}}, 0x0)

2m46.923770653s ago: executing program 0 (id=473):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1}, &(0x7f0000000000), &(0x7f0000000200)}, 0x20)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001200)=ANY=[@ANYBLOB="4c000000190001090000000000000000021800000000fd010000000008000100ac141400080005000a0101021800168014000300fe8000000000000000000000000000aa0600150004"], 0x4c}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB], 0x50)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000006c0)={0xffffffffffffffff, 0x20, &(0x7f0000000680)={&(0x7f0000000500)=""/126, 0x7e, <r3=>0x0, &(0x7f00000005c0)=""/160, 0xa0}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6, 0x0, 0x2}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r7 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_RELEASEINTERFACE(r7, 0x80045510, &(0x7f00000004c0)=0x4)
socket$can_raw(0x1d, 0x3, 0x1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{0x1}, 0x0, &(0x7f00000001c0)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{}, 0x0, 0x0}, 0x20)
r8 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r8, &(0x7f0000000300), &(0x7f0000000000)=""/10, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r8, &(0x7f00000001c0), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
ptrace$pokeuser(0x6, r4, 0x358, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r9}, 0x10)
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000)

2m46.055507028s ago: executing program 0 (id=476):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r0, 0x8983, 0x0)
pipe2(0x0, 0x4000)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r1, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r2, 0x0, 0x0, <r3=>0x0})
r4 = socket(0x2b, 0x80801, 0x1)
connect$l2tp6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20)
ioctl$sock_SIOCINQ(r4, 0x541b, &(0x7f0000000440))
ioctl$IOMMU_HWPT_GET_DIRTY_BITMAP(r1, 0x3b8c, &(0x7f0000000040)={0x30, r3, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x40000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
r7 = open$dir(&(0x7f0000000000)='./file0\x00', 0x10380, 0x16)
fanotify_mark(0xffffffffffffffff, 0x8, 0x8000000, r7, &(0x7f0000000040)='./file0\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r8 = getpid()
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b704000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r10}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
sendmsg$tipc(r11, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c81be3110a36a27aeffe0ad5a8a7385a1913a64fb2db630e8fc8017828cea", 0xd6b}, {0x0}, {0x0}, {&(0x7f00000020c0)}], 0x4}, 0x0)
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x4)
r12 = syz_open_procfs(r8, &(0x7f0000000040)='net/fib_triestat\x00')
readv(r12, &(0x7f00000008c0)=[{&(0x7f0000000700)=""/215, 0xd7}, {&(0x7f0000000080)=""/191, 0xbf}, {0x0}, {0x0}], 0x4)
fanotify_mark(0xffffffffffffffff, 0x8, 0x2, r12, &(0x7f0000000080)='./file0\x00')

2m44.671558515s ago: executing program 0 (id=478):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r3, 0x29, 0xb, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f00000001c0)={0x3, &(0x7f0000000040)=[{0x28, 0x0, 0x0, 0xab49}, {0xb1, 0x0, 0x0, 0xde0c}, {0x6}]}, 0x10)
write$binfmt_aout(r4, 0x0, 0xfdef)
mkdir(0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r6, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)

2m43.309073775s ago: executing program 0 (id=479):
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040), 0x10)
quotactl_fd$Q_GETFMT(0xffffffffffffffff, 0xffffffff80000400, 0x0, 0x0)
syz_open_dev$vim2m(0x0, 0x3, 0x2)
r0 = socket(0x1a, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_emit_ethernet(0x4e, &(0x7f0000000340)=ANY=[], 0x0)
recvmsg$unix(r0, 0x0, 0x2141)
socket$nl_netfilter(0x10, 0x3, 0xc)
epoll_create1(0x0)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x900)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r2, 0x40045402, &(0x7f0000000040)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000083c0)={{0x3, 0x0, 0x0, 0x0, 0x9}})
ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0x5)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, 0x0)
dup3(r3, r2, 0x80000)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0)
r5 = syz_open_dev$swradio(&(0x7f0000000100), 0x1, 0x2)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r5, 0x4020565b, 0x0)
ioctl$TCSETSW2(r4, 0x402c542c, &(0x7f0000000040)={0xc63c, 0x7ffffffe, 0x40000000, 0x80000004, 0x0, "362e851f84882fb90efa3fa665d2eb14c970e2", 0x7, 0x81})

2m27.721170072s ago: executing program 32 (id=479):
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040), 0x10)
quotactl_fd$Q_GETFMT(0xffffffffffffffff, 0xffffffff80000400, 0x0, 0x0)
syz_open_dev$vim2m(0x0, 0x3, 0x2)
r0 = socket(0x1a, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_emit_ethernet(0x4e, &(0x7f0000000340)=ANY=[], 0x0)
recvmsg$unix(r0, 0x0, 0x2141)
socket$nl_netfilter(0x10, 0x3, 0xc)
epoll_create1(0x0)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x900)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r2, 0x40045402, &(0x7f0000000040)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000083c0)={{0x3, 0x0, 0x0, 0x0, 0x9}})
ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0x5)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, 0x0)
dup3(r3, r2, 0x80000)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0)
r5 = syz_open_dev$swradio(&(0x7f0000000100), 0x1, 0x2)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r5, 0x4020565b, 0x0)
ioctl$TCSETSW2(r4, 0x402c542c, &(0x7f0000000040)={0xc63c, 0x7ffffffe, 0x40000000, 0x80000004, 0x0, "362e851f84882fb90efa3fa665d2eb14c970e2", 0x7, 0x81})

27.425271396s ago: executing program 3 (id=699):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r4 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r4, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
sendfile(r4, r4, &(0x7f0000000080), 0x7f03)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x24, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xc}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000500)=@acquire={0x128, 0x17, 0x23d6f1de7581c23d, 0x0, 0x0, {{@in=@rand_addr=0x64010100}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, {@in=@empty, @in=@remote, 0x0, 0x0, 0x0, 0x81}, {{@in=@empty, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x80}}, 0x0, 0x0, 0xfffffffd}}, 0x128}}, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00'})
sendmsg$nl_route_sched(r6, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r8 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r9=>0x0})
ioctl$VIDIOC_CREATE_BUFS(r4, 0xc100565c, &(0x7f00000005c0)={0x8, 0xf, 0x4, {0xa, @pix={0xb, 0x7, 0xa0363159, 0x5, 0x281b, 0x5, 0x5, 0x8000, 0x1, 0x0, 0x2, 0x3}}, 0x8})
bind$can_raw(r8, &(0x7f00000001c0)={0x1d, r9}, 0x10)
recvmmsg(r8, &(0x7f0000003b80)=[{{0x0, 0x0, &(0x7f0000000180)=[{0x0}, {&(0x7f0000000240)=""/122, 0x7a}], 0x2}, 0xdc}], 0x1, 0x40000002, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r8, 0x65, 0x4, &(0x7f00000003c0)=0x1, 0x4)

26.052712638s ago: executing program 3 (id=702):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0xc0200, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000100)=0x3)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0xe9503, 0x0)
r5 = epoll_create1(0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
r7 = fcntl$dupfd(r5, 0x0, r3)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={@map, 0x4, 0x1, 0xffff, &(0x7f00000000c0)=[0x0], 0x1, 0x0, 0x0, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, <r8=>0x0}, 0x40)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000300)={@fallback=r3, r6, 0x16, 0x8, r7, @void, @value=r9, @void, @void, r8}, 0x20)
socket$inet6_udplite(0xa, 0x2, 0x88)
r10 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r10, 0x10e, 0xc, &(0x7f0000000280)={0xfffffffc}, 0x9)
sendmsg$nl_generic(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)={0x20, 0x12, 0xa01, 0x70bd28, 0x25dfdbfd, {0x80, 0x0, 0x300}, [@typed={0x9, 0xf5, 0x0, 0x0, @binary="585878a177"}]}, 0x20}, 0x1, 0x0, 0x0, 0x8840}, 0x0)
ioctl$HCIINQUIRY(r10, 0x800448f0, &(0x7f0000000000)={0x3, 0x6, "a51a7b", 0x68, 0xfb})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f00000004c0))
r11 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x16)
r12 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
lseek(r12, 0x1000000, 0x0)
ioctl$PPPIOCNEWUNIT(r11, 0xc004743e, &(0x7f0000000140))
close(r3)

13.448076305s ago: executing program 4 (id=707):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="c2754713e36569b2fae8649eb50c4d0000000000", @ANYRES32=0x1], 0x50)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8916, &(0x7f0000000000)={r1})
r2 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8916, &(0x7f0000000000)={r2})
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8936, &(0x7f0000000000)={r2})
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000cc0)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab190c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=@newqdisc={0x4c, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x4}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x1c, 0x8002, [@TCA_FQ_PIE_ALPHA={0x8, 0x5, 0x1d}, @TCA_FQ_PIE_BETA={0x8, 0x6, 0xf}, @TCA_FQ_PIE_TUPDATE={0x8, 0x4, 0x7}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x22, &(0x7f00000000c0)=0x6, 0x4)
sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x44}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000000)={'wlan1\x00', @broadcast})
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1900000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB="af6ef484dce2585400"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r9=>0xffffffffffffffff})
recvmsg$unix(r9, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r10=>0xffffffffffffffff]}}], 0x18}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x4, &(0x7f0000000300)=ANY=[@ANYRESOCT], &(0x7f00000002c0)='GPL\x00', 0x3eb, 0xd5, &(0x7f0000000640)=""/213, 0x40f00, 0x3, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
write$cgroup_int(r10, &(0x7f0000000340), 0x12)
bpf$LINK_DETACH(0x22, &(0x7f0000000040)=r10, 0x4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r11=>0x0})
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4400000010004b0400000000000000007a000000", @ANYRES32=r11, @ANYBLOB="00f2000000000000240012800b0001006272696467650000140002800800080088a8ffff050007000700"], 0x44}}, 0x0)
r12 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r12, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha12-generic\x00'}, 0x58)

12.726817337s ago: executing program 2 (id=708):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r1, r0, &(0x7f0000002080)=0x64, 0x23b)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup(0xffffffffffffffff)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r3, 0x84, 0xc, &(0x7f00000001c0), 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={<r4=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f00000000c0)={r4}, &(0x7f0000000500)=0x8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x200000a, 0x5d031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r5, 0x1, 0x44, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000007ec0)=ANY=[@ANYBLOB="340000003c0007010000000000000000017c00000400fc800c00018008000600ffff0000080002800400728008000900", @ANYRES32=r6, @ANYBLOB="07df2c06264d6239f1d6927ad366a50b610a6633ea25c74f31aabc87b472211dc5e2e0a23ced1ca80e2329007420dc0b2421b1a8610d4165cb02c431b76b12"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
clock_gettime(0x0, &(0x7f0000007e40)={<r7=>0x0, <r8=>0x0})
recvmmsg(r6, &(0x7f0000007cc0)=[{{&(0x7f0000000240)=@qipcrtr, 0x80, &(0x7f0000000380)=[{&(0x7f0000000340)=""/3, 0x3}], 0x1}, 0x7a9}, {{&(0x7f00000003c0)=@nfc_llcp, 0x80, &(0x7f0000000940)}, 0x6}, {{&(0x7f00000009c0)=@x25={0x9, @remote}, 0x80, 0x0}, 0xf0}, {{&(0x7f0000001d40)=@qipcrtr, 0x80, &(0x7f0000004c40)=[{&(0x7f0000003300)=""/131, 0x83}, {&(0x7f0000001e40)=""/214, 0xd6}, {&(0x7f0000003240)=""/161, 0xa1}, {&(0x7f0000001f80)=""/239, 0xef}, {&(0x7f00000030c0)=""/119, 0x77}, {&(0x7f0000003140)=""/244, 0xf4}, {&(0x7f00000034c0)=""/234, 0xea}, {&(0x7f0000001dc0)=""/74, 0x4a}, {&(0x7f00000033c0)=""/244, 0xf4}, {&(0x7f0000001f40)}, {&(0x7f0000004a40)=""/214, 0xd6}, {&(0x7f0000004b40)=""/223, 0xdf}], 0xc, &(0x7f0000003680)=""/187, 0xbb}, 0x8}, {{&(0x7f0000003740)=@vsock, 0x80, &(0x7f0000004940)=[{&(0x7f00000037c0)=""/124, 0x7c}, {&(0x7f0000003840)=""/199, 0xc7}, {&(0x7f0000003940)=""/4096, 0x1000}], 0x3, &(0x7f0000004980)=""/55, 0x37}, 0xffffffa2}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000006cc0)=""/4096, 0x1000}, 0x5}], 0x6, 0x40013002, &(0x7f0000007e80)={r7, r8+60000000})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

12.627543943s ago: executing program 3 (id=710):
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0a00000003000000b30000007f"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0xfffffffffffffe02, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000210000a8", @ANYRES8, @ANYBLOB="00000000000000006e00000000000000180000000000000000000000000500009500000000000000180000002020782500000000002020207b0af8ff00000000bd510000000000000701000000feffffb702000008000000b703000000000000850000001900000095000000000000004e0258f0fd50d1d3851b268c2d93ee3ee7c82a5c56deafaa0a8afdab3818db0cecf472dd54ac8b5816f98457c71c055a5f6420db6edc6deaa244097ca45f9ad6d1170bea195c51028fc15aa4a31784fe15c34181e1417068469f7e45e19803b33d6722cedc55b12fcb3fed"], &(0x7f0000000000)='GPL\x00', 0x8, 0xde, &(0x7f0000003e40)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
userfaultfd(0x801)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x42, &(0x7f0000000180), &(0x7f00000001c0)=0x10)
sendmmsg$inet6(r4, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f0000000100)={<r5=>0x0, 0xaf3}, &(0x7f00000002c0)=0x8)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r4, 0x84, 0x79, &(0x7f00000000c0)={r5, 0xe005, 0x9}, 0x8)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008103e00f80ecdb4cb9f207c804a01100000088080ffb0a000200250ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540))
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f00000003c0)={{{@in6=@mcast2, @in=@multicast2, 0x4e22, 0xfffc, 0x800, 0x0, 0x2, 0x0, 0x0, 0x89}, {0xa}, {0x10}, 0x8, 0x0, 0x1, 0x1, 0x3}, {{@in=@multicast2, 0x0, 0x6c}, 0x0, @in6=@private1, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x7}}, 0xe8)
connect$inet6(r7, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)

11.219045073s ago: executing program 1 (id=711):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r4 = memfd_create(&(0x7f0000000480)='[\v\xdbX\xae[5\xa9\x90\xffc\x1f\x1a\xa9\xfd\xfa\xad\xd1md\xe7\xe2\x7f\x9b\xd5R\x10\xf3\xb6\xffT\xbf\xd1\xc8\x85HX\xa9%\f\x1ae\x9b\xac\xe3\xbf\xa5\xdf\xbd\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91\x02\x00\x00\x00\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\x9fc\xda\xa9\x83r\xd8\x98\x00\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5\x1b\x88\xf8C\xaa\xa7\xbb\xfdZ\xd2}\xf5\xe4\x9f5\x9b\x01\xf9\x00'/143, 0x6)
pwrite64(r4, 0x0, 0x0, 0x2)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10)
open(0x0, 0x1850c2, 0x14c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

10.249824163s ago: executing program 1 (id=712):
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000100)=<r0=>0x0)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x0, 0xe, 0x32315659, 0x0, 0x0, 0x0, 0x3, 0xfeedcafe, 0x3, 0x0, 0x2, 0x2}})
syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
socket$packet(0x11, 0x3, 0x300)
pipe(&(0x7f0000000400))
pipe(&(0x7f0000000100))
socket$tipc(0x1e, 0x5, 0x0)
unshare(0x2c020400)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x300, 0x3, 0x0, 0x40000, 0x0, 0x2}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7fff, 0xfffffffffffffffd, 0x0, 0x5, 0x4, 0x80000001, 0x8000000000000000}, 0x0, 0x0)
listen(r2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r5}, 0x10)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)={0x30, 0x0, 0x1, 0xffffffff, 0x0, {{}, {}, {0x14, 0x19, {0xfffffffe, 0x9}}}}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r6, &(0x7f0000000000)={0x27}, 0x74)
ioctl$sock_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, @nfc={0x27, r0, 0x1, 0x5}, @rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x8}, @vsock={0x28, 0x0, 0x2711, @hyper}, 0x3, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000180)='ip6erspan0\x00', 0x5, 0x1131, 0x6})
r7 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x20)
preadv(r7, &(0x7f0000001b00)=[{&(0x7f00000009c0)=""/239, 0xef}], 0x1, 0x2, 0x0)
syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080))

