last executing test programs:

21m21.70389737s ago: executing program 0 (id=1149):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{0x0}], 0x1)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x8000000000000000, 0x0, 0x77c8, 0x0, 0x0, 0x10000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x8, 0x9, 0x0, 0x2, 0x7}, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

21m20.732868595s ago: executing program 0 (id=1153):
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb790789005e107538e486dd6317ce22000000fffe80000000000000101000007f06000800"], 0xfdef)
ioctl$sock_proto_private(0xffffffffffffffff, 0x8993, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01005bbf0000000000000c0000000c00"], 0x0, 0x26, 0x0, 0xa, 0x0, 0x0, @void, @value}, 0x28)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
ptrace$getregset(0x4205, r0, 0x2, &(0x7f0000000080)={&(0x7f0000000000)=""/120, 0x78})
ptrace$getregset(0x4204, r0, 0x2, &(0x7f00000022c0)={0x0, 0xff90})

21m20.461835322s ago: executing program 0 (id=1154):
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/mnt\x00')
userfaultfd(0x80801)
socket$inet6(0xa, 0x2, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071122e000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000000000000000000000001008500000019"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000004"], 0x50)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000040)=""/66}, 0x20)

21m20.203228183s ago: executing program 0 (id=1156):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

21m19.930546448s ago: executing program 0 (id=1159):
gettid()
openat$kvm(0xffffffffffffff9c, 0x0, 0x400, 0x0)
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f024})
r1 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r1, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x8000, 0x1000, 0x4, 0x86c}})
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000100)={0x2, @vbi={0x9, 0x7, 0x80000000, 0x34524742, [0x1000, 0x7], [0x9, 0xfff], 0x108}})

21m19.483686866s ago: executing program 0 (id=1165):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x2, &(0x7f0000002400)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r2, &(0x7f0000000040)="5400ffff0000", 0x6, 0x0, 0x0, 0x2}])

21m18.580432791s ago: executing program 32 (id=1165):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x2, &(0x7f0000002400)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r2, &(0x7f0000000040)="5400ffff0000", 0x6, 0x0, 0x0, 0x2}])

21m12.686590579s ago: executing program 3 (id=1180):
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000140)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000100)={0x1d, r2}, 0x18)
connect$can_j1939(r1, &(0x7f0000000080)={0x1d, r2, 0x0, {0x0, 0xf0, 0x2}, 0x1}, 0x18)
sendmsg$can_j1939(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)='.', 0x1a000}}, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)

21m10.772242456s ago: executing program 3 (id=1184):
openat$ppp(0xffffffffffffff9c, 0x0, 0x28041, 0x0)
openat$sequencer2(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x60600, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000200)="66b97208000066b8d04a000066ba000000000f30da4300bad004edb8dd008ed0650f0199009867362ea5752f2e0f73d399ba2100ec0f20e06635040000000f22e0", 0x41}], 0x1, 0x10, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

21m9.826391353s ago: executing program 3 (id=1188):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x14, 0x0, 0x1, 0x0, 0x25dfdbff, {0x6}}, 0x14}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan1\x00'})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wpan3\x00'})
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000001940)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x48, r2, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_SEC_KEY={0x2c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "19c471666f07f00b641e74d8b00abb5e"}, @NL802154_KEY_ATTR_ID={0xc, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0xffffffff}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x46}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x40011}, 0x44)

21m8.152682829s ago: executing program 3 (id=1192):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r1, &(0x7f0000003480)={0x2020}, 0x2020)

21m7.878650146s ago: executing program 3 (id=1195):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
write$sndseq(r1, &(0x7f0000002840)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x54)
write$sndseq(r1, &(0x7f0000000300)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}], 0x70)
write$sndseq(r1, &(0x7f0000000a40)=[{0x0, 0x0, 0x0, 0x0, @time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}], 0x8c)
write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x38)

21m7.271945058s ago: executing program 3 (id=1198):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = userfaultfd(0x80001)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090400206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000240)={0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="40050b00000020891ab2"], 0x0, 0x0, 0x0}, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xffffffffffffffff}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})

21m6.244134608s ago: executing program 33 (id=1198):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = userfaultfd(0x80001)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090400206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000240)={0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="40050b00000020891ab2"], 0x0, 0x0, 0x0}, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xffffffffffffffff}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})

19m43.035881655s ago: executing program 6 (id=1406):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x0, 0x1})
lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280})
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r4 = dup2(r3, r3)
ioctl$BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000240)={'\x00', 0x40, 0xa, 0x40001, 0x40000000, 0x10})

19m41.043777057s ago: executing program 6 (id=1411):
mq_open(0x0, 0x42, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000001c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pipe(&(0x7f00000007c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
close(r2)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f0000000800)=0x16c, 0x4)
setsockopt$inet_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in={{0x2, 0x4e21, @local}}, 0x0, 0x20000000005, 0x21}, 0xd8)
bind$inet(r3, &(0x7f0000deb000)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x240087f9, &(0x7f0000000100)={0x2, 0x4e23, @loopback}, 0x10)
splice(r1, 0x0, r2, 0x0, 0xfffd, 0x0)

19m39.023872675s ago: executing program 6 (id=1415):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
write$sndseq(r1, &(0x7f0000002840)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x54)
write$sndseq(r1, &(0x7f0000000300)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}], 0x8c)
write$sndseq(r1, &(0x7f0000000a40)=[{0x0, 0x0, 0x0, 0x0, @time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}], 0x70)
write$sndseq(r0, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x38)

19m37.754478199s ago: executing program 6 (id=1419):
openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
gettid()
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x801)
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000100)={0x1d, 0x0, 0x2, {0x3}}, 0x18)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), 0xffffffffffffffff)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x840, 0x0, 0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000339000/0x1000)=nil, 0x800000})

19m36.477386949s ago: executing program 6 (id=1424):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write(r4, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)

19m35.348952293s ago: executing program 6 (id=1427):
r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x1c, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@beacon, @NL80211_ATTR_SMPS_MODE={0x5, 0xd5, 0x1}]}, 0x24}}, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = syz_open_dev$cec(&(0x7f0000000140), 0x0, 0x840)
ioctl$CEC_ADAP_S_LOG_ADDRS(r5, 0xc05c6104, &(0x7f0000004180)={"2370491d", 0x0, 0x5, 0x2, 0x8, 0x5, '\x00', "037ec42b", "5ec500", "64bdac32", ["e86621d9cc668c391f77c506", "3549ffffffffffffff010800", "2fc7977386a7a0236a9cc1f0", "cf6cce2296b3f853e224c4e0"]})
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0xfffe, 0x7, @mcast2}, {0xa, 0x0, 0xb, @mcast1}}}, 0x48)
ioctl$CEC_TRANSMIT(r5, 0xc0386105, &(0x7f0000000040)={0x9, 0x0, 0x100201, 0x0, 0x2, 0x7f, "b2093a00", 0x0, 0x0, 0x0, 0x3, 0xfd})
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(r4, 0x5412, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r7, r6, &(0x7f0000002080)=0x3a, 0x23b)
ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, 0x0)

19m19.653156386s ago: executing program 34 (id=1427):
r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x1c, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@beacon, @NL80211_ATTR_SMPS_MODE={0x5, 0xd5, 0x1}]}, 0x24}}, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = syz_open_dev$cec(&(0x7f0000000140), 0x0, 0x840)
ioctl$CEC_ADAP_S_LOG_ADDRS(r5, 0xc05c6104, &(0x7f0000004180)={"2370491d", 0x0, 0x5, 0x2, 0x8, 0x5, '\x00', "037ec42b", "5ec500", "64bdac32", ["e86621d9cc668c391f77c506", "3549ffffffffffffff010800", "2fc7977386a7a0236a9cc1f0", "cf6cce2296b3f853e224c4e0"]})
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0xfffe, 0x7, @mcast2}, {0xa, 0x0, 0xb, @mcast1}}}, 0x48)
ioctl$CEC_TRANSMIT(r5, 0xc0386105, &(0x7f0000000040)={0x9, 0x0, 0x100201, 0x0, 0x2, 0x7f, "b2093a00", 0x0, 0x0, 0x0, 0x3, 0xfd})
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(r4, 0x5412, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r7, r6, &(0x7f0000002080)=0x3a, 0x23b)
ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, 0x0)

10m11.258008709s ago: executing program 7 (id=3204):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f00001e7000/0x2000)=nil, 0x2000, 0x8003, 0x0, 0x3, 0x2)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000004700)={'team0\x00', <r7=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r5, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f000000d840)={0x58, r6, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r7}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xf12b}}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000401}, 0x2000c800)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000ac0), r8)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r8, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f00000003c0)={0x20, r9, 0x5, 0x0, 0x0, {0x22}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x20}}, 0x4000000)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan3\x00', <r10=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wpan1\x00', <r11=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wpan3\x00', <r12=>0x0})
sendmsg$IEEE802154_LIST_IFACE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x50, r9, 0x0, 0x70bd2b, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r10}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r11}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r12}]}, 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x2404c040)
r13 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r13, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x24040000)
read$FUSE(r4, &(0x7f00000007c0)={0x2020}, 0x2020)

10m9.239558843s ago: executing program 7 (id=3208):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
fanotify_init(0xf00, 0x0)
mknod(&(0x7f0000000100)='./file0\x00', 0x8001420, 0x1)

10m7.416851083s ago: executing program 7 (id=3212):
r0 = memfd_create(&(0x7f00000005c0)=' \xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00r\xbb\xdd\xe8\x87\x05=\xfb\x8b}\xfc\x1d\x03\xe1\xfcm\x9b\xf7fo\"i\xa1hk\x1f\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94T\x81@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\x00\x00\x00\x00\'}\x18\xe8O\xa8#K\xb6\xe4U\x92\xd2\x9d\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8U\x1e\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xcf+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96\r[n\xc6\x99\x1fr<\x06\xb3\xbcT\x00\xda6\x18/\x18l\xc1\x81\x8e8L\xcb*S_\xd0:\xa4V\xbd\xf1\xa4\x955\xa9\x9d\xe0\x9b\xd3\x95\xc88n:\x89>?2\xc8\xe7kovd\xa4\x1bl+\x14\x17\x14\x17C2! U\x04:\xd93F\xb9\xfc\x1b\xfd}\x05\xf9\x11\xf3)>q\x10\xd3\xf0\xaf>\xf8t(bX\xe3g\x05\xfe\b\xbcy\x95*\xca\a\xaf\xbb\xf9\xc3Y\xa2\x91\x90.\xc8\xbe\xb0\xa6\xbd\xbd\xfd\xfaf*\xb2&\x82\xa0\x17\xe7)\xf5\xa2\xccv\n\x1b\xd4\xf4\x11*\xc9\xc6*\xa4.\x94[$\xb8\xb3Q\xde\xd8A\xa4~c,`\x02\xb8\x01r\x89\x82\x13\xd0}C7\xfb\xf2\tM\x1e\xe9\xa5\v\xc5\xba(\x89\xb0l\x92H\x1cR\x1f>\xc4ie\xe0B\xf0[\xe2\xe1\x12\x1d\x8fR&\xd1\xa6#\xda.\x0f\xd7\xd7\xa4\x90\x14\x92I\xf82&\x16<\xf2RR\xc2\x02.Q\xef\x85\xef\xf9\xe5\x00\xe9\xca\xb1\x8c\x11\x11l\x9f\xc8\b\xf7A\xa6\x81\xad\xdc\x95\xc8\xef\x102\xa8\x87\x01\x00\\\xfee \n0F\xbc\x85\xc5C\xd0\x99\xe4\t\xab`\'t\xc2\xe9\x13\xcag\xea\xb3\xb5\x92\x00J\xc6y\x05\xcc\xde\xa0\xf6\xb9 \xe5\xdd\f\x18\xfc\xe0\xc3(\xd8\xeb\x1a6\xe6\xfa\x93\xc07R\x0f-\x9e\xf3\x87E\xa3\xd5o\x1bA\x88L/\xe7>45Q?\be\x7f\xa9\x9a\xcae\xd8Y\xdf]\x1bS\x825\xcb\x00\xa4}\x97\x84T\xad\x9b\x1e!\x8a\xbc\x02+#Q\xa9 \xe9\x05r\xe1\xec\x0f\xa7\xe6Of\x95\x02{', 0x4)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd5e, 0x240000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x400000bde)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r3, &(0x7f0000000580)={0x20e, 0x2, 0x0, {{0x500, 0xcd, 0x500, 0x1bf, {0x0, 0xffffffff}, 0x0, 0x0, 0x0, 0x0, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x28, 'pg>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18x\x9b\xa9\x16c\x88\x14\xe5p\x81\x03\xb4\x94\xe1\x00\x00\x00\x00\x00\x00\x00\x00', 0x2, '\b\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x00'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300, 0x0, 0xee01, 0xee01}}, 0x20e)
ftruncate(r0, 0x400000)
finit_module(r0, 0x0, 0x0)

10m4.481896531s ago: executing program 7 (id=3218):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x10000}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_io_uring_setup(0x5c2, &(0x7f00000002c0)={0x0, 0x983a, 0x2, 0x1003, 0xea}, &(0x7f0000000240), &(0x7f0000000540))
io_uring_register$IORING_UNREGISTER_IOWQ_AFF(r3, 0x12, 0x0, 0x0)

10m1.595468722s ago: executing program 7 (id=3224):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r5 = fanotify_init(0xf00, 0x0)
fanotify_mark(r5, 0x105, 0x40009975, r4, 0x0)
mknod(&(0x7f0000000100)='./file0\x00', 0x8001420, 0x1)
r6 = syz_open_dev$video4linux(&(0x7f0000000080), 0x6d6b, 0x480)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r6, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x2})

9m59.545278308s ago: executing program 7 (id=3231):
r0 = memfd_create(&(0x7f00000005c0)=' \xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00r\xbb\xdd\xe8\x87\x05=\xfb\x8b}\xfc\x1d\x03\xe1\xfcm\x9b\xf7fo\"i\xa1hk\x1f\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94T\x81@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\x00\x00\x00\x00\'}\x18\xe8O\xa8#K\xb6\xe4U\x92\xd2\x9d\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8U\x1e\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xcf+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96\r[n\xc6\x99\x1fr<\x06\xb3\xbcT\x00\xda6\x18/\x18l\xc1\x81\x8e8L\xcb*S_\xd0:\xa4V\xbd\xf1\xa4\x955\xa9\x9d\xe0\x9b\xd3\x95\xc88n:\x89>?2\xc8\xe7kovd\xa4\x1bl+\x14\x17\x14\x17C2! U\x04:\xd93F\xb9\xfc\x1b\xfd}\x05\xf9\x11\xf3)>q\x10\xd3\xf0\xaf>\xf8t(bX\xe3g\x05\xfe\b\xbcy\x95*\xca\a\xaf\xbb\xf9\xc3Y\xa2\x91\x90.\xc8\xbe\xb0\xa6\xbd\xbd\xfd\xfaf*\xb2&\x82\xa0\x17\xe7)\xf5\xa2\xccv\n\x1b\xd4\xf4\x11*\xc9\xc6*\xa4.\x94[$\xb8\xb3Q\xde\xd8A\xa4~c,`\x02\xb8\x01r\x89\x82\x13\xd0}C7\xfb\xf2\tM\x1e\xe9\xa5\v\xc5\xba(\x89\xb0l\x92H\x1cR\x1f>\xc4ie\xe0B\xf0[\xe2\xe1\x12\x1d\x8fR&\xd1\xa6#\xda.\x0f\xd7\xd7\xa4\x90\x14\x92I\xf82&\x16<\xf2RR\xc2\x02.Q\xef\x85\xef\xf9\xe5\x00\xe9\xca\xb1\x8c\x11\x11l\x9f\xc8\b\xf7A\xa6\x81\xad\xdc\x95\xc8\xef\x102\xa8\x87\x01\x00\\\xfee \n0F\xbc\x85\xc5C\xd0\x99\xe4\t\xab`\'t\xc2\xe9\x13\xcag\xea\xb3\xb5\x92\x00J\xc6y\x05\xcc\xde\xa0\xf6\xb9 \xe5\xdd\f\x18\xfc\xe0\xc3(\xd8\xeb\x1a6\xe6\xfa\x93\xc07R\x0f-\x9e\xf3\x87E\xa3\xd5o\x1bA\x88L/\xe7>45Q?\be\x7f\xa9\x9a\xcae\xd8Y\xdf]\x1bS\x825\xcb\x00\xa4}\x97\x84T\xad\x9b\x1e!\x8a\xbc\x02+#Q\xa9 \xe9\x05r\xe1\xec\x0f\xa7\xe6Of\x95\x02{', 0x4)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd5e, 0x240000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x400000bde)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r3, &(0x7f0000000580)={0x20e, 0x2, 0x0, {{0x500, 0xcd, 0x500, 0x1bf, {0x0, 0xffffffff}, 0x0, 0x0, 0x0, 0x0, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x28, 'pg>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18x\x9b\xa9\x16c\x88\x14\xe5p\x81\x03\xb4\x94\xe1\x00\x00\x00\x00\x00\x00\x00\x00', 0x2, '\b\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x00'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300, 0x0, 0xee01, 0xee01}}, 0x20e)
ftruncate(r0, 0x400000)
finit_module(r0, 0x0, 0x0)

9m44.107512875s ago: executing program 35 (id=3231):
r0 = memfd_create(&(0x7f00000005c0)=' \xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00r\xbb\xdd\xe8\x87\x05=\xfb\x8b}\xfc\x1d\x03\xe1\xfcm\x9b\xf7fo\"i\xa1hk\x1f\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94T\x81@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\x00\x00\x00\x00\'}\x18\xe8O\xa8#K\xb6\xe4U\x92\xd2\x9d\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8U\x1e\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xcf+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\x9e\x80\x93\xafT\xdfl\xec\xc6\x8e\x96\r[n\xc6\x99\x1fr<\x06\xb3\xbcT\x00\xda6\x18/\x18l\xc1\x81\x8e8L\xcb*S_\xd0:\xa4V\xbd\xf1\xa4\x955\xa9\x9d\xe0\x9b\xd3\x95\xc88n:\x89>?2\xc8\xe7kovd\xa4\x1bl+\x14\x17\x14\x17C2! U\x04:\xd93F\xb9\xfc\x1b\xfd}\x05\xf9\x11\xf3)>q\x10\xd3\xf0\xaf>\xf8t(bX\xe3g\x05\xfe\b\xbcy\x95*\xca\a\xaf\xbb\xf9\xc3Y\xa2\x91\x90.\xc8\xbe\xb0\xa6\xbd\xbd\xfd\xfaf*\xb2&\x82\xa0\x17\xe7)\xf5\xa2\xccv\n\x1b\xd4\xf4\x11*\xc9\xc6*\xa4.\x94[$\xb8\xb3Q\xde\xd8A\xa4~c,`\x02\xb8\x01r\x89\x82\x13\xd0}C7\xfb\xf2\tM\x1e\xe9\xa5\v\xc5\xba(\x89\xb0l\x92H\x1cR\x1f>\xc4ie\xe0B\xf0[\xe2\xe1\x12\x1d\x8fR&\xd1\xa6#\xda.\x0f\xd7\xd7\xa4\x90\x14\x92I\xf82&\x16<\xf2RR\xc2\x02.Q\xef\x85\xef\xf9\xe5\x00\xe9\xca\xb1\x8c\x11\x11l\x9f\xc8\b\xf7A\xa6\x81\xad\xdc\x95\xc8\xef\x102\xa8\x87\x01\x00\\\xfee \n0F\xbc\x85\xc5C\xd0\x99\xe4\t\xab`\'t\xc2\xe9\x13\xcag\xea\xb3\xb5\x92\x00J\xc6y\x05\xcc\xde\xa0\xf6\xb9 \xe5\xdd\f\x18\xfc\xe0\xc3(\xd8\xeb\x1a6\xe6\xfa\x93\xc07R\x0f-\x9e\xf3\x87E\xa3\xd5o\x1bA\x88L/\xe7>45Q?\be\x7f\xa9\x9a\xcae\xd8Y\xdf]\x1bS\x825\xcb\x00\xa4}\x97\x84T\xad\x9b\x1e!\x8a\xbc\x02+#Q\xa9 \xe9\x05r\xe1\xec\x0f\xa7\xe6Of\x95\x02{', 0x4)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd5e, 0x240000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x400000bde)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r3, &(0x7f0000000580)={0x20e, 0x2, 0x0, {{0x500, 0xcd, 0x500, 0x1bf, {0x0, 0xffffffff}, 0x0, 0x0, 0x0, 0x0, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x28, 'pg>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18x\x9b\xa9\x16c\x88\x14\xe5p\x81\x03\xb4\x94\xe1\x00\x00\x00\x00\x00\x00\x00\x00', 0x2, '\b\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x00'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300, 0x0, 0xee01, 0xee01}}, 0x20e)
ftruncate(r0, 0x400000)
finit_module(r0, 0x0, 0x0)

1m37.941368938s ago: executing program 1 (id=4442):
r0 = io_uring_setup(0xd15, &(0x7f0000000000)={0x0, 0x1dab, 0x1000, 0x1, 0x1e0})
io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000001880)={0x2, 0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001500)=""/166, 0xa6}, {0x0}], &(0x7f0000001840)=[0x3, 0x1c0000000000]}, 0x20)
io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f00000060c0)={0x1, 0x300, 0x0, &(0x7f0000006000)=[{&(0x7f0000004c40)=""/4096, 0x1000}], 0x0}, 0x20)

1m37.828610105s ago: executing program 1 (id=4443):
mount$tmpfs(0x0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040), 0x1000040, &(0x7f0000000340)={[], [{@smackfsroot={'smackfsroot', 0x3d, 'sched_switch\x00'}}]})
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000100)=0xfffffffb, 0x4)
socket$inet(0x10, 0x2000000002, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x5, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x183822, 0x0)
shmget$private(0x0, 0x2000, 0x78000000, &(0x7f0000ffe000/0x2000)=nil)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r1)
r2 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x100, 0x100, 0x0, 0x333}, &(0x7f00000001c0), &(0x7f0000000440))
io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
r3 = socket(0x15, 0x5, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_REG(r5, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000780)={0x14, r4, 0xc6721ba5ea541f53, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0xcd2ddc7cce1b9250}, 0x4000000)
sendmsg(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="240000002e00074c8bfffd946fa2830022200afffffffffffff000e50c1be3a20400007e", 0x24}, {&(0x7f0000000180)="81f73555dc2f02eb61b1f2c776ee894ef5b89ef769b6dab2596e422d7f84cbc0a864550cf90038272741e009d6faab0b541a12f9efe2931a027ccb7abeacbfd727aee26f32c5f11e3590ed0ed98f0269628c02d4618c2ae39d916118e240e6bbe68f576c4cae72df8909c946d4d857fa64745ec83361c59b58ea285080b306174d68c6c1b0f5e9f37fe77f98e4dc32d2fb4cf423670d19a43f8b6b6224415479e9f6", 0xa2}], 0x2}, 0x4041)

