last executing test programs:

42m25.255328128s ago: executing program 32 (id=1140):
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141121)
openat$kvm(0xffffff9c, 0x0, 0x0, 0x0)
r1 = dup(r0)
write$6lowpan_enable(r1, 0x0, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000004700)={'team0\x00', <r5=>0x0})
syz_usb_connect$cdc_ncm(0x1, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r5, {}, {}, {0x8, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0)

41m36.686693s ago: executing program 33 (id=1209):
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x62)
socket(0x23, 0x5, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000006, 0x4132, 0xffffffffffffffff, 0x0)
r2 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r2, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24)
sendmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000d00), 0xf000, 0x10002, 0x0)

40m41.969343251s ago: executing program 34 (id=1285):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000080)={0x0, 0x2})
socket$inet_sctp(0x2, 0x1, 0x84)
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240000001d00070f000000000000000007000000", @ANYRES32, @ANYBLOB="4000270006"], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)

38m8.518399894s ago: executing program 35 (id=1455):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@delchain={0x11, 0x5f, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffed, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x40002}, 0x0)

31m54.584874599s ago: executing program 36 (id=4361):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x8, 0xdd, 0xff}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r2}, 0x10)
r3 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)

30m56.277432384s ago: executing program 37 (id=4945):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000040)={'syz1\x00', {0xb, 0x1, 0x2, 0x1}, 0x4f, [0xffff, 0x7, 0x3, 0x4, 0xebd, 0x2, 0x7, 0x5, 0x2, 0x80, 0x7, 0x1, 0x5, 0x3, 0x2, 0x8000, 0x1, 0x2, 0x5, 0x6, 0x401, 0x1, 0x9, 0x400, 0x67, 0xe, 0x30ed386c, 0x970, 0x9, 0x7, 0x1, 0x10000, 0x9, 0x10, 0x7, 0x4, 0x10, 0x8dd, 0x4, 0x5, 0x8001, 0x2, 0x6, 0xa9, 0x80000000, 0x81, 0xbb76, 0xe0, 0x10, 0x2, 0x5, 0x9, 0xfff, 0x3, 0x1, 0xa663, 0xfffffffe, 0x7ff, 0x3, 0x0, 0x8, 0xbe, 0x7, 0x7], [0x6, 0x4, 0x7560, 0x9, 0xd, 0xff, 0x4, 0xfffffffd, 0x0, 0xfff, 0x5, 0x100, 0x87b7, 0x0, 0x4, 0x0, 0x26, 0x101, 0xffffffff, 0x9, 0x4, 0x1, 0x5, 0x7f, 0x6, 0x7, 0x10001, 0xf7d1, 0x508, 0x8, 0x9, 0xee, 0x2, 0x817d, 0x6, 0x1, 0x80, 0x3, 0x8, 0x10, 0x335a, 0x1, 0x5, 0x87d, 0x8, 0x8, 0x1ff, 0x4, 0xfffffffe, 0x2, 0x481dc3dd, 0xffff, 0x3ff, 0x2, 0x3, 0x8, 0x101, 0x40, 0x93, 0xe0000000, 0x6bbfc9e1, 0xfffffffe, 0x80], [0xfffffff9, 0xc99, 0xd, 0x2, 0x1, 0xe, 0x3, 0x9, 0xe2e, 0x6, 0x3, 0x8, 0x4, 0x4, 0x7ff, 0x3, 0x48, 0x4, 0x6, 0x200, 0x7, 0x9, 0x8e9, 0x10, 0x4, 0x800, 0xb, 0x58d, 0x8, 0x1000, 0x6, 0x0, 0x51, 0x1, 0x6, 0x1, 0xbb, 0x4, 0x2, 0xf246, 0x3d6126, 0x9841, 0x6a2180, 0x5, 0x6, 0x1000, 0x9, 0x65, 0x309466b5, 0x2, 0xa7b0, 0x8001, 0x40, 0x8, 0x9, 0x9, 0x800, 0x235, 0x1, 0x4, 0x1ff, 0x9, 0x0, 0x4], [0xf437, 0xff, 0x1, 0x73ec, 0x3, 0x2, 0x0, 0x9, 0x10001, 0xfffffff3, 0x4, 0xec9, 0xfffffffd, 0xffff, 0x4f, 0x1, 0x9, 0x8, 0x7, 0x40, 0x1, 0x5, 0xc32, 0x1, 0x81, 0x4, 0x5, 0x0, 0xc, 0x6, 0x9, 0xb, 0x8, 0x4f68, 0x3, 0x80000000, 0x8, 0x5, 0x3, 0x4, 0x0, 0x8, 0x6b5, 0xf01b, 0x0, 0x3, 0x22, 0x0, 0x4, 0x10, 0xe1, 0x6, 0x1, 0x7, 0x1, 0x401, 0x3, 0x9, 0x6, 0x2, 0x6, 0xe1a3, 0xf363, 0x8]}, 0x45c)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x181002, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000080)={0x49de, 0x0, 0xfffc, 0xbfff, 0x19, "ec28a144f13d7607"})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)={0x0, 0xfffffffc, 0xfffffffe, 0x0, 0x10, "0000008900"})
r1 = syz_open_pts(r0, 0x20800)
dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0x44)