10.068621408s ago: executing program 3 (id=713):
geteuid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000280)=0x20, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102384, 0x18ff0)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r2, 0x0, 0xb0)
connect$inet6(0xffffffffffffffff, 0x0, 0xfffffffffffffe3b)
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, 0x0, 0x0)
bind$inet(r3, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
getsockopt(0xffffffffffffffff, 0x200000000114, 0x271e, 0x0, 0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0xc)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3000000}, [@IFLA_MASTER={0x8}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}}, 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f00000021c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
mknod$loop(&(0x7f00000002c0)='./file0/../file0/file0\x00', 0xffffc000, 0x0)
write$FUSE_INIT(r5, &(0x7f0000000380)={0x50, 0x0, r6, {0x7, 0x28, 0x0, 0x40488060, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24522716a989086f, 0xfffffffc}}, 0x50)

9.924525994s ago: executing program 2 (id=714):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x123000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
memfd_secret(0x80000)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$inet6_icmp(0xa, 0x2, 0x3a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f0000000380)=@ethtool_drvinfo={0x48, "a4c3eabfbc4a051fc8f66eedf1c6676b4e9ac471123ee41b102a78284f881840", "c493c69907ac61ee57f3ff6656218f8c880cab0b7f5f977f29b54144914986b5", "7795433781033bb967429b7c68c2566066943f3a566d7fd05557583a535a3b9e", "cba936683f411a1265d9ffb369dbe16de72fd8ee91c60f531196c136add25f43", "3fda464b4ffcb83f5c89e20fe8814b4e26bb81519905d65c5a0ae43be09d9f7b", "9900255a099270427859ce54", 0x43dd5e67, 0x9, 0x4, 0x5, 0xfffffffe}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, 0xffffffffffffffff, 0x0)
openat$zero(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r8=>0x0})
bind$can_j1939(r7, &(0x7f0000000100)={0x1d, r8}, 0x18)
connect$can_j1939(r7, &(0x7f0000000080)={0x1d, r8, 0x0, {0x0, 0xf0, 0x2}, 0x1}, 0x18)
sendmsg$can_j1939(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)='.', 0x1a000}}, 0x0)
sendmsg$inet(r7, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x1)
write$bt_hci(r6, &(0x7f0000000580)=ANY=[@ANYBLOB="5300000002"], 0x8)
ioctl$TCSETSF2(r3, 0x402c542d, &(0x7f00000000c0)={0x1, 0x8c, 0xff, 0x6, 0xcf, "0982aa400000000000e6ffffab5b00", 0x5, 0x3})
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0xff)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYRESDEC=r0])

8.683230007s ago: executing program 1 (id=715):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000ac0)={{0x2, 0x0, @multicast2}, {}, 0x2a, {0x2, 0x0, @empty}, 'bond_slave_1\x00'})
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000), 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000240)={0x0, 0xffffff81}, 0x8)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000200), 0x8)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000100)=@req={0x3fc, 0x4000}, 0x10)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
socket$inet6_udp(0xa, 0x2, 0x0)
iopl(0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = epoll_create(0x917)
epoll_wait(r5, 0x0, 0x0, 0x9)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
futex(&(0x7f0000000040)=0x2, 0x6, 0x2, &(0x7f00000001c0)={0x77359400}, &(0x7f0000000280)=0x2, 0x1)
recvfrom(r2, &(0x7f0000000140)=""/104, 0x68, 0x12020, 0x0, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x2004c054, &(0x7f0000000140)={0xa, 0x4e23, 0x8000000, @loopback, 0xffffffff}, 0x1c)

8.345548686s ago: executing program 4 (id=716):
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
sched_setaffinity(0x0, 0xfffffffffffffdc5, &(0x7f00000002c0)=0x800002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
fcntl$setownex(r0, 0xf, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000007480)={'wlan0\x00'})
r3 = syz_genetlink_get_family_id$nl80211(0x0, r2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newtaction={0x88, 0x30, 0xffff, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x74, 0x1, [@m_mirred={0x70, 0x1, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x4, {{0x10001}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x3, 0x9, 0xffffffffffffffff, 0x401, 0x4}, 0x3}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x88}}, 0x0)
syz_usb_connect(0x0, 0x33, &(0x7f00000001c0)=ANY=[@ANYBLOB="120100007b8955403a0976245b0d0102030109022100010d20000009040000000e0100000f2402010102", @ANYRES64], 0x0)
r5 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1f7ff6, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x1, 0x1, 0x1})
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e23, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffff8}}, 0x0, 0x0, 0x9, 0x4, 0x1c4, 0x0, 0xfe}, 0x9c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xe1000, 0x280000b, 0x28011, r5, 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ffd000/0x3000)=nil)
sendmsg$NL80211_CMD_DEL_PMKSA(r2, &(0x7f0000007700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x4044}, 0x24044011)
r7 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r7, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
sendmmsg$inet6(r7, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171, 0x0, 0x0, 0x4000000}}], 0x400000000000172, 0x0)

8.212726526s ago: executing program 3 (id=717):
write$sysctl(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_GET_TSC(0x43, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_init_net_socket$ax25(0x3, 0x3, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000640)=@allocspi={0x108, 0x16, 0x401, 0x0, 0x0, {{{@in=@local, @in6=@mcast1, 0x0, 0xfd1, 0x0, 0x2, 0x2, 0x0, 0x0, 0xc}, {@in=@broadcast, 0x0, 0x33}, @in6=@loopback, {0x0, 0x0, 0x0, 0x0, 0x8000000000000000, 0x80000001}, {0x101, 0x0, 0x0, 0x800}, {0x4, 0x6, 0x400}, 0x0, 0x0, 0xa, 0x0, 0x0, 0x94}, 0x0, 0x4ad}, [@XFRMA_IF_ID={0x8}, @etimer_thresh={0x8, 0xc, 0x3}]}, 0x108}, 0x1, 0x0, 0x0, 0x20040080}, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$packet(r3, &(0x7f0000000000)={0x1f, 0xf8, 0x0, 0x1, 0x2, 0x6, @broadcast}, 0x14)
bind$bt_l2cap(r3, &(0x7f0000000100)={0x1f, 0x5, @any, 0x1, 0x1}, 0xe)
connect$inet(r1, 0x0, 0x0)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x3f, &(0x7f0000000000)=0x3500, 0x4)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
r4 = eventfd(0x1)
ioctl$FIONCLEX(r4, 0x5450)
recvmmsg(r1, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0)
r5 = syz_open_dev$media(&(0x7f0000000240), 0x9, 0x2)
ioctl$MEDIA_IOC_G_TOPOLOGY(r5, 0xc0487c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mknod$loop(&(0x7f00000017c0)='./file0\x00', 0x2480, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)

6.957335438s ago: executing program 3 (id=718):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r0, 0x5607, 0x3)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ipvlan1\x00'})
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r4=>0x0})
sendmsg$can_raw(r3, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r4}, 0x10, &(0x7f0000000200)={0x0, 0xe}}, 0x4)
r5 = socket(0x10, 0x2, 0x0)
write(r5, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r5, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
close(0x3)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000040)={@dev={0xfe, 0x80, '\x00', 0x44}, 0x68, r4})
ioctl$VT_ACTIVATE(r0, 0x5606, 0x4)
ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000180)={0x9, 0x0, 0x3, 0x7fff})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYRESHEX=r4], &(0x7f0000000f40)=""/4089, 0x3e, 0xff9, 0x4, 0x0, 0x0, @void, @value}, 0x28)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x500, 0x0)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, 0x0)
r7 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x235, &(0x7f0000000c80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7f8fbc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c0301000000010000003d5d78c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6e70af07da5ceb01b7551ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cde7a6b73340cc2160a1fe3c184b751c51160fbce841dfebd31a08b32808b80200000000009dd27080e71113610e10d8fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000067d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c972780870014605c83d7d11c3c975d5aec84222fff0d7216fdb0d3a0ec4bfae563858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5cc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5b6154eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7ade8a5b859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ffea0000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a1bcd1e30280bc586e79a5dd80701018e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f0000000011d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589c95d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d4442d13d5a29179a00837918dd7854aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5d371c61f550e9d86aabda45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5ff070000000000000ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5f45c879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2ea86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c58684a1d2f624c3eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366aa660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e95921218149403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef3103ce10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d618cdaaf7e038879c5d177b3876fda4121e00000100000000003edd3d43cc64e0d26b46907b42e08d000000000000903350932d3eef7fdada20c19807066e2c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a74748b8cd994ed368695aa2c5986aa9200a1306ffa5a71ca69e89a6980612b35fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeaded2930376eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041894f60fbbcafa487ee96b368e8769da90b44190e569fe8b923c32c288baaca5c5558b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751e95999b7532603494d37a2bff35a9eec46dfc8a52433f605ebf151c837b4966b5f3628a406175a87e32c5e4268d3000933b580415b162e2946446b8f02554c8a1225217d69d049685dd06aa8528673a9673a723ac414af77f523ad730d00e8700c213f95c87a94f39f506b9e000000000000000000000000000000000000000000000000000090668ac41a1c2a4f7831e6c6a3e9c68ca2c449482bb70a994e71a7f24873848fbb128c820c1de19cc003dfa65a2b296caeb1253802080e08eeb724c4c7b7e052afa19b0f2cd7a13bda4b5a8f3b8fa3ca70bb756a3d529718d5c79d9bdb89e5d33793533211d76d00a45079eff797476106bf76f1fed952a7c9162b88911b5b00c3d26fd2fb4d7b29d1ce025e102d458efd5cca3f3835ce760359eaa01cb13cb28d60e8942fdc02b6824c00dac62f8a2d4c680ae284a82f09d6641921536814b444e4188d9b2e97eb3b108e7876f0f3f3863147ab694218c7cecc075d52d590dddbb57fc6fedf5ec69d7894a7b5c8109f303dab998815c80534b0bd34c49eea63997e56728a8185a8bb6988a7197b87f5548f5edfdfb3efc907fe561b33a6f7c707f7828c6adaf3b2a39929b4b65253e787d65c08aff5e4a9b226"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$inet(r8, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
sendmmsg$inet(r8, &(0x7f0000000ec0)=[{{&(0x7f0000000080)={0x2, 0x4e25, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044)
sendto$inet(r8, &(0x7f0000000c80)="e8", 0x6200, 0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000080))
r9 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r9, 0x40085112, &(0x7f0000000040)=@e={0xff, 0xc, 0x0, 0x0, @generic=0x2, 0x8})

5.941323992s ago: executing program 4 (id=719):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000100)=ANY=[@ANYBLOB="b40000001900010000000000000000001d0109004d0011"], 0xb4}}, 0x0)
ioperm(0x83, 0x6, 0x8)
arch_prctl$ARCH_GET_CPUID(0x1011)
syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000000)={0xffffffffffffffff, 0x0, &(0x7f0000002780)=""/4096, 0x4}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r3, 0x34}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x13, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = creat(0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
syz_open_dev$ndb(0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
r5 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x707b, 0x0, 0x4, 0x288, 0x0, r4}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000180)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_SPLICE={0x1e, 0x1, 0x0, @fd_index=0x7, 0x100000000, {}, 0xfc, 0x5, 0x0, {0x0, 0x0, r4}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x1000089}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r8 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r8, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6_mptcp(0xa, 0x1, 0x106)
io_uring_enter(r5, 0x3516, 0x300, 0x0, 0x0, 0x0)
r9 = syz_open_dev$sndpcmc(&(0x7f0000000100), 0x7, 0x400000)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r9, 0xc06c4124, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3})

5.93619283s ago: executing program 1 (id=720):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a000000"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$audio1(0xffffffffffffff9c, 0x0, 0x88002, 0x0)
ioctl$SNDCTL_DSP_POST(r5, 0x5008, 0x0)
setsockopt$inet6_tcp_TLS_TX(r4, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x7}, '\x00', "5171bb672965593497418688ac68cb126474cd3660dab9e2086e246728d7a040", '\x00\x00=*', "1202000000040030"}, 0x58)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x4e21, 0x7fff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3}}, 0x0, 0x0, 0x4b, 0x0, "5d9ed5ab7ede1bcf73742bc36c0ea13d3dec33e0b7cc1ff724fe1906cf9f7945230bc5d9dfea4ffd1e48aaf9a42d97f58da594d5eb926f70f03d2d46f374a6b62ee9d04ac1bf0bef969bcbd8e4700616"}, 0xd8)
connect$inet6(r4, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
utimes(&(0x7f0000000180)='./file0\x00', 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf21, 0x100, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xd, 0x5, 0x4, 0x6, 0x0, r6, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r7, &(0x7f00000001c0), 0x0}, 0x20)

5.7643073s ago: executing program 2 (id=721):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r4 = memfd_create(&(0x7f0000000480)='[\v\xdbX\xae[5\xa9\x90\xffc\x1f\x1a\xa9\xfd\xfa\xad\xd1md\xe7\xe2\x7f\x9b\xd5R\x10\xf3\xb6\xffT\xbf\xd1\xc8\x85HX\xa9%\f\x1ae\x9b\xac\xe3\xbf\xa5\xdf\xbd\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91\x02\x00\x00\x00\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\x9fc\xda\xa9\x83r\xd8\x98\x00\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5\x1b\x88\xf8C\xaa\xa7\xbb\xfdZ\xd2}\xf5\xe4\x9f5\x9b\x01\xf9\x00'/143, 0x6)
pwrite64(r4, 0x0, 0x0, 0x2)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYBLOB], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10)
open(0x0, 0x1850c2, 0x14c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

4.567716947s ago: executing program 1 (id=722):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000000000000000000000008500"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r3 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r4 = fanotify_init(0xf00, 0x0)
fanotify_mark(r4, 0x105, 0x40009975, r3, 0x0)
mknod(0x0, 0x8001420, 0x1)
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
rename(&(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r5, &(0x7f0000002200)={0x0, 0x0, &(0x7f00000021c0)={&(0x7f0000002080)={0x40, r6, 0x1, 0x0, 0x0, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_TX_SHARE={0xc, 0xa6, 0x1}]}, 0x40}}, 0x0)
ioperm(0x3, 0x804, 0x1000009)
prctl$PR_SET_TIMERSLACK(0x1d, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
writev(r7, &(0x7f0000000040)=[{&(0x7f0000000000)="290000002000190f00003fffffffda0602000028fde80001dd0000040d000600ea1100000005000000", 0x29}], 0x1)

4.551564854s ago: executing program 4 (id=723):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="050000000005000000150000b900000000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r4}, 0x18)
syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/time_for_children\x00')
openat$urandom(0xffffffffffffff9c, 0x0, 0x42, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280))
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x2}}, 0x20)
r5 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0)
r6 = userfaultfd(0x801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000100))
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x18)
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r6, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
ioctl$CEC_ADAP_S_LOG_ADDRS(r5, 0xc05c6104, &(0x7f0000000140)={"09025a26", 0x4, 0x3, 0xfc, 0x6, 0xfff, "e840fe213981327944dea0ab8de591", "ddf9e8f5", "84708d56", "b0ae9f2e", ["93a03a7ae19776071eebf3e2", "155199e846586bd6df78ec79", "69fe3745d21db04d44490f86", "4c95443ed5fb833211e14aa2"]})
pipe2(&(0x7f0000000080), 0x0)

4.55089067s ago: executing program 2 (id=724):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1, 0x0, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setscheduler(r1, 0x5, &(0x7f00000001c0)=0x1a4)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = add_key$user(&(0x7f00000003c0), 0x0, &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, 0x0})
keyctl$dh_compute(0x17, &(0x7f0000000000)={r4, r4, r4}, 0x0, 0x0, &(0x7f0000000280)={0x0})
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000300)={0x3, 0x2, 0x1, 0x0, 0xbf})
sendto$inet(0xffffffffffffffff, &(0x7f0000000380)="437550b523af1a7f2da599e5139f10a0f56401a09a7d028e47", 0x19, 0x20004801, &(0x7f0000000400)={0x2, 0x4e24, @empty}, 0x10)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc}, 0x10)
r6 = socket(0x1e, 0x4, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r5, &(0x7f0000003240), 0x4000000000000e4, 0x0)
listen(r0, 0x0)