1m37.172008721s ago: executing program 1 (id=4444):
socket$inet6(0xa, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000d26a871dba07e83f34c6e27805b682"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)=ANY=[], 0xd0}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073"], 0x7c}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4276ef66ba420266b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000580)=[@text64={0x40, 0x0}], 0x1, 0x53, 0x0, 0x0)

1m37.124726775s ago: executing program 1 (id=4445):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000e0ffffff000000000a0000008500000041000000850000002a00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x3c, r3, 0x731, 0x0, 0x0, {0x38}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}]}, 0x3c}, 0x1, 0x2}, 0x0)
bind$unix(r1, &(0x7f0000000340)=@abs={0x1, 0x0, 0x104e22}, 0x6e)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f00000002c0)=0x20)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffd}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2000000}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r8, 0x1, 0x32, &(0x7f0000000180)=r7, 0x4)
sendmsg$inet(r9, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)
bind$unix(r1, &(0x7f0000003000)=@file={0x0, './file0\x00'}, 0x6e)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000080)={<r10=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x0, @loopback}]}, &(0x7f0000000180)=0x10)
r11 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
r13 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r14=>0x0})
sendmsg$nl_route(r12, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x405, 0x0, 0x0, {0x0, 0x0, 0x0, r14, 0x3000, 0x60}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_MULTICAST_ROUTER={0x5, 0x19, 0x1}]}}}]}, 0x44}}, 0x0)
sendmsg$nl_route(r5, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)=@getnexthop={0x28, 0x6a, 0x400, 0x70bd26, 0x25dfdbfd, {}, [@NHA_MASTER={0x8, 0xa, 0x1}, @NHA_OIF={0x8, 0x5, r14}]}, 0x28}, 0x1, 0x0, 0x0, 0x1c801}, 0x40000)
write$vga_arbiter(r11, &(0x7f0000000040)=ANY=[@ANYBLOB='dem\x00'/15], 0xf)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r10, @in={{0x2, 0x0, @rand_addr=0x64010100}}, 0x0, 0x0, 0x0, 0x0, 0xce03d4}, 0x9c)
r15 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r15, 0x0, 0x0)
syz_usb_control_io$hid(r15, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x23, {[@global=@item_4={0x3, 0x1, 0x1, "7bea6fed"}, @global=@item_012={0x1, 0x1, 0x0, "e5"}, @global=@item_4={0x3, 0x1, 0x8, '\f\x00'}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x7, "5d8c3dda"}]}}, 0x0}, 0x0)
syz_usb_connect(0x3, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010002f99cf110e10690a1d5030102f60109021200010181000909041b"], 0x0)

1m33.975751017s ago: executing program 1 (id=4473):
r0 = socket(0x1, 0x3, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000440)=@newqdisc={0x94, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r3, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x64, 0x2, {{0x6, 0x5, 0x7, 0x10, 0xfff, 0x2}, [@TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x9, 0x7f, 0x8, 0x8, 0x5}}]}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x0, 0x80000000, 0x1, 0xa83c, 0x242d, 0x5}}]}}}]}, 0x94}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'gre0\x00', <r5=>0x0})
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000100)=[{0x30, 0x0, 0x0, 0xfffff024}, {0x80000006, 0x0, 0x0, 0x8}]}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
ioctl$EXT4_IOC_GETFSUUID(r0, 0x8008662c, &(0x7f00000001c0))
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})
chdir(&(0x7f00000003c0)='./bus\x00')
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
bind$packet(r0, &(0x7f0000000180)={0x11, 0x3, r5}, 0x14)
setsockopt$packet_int(r0, 0x107, 0x12, &(0x7f0000000240)=0xe9, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
r7 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100)={0x10002, 0x0, 0x27}, 0x18)
mkdirat(r7, &(0x7f0000000140)='./bus/file0\x00', 0x80)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540), 0x395}, 0x24048000)

1m33.071833525s ago: executing program 1 (id=4479):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x80000000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000200)={0x6, 0x2, 0x4})
r1 = syz_open_dev$vim2m(&(0x7f0000000680), 0x8, 0x2)
clock_gettime(0x0, &(0x7f0000000000))
clock_gettime(0x0, &(0x7f0000000040)={<r2=>0x0, <r3=>0x0})
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x3, 0x4, 0x400, 0x0, {r2, r3/1000+10000}, {0x5, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x8000, 0x1, {0x0}, 0xfffffffe, 0x0, r1})

1m32.359240824s ago: executing program 36 (id=4479):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x80000000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000200)={0x6, 0x2, 0x4})
r1 = syz_open_dev$vim2m(&(0x7f0000000680), 0x8, 0x2)
clock_gettime(0x0, &(0x7f0000000000))
clock_gettime(0x0, &(0x7f0000000040)={<r2=>0x0, <r3=>0x0})
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x3, 0x4, 0x400, 0x0, {r2, r3/1000+10000}, {0x5, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x8000, 0x1, {0x0}, 0xfffffffe, 0x0, r1})

7.970346704s ago: executing program 9 (id=4910):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r0, 0x84, 0x7c, &(0x7f00000002c0)="01000000", 0x4)

6.98717236s ago: executing program 9 (id=4915):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@typedef={0x1, 0x0, 0x0, 0x8, 0x1}, @const={0xa, 0x0, 0x0, 0xa, 0x4}]}, {0x0, [0x2e, 0xf]}}, 0x0, 0x34, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
fchdir(r1)
fanotify_mark(r1, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')

6.181322175s ago: executing program 9 (id=4918):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70500000800a5aa85000000a500000095"], &(0x7f0000000300)='GPL\x00', 0x4, 0xfeb, &(0x7f0000001e00)=""/4075, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

6.132064584s ago: executing program 8 (id=4919):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

5.334993067s ago: executing program 8 (id=4923):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0xc844)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a"], 0xb8}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000015"], 0xb8}}, 0x0)

5.334060251s ago: executing program 9 (id=4924):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0xfffb}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$kcm(0x10, 0x2, 0x4)
write$dsp(0xffffffffffffffff, &(0x7f00000001c0)='\\', 0x1)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, &(0x7f0000000040)={0xc, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x1, r3, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x5})
timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_BT_SECURITY(r4, 0x112, 0x4, &(0x7f0000000080)={0x4, 0x3}, 0x2)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r5, 0x2285, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
write$sndseq(r6, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
write$sndseq(r6, &(0x7f0000000200), 0x0)
write$sndseq(r6, &(0x7f0000000640)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {0x8}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control={0x6, 0x7fff, 0x8}}, {0x0, 0x0, 0x0, 0x0, @time={0xffffff81}, {}, {}, @time=@time}], 0xa8)
write$sndseq(r6, &(0x7f0000002840)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x54)
write$sndseq(r6, &(0x7f0000000300)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}], 0x8c)
write$sndseq(r6, &(0x7f0000000a40)=[{0x0, 0x0, 0x0, 0x0, @time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}], 0x8c)
write$sndseq(r5, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x38)
write$sndseq(r6, &(0x7f0000000f80)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @addr}, {}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}], 0x8c)
write$sndseq(r6, &(0x7f00000000c0), 0x0)
write$sndseq(r6, 0x0, 0x0)

4.281231023s ago: executing program 9 (id=4928):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
rt_sigqueueinfo(r3, 0x31, &(0x7f0000000ac0)={0x0, 0xc4, 0xff7ffffe})
r4 = syz_usb_connect$hid(0x2, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4fc, 0x5d8, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x7, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io(r4, &(0x7f0000000400)={0x2c, &(0x7f0000000000)={0x0, 0x0, 0x7, {0x7, 0x4, "5a7da32917"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r6 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_register(r6, &(0x7f0000000100)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x1, 0x3a, '\\x00\x01\x1f\xdf\x84\xc6q\xbei8a\x01\xd8\x96\xa7\x00@\xa7\x7f\x15_\x97\x88\xc2\x89\xb5\xec\x8eQT,=\xe01>\x84\xa2K\xeb\xdd\xed\xfd\xd9\xba\xda7\xa4*\xb5\xf2\xe2MX\x1a4\xc1\x18\x8f\xd11\xfe\r\xf6\xae\xbe\xa1\xae\xfc\xe5\xdeaP`dT\a\r\xa2\xc9\xe5\x15\x06\xf8\xdd\xa8tw](\xb6\xb7\xf3\x86p\v\xc94\x94', 0x3a, ':dev/bue\xd2>\x14bF30/00#\x00\x00', 0x3a, './file0'}, 0xa1)
bind$802154_raw(r5, &(0x7f0000000240)={0x24, @none={0x0, 0xffff}}, 0x14)
ptrace$peeksig(0x4209, r3, &(0x7f0000000280)={0x0, 0x1, 0x4d}, &(0x7f00000006c0)=[{}, {}])
sendmsg$NL80211_CMD_DEL_TX_TS(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="26800000", @ANYRES16=r1, @ANYBLOB="050026bd7000fcdbdf256a0000000c009900040000001e0000000500d200040000000500d20009000000"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x1)
r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r7, 0x40085112, &(0x7f0000000080)=@s={0x5, @generic=0xff})
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000200af501000000000000000001000000040004800900018073797a3000000000100005"], 0x84}}, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x2c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x2c}}, 0x0)

4.255194456s ago: executing program 8 (id=4929):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x3, &(0x7f0000006680))
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-des3_ede-asm\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x80800) (fail_nth: 1)

3.803315998s ago: executing program 8 (id=4931):
r0 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000017c0)=ANY=[@ANYBLOB="38000000031401002cbd7000000000000900020073797a30000000000800410072786500140033006c6f0000000000000000"], 0x38}, 0x1, 0x0, 0x0, 0x20854}, 0x0)
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
close(r1)
preadv(r2, &(0x7f0000001300)=[{&(0x7f00000000c0)=""/124, 0x4}], 0x3e8, 0x0, 0x0)

3.590311441s ago: executing program 8 (id=4935):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x4c, &(0x7f0000000000), 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$smackfs_cipso(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/fs/smackfs/cipso\x00', 0x2, 0x0)
write$smackfs_cipso(r2, &(0x7f0000006940)={'batadv_slave_1\x00', 0x20, 0x21, 0x20, 0x5, 0x20, [{0xa2}, {0x46}, {0x63}, {0x7c}, {0x77}]}, 0xa4)
sendmsg$NFT_BATCH(r1, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000100001000000000000000000000000003c000003080a0a0000000000000000000000000708000940000000020c00034000000000000000020c00064000000000000000030800094000000000140000001100010000000000000000000a00000a"], 0x64}, 0x1, 0x0, 0x0, 0x40010}, 0x1)
pipe(&(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
vmsplice(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'team_slave_0\x00', <r6=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32=r6, @ANYBLOB="00002400000000002400120014000100627269646765e7a4c69b5022fafeeeaaa2ab8c4515f2547ad04202316ef87665800000", @ANYRESHEX, @ANYRES16=r6], 0x3}}, 0x20008080)
splice(r3, 0x0, r5, 0x0, 0x10d00, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r7, 0x400448c9, &(0x7f0000001880))
r8 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000b80), 0xa2800, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(r8, 0xc0403d08, 0x0)
sendmsg$unix(r0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0xc000)
syz_usb_connect(0x5, 0x1af, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000f4e13c106d04ae0895de0102030109029d0101060000050904cb0002072b780009050d0300040e09c007250100010300cc24c1f92777dc6f5b12d30f992a95203d9c52823b7a908eeb4271d1267d38375619332541273336c0832002112820def15309865a7f77ef1ec51087ce09d66ceda5feb155d8bca3f40cb50949c95893e701aff55f3463b857dbcb329bebeae7eac3d50380702f523180a55da49010ecde2195d57b3c987af0938e55f2e2e835169113bc301d237d23f0660a6207f8080a1b32ded26b016062b8dbc29bd93be2e975eb2a4d7b2f86c1a9a3bbcafcd9226f090000000000000086032a758007d4996c8a99ab1c00000000000009050a08080000030000000000f57a403d266d431626947c2a20e40ffc4e69883cf38a3444b4dab7b6c4d232f438f58c2f8ea39596667fd887ec1d831cfb8b8533e7eaa76fe3dfdc2715485dae12265424159e6351152d362200a7599fe5e6131a11101377fb29b571d506793daff9e093b193acc60507e8c7cfbc0c562feb9a94425c80c0f07f316b7af565c35cbeb5cbe396165d80e87405fa3334b7190bde5dd194f9e6a6c3ae74dec5f78636d307250100b3ff01bc34358e37eef35bccf73e3658df88e6c8386a088bc693f785a3e25041fb7be81a80e8e55e36eeaca9bd455e2b4411fbfebd5c94956d206f1efa96cdb47a5a494b66e55125cff769"], 0x0)

2.829576639s ago: executing program 5 (id=4938):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0xfffb}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$kcm(0x10, 0x2, 0x4)
write$dsp(0xffffffffffffffff, &(0x7f00000001c0)='\\', 0x1)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, &(0x7f0000000040)={0xc, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x1, r3, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x5})
timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_BT_SECURITY(r4, 0x112, 0x4, &(0x7f0000000080)={0x4, 0x3}, 0x2)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r5, 0x2285, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
write$sndseq(r6, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
write$sndseq(r6, &(0x7f0000000200), 0x0)
write$sndseq(r6, &(0x7f0000000640)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {0x8}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control={0x6, 0x7fff, 0x8}}, {0x0, 0x0, 0x0, 0x0, @time={0xffffff81}, {}, {}, @time=@time}], 0xa8)
write$sndseq(r6, &(0x7f0000002840)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x54)
write$sndseq(r6, &(0x7f0000000300)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}], 0x8c)
write$sndseq(r6, &(0x7f0000000a40)=[{0x0, 0x0, 0x0, 0x0, @time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}], 0x8c)
write$sndseq(r5, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x38)
write$sndseq(r6, &(0x7f0000000f80)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @addr}, {}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}], 0x8c)
write$sndseq(r6, &(0x7f00000000c0), 0x0)
write$sndseq(r6, 0x0, 0x0)

2.68431698s ago: executing program 5 (id=4941):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r2=>0x0})
setsockopt$SO_J1939_ERRQUEUE(r1, 0x6b, 0x4, &(0x7f0000000300)=0x1, 0x4)
bind$can_j1939(r1, &(0x7f0000000380)={0x1d, r2, 0x0, {0x2, 0xf0, 0x4}, 0xfe}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048001)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000080)={0x18})
recvfrom$inet(r3, &(0x7f0000000140)=""/195, 0xc3, 0x20, &(0x7f0000000280)={0x2, 0x4e24, @multicast2}, 0x10)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000400)=0x68e, 0x4)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x25}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0xa}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWSETELEM={0x34, 0x1e, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x8, 0x3, 0x0, 0x1, [{0x4}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xb8}}, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r5, &(0x7f0000000680)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=""/147, 0x93}, 0x81}], 0x1, 0x2, 0x0)
setsockopt$inet_int(r5, 0x0, 0x12, &(0x7f0000000180)=0x80000001, 0x4)
bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x2e, &(0x7f0000001140)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x66, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x1, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xff, 0x7ffc0002}]})
lgetxattr(0x0, 0x0, 0x0, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r6, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r7, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_GET(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r9, 0x325, 0x0, 0x0, {0x8}}, 0x14}}, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000340), r3)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x74, r2, {0xfffd, 0xffff}, {0x1}, {0xfff2}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)

1.943708953s ago: executing program 4 (id=4947):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r1, &(0x7f0000000300)=[{0x84, 0x77, 0x0, 0xff, @time={0xe, 0x428}, {0xfd}, {0x7}, @raw32={[0x2, 0x0, 0x8000000]}}, {0x2, 0x0, 0x5, 0x83, @tick, {0xfd}, {0x3}, @note={0x81}}, {0x6, 0x3, 0x9, 0x3, @tick=0x1, {0x10, 0x5}, {0xce, 0x2}, @connect={{0x10, 0x3}, {0x6, 0xb}}}], 0x54)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xa8c01)
write$sndseq(r1, &(0x7f0000000380)=[{0x2, 0x6, 0x3, 0x1, @tick=0xd5aa, {0x8, 0xf9}, {0xe, 0x6a}, @control={0x9, 0x5, 0x3}}, {0x81, 0x4f, 0x3, 0xda, @tick=0x1, {0xf7, 0xbc}, {0xe2, 0x1}, @raw32={[0x4, 0x3, 0x10000]}}, {0x6, 0xa, 0x2, 0x3, @tick=0x4, {0x7, 0x81}, {0xa, 0x8}, @quote={{0x4, 0xf}, 0x3, &(0x7f0000000100)={0xce, 0x1, 0x1, 0x4, @tick=0x8, {0x15, 0x9}, {0x2, 0x3}, @time=@time={0x7fff, 0xd}}}}, {0x8, 0x10, 0x0, 0x8, @tick=0xfffffff9, {0x6, 0x3}, {0x9, 0xf1}, @quote={{0x0, 0x8}, 0x4, &(0x7f0000000140)={0x25, 0x2, 0x2, 0x6, @time={0x2, 0x5}, {0x7, 0x8}, {0x5, 0xff}, @time=@time={0x2, 0x9}}}}, {0x7, 0xe, 0x8, 0xfd, @time={0x6, 0x9}, {0x6, 0x2d}, {0x8, 0x2}, @control={0xcd, 0x6, 0xd49}}, {0x5, 0x7f, 0x3, 0x5, @time={0x3913, 0x101}, {0x2, 0x8}, {0x40, 0x8}, @raw32={[0x9, 0x9, 0xfffffffb]}}, {0x1, 0xac, 0x6, 0x5, @tick=0x2, {0x1, 0xf9}, {0x80, 0x3}, @raw8={"ae9bfdecbc9d000a86f610d0"}}], 0xc4)
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
preadv2(r3, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x1fee00}], 0x2, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000})
fallocate(r5, 0x1, 0x100000000, 0x80000000)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000)=0x3, 0x4)
syz_emit_ethernet(0x2a, &(0x7f0000000180)={@broadcast, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x8, 0x1c, 0xfffe, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x1, 0x4e20, 0x8}}}}}, 0x0)

1.90757945s ago: executing program 2 (id=4948):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f00001e7000/0x2000)=nil, 0x2000, 0x8003, 0x0, 0x3, 0x2)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000004700)={'team0\x00', <r5=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f000000d840)={0x58, 0x0, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r5}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xf12b}}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000401}, 0x2000c800)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000ac0), r6)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f00000003c0)={0x20, r7, 0x5, 0x0, 0x0, {0x22}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x20}}, 0x4000000)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan3\x00', <r8=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wpan1\x00', <r9=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wpan3\x00', <r10=>0x0})
sendmsg$IEEE802154_LIST_IFACE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x50, r7, 0x0, 0x70bd2b, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r10}]}, 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x2404c040)
r11 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x24040000)

1.837888677s ago: executing program 4 (id=4949):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0xb, 0x0, 0x0, &(0x7f0000000540)='syzkaller\x00', 0x520e854a, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000007c0)={0x3, 0x3, 0x7, 0x9}, 0x10, 0x0, 0xffffffffffffffff, 0x3, &(0x7f0000000800)=[r0], &(0x7f0000000840)=[{0x4, 0x5, 0x7, 0x8}, {0x5, 0x1, 0xd, 0x9}, {0x5, 0x4, 0x5, 0x9}], 0x10, 0x7, @void, @value}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r2, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r3, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1.776271267s ago: executing program 2 (id=4950):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f00001e7000/0x2000)=nil, 0x2000, 0x8003, 0x0, 0x3, 0x2)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000004700)={'team0\x00', <r7=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r5, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f000000d840)={0x58, r6, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r7}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xf12b}}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000401}, 0x2000c800)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000ac0), r8)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r8, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f00000003c0)={0x20, r9, 0x5, 0x0, 0x0, {0x22}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x20}}, 0x4000000)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan3\x00', <r10=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wpan1\x00', <r11=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wpan3\x00', <r12=>0x0})
sendmsg$IEEE802154_LIST_IFACE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x50, r9, 0x0, 0x70bd2b, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r10}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r11}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r12}]}, 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x2404c040)
r13 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r13, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fc", 0x51}], 0x1, 0x0, 0x0, 0x1f000801}, 0x24040000)
read$FUSE(r4, &(0x7f00000007c0)={0x2020}, 0x2020)

1.676805724s ago: executing program 5 (id=4951):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0xfffb}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$kcm(0x10, 0x2, 0x4)
write$dsp(0xffffffffffffffff, &(0x7f00000001c0)='\\', 0x1)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, &(0x7f0000000040)={0xc, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x1, r3, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x5})
timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_BT_SECURITY(r4, 0x112, 0x4, &(0x7f0000000080)={0x4, 0x3}, 0x2)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r5, 0x2285, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
write$sndseq(r6, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
write$sndseq(r6, &(0x7f0000000200), 0x0)
write$sndseq(r6, &(0x7f0000000640)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {0x8}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control={0x6, 0x7fff, 0x8}}, {0x0, 0x0, 0x0, 0x0, @time={0xffffff81}, {}, {}, @time=@time}], 0xa8)
write$sndseq(r6, &(0x7f0000002840)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x54)
write$sndseq(r6, &(0x7f0000000300)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}], 0x8c)
write$sndseq(r6, &(0x7f0000000a40)=[{0x0, 0x0, 0x0, 0x0, @time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}], 0x8c)
write$sndseq(r5, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x38)
write$sndseq(r6, &(0x7f0000000f80)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @addr}, {}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote}], 0x8c)
write$sndseq(r6, &(0x7f00000000c0), 0x0)
write$sndseq(r6, 0x0, 0x0)