25m15.574438287s ago: executing program 38 (id=8333):
openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)={0x40040, 0xd2, 0xf}, 0x18)
socket$nl_rdma(0x10, 0x3, 0x14)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x400, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x40000012})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x300, 0x1, &(0x7f0000000340)=[r1], &(0x7f0000000040)=[0x1], &(0x7f0000000200), 0x0, 0x0, 0x7f})

24m26.796672061s ago: executing program 4 (id=8662):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
r4 = syz_io_uring_setup(0xcc8, &(0x7f0000000300)={0x0, 0x6c7, 0x10, 0x1, 0x310}, &(0x7f00000001c0)=<r5=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r4, 0xdb4, 0xd44a, 0x5, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}, @flat=@binder={0x73622a85, 0x10b}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x4c, 0x0, &(0x7f0000000800)=[@transaction_sg={0x40486311, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x0, 0x0})

24m24.345837491s ago: executing program 4 (id=8677):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x8844)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000080)='sched_switch\x00', r3, 0x0, 0xc8d}, 0x18)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

24m23.017366649s ago: executing program 4 (id=8679):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000a50000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7050000080000a8c5000000a5000000180100002020640500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r5, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000011)
sendmsg$kcm(r5, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0xe07e872420dfefca)

24m20.801704345s ago: executing program 4 (id=8684):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TIOCMSET(r0, 0x5418, &(0x7f0000000140)=0xfffffdfb)
ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0xffffffff, 0xc9a, 0xfffff001, 0x6, 0x18, "5cadf0fa59ebc3cef90ac43c5c135252e5d962"})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
futex(0x0, 0x87, 0x0, 0x0, 0x0, 0x0)
ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000280)={0x0, 0x4, 0x7fff, 0x0, 0xfe, "4cb8b2300000714d64cf76062d59e56f2584c4"})
exit(0x7)
fsopen(0x0, 0x0)
fchdir(0xffffffffffffffff)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x21, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000000340)=0x63ba, 0x4)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmmsg$inet6(r1, 0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000400)='./file1\x00', 0x8042, 0x38)
fcntl$setlease(r2, 0x400, 0x1)
write$binfmt_register(0xffffffffffffffff, &(0x7f000000a480)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x0, 0x3a, '\xc2\\-:\x00', 0x3a, '#.\\#\'+\x00', 0x3a, './file0'}, 0x33)

24m19.249471905s ago: executing program 4 (id=8692):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
syz_open_dev$tty1(0xc, 0x4, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0xdfd2, 0x9, 0x19, 0xa}]}, 0x10)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/diskstats\x00', 0x0, 0x0)
r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
sendfile(r4, r3, 0x0, 0x7ffff000)