3.03684753s ago: executing program 4 (id=725):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x7, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket(0x80000000000000a, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
read$FUSE(0xffffffffffffffff, &(0x7f0000000880)={0x2020}, 0x2020)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, 0x0, 0x0)
sendto$inet6(r1, &(0x7f0000000180)="1a", 0x1, 0x0, 0x0, 0x0)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f00000001c0)=[@in6={0xa, 0x4e23, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7}, @in={0x2, 0x4e23, @multicast2}, @in6={0xa, 0x4e22, 0x6, @empty, 0x4}], 0x48)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f0000000040)=0xc)
close(r3)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x35, 0x0, 0x0)
bind$inet6(r4, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty, 0x10000000}, 0x1c)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000005c0)={r0, &(0x7f00000003c0), &(0x7f0000000580)=@tcp=r6}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r0, &(0x7f0000000140)="aa", &(0x7f0000000000)=@tcp6=r5}, 0x20)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000380)={r0, &(0x7f0000000600), &(0x7f0000000340)=@udp6=r7, 0x1}, 0x20)
socket$kcm(0x11, 0x3, 0x0)

2.552684252s ago: executing program 1 (id=726):
r0 = openat$smackfs_load(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/smackfs/load-self2\x00', 0x2, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
r3 = syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_aout(r4, &(0x7f00000010c0)=ANY=[], 0x1a3)
write$binfmt_misc(r4, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r5, 0x4b45, 0x1)
ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x2fd, 0xffff, 0x101, 0x300}})
chdir(0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, r2, 0x800, 0x55007}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_DEFAULT_PVID={0x6, 0x27, 0x6}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x900}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
dup(r0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x0, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="10020000070000000200000000800000850000007500000000000000000061052551d4bd3fa4827eef1fab401582872765cec39ed43311176511a7fdfae6dd48f167ace692d64aac700ddd451900cfdd7567fbd424d303cdd518a2ec0fbd8403a9cf38840e82e2f770b59016c0e893dd3f93fffa490610dfd7a31fcd005d9ecae0dd34e1764fa3d0bd278059c8a116a05e3950ba56a717a7b3a782aeb79ab474facc09f6fc0424dbbadb63cf52a7076320e59b79e981df553901385a53e2f3c12a18f140982a5285aa306a0a4197dbcd970d931b8e8bf350a21f"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000008000000000", @ANYRES32=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

2.27860311s ago: executing program 2 (id=727):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
getsockopt(0xffffffffffffffff, 0x114, 0x271c, 0x0, &(0x7f00000000c0))
sched_setscheduler(0x0, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001600)={r1, &(0x7f0000000580), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = memfd_create(&(0x7f0000000000)='\xf3e\t\x9f\x918\xc0y\x01c\x1fnux\x00sV\ad\xb0l \xfd\xd7\x8e\x7f\x89\xb8\xc5;~\x04\x03~K\xfbP\x84=\xfa\x81\f\x1et\x10\x0e\xcf^9\xbe\\', 0x0)
pwrite64(r2, &(0x7f00000008c0)='/', 0x1, 0x0)
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4, 0x11, r2, 0x0)
lseek(r2, 0x0, 0x4)
sendfile(r2, r2, &(0x7f00000001c0), 0x7fa)
symlink(&(0x7f0000001000)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x8002, 0x8)
write$char_usb(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
syz_open_procfs(0xffffffffffffffff, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
request_key(&(0x7f0000000240)='id_legacy\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)='+].{%\'\x00', 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r3, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)

1.134187252s ago: executing program 4 (id=728):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r2, 0x84, 0xc, &(0x7f00000001c0), 0x4)