1.620835842s ago: executing program 2 (id=4952):
r0 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$tcp_congestion(r0, &(0x7f0000000100)='reno\x00', 0x5)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
write$tcp_congestion(r0, &(0x7f0000000380)='reno\x00', 0x5)

1.561901375s ago: executing program 4 (id=4953):
syz_open_dev$vim2m(&(0x7f0000000300), 0x7ffe, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffc2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
socket$inet6(0xa, 0x3, 0x20)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)=@o_path={&(0x7f0000000000)='./file1\x00', 0x0, 0x4010, r2}, 0x14)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f00000010c0)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}}, 0x0, 0x0, 0x1b, 0x0, "61a1ed8439cde8054f2ada6fcd5fe76b933e8bb0ac60081e33dffa150835f7519d5f73b4f5d80eb4881a5b98cb9fb96d225d602392f816d0bdcc09b5063087117502d8c24f1fe97f61fd27a06d6a38a7"}, 0xd8)
r4 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r4, 0x80045505, &(0x7f0000000280)=@usbdevfs_driver={0x3, 0x0, &(0x7f00000003c0)="16c46f5e2f03e3db3784eb660e3750f40e80761e3c91ce80341121a74ec07963e11ecabf37735fbe3b47828dae3b30ec6e0d3246c05415007cc97856d857683540b18c164d8dae8f1b6b09cd2c8810df53d6a7e532198cd4094f554efae099e591c4ecbe525417ee12fff6c49e030aa3de28dca095025095380cbe5c10d801a956349c60dbbe212e9ed5dbdfdf4148e00141"})
r5 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x1ff, 0x141082)
ioctl$USBDEVFS_SETCONFIGURATION(r5, 0x80045505, &(0x7f0000000000)=0x1)
r6 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_TIMESTAMP(r6, 0x1, 0x23, &(0x7f0000000000)=0x27fb, 0x4)
accept4$unix(r1, &(0x7f0000000300), &(0x7f0000000100)=0x6e, 0x800)
getsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, 0x0, &(0x7f00000001c0)=0xfffffcdd)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r7, &(0x7f0000000040)=0x1c9, 0x12)

1.561330678s ago: executing program 5 (id=4954):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$EBT_SO_GET_INFO(r2, 0x0, 0x80, &(0x7f0000003240)={'broute\x00', 0x0, 0x0, 0x0, [0x0, 0x5bdb, 0xffffffffffffff01, 0x7fff, 0x1, 0x3b]}, &(0x7f00000032c0)=0x78)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000000)={0x10000, 0x34000, 0x1})
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f00000000c0)={0x8000000, 0x1b000, 0x1})
r4 = socket(0x1, 0x80002, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8b24, &(0x7f0000000000)={'wlan0\x00'})
r5 = syz_open_procfs(0x0, &(0x7f0000000280)='loginuid\x00')
read$FUSE(r5, &(0x7f00000007c0)={0x2020}, 0x2020)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r6, 0x405c5503, &(0x7f0000000480)={{0xfffc, 0x3, 0x0, 0x3}, 'syz0\x00', 0x2})
ioctl$UI_DEV_CREATE(r6, 0x5501)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
close_range(r0, 0xffffffffffffffff, 0x0)

1.435641271s ago: executing program 2 (id=4955):
socket$inet6(0xa, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000d26a871dba07e83f34c6e27805b682"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)=ANY=[], 0xd0}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073"], 0x7c}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4276ef66ba420266b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000580)=[@text64={0x40, 0x0}], 0x1, 0x53, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x7, 0xf, 0x9, '\x00', 0x5})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
timer_create(0xfffffffd, 0x0, &(0x7f00000011c0))
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000001280)="b7f2288a91", 0x5)
r5 = accept$alg(r4, 0x0, 0x0)
sendmmsg$alg(r5, &(0x7f0000001900)=[{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000000c0)="5bdbd57a0e656889964df9937f561de9b944d1e381fed329742e239cb13cf2af711d48d2f15b3118abd8fd087f117830209a631f9dfbec5cbbbb2216a2d87dfb0d7dd906c594125a10053c8e288ac4445ff0e999d423cc250e31e8650d248e49ba5fb3be8db01db38acf5a4455630ecb10f753530ada6598a1ff4805370a5cebf05e199368871b2751c242633419d13a6b05a390d21ab1d44be1254385b3d882c646f9762bf3480e05e98c9cc655adb7caa279e66709794e3b93cda0b9a14794e6d020cc68ea70e71a083e1a2b375591203ce218e8d244cf32f5dd7af0ee1ed032d3b59e4d57136639d68b7577553393a9", 0xf1}, {&(0x7f0000000000)="ef7791000dc777", 0x7}], 0x2, 0x0, 0x0, 0x2}], 0x1, 0x0)
recvmmsg(r5, &(0x7f0000002380)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000440)=""/247, 0xf7}], 0x1}, 0x7fff}], 0x1, 0x2101, 0x0)
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000080))

1.432923243s ago: executing program 5 (id=4956):
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'batadv_slave_1\x00', <r1=>0x0})
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000040)={0x15, 0x65, 0xffff, 0x1000, 0x8, '9P2000.u'}, 0x15)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_ext={0x1c, 0x9, &(0x7f00000003c0)=@raw=[@generic={0xff, 0x1, 0xc, 0x6, 0x7}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @initr0={0x18, 0x0, 0x0, 0x0, 0xe33, 0x0, 0x0, 0x0, 0x20eb}, @btf_id={0x18, 0x0, 0x3, 0x0, 0x2}, @map_idx_val={0x18, 0x6, 0x6, 0x0, 0x10, 0x0, 0x0, 0x0, 0xff}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}], &(0x7f00000001c0)='GPL\x00', 0x9, 0xef, &(0x7f0000000580)=""/239, 0x40f00, 0x20, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000680)={0x4, 0x5, 0x3}, 0x10, 0x2b39d, 0xffffffffffffffff, 0x5, &(0x7f0000000840)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x5, 0xa, 0xb}, {0x1, 0x4, 0x4, 0xb}, {0x1, 0x3, 0xb}, {0x2, 0x5, 0x0, 0x5}, {0x4, 0x2, 0x10, 0x7}], 0x10, 0x9, @void, @value}, 0x94)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000c00), 0x200, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x1a, &(0x7f0000000100)=0x401, 0x4)
setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000008c0)={0x14, 0x26, 0x9, 0x80001, 0x80, {0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x400c801}, 0x4000000)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r6, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r6, 0x0)
bind$inet6(r4, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty, 0xffffffff}, 0x1c)
listen(r4, 0x4)
close_range(r3, 0xffffffffffffffff, 0x0)

1.348695014s ago: executing program 9 (id=4957):
getpid()
syz_emit_ethernet(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x60b03, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
madvise(&(0x7f00006c2000/0x4000)=nil, 0x4000, 0x8)

1.253575555s ago: executing program 2 (id=4958):
mbind(&(0x7f0000000000/0x5000)=nil, 0x5000, 0x1, 0x0, 0x0, 0x1)

595.626233ms ago: executing program 8 (id=4959):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r1, &(0x7f0000000300)=[{0x84, 0x77, 0x0, 0xff, @time={0xe, 0x428}, {0xfd}, {0x7}, @raw32={[0x2, 0x0, 0x8000000]}}, {0x2, 0x0, 0x5, 0x83, @tick, {0xfd}, {0x3}, @note={0x81}}, {0x6, 0x3, 0x9, 0x3, @tick=0x1, {0x10, 0x5}, {0xce, 0x2}, @connect={{0x10, 0x3}, {0x6, 0xb}}}], 0x54)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xa8c01)
write$sndseq(r1, &(0x7f0000000380)=[{0x2, 0x6, 0x3, 0x1, @tick=0xd5aa, {0x8, 0xf9}, {0xe, 0x6a}, @control={0x9, 0x5, 0x3}}, {0x81, 0x4f, 0x3, 0xda, @tick=0x1, {0xf7, 0xbc}, {0xe2, 0x1}, @raw32={[0x4, 0x3, 0x10000]}}, {0x6, 0xa, 0x2, 0x3, @tick=0x4, {0x7, 0x81}, {0xa, 0x8}, @quote={{0x4, 0xf}, 0x3, &(0x7f0000000100)={0xce, 0x1, 0x1, 0x4, @tick=0x8, {0x15, 0x9}, {0x2, 0x3}, @time=@time={0x7fff, 0xd}}}}, {0x8, 0x10, 0x0, 0x8, @tick=0xfffffff9, {0x6, 0x3}, {0x9, 0xf1}, @quote={{0x0, 0x8}, 0x4, &(0x7f0000000140)={0x25, 0x2, 0x2, 0x6, @time={0x2, 0x5}, {0x7, 0x8}, {0x5, 0xff}, @time=@time={0x2, 0x9}}}}, {0x7, 0xe, 0x8, 0xfd, @time={0x6, 0x9}, {0x6, 0x2d}, {0x8, 0x2}, @control={0xcd, 0x6, 0xd49}}, {0x5, 0x7f, 0x3, 0x5, @time={0x3913, 0x101}, {0x2, 0x8}, {0x40, 0x8}, @raw32={[0x9, 0x9, 0xfffffffb]}}, {0x1, 0xac, 0x6, 0x5, @tick=0x2, {0x1, 0xf9}, {0x80, 0x3}, @raw8={"ae9bfdecbc9d000a86f610d0"}}], 0xc4)
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
preadv2(r3, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x1fee00}], 0x2, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_GUEST_MEMFD(r4, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000})
fallocate(r5, 0x1, 0x100000000, 0x80000000)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000)=0x3, 0x4)
syz_emit_ethernet(0x2a, &(0x7f0000000180)={@broadcast, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x8, 0x1c, 0xfffe, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x1, 0x4e20, 0x8}}}}}, 0x0)

554.718914ms ago: executing program 5 (id=4960):
r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x1a1300)
poll(&(0x7f00000020c0)=[{r0, 0x9012}], 0x1, 0x0)
read$FUSE(r0, &(0x7f0000000040)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
poll(&(0x7f00000021c0)=[{r0, 0x1000}], 0x1, 0x6)
syz_usb_connect(0x6, 0x2d, &(0x7f0000002200)=ANY=[@ANYBLOB="60aee69982aa06c4c0398d14ebe87bc307b16526a9e79d28520a668afb7ef614a30b29179c04fe6249f18ea253ff011be49dbf1561eab77a4755928fa786063059d043dd86cbd91ef1f7f25bb0994f9577f9bddd4a1d66ee74c187785201e319b730b00caca85eea98315cbfd76718a82659e55c6a6cd9fa8deaf8f496e29e2245dc4f0b22b60ee59f6883c9c462077770f86ce61864ffeaab693a7cbde8f88981afdbc02e0799b135ffa02e78f77ffc0a43518c644da053845b33a36aca50974c6fddbd56b8f2d90adbe5a2201bd3d51fffa2da564cfc7ec58de2024b4a", @ANYRES8=r2, @ANYRES32=r3, @ANYRESOCT=r1], 0x0)

522.137884ms ago: executing program 4 (id=4961):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000000), r1)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000800)={@flat=@binder={0x73622a85, 0xa, 0x0, 0x38}, @flat=@weak_handle={0x77682a85, 0xb, 0x1}, @fda={0x66642a85, 0x3, 0x1, 0x1}}, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
r2 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
pipe2$watch_queue(&(0x7f0000000540)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r3, 0x5761, &(0x7f0000000840)=ANY=[@ANYBLOB="06"])
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r3, 0x0)
add_key$keyring(&(0x7f0000000300), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, r2)
socket$alg(0x26, 0x5, 0x0)
ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000001400)={0x401, 0x0, "a0d42e", 0x7, 0x7})
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000340)={0x26, 'skcipher\x00', 0x0, 0x0, 'chacha20-generic\x00'}, 0x58)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)

439.32067ms ago: executing program 2 (id=4962):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2688644c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6(0xa, 0x2, 0x3a)
r2 = dup(r1)
bind$unix(r2, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e)
ioctl$RTC_ALM_READ(r2, 0x80247008, &(0x7f00000002c0))
r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x283a2, 0x0)
r4 = syz_io_uring_setup(0x673, &(0x7f0000000080)={0x0, 0x0, 0x400, 0x1, 0x322}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r4, 0x7a98, 0x0, 0x0, 0x0, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r7, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r7, 0x6, 0x16, &(0x7f0000000340)=[@window, @mss={0x2, 0x1}, @window, @timestamp, @sack_perm, @timestamp, @timestamp, @sack_perm], 0x2000000000000024)
getsockopt$inet_tcp_buf(r7, 0x6, 0xb, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
r9 = dup(r8)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="7472616e773dadf0ffffffff04ff3d", @ANYRES16=r3, @ANYBLOB=',wfdnO=', @ANYRESHEX=r9, @ANYBLOB=',aname=trans=fd,,k'])
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r10, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r10, 0x3)
syz_emit_ethernet(0x9a, &(0x7f0000000340)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x8c, 0x300, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x1e, 0x2, 0x0, 0x0, 0x1000, {[@md5sig={0x13, 0x12, "c4f6109e091b1dfb4f1531e6d181bc74"}, @md5sig={0x13, 0x12, "c8d38fc1cae0c5946c9a17f066ebce21"}, @timestamp={0x8, 0xa, 0xd6, 0x80}, @nop, @nop, @exp_smc={0xfe, 0x6}, @generic={0x4, 0x8, "c6bf9ab72829"}, @md5sig={0x13, 0x12, "c865d63b15b58d79b8434cca4de10030"}, @exp_fastopen={0xfe, 0x11, 0xf989, "7b2f8bb45b165eaaa53a58533b"}]}}}}}}}, 0x0)
r11 = timerfd_create(0x0, 0x0)
setsockopt$IP_VS_SO_SET_DEL(r2, 0x0, 0x484, &(0x7f0000000240)={0xb7, @multicast1, 0x4e23, 0x4, 'lblc\x00', 0x25, 0x52f8, 0x10}, 0x2c)
r12 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r12, 0x1, r11, &(0x7f0000000200))
timerfd_settime(r9, 0x4, &(0x7f0000000280)={{0x0, 0x989680}, {0x77359400}}, 0x0)
clock_adjtime(0x0, &(0x7f0000000480)={0xd54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000})
openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x121302, 0x0)

363.604572ms ago: executing program 4 (id=4963):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0xb, 0x0, 0x0, &(0x7f0000000540)='syzkaller\x00', 0x520e854a, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x1, 0x5}, 0x8, 0x10, &(0x7f00000007c0)={0x3, 0x3, 0x7, 0x9}, 0x10, 0x0, 0xffffffffffffffff, 0x3, &(0x7f0000000800)=[r0], &(0x7f0000000840)=[{0x4, 0x5, 0x7, 0x8}, {0x5, 0x1, 0xd, 0x9}, {0x5, 0x4, 0x5, 0x9}], 0x10, 0x7, @void, @value}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r2, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r3, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

0s ago: executing program 4 (id=4964):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffc4c, 0x0}}], 0x7dd, 0x40000000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/icmp6\x00')
fchown(r2, 0x0, 0xee01)

kernel console output (not intermixed with test programs):