24m17.622621043s ago: executing program 4 (id=8698):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x100007, 0x4, 0x25, 0x1, 0xffffffffffffffff, 0x400000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xc1103000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(0xffffffffffffffff, 0x7, 0x0, 0x1)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mq_open(0x0, 0x2, 0x122, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ip6_mr_cache\x00')
pread64(r5, 0x0, 0x0, 0x6)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x1b, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240), 0x0, 0x2, r0}, 0x38)

24m1.024414339s ago: executing program 39 (id=8698):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x100007, 0x4, 0x25, 0x1, 0xffffffffffffffff, 0x400000}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xc1103000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(0xffffffffffffffff, 0x7, 0x0, 0x1)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mq_open(0x0, 0x2, 0x122, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ip6_mr_cache\x00')
pread64(r5, 0x0, 0x0, 0x6)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x1b, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240), 0x0, 0x2, r0}, 0x38)

20m31.895174008s ago: executing program 0 (id=10464):
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2c, &(0x7f0000000540)={0x8, {{0xa, 0x4e21, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7ff}}, {{0xa, 0x4e24, 0x50, @loopback, 0x8cfb}}}, 0x108)
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x1f00)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r2, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r4, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, 0x0, 0x100, 0x70bd27, 0x25dfdbfb, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x28}, @IEEE802154_ATTR_DEV_INDEX={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x24044005}, 0x2c040001)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e24, @empty}, @in6={0xa, 0x4e21, 0x9, @private0={0xfc, 0x0, '\x00', 0x1}, 0x5}, @in6={0xa, 0x4e24, 0x3, @private2, 0xa5312585}, @in={0x2, 0x4e22, @multicast1}, @in6={0xa, 0x4e20, 0xfffffffa, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x9}, @in6={0xa, 0x4e20, 0x8001, @mcast1}, @in={0x2, 0x4e20, @private=0xa010102}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x28}}, @in={0x2, 0x4e21, @empty}], 0xc0)
ppoll(&(0x7f0000000200)=[{r1, 0x6600}], 0x1, 0x0, 0x0, 0x0)
connect$unix(r1, &(0x7f0000000340)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

20m26.795857766s ago: executing program 0 (id=10479):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0x36b78000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$alg(0x26, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
setns(r4, 0x24020000)
syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)

20m22.894962546s ago: executing program 0 (id=10484):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x18)
madvise(&(0x7f000031a000/0x4000)=nil, 0x4000, 0xe)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
sendmmsg$sock(r4, &(0x7f00000044c0), 0x4000000000001c0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

20m20.544351308s ago: executing program 0 (id=10488):
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
write$P9_RGETLOCK(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
r3 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fanotify_mark(0xffffffffffffffff, 0x105, 0x5000003a, r3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x10}]}, @NFT_MSG_NEWSETELEM={0x30, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4}]}, @NFT_MSG_DELSETELEM={0x2c, 0xe, 0xa, 0x201, 0x0, 0x0, {0xa}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xc8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

20m18.771020073s ago: executing program 0 (id=10490):
socket$packet(0x11, 0x3, 0x300)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000100))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x6, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_pgetevents(0x0, 0x4, 0x2, &(0x7f0000000400)=[{}, {}], &(0x7f0000000480), &(0x7f0000000500)={0x0})
mount$overlay(0x0, 0x0, &(0x7f0000000340), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x2}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r1, &(0x7f0000048040)=""/102392, 0x18ff8)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x20)
shutdown(r0, 0x1)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000001440)={&(0x7f0000001200), 0xc, &(0x7f0000001400)={0x0, 0x124}}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c83012000e00050014fd0a000200090001010500"], 0x17)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$l2tp(&(0x7f00000001c0), 0xffffffffffffffff)
socket$inet6_tcp(0xa, 0x1, 0x0)