0s ago: executing program 2 (id=729):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x7, 0x0, r0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
quotactl_fd$Q_SYNC(r1, 0xffffffff80000100, 0x0, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$kcm(0x2, 0x200000000000001, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x80000008a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400010bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f00000066c0)=""/102392, 0x18ff8)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
read$FUSE(r3, &(0x7f0000000640)={0x2020, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x2020)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
syz_open_dev$swradio(&(0x7f00000000c0), 0x1, 0x2)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
fcntl$setownex(r5, 0xf, &(0x7f0000000280)={0x0, r4})
syz_emit_ethernet(0xa8, &(0x7f00000003c0)=ANY=[@ANYBLOB="01008040000baaaaaaaaaabb86dd6012000800723afffe800092725cbb3a9c6301f0fcf883b9dd000000000000000000040000bbff02000000000000000005b87884cc072874d81f39d5380000000000018600907800006a0200000000ffffffff190aa78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15"], 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB='quota,grpquota_inode_hardlimit=3,noswap'])
r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r6, &(0x7f0000003480)={0x2020}, 0x2020)
syz_open_dev$loop(&(0x7f0000000100), 0x7, 0x40000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.61' (ED25519) to the list of known hosts.
[   78.322606][ T5805] cgroup: Unknown subsys name 'net'
[   78.435424][ T5805] cgroup: Unknown subsys name 'cpuset'
[   78.445118][ T5805] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   79.850677][ T5805] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   83.644433][ T5827] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   83.663744][ T5835] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   83.663816][ T5830] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   83.672858][ T5835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   83.679981][ T5830] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   83.694953][ T5830] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   83.698382][ T5835] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   83.703790][ T5830] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   83.717636][ T5830] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   83.725237][ T5835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   83.726486][ T5830] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   83.741967][ T5830] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   83.748144][ T5837] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   83.757395][ T5837] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   83.757553][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   83.767247][ T5837] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   83.773081][ T5838] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   83.788338][ T5837] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   83.788656][ T5838] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   83.795823][ T5837] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   83.805363][ T5829] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   83.817967][ T5838] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   83.830203][ T5838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   83.857263][ T5836] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   83.867423][ T5836] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   84.628326][ T5819] chnl_net:caif_netlink_parms(): no params data found
[   84.673324][ T5821] chnl_net:caif_netlink_parms(): no params data found
[   84.697489][ T5831] chnl_net:caif_netlink_parms(): no params data found
[   84.813685][ T5822] chnl_net:caif_netlink_parms(): no params data found
[   84.844643][ T5817] chnl_net:caif_netlink_parms(): no params data found
[   85.000917][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.008134][ T5819] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.016090][ T5819] bridge_slave_0: entered allmulticast mode
[   85.023558][ T5819] bridge_slave_0: entered promiscuous mode
[   85.053724][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.061264][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.068490][ T5831] bridge_slave_0: entered allmulticast mode
[   85.075875][ T5831] bridge_slave_0: entered promiscuous mode
[   85.089214][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.096404][ T5819] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.104204][ T5819] bridge_slave_1: entered allmulticast mode
[   85.112043][ T5819] bridge_slave_1: entered promiscuous mode
[   85.138954][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.146099][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.153580][ T5831] bridge_slave_1: entered allmulticast mode
[   85.161546][ T5831] bridge_slave_1: entered promiscuous mode
[   85.284694][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.294438][ T5821] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.301799][ T5821] bridge_slave_0: entered allmulticast mode
[   85.309429][ T5821] bridge_slave_0: entered promiscuous mode
[   85.331887][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.344014][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.351527][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.359718][ T5822] bridge_slave_0: entered allmulticast mode
[   85.366877][ T5822] bridge_slave_0: entered promiscuous mode
[   85.377020][ T5819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.390333][ T5819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.399705][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.406881][ T5821] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.414419][ T5821] bridge_slave_1: entered allmulticast mode
[   85.421723][ T5821] bridge_slave_1: entered promiscuous mode
[   85.443510][ T5817] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.451387][ T5817] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.458964][ T5817] bridge_slave_0: entered allmulticast mode
[   85.466041][ T5817] bridge_slave_0: entered promiscuous mode
[   85.476498][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.497854][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.505365][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.512925][ T5822] bridge_slave_1: entered allmulticast mode
[   85.520897][ T5822] bridge_slave_1: entered promiscuous mode
[   85.563556][ T5817] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.571063][ T5817] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.578422][ T5817] bridge_slave_1: entered allmulticast mode
[   85.585474][ T5817] bridge_slave_1: entered promiscuous mode
[   85.635480][ T5819] team0: Port device team_slave_0 added
[   85.644783][ T5821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.657663][ T5821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.681406][ T5817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.694415][ T5831] team0: Port device team_slave_0 added
[   85.716137][ T5819] team0: Port device team_slave_1 added
[   85.747967][ T5817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.771585][ T5831] team0: Port device team_slave_1 added
[   85.782228][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.848127][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.870053][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.877119][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.879449][ T5838] Bluetooth: hci1: command tx timeout
[   85.907012][ T5827] Bluetooth: hci2: command tx timeout
[   85.914508][ T5819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.931570][ T5821] team0: Port device team_slave_0 added
[   85.939048][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.946042][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.972472][ T5819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.972918][ T5827] Bluetooth: hci4: command tx timeout
[   85.983267][ T5838] Bluetooth: hci0: command tx timeout
[   85.992491][ T5827] Bluetooth: hci3: command tx timeout
[   85.998956][ T5817] team0: Port device team_slave_0 added
[   86.030644][ T5821] team0: Port device team_slave_1 added
[   86.041000][ T5822] team0: Port device team_slave_0 added
[   86.055804][ T5817] team0: Port device team_slave_1 added
[   86.074411][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.081931][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.108653][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.135155][ T5822] team0: Port device team_slave_1 added
[   86.171598][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.178953][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.205146][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   86.261373][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.268469][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.294876][ T5817] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.314723][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.321863][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.348200][ T5821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.370789][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.377769][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.403951][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.417330][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.424398][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.451411][ T5817] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   86.471060][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.478037][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.504289][ T5821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   86.522515][ T5819] hsr_slave_0: entered promiscuous mode
[   86.529669][ T5819] hsr_slave_1: entered promiscuous mode
[   86.537157][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.544316][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.570295][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   86.667821][ T5822] hsr_slave_0: entered promiscuous mode
[   86.674847][ T5822] hsr_slave_1: entered promiscuous mode
[   86.681821][ T5822] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   86.690421][ T5822] Cannot create hsr debugfs directory
[   86.725314][ T5831] hsr_slave_0: entered promiscuous mode
[   86.731837][ T5831] hsr_slave_1: entered promiscuous mode
[   86.738012][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   86.745660][ T5831] Cannot create hsr debugfs directory
[   86.791987][ T5817] hsr_slave_0: entered promiscuous mode
[   86.798614][ T5817] hsr_slave_1: entered promiscuous mode
[   86.804757][ T5817] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   86.812753][ T5817] Cannot create hsr debugfs directory
[   86.841271][  T918] cfg80211: failed to load regulatory.db
[   86.902510][ T5821] hsr_slave_0: entered promiscuous mode
[   86.909637][ T5821] hsr_slave_1: entered promiscuous mode
[   86.915849][ T5821] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   86.923849][ T5821] Cannot create hsr debugfs directory
[   87.449628][ T5831] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   87.465076][ T5831] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   87.488821][ T5831] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   87.502274][ T5831] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   87.547448][ T5817] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   87.560078][ T5817] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   87.578129][ T5817] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   87.604894][ T5817] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   87.676994][ T5819] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   87.700212][ T5819] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   87.716069][ T5819] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   87.743741][ T5819] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   87.868578][ T5821] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   87.881353][ T5821] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   87.894769][ T5821] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   87.953380][ T5821] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   87.959589][ T5827] Bluetooth: hci1: command tx timeout
[   87.966240][ T5836] Bluetooth: hci2: command tx timeout
[   88.002280][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.035985][ T5822] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   88.039027][ T5836] Bluetooth: hci4: command tx timeout
[   88.049601][ T5838] Bluetooth: hci3: command tx timeout
[   88.055268][ T5827] Bluetooth: hci0: command tx timeout
[   88.070630][ T5822] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   88.083557][ T5822] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   88.094955][ T5822] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   88.118003][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[   88.147083][ T5817] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.173743][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.181220][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.224927][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.232675][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.307540][ T5817] 8021q: adding VLAN 0 to HW filter on device team0
[   88.356029][ T1159] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.363243][ T1159] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.390762][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.410734][ T1110] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.417839][ T1110] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.474313][ T5819] 8021q: adding VLAN 0 to HW filter on device team0
[   88.525316][ T1110] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.532546][ T1110] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.554210][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.611081][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.626297][ T1110] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.633692][ T1110] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.696941][ T5822] 8021q: adding VLAN 0 to HW filter on device team0
[   88.715727][ T5821] 8021q: adding VLAN 0 to HW filter on device team0
[   88.750823][   T67] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.757987][   T67] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.791222][   T67] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.798482][   T67] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.808927][   T67] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.816046][   T67] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.832258][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.862503][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.869764][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.132912][ T5831] veth0_vlan: entered promiscuous mode
[   89.205892][ T5831] veth1_vlan: entered promiscuous mode
[   89.316423][ T5817] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.420439][ T5831] veth0_macvtap: entered promiscuous mode
[   89.476931][ T5831] veth1_macvtap: entered promiscuous mode
[   89.525970][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.561609][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.590397][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.611440][ T5831] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.622245][ T5831] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.632648][ T5831] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.642098][ T5831] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.684667][ T5817] veth0_vlan: entered promiscuous mode
[   89.731359][ T5817] veth1_vlan: entered promiscuous mode
[   89.744171][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.764212][ T5819] veth0_vlan: entered promiscuous mode
[   89.782197][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.860018][ T5819] veth1_vlan: entered promiscuous mode
[   89.944036][ T1110] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.945458][ T5822] veth0_vlan: entered promiscuous mode
[   89.969465][ T1110] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.024389][ T5822] veth1_vlan: entered promiscuous mode
[   90.042135][ T5827] Bluetooth: hci1: command tx timeout
[   90.047614][ T5827] Bluetooth: hci2: command tx timeout
[   90.093089][ T1159] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.099682][ T5817] veth0_macvtap: entered promiscuous mode
[   90.101801][ T1159] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.121025][ T5827] Bluetooth: hci0: command tx timeout
[   90.126502][ T5827] Bluetooth: hci4: command tx timeout
[   90.132295][ T5836] Bluetooth: hci3: command tx timeout
[   90.164065][ T5817] veth1_macvtap: entered promiscuous mode
[   90.220117][ T5819] veth0_macvtap: entered promiscuous mode
[   90.261040][ T5819] veth1_macvtap: entered promiscuous mode
[   90.264960][ T5831] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   90.278028][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.317763][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.368483][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.384965][ T5817] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.416881][ T5817] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.426169][ T5817] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.437361][ T5817] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.459117][ T5822] veth0_macvtap: entered promiscuous mode
[   90.516232][ T5909] loop7: detected capacity change from 0 to 16384
[   90.583048][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.604373][ T5822] veth1_macvtap: entered promiscuous mode
[   90.778983][ T5907] sctp: [Deprecated]: syz.1.2 (pid 5907) Use of struct sctp_assoc_value in delayed_ack socket option.
[   90.778983][ T5907] Use struct sctp_sack_info instead
[   90.783296][ T5821] veth0_vlan: entered promiscuous mode
[   90.816423][ T5821] veth1_vlan: entered promiscuous mode
[   90.845442][ T5819] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.858489][ T5819] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.867824][ T5819] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.877270][ T5819] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.905851][ T5909] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   90.931835][ T5909] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   90.971476][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.029831][   T67] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.032356][ T5821] veth0_macvtap: entered promiscuous mode
[   91.058033][   T67] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.076687][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.110898][ T5821] veth1_macvtap: entered promiscuous mode
[   91.127768][ T5822] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.138615][ T5822] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.148344][ T5822] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.157060][ T5822] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.232171][ T1159] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.257309][ T1159] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.291411][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.364537][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.387164][ T5821] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.397752][ T5821] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.408864][ T5821] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.418280][ T5821] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.453607][ T1110] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.473934][ T1110] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.623262][ T5911] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[   91.630020][ T5911] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   91.647791][ T5911] vhci_hcd vhci_hcd.0: Device attached
[   91.654995][   T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.667735][ T5911] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   91.678456][   T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.686896][ T5911] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(14)
[   91.693802][ T5911] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   91.703986][ T5911] vhci_hcd vhci_hcd.0: Device attached
[   91.733140][ T5911] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(16)
[   91.740025][ T5911] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   91.755009][ T5911] vhci_hcd vhci_hcd.0: Device attached
[   91.796335][ T5911] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(18)
[   91.796865][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.802977][ T5911] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   91.830760][ T5876] vhci_hcd: vhci_device speed not set
[   91.846360][ T5911] vhci_hcd vhci_hcd.0: Device attached