istering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1231.647794][T18158] 9pnet_fd: Insufficient options for proto=fd
[ 1231.664261][T18158] netlink: 'syz.5.3385': attribute type 10 has an invalid length.
[ 1231.672423][T18158] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3385'.
[ 1232.140512][ T5833] Bluetooth: hci5: command tx timeout
[ 1232.657118][ T7086] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1237.843250][T18209] 9pnet_fd: Insufficient options for proto=fd
[ 1237.871031][T18101] chnl_net:caif_netlink_parms(): no params data found
[ 1237.884177][T18209] netlink: 'syz.1.3397': attribute type 10 has an invalid length.
[ 1237.892071][T18209] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3397'.
[ 1239.460055][ T7086] bridge_slave_1: left allmulticast mode
[ 1239.511997][ T7086] bridge_slave_1: left promiscuous mode
[ 1239.517763][ T7086] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1239.640177][ T7086] bridge_slave_0: left allmulticast mode
[ 1239.697760][ T7086] bridge_slave_0: left promiscuous mode
[ 1239.947000][ T7086] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1243.562653][T18237] delete_channel: no stack
[ 1244.981905][T18261] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3408'.
[ 1247.583731][T18271] 9pnet_fd: Insufficient options for proto=fd
[ 1248.602604][T18279] netlink: 'syz.5.3411': attribute type 10 has an invalid length.
[ 1248.610441][T18279] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3411'.
[ 1249.960420][ T7086] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1249.993941][ T7086] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1250.017051][ T7086] bond0 (unregistering): Released all slaves
[ 1252.992218][T18101] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1253.059596][T18101] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1253.200669][T18101] bridge_slave_0: entered allmulticast mode
[ 1253.293415][T18101] bridge_slave_0: entered promiscuous mode
[ 1254.881115][T18317] delete_channel: no stack
[ 1254.946644][T18321] 9pnet_fd: Insufficient options for proto=fd
[ 1255.318980][T18101] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1256.107066][T18101] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1256.121796][T18101] bridge_slave_1: entered allmulticast mode
[ 1256.138118][T18101] bridge_slave_1: entered promiscuous mode
[ 1256.267649][T18338] 9pnet_fd: Insufficient options for proto=fd
[ 1256.648534][T18331] netlink: 'syz.4.3427': attribute type 10 has an invalid length.
[ 1256.656432][T18331] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3427'.
[ 1256.749457][T18101] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1256.922677][T18101] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1258.324523][T18101] team0: Port device team_slave_0 added
[ 1258.740653][T18364] 9pnet_fd: Insufficient options for proto=fd
[ 1258.862892][ T7086] hsr_slave_0: left promiscuous mode
[ 1258.894427][ T7086] hsr_slave_1: left promiscuous mode
[ 1258.900406][ T7086] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1258.938636][ T7086] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1258.993606][ T7086] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1259.001037][ T7086] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1259.098457][ T7086] veth1_macvtap: left promiscuous mode
[ 1259.122978][ T7086] veth0_macvtap: left promiscuous mode
[ 1259.145085][ T7086] veth1_vlan: left promiscuous mode
[ 1259.202229][ T7086] veth0_vlan: left promiscuous mode
[ 1262.585523][T18399] 9pnet_fd: Insufficient options for proto=fd
[ 1262.729264][T18401] netlink: 'syz.1.3442': attribute type 10 has an invalid length.
[ 1262.737502][T18401] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3442'.
[ 1262.753706][ T7086] team0 (unregistering): Port device team_slave_1 removed
[ 1262.804803][ T7086] team0 (unregistering): Port device team_slave_0 removed
[ 1263.401780][T18101] team0: Port device team_slave_1 added
[ 1263.575468][T18373] delete_channel: no stack
[ 1263.666723][T18101] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1263.714064][T18101] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1263.992764][T18101] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1265.334580][T18101] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1265.341629][T18101] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1265.829413][T18101] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1267.070007][T18101] hsr_slave_0: entered promiscuous mode
[ 1267.080178][T18101] hsr_slave_1: entered promiscuous mode
[ 1268.965054][T18446] 9pnet_fd: Insufficient options for proto=fd
[ 1271.187881][T18446] netlink: 'syz.1.3454': attribute type 10 has an invalid length.
[ 1271.198727][T18446] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3454'.
[ 1271.467476][T18469] overlayfs: missing 'lowerdir'
[ 1274.586875][T18472] delete_channel: no stack
[ 1276.638198][T18513] 9pnet_fd: Insufficient options for proto=fd
[ 1276.657604][T18513] netlink: 'syz.5.3470': attribute type 10 has an invalid length.
[ 1276.666098][T18513] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3470'.
[ 1277.375863][T18101] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1277.413345][T18101] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1277.443675][T18101] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1277.471026][T18101] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1278.708453][T18503] delete_channel: no stack
[ 1285.553185][T12268] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1285.564269][T12268] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1285.572208][T12268] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1285.710948][T12268] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1285.730177][T12268] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1288.357173][T12268] Bluetooth: hci2: command tx timeout
[ 1288.524754][T18575] lo speed is unknown, defaulting to 1000
[ 1288.587031][T18575] lo speed is unknown, defaulting to 1000
[ 1290.771310][T12268] Bluetooth: hci2: command tx timeout
[ 1292.786055][ T5833] Bluetooth: hci2: command tx timeout
[ 1294.250849][T18643] 9pnet_fd: Insufficient options for proto=fd
[ 1294.708829][T18643] netlink: 'syz.1.3498': attribute type 10 has an invalid length.
[ 1294.716896][T18643] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3498'.
[ 1294.865774][ T5833] Bluetooth: hci2: command tx timeout
[ 1296.438392][T18641] delete_channel: no stack
[ 1296.701138][T18640] delete_channel: no stack
[ 1297.742315][T18575] chnl_net:caif_netlink_parms(): no params data found
[ 1297.904417][T18652] delete_channel: no stack
[ 1297.986221][T17633] bridge_slave_1: left allmulticast mode
[ 1298.001270][T17633] bridge_slave_1: left promiscuous mode
[ 1298.022435][T17633] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1298.043660][T17633] bridge_slave_0: left allmulticast mode
[ 1298.055954][T17633] bridge_slave_0: left promiscuous mode
[ 1298.072804][T17633] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1300.853196][T18690] 9pnet_fd: Insufficient options for proto=fd
[ 1301.010573][T17633] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1301.023802][T18693] overlayfs: missing 'lowerdir'
[ 1301.041639][T18695] netlink: 'syz.5.3508': attribute type 10 has an invalid length.
[ 1301.049909][T18695] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3508'.
[ 1301.062476][T17633] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1301.778495][T17633] bond0 (unregistering): Released all slaves
[ 1307.155156][T18724] delete_channel: no stack
[ 1307.276880][T18575] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1307.287619][T18575] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1307.313447][T18575] bridge_slave_0: entered allmulticast mode
[ 1308.301347][T18575] bridge_slave_0: entered promiscuous mode
[ 1308.437251][T17633] hsr_slave_0: left promiscuous mode
[ 1309.792762][T17633] hsr_slave_1: left promiscuous mode
[ 1309.822105][T17633] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1310.213970][T17633] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1315.427305][T18792] s
z1: rxe_newlink: already configured on lo
[ 1315.705475][T17633] team0 (unregistering): Port device team_slave_1 removed
[ 1315.744909][T17633] team0 (unregistering): Port device team_slave_0 removed
[ 1317.650062][T18575] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1317.760502][T18575] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1317.875828][T18575] bridge_slave_1: entered allmulticast mode
[ 1318.134467][T18575] bridge_slave_1: entered promiscuous mode
[ 1318.268970][T18785] lo speed is unknown, defaulting to 1000
[ 1318.276697][T18785] lo speed is unknown, defaulting to 1000
[ 1318.283443][T18785] lo speed is unknown, defaulting to 1000
[ 1318.464871][T18785] infiniband syz0: set active
[ 1318.469811][T18785] infiniband syz0: added lo
[ 1318.475742][T18785] syz0: rxe_create_cq: returned err = -12
[ 1318.481684][T18785] infiniband syz0: Couldn't create ib_mad CQ
[ 1318.487869][T18785] infiniband syz0: Couldn't open port 1
[ 1318.650816][T18785] RDS/IB: syz0: added
[ 1318.655232][T18785] smc: adding ib device syz0 with port count 1
[ 1318.661738][T18785] smc:    ib device syz0 port 1 has pnetid 
[ 1319.881116][   T24] lo speed is unknown, defaulting to 1000
[ 1319.914087][T18785] lo speed is unknown, defaulting to 1000
[ 1320.505518][T18785] lo speed is unknown, defaulting to 1000
[ 1320.769368][T18785] lo speed is unknown, defaulting to 1000
[ 1320.816968][   T43] lo speed is unknown, defaulting to 1000
[ 1320.831301][T18575] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1320.862624][T18575] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1321.275030][T18785] lo speed is unknown, defaulting to 1000
[ 1321.473243][T18785] lo speed is unknown, defaulting to 1000
[ 1321.820080][T18575] team0: Port device team_slave_0 added
[ 1321.869076][T18575] team0: Port device team_slave_1 added
[ 1324.779538][T18575] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1324.787918][T18575] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1324.910368][T18575] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1324.985389][T18575] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1325.053669][T18575] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1325.157445][T18575] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1325.240053][T18860] s
z1: rxe_newlink: already configured on lo
[ 1325.338042][T18862] rdma_rxe: rxe_newlink: failed to add lo
[ 1326.092624][T18575] hsr_slave_0: entered promiscuous mode
[ 1326.132086][T18575] hsr_slave_1: entered promiscuous mode
[ 1326.353320][T18870] s
z1: rxe_newlink: already configured on lo
[ 1327.671465][T18868] rdma_rxe: rxe_newlink: failed to add lo
[ 1328.238371][T18884] s
z1: rxe_newlink: already configured on lo
[ 1329.126639][T18885] syz0: rxe_newlink: already configured on lo
[ 1329.432244][T18880] 9pnet_fd: Insufficient options for proto=fd
[ 1329.881338][T18895] syz0: rxe_newlink: already configured on lo
[ 1330.635846][T18896] s
z1: rxe_newlink: already configured on lo
[ 1332.572525][T18905] rdma_rxe: rxe_newlink: failed to add lo
[ 1333.254277][T18906] syz0: rxe_newlink: already configured on lo
[ 1334.439316][T18920] syz0: rxe_newlink: already configured on lo
[ 1335.938950][T18928] 9pnet_fd: Insufficient options for proto=fd
[ 1337.143350][T18940] rdma_rxe: rxe_newlink: failed to add lo
[ 1338.134016][T18947] syz0: rxe_newlink: already configured on lo
[ 1338.695737][T18575] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1338.835512][T18575] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1339.114578][T18953] rdma_rxe: rxe_newlink: failed to add lo
[ 1340.013901][T18957] syz0: rxe_newlink: already configured on lo
[ 1340.811064][T18961] rdma_rxe: rxe_newlink: failed to add lo
[ 1345.363518][T18980] rdma_rxe: rxe_newlink: failed to add lo
[ 1346.414151][T18981] rdma_rxe: rxe_newlink: failed to add lo
[ 1348.198365][T18989] 9pnet_fd: Insufficient options for proto=fd
[ 1348.289727][T12268] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1348.300531][T12268] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1348.309902][T12268] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1348.326012][T12268] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1348.334081][T12268] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1349.284402][T18991] lo speed is unknown, defaulting to 1000
[ 1349.656968][T18991] lo speed is unknown, defaulting to 1000
[ 1350.612493][T12268] Bluetooth: hci5: command tx timeout
[ 1351.489882][T18991] lo speed is unknown, defaulting to 1000
[ 1352.629261][T12268] Bluetooth: hci5: command tx timeout
[ 1352.679988][T19017] syz0: rxe_newlink: already configured on lo
[ 1355.041247][ T5833] Bluetooth: hci5: command tx timeout
[ 1355.158228][T19021] rdma_rxe: rxe_newlink: failed to add lo
[ 1355.203144][T19006] rdma_rxe: rxe_newlink: failed to add lo
[ 1356.004556][T19031] 9pnet_fd: Insufficient options for proto=fd
[ 1356.296161][T19034] 9pnet_fd: Insufficient options for proto=fd
[ 1356.303295][T19031] netlink: 'syz.2.3588': attribute type 10 has an invalid length.
[ 1356.311161][T19031] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3588'.
[ 1356.406505][T19041] rdma_rxe: rxe_newlink: failed to add lo
[ 1357.102805][T19034] netlink: 'syz.1.3590': attribute type 10 has an invalid length.
[ 1357.110837][T19034] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3590'.
[ 1357.138021][T12268] Bluetooth: hci5: command tx timeout
[ 1357.316112][T18991] chnl_net:caif_netlink_parms(): no params data found
[ 1358.099538][T19047] 9pnet_fd: Insufficient options for proto=fd
[ 1358.292622][T19051] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3595'.
[ 1360.955236][T19064] rdma_rxe: rxe_newlink: failed to add lo
[ 1361.795009][T19071] rdma_rxe: rxe_newlink: failed to add lo
[ 1362.148272][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1363.449058][T18991] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1363.457236][T18991] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1363.473346][T18991] bridge_slave_0: entered allmulticast mode
[ 1363.505325][T18991] bridge_slave_0: entered promiscuous mode
[ 1363.525840][T18991] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1363.555774][T18991] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1363.578431][T18991] bridge_slave_1: entered allmulticast mode
[ 1363.604288][T18991] bridge_slave_1: entered promiscuous mode
[ 1364.458256][T19087] syz0: rxe_newlink: already configured on lo
[ 1364.978510][T19090] 9pnet_fd: Insufficient options for proto=fd
[ 1365.033172][T19090] netlink: 'syz.5.3605': attribute type 10 has an invalid length.
[ 1365.041040][T19090] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3605'.
[ 1365.122103][T18991] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1365.179696][T18991] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1365.516808][T19097] s
z1: rxe_newlink: already configured on lo
[ 1365.544652][T19100] syz0: rxe_newlink: already configured on lo
[ 1367.206452][T18991] team0: Port device team_slave_0 added
[ 1367.289888][T18991] team0: Port device team_slave_1 added
[ 1367.366034][   T59] bridge_slave_1: left allmulticast mode
[ 1367.385124][   T59] bridge_slave_1: left promiscuous mode
[ 1367.400413][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1367.434126][   T59] bridge_slave_0: left allmulticast mode
[ 1367.465455][   T59] bridge_slave_0: left promiscuous mode
[ 1367.490368][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1368.570899][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1368.679283][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1368.741319][   T59] bond0 (unregistering): Released all slaves
[ 1368.957507][T19133] rdma_rxe: rxe_newlink: failed to add lo
[ 1369.720842][T19137] 9pnet_fd: Insufficient options for proto=fd
[ 1369.857239][T18991] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1369.888309][T18991] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1370.022236][T18991] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1370.075045][T18991] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1370.105433][T18991] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1370.342178][T19141] rdma_rxe: rxe_newlink: failed to add lo
[ 1370.635025][T18991] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1372.033578][T18991] hsr_slave_0: entered promiscuous mode
[ 1372.059354][T18991] hsr_slave_1: entered promiscuous mode
[ 1372.066021][T18991] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1372.087252][T18991] Cannot create hsr debugfs directory
[ 1372.137278][   T59] hsr_slave_0: left promiscuous mode
[ 1372.157442][   T59] hsr_slave_1: left promiscuous mode
[ 1372.181980][   T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1372.206247][   T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1372.832062][   T59] team0 (unregistering): Port device team_slave_1 removed
[ 1372.966924][   T59] team0 (unregistering): Port device team_slave_0 removed
[ 1373.451132][T19154] rdma_rxe: rxe_newlink: failed to add lo
[ 1376.897098][T19176] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3624'.
[ 1376.908496][T18991] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1376.952516][T18991] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1376.967667][T19177] rdma_rxe: rxe_newlink: failed to add lo
[ 1377.031171][T18991] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1377.161017][T19179] 9pnet_fd: Insufficient options for proto=fd
[ 1377.207954][T18991] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1378.645041][T18991] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1378.730618][T18991] 8021q: adding VLAN 0 to HW filter on device team0
[ 1378.791144][ T6366] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1378.798332][ T6366] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1378.856515][ T5963] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1378.863740][ T5963] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1380.385152][T19203] rdma_rxe: rxe_newlink: failed to add lo
[ 1381.392105][T18991] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1382.818870][T19221] 9pnet_fd: Insufficient options for proto=fd
[ 1383.566419][T18991] veth0_vlan: entered promiscuous mode
[ 1383.583475][T19231] rdma_rxe: rxe_newlink: failed to add lo
[ 1383.615771][T18991] veth1_vlan: entered promiscuous mode
[ 1384.235056][T19234] s
z1: rxe_newlink: already configured on lo
[ 1384.251351][T18991] veth0_macvtap: entered promiscuous mode
[ 1384.342146][T18991] veth1_macvtap: entered promiscuous mode
[ 1384.920954][T18991] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1385.021880][T18991] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1385.118173][T18991] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1385.162700][T18991] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1385.182555][T18991] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1385.206534][T18991] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1385.625273][T16378] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1385.665445][T16378] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1385.824219][T17637] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1385.872558][T17637] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1386.908182][T19254] rdma_rxe: rxe_newlink: failed to add lo
[ 1387.894064][T19263] 9pnet_fd: Insufficient options for proto=fd
[ 1389.201149][T19275] s
z1: rxe_newlink: already configured on lo
[ 1392.761686][T10438] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1392.930223][T10438] usb 9-1: Using ep0 maxpacket: 16
[ 1392.954413][T10438] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1392.985662][T10438] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1393.066489][T10438] usb 9-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[ 1393.088249][T10438] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1393.173062][T10438] usb 9-1: config 0 descriptor??
[ 1395.510225][T10438] usbhid 9-1:0.0: can't add hid device: -71
[ 1395.537696][T10438] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1395.689492][T10438] usb 9-1: USB disconnect, device number 2
[ 1396.418587][T10438] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1396.614760][T10438] usb 9-1: Using ep0 maxpacket: 16
[ 1396.628141][T10438] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1396.711330][T10438] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1396.768940][T10438] usb 9-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[ 1396.810433][T10438] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1396.880218][T10438] usb 9-1: config 0 descriptor??
[ 1398.703389][T10438] usbhid 9-1:0.0: can't add hid device: -71
[ 1399.243520][T10438] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1399.294526][T10438] usb 9-1: USB disconnect, device number 3
[ 1399.480687][T19333] 9pnet_fd: Insufficient options for proto=fd
[ 1404.605322][T19365] rdma_rxe: rxe_newlink: failed to add lo
[ 1407.427891][T19381] 9pnet_fd: Insufficient options for proto=fd
[ 1407.517595][T19382] syz0: rxe_newlink: already configured on lo
[ 1420.624000][T19456] syz0: rxe_newlink: already configured on lo
[ 1424.948851][T19486] rdma_rxe: rxe_newlink: failed to add lo
[ 1425.723261][T19488] 9pnet_fd: Insufficient options for proto=fd
[ 1427.179982][T18065] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1427.369507][T18065] usb 9-1: Using ep0 maxpacket: 16
[ 1427.383223][T18065] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1427.489125][T18065] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1427.541430][T18065] usb 9-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[ 1427.579012][T18065] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1427.794222][T18065] usb 9-1: config 0 descriptor??
[ 1430.095380][T18065] usbhid 9-1:0.0: can't add hid device: -71
[ 1430.113968][T18065] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1430.164595][T18065] usb 9-1: USB disconnect, device number 4
[ 1432.222545][T19542] 9pnet_fd: Insufficient options for proto=fd
[ 1434.169502][T19551] rdma_rxe: rxe_newlink: failed to add lo
[ 1434.234498][T19551] netlink: 'syz.8.3717': attribute type 1 has an invalid length.
[ 1434.244361][T19551] netlink: 224 bytes leftover after parsing attributes in process `syz.8.3717'.
[ 1435.144723][T19557] s
z1: rxe_newlink: already configured on lo
[ 1436.799804][T19571] rdma_rxe: rxe_newlink: failed to add lo
[ 1436.901694][   T43] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1437.369533][   T43] usb 9-1: Using ep0 maxpacket: 16
[ 1437.396829][   T43] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1438.065645][   T43] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1438.126262][   T43] usb 9-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[ 1438.191140][   T43] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1438.242960][   T43] usb 9-1: config 0 descriptor??
[ 1439.608815][T19583] 9pnet_fd: Insufficient options for proto=fd
[ 1440.045103][   T43] usbhid 9-1:0.0: can't add hid device: -71
[ 1440.081578][   T43] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1440.179785][   T43] usb 9-1: USB disconnect, device number 5
[ 1441.059461][   T43] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[ 1441.349129][   T43] usb 9-1: Using ep0 maxpacket: 16
[ 1441.366269][   T43] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1441.563969][   T43] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1442.016465][   T43] usb 9-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[ 1442.034305][   T43] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1442.150491][   T43] usb 9-1: config 0 descriptor??
[ 1443.720033][   T43] usbhid 9-1:0.0: can't add hid device: -71
[ 1443.726015][   T43] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1443.758701][   T43] usb 9-1: USB disconnect, device number 6
[ 1446.556516][T19628] s
z1: rxe_newlink: already configured on lo
[ 1449.492311][T19646] 9pnet_fd: Insufficient options for proto=fd
[ 1450.869227][T19651] rdma_rxe: rxe_newlink: failed to add lo
[ 1450.879951][T19651] netlink: 'syz.8.3736': attribute type 1 has an invalid length.
[ 1450.888382][T19651] netlink: 224 bytes leftover after parsing attributes in process `syz.8.3736'.
[ 1452.169345][  T977] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[ 1452.699742][  T977] usb 9-1: Using ep0 maxpacket: 16
[ 1452.713449][  T977] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1452.741255][  T977] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1452.775228][  T977] usb 9-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[ 1452.803390][  T977] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1452.836224][  T977] usb 9-1: config 0 descriptor??
[ 1453.239833][T19673] rdma_rxe: rxe_newlink: failed to add lo
[ 1454.419809][  T977] usbhid 9-1:0.0: can't add hid device: -71
[ 1454.442847][  T977] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1454.499550][  T977] usb 9-1: USB disconnect, device number 7