[   91.877888][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.897598][ T5920] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   91.925110][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.930514][ T5911] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   91.941974][ T5876] usb 39-1: new full-speed USB device number 2 using vhci_hcd
[   91.963771][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.999761][ T5923] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   92.118976][ T5838] Bluetooth: hci1: command tx timeout
[   92.125389][ T5827] Bluetooth: hci2: command tx timeout
[   92.131364][ T5911] vhci_hcd vhci_hcd.0: port 0 already used
[   92.201042][ T5827] Bluetooth: hci4: command tx timeout
[   92.201072][ T5838] Bluetooth: hci3: command tx timeout
[   92.201260][ T5836] Bluetooth: hci0: command tx timeout
[   92.834204][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.859041][ T1110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.948360][ T1110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.957396][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.991302][ T5918] vhci_hcd: connection closed
[   92.992561][ T4170] vhci_hcd: stop threads
[   93.013981][ T5914] vhci_hcd: connection closed
[   93.018723][ T5912] vhci_hcd: connection reset by peer
[   93.028655][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   93.029698][ T5916] vhci_hcd: connection closed
[   93.268942][ T4170] vhci_hcd: release socket
[   93.298876][ T4170] vhci_hcd: disconnect device
[   93.313195][ T4170] vhci_hcd: stop threads
[   93.317622][ T4170] vhci_hcd: release socket
[   93.327315][ T4170] vhci_hcd: disconnect device
[   93.343276][ T4170] vhci_hcd: stop threads
[   93.347677][ T4170] vhci_hcd: release socket
[   93.362735][ T4170] vhci_hcd: disconnect device
[   93.395183][ T4170] vhci_hcd: stop threads
[   93.402948][ T4170] vhci_hcd: release socket
[   93.411278][ T4170] vhci_hcd: disconnect device
[   94.268703][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   94.277277][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   95.578227][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   96.334206][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   96.438548][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   96.608765][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   96.778909][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   96.949320][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   96.957593][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   97.431734][ T5876] vhci_hcd: vhci_device speed not set
[   98.633923][ T5980] process 'syz.3.12' launched './file0' with NULL argv: empty string added
[   99.567888][ T5984] futex_wake_op: syz.0.13 tries to shift op by 32; fix this program
[  100.355058][ T5992] Lens B: =================  START STATUS  =================
[  100.362894][ T5992] Lens B: Focus, Absolute: 0
[  100.369952][ T5992] Lens B: ==================  END STATUS  ==================
[  103.139740][ T6008] netlink: 84 bytes leftover after parsing attributes in process `syz.1.18'.
[  104.103222][ T6010] veth2: entered allmulticast mode
[  104.786042][ T6019] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  104.839378][ T6019] xt_socket: unknown flags 0x50
[  105.408424][  T978] libceph: connect (1)[c::]:6789 error -101
[  105.705736][  T978] libceph: mon0 (1)[c::]:6789 connect error
[  105.711918][ T6025] ceph: No mds server is up or the cluster is laggy
[  106.987906][ T6031] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  107.315482][ T6031] Process accounting resumed
[  107.881644][ T6045] Zero length message leads to an empty skb
[  108.265302][ T6043] mkiss: ax0: crc mode is auto.
[  110.545019][ T6060] mmap: syz.0.28 (6060) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  114.437261][ T6082] x_tables: duplicate underflow at hook 1
[  114.450389][ T6082] syz.0.34 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  114.812136][ T6080] netlink: 'syz.2.35': attribute type 21 has an invalid length.
[  114.819989][ T6080] netlink: 'syz.2.35': attribute type 6 has an invalid length.
[  114.827564][ T6080] netlink: 132 bytes leftover after parsing attributes in process `syz.2.35'.
[  115.133478][ T6092] capability: warning: `syz.3.36' uses deprecated v2 capabilities in a way that may be insecure
[  115.172121][ T6092] nbd: must specify an index to disconnect
[  116.877441][ T6101] tipc: Started in network mode
[  116.882784][ T6101] tipc: Node identity 7, cluster identity 4711
[  116.889141][ T6101] tipc: Node number set to 7
[  120.007702][ T6134] Failed to get privilege flags for destination (handle=0x2:0x0)
[  120.431498][ T5836] Bluetooth: hci4: connection err: -111
[  122.281907][ T6140] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  122.332410][    T9] IPVS: starting estimator thread 0...
[  122.722807][ T6151] 9pnet_virtio: no channels available for device syz
[  122.749892][ T6151] warning: `syz.3.48' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  123.353160][ T6146] IPVS: using max 26 ests per chain, 62400 per kthread
[  126.331150][ T6176] program syz.1.52 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  127.303449][ T6183] netlink: 96 bytes leftover after parsing attributes in process `syz.2.57'.
[  127.322007][ T6185] netlink: 8 bytes leftover after parsing attributes in process `syz.0.55'.
[  127.364101][ T6183] netlink: 96 bytes leftover after parsing attributes in process `syz.2.57'.
[  127.993334][ T6197] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  129.706201][ T5836] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  129.717416][ T5836] Bluetooth: hci2: Injecting HCI hardware error event
[  129.744019][ T5836] Bluetooth: hci2: hardware error 0x00
[  130.943963][ T6212] =======================================================
[  130.943963][ T6212] WARNING: The mand mount option has been deprecated and
[  130.943963][ T6212]          and is ignored by this kernel. Remove the mand
[  130.943963][ T6212]          option from the mount to silence this warning.
[  130.943963][ T6212] =======================================================
[  130.984094][ T6212] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  130.999460][ T6212] syz.0.55: attempt to access beyond end of device
[  130.999460][ T6212] loop0: rw=0, sector=0, nr_sectors = 2 limit=0
[  131.591842][    T9] IPVS: starting estimator thread 0...
[  132.435254][   T30] audit: type=1326 audit(1747362618.351:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6204 comm="syz.3.61" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6d1198e969 code=0x0
[  132.491107][ T6214] IPVS: using max 32 ests per chain, 76800 per kthread
[  132.925424][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  132.936949][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  134.684920][ T5836] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  135.568696][ T6251] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  139.943716][ T6280] netlink: 'syz.3.78': attribute type 4 has an invalid length.
[  139.951493][ T6280] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.78'.
[  143.888817][ T6309] netlink: 20 bytes leftover after parsing attributes in process `syz.3.86'.
[  143.897859][ T6309] netlink: 12 bytes leftover after parsing attributes in process `syz.3.86'.
[  144.458717][   T30] audit: type=1326 audit(1747362630.841:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6298 comm="syz.1.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6737585927 code=0x7fc00000
[  145.749999][   T30] audit: type=1326 audit(1747362630.841:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6298 comm="syz.1.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f673752ab39 code=0x7fc00000
[  145.838357][   T30] audit: type=1326 audit(1747362630.841:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6298 comm="syz.1.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f673752abff code=0x7fc00000
[  145.858455][ T6323] syz.2.90 uses obsolete (PF_INET,SOCK_PACKET)
[  145.988115][   T30] audit: type=1326 audit(1747362630.841:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6298 comm="syz.1.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f673758e969 code=0x7fc00000
[  146.738714][ T6330] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  146.870167][ T6326] netlink: 252 bytes leftover after parsing attributes in process `syz.2.90'.
[  147.241287][   T30] audit: type=1326 audit(1747362630.841:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6298 comm="syz.1.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f673758e969 code=0x7fc00000
[  147.374894][   T30] audit: type=1326 audit(1747362630.841:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6298 comm="syz.1.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f673758e969 code=0x7fc00000
[  147.434578][   T30] audit: type=1326 audit(1747362630.841:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6298 comm="syz.1.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f673758e969 code=0x7fc00000
[  148.430545][   T30] audit: type=1326 audit(1747362630.841:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6298 comm="syz.1.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f673758e969 code=0x7fc00000
[  148.520800][   T30] audit: type=1326 audit(1747362630.841:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6298 comm="syz.1.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f673758e969 code=0x7fc00000
[  148.651433][   T30] audit: type=1326 audit(1747362630.841:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6298 comm="syz.1.83" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f673758e969 code=0x7fc00000
[  155.360580][ T6396] Bluetooth: MGMT ver 1.23
[  157.257189][ T6402] netlink: 4 bytes leftover after parsing attributes in process `syz.2.109'.
[  157.368598][ T6402] mac80211_hwsim hwsim10 wlan1: entered promiscuous mode
[  157.375773][ T6402] mac80211_hwsim hwsim10 wlan1: entered allmulticast mode
[  157.434767][ T6415] binder: 6411:6415 ioctl c0306201 200000000780 returned -22
[  158.663607][ T6424] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  158.691525][ T6424] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  159.691533][ T6432] fuse: Invalid rootmode
[  161.689490][ T6455] netlink: 104 bytes leftover after parsing attributes in process `syz.4.123'.
[  164.227706][ T6472] veth1_macvtap: left promiscuous mode
[  165.161505][  T978] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[  167.490969][   T10] Process accounting resumed
[  169.642912][ T6508] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[  169.652194][ T6508] netdevsim netdevsim3: Falling back to sysfs fallback for: ./file0
[  169.764081][ T6509] Bluetooth: hci0: unsupported parameter 39401
[  169.770517][ T6509] Bluetooth: hci0: unsupported parameter 512
[  169.776668][ T6509] Bluetooth: hci0: unsupported parameter 39401
[  169.783017][ T6509] Bluetooth: hci0: unsupported parameter 512
[  171.064227][ T6523] dlm: no local IP address has been set
[  171.070337][ T6523] dlm: cannot start dlm midcomms -107
[  172.611514][ T6530] netlink: 4 bytes leftover after parsing attributes in process `syz.3.142'.
[  176.728277][   T95] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  176.948850][   T95] usb 1-1: Using ep0 maxpacket: 32
[  177.404237][   T95] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  177.418379][   T95] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  177.442500][   T95] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  177.767334][   T95] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.786625][   T95] usb 1-1: config 0 descriptor??
[  177.878806][ T6569] netlink: 84 bytes leftover after parsing attributes in process `syz.4.154'.
[  178.555763][   T95] hub 1-1:0.0: bad descriptor, ignoring hub
[  178.838292][   T95] hub 1-1:0.0: probe with driver hub failed with error -5
[  178.847628][   T95] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  178.975806][   T95] usb 1-1: USB disconnect, device number 2
[  180.538077][ T6592] netlink: 'syz.1.159': attribute type 1 has an invalid length.
[  182.500446][    T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  182.858641][    T9] usb 1-1: Using ep0 maxpacket: 8
[  182.972447][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  183.116905][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  183.278406][    T9] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  183.626298][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  183.761268][    T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  183.776997][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.793720][    T9] usb 1-1: config 0 descriptor??
[  185.252810][ T6634] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  185.363136][ T5979] usb 1-1: USB disconnect, device number 3
[  186.377606][ T6649] binder: 6648:6649 ioctl c0306201 200000000780 returned -22
[  189.976151][ T6673] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  190.615977][ T6682] netlink: 'syz.3.181': attribute type 39 has an invalid length.
[  191.558522][ T5979] IPVS: starting estimator thread 0...
[  192.228915][ T6689] IPVS: using max 33 ests per chain, 79200 per kthread
[  192.496314][ T6693] vim2m vim2m.0: vidioc_s_fmt queue busy
[  194.419353][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  194.425711][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  194.659393][ T6706] binder: 6705:6706 ioctl c0306201 200000000780 returned -22
[  199.336585][ T6743] netlink: 'syz.1.197': attribute type 9 has an invalid length.
[  202.264178][ T6766] kvm: pic: non byte write
[  202.432133][ T6770] netlink: 84 bytes leftover after parsing attributes in process `syz.1.203'.
[  205.659936][ T6802] xt_CT: You must specify a L4 protocol and not use inversions on it
[  206.168269][   T30] kauditd_printk_skb: 57 callbacks suppressed
[  206.168289][   T30] audit: type=1326 audit(1747362691.851:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6793 comm="syz.0.208" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f078ef8e969 code=0x0
[  206.784805][ T5837] Bluetooth: hci1: command 0x0406 tx timeout
[  206.791308][ T5837] Bluetooth: hci0: command 0x0406 tx timeout
[  206.797689][ T5837] Bluetooth: hci3: command 0x0406 tx timeout
[  206.808369][ T5129] Bluetooth: hci4: command 0x0406 tx timeout
[  213.663025][ T6848] ALSA: mixer_oss: invalid OSS volume 'MONITO'
[  218.178164][ T6886] netlink: 44 bytes leftover after parsing attributes in process `syz.4.228'.
[  218.200154][ T6886] netlink: 212172 bytes leftover after parsing attributes in process `syz.4.228'.
[  221.288385][   T24] libceph: connect (1)[c::]:6789 error -101
[  221.295243][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  221.679483][   T24] libceph: connect (1)[c::]:6789 error -101
[  221.731931][ T6907] ceph: No mds server is up or the cluster is laggy
[  221.744257][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  221.809832][ T6914] netlink: 52 bytes leftover after parsing attributes in process `syz.2.236'.
[  221.902456][ T6914] netlink: 52 bytes leftover after parsing attributes in process `syz.2.236'.
[  222.167039][ T6914] netlink: 52 bytes leftover after parsing attributes in process `syz.2.236'.
[  222.186842][ T6919] netlink: 12 bytes leftover after parsing attributes in process `syz.3.237'.
[  222.708373][ T6916] sctp: failed to load transform for md5: -4
[  224.174141][ T6935] syz.0.240 (6935) used greatest stack depth: 18168 bytes left
[  224.895703][ T6939] netlink: 4 bytes leftover after parsing attributes in process `syz.0.241'.
[  224.904793][ T6939] netlink: 4 bytes leftover after parsing attributes in process `syz.0.241'.
[  226.824006][ T6958] ip6gre1: entered allmulticast mode
[  228.907145][ T6975] batadv1: entered promiscuous mode
[  229.394716][ T6977] xt_connbytes: Forcing CT accounting to be enabled
[  229.402132][ T6977] set match dimension is over the limit!
[  232.454549][   T30] audit: type=1326 audit(1747362718.841:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7000 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  232.493986][ T7002] pimreg3: entered allmulticast mode
[  232.606168][   T30] audit: type=1326 audit(1747362718.851:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7000 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  232.633720][   T30] audit: type=1326 audit(1747362718.851:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7000 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  232.657839][   T30] audit: type=1326 audit(1747362718.851:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7000 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  232.737841][   T30] audit: type=1326 audit(1747362718.851:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7000 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  232.901652][   T30] audit: type=1326 audit(1747362718.851:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7000 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  232.922917][    C1] vkms_vblank_simulate: vblank timer overrun
[  233.526799][   T55] Bluetooth: hci4: command 0x0406 tx timeout
[  233.792255][ T7014] input: syz0 as /devices/virtual/input/input6
[  234.604714][   T30] audit: type=1326 audit(1747362718.851:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7000 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  234.658220][   T30] audit: type=1326 audit(1747362718.851:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7000 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  234.762895][   T30] audit: type=1326 audit(1747362718.851:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7000 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  235.007326][   T30] audit: type=1326 audit(1747362718.851:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7000 comm="syz.4.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  235.844802][ T7021] sctp: [Deprecated]: syz.3.262 (pid 7021) Use of struct sctp_assoc_value in delayed_ack socket option.
[  235.844802][ T7021] Use struct sctp_sack_info instead
[  237.232410][ T7021] sctp: [Deprecated]: syz.3.262 (pid 7021) Use of struct sctp_assoc_value in delayed_ack socket option.
[  237.232410][ T7021] Use struct sctp_sack_info instead
[  237.804747][ T7037] overlayfs: failed to clone lowerpath
[  240.614175][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  240.614192][   T30] audit: type=1326 audit(1747362727.001:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7057 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f078ef8e969 code=0x7ffc0000
[  240.697978][   T30] audit: type=1326 audit(1747362727.001:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7057 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f078ef8e969 code=0x7ffc0000
[  240.702672][ T7063] pimreg3: entered allmulticast mode
[  240.750224][   T30] audit: type=1326 audit(1747362727.041:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7057 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f078ef8e969 code=0x7ffc0000
[  241.072846][   T30] audit: type=1326 audit(1747362727.041:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7057 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f078ef8e969 code=0x7ffc0000
[  241.922360][   T30] audit: type=1326 audit(1747362727.041:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7057 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f078ef8e969 code=0x7ffc0000
[  241.933302][ T7071] bridge0: port 3(batadv1) entered blocking state
[  241.953443][ T7071] bridge0: port 3(batadv1) entered disabled state
[  241.962835][ T7071] batadv1: entered allmulticast mode
[  242.015242][ T7071] batadv1: entered promiscuous mode
[  242.086391][   T30] audit: type=1326 audit(1747362727.041:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7057 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f078ef8e969 code=0x7ffc0000
[  242.240983][   T30] audit: type=1326 audit(1747362727.041:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7057 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f078ef8e969 code=0x7ffc0000
[  242.292488][   T30] audit: type=1326 audit(1747362727.041:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7057 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f078ef8e969 code=0x7ffc0000
[  242.323544][ T7082] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  242.361733][   T36] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  242.371517][   T36] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  242.385737][   T30] audit: type=1326 audit(1747362727.051:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7057 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f078ef8e969 code=0x7ffc0000
[  242.454497][   T30] audit: type=1326 audit(1747362727.051:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7057 comm="syz.0.274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f078ef8e969 code=0x7ffc0000
[  243.752549][   T55] Bluetooth: hci0: Opcode 0x0401 failed: -110
[  243.771445][   T55] Bluetooth: hci0: command 0x0406 tx timeout
[  252.632342][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  252.632360][   T30] audit: type=1326 audit(1747362739.011:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7130 comm="syz.2.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27ff8e969 code=0x7ffc0000
[  252.671028][ T7133] netlink: 20 bytes leftover after parsing attributes in process `syz.4.289'.
[  252.674906][   T30] audit: type=1326 audit(1747362739.021:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7130 comm="syz.2.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27ff8e969 code=0x7ffc0000
[  252.882776][ T7137] pimreg3: entered allmulticast mode
[  253.165941][   T30] audit: type=1326 audit(1747362739.021:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7130 comm="syz.2.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7fb27ff8e969 code=0x7ffc0000
[  253.231535][   T30] audit: type=1326 audit(1747362739.021:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7130 comm="syz.2.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27ff8e969 code=0x7ffc0000
[  253.264127][   T30] audit: type=1326 audit(1747362739.021:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7130 comm="syz.2.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb27ff8e969 code=0x7ffc0000
[  253.307458][   T30] audit: type=1326 audit(1747362739.021:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7130 comm="syz.2.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27ff8e969 code=0x7ffc0000
[  253.373152][   T30] audit: type=1326 audit(1747362739.031:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7130 comm="syz.2.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb27ff8e969 code=0x7ffc0000
[  253.407762][   T30] audit: type=1326 audit(1747362739.031:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7130 comm="syz.2.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27ff8e969 code=0x7ffc0000
[  253.433029][ T7149] syz.1.292: attempt to access beyond end of device
[  253.433029][ T7149] loop3: rw=0, sector=0, nr_sectors = 1 limit=0
[  253.464994][ T7149] FAT-fs (loop3): unable to read boot sector
[  253.526808][   T30] audit: type=1326 audit(1747362739.031:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7130 comm="syz.2.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb27ff8e969 code=0x7ffc0000
[  253.529582][ T7151] syz.3.291 uses old SIOCAX25GETINFO
[  253.549198][   T30] audit: type=1326 audit(1747362739.031:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7130 comm="syz.2.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb27ff8e969 code=0x7ffc0000
[  256.090340][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  256.096760][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  261.083903][ T7232] netlink: 830 bytes leftover after parsing attributes in process `syz.1.314'.
[  261.564831][ T7228] hpfs: Bad magic ... probably not HPFS
[  261.572848][ T7228] 8021q: VLANs not supported on wg2
[  261.672334][ T5836] Bluetooth: hci4: unexpected event for opcode 0x2005
[  265.268735][ T7277] overlayfs: failed to resolve './file0': -2
[  269.437614][ T7319] ..
@ÿ: renamed from bond_slave_0 (while UP)
[  269.544386][ T5836] Bluetooth: hci1: unexpected cc 0x203e length: 2 > 1
[  269.551432][ T5836] Bluetooth: hci1: unexpected event for opcode 0x203e
[  269.629106][ T7320] tipc: Enabled bearer <udp:syz0>, priority 10
[  270.212517][ T7314] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  271.988891][ T7347] overlayfs: failed to resolve 'fowner>00000000000000000000': -2
[  273.644667][ T7362] sp0: Synchronizing with TNC
[  274.745375][   T47] IPVS: starting estimator thread 0...
[  274.851336][ T7374] IPVS: using max 30 ests per chain, 72000 per kthread
[  276.861450][    C0] vcan0: j1939_tp_rxtimer: 0xffff888033544800: rx timeout, send abort
[  276.871759][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888033544800: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  277.512998][ T7402] netlink: 1284 bytes leftover after parsing attributes in process `syz.0.363'.
[  277.601175][ T7403] netlink: 2048 bytes leftover after parsing attributes in process `syz.0.363'.
[  277.610714][ T7403] netlink: 24 bytes leftover after parsing attributes in process `syz.0.363'.
[  279.216482][ T7414] batadv_slave_0: entered promiscuous mode
[  279.230250][ T7414] macvtap1: entered allmulticast mode
[  279.235690][ T7414] batadv_slave_0: entered allmulticast mode
[  280.753460][ T7433] xt_NFQUEUE: number of total queues is 0
[  280.927460][ T7437] netlink: 124 bytes leftover after parsing attributes in process `syz.3.373'.
[  283.041926][ T7453] binder: BINDER_SET_CONTEXT_MGR already set
[  283.048650][ T7453] binder: 7450:7453 ioctl 4018620d 200000000040 returned -16
[  283.832579][ T7451] mkiss: ax0: crc mode is auto.
[  284.246811][ T7464] erofs (device nbd1): cannot find valid erofs superblock
[  284.603376][ T7461] Bluetooth: hci0: Opcode 0x080f failed: -4
[  285.292121][ T7481] bridge2: entered promiscuous mode
[  286.278273][ T5836] Bluetooth: hci0: command 0x0406 tx timeout
[  287.097183][ T7484] netlink: 560 bytes leftover after parsing attributes in process `syz.2.387'.
[  291.294106][ T7526] erofs (device nbd2): cannot find valid erofs superblock
[  292.047046][ T7525] Bluetooth: hci0: Opcode 0x080f failed: -4
[  292.857487][ T7530] loop6: detected capacity change from 0 to 524287999
[  292.869688][ T7530] Buffer I/O error on dev loop6, logical block 0, async page read
[  292.882405][ T7530] Buffer I/O error on dev loop6, logical block 0, async page read
[  292.892164][ T7530] Buffer I/O error on dev loop6, logical block 0, async page read
[  293.081761][ T7530] Buffer I/O error on dev loop6, logical block 0, async page read
[  293.138162][ T7530] Buffer I/O error on dev loop6, logical block 0, async page read
[  293.159631][ T7530] Buffer I/O error on dev loop6, logical block 0, async page read
[  293.173451][ T7530] Buffer I/O error on dev loop6, logical block 0, async page read
[  293.184882][ T7530] Buffer I/O error on dev loop6, logical block 0, async page read
[  293.238524][ T5836] Bluetooth: hci0: command 0x0406 tx timeout
[  293.957035][ T7530] ldm_validate_partition_table(): Disk read failed.
[  293.964007][ T7530] Buffer I/O error on dev loop6, logical block 0, async page read
[  293.973256][ T7530] Buffer I/O error on dev loop6, logical block 0, async page read
[  293.988406][ T7530] Dev loop6: unable to read RDB block 0
[  294.019159][ T7530]  loop6: unable to read partition table
[  294.031507][ T7530] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  298.343421][ T7579] ALSA: mixer_oss: invalid index 40000
[  299.267801][ T7602] netlink: 48 bytes leftover after parsing attributes in process `syz.0.414'.
[  301.774289][ T7619] netlink: 20 bytes leftover after parsing attributes in process `syz.0.417'.
[  301.829312][ T7621] NILFS (nullb0): couldn't find nilfs on the device
[  302.997063][ T7626] udevd[7626]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  303.087596][ T7625] udevd[7625]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  306.758295][ T5836] Bluetooth: hci1: command 0x0406 tx timeout
[  308.126401][ T7682] overlayfs: failed to clone upperpath
[  309.013467][ T7690] netlink: 'syz.4.433': attribute type 4 has an invalid length.
[  309.156292][ T7698] SET target dimension over the limit!
[  312.577962][ T7721] erofs (device nbd0): cannot find valid erofs superblock
[  313.034874][ T7720] Bluetooth: hci0: Opcode 0x080f failed: -4
[  313.566736][ T7710] trusted_key: encrypted_key: insufficient parameters specified
[  314.724917][   T47] hid-generic 009C:0008:0003.0001: unknown main item tag 0x0
[  314.791605][   T47] hid-generic 009C:0008:0003.0001: unknown main item tag 0x0
[  314.904981][   T47] hid-generic 009C:0008:0003.0001: unknown main item tag 0x0
[  314.991615][   T47] hid-generic 009C:0008:0003.0001: unknown main item tag 0x0
[  315.052613][   T47] hid-generic 009C:0008:0003.0001: unknown main item tag 0x0
[  315.149992][   T55] Bluetooth: hci0: command 0x0406 tx timeout
[  315.212853][   T47] hid-generic 009C:0008:0003.0001: unknown main item tag 0x0
[  316.522796][   T47] hid-generic 009C:0008:0003.0001: unknown main item tag 0x0
[  316.598750][   T47] hid-generic 009C:0008:0003.0001: unknown main item tag 0x0
[  316.607428][   T47] hid-generic 009C:0008:0003.0001: unknown main item tag 0x0
[  317.279794][   T24] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  317.299094][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  317.305669][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  317.348438][   T47] hid-generic 009C:0008:0003.0001: unknown main item tag 0x0
[  317.521654][ T7752] Process accounting resumed
[  318.108379][   T47] hid-generic 009C:0008:0003.0001: unknown main item tag 0x0
[  318.119815][   T47] hid-generic 009C:0008:0003.0001: unknown main item tag 0x0
[  318.127525][   T47] hid-generic 009C:0008:0003.0001: unknown main item tag 0x0
[  318.152650][   T47] hid-generic 009C:0008:0003.0001: unknown main item tag 0x0
[  318.201089][   T47] hid-generic 009C:0008:0003.0001: unknown main item tag 0x0
[  318.426182][   T24] usb 3-1: Using ep0 maxpacket: 16
[  318.457461][   T24] usb 3-1: device descriptor read/all, error -71
[  319.050495][ T7764] Bluetooth: hci0: unsupported parameter 39401
[  319.058476][ T7764] Bluetooth: hci0: unsupported parameter 512
[  319.064616][ T7764] Bluetooth: hci0: unsupported parameter 39401
[  319.070918][ T7764] Bluetooth: hci0: unsupported parameter 512
[  319.670296][   T47] hid-generic 009C:0008:0003.0001: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  319.818536][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  319.818553][   T30] audit: type=1326 audit(1747362806.211:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7766 comm="syz.4.452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  319.926411][ T7765] fido_id[7765]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  319.940560][   T30] audit: type=1326 audit(1747362806.211:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7766 comm="syz.4.452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  320.662235][   T30] audit: type=1326 audit(1747362806.241:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7766 comm="syz.4.452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa95418d2d0 code=0x7ffc0000
[  320.688272][   T30] audit: type=1326 audit(1747362806.241:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7766 comm="syz.4.452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  320.739135][   T30] audit: type=1326 audit(1747362806.241:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7766 comm="syz.4.452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  320.777208][ T7772] netlink: 52 bytes leftover after parsing attributes in process `syz.4.452'.
[  320.820200][   T30] audit: type=1326 audit(1747362806.241:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7766 comm="syz.4.452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  320.880929][   T30] audit: type=1326 audit(1747362806.251:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7766 comm="syz.4.452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa95418e9a3 code=0x7ffc0000
[  320.907345][   T30] audit: type=1326 audit(1747362806.261:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7766 comm="syz.4.452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa95418e9a3 code=0x7ffc0000
[  320.929623][   T30] audit: type=1326 audit(1747362806.261:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7766 comm="syz.4.452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  320.952443][   T30] audit: type=1326 audit(1747362806.261:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7766 comm="syz.4.452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  324.306613][ T7792] erofs (device nbd3): cannot find valid erofs superblock
[  324.577342][ T7791] Bluetooth: hci0: Opcode 0x080f failed: -4
[  324.717667][ T7786] loop7: detected capacity change from 0 to 16384
[  325.154067][ T7796] netlink: 'syz.4.459': attribute type 21 has an invalid length.
[  325.154116][ T7796] netlink: 'syz.4.459': attribute type 6 has an invalid length.
[  325.154125][ T7796] netlink: 132 bytes leftover after parsing attributes in process `syz.4.459'.
[  325.939198][ T7802] 9pnet_fd: Insufficient options for proto=fd
[  326.333418][   T55] Bluetooth: hci0: command 0x0406 tx timeout
[  327.281753][ T7814] Bluetooth: hci0: unsupported parameter 39401
[  327.288133][ T7814] Bluetooth: hci0: unsupported parameter 512
[  327.294216][ T7814] Bluetooth: hci0: unsupported parameter 39401
[  327.300494][ T7814] Bluetooth: hci0: unsupported parameter 512
[  327.342974][ T5810] IPVS: starting estimator thread 0...
[  327.728260][ T7816] IPVS: using max 29 ests per chain, 69600 per kthread
[  332.644752][ T5810] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  332.686064][ T7864] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  332.878983][ T5810] usb 2-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05
[  332.893616][ T5810] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  332.930915][ T5810] usb 2-1: Product: syz
[  332.935227][ T5810] usb 2-1: Manufacturer: syz
[  334.231345][ T5810] usb 2-1: SerialNumber: syz
[  334.341124][ T5810] usb 2-1: config 0 descriptor??
[  334.417535][ T5810] usb 2-1: can't set config #0, error -71
[  334.486046][ T5810] usb 2-1: USB disconnect, device number 3
[  335.751690][ T7888] Illegal XDP return value 4294967294 on prog  (id 158) dev N/A, expect packet loss!
[  337.720471][ T7898] xt_CT: You must specify a L4 protocol and not use inversions on it
[  338.857954][ T7906] batadv1: entered promiscuous mode
[  341.605272][ T7923] netlink: 12 bytes leftover after parsing attributes in process `syz.1.490'.
[  349.026606][ T7966] netlink: 24 bytes leftover after parsing attributes in process `syz.4.502'.
[  349.158467][ T7978] C: renamed from team_slave_0 (while UP)
[  349.694886][ T7978] netlink: 'syz.3.504': attribute type 1 has an invalid length.
[  349.702672][ T7978] netlink: 152 bytes leftover after parsing attributes in process `syz.3.504'.
[  349.712197][ T7978] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  351.654280][ T8000] ubi0: attaching mtd0
[  352.141045][ T8000] ubi0: scanning is finished
[  352.147684][ T8000] ubi0: empty MTD device detected
[  352.816489][ T8008] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  353.603084][ T8000] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  353.628184][ T8000] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  353.670869][ T5836] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  353.681304][ T5836] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  353.690138][ T5836] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  353.698415][ T5836] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  353.706123][ T5836] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  353.734960][ T8000] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  353.765713][ T8000] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  353.839334][ T8000] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  353.846327][ T8000] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  353.855851][ T8000] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 692260073
[  353.868151][ T8000] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  353.881062][ T8011] ubi0: background thread "ubi_bgt0d" started, PID 8011
[  354.194892][ T8019] netlink: 'syz.2.514': attribute type 1 has an invalid length.
[  354.246147][ T8019] netlink: 224 bytes leftover after parsing attributes in process `syz.2.514'.
[  355.376514][ T6181] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  355.830321][ T5836] Bluetooth: hci5: command tx timeout
[  357.250330][ T6181] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.000695][   T55] Bluetooth: hci5: command tx timeout
[  358.678350][ T6181] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.714354][ T8054] x_tables: ip6_tables: mh match: only valid for protocol 135
[  358.802457][ T6181] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  359.741641][ T8012] chnl_net:caif_netlink_parms(): no params data found
[  360.071805][   T55] Bluetooth: hci5: command tx timeout
[  362.142757][   T55] Bluetooth: hci5: command tx timeout
[  363.601533][ T8090] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[  363.610866][ T8090] netdevsim netdevsim1: Falling back to sysfs fallback for: ./file0
[  363.934046][ T6181] bridge_slave_1: left allmulticast mode
[  363.963310][ T6181] bridge_slave_1: left promiscuous mode
[  364.000611][ T6181] bridge0: port 2(bridge_slave_1) entered disabled state
[  364.079796][ T6181] bridge_slave_0: left allmulticast mode
[  364.093979][ T6181] bridge_slave_0: left promiscuous mode
[  364.108390][ T6181] bridge0: port 1(bridge_slave_0) entered disabled state
[  364.482665][ T8099] trusted_key: encrypted_key: insufficient parameters specified
[  366.989956][ T8119] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  369.842037][ T6181] bond0 (unregistering): (slave ..
@ÿ): Releasing backup interface
[  369.864237][ T6181] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  369.885365][ T6181] bond0 (unregistering): Released all slaves
[  370.473910][ T4170] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  370.548492][ T8012] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.560234][ T8012] bridge0: port 1(bridge_slave_0) entered disabled state
[  370.582686][ T8012] bridge_slave_0: entered allmulticast mode
[  370.614443][ T8012] bridge_slave_0: entered promiscuous mode
[  370.654456][ T6181] tipc: Disabling bearer <udp:syz0>
[  370.681033][ T6181] tipc: Left network mode
[  370.681336][ T8012] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.696464][ T8151] netlink: 4 bytes leftover after parsing attributes in process `syz.2.544'.
[  370.724986][ T8012] bridge0: port 2(bridge_slave_1) entered disabled state
[  370.760394][ T8012] bridge_slave_1: entered allmulticast mode
[  370.800009][ T8012] bridge_slave_1: entered promiscuous mode
[  372.489339][ T8012] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  372.536971][ T8012] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  374.358282][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  374.427773][ T8012] team0: Port device team_slave_0 added
[  374.631610][ T8012] team0: Port device team_slave_1 added
[  375.054029][ T5898] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  376.261008][ T5898] usb 2-1: unable to read config index 0 descriptor/all
[  376.308322][ T5898] usb 2-1: can't read configurations, error -71
[  377.228759][ T8211] xt_CT: You must specify a L4 protocol and not use inversions on it
[  377.783906][ T8213] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  377.790083][ T8213] overlayfs: failed to clone upperpath
[  378.340364][ T8012] batman_adv: batadv0: Adding interface: batadv_slave_0
[  378.340382][ T8012] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  378.340425][ T8012] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  378.342505][ T8012] batman_adv: batadv0: Adding interface: batadv_slave_1
[  378.342520][ T8012] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  378.342557][ T8012] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  379.423386][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  381.232223][ T8234] input: syz0 as /devices/virtual/input/input7
[  381.246337][ T8236] xt_hashlimit: max too large, truncated to 1048576
[  381.269357][ T6181] hsr_slave_0: left promiscuous mode
[  381.488584][ T6181] hsr_slave_1: left promiscuous mode
[  381.878306][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  382.276732][ T6181] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  382.325870][ T6181] batman_adv: batadv0: Removing interface: batadv_slave_0
[  382.425762][ T6181] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  382.465148][ T6181] batman_adv: batadv0: Removing interface: batadv_slave_1
[  382.508231][ T8239] QAT: Invalid ioctl 1073935638
[  383.715603][ T6181] veth1_macvtap: left promiscuous mode
[  383.736139][ T8249] netlink: 12 bytes leftover after parsing attributes in process `syz.4.563'.
[  384.849385][ T6181] veth0_macvtap: left promiscuous mode
[  384.855268][ T6181] veth1_vlan: left promiscuous mode
[  384.861286][ T6181] veth0_vlan: left promiscuous mode
[  386.080995][   T47] libceph: connect (1)[c::]:6789 error -101
[  386.091820][   T47] libceph: mon0 (1)[c::]:6789 connect error
[  386.772171][   T47] libceph: connect (1)[c::]:6789 error -101
[  387.093718][   T47] libceph: mon0 (1)[c::]:6789 connect error
[  387.225508][ T8260] ceph: No mds server is up or the cluster is laggy
[  387.467080][ T6181] pimreg3 (unregistering): left allmulticast mode
[  388.693400][ T8285] netlink: 8 bytes leftover after parsing attributes in process `syz.4.571'.
[  390.306471][ T8296] netlink: 12 bytes leftover after parsing attributes in process `syz.4.574'.
[  390.343096][ T6181] team0 (unregistering): Port device team_slave_1 removed
[  390.434539][ T6181] team0 (unregistering): Port device team_slave_0 removed
[  390.550022][   T10] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  391.625515][   T30] kauditd_printk_skb: 60 callbacks suppressed
[  391.625533][   T30] audit: type=1326 audit(1747362877.101:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8297 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  391.633086][   T10] usb 4-1: Using ep0 maxpacket: 16