[ 1455.340709][T19682] rdma_rxe: rxe_newlink: failed to add lo
[ 1455.350239][T19682] netlink: 'syz.8.3751': attribute type 1 has an invalid length.
[ 1455.357991][T19682] netlink: 224 bytes leftover after parsing attributes in process `syz.8.3751'.
[ 1456.308037][T19696] rdma_rxe: rxe_newlink: failed to add lo
[ 1457.096902][ T5978] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[ 1457.999514][ T5978] usb 9-1: Using ep0 maxpacket: 16
[ 1458.046699][ T5978] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1458.094894][ T5978] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1458.135884][ T5978] usb 9-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[ 1458.299671][ T5978] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1458.679305][T19716] rdma_rxe: rxe_newlink: failed to add lo
[ 1458.718783][ T5978] usb 9-1: config 0 descriptor??
[ 1458.733679][ T5978] usb 9-1: can't set config #0, error -71
[ 1458.752967][ T5978] usb 9-1: USB disconnect, device number 8
[ 1463.762912][T19756] s
z1: rxe_newlink: already configured on lo
[ 1466.896619][T19783] rdma_rxe: rxe_newlink: failed to add lo
[ 1470.381304][T19816] rdma_rxe: rxe_newlink: failed to add lo
[ 1471.648881][T19828] rdma_rxe: rxe_newlink: failed to add lo
[ 1471.969222][T19808] Bluetooth: hci5: command 0x0406 tx timeout
[ 1472.410003][T19830] rdma_rxe: rxe_newlink: failed to add lo
[ 1472.439626][T19830] netlink: 'syz.8.3783': attribute type 1 has an invalid length.
[ 1472.447420][T19830] netlink: 224 bytes leftover after parsing attributes in process `syz.8.3783'.
[ 1478.316881][T19866] s
z1: rxe_newlink: already configured on lo
[ 1479.252668][T19871] rdma_rxe: rxe_newlink: failed to add lo
[ 1479.282624][T19871] netlink: 'syz.8.3793': attribute type 1 has an invalid length.
[ 1479.290467][T19871] netlink: 224 bytes leftover after parsing attributes in process `syz.8.3793'.
[ 1481.062861][T19883] rdma_rxe: rxe_newlink: failed to add lo
[ 1481.090941][T19883] netlink: 'syz.8.3795': attribute type 1 has an invalid length.
[ 1481.098938][T19883] netlink: 224 bytes leftover after parsing attributes in process `syz.8.3795'.
[ 1481.994031][T19884] rdma_rxe: rxe_newlink: failed to add lo
[ 1483.424929][T19894] 9pnet_fd: Insufficient options for proto=fd
[ 1483.444797][T19894] netlink: 'syz.1.3801': attribute type 10 has an invalid length.
[ 1483.452901][T19894] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3801'.
[ 1483.479423][T19192] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[ 1484.549674][T19192] usb 9-1: Using ep0 maxpacket: 16
[ 1484.591736][T19192] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1484.849676][T19192] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1485.199062][T19900] rdma_rxe: rxe_newlink: failed to add lo
[ 1485.257246][T19192] usb 9-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[ 1485.320601][T19192] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1485.387057][T19192] usb 9-1: config 0 descriptor??
[ 1485.484420][T19192] usbhid 9-1:0.0: can't add hid device: -71
[ 1485.614693][T19192] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1485.691697][T19192] usb 9-1: USB disconnect, device number 9
[ 1486.089236][T19909] rdma_rxe: rxe_newlink: failed to add lo
[ 1487.189346][T19919] rdma_rxe: rxe_newlink: failed to add lo
[ 1487.217062][T19919] netlink: 'syz.8.3807': attribute type 1 has an invalid length.
[ 1487.225095][T19919] netlink: 224 bytes leftover after parsing attributes in process `syz.8.3807'.
[ 1490.816483][T19941] 9pnet_fd: Insufficient options for proto=fd
[ 1490.843540][T19941] netlink: 'syz.1.3812': attribute type 10 has an invalid length.
[ 1490.851608][T19941] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3812'.
[ 1492.198114][T19956] syz0: rxe_newlink: already configured on lo
[ 1493.527788][T19969] rdma_rxe: rxe_newlink: failed to add lo
[ 1494.494466][T19968] syz0: rxe_newlink: already configured on lo
[ 1497.437498][T19996] netlink: 'syz.8.3824': attribute type 10 has an invalid length.
[ 1497.445572][T19996] netlink: 40 bytes leftover after parsing attributes in process `syz.8.3824'.
[ 1498.395115][T19996] team0: Port device geneve0 added
[ 1499.404813][T20005] syz0: rxe_newlink: already configured on lo
[ 1500.148052][T20007] s
z1: rxe_newlink: already configured on lo
[ 1501.227384][T20016] rdma_rxe: rxe_newlink: failed to add lo
[ 1501.251726][T20016] netlink: 'syz.8.3829': attribute type 1 has an invalid length.
[ 1501.259591][T20016] netlink: 224 bytes leftover after parsing attributes in process `syz.8.3829'.
[ 1502.133642][T20015] syz0: rxe_newlink: already configured on lo
[ 1504.059597][T20029] rdma_rxe: rxe_newlink: failed to add lo
[ 1505.861221][T20045] rdma_rxe: rxe_newlink: failed to add lo
[ 1507.141035][T20049] rdma_rxe: rxe_newlink: failed to add lo
[ 1508.296196][T20058] rdma_rxe: rxe_newlink: failed to add lo
[ 1509.320333][T20066] rdma_rxe: rxe_newlink: failed to add lo
[ 1509.350153][T20066] netlink: 'syz.8.3842': attribute type 1 has an invalid length.
[ 1509.358133][T20066] netlink: 224 bytes leftover after parsing attributes in process `syz.8.3842'.
[ 1510.829387][T18065] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[ 1511.361141][T18065] usb 9-1: Using ep0 maxpacket: 16
[ 1511.409857][T18065] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1511.493140][T18065] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1511.604722][T18065] usb 9-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[ 1511.681355][T18065] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1511.704534][T18065] usb 9-1: config 0 descriptor??
[ 1512.372151][T20088] rdma_rxe: rxe_newlink: failed to add lo
[ 1513.609457][T20093] s
z1: rxe_newlink: already configured on lo
[ 1517.564953][T18065] usbhid 9-1:0.0: can't add hid device: -71
[ 1517.584494][T18065] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1517.653896][T18065] usb 9-1: USB disconnect, device number 10
[ 1518.213890][T20122] rdma_rxe: rxe_newlink: failed to add lo
[ 1518.280121][T20122] netlink: 'syz.8.3856': attribute type 1 has an invalid length.
[ 1518.292086][T20122] netlink: 224 bytes leftover after parsing attributes in process `syz.8.3856'.
[ 1520.044571][T20131] rdma_rxe: rxe_newlink: failed to add lo
[ 1520.053506][T20131] netlink: 'syz.8.3858': attribute type 1 has an invalid length.
[ 1520.061390][T20131] netlink: 224 bytes leftover after parsing attributes in process `syz.8.3858'.
[ 1522.000972][T20159] syz0: rxe_newlink: already configured on lo
[ 1524.299417][T18065] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[ 1524.499553][T18065] usb 9-1: Using ep0 maxpacket: 16
[ 1524.530151][T18065] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1524.553681][T18065] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1525.338146][T18065] usb 9-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[ 1525.385446][T18065] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1525.435496][T18065] usb 9-1: config 0 descriptor??
[ 1527.008630][T18065] usbhid 9-1:0.0: can't add hid device: -71
[ 1527.039455][T18065] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1527.105661][T18065] usb 9-1: USB disconnect, device number 11
[ 1527.599713][T18065] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[ 1527.846137][T20191] overlayfs: missing 'lowerdir'
[ 1527.979330][T18065] usb 9-1: Using ep0 maxpacket: 16
[ 1527.993195][T18065] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1528.023180][T18065] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1528.231845][T18065] usb 9-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[ 1528.255844][T18065] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1528.291884][T18065] usb 9-1: config 0 descriptor??
[ 1528.386649][T20197] s
z1: rxe_newlink: already configured on lo
[ 1529.556757][T20206] s
z1: rxe_newlink: already configured on lo
[ 1530.259504][T18065] usbhid 9-1:0.0: can't add hid device: -71
[ 1530.265634][T18065] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1530.312489][T18065] usb 9-1: USB disconnect, device number 12
[ 1533.254736][T20227] 9pnet_fd: Insufficient options for proto=fd
[ 1533.617397][T20231] 9pnet_fd: Insufficient options for proto=fd
[ 1533.640389][T20233] 9pnet_fd: Insufficient options for proto=fd
[ 1533.672508][T20233] netlink: 'syz.1.3888': attribute type 10 has an invalid length.
[ 1533.680577][T20233] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3888'.
[ 1534.724487][T20238] 9pnet_fd: Insufficient options for proto=fd
[ 1535.133982][T20247] 9pnet_fd: Insufficient options for proto=fd
[ 1535.190578][T20247] netlink: 'syz.4.3896': attribute type 10 has an invalid length.
[ 1535.198466][T20247] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3896'.
[ 1536.237619][T20259] 9pnet_fd: Insufficient options for proto=fd
[ 1536.256704][T20259] netlink: 'syz.2.3900': attribute type 10 has an invalid length.
[ 1536.264891][T20259] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3900'.
[ 1536.845791][T20264] 9pnet_fd: Insufficient options for proto=fd
[ 1536.985465][T20263] s
z1: rxe_newlink: already configured on lo
[ 1538.349088][T20282] overlayfs: missing 'lowerdir'
[ 1539.179511][T20288] 9pnet_fd: Insufficient options for proto=fd
[ 1539.234328][T20288] netlink: 'syz.5.3909': attribute type 10 has an invalid length.
[ 1539.242195][T20288] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3909'.
[ 1539.400560][T20290] 9pnet_fd: Insufficient options for proto=fd
[ 1539.419815][T20290] netlink: 'syz.5.3911': attribute type 10 has an invalid length.
[ 1539.427627][T20290] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3911'.
[ 1540.788415][T20306] 9pnet_fd: Insufficient options for proto=fd
[ 1540.828211][T20306] netlink: 'syz.4.3917': attribute type 10 has an invalid length.
[ 1540.836484][T20306] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3917'.
[ 1541.038400][T20310] overlayfs: missing 'lowerdir'
[ 1542.380510][T20324] 9pnet_fd: Insufficient options for proto=fd
[ 1542.413956][T20324] netlink: 'syz.4.3923': attribute type 10 has an invalid length.
[ 1542.421831][T20324] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3923'.
[ 1543.512559][T20329] 9pnet_fd: Insufficient options for proto=fd
[ 1543.696283][T20338] 9pnet_fd: Insufficient options for proto=fd
[ 1544.408264][T20350] 9pnet_fd: Insufficient options for proto=fd
[ 1544.442779][T20352] 9pnet_fd: Insufficient options for proto=fd
[ 1544.468214][T20352] netlink: 'syz.2.3933': attribute type 10 has an invalid length.
[ 1544.476179][T20352] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3933'.
[ 1544.702905][T20339] netlink: 'syz.8.3928': attribute type 10 has an invalid length.
[ 1544.711062][T20339] netlink: 40 bytes leftover after parsing attributes in process `syz.8.3928'.
[ 1545.471007][T20356] 9pnet_fd: Insufficient options for proto=fd
[ 1545.557356][T20356] netlink: 'syz.4.3935': attribute type 10 has an invalid length.
[ 1545.565225][T20356] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3935'.
[ 1548.305404][T20394] 9pnet_fd: Insufficient options for proto=fd
[ 1548.407503][T20394] netlink: 'syz.5.3946': attribute type 10 has an invalid length.
[ 1548.416536][T20394] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3946'.
[ 1548.498728][T20397] 9pnet_fd: Insufficient options for proto=fd
[ 1548.571284][T20397] netlink: 'syz.2.3947': attribute type 10 has an invalid length.
[ 1548.584116][T20397] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3947'.
[ 1548.660256][T20401] 9pnet_fd: Insufficient options for proto=fd
[ 1548.962249][T20403] 9pnet_fd: Insufficient options for proto=fd
[ 1549.182276][T20403] netlink: 'syz.5.3949': attribute type 10 has an invalid length.
[ 1549.191702][T20403] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3949'.
[ 1549.285571][T20406] 9pnet_fd: Insufficient options for proto=fd
[ 1549.368006][T20406] netlink: 'syz.2.3950': attribute type 10 has an invalid length.
[ 1549.377513][T20406] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3950'.
[ 1551.528723][T20420] 9pnet_fd: Insufficient options for proto=fd
[ 1551.636843][T20423] 9pnet_fd: Insufficient options for proto=fd
[ 1551.752309][T20428] netlink: 'syz.5.3956': attribute type 10 has an invalid length.
[ 1551.769338][T20428] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3956'.
[ 1551.881635][T20431] 9pnet_fd: Insufficient options for proto=fd
[ 1551.903657][T20431] netlink: 'syz.4.3959': attribute type 10 has an invalid length.
[ 1551.911730][T20431] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3959'.
[ 1552.748099][T20439] 9pnet_fd: Insufficient options for proto=fd
[ 1552.766592][T20439] netlink: 'syz.5.3962': attribute type 10 has an invalid length.
[ 1552.774664][T20439] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3962'.
[ 1554.354243][T20457] 9pnet_fd: Insufficient options for proto=fd
[ 1554.399118][T20457] netlink: 'syz.1.3968': attribute type 10 has an invalid length.
[ 1554.407138][T20457] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3968'.
[ 1554.827054][T20464] netlink: 'syz.8.3971': attribute type 10 has an invalid length.
[ 1554.835066][T20464] netlink: 40 bytes leftover after parsing attributes in process `syz.8.3971'.
[ 1555.121674][T20466] 9pnet_fd: Insufficient options for proto=fd
[ 1555.135806][T20466] netlink: 'syz.1.3972': attribute type 10 has an invalid length.
[ 1555.143909][T20466] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3972'.
[ 1555.509940][T20475] 9pnet_fd: Insufficient options for proto=fd
[ 1555.528417][T20475] netlink: 'syz.5.3976': attribute type 10 has an invalid length.
[ 1555.536286][T20475] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3976'.
[ 1556.623138][T20479] 9pnet_fd: Insufficient options for proto=fd
[ 1556.698746][T20479] netlink: 'syz.5.3977': attribute type 10 has an invalid length.
[ 1556.739393][T20479] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3977'.
[ 1558.942007][T20499] 9pnet_fd: Insufficient options for proto=fd
[ 1559.140671][T20506] 9pnet_fd: Insufficient options for proto=fd
[ 1559.157405][T20506] netlink: 'syz.2.3987': attribute type 10 has an invalid length.
[ 1559.165270][T20506] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3987'.
[ 1559.675712][T20523] 9pnet_fd: Insufficient options for proto=fd
[ 1559.691324][T20524] 9pnet_fd: Insufficient options for proto=fd
[ 1559.706615][T20524] netlink: 'syz.5.3992': attribute type 10 has an invalid length.
[ 1559.714875][T20524] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3992'.
[ 1560.651502][T20529] 9pnet_fd: Insufficient options for proto=fd
[ 1560.863453][T20529] netlink: 'syz.4.3995': attribute type 10 has an invalid length.
[ 1560.871540][T20529] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3995'.
[ 1561.754519][T20541] 9pnet_fd: Insufficient options for proto=fd
[ 1561.781330][T20541] netlink: 'syz.2.3998': attribute type 10 has an invalid length.
[ 1561.789349][T20541] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3998'.
[ 1561.820486][T20544] 9pnet_fd: Insufficient options for proto=fd
[ 1561.842678][T20544] netlink: 'syz.4.3999': attribute type 10 has an invalid length.
[ 1561.850576][T20544] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3999'.
[ 1562.156664][T20549] s
z1: rxe_newlink: already configured on lo
[ 1562.262369][T20551] 9pnet_fd: Insufficient options for proto=fd
[ 1562.400634][T20553] netlink: 'syz.4.4002': attribute type 10 has an invalid length.
[ 1562.408511][T20553] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4002'.
[ 1562.540889][T20555] 9pnet_fd: Insufficient options for proto=fd
[ 1562.582537][T20555] netlink: 'syz.2.4003': attribute type 10 has an invalid length.
[ 1562.590403][T20555] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4003'.
[ 1562.813530][T20559] 9pnet_fd: Insufficient options for proto=fd
[ 1562.857254][T20559] netlink: 'syz.4.4005': attribute type 10 has an invalid length.
[ 1562.867193][T20559] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4005'.
[ 1562.983004][T20561] 9pnet_fd: Insufficient options for proto=fd
[ 1563.004602][T20561] netlink: 'syz.2.4006': attribute type 10 has an invalid length.
[ 1563.012907][T20561] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4006'.
[ 1563.080584][T20563] 9pnet_fd: Insufficient options for proto=fd
[ 1563.155279][T20563] netlink: 'syz.4.4007': attribute type 10 has an invalid length.
[ 1563.163237][T20563] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4007'.
[ 1563.392355][T20572] 9pnet_fd: Insufficient options for proto=fd
[ 1563.599702][T20575] 9pnet_fd: Insufficient options for proto=fd
[ 1563.840157][T20580] 9pnet_fd: Insufficient options for proto=fd
[ 1564.475415][T20587] 9pnet_fd: Insufficient options for proto=fd
[ 1564.845523][T20587] validate_nla: 3 callbacks suppressed
[ 1564.845536][T20587] netlink: 'syz.5.3997': attribute type 10 has an invalid length.
[ 1564.859039][T20587] __nla_validate_parse: 4 callbacks suppressed
[ 1564.859048][T20587] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3997'.
[ 1565.054948][T20592] 9pnet_fd: Insufficient options for proto=fd
[ 1565.258635][T20600] 9pnet_fd: Insufficient options for proto=fd
[ 1565.294912][T20604] 9pnet_fd: Insufficient options for proto=fd
[ 1565.314484][T20600] netlink: 'syz.4.4022': attribute type 10 has an invalid length.
[ 1565.322756][T20600] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4022'.
[ 1565.393400][T20604] netlink: 'syz.5.4023': attribute type 10 has an invalid length.
[ 1565.401275][T20604] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4023'.
[ 1565.618237][T20611] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4025'.
[ 1566.300991][T20609] 9pnet_fd: Insufficient options for proto=fd
[ 1566.365772][T20609] netlink: 'syz.5.4026': attribute type 10 has an invalid length.
[ 1566.376760][T20609] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4026'.
[ 1566.622384][T20618] 9pnet_fd: Insufficient options for proto=fd
[ 1566.731051][T20620] 9pnet_fd: Insufficient options for proto=fd
[ 1566.886555][T20624] 9pnet_fd: Insufficient options for proto=fd
[ 1566.951322][T20624] netlink: 'syz.5.4032': attribute type 10 has an invalid length.
[ 1566.959189][T20624] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4032'.
[ 1567.136916][T20628] 9pnet_fd: Insufficient options for proto=fd
[ 1567.177116][T20627] overlayfs: missing 'lowerdir'
[ 1567.191935][T20628] netlink: 'syz.5.4034': attribute type 10 has an invalid length.
[ 1567.199839][T20628] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4034'.
[ 1567.504018][T20634] 9pnet_fd: Insufficient options for proto=fd
[ 1567.526758][T20634] netlink: 'syz.1.4036': attribute type 10 has an invalid length.
[ 1567.534606][T20634] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4036'.
[ 1567.547575][T20635] 9pnet_fd: Insufficient options for proto=fd
[ 1567.727527][T20637] 9pnet_fd: Insufficient options for proto=fd
[ 1567.750958][T20639] 9pnet_fd: Insufficient options for proto=fd
[ 1567.788662][T20639] netlink: 'syz.1.4039': attribute type 10 has an invalid length.
[ 1567.796514][T20639] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4039'.
[ 1567.867277][T20637] netlink: 'syz.5.4038': attribute type 10 has an invalid length.
[ 1567.875209][T20637] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4038'.
[ 1567.998461][T20644] 9pnet_fd: Insufficient options for proto=fd
[ 1568.040923][T20647] 9pnet_fd: Insufficient options for proto=fd
[ 1568.058672][T20644] netlink: 'syz.1.4041': attribute type 10 has an invalid length.
[ 1568.426768][T20651] 9pnet_fd: Insufficient options for proto=fd
[ 1568.790012][T20660] 9pnet_fd: Insufficient options for proto=fd
[ 1568.857196][T20663] 9pnet_fd: Insufficient options for proto=fd
[ 1569.043828][T20668] 9pnet_fd: Insufficient options for proto=fd
[ 1569.155805][T20671] overlayfs: missing 'lowerdir'
[ 1570.015769][T20684] 9pnet_fd: Insufficient options for proto=fd
[ 1570.038796][T20688] 9pnet_fd: Insufficient options for proto=fd
[ 1570.123628][T20684] validate_nla: 5 callbacks suppressed
[ 1570.123640][T20684] netlink: 'syz.5.4056': attribute type 10 has an invalid length.
[ 1570.137082][T20684] __nla_validate_parse: 6 callbacks suppressed
[ 1570.137092][T20684] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4056'.
[ 1570.306298][T20691] 9pnet_fd: Insufficient options for proto=fd
[ 1570.339898][T20691] netlink: 'syz.4.4060': attribute type 10 has an invalid length.
[ 1570.347772][T20691] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4060'.
[ 1570.398748][T20693] 9pnet_fd: Insufficient options for proto=fd
[ 1570.434163][T20696] 9pnet_fd: Insufficient options for proto=fd
[ 1570.455810][T20696] netlink: 'syz.5.4061': attribute type 10 has an invalid length.
[ 1570.464044][T20696] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4061'.
[ 1570.530666][T20693] netlink: 'syz.2.4059': attribute type 10 has an invalid length.
[ 1570.540293][T20698] 9pnet_fd: Insufficient options for proto=fd
[ 1570.561489][T20698] netlink: 'syz.4.4062': attribute type 10 has an invalid length.
[ 1570.569604][T20698] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4062'.
[ 1570.599552][T20693] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4059'.
[ 1570.721569][T20702] 9pnet_fd: Insufficient options for proto=fd
[ 1570.795044][T20702] netlink: 'syz.5.4064': attribute type 10 has an invalid length.
[ 1570.802923][T20702] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4064'.
[ 1570.964040][T20711] 9pnet_fd: Insufficient options for proto=fd
[ 1571.407744][T20712] 9pnet_fd: Insufficient options for proto=fd
[ 1571.420763][T20711] netlink: 'syz.4.4068': attribute type 10 has an invalid length.
[ 1571.428644][T20711] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4068'.
[ 1572.665778][T20712] netlink: 'syz.2.4067': attribute type 10 has an invalid length.
[ 1572.673765][T20712] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4067'.
[ 1572.731676][T20719] 9pnet_fd: Insufficient options for proto=fd
[ 1574.094699][T20726] 9pnet_fd: Insufficient options for proto=fd
[ 1574.134759][T20726] netlink: 'syz.2.4072': attribute type 10 has an invalid length.
[ 1574.142646][T20726] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4072'.
[ 1574.180693][T20728] 9pnet_fd: Insufficient options for proto=fd
[ 1574.692190][T20732] 9pnet_fd: Insufficient options for proto=fd
[ 1574.707621][T20728] netlink: 'syz.1.4075': attribute type 10 has an invalid length.
[ 1574.715539][T20728] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4075'.
[ 1574.846970][T20738] 9pnet_fd: Insufficient options for proto=fd
[ 1574.971709][T20740] 9pnet_fd: Insufficient options for proto=fd
[ 1575.152938][T20749] 9pnet_fd: Insufficient options for proto=fd
[ 1575.203509][T20749] validate_nla: 3 callbacks suppressed
[ 1575.203520][T20749] netlink: 'syz.4.4084': attribute type 10 has an invalid length.
[ 1575.216843][T20749] __nla_validate_parse: 3 callbacks suppressed
[ 1575.216852][T20749] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4084'.
[ 1575.687683][T20752] 9pnet_fd: Insufficient options for proto=fd
[ 1575.739530][   T10] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[ 1575.795083][T20757] 9pnet_fd: Insufficient options for proto=fd
[ 1575.854932][T20757] netlink: 'syz.2.4087': attribute type 10 has an invalid length.
[ 1575.862917][T20757] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4087'.
[ 1575.918247][T20759] 9pnet_fd: Insufficient options for proto=fd
[ 1575.973796][T20759] netlink: 'syz.4.4088': attribute type 10 has an invalid length.
[ 1575.981840][T20759] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4088'.
[ 1576.032260][   T10] usb 9-1: Using ep0 maxpacket: 16
[ 1576.044755][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1576.059232][T20763] 9pnet_fd: Insufficient options for proto=fd
[ 1576.094702][T20763] netlink: 'syz.5.4090': attribute type 10 has an invalid length.
[ 1576.102770][T20763] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4090'.
[ 1576.133462][T20765] 9pnet_fd: Insufficient options for proto=fd
[ 1576.150528][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1576.214130][T20765] netlink: 'syz.2.4091': attribute type 10 has an invalid length.
[ 1576.222278][T20765] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4091'.
[ 1576.270091][   T10] usb 9-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[ 1576.279157][   T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1576.361682][   T10] usb 9-1: config 0 descriptor??
[ 1576.627143][T20775] overlayfs: missing 'lowerdir'
[ 1577.085359][T20781] netlink: 'syz.5.4098': attribute type 10 has an invalid length.
[ 1577.093558][T20781] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4098'.
[ 1577.225347][T20783] overlayfs: missing 'lowerdir'
[ 1577.377433][T20787] 9pnet_fd: Insufficient options for proto=fd
[ 1577.592449][T20791] 9pnet_fd: Insufficient options for proto=fd
[ 1577.691160][T20794] 9pnet_fd: Insufficient options for proto=fd
[ 1577.723997][T20791] netlink: 'syz.1.4102': attribute type 10 has an invalid length.