[  391.654633][   T30] audit: type=1326 audit(1747362877.101:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8297 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  391.689997][   T30] audit: type=1326 audit(1747362877.101:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8297 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  391.712563][   T30] audit: type=1326 audit(1747362877.101:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8297 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  391.741630][   T30] audit: type=1326 audit(1747362877.101:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8297 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  391.784586][   T30] audit: type=1326 audit(1747362877.111:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8297 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  391.813050][   T30] audit: type=1326 audit(1747362877.111:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8297 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  391.840271][   T10] usb 4-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[  391.847662][   T30] audit: type=1326 audit(1747362877.111:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8297 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  391.868158][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  391.879308][   T10] usb 4-1: Product: syz
[  391.883542][   T10] usb 4-1: Manufacturer: syz
[  391.888286][   T10] usb 4-1: SerialNumber: syz
[  391.900942][   T10] usb 4-1: config 0 descriptor??
[  391.902801][   T30] audit: type=1326 audit(1747362877.121:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8297 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  391.926245][   T10] ums-onetouch 4-1:0.0: USB Mass Storage device detected
[  391.934935][   T30] audit: type=1326 audit(1747362877.121:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8297 comm="syz.4.575" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  393.249281][ T8313] 9pnet_fd: Insufficient options for proto=fd
[  393.266796][ T8312] nftables ruleset with unbound set
[  393.374955][   T24] usb 4-1: USB disconnect, device number 2
[  394.111730][ T8012] hsr_slave_0: entered promiscuous mode
[  394.133741][ T8012] hsr_slave_1: entered promiscuous mode
[  394.914918][ T8333] bridge0: port 2(bridge_slave_1) entered disabled state
[  394.923351][ T8333] bridge0: port 1(bridge_slave_0) entered disabled state
[  395.094088][ T8337] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  395.138470][ T8333] bridge0: entered allmulticast mode
[  396.718721][   T10] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  397.113515][ T6181] IPVS: stop unused estimator thread 0...
[  397.215762][   T10] usb 4-1: Using ep0 maxpacket: 8
[  397.238282][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  397.657231][   T10] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  398.479286][   T10] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  400.261826][   T10] usb 4-1: string descriptor 0 read error: -71
[  400.293401][   T10] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  400.325429][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  400.395438][   T10] usb 4-1: can't set config #1, error -71
[  400.428437][   T10] usb 4-1: USB disconnect, device number 3
[  403.730792][ T8012] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  404.151569][ T8397] netlink: 'syz.2.590': attribute type 1 has an invalid length.
[  404.159347][ T8397] netlink: 'syz.2.590': attribute type 2 has an invalid length.
[  404.256503][ T8012] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  405.454580][ T8012] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  405.699287][ T8012] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  408.308515][ T8431] binfmt_misc: register: failed to install interpreter file ./file0
[  408.394686][   T55] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  408.404640][   T55] CPU: 0 UID: 0 PID: 55 Comm: kworker/u9:0 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  408.404656][   T55] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  408.404663][   T55] Workqueue: hci0 hci_rx_work
[  408.404693][   T55] Call Trace:
[  408.404701][   T55]  <TASK>
[  408.404709][   T55]  dump_stack_lvl+0x189/0x250
[  408.404728][   T55]  ? __pfx_dump_stack_lvl+0x10/0x10
[  408.404742][   T55]  ? __pfx__printk+0x10/0x10
[  408.404758][   T55]  ? kernfs_path_from_node+0x2b/0x260
[  408.404773][   T55]  ? kernfs_path_from_node+0x2b/0x260
[  408.404782][   T55]  ? kernfs_path_from_node+0x2b/0x260
[  408.404793][   T55]  ? kernfs_path_from_node+0x216/0x260
[  408.404805][   T55]  sysfs_create_dir_ns+0x259/0x280
[  408.404817][   T55]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  408.404829][   T55]  ? do_raw_spin_unlock+0x122/0x240
[  408.404843][   T55]  kobject_add_internal+0x59f/0xb40
[  408.404864][   T55]  kobject_add+0x155/0x220
[  408.404938][   T55]  ? __pfx_kobject_add+0x10/0x10
[  408.404953][   T55]  ? _raw_spin_unlock+0x28/0x50
[  408.404966][   T55]  ? get_device_parent+0x366/0x3a0
[  408.404983][   T55]  device_add+0x408/0xb50
[  408.404999][   T55]  hci_conn_add_sysfs+0xd5/0x1e0
[  408.405015][   T55]  le_conn_complete_evt+0xc3a/0x1220
[  408.405035][   T55]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  408.405046][   T55]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  408.405059][   T55]  ? __asan_memcpy+0x40/0x70
[  408.405073][   T55]  ? __pfx___mutex_lock+0x10/0x10
[  408.405085][   T55]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  408.405097][   T55]  ? skb_pull_data+0xfb/0x200
[  408.405116][   T55]  hci_le_conn_complete_evt+0x187/0x450
[  408.405137][   T55]  hci_event_packet+0x7a2/0x1270
[  408.405155][   T55]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  408.405171][   T55]  ? __pfx_hci_event_packet+0x10/0x10
[  408.405187][   T55]  ? kcov_remote_start+0x4d3/0x7f0
[  408.405198][   T55]  ? lockdep_hardirqs_on+0x20/0x150
[  408.405212][   T55]  ? hci_send_to_monitor+0xd7/0x4f0
[  408.405225][   T55]  hci_rx_work+0x46a/0xe80
[  408.405244][   T55]  ? process_scheduled_works+0x9ec/0x17a0
[  408.405261][   T55]  process_scheduled_works+0xadb/0x17a0
[  408.405293][   T55]  ? __pfx_process_scheduled_works+0x10/0x10
[  408.405318][   T55]  worker_thread+0x8a0/0xda0
[  408.405343][   T55]  kthread+0x70e/0x8a0
[  408.405356][   T55]  ? __pfx_worker_thread+0x10/0x10
[  408.405365][   T55]  ? __pfx_kthread+0x10/0x10
[  408.405377][   T55]  ? __pfx_kthread+0x10/0x10
[  408.405388][   T55]  ? _raw_spin_unlock_irq+0x23/0x50
[  408.405399][   T55]  ? lockdep_hardirqs_on+0x9c/0x150
[  408.405411][   T55]  ? __pfx_kthread+0x10/0x10
[  408.405421][   T55]  ret_from_fork+0x4b/0x80
[  408.405431][   T55]  ? __pfx_kthread+0x10/0x10
[  408.405442][   T55]  ret_from_fork_asm+0x1a/0x30
[  408.405466][   T55]  </TASK>
[  408.405510][   T55] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  409.116662][   T55] Bluetooth: hci0: failed to register connection device
[  409.682865][ T8434] overlayfs: failed to clone upperpath
[  409.731593][ T8012] 8021q: adding VLAN 0 to HW filter on device bond0
[  409.785156][ T8012] 8021q: adding VLAN 0 to HW filter on device team0
[  411.238377][ T8448] input: syz1 as /devices/virtual/input/input8
[  411.564559][ T6181] bridge0: port 1(bridge_slave_0) entered blocking state
[  411.571936][ T6181] bridge0: port 1(bridge_slave_0) entered forwarding state
[  411.591261][ T6181] bridge0: port 2(bridge_slave_1) entered blocking state
[  411.598626][ T6181] bridge0: port 2(bridge_slave_1) entered forwarding state
[  414.994538][ T8480] netlink: 40 bytes leftover after parsing attributes in process `syz.4.607'.
[  415.568841][   T55] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  415.581050][   T55] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  415.591004][   T55] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  415.613413][   T55] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  415.629948][   T55] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  418.026101][   T55] Bluetooth: hci1: command tx timeout
[  418.863601][ T8522] netlink: 12 bytes leftover after parsing attributes in process `syz.1.617'.
[  420.118254][   T55] Bluetooth: hci1: command tx timeout
[  420.725354][ T8543] TCP: TCP_TX_DELAY enabled
[  421.070930][ T8552] Bluetooth: hci0: unsupported parameter 39401
[  421.077217][ T8552] Bluetooth: hci0: unsupported parameter 512
[  421.083503][ T8552] Bluetooth: hci0: unsupported parameter 39401
[  421.090078][ T8552] Bluetooth: hci0: unsupported parameter 512
[  421.207424][ T8488] chnl_net:caif_netlink_parms(): no params data found
[  422.932265][ T5836] Bluetooth: hci1: command tx timeout
[  424.558817][ T8488] bridge0: port 1(bridge_slave_0) entered blocking state
[  424.566735][ T8488] bridge0: port 1(bridge_slave_0) entered disabled state
[  424.624863][ T8488] bridge_slave_0: entered allmulticast mode
[  424.779066][ T8607] netlink: 12 bytes leftover after parsing attributes in process `syz.3.631'.
[  424.789484][ T8488] bridge_slave_0: entered promiscuous mode
[  424.998210][   T55] Bluetooth: hci1: command tx timeout
[  424.999096][ T8488] bridge0: port 2(bridge_slave_1) entered blocking state
[  425.129776][ T8488] bridge0: port 2(bridge_slave_1) entered disabled state
[  425.210610][ T8488] bridge_slave_1: entered allmulticast mode
[  425.321760][ T8488] bridge_slave_1: entered promiscuous mode
[  425.724250][ T8613] xt_addrtype: ipv6 does not support BROADCAST matching
[  426.116330][ T8488] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  426.135246][ T8619] Bluetooth: hci0: unsupported parameter 39401
[  426.141674][ T8619] Bluetooth: hci0: unsupported parameter 512
[  426.147773][ T8619] Bluetooth: hci0: unsupported parameter 39401
[  426.154193][ T8619] Bluetooth: hci0: unsupported parameter 512
[  426.208943][ T8488] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  426.932976][ T8627] netlink: 56 bytes leftover after parsing attributes in process `syz.1.634'.
[  427.240681][ T8488] team0: Port device team_slave_0 added
[  427.299556][ T8488] team0: Port device team_slave_1 added
[  427.958341][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  428.190147][ T8634] CIFS mount error: No usable UNC path provided in device string!
[  428.190147][ T8634] 
[  428.200885][ T8634] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  430.061423][ T8651] netlink: 16 bytes leftover after parsing attributes in process `syz.2.640'.
[  430.391711][ T8488] batman_adv: batadv0: Adding interface: batadv_slave_0
[  430.406469][ T8488] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  430.438475][ T8488] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  430.457259][ T8488] batman_adv: batadv0: Adding interface: batadv_slave_1
[  430.464605][ T8488] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  430.491788][ T8488] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  430.787743][ T8660] netlink: 12 bytes leftover after parsing attributes in process `syz.1.643'.
[  432.044508][ T8670] netlink: 12 bytes leftover after parsing attributes in process `syz.4.646'.
[  432.081145][ T8488] hsr_slave_0: entered promiscuous mode
[  432.095352][ T8488] hsr_slave_1: entered promiscuous mode
[  432.135933][ T8488] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  432.145498][ T8488] Cannot create hsr debugfs directory
[  432.416536][ T5974] bridge_slave_1: left allmulticast mode
[  432.425809][ T5974] bridge_slave_1: left promiscuous mode
[  432.436747][ T5974] bridge0: port 2(bridge_slave_1) entered disabled state
[  432.647274][ T5974] bridge_slave_0: left allmulticast mode
[  432.656896][ T5974] bridge_slave_0: left promiscuous mode
[  433.109239][   T55] Bluetooth: hci4: unexpected event for opcode 0x1004
[  433.135665][ T5974] bridge0: port 1(bridge_slave_0) entered disabled state
[  435.916116][ T8697] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  436.620029][   T30] kauditd_printk_skb: 32 callbacks suppressed
[  436.620045][   T30] audit: type=1326 audit(1747362923.011:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8700 comm="syz.4.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  436.730929][   T30] audit: type=1326 audit(1747362923.011:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8700 comm="syz.4.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  436.762544][   T30] audit: type=1326 audit(1747362923.011:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8700 comm="syz.4.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  436.784926][   T30] audit: type=1326 audit(1747362923.011:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8700 comm="syz.4.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  437.092974][   T30] audit: type=1326 audit(1747362923.011:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8700 comm="syz.4.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  437.164853][   T55] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  437.187634][   T55] Bluetooth: hci4: Injecting HCI hardware error event
[  437.204784][ T5836] Bluetooth: hci4: hardware error 0x00
[  437.524003][   T30] audit: type=1326 audit(1747362923.011:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8700 comm="syz.4.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  437.555391][   T30] audit: type=1326 audit(1747362923.011:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8700 comm="syz.4.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  437.686218][   T30] audit: type=1326 audit(1747362923.011:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8700 comm="syz.4.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  437.709132][   T30] audit: type=1326 audit(1747362923.011:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8700 comm="syz.4.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  437.738222][   T30] audit: type=1326 audit(1747362923.011:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8700 comm="syz.4.654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  439.534541][ T5974] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  439.550382][ T5974] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  439.562662][ T5974] bond0 (unregistering): Released all slaves
[  439.617473][ T8688] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  439.718511][ T5836] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  440.051499][ T8725] netlink: 12 bytes leftover after parsing attributes in process `syz.2.659'.
[  440.123479][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  441.358291][ T5974] hsr_slave_0: left promiscuous mode
[  441.958560][ T5974] hsr_slave_1: left promiscuous mode
[  441.964881][ T5974] batman_adv: batadv0: Removing interface: batadv_slave_0
[  441.976734][ T5974] batman_adv: batadv0: Removing interface: batadv_slave_1
[  442.384993][ T8750] netlink: 4 bytes leftover after parsing attributes in process `syz.4.661'.
[  443.418448][ T8758] Invalid ELF header type: 0 != 1
[  444.054206][ T8761] netlink: 34 bytes leftover after parsing attributes in process `syz.4.664'.
[  444.252241][ T5974] team0 (unregistering): Port device team_slave_1 removed
[  444.573735][ T5974] team0 (unregistering): Port device team_slave_0 removed
[  445.753765][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  445.753781][   T30] audit: type=1326 audit(1747362932.141:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8783 comm="syz.1.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f673758e969 code=0x7ffc0000
[  445.788812][   T30] audit: type=1326 audit(1747362932.141:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8783 comm="syz.1.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f673758e969 code=0x7ffc0000
[  445.931224][   T30] audit: type=1326 audit(1747362932.141:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8783 comm="syz.1.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f673758e969 code=0x7ffc0000
[  445.953786][   T30] audit: type=1326 audit(1747362932.141:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8783 comm="syz.1.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f673758e969 code=0x7ffc0000
[  445.976601][   T30] audit: type=1326 audit(1747362932.141:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8783 comm="syz.1.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f673758e969 code=0x7ffc0000
[  445.999547][   T30] audit: type=1326 audit(1747362932.141:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8783 comm="syz.1.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f673758e969 code=0x7ffc0000
[  446.050443][   T30] audit: type=1326 audit(1747362932.141:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8783 comm="syz.1.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f673758e969 code=0x7ffc0000
[  446.078360][   T30] audit: type=1326 audit(1747362932.141:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8783 comm="syz.1.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f673758e969 code=0x7ffc0000
[  446.112408][   T30] audit: type=1326 audit(1747362932.141:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8783 comm="syz.1.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f673758e969 code=0x7ffc0000
[  446.136330][   T30] audit: type=1326 audit(1747362932.141:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8783 comm="syz.1.668" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f673758e969 code=0x7ffc0000
[  446.554830][ T8790] pimreg3: entered allmulticast mode
[  446.764469][ T8801] netlink: 'syz.3.669': attribute type 4 has an invalid length.
[  451.080287][   T30] audit: type=1326 audit(1747362936.541:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8817 comm="syz.3.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d1198e969 code=0x7ffc0000
[  453.109238][   T30] audit: type=1326 audit(1747362936.551:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8817 comm="syz.3.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d1198e969 code=0x7ffc0000
[  455.102972][   T30] audit: type=1326 audit(1747362936.561:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8817 comm="syz.3.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6d1198e969 code=0x7ffc0000
[  456.142090][   T30] audit: type=1326 audit(1747362936.561:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8817 comm="syz.3.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d1198e969 code=0x7ffc0000
[  457.303151][   T30] audit: type=1326 audit(1747362936.561:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8817 comm="syz.3.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d1198e969 code=0x7ffc0000
[  457.378254][   T30] audit: type=1326 audit(1747362936.561:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8817 comm="syz.3.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f6d1198e969 code=0x7ffc0000
[  457.571269][   T30] audit: type=1326 audit(1747362936.571:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8817 comm="syz.3.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d1198e969 code=0x7ffc0000
[  457.836068][   T30] audit: type=1326 audit(1747362936.571:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8817 comm="syz.3.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d1198e969 code=0x7ffc0000
[  458.216693][ T8838] overlayfs: failed to clone upperpath
[  458.243945][ T8838] netlink: 8 bytes leftover after parsing attributes in process `syz.4.676'.
[  458.747285][   T30] audit: type=1326 audit(1747362936.791:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8817 comm="syz.3.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f6d1198e969 code=0x7ffc0000
[  458.913552][   T30] audit: type=1326 audit(1747362936.791:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8817 comm="syz.3.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d1198e969 code=0x7ffc0000
[  459.118643][   T30] audit: type=1326 audit(1747362936.791:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8817 comm="syz.3.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d1198e969 code=0x7ffc0000
[  459.147002][   T30] audit: type=1326 audit(1747362937.041:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8817 comm="syz.3.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f6d1198e969 code=0x7ffc0000
[  459.513553][ T8850] xt_recent: hitcount (262144) is larger than allowed maximum (65535)
[  459.530290][   T30] audit: type=1326 audit(1747362937.041:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8817 comm="syz.3.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d1198e969 code=0x7ffc0000
[  459.687299][ T8856] netlink: 12 bytes leftover after parsing attributes in process `syz.3.680'.
[  460.510959][ T8488] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  460.602899][ T8488] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  460.652331][ T8850] netlink: 20 bytes leftover after parsing attributes in process `syz.2.679'.
[  460.670496][ T8488] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  460.826758][ T8869] netlink: 12 bytes leftover after parsing attributes in process `syz.3.682'.
[  461.600235][ T8488] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  461.610069][ T8871] random: crng reseeded on system resumption