[ 1577.732040][T20791] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4102'.
[ 1577.760068][T20794] netlink: 'syz.4.4104': attribute type 10 has an invalid length.
[ 1577.767969][T20794] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4104'.
[ 1578.066271][T20802] 9pnet_fd: Insufficient options for proto=fd
[ 1578.095010][T20804] 9pnet_fd: Insufficient options for proto=fd
[ 1578.236507][   T10] usbhid 9-1:0.0: can't add hid device: -71
[ 1578.260138][T20804] netlink: 'syz.2.4109': attribute type 10 has an invalid length.
[ 1578.267982][T20804] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4109'.
[ 1578.279551][T20802] netlink: 'syz.1.4108': attribute type 10 has an invalid length.
[ 1578.287374][T20802] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4108'.
[ 1578.339475][   T10] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1578.411589][   T10] usb 9-1: USB disconnect, device number 13
[ 1581.840301][T20841] netlink: 'syz.8.4122': attribute type 10 has an invalid length.
[ 1581.848555][T20841] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4122'.
[ 1583.759308][T20854] 9pnet_fd: Insufficient options for proto=fd
[ 1584.992644][T20854] netlink: 'syz.4.4127': attribute type 10 has an invalid length.
[ 1585.000685][T20854] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4127'.
[ 1585.615970][T20869] 9pnet_fd: Insufficient options for proto=fd
[ 1585.671514][T20869] netlink: 'syz.5.4132': attribute type 10 has an invalid length.
[ 1585.679406][T20869] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4132'.
[ 1586.534946][T20882] 9pnet_fd: Insufficient options for proto=fd
[ 1586.579755][T20882] netlink: 'syz.5.4138': attribute type 10 has an invalid length.
[ 1586.587589][T20882] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4138'.
[ 1587.565948][T20894] 9pnet_fd: Insufficient options for proto=fd
[ 1587.584288][T20894] netlink: 'syz.5.4142': attribute type 10 has an invalid length.
[ 1587.594001][T20894] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4142'.
[ 1589.307978][T20899] netlink: 'syz.8.4145': attribute type 10 has an invalid length.
[ 1589.315866][T20899] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4145'.
[ 1589.567142][T20908] 9pnet_fd: Insufficient options for proto=fd
[ 1590.231170][T20908] netlink: 'syz.8.4147': attribute type 10 has an invalid length.
[ 1590.239017][T20908] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4147'.
[ 1593.651121][T20927] 9pnet_fd: Insufficient options for proto=fd
[ 1594.640132][T20927] netlink: 'syz.5.4144': attribute type 10 has an invalid length.
[ 1594.647966][T20927] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4144'.
[ 1595.935129][T20948] 9pnet_fd: Insufficient options for proto=fd
[ 1596.711381][T20948] netlink: 'syz.2.4158': attribute type 10 has an invalid length.
[ 1596.719502][T20948] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4158'.
[ 1601.660166][T20988] netlink: 'syz.8.4173': attribute type 10 has an invalid length.
[ 1601.668079][T20988] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4173'.
[ 1601.726967][T20994] 9pnet_fd: Insufficient options for proto=fd
[ 1601.761147][T20994] netlink: 'syz.5.4175': attribute type 10 has an invalid length.
[ 1601.769451][T20994] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4175'.
[ 1602.526233][T21003] 9pnet_fd: Insufficient options for proto=fd
[ 1602.574174][T21003] netlink: 'syz.4.4163': attribute type 10 has an invalid length.
[ 1602.583392][T21003] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4163'.
[ 1602.646836][T21006] 9pnet_fd: Insufficient options for proto=fd
[ 1602.681340][T21006] netlink: 'syz.5.4179': attribute type 10 has an invalid length.
[ 1602.689394][T21006] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4179'.
[ 1602.704676][T21009] 9pnet_fd: Insufficient options for proto=fd
[ 1603.644927][T21013] 9pnet_fd: Insufficient options for proto=fd
[ 1603.685278][T21018] 9pnet_fd: Insufficient options for proto=fd
[ 1603.854884][T21020] 9pnet_fd: Insufficient options for proto=fd
[ 1603.892885][T21020] netlink: 'syz.2.4187': attribute type 10 has an invalid length.
[ 1603.900924][T21020] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4187'.
[ 1603.923239][T21022] 9pnet_fd: Insufficient options for proto=fd
[ 1604.793730][T21032] 9pnet_fd: Insufficient options for proto=fd
[ 1604.811010][T21031] 9pnet_fd: Insufficient options for proto=fd
[ 1604.832548][T21032] netlink: 'syz.5.4191': attribute type 10 has an invalid length.
[ 1604.843209][T21032] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4191'.
[ 1605.066120][T21036] 9pnet_fd: Insufficient options for proto=fd
[ 1605.372533][T21034] netlink: 'syz.8.4192': attribute type 10 has an invalid length.
[ 1605.380818][T21034] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4192'.
[ 1605.544515][T21041] 9pnet_fd: Insufficient options for proto=fd
[ 1605.627167][T21041] netlink: 'syz.2.4196': attribute type 10 has an invalid length.
[ 1605.635060][T21041] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4196'.
[ 1606.032237][T21048] overlayfs: missing 'lowerdir'
[ 1607.986035][T21056] netlink: 'syz.8.4200': attribute type 10 has an invalid length.
[ 1607.994858][T21056] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4200'.
[ 1610.621206][T21087] netlink: 'syz.8.4207': attribute type 10 has an invalid length.
[ 1610.629646][T21087] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4207'.
[ 1613.180942][T21098] 9pnet_fd: Insufficient options for proto=fd
[ 1613.738084][T21098] netlink: 'syz.1.4208': attribute type 10 has an invalid length.
[ 1613.746123][T21098] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4208'.
[ 1613.817239][T21099] netlink: 'syz.8.4210': attribute type 10 has an invalid length.
[ 1613.825443][T21099] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4210'.
[ 1614.739926][T21114] 9pnet_fd: Insufficient options for proto=fd
[ 1614.932949][T21116] 9pnet_fd: Insufficient options for proto=fd
[ 1616.230286][T21139] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4224'.
[ 1616.418803][T21143] overlayfs: missing 'lowerdir'
[ 1616.521647][T21146] overlayfs: missing 'lowerdir'
[ 1617.463781][T21171] 9pnet_fd: Insufficient options for proto=fd
[ 1617.497860][T21171] netlink: 'syz.1.4238': attribute type 10 has an invalid length.
[ 1617.505940][T21171] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4238'.
[ 1618.296144][T21174] netlink: 'syz.8.4239': attribute type 10 has an invalid length.
[ 1618.306637][T21174] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4239'.
[ 1618.347656][T21189] xt_TCPMSS: Only works on TCP SYN packets
[ 1618.689045][T21202] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4252'.
[ 1619.059442][   T30] audit: type=1326 audit(1748967382.141:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21206 comm="syz.5.4253" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb7e738e969 code=0x0
[ 1619.647603][T21217] netlink: 'syz.1.4255': attribute type 5 has an invalid length.
[ 1619.694801][T21205] netlink: 'syz.8.4254': attribute type 10 has an invalid length.
[ 1619.702842][T21205] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4254'.
[ 1620.738916][T21227] netlink: 'syz.8.4258': attribute type 10 has an invalid length.
[ 1620.748233][T21227] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4258'.
[ 1621.037253][T21236] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1621.046960][T21236] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1621.056817][T21236] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1621.066319][T21236] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1621.193229][T21243] 9pnet_fd: Insufficient options for proto=fd
[ 1621.230001][T21243] netlink: 'syz.1.4263': attribute type 10 has an invalid length.
[ 1621.237839][T21243] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4263'.
[ 1621.285776][   T30] audit: type=1326 audit(1748967384.371:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21240 comm="syz.2.4262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef818e969 code=0x7fc00000
[ 1621.496476][T21248] 9pnet_fd: Insufficient options for proto=fd
[ 1621.525957][T21248] netlink: 'syz.4.4265': attribute type 10 has an invalid length.
[ 1621.534570][T21248] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4265'.
[ 1621.646984][   T30] audit: type=1326 audit(1748967384.731:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21246 comm="syz.1.4264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5a6f8e969 code=0x7fc00000
[ 1621.696442][T21255] 9pnet_fd: Insufficient options for proto=fd
[ 1621.714376][T21255] netlink: 'syz.4.4267': attribute type 10 has an invalid length.
[ 1621.722436][T21255] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4267'.
[ 1621.839486][T21258] 9pnet_fd: Insufficient options for proto=fd
[ 1621.858136][T21258] netlink: 'syz.1.4268': attribute type 10 has an invalid length.
[ 1621.867642][T21258] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4268'.
[ 1621.949347][   T30] audit: type=1326 audit(1748967385.021:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21240 comm="syz.2.4262" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0ef818e969 code=0x7fc00000
[ 1624.148983][T21287] FAULT_INJECTION: forcing a failure.
[ 1624.148983][T21287] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 1624.226382][T21287] CPU: 0 UID: 0 PID: 21287 Comm: syz.8.4279 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[ 1624.226410][T21287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1624.226422][T21287] Call Trace:
[ 1624.226430][T21287]  <TASK>
[ 1624.226439][T21287]  dump_stack_lvl+0x189/0x250
[ 1624.226472][T21287]  ? __pfx____ratelimit+0x10/0x10
[ 1624.226501][T21287]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1624.226529][T21287]  ? __pfx__printk+0x10/0x10
[ 1624.226548][T21287]  ? __might_fault+0xb0/0x130
[ 1624.226583][T21287]  should_fail_ex+0x414/0x560
[ 1624.226618][T21287]  _copy_from_user+0x2d/0xb0
[ 1624.226644][T21287]  ___sys_sendmsg+0x158/0x2a0
[ 1624.226670][T21287]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1624.226730][T21287]  ? __fget_files+0x2a/0x420
[ 1624.226762][T21287]  ? __fget_files+0x3a0/0x420
[ 1624.226799][T21287]  __x64_sys_sendmsg+0x19b/0x260
[ 1624.226826][T21287]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1624.226858][T21287]  ? __pfx_ksys_write+0x10/0x10
[ 1624.226879][T21287]  ? rcu_is_watching+0x15/0xb0
[ 1624.226913][T21287]  ? do_syscall_64+0xbe/0x3b0
[ 1624.226945][T21287]  do_syscall_64+0xfa/0x3b0
[ 1624.226972][T21287]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1624.226999][T21287]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1624.227018][T21287]  ? clear_bhb_loop+0x60/0xb0
[ 1624.227040][T21287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1624.227058][T21287] RIP: 0033:0x7f89a538e969
[ 1624.227075][T21287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1624.227091][T21287] RSP: 002b:00007f89a6132038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1624.227111][T21287] RAX: ffffffffffffffda RBX: 00007f89a55b6080 RCX: 00007f89a538e969
[ 1624.227124][T21287] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000007
[ 1624.227136][T21287] RBP: 00007f89a6132090 R08: 0000000000000000 R09: 0000000000000000
[ 1624.227147][T21287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1624.227158][T21287] R13: 0000000000000000 R14: 00007f89a55b6080 R15: 00007ffdb36c29d8
[ 1624.227186][T21287]  </TASK>
[ 1624.483138][T21290] 9pnet_fd: Insufficient options for proto=fd
[ 1624.833534][T21290] netlink: 'syz.2.4281': attribute type 10 has an invalid length.
[ 1624.841957][T21290] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4281'.
[ 1626.193710][T21306] FAULT_INJECTION: forcing a failure.
[ 1626.193710][T21306] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1626.219460][T21306] CPU: 1 UID: 0 PID: 21306 Comm: syz.8.4286 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[ 1626.219490][T21306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1626.219503][T21306] Call Trace:
[ 1626.219512][T21306]  <TASK>
[ 1626.219521][T21306]  dump_stack_lvl+0x189/0x250
[ 1626.219559][T21306]  ? __pfx____ratelimit+0x10/0x10
[ 1626.219591][T21306]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1626.219623][T21306]  ? __pfx__printk+0x10/0x10
[ 1626.219658][T21306]  should_fail_ex+0x414/0x560
[ 1626.219697][T21306]  _copy_to_user+0x31/0xb0
[ 1626.219726][T21306]  simple_read_from_buffer+0xe1/0x170
[ 1626.219760][T21306]  proc_fail_nth_read+0x1df/0x250
[ 1626.219797][T21306]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1626.219835][T21306]  ? rw_verify_area+0x258/0x650
[ 1626.219859][T21306]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1626.219895][T21306]  vfs_read+0x200/0x980
[ 1626.219926][T21306]  ? __pfx___mutex_lock+0x10/0x10
[ 1626.219960][T21306]  ? __pfx_vfs_read+0x10/0x10
[ 1626.219987][T21306]  ? __fget_files+0x2a/0x420
[ 1626.220022][T21306]  ? __fget_files+0x3a0/0x420
[ 1626.220051][T21306]  ? __fget_files+0x2a/0x420
[ 1626.220091][T21306]  ksys_read+0x145/0x250
[ 1626.220114][T21306]  ? __fget_files+0x2a/0x420
[ 1626.220146][T21306]  ? __pfx_ksys_read+0x10/0x10
[ 1626.220179][T21306]  ? do_syscall_64+0xbe/0x3b0
[ 1626.220216][T21306]  do_syscall_64+0xfa/0x3b0
[ 1626.220247][T21306]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1626.220277][T21306]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1626.220298][T21306]  ? clear_bhb_loop+0x60/0xb0
[ 1626.220325][T21306]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1626.220352][T21306] RIP: 0033:0x7f89a538d37c
[ 1626.220371][T21306] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1626.220390][T21306] RSP: 002b:00007f89a6153030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1626.220412][T21306] RAX: ffffffffffffffda RBX: 00007f89a55b5fa0 RCX: 00007f89a538d37c
[ 1626.220429][T21306] RDX: 000000000000000f RSI: 00007f89a61530a0 RDI: 0000000000000003
[ 1626.220442][T21306] RBP: 00007f89a6153090 R08: 0000000000000000 R09: 0000000015b77000
[ 1626.220456][T21306] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001
[ 1626.220469][T21306] R13: 0000000000000000 R14: 00007f89a55b5fa0 R15: 00007ffdb36c29d8
[ 1626.220502][T21306]  </TASK>
[ 1626.793846][T21314] tipc: Started in network mode
[ 1626.798758][T21314] tipc: Node identity ac14140f, cluster identity 4711
[ 1626.815117][T21314] tipc: New replicast peer: 255.255.255.255
[ 1626.836147][T21314] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1626.904706][T21318] 9pnet_fd: Insufficient options for proto=fd
[ 1626.932360][T21318] netlink: 'syz.1.4288': attribute type 10 has an invalid length.
[ 1626.940353][T21318] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4288'.
[ 1627.689307][   T30] audit: type=1326 audit(1748967390.771:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21336 comm="syz.1.4301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5a6f8e969 code=0x7fc00000
[ 1627.960941][T10438] tipc: Node number set to 2886997007
[ 1628.053811][T21354] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1628.202651][T21354] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1628.240987][T21362] netlink: 'syz.2.4312': attribute type 2 has an invalid length.
[ 1628.259966][T21363] 9pnet_fd: Insufficient options for proto=fd
[ 1628.327236][T21354] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1628.387603][T21348] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4305'.
[ 1628.422935][   T30] audit: type=1326 audit(1748967391.511:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21336 comm="syz.1.4301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe5a6f8e969 code=0x7fc00000
[ 1628.498776][T21354] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1628.509120][T21371] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4314'.
[ 1628.598637][T21373] 9pnet_fd: Insufficient options for proto=fd
[ 1628.616030][T21373] netlink: 'syz.5.4315': attribute type 10 has an invalid length.
[ 1628.624719][T21373] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4315'.
[ 1628.786908][T21380] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4317'.
[ 1628.817161][T21380] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4317'.
[ 1628.843770][T21354] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1628.912447][T21354] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1628.944798][T21354] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1628.968414][T21354] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1629.315537][T21396] 9pnet_fd: Insufficient options for proto=fd
[ 1629.509566][   T43] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[ 1629.679556][   T43] usb 9-1: Using ep0 maxpacket: 32
[ 1629.720060][   T43] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1629.747433][   T43] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1629.762391][   T43] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1629.805559][   T43] usb 9-1: Product: syz
[ 1629.819932][   T43] usb 9-1: Manufacturer: syz
[ 1629.824693][   T43] usb 9-1: SerialNumber: syz
[ 1629.855112][   T43] usb 9-1: config 0 descriptor??
[ 1630.173744][T21420] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4332'.
[ 1630.184914][T18065] usb 9-1: USB disconnect, device number 14
[ 1630.203943][T21423] kernel read not supported for file /��7���âW)�s���!Q���fs�l{T�r�)r��O���2:"��T+͟v|�ղDvc���֠�6�x�c: (pid: 21423 comm: syz.4.4333)
[ 1630.219416][   T30] audit: type=1800 audit(1748967393.311:674): pid=21423 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.4333" name=A0F29C1437B3CFF8C3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=47632 res=0 errno=0
[ 1630.594136][T21428] 9pnet_fd: Insufficient options for proto=fd
[ 1631.146290][T21439] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1631.225729][T21447] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4343'.
[ 1632.408976][   T30] audit: type=1326 audit(1748967395.491:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21464 comm="syz.2.4350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef818e969 code=0x7fc00000
[ 1632.447978][T21469] x_tables: duplicate underflow at hook 4
[ 1633.042897][T21488] 9pnet_fd: Insufficient options for proto=fd
[ 1633.064810][T21488] netlink: 'syz.5.4357': attribute type 10 has an invalid length.
[ 1633.072853][T21488] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4357'.
[ 1633.136210][   T30] audit: type=1326 audit(1748967396.211:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21464 comm="syz.2.4350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0ef818e969 code=0x7fc00000
[ 1633.301328][T21494] 9pnet_fd: Insufficient options for proto=fd
[ 1633.367072][T21494] netlink: 'syz.1.4359': attribute type 10 has an invalid length.
[ 1633.375100][T21494] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4359'.
[ 1633.537265][T21501] o2cb: This node has not been configured.
[ 1633.552439][T21501] o2cb: Cluster check failed. Fix errors before retrying.
[ 1633.577547][T21501] (syz.8.4364,21501,1):user_dlm_register:674 ERROR: status = -22
[ 1633.597317][T21501] (syz.8.4364,21501,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[ 1633.632937][T21509] netlink: 'syz.8.4364': attribute type 1 has an invalid length.
[ 1633.651738][T21509] netlink: 56 bytes leftover after parsing attributes in process `syz.8.4364'.
[ 1634.143174][   T43] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[ 1634.259726][T21525] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4372'.
[ 1634.294237][   T43] usb 9-1: device descriptor read/64, error -71
[ 1634.404537][T21533] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4373'.
[ 1634.494568][T21535] 9pnet_fd: Insufficient options for proto=fd
[ 1634.528108][T21535] netlink: 'syz.5.4375': attribute type 10 has an invalid length.
[ 1634.536124][T21535] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4375'.
[ 1634.545212][   T43] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[ 1634.709436][   T43] usb 9-1: device descriptor read/64, error -71
[ 1634.822002][   T43] usb usb9-port1: attempt power cycle
[ 1635.541384][   T43] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[ 1635.571226][   T43] usb 9-1: device descriptor read/8, error -71
[ 1635.809609][   T43] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[ 1635.862730][   T43] usb 9-1: device descriptor read/8, error -71
[ 1636.250340][   T43] usb usb9-port1: unable to enumerate USB device
[ 1636.930877][T21569] netlink: 80 bytes leftover after parsing attributes in process `syz.5.4387'.
[ 1636.992661][T21569] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4387'.
[ 1637.021357][T21569] tipc: MTU too low for tipc bearer
[ 1637.361260][T21573] netlink: 'syz.8.4388': attribute type 10 has an invalid length.
[ 1637.369518][T21573] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4388'.
[ 1637.767300][   T30] audit: type=1326 audit(1748967400.811:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21540 comm="syz.1.4378" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5a6f8e969 code=0x7fc00000
[ 1638.583347][T21580] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4390'.
[ 1638.769364][   T10] usb 9-1: new full-speed USB device number 19 using dummy_hcd
[ 1638.881020][T21586] netlink: 52 bytes leftover after parsing attributes in process `syz.4.4395'.
[ 1638.932624][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1638.956128][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1638.983002][   T10] usb 9-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[ 1639.014586][   T10] usb 9-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1639.118656][   T10] usb 9-1: Manufacturer: syz
[ 1639.136595][   T10] usb 9-1: config 0 descriptor??
[ 1639.984565][   T10] cougar 0003:060B:700A.000E: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.8-1/input0
[ 1640.022959][T21604] 9pnet_fd: Insufficient options for proto=fd
[ 1640.032880][T21605] 9pnet_fd: Insufficient options for proto=fd
[ 1640.103801][T21604] netlink: 'syz.5.4399': attribute type 10 has an invalid length.
[ 1640.111672][T21604] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4399'.
[ 1640.139906][T21605] netlink: 'syz.1.4400': attribute type 10 has an invalid length.
[ 1640.147719][T21605] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4400'.
[ 1640.222878][T21577] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4389'.
[ 1640.453902][   T10] usb 9-1: USB disconnect, device number 19
[ 1640.723289][T21610] fido_id[21610]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory
[ 1640.740842][T21634] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4411'.
[ 1640.881720][T21639] 9pnet_fd: Insufficient options for proto=fd
[ 1640.897296][T21639] netlink: 'syz.5.4413': attribute type 10 has an invalid length.
[ 1640.905689][T21639] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4413'.
[ 1641.200369][T21648] kvm: vcpu 0: requested 1664 ns lapic timer period limited to 200000 ns
[ 1641.313924][   T30] audit: type=1326 audit(1748967404.401:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21649 comm="syz.5.4417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e738e969 code=0x7fc00000
[ 1641.865026][T21679] 9pnet_fd: Insufficient options for proto=fd
[ 1641.884964][T21679] netlink: 'syz.4.4425': attribute type 10 has an invalid length.
[ 1641.973397][   T30] audit: type=1326 audit(1748967405.061:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21649 comm="syz.5.4417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb7e738e969 code=0x7fc00000
[ 1642.089554][   T10] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[ 1642.094124][T21686] __nla_validate_parse: 16 callbacks suppressed
[ 1642.094141][T21686] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4428'.
[ 1642.114332][T19192] IPVS: starting estimator thread 0...
[ 1642.222296][T21691] IPVS: using max 31 ests per chain, 74400 per kthread
[ 1642.229372][   T10] usb 9-1: device descriptor read/64, error -71
[ 1642.469528][   T10] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[ 1642.535177][T21704] netlink: 104 bytes leftover after parsing attributes in process `syz.5.4436'.
[ 1642.609531][   T10] usb 9-1: device descriptor read/64, error -71
[ 1642.731815][   T10] usb usb9-port1: attempt power cycle
[ 1643.072631][T21710] 9pnet_fd: Insufficient options for proto=fd
[ 1643.079512][   T10] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[ 1643.103467][T21710] netlink: 'syz.1.4438': attribute type 10 has an invalid length.
[ 1643.112038][T21710] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4438'.
[ 1643.121925][   T10] usb 9-1: device descriptor read/8, error -71
[ 1643.389433][   T10] usb 9-1: new high-speed USB device number 23 using dummy_hcd
[ 1643.438601][   T10] usb 9-1: device descriptor read/8, error -71
[ 1643.560328][   T10] usb usb9-port1: unable to enumerate USB device
[ 1644.941698][T21740] batadv_slave_0: entered promiscuous mode
[ 1644.963527][T21740] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4450'.
[ 1644.972759][T21740] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1645.032788][T21740] batadv_slave_0 (unregistering): left promiscuous mode
[ 1645.053076][T21740] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1646.103818][T21752] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4453'.
[ 1646.187425][   T30] audit: type=1800 audit(1748967409.271:680): pid=21756 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.4456" name=A0F29C1437B3CFF8C3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=47691 res=0 errno=0
[ 1646.378509][T21762] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4459'.
[ 1646.423135][T21762] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[ 1648.370161][T21810] 9pnet_fd: Insufficient options for proto=fd
[ 1648.422319][T16378] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1648.452610][T16378] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1648.801999][T16378] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1648.832419][T16378] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1649.034148][T16378] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1649.070481][T16378] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1649.123012][T21825] syz_tun: entered allmulticast mode
[ 1649.206028][T21825] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4486'.
[ 1649.263474][T21825] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4486'.
[ 1649.282115][T16378] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1649.320858][T16378] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1649.394083][T21823] syz_tun: left allmulticast mode
[ 1649.440228][T21831] ipvlan2: entered promiscuous mode
[ 1649.449484][T21831] ipvlan2: entered allmulticast mode
[ 1649.469168][T21831] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[ 1649.534202][T21838] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4490'.
[ 1649.569382][T21838] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4490'.
[ 1649.722985][T21843] kernel read not supported for file /��7���âW)�s���!Q���fs�l{T�r�)r��O���2:"��T+͟v|�ղDvc���֠�6�x�c: (pid: 21843 comm: syz.5.4493)
[ 1649.746580][   T30] audit: type=1800 audit(1748967412.831:681): pid=21843 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.5.4493" name=A0F29C1437B3CFF8C3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=63032 res=0 errno=0
[ 1649.793684][T12268] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1649.810809][T16378] bridge_slave_1: left allmulticast mode
[ 1649.813615][T12268] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1649.816826][T16378] bridge_slave_1: left promiscuous mode
[ 1649.829795][T12268] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1649.846621][T12268] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1649.855322][T12268] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1649.880642][T16378] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1649.896406][T16378] bridge_slave_0: left allmulticast mode
[ 1649.904782][T16378] bridge_slave_0: left promiscuous mode
[ 1649.910860][T16378] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1649.930485][T16378] tipc: Resetting bearer <ib:tunl0>
[ 1650.098768][T16378] bond1 (unregistering): (slave ip6gretap1): Releasing active interface
[ 1650.115914][T16378] bond1 (unregistering): (slave ip6gretap1): the permanent HWaddr of slave - d2:83:40:ef:c6:c8 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[ 1650.138127][T16378] bond1 (unregistering): (slave erspan0): making interface the new active one
[ 1650.308461][T16378] bond1 (unregistering): (slave erspan0): Releasing active interface
[ 1650.385910][T16378] tipc: Disabling bearer <ib:tunl0>
[ 1650.415154][T16378] dvmrp8 (unregistering): left allmulticast mode
[ 1650.472096][T16378] team0: Port device geneve0 removed
[ 1650.738869][T21869] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1650.873902][T21872] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4501'.
[ 1650.976947][T16378] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1651.006758][T16378] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1651.082867][T16378] bond0 (unregistering): Released all slaves
[ 1651.301606][T16378] bond1 (unregistering): (slave veth3): Releasing active interface
[ 1651.314887][T16378] bond1 (unregistering): Released all slaves
[ 1651.418854][T21841] lo speed is unknown, defaulting to 1000
[ 1651.437148][T21841] lo speed is unknown, defaulting to 1000
[ 1651.479341][   T30] audit: type=1326 audit(1748967414.551:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21866 comm="syz.2.4502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef818e969 code=0x7fc00000
[ 1651.910671][T19808] Bluetooth: hci2: command tx timeout
[ 1652.009972][T21841] lo speed is unknown, defaulting to 1000
[ 1652.579524][   T30] audit: type=1326 audit(1748967415.631:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21890 comm="syz.8.4506" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89a538e969 code=0x7fc00000
[ 1652.792266][T16378] tipc: Left network mode
[ 1653.274773][T21841] chnl_net:caif_netlink_parms(): no params data found
[ 1653.999390][T19808] Bluetooth: hci2: command tx timeout
[ 1655.282805][T21920] SET target dimension over the limit!
[ 1656.070411][T19808] Bluetooth: hci2: command tx timeout
[ 1656.434067][T21933] netlink: 788 bytes leftover after parsing attributes in process `syz.5.4516'.
[ 1656.473201][T21841] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1656.495104][T21841] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1656.559633][T21841] bridge_slave_0: entered allmulticast mode
[ 1656.567327][T21841] bridge_slave_0: entered promiscuous mode
[ 1656.644143][T16378] hsr_slave_0: left promiscuous mode
[ 1656.663022][T16378] hsr_slave_1: left promiscuous mode
[ 1656.668984][T16378] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1656.679399][T21938] netlink: 20 bytes leftover after parsing attributes in process `syz.8.4517'.
[ 1656.698686][T16378] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1656.738251][T16378] veth1_macvtap: left promiscuous mode
[ 1656.759786][T16378] veth0_macvtap: left promiscuous mode
[ 1656.775624][T16378] veth1_vlan: left promiscuous mode
[ 1656.795845][T16378] veth0_vlan: left promiscuous mode
[ 1657.794102][T16378] team0 (unregistering): Port device team_slave_1 removed
[ 1657.851989][T16378] team0 (unregistering): Port device team_slave_0 removed
[ 1658.149449][T19808] Bluetooth: hci2: command tx timeout
[ 1658.462830][T21841] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1658.484251][T21841] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1658.494680][T21841] bridge_slave_1: entered allmulticast mode
[ 1658.507222][T21841] bridge_slave_1: entered promiscuous mode
[ 1658.567685][T21961] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4525'.
[ 1658.576774][T21961] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4525'.
[ 1658.703482][T21841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1658.742611][T21841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1659.452741][T21841] team0: Port device team_slave_0 added
[ 1659.562257][T21841] team0: Port device team_slave_1 added
[ 1659.867752][T21981] kernel read not supported for file /��7���âW)�s���!Q���fs�l{T�r�)r��O���2:"��T+͟v|�ղDvc���֠�6�x�c: (pid: 21981 comm: syz.5.4533)
[ 1659.907730][T21841] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1659.926611][T21841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1659.926623][   T30] audit: type=1800 audit(1748967423.001:684): pid=21981 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.5.4533" name=A0F29C1437B3CFF8C3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=63032 res=0 errno=0
[ 1662.112053][T21990] 9pnet_fd: Insufficient options for proto=fd
[ 1662.219446][T21841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1662.228115][T21993] SET target dimension over the limit!
[ 1662.238862][T16378] IPVS: stop unused estimator thread 0...
[ 1662.320304][T21997] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4536'.
[ 1662.338357][T21987] bridge1: entered promiscuous mode
[ 1662.365514][T21841] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1662.386429][T21841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1662.429531][T21879] usb 9-1: new full-speed USB device number 24 using dummy_hcd
[ 1662.496087][T21841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1662.570696][T22003] 9pnet_fd: Insufficient options for proto=fd
[ 1662.594583][T22003] netlink: 'syz.5.4539': attribute type 10 has an invalid length.
[ 1662.603014][T22003] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4539'.
[ 1662.634270][T21879] usb 9-1: config 0 has an invalid interface number: 160 but max is 0
[ 1662.644652][T21879] usb 9-1: config 0 has no interface number 0
[ 1662.663033][T21879] usb 9-1: config 0 interface 160 has no altsetting 0
[ 1662.696034][T21879] usb 9-1: New USB device found, idVendor=a6da, idProduct=1e78, bcdDevice=56.e4
[ 1662.707204][T21879] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1662.729525][T21879] usb 9-1: Product: syz
[ 1662.733714][T21879] usb 9-1: Manufacturer: syz
[ 1662.738323][T21879] usb 9-1: SerialNumber: syz
[ 1662.773584][T21879] usb 9-1: config 0 descriptor??
[ 1662.785492][T21879] usb-storage 9-1:0.160: USB Mass Storage device detected
[ 1662.932846][T21841] hsr_slave_0: entered promiscuous mode
[ 1662.958319][T21841] hsr_slave_1: entered promiscuous mode
[ 1662.994678][   T10] usb 9-1: USB disconnect, device number 24
[ 1663.132857][T22016] openvswitch: netlink: Missing key (keys=44, expected=10000000)
[ 1663.150057][   T30] audit: type=1326 audit(1748967426.241:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22013 comm="syz.5.4543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1663.234400][   T30] audit: type=1326 audit(1748967426.241:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22013 comm="syz.5.4543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1663.308580][   T30] audit: type=1326 audit(1748967426.261:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22013 comm="syz.5.4543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1663.357110][   T30] audit: type=1326 audit(1748967426.261:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22013 comm="syz.5.4543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1663.413452][T22020] 9pnet_fd: Insufficient options for proto=fd
[ 1663.432763][   T30] audit: type=1326 audit(1748967426.261:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22013 comm="syz.5.4543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1663.457679][T22020] netlink: 'syz.4.4546': attribute type 10 has an invalid length.
[ 1663.465565][T22020] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4546'.
[ 1663.517559][T22024] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[ 1663.539774][   T30] audit: type=1326 audit(1748967426.271:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22013 comm="syz.5.4543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1663.704590][   T30] audit: type=1326 audit(1748967426.271:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22013 comm="syz.5.4543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1663.831870][   T30] audit: type=1326 audit(1748967426.271:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22013 comm="syz.5.4543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1663.945747][   T30] audit: type=1326 audit(1748967426.271:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22013 comm="syz.5.4543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1663.998016][T21841] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1664.041432][T22036] 9pnet_fd: Insufficient options for proto=fd
[ 1664.064681][T22031] netlink: 'syz.8.4549': attribute type 4 has an invalid length.
[ 1664.112707][T21841] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1664.138067][T22036] netlink: 'syz.4.4551': attribute type 10 has an invalid length.
[ 1664.147867][T22036] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4551'.
[ 1664.163491][T21841] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1664.191068][T22038] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4552'.
[ 1664.239910][T22038] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4552'.
[ 1664.242583][T21841] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1664.273222][T22040] 9pnet_fd: Insufficient options for proto=fd
[ 1664.301654][T22040] netlink: 'syz.5.4553': attribute type 10 has an invalid length.
[ 1664.311313][T22040] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4553'.
[ 1664.554869][T21841] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1664.595536][T21841] 8021q: adding VLAN 0 to HW filter on device team0
[ 1664.624603][T16378] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1664.631810][T16378] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1664.649061][ T2215] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1664.656264][ T2215] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1664.809829][T19192] usb 9-1: new full-speed USB device number 25 using dummy_hcd
[ 1664.984610][T19192] usb 9-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1665.012239][T19192] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1665.047359][T19192] usb 9-1: config 0 descriptor??
[ 1665.083132][T19192] cp210x 9-1:0.0: cp210x converter detected
[ 1665.214494][T22057] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4558'.
[ 1665.238425][T21841] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1665.267833][T22061] netlink: 'syz.4.4561': attribute type 16 has an invalid length.
[ 1665.290037][T22063] 9pnet_fd: Insufficient options for proto=fd
[ 1665.310384][T22061] netlink: 'syz.4.4561': attribute type 3 has an invalid length.
[ 1665.326700][T22061] netlink: 64066 bytes leftover after parsing attributes in process `syz.4.4561'.
[ 1665.497891][T19192] usb 9-1: cp210x converter now attached to ttyUSB0
[ 1665.684784][T22048] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1665.721623][T19192] usb 9-1: USB disconnect, device number 25
[ 1665.747908][T19192] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1665.819400][T19192] cp210x 9-1:0.0: device disconnected
[ 1666.424850][T22083] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1666.448837][T22083] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1666.456993][T22083] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1667.295047][T21841] veth0_vlan: entered promiscuous mode
[ 1667.453190][T22096] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4568'.
[ 1667.457072][T21841] veth1_vlan: entered promiscuous mode
[ 1667.922063][T21841] veth0_macvtap: entered promiscuous mode
[ 1667.949670][T21841] veth1_macvtap: entered promiscuous mode
[ 1668.007046][T21841] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1668.063514][T21841] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1668.112333][T21841] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1668.140357][T22117] s
z1: rxe_newlink: already configured on lo
[ 1668.149593][T21841] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1668.158314][T21841] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1668.179612][T21841] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1668.596268][T17635] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1668.617703][T17635] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1669.456832][T17633] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1669.487573][T17633] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1670.379472][   T30] kauditd_printk_skb: 11 callbacks suppressed
[ 1670.379489][   T30] audit: type=1326 audit(1748967433.401:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22142 comm="syz.4.4583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f6118e969 code=0x7fc00000
[ 1670.601246][   T30] audit: type=1326 audit(1748967433.431:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22142 comm="syz.4.4583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f6118e969 code=0x7fc00000
[ 1670.788561][   T30] audit: type=1326 audit(1748967433.501:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22142 comm="syz.4.4583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f6118e969 code=0x7fc00000
[ 1671.521777][T22123] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[ 1674.413660][   T30] audit: type=1326 audit(1748967437.331:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22142 comm="syz.4.4583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f6118e969 code=0x7fc00000
[ 1675.231666][T22123] usb 10-1: Using ep0 maxpacket: 8
[ 1675.300529][T22123] usb 10-1: device descriptor read/all, error -71
[ 1675.696898][   T30] audit: type=1326 audit(1748967438.781:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22176 comm="syz.5.4591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e738e969 code=0x7fc00000
[ 1676.009433][T22123] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[ 1676.172507][T22123] usb 10-1: config 48 has an invalid descriptor of length 0, skipping remainder of the config
[ 1676.190877][T22123] usb 10-1: config 48 interface 0 altsetting 98 endpoint 0x4 has an invalid bInterval 0, changing to 7
[ 1676.205526][T22123] usb 10-1: config 48 interface 0 altsetting 98 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1676.215985][T22123] usb 10-1: config 48 interface 0 altsetting 98 endpoint 0x8 has invalid wMaxPacketSize 0
[ 1676.229413][T22123] usb 10-1: config 48 interface 0 altsetting 98 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1676.246076][T22123] usb 10-1: config 48 interface 0 has no altsetting 0
[ 1676.268719][T22123] usb 10-1: New USB device found, idVendor=1784, idProduct=0006, bcdDevice=bb.2f
[ 1676.284633][T22123] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1676.293254][T22123] usb 10-1: Product: syz
[ 1676.297976][T22123] usb 10-1: Manufacturer: syz
[ 1676.302962][T10438] usb 9-1: new high-speed USB device number 26 using dummy_hcd
[ 1676.320694][T22123] usb 10-1: SerialNumber: syz
[ 1676.374523][   T30] audit: type=1326 audit(1748967439.451:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22176 comm="syz.5.4591" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb7e738e969 code=0x7fc00000
[ 1676.488064][T10438] usb 9-1: Using ep0 maxpacket: 8
[ 1676.495600][T10438] usb 9-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1676.509642][T10438] usb 9-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[ 1676.519142][T10438] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1676.541145][T10438] usb 9-1: Product: syz
[ 1676.552768][T22183] mkiss: ax0: crc mode is auto.
[ 1676.575309][T22183] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4594'.
[ 1676.589592][T10438] usb 9-1: Manufacturer: syz
[ 1676.605968][T10438] usb 9-1: SerialNumber: syz
[ 1676.636695][T10438] usb 9-1: config 0 descriptor??
[ 1676.664415][T10438] streamzap 9-1:0.0: streamzap_probe: Unexpected desc.bNumEndpoints (0)
[ 1676.820688][T22123] usb 10-1: USB disconnect, device number 3
[ 1676.921215][T22195] ptm ptm1: ldisc open failed (-12), clearing slot 1
[ 1677.076567][T22123] usb 9-1: USB disconnect, device number 26
[ 1677.676196][T22226] netlink: 'syz.8.4607': attribute type 10 has an invalid length.
[ 1677.689291][T22226] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4607'.
[ 1678.070512][T22236] xt_hashlimit: invalid interval
[ 1678.076119][T22223] xt_hashlimit: invalid interval
[ 1678.232867][T22247] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4610'.
[ 1678.242031][T22247] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4610'.
[ 1678.949016][T22258] sit0: entered promiscuous mode
[ 1678.955733][T22257] kernel read not supported for file /��7���âW)�s���!Q���fs�l{T�r�)r��O���2:"��T+͟v|�ղDvc���֠�6�x�c: (pid: 22257 comm: syz.2.4616)
[ 1679.002403][T22258] netlink: 'syz.8.4614': attribute type 1 has an invalid length.
[ 1679.011284][T22258] netlink: 1 bytes leftover after parsing attributes in process `syz.8.4614'.
[ 1679.023324][   T30] audit: type=1800 audit(1748967442.111:711): pid=22257 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.4616" name=A0F29C1437B3CFF8C3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=47691 res=0 errno=0
[ 1679.967644][   T30] audit: type=1326 audit(1748967443.051:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22261 comm="syz.4.4618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f6118e969 code=0x7fc00000
[ 1680.859519][ T5978] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[ 1681.120016][ T5978] usb 10-1: Using ep0 maxpacket: 32
[ 1681.213051][ T5978] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1681.385321][ T5978] usb 10-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16
[ 1681.535067][ T5978] usb 10-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1024
[ 1681.706953][ T5978] usb 10-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 26
[ 1681.762501][T22276] openvswitch: netlink: Missing key (keys=44, expected=10000000)
[ 1681.898520][ T5978] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1682.019175][ T5978] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1682.079480][T21877] usb 9-1: new high-speed USB device number 27 using dummy_hcd
[ 1682.123453][ T5978] usb 10-1: SerialNumber: syz
[ 1682.261536][ T5978] usb 10-1: can't set config #1, error -71
[ 1682.337916][ T5978] usb 10-1: USB disconnect, device number 4
[ 1682.356700][T21877] usb 9-1: config 0 has an invalid interface number: 135 but max is 0
[ 1682.427019][T21877] usb 9-1: config 0 has no interface number 0
[ 1682.499536][T21877] usb 9-1: config 0 interface 135 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 32
[ 1682.540829][T21877] usb 9-1: config 0 interface 135 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[ 1682.571099][T21877] usb 9-1: New USB device found, idVendor=05ac, idProduct=1402, bcdDevice=45.65
[ 1682.609329][T21877] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1682.617653][T21877] usb 9-1: Product: syz
[ 1682.653849][T21877] usb 9-1: Manufacturer: syz
[ 1682.660258][T21877] usb 9-1: SerialNumber: syz
[ 1682.690314][T21877] usb 9-1: config 0 descriptor??
[ 1682.696523][T22275] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[ 1682.721654][T22275] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[ 1683.036443][T21877] asix 9-1:0.135 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1683.249582][T21877] asix 9-1:0.135: probe with driver asix failed with error -71
[ 1683.286899][T21877] usb 9-1: USB disconnect, device number 27
[ 1685.458995][T22318] netlink: 'syz.9.4634': attribute type 10 has an invalid length.
[ 1685.473959][T22318] netlink: 40 bytes leftover after parsing attributes in process `syz.9.4634'.
[ 1685.798040][T22318] team0: Port device geneve0 added
[ 1685.834306][T22323] sch_tbf: burst 0 is lower than device lo mtu (18) !
[ 1688.761959][T22364] netlink: 'syz.9.4650': attribute type 10 has an invalid length.
[ 1688.770218][T22364] netlink: 40 bytes leftover after parsing attributes in process `syz.9.4650'.
[ 1689.842542][T22380] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4657'.
[ 1690.207547][T22123] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[ 1690.731712][T22123] usb 10-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1690.741449][T22123] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1690.794843][T22123] usb 10-1: config 0 descriptor??
[ 1690.843290][T21877] usb 9-1: new high-speed USB device number 29 using dummy_hcd
[ 1690.850355][T22123] cp210x 10-1:0.0: cp210x converter detected
[ 1691.031513][T21877] usb 9-1: Using ep0 maxpacket: 16
[ 1691.047994][T21877] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1691.098006][T21877] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1691.524994][T21877] usb 9-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[ 1691.572770][T21877] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1691.614898][T21877] usb 9-1: config 0 descriptor??
[ 1691.738917][T22123] cp210x 10-1:0.0: failed to get vendor val 0x000e size 3: -71
[ 1691.764416][T22123] cp210x 10-1:0.0: failed to get vendor val 0x370c size 73: -71
[ 1691.797810][T22123] cp210x 10-1:0.0: GPIO initialisation failed: -71
[ 1691.845898][T22123] usb 10-1: cp210x converter now attached to ttyUSB0
[ 1691.952565][T22123] usb 10-1: USB disconnect, device number 5
[ 1691.988593][T22123] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1692.047282][T22123] cp210x 10-1:0.0: device disconnected
[ 1692.839755][ T5881] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[ 1693.023321][T22441] 9pnet_fd: Insufficient options for proto=fd
[ 1693.045471][ T5881] usb 10-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[ 1693.144059][T21877] usbhid 9-1:0.0: can't add hid device: -71
[ 1693.154450][ T5881] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1693.189601][T21877] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1693.198497][ T5881] usb 10-1: config 0 descriptor??
[ 1693.245422][T21877] usb 9-1: USB disconnect, device number 29