[  462.352075][ T8488] 8021q: adding VLAN 0 to HW filter on device bond0
[  462.464587][ T8488] 8021q: adding VLAN 0 to HW filter on device team0
[  463.565651][ T5936] bridge0: port 1(bridge_slave_0) entered blocking state
[  463.573097][ T5936] bridge0: port 1(bridge_slave_0) entered forwarding state
[  464.120446][ T5898] libceph: connect (1)[c::]:6789 error -101
[  464.126623][ T5898] libceph: mon0 (1)[c::]:6789 connect error
[  464.140431][ T5936] bridge0: port 2(bridge_slave_1) entered blocking state
[  464.147808][ T5936] bridge0: port 2(bridge_slave_1) entered forwarding state
[  464.266609][ T8890] ceph: No mds server is up or the cluster is laggy
[  464.614145][ T8902] netlink: 252 bytes leftover after parsing attributes in process `syz.1.687'.
[  466.508908][   T30] kauditd_printk_skb: 29 callbacks suppressed
[  466.508928][   T30] audit: type=1326 audit(1747362952.761:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8915 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  467.128562][   T30] audit: type=1326 audit(1747362952.771:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8915 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  467.165151][   T30] audit: type=1326 audit(1747362952.771:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8915 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  467.268196][   T30] audit: type=1326 audit(1747362952.771:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8915 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  467.289961][   T30] audit: type=1326 audit(1747362952.771:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8915 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  467.312052][   T30] audit: type=1326 audit(1747362952.771:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8915 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  467.376859][   T30] audit: type=1326 audit(1747362952.771:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8915 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  467.522787][   T30] audit: type=1326 audit(1747362952.771:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8915 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  467.551262][   T30] audit: type=1326 audit(1747362952.771:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8915 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  467.614194][   T30] audit: type=1326 audit(1747362952.771:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8915 comm="syz.4.691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa95418e969 code=0x7ffc0000
[  468.717170][ T8488] 8021q: adding VLAN 0 to HW filter on device batadv0
[  471.513452][ T8975] netlink: 4 bytes leftover after parsing attributes in process `syz.1.701'.
[  471.572969][ T8955] bridge0: port 2(bridge_slave_1) entered disabled state
[  472.405933][ T8990] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  485.693925][ T9009] mac80211_hwsim hwsim11 wlan1: entered promiscuous mode
[  486.198579][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  486.279111][ T9009] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
[  486.319940][   T55] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  486.338491][   T55] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  486.347311][   T55] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  486.673114][   T55] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  486.717894][ T9017] netlink: 830 bytes leftover after parsing attributes in process `syz.3.710'.
[  486.780679][   T55] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  486.825247][ T9018] netlink: 'syz.4.707': attribute type 8 has an invalid length.
[  487.328066][ T9002] syz.2.708 (9002): drop_caches: 2
[  487.347542][ T9018] bridge0: port 2(bridge_slave_1) entered disabled state
[  487.355355][ T9018] bridge0: port 1(bridge_slave_0) entered disabled state
[  487.389545][ T9018] bridge0: entered allmulticast mode
[  488.429141][ T9036] ALSA: mixer_oss: invalid OSS volume ''
[  488.849115][ T5836] Bluetooth: hci5: command tx timeout
[  490.430774][ T9048] netlink: 'syz.4.716': attribute type 4 has an invalid length.
[  490.918398][   T55] Bluetooth: hci5: command tx timeout
[  491.748370][ T9067] netlink: 80 bytes leftover after parsing attributes in process `syz.4.719'.
[  493.012842][   T55] Bluetooth: hci5: command 0x040f tx timeout
[  494.239930][ T9096] netlink: 'syz.1.722': attribute type 6 has an invalid length.
[  495.060366][   T53] bridge_slave_1: left allmulticast mode
[  495.080469][   T55] Bluetooth: hci5: command 0x040f tx timeout
[  495.100261][   T53] bridge_slave_1: left promiscuous mode
[  495.106124][   T53] bridge0: port 2(bridge_slave_1) entered disabled state
[  495.382495][   T53] bridge_slave_0: left allmulticast mode
[  496.049286][   T53] bridge_slave_0: left promiscuous mode
[  496.069955][   T53] bridge0: port 1(bridge_slave_0) entered disabled state
[  496.095068][ T9072] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  496.184940][ T9072] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  496.493249][   T55] Bluetooth: hci0: command 0x0406 tx timeout
[  497.164349][   T55] Bluetooth: hci5: command 0x040f tx timeout
[  497.525159][ T9072] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  497.707642][ T9072] ==================================================================
[  497.715763][ T9072] BUG: KASAN: slab-use-after-free in __list_del_entry_valid_or_report+0x92/0x190
[  497.724913][ T9072] Read of size 8 at addr ffff888057cde558 by task syz.3.718/9072
[  497.732642][ T9072] 
[  497.734969][ T9072] CPU: 1 UID: 0 PID: 9072 Comm: syz.3.718 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  497.734990][ T9072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  497.735002][ T9072] Call Trace:
[  497.735009][ T9072]  <TASK>
[  497.735017][ T9072]  dump_stack_lvl+0x189/0x250
[  497.735045][ T9072]  ? __virt_addr_valid+0x18c/0x540
[  497.735067][ T9072]  ? rcu_is_watching+0x15/0xb0
[  497.735092][ T9072]  ? __kasan_check_byte+0x12/0x40
[  497.735119][ T9072]  ? __pfx_dump_stack_lvl+0x10/0x10
[  497.735141][ T9072]  ? rcu_is_watching+0x15/0xb0
[  497.735165][ T9072]  ? lock_release+0x4b/0x3e0
[  497.735194][ T9072]  ? __virt_addr_valid+0x18c/0x540
[  497.735215][ T9072]  ? __virt_addr_valid+0x469/0x540
[  497.735237][ T9072]  print_report+0xb4/0x290
[  497.735256][ T9072]  ? __list_del_entry_valid_or_report+0x92/0x190
[  497.735281][ T9072]  kasan_report+0x118/0x150
[  497.735307][ T9072]  ? __list_del_entry_valid_or_report+0x92/0x190
[  497.735336][ T9072]  __list_del_entry_valid_or_report+0x92/0x190
[  497.735364][ T9072]  bt_accept_unlink+0x39/0x240
[  497.735383][ T9072]  l2cap_sock_teardown_cb+0x17e/0x460
[  497.735406][ T9072]  l2cap_chan_del+0xb2/0x5e0
[  497.735430][ T9072]  l2cap_conn_del+0x388/0x680
[  497.735452][ T9072]  l2cap_connect_cfm+0x11d/0x1040
[  497.735474][ T9072]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  497.735496][ T9072]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  497.735515][ T9072]  hci_conn_failed+0x1cb/0x310
[  497.735533][ T9072]  ? hci_abort_conn_sync+0x202/0xdd0
[  497.735550][ T9072]  hci_abort_conn_sync+0x5ad/0xdd0
[  497.735571][ T9072]  ? __pfx_hci_abort_conn_sync+0x10/0x10
[  497.735589][ T9072]  ? hci_disconnect_all_sync+0x2e/0x350
[  497.735610][ T9072]  ? hci_disconnect_all_sync+0x2e/0x350
[  497.735628][ T9072]  ? hci_disconnect_all_sync+0x2e/0x350
[  497.735646][ T9072]  hci_disconnect_all_sync+0x1b5/0x350
[  497.735667][ T9072]  hci_suspend_sync+0x3b8/0xc00
[  497.735685][ T9072]  ? __pfx___mutex_lock+0x10/0x10
[  497.735706][ T9072]  ? enable_work+0x258/0x2c0
[  497.735725][ T9072]  ? __pfx_hci_suspend_sync+0x10/0x10
[  497.735747][ T9072]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  497.735770][ T9072]  ? hci_cmd_sync_cancel_sync+0xc9/0x190
[  497.735793][ T9072]  hci_suspend_dev+0x28d/0x4d0
[  497.735819][ T9072]  ? __pfx_hci_suspend_dev+0x10/0x10
[  497.735842][ T9072]  ? rcu_barrier+0x474/0x570
[  497.735862][ T9072]  hci_suspend_notifier+0xf2/0x290
[  497.735887][ T9072]  notifier_call_chain+0x1b6/0x3e0
[  497.735907][ T9072]  blocking_notifier_call_chain_robust+0x85/0x100
[  497.735927][ T9072]  pm_notifier_call_chain_robust+0x2c/0x60
[  497.735950][ T9072]  snapshot_open+0x19c/0x280
[  497.735973][ T9072]  ? __pfx_snapshot_open+0x10/0x10
[  497.735993][ T9072]  misc_open+0x2bc/0x330
[  497.736017][ T9072]  chrdev_open+0x4c9/0x5e0
[  497.736034][ T9072]  ? __pfx_chrdev_open+0x10/0x10
[  497.736051][ T9072]  ? __pfx_chrdev_open+0x10/0x10
[  497.736065][ T9072]  do_dentry_open+0xdf3/0x1970
[  497.736089][ T9072]  vfs_open+0x3b/0x340
[  497.736104][ T9072]  ? path_openat+0x2ecd/0x3830
[  497.736125][ T9072]  path_openat+0x2ee5/0x3830
[  497.736143][ T9072]  ? arch_stack_walk+0xfc/0x150
[  497.736176][ T9072]  ? futex_wait_queue+0x31/0x200
[  497.736202][ T9072]  ? __pfx_path_openat+0x10/0x10
[  497.736221][ T9072]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  497.736247][ T9072]  do_filp_open+0x1fa/0x410
[  497.736268][ T9072]  ? __pfx_do_filp_open+0x10/0x10
[  497.736297][ T9072]  ? _raw_spin_unlock+0x28/0x50
[  497.736314][ T9072]  ? alloc_fd+0x64c/0x6c0
[  497.736342][ T9072]  do_sys_openat2+0x121/0x1c0
[  497.736361][ T9072]  ? __pfx_do_sys_openat2+0x10/0x10
[  497.736382][ T9072]  ? rcu_is_watching+0x15/0xb0
[  497.736408][ T9072]  __x64_sys_openat+0x138/0x170
[  497.736429][ T9072]  do_syscall_64+0xf6/0x210
[  497.736451][ T9072]  ? clear_bhb_loop+0x60/0xb0
[  497.736469][ T9072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  497.736485][ T9072] RIP: 0033:0x7f6d1198e969
[  497.736512][ T9072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  497.736527][ T9072] RSP: 002b:00007f6d12746038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  497.736545][ T9072] RAX: ffffffffffffffda RBX: 00007f6d11bb6080 RCX: 00007f6d1198e969
[  497.736558][ T9072] RDX: 0000000000101000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  497.736571][ T9072] RBP: 00007f6d11a10ab1 R08: 0000000000000000 R09: 0000000000000000
[  497.736582][ T9072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  497.736592][ T9072] R13: 0000000000000000 R14: 00007f6d11bb6080 R15: 00007ffcd1941628
[  497.736610][ T9072]  </TASK>
[  497.736616][ T9072] 
[  498.179607][ T9072] Allocated by task 9019:
[  498.183924][ T9072]  kasan_save_track+0x3e/0x80
[  498.188601][ T9072]  __kasan_kmalloc+0x93/0xb0
[  498.193216][ T9072]  __kmalloc_node_track_caller_noprof+0x271/0x4e0
[  498.199644][ T9072]  kmalloc_reserve+0x136/0x290
[  498.204402][ T9072]  __alloc_skb+0x142/0x2d0
[  498.208810][ T9072]  rtmsg_ifinfo_build_skb+0x84/0x260
[  498.214092][ T9072]  rtmsg_ifinfo+0x8c/0x1a0
[  498.218506][ T9072]  __dev_notify_flags+0xf4/0x2e0
[  498.223440][ T9072]  rtnl_newlink_create+0x606/0xaf0
[  498.228545][ T9072]  rtnl_newlink+0x16d6/0x1c70
[  498.233215][ T9072]  rtnetlink_rcv_msg+0x7cf/0xb70
[  498.238151][ T9072]  netlink_rcv_skb+0x219/0x490
[  498.242908][ T9072]  netlink_unicast+0x75b/0x8d0
[  498.247663][ T9072]  netlink_sendmsg+0x805/0xb30
[  498.252419][ T9072]  __sock_sendmsg+0x219/0x270
[  498.257088][ T9072]  __sys_sendto+0x3bd/0x520
[  498.261592][ T9072]  __x64_sys_sendto+0xde/0x100
[  498.266350][ T9072]  do_syscall_64+0xf6/0x210
[  498.270849][ T9072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  498.276735][ T9072] 
[  498.279049][ T9072] Freed by task 9019:
[  498.283015][ T9072]  kasan_save_track+0x3e/0x80
[  498.287687][ T9072]  kasan_save_free_info+0x46/0x50
[  498.292705][ T9072]  __kasan_slab_free+0x62/0x70
[  498.297469][ T9072]  kfree+0x193/0x440
[  498.301362][ T9072]  skb_release_data+0x69a/0x890
[  498.306211][ T9072]  consume_skb+0x9e/0xf0
[  498.310500][ T9072]  netlink_broadcast_filtered+0x103c/0x1140
[  498.316387][ T9072]  nlmsg_notify+0xf0/0x1a0
[  498.320800][ T9072]  __dev_notify_flags+0xf4/0x2e0
[  498.325740][ T9072]  rtnl_newlink_create+0x606/0xaf0
[  498.330847][ T9072]  rtnl_newlink+0x16d6/0x1c70
[  498.335520][ T9072]  rtnetlink_rcv_msg+0x7cf/0xb70
[  498.340454][ T9072]  netlink_rcv_skb+0x219/0x490
[  498.345212][ T9072]  netlink_unicast+0x75b/0x8d0
[  498.349965][ T9072]  netlink_sendmsg+0x805/0xb30
[  498.354728][ T9072]  __sock_sendmsg+0x219/0x270
[  498.359401][ T9072]  __sys_sendto+0x3bd/0x520
[  498.363902][ T9072]  __x64_sys_sendto+0xde/0x100
[  498.368659][ T9072]  do_syscall_64+0xf6/0x210
[  498.373163][ T9072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  498.379055][ T9072] 
[  498.381371][ T9072] The buggy address belongs to the object at ffff888057cde000
[  498.381371][ T9072]  which belongs to the cache kmalloc-2k of size 2048
[  498.395417][ T9072] The buggy address is located 1368 bytes inside of
[  498.395417][ T9072]  freed 2048-byte region [ffff888057cde000, ffff888057cde800)
[  498.409383][ T9072] 
[  498.411704][ T9072] The buggy address belongs to the physical page:
[  498.418105][ T9072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x57cd8
[  498.426865][ T9072] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  498.435354][ T9072] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  498.443335][ T9072] page_type: f5(slab)
[  498.447314][ T9072] raw: 00fff00000000040 ffff88801a042000 0000000000000000 dead000000000001
[  498.455985][ T9072] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[  498.464565][ T9072] head: 00fff00000000040 ffff88801a042000 0000000000000000 dead000000000001
[  498.473246][ T9072] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[  498.481910][ T9072] head: 00fff00000000003 ffffea00015f3601 00000000ffffffff 00000000ffffffff
[  498.490571][ T9072] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  498.499229][ T9072] page dumped because: kasan: bad access detected
[  498.505635][ T9072] page_owner tracks the page as allocated
[  498.511428][ T9072] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 47, tgid 47 (kworker/1:1), ts 92360310180, free_ts 23366496094
[  498.532358][ T9072]  post_alloc_hook+0x1d8/0x230
[  498.537127][ T9072]  get_page_from_freelist+0x21c7/0x22a0
[  498.542673][ T9072]  __alloc_frozen_pages_noprof+0x181/0x370
[  498.548471][ T9072]  alloc_pages_mpol+0x232/0x4a0
[  498.553320][ T9072]  allocate_slab+0x8a/0x3b0
[  498.557819][ T9072]  ___slab_alloc+0xbfc/0x1480
[  498.562492][ T9072]  __kmalloc_node_track_caller_noprof+0x2f8/0x4e0
[  498.568912][ T9072]  kmalloc_reserve+0x136/0x290
[  498.573672][ T9072]  __alloc_skb+0x142/0x2d0
[  498.578086][ T9072]  mld_newpack+0x13c/0xc40
[  498.582496][ T9072]  add_grhead+0x5a/0x2a0
[  498.586730][ T9072]  add_grec+0x13b2/0x1670
[  498.591055][ T9072]  mld_ifc_work+0x6e6/0xde0
[  498.595567][ T9072]  process_scheduled_works+0xadb/0x17a0
[  498.601129][ T9072]  worker_thread+0x8a0/0xda0
[  498.605711][ T9072]  kthread+0x70e/0x8a0
[  498.609777][ T9072] page last free pid 1 tgid 1 stack trace:
[  498.615566][ T9072]  __free_frozen_pages+0xb05/0xcd0
[  498.620671][ T9072]  free_contig_range+0x159/0x440
[  498.625602][ T9072]  destroy_args+0x86/0x460
[  498.630013][ T9072]  debug_vm_pgtable+0x3cf/0x410
[  498.634856][ T9072]  do_one_initcall+0x233/0x820
[  498.639616][ T9072]  do_initcall_level+0x137/0x1f0
[  498.644548][ T9072]  do_initcalls+0x69/0xd0
[  498.648875][ T9072]  kernel_init_freeable+0x3d9/0x570
[  498.654159][ T9072]  kernel_init+0x1d/0x1d0
[  498.658499][ T9072]  ret_from_fork+0x4b/0x80
[  498.662914][ T9072]  ret_from_fork_asm+0x1a/0x30
[  498.667683][ T9072] 
[  498.670036][ T9072] Memory state around the buggy address:
[  498.675663][ T9072]  ffff888057cde400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  498.683812][ T9072]  ffff888057cde480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  498.691875][ T9072] >ffff888057cde500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  498.699934][ T9072]                                                     ^
[  498.706856][ T9072]  ffff888057cde580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  498.714906][ T9072]  ffff888057cde600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  498.722958][ T9072] ==================================================================
[  498.782571][   T55] Bluetooth: hci0: command 0x0406 tx timeout
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  498.991300][ T9072] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  498.998568][ T9072] CPU: 1 UID: 0 PID: 9072 Comm: syz.3.718 Not tainted 6.15.0-rc6-syzkaller-00188-gfee3e843b309 #0 PREEMPT(full) 
[  499.010478][ T9072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  499.020548][ T9072] Call Trace:
[  499.023834][ T9072]  <TASK>
[  499.026762][ T9072]  dump_stack_lvl+0x99/0x250
[  499.031362][ T9072]  ? __asan_memcpy+0x40/0x70
[  499.035952][ T9072]  ? __pfx_dump_stack_lvl+0x10/0x10
[  499.041148][ T9072]  ? __pfx__printk+0x10/0x10
[  499.045748][ T9072]  panic+0x2db/0x790
[  499.049646][ T9072]  ? __pfx_panic+0x10/0x10
[  499.054065][ T9072]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  499.059980][ T9072]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  499.066341][ T9072]  ? print_memory_metadata+0x314/0x400
[  499.071806][ T9072]  ? __list_del_entry_valid_or_report+0x92/0x190
[  499.078141][ T9072]  check_panic_on_warn+0x89/0xb0
[  499.083080][ T9072]  ? __list_del_entry_valid_or_report+0x92/0x190
[  499.089412][ T9072]  end_report+0x78/0x160
[  499.093660][ T9072]  kasan_report+0x129/0x150
[  499.098257][ T9072]  ? __list_del_entry_valid_or_report+0x92/0x190
[  499.104602][ T9072]  __list_del_entry_valid_or_report+0x92/0x190
[  499.110757][ T9072]  bt_accept_unlink+0x39/0x240
[  499.115519][ T9072]  l2cap_sock_teardown_cb+0x17e/0x460
[  499.120896][ T9072]  l2cap_chan_del+0xb2/0x5e0
[  499.125490][ T9072]  l2cap_conn_del+0x388/0x680
[  499.130167][ T9072]  l2cap_connect_cfm+0x11d/0x1040
[  499.135188][ T9072]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  499.140644][ T9072]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  499.146096][ T9072]  hci_conn_failed+0x1cb/0x310
[  499.150853][ T9072]  ? hci_abort_conn_sync+0x202/0xdd0
[  499.156131][ T9072]  hci_abort_conn_sync+0x5ad/0xdd0
[  499.161238][ T9072]  ? __pfx_hci_abort_conn_sync+0x10/0x10
[  499.166863][ T9072]  ? hci_disconnect_all_sync+0x2e/0x350
[  499.172410][ T9072]  ? hci_disconnect_all_sync+0x2e/0x350
[  499.177954][ T9072]  ? hci_disconnect_all_sync+0x2e/0x350
[  499.183504][ T9072]  hci_disconnect_all_sync+0x1b5/0x350
[  499.188960][ T9072]  hci_suspend_sync+0x3b8/0xc00
[  499.193804][ T9072]  ? __pfx___mutex_lock+0x10/0x10
[  499.198824][ T9072]  ? enable_work+0x258/0x2c0
[  499.203413][ T9072]  ? __pfx_hci_suspend_sync+0x10/0x10
[  499.208781][ T9072]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  499.214412][ T9072]  ? hci_cmd_sync_cancel_sync+0xc9/0x190
[  499.220070][ T9072]  hci_suspend_dev+0x28d/0x4d0
[  499.224837][ T9072]  ? __pfx_hci_suspend_dev+0x10/0x10
[  499.230125][ T9072]  ? rcu_barrier+0x474/0x570
[  499.234714][ T9072]  hci_suspend_notifier+0xf2/0x290
[  499.239833][ T9072]  notifier_call_chain+0x1b6/0x3e0
[  499.244942][ T9072]  blocking_notifier_call_chain_robust+0x85/0x100
[  499.251354][ T9072]  pm_notifier_call_chain_robust+0x2c/0x60
[  499.257159][ T9072]  snapshot_open+0x19c/0x280
[  499.261751][ T9072]  ? __pfx_snapshot_open+0x10/0x10
[  499.266862][ T9072]  misc_open+0x2bc/0x330
[  499.271109][ T9072]  chrdev_open+0x4c9/0x5e0
[  499.275519][ T9072]  ? __pfx_chrdev_open+0x10/0x10
[  499.280455][ T9072]  ? __pfx_chrdev_open+0x10/0x10
[  499.285383][ T9072]  do_dentry_open+0xdf3/0x1970
[  499.290151][ T9072]  vfs_open+0x3b/0x340
[  499.294213][ T9072]  ? path_openat+0x2ecd/0x3830
[  499.298977][ T9072]  path_openat+0x2ee5/0x3830
[  499.303563][ T9072]  ? arch_stack_walk+0xfc/0x150
[  499.308426][ T9072]  ? futex_wait_queue+0x31/0x200
[  499.313366][ T9072]  ? __pfx_path_openat+0x10/0x10
[  499.318305][ T9072]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.324371][ T9072]  do_filp_open+0x1fa/0x410
[  499.328875][ T9072]  ? __pfx_do_filp_open+0x10/0x10
[  499.333904][ T9072]  ? _raw_spin_unlock+0x28/0x50
[  499.338750][ T9072]  ? alloc_fd+0x64c/0x6c0
[  499.343086][ T9072]  do_sys_openat2+0x121/0x1c0
[  499.347762][ T9072]  ? __pfx_do_sys_openat2+0x10/0x10
[  499.352955][ T9072]  ? rcu_is_watching+0x15/0xb0
[  499.357721][ T9072]  __x64_sys_openat+0x138/0x170
[  499.362576][ T9072]  do_syscall_64+0xf6/0x210
[  499.367081][ T9072]  ? clear_bhb_loop+0x60/0xb0
[  499.371756][ T9072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.377642][ T9072] RIP: 0033:0x7f6d1198e969
[  499.382055][ T9072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  499.401672][ T9072] RSP: 002b:00007f6d12746038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  499.410095][ T9072] RAX: ffffffffffffffda RBX: 00007f6d11bb6080 RCX: 00007f6d1198e969
[  499.418107][ T9072] RDX: 0000000000101000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  499.426121][ T9072] RBP: 00007f6d11a10ab1 R08: 0000000000000000 R09: 0000000000000000
[  499.434096][ T9072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  499.442092][ T9072] R13: 0000000000000000 R14: 00007f6d11bb6080 R15: 00007ffcd1941628
[  499.450073][ T9072]  </TASK>
[  499.453258][ T9072] Kernel Offset: disabled
[  499.457586][ T9072] Rebooting in 86400 seconds..