[ 1693.247857][ T5881] input: bcm5974 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/input/input19
[ 1695.364054][T22435] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4678'.
[ 1695.422451][T22435] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4678'.
[ 1695.446831][T22456] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4687'.
[ 1695.466641][T22456] vxcan0: tx drop: invalid da for name 0xffffffffffffffff
[ 1695.911892][T21879] usb 10-1: USB disconnect, device number 6
[ 1697.329417][   T30] audit: type=1326 audit(1748967460.381:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22469 comm="syz.2.4692" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ef818e969 code=0x7fc00000
[ 1698.384536][ T3081] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[ 1698.605356][ T3081] usb 10-1: Using ep0 maxpacket: 16
[ 1698.633140][ T3081] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1698.718116][ T3081] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1698.739161][ T3081] usb 10-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00
[ 1698.748978][ T3081] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1698.792121][ T3081] usb 10-1: config 0 descriptor??
[ 1698.937404][T22502] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4702'.
[ 1700.617031][ T3081] usbhid 10-1:0.0: can't add hid device: -71
[ 1700.649507][ T3081] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1700.726637][ T3081] usb 10-1: USB disconnect, device number 7
[ 1700.762512][T22520] kernel read not supported for file /��7���âW)�s���!Q���fs�l{T�r�)r��O���2:"��T+͟v|�ղDvc���֠�6�x�c: (pid: 22520 comm: syz.4.4710)
[ 1700.843928][   T30] audit: type=1800 audit(1748967463.931:714): pid=22520 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.4710" name=A0F29C1437B3CFF8C3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=47632 res=0 errno=0
[ 1703.638476][T22573] 9pnet_fd: Insufficient options for proto=fd
[ 1705.388401][T22594] loop3: detected capacity change from 0 to 1
[ 1705.412995][T22172] Dev loop3: unable to read RDB block 1
[ 1705.418620][T22172]  loop3: unable to read partition table
[ 1705.439582][T22172] loop3: partition table beyond EOD, truncated
[ 1705.477269][T22596] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4740'.
[ 1705.486516][T22594] Dev loop3: unable to read RDB block 1
[ 1705.502641][T22594]  loop3: unable to read partition table
[ 1705.518464][T22594] loop3: partition table beyond EOD, truncated
[ 1705.543287][T22594] loop_reread_partitions: partition scan of loop3 (�被x������ ) failed (rc=-5)
[ 1708.366290][T22625] 9pnet_fd: Insufficient options for proto=fd
[ 1708.378435][T22625] netlink: 'syz.5.4746': attribute type 10 has an invalid length.
[ 1708.386305][T22625] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4746'.
[ 1708.842781][T22645] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4755'.
[ 1708.852525][T22642] loop3: detected capacity change from 0 to 1
[ 1708.873863][T22172] Dev loop3: unable to read RDB block 1
[ 1708.874029][T22645] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4755'.
[ 1708.901729][T22172]  loop3: unable to read partition table
[ 1708.907607][T22172] loop3: partition table beyond EOD, truncated
[ 1708.951191][T22642] Dev loop3: unable to read RDB block 1
[ 1708.956946][T22642]  loop3: unable to read partition table
[ 1708.978156][T22642] loop3: partition table beyond EOD, truncated
[ 1708.988113][T22642] loop_reread_partitions: partition scan of loop3 (�被x������ ) failed (rc=-5)
[ 1709.194571][T22651] 9pnet_fd: Insufficient options for proto=fd
[ 1709.216475][T22651] netlink: 'syz.4.4758': attribute type 10 has an invalid length.
[ 1709.225404][T22651] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4758'.
[ 1710.333763][   T30] audit: type=1326 audit(1748967473.411:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22655 comm="syz.5.4759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e738e969 code=0x7fc00000
[ 1711.011988][   T30] audit: type=1326 audit(1748967474.061:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22655 comm="syz.5.4759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb7e738e969 code=0x7fc00000
[ 1711.584325][T22685] loop3: detected capacity change from 0 to 1
[ 1711.611804][T22685] Dev loop3: unable to read RDB block 1
[ 1711.640634][T22685]  loop3: unable to read partition table
[ 1711.649570][T22686] 9pnet_fd: Insufficient options for proto=fd
[ 1711.668700][T22685] loop3: partition table beyond EOD, truncated
[ 1711.684200][T22686] netlink: 'syz.5.4769': attribute type 10 has an invalid length.
[ 1711.692178][T22686] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4769'.
[ 1711.767173][T22685] loop_reread_partitions: partition scan of loop3 (�被x������ ) failed (rc=-5)
[ 1712.070311][   T30] audit: type=1326 audit(1748967475.151:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22691 comm="syz.5.4772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e738e969 code=0x7fc00000
[ 1712.129489][T22123] usb 9-1: new high-speed USB device number 30 using dummy_hcd
[ 1712.297574][T22123] usb 9-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1712.312248][T22123] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1712.352796][T22123] usb 9-1: config 0 descriptor??
[ 1712.376244][T22123] cp210x 9-1:0.0: cp210x converter detected
[ 1712.775639][T22123] cp210x 9-1:0.0: failed to get vendor val 0x000e size 3: -32
[ 1712.789068][T22123] usb 9-1: cp210x converter now attached to ttyUSB0
[ 1713.049331][T22123] usb 9-1: USB disconnect, device number 30
[ 1713.416356][T22123] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1713.436437][T22123] cp210x 9-1:0.0: device disconnected
[ 1714.845280][   T30] audit: type=1326 audit(1748967477.921:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22691 comm="syz.5.4772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb7e738e969 code=0x7fc00000
[ 1718.291280][   T30] audit: type=1326 audit(1748967481.371:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22782 comm="syz.2.4802" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0ef818e969 code=0x0
[ 1719.431809][T22809] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1719.473692][T22123] IPVS: starting estimator thread 0...
[ 1719.490726][T22809] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1719.498287][T22809] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1719.571644][T22813] IPVS: using max 31 ests per chain, 74400 per kthread
[ 1719.589439][T22814] 9pnet_fd: Insufficient options for proto=fd
[ 1720.491643][T22821] 9pnet_fd: Insufficient options for proto=fd
[ 1720.592569][T22821] netlink: 'syz.2.4816': attribute type 10 has an invalid length.
[ 1720.600503][T22821] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4816'.
[ 1720.743985][T22823] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[ 1720.758127][T22826] netlink: 'syz.2.4819': attribute type 15 has an invalid length.
[ 1721.065402][T22836] 9pnet_fd: Insufficient options for proto=fd
[ 1721.524616][T22849] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4827'.
[ 1722.513790][T22861] overlayfs: failed to clone upperpath
[ 1724.972561][T22903] overlayfs: failed to clone upperpath
[ 1725.003425][T22907] 9pnet_fd: Insufficient options for proto=fd
[ 1725.208407][T22914] 9pnet_fd: Insufficient options for proto=fd
[ 1726.926095][T22947] 9pnet_fd: Insufficient options for proto=fd
[ 1727.712356][T22955] misc userio: No port type given on /dev/userio
[ 1727.729790][T22955] misc userio: The device must be registered before sending interrupts
[ 1728.110917][T22961] loop3: detected capacity change from 0 to 1
[ 1728.256790][T22961] Dev loop3: unable to read RDB block 1
[ 1728.343348][T22961]  loop3: unable to read partition table
[ 1728.436671][T22961] loop3: partition table beyond EOD, truncated
[ 1728.513157][T22961] loop_reread_partitions: partition scan of loop3 (�被x������ ) failed (rc=-5)
[ 1729.140381][T22970] 9pnet_fd: Insufficient options for proto=fd
[ 1730.609148][T23011] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4888'.
[ 1730.696137][T23014] netlink: 'syz.2.4888': attribute type 21 has an invalid length.
[ 1730.704477][T23013] 9pnet_virtio: no channels available for device syz
[ 1730.739438][T23014] netlink: 128 bytes leftover after parsing attributes in process `syz.2.4888'.
[ 1731.020113][T23014] netlink: 'syz.2.4888': attribute type 5 has an invalid length.
[ 1731.259514][T23014] netlink: 'syz.2.4888': attribute type 6 has an invalid length.
[ 1731.267288][T23014] netlink: 3 bytes leftover after parsing attributes in process `syz.2.4888'.
[ 1731.410878][   T30] audit: type=1326 audit(1748967494.501:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23006 comm="syz.9.4887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f474898e969 code=0x7fc00000
[ 1732.819422][T23035] netlink: 'syz.9.4896': attribute type 10 has an invalid length.
[ 1732.827288][T23035] netlink: 40 bytes leftover after parsing attributes in process `syz.9.4896'.
[ 1733.043040][T23052] rdma_rxe: rxe_newlink: failed to add lo
[ 1733.173790][T23055] 9pnet_fd: Insufficient options for proto=fd
[ 1733.207363][T23055] netlink: 'syz.2.4906': attribute type 10 has an invalid length.
[ 1733.215241][T23055] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4906'.
[ 1735.117474][T23083] syz0: rxe_newlink: already configured on lo
[ 1735.664153][T23087] dvmrp8: entered allmulticast mode
[ 1736.030554][T23098] netlink: 104 bytes leftover after parsing attributes in process `syz.8.4923'.
[ 1737.019611][T23111] FAULT_INJECTION: forcing a failure.
[ 1737.019611][T23111] name failslab, interval 1, probability 0, space 0, times 1
[ 1737.032859][T23111] CPU: 0 UID: 0 PID: 23111 Comm: syz.8.4929 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[ 1737.032884][T23111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1737.032896][T23111] Call Trace:
[ 1737.032903][T23111]  <TASK>
[ 1737.032911][T23111]  dump_stack_lvl+0x189/0x250
[ 1737.032943][T23111]  ? __pfx____ratelimit+0x10/0x10
[ 1737.032971][T23111]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1737.032998][T23111]  ? __pfx__printk+0x10/0x10
[ 1737.033022][T23111]  ? __pfx___might_resched+0x10/0x10
[ 1737.033048][T23111]  ? fs_reclaim_acquire+0x7d/0x100
[ 1737.033080][T23111]  should_fail_ex+0x414/0x560
[ 1737.033112][T23111]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 1737.033139][T23111]  should_failslab+0xa8/0x100
[ 1737.033166][T23111]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 1737.033191][T23111]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[ 1737.033214][T23111]  ? sock_alloc_inode+0x28/0xc0
[ 1737.033245][T23111]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 1737.033271][T23111]  sock_alloc_inode+0x28/0xc0
[ 1737.033297][T23111]  alloc_inode+0x67/0x1b0
[ 1737.033323][T23111]  do_accept+0x111/0x680
[ 1737.033347][T23111]  ? __pfx_do_accept+0x10/0x10
[ 1737.033388][T23111]  __sys_accept4+0x11c/0x1c0
[ 1737.033409][T23111]  ? __pfx___sys_accept4+0x10/0x10
[ 1737.033427][T23111]  ? __pfx_ksys_write+0x10/0x10
[ 1737.033448][T23111]  ? rcu_is_watching+0x15/0xb0
[ 1737.033474][T23111]  ? arch_syscall_is_vdso_sigreturn+0x120/0x1a0
[ 1737.033510][T23111]  __x64_sys_accept4+0x9a/0xb0
[ 1737.033531][T23111]  do_syscall_64+0xfa/0x3b0
[ 1737.033557][T23111]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1737.033584][T23111]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1737.033602][T23111]  ? clear_bhb_loop+0x60/0xb0
[ 1737.033624][T23111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1737.033642][T23111] RIP: 0033:0x7f89a538e969
[ 1737.033658][T23111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1737.033674][T23111] RSP: 002b:00007f89a6153038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[ 1737.033693][T23111] RAX: ffffffffffffffda RBX: 00007f89a55b5fa0 RCX: 00007f89a538e969
[ 1737.033707][T23111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1737.033724][T23111] RBP: 00007f89a6153090 R08: 0000000000000000 R09: 0000000000000000
[ 1737.033736][T23111] R10: 0000000000080800 R11: 0000000000000246 R12: 0000000000000001
[ 1737.033747][T23111] R13: 0000000000000000 R14: 00007f89a55b5fa0 R15: 00007ffdb36c29d8
[ 1737.033776][T23111]  </TASK>
[ 1737.491805][T23121] rdma_rxe: rxe_newlink: failed to add lo
[ 1737.730726][T22123] usb 10-1: new full-speed USB device number 8 using dummy_hcd
[ 1737.997344][T22123] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1738.154451][T23126] dvmrp8: entered allmulticast mode
[ 1738.193946][T22123] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1738.231334][T22123] usb 10-1: New USB device found, idVendor=04fc, idProduct=05d8, bcdDevice= 0.00
[ 1738.377562][T22123] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1738.401196][T22123] usb 10-1: config 0 descriptor??
[ 1738.580448][T23141] 9pnet_fd: Insufficient options for proto=fd
[ 1738.699352][T21879] usb 9-1: new high-speed USB device number 31 using dummy_hcd
[ 1738.735967][   T30] audit: type=1326 audit(1748967501.821:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23142 comm="syz.5.4941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1738.746568][T23148] s
z1: rxe_newlink: already configured on lo
[ 1738.761114][T23143] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4941'.
[ 1738.807751][   T30] audit: type=1326 audit(1748967501.821:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23142 comm="syz.5.4941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1738.834392][   T30] audit: type=1326 audit(1748967501.821:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23142 comm="syz.5.4941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1738.873466][T22123] sunplus 0003:04FC:05D8.000F: hidraw0: USB HID v0.07 Device [HID 04fc:05d8] on usb-dummy_hcd.9-1/input0
[ 1738.879375][T21879] usb 9-1: Using ep0 maxpacket: 16
[ 1738.915540][   T30] audit: type=1326 audit(1748967501.821:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23142 comm="syz.5.4941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1738.931259][T21879] usb 9-1: config 6 has an invalid interface number: 203 but max is 0
[ 1738.966856][   T30] audit: type=1326 audit(1748967501.821:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23142 comm="syz.5.4941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1738.969485][T21879] usb 9-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[ 1739.050320][   T30] audit: type=1326 audit(1748967501.821:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23142 comm="syz.5.4941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1739.064872][T21879] usb 9-1: config 6 has no interface number 0
[ 1739.083581][T23113] Unsupported ieee802154 address type: 0
[ 1739.097660][T21879] usb 9-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=de.95
[ 1739.122904][T21879] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1739.128928][T23113] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4928'.
[ 1739.147886][T21879] usb 9-1: Product: syz
[ 1739.153919][   T30] audit: type=1326 audit(1748967501.821:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23142 comm="syz.5.4941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1739.154429][T23156] s
z1: rxe_newlink: already configured on lo
[ 1739.207084][   T30] audit: type=1326 audit(1748967501.821:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23142 comm="syz.5.4941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1739.207093][T21879] usb 9-1: Manufacturer: syz
[ 1739.252651][   T30] audit: type=1326 audit(1748967501.821:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23142 comm="syz.5.4941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7e738e969 code=0x7ffc0000
[ 1739.288145][T19192] usb 10-1: USB disconnect, device number 8
[ 1739.309487][T21879] usb 9-1: SerialNumber: syz
[ 1739.331741][   T30] audit: type=1326 audit(1748967501.821:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23142 comm="syz.5.4941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb7e7390887 code=0x7ffc0000
[ 1739.394886][T21879] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 1739.403109][T23162] 9pnet_fd: Insufficient options for proto=fd
[ 1739.419857][T23162] netlink: 'syz.2.4948': attribute type 10 has an invalid length.
[ 1739.427668][T23162] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4948'.
[ 1739.526973][T23164] 9pnet_fd: Insufficient options for proto=fd
[ 1739.570656][T21879] gspca_zc3xx: reg_w_i err -71
[ 1740.159452][T21879] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 1740.281594][T21879] gspca_zc3xx 9-1:6.203: probe with driver gspca_zc3xx failed with error -71
[ 1740.699730][T21879] usb 9-1: USB disconnect, device number 31
[ 1740.931983][T23197] IPVS: set_ctl: invalid protocol: 183 224.0.0.1:20003
[ 1845.879215][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1845.886208][    C0] rcu: 	(detected by 0, t=10504 jiffies, g=104553, q=454 ncpus=2)
[ 1845.894017][    C0] rcu: All QSes seen, last rcu_preempt kthread activity 10492 (4295121653-4295111161), jiffies_till_next_fqs=1, root ->qsmask 0x0
[ 1845.907391][    C0] rcu: rcu_preempt kthread starved for 10492 jiffies! g104553 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[ 1845.918691][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1845.928666][    C0] rcu: RCU grace-period kthread stack dump:
[ 1845.934555][    C0] task:rcu_preempt     state:R  running task     stack:26464 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[ 1845.948068][    C0] Call Trace:
[ 1845.951365][    C0]  <TASK>
[ 1845.954307][    C0]  __schedule+0x16a2/0x4cb0
[ 1845.958851][    C0]  ? schedule+0x165/0x360
[ 1845.963208][    C0]  ? __pfx___schedule+0x10/0x10
[ 1845.968093][    C0]  ? schedule+0x91/0x360
[ 1845.972360][    C0]  schedule+0x165/0x360
[ 1845.976538][    C0]  schedule_timeout+0x12b/0x270
[ 1845.981403][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 1845.986791][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1845.992705][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 1845.998006][    C0]  ? prepare_to_swait_event+0x341/0x380
[ 1846.003618][    C0]  rcu_gp_fqs_loop+0x301/0x1540
[ 1846.008511][    C0]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[ 1846.014685][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1846.019994][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[ 1846.025227][    C0]  ? finish_swait+0xcd/0x1f0
[ 1846.029841][    C0]  rcu_gp_kthread+0x99/0x390
[ 1846.034453][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1846.039672][    C0]  ? __kthread_parkme+0x7b/0x200
[ 1846.044632][    C0]  ? __kthread_parkme+0x1a1/0x200
[ 1846.049684][    C0]  kthread+0x711/0x8a0
[ 1846.053770][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1846.058987][    C0]  ? __pfx_kthread+0x10/0x10
[ 1846.063599][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1846.068818][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1846.074041][    C0]  ? __pfx_kthread+0x10/0x10
[ 1846.078646][    C0]  ret_from_fork+0x3f9/0x770
[ 1846.083256][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1846.088395][    C0]  ? __switch_to_asm+0x39/0x70
[ 1846.093170][    C0]  ? __switch_to_asm+0x33/0x70
[ 1846.097942][    C0]  ? __pfx_kthread+0x10/0x10
[ 1846.102547][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1846.107335][    C0]  </TASK>
[ 1846.110369][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1846.116708][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 1846.121939][    C1] NMI backtrace for cpu 1
[ 1846.121955][    C1] CPU: 1 UID: 0 PID: 23184 Comm: syz.9.4957 Not tainted 6.15.0-syzkaller-11173-g546b1c9e93c2 #0 PREEMPT(full) 
[ 1846.121982][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1846.121995][    C1] RIP: 0010:lock_acquire+0x8d/0x360
[ 1846.122021][    C1] Code: f6 05 df 88 eb 0d 01 0f 84 d7 01 00 00 83 3d 19 c6 01 0e 00 0f 84 f0 00 00 00 48 8b b4 24 90 00 00 00 4c 89 ef e8 03 50 83 00 <83> 3d fc c5 01 0e 00 0f 84 fa 00 00 00 65 8b 05 ff eb fa 10 85 c0
[ 1846.122040][    C1] RSP: 0018:ffffc90000a08bd0 EFLAGS: 00000002
[ 1846.122054][    C1] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 6897804852eb4f00
[ 1846.122064][    C1] RDX: 0000000000000000 RSI: ffffffff897d2e04 RDI: 1ffffffff1c27e28
[ 1846.122075][    C1] RBP: ffffffff897d2de8 R08: 0000000000000000 R09: 0000000000000000
[ 1846.122085][    C1] R10: dffffc0000000000 R11: ffffed100b185e5e R12: 0000000000000002
[ 1846.122096][    C1] R13: ffffffff8e13f140 R14: 0000000000000000 R15: 0000000000000000
[ 1846.122106][    C1] FS:  0000000000000000(0000) GS:ffff888125d93000(0000) knlGS:0000000000000000
[ 1846.122118][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1846.122129][    C1] CR2: 0000001b2fd1fffc CR3: 0000000076912000 CR4: 00000000003526f0
[ 1846.122141][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1846.122150][    C1] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1846.122160][    C1] Call Trace:
[ 1846.122166][    C1]  <IRQ>
[ 1846.122176][    C1]  ? do_raw_spin_unlock+0x122/0x240
[ 1846.122199][    C1]  ? advance_sched+0x9f8/0xc90
[ 1846.122226][    C1]  advance_sched+0xa14/0xc90
[ 1846.122250][    C1]  ? advance_sched+0x9f8/0xc90
[ 1846.122286][    C1]  ? __pfx_advance_sched+0x10/0x10
[ 1846.122311][    C1]  __hrtimer_run_queues+0x529/0xc60
[ 1846.122355][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1846.122383][    C1]  ? read_tsc+0x9/0x20
[ 1846.122414][    C1]  hrtimer_interrupt+0x45b/0xaa0
[ 1846.122463][    C1]  __sysvec_apic_timer_interrupt+0x108/0x410
[ 1846.122497][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[ 1846.122527][    C1]  </IRQ>
[ 1846.122534][    C1]  <TASK>
[ 1846.122543][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1846.122566][    C1] RIP: 0010:lock_release+0x44/0x3e0
[ 1846.122592][    C1] Code: 8b 05 30 9b fa 10 48 89 44 24 28 0f 1f 44 00 00 65 8b 05 33 9b fa 10 83 f8 08 0f 83 9a 02 00 00 89 c0 48 0f a3 05 dc 83 01 0e <73> 16 e8 e5 e1 08 00 84 c0 75 0d f6 05 c6 77 eb 0d 01 0f 84 ad 02
[ 1846.122609][    C1] RSP: 0018:ffffc9000ec872f0 EFLAGS: 00000297
[ 1846.122627][    C1] RAX: 0000000000000001 RBX: 1ffffffff3352c24 RCX: ffff88807e86da00
[ 1846.122642][    C1] RDX: 0000000000000000 RSI: ffffffff820bbad0 RDI: ffff8880b8733e70
[ 1846.122658][    C1] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[ 1846.122672][    C1] R10: dffffc0000000000 R11: fffffbfff3352c24 R12: ffffea0001abe608
[ 1846.122688][    C1] R13: ffffffff820bbad0 R14: ffff8880b8733e70 R15: ffff8880b8733e98
[ 1846.122706][    C1]  ? munlock_folio+0x80/0x6d0
[ 1846.122725][    C1]  ? munlock_folio+0x80/0x6d0
[ 1846.122741][    C1]  ? folio_remove_rmap_ptes+0x7fa/0xaf0
[ 1846.122758][    C1]  munlock_folio+0x3df/0x6d0
[ 1846.122772][    C1]  ? munlock_folio+0x80/0x6d0
[ 1846.122786][    C1]  unmap_page_range+0x1e59/0x41c0
[ 1846.122835][    C1]  ? __pfx_unmap_page_range+0x10/0x10
[ 1846.122864][    C1]  ? unmap_vmas+0x144/0x580
[ 1846.122880][    C1]  unmap_vmas+0x399/0x580
[ 1846.122897][    C1]  ? __pfx_unmap_vmas+0x10/0x10
[ 1846.122933][    C1]  exit_mmap+0x248/0xb50
[ 1846.122954][    C1]  ? uprobe_clear_state+0x20f/0x290
[ 1846.122976][    C1]  ? __pfx_exit_mmap+0x10/0x10
[ 1846.122995][    C1]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1846.123025][    C1]  ? __pfx_exit_aio+0x10/0x10
[ 1846.123055][    C1]  ? uprobe_clear_state+0x274/0x290
[ 1846.123074][    C1]  ? mm_update_next_owner+0xa7/0x870
[ 1846.123093][    C1]  __mmput+0x118/0x420
[ 1846.123117][    C1]  exit_mm+0x1da/0x2c0
[ 1846.123134][    C1]  ? __pfx_exit_mm+0x10/0x10
[ 1846.123152][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1846.123177][    C1]  do_exit+0x640/0x22e0
[ 1846.123197][    C1]  ? do_raw_spin_lock+0x121/0x290
[ 1846.123215][    C1]  ? __pfx_do_exit+0x10/0x10
[ 1846.123238][    C1]  do_group_exit+0x21c/0x2d0
[ 1846.123255][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1846.123279][    C1]  get_signal+0x125e/0x1310
[ 1846.123311][    C1]  arch_do_signal_or_restart+0x9a/0x750
[ 1846.123334][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1846.123360][    C1]  ? exit_to_user_mode_loop+0x40/0x110
[ 1846.123383][    C1]  exit_to_user_mode_loop+0x75/0x110
[ 1846.123405][    C1]  do_syscall_64+0x2bd/0x3b0
[ 1846.123429][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1846.123451][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1846.123466][    C1]  ? clear_bhb_loop+0x60/0xb0
[ 1846.123484][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1846.123499][    C1] RIP: 0033:0x7f474898e969
[ 1846.123511][    C1] Code: Unable to access opcode bytes at 0x7f474898e93f.
[ 1846.123520][    C1] RSP: 002b:00007f474985b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1846.123534][    C1] RAX: fffffffffffffe00 RBX: 00007f4748bb6088 RCX: 00007f474898e969
[ 1846.123546][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4748bb6088
[ 1846.123556][    C1] RBP: 00007f4748bb6080 R08: 0000000000000000 R09: 0000000000000000
[ 1846.123565][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4748bb608c
[ 1846.123575][    C1] R13: 0000000000000000 R14: 00007fff10f3d220 R15: 00007fff10f3d308
[ 1846.123594][    C1]  </TASK>