20m17.249168012s ago: executing program 0 (id=10495):
socket$inet6(0xa, 0x5, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10)
sendmmsg$inet(r2, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000)
r3 = syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
migrate_pages(r3, 0x5, &(0x7f0000000040)=0x9, &(0x7f0000000080)=0x272)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000080)={0xa, 0x2, 0x1, "9adf4b552fb8af2b8f72f309000000a590d25fdab1e043cc1a70c317fd815cee", 0x3131354f})
socket$netlink(0x10, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0xfec4, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff3}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}}, 0x20040084)

20m0.42815643s ago: executing program 40 (id=10495):
socket$inet6(0xa, 0x5, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10)
sendmmsg$inet(r2, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000)
r3 = syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
migrate_pages(r3, 0x5, &(0x7f0000000040)=0x9, &(0x7f0000000080)=0x272)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000080)={0xa, 0x2, 0x1, "9adf4b552fb8af2b8f72f309000000a590d25fdab1e043cc1a70c317fd815cee", 0x3131354f})
socket$netlink(0x10, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0xfec4, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff3}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}}, 0x20040084)

19m33.942679001s ago: executing program 3 (id=10584):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x88fd537e5e114b6f, 0x12, r5, 0x0)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x4, 0x89727a31546dcc4f, 0x4})
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

19m29.248221928s ago: executing program 3 (id=10589):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x88fd537e5e114b6f, 0x12, r4, 0x0)
ioctl$KVM_X86_SETUP_MCE(r4, 0x4008ae9c, &(0x7f0000000000)={0x4, 0x89727a31546dcc4f, 0x4})
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

19m19.392098194s ago: executing program 3 (id=10613):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x88fd537e5e114b6f, 0x12, r5, 0x0)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x4, 0x89727a31546dcc4f, 0x4})
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

19m17.092152157s ago: executing program 3 (id=10619):
write$cgroup_pid(0xffffffffffffffff, &(0x7f00000001c0), 0x12)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getpid()
setns(0xffffffffffffffff, 0x24020000)
syz_open_procfs(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000200)='.\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x2a05404, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000040)='.\x00', 0x2)

19m16.713464364s ago: executing program 3 (id=10622):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x88fd537e5e114b6f, 0x12, r5, 0x0)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x4, 0x89727a31546dcc4f, 0x4})
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

19m10.449280374s ago: executing program 3 (id=10642):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x88fd537e5e114b6f, 0x12, r5, 0x0)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x4, 0x89727a31546dcc4f, 0x4})
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

19m8.986147488s ago: executing program 41 (id=10642):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x88fd537e5e114b6f, 0x12, r5, 0x0)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x4, 0x89727a31546dcc4f, 0x4})
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

15m26.891152323s ago: executing program 6 (id=11761):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r2, &(0x7f0000000000)='y', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f00000000c0)={0x4, 0x0, 0xfe, 0x2, 0x0, 0x2, 0x5, 0x0, 0x0, 0x7, 0x0, 0x4, 0x0, 0x42}, 0xe)
shutdown(r2, 0x1)
recvmmsg(r2, &(0x7f0000000840)=[{{0x0, 0x0, 0x0}}], 0x414, 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file7\x00', 0x5)
r3 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r3, 0x42, 0x1ff)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/mem_sleep', 0x400000, 0x145)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x3, r4})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r5}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
lchown(0x0, 0x0, 0x0)

15m23.706523207s ago: executing program 6 (id=11773):
syz_emit_ethernet(0x97, &(0x7f0000000180)={@local, @empty, @void, {@llc_tr={0x11, {@snap={0x1, 0xaa, "a5", "0829a6", 0x200, "246439d58cca2bcc9e4bbcbc0c2b364212b5a8904f44ca32cc8b3fcdb9ff27a8e855e0c067d1fb5862031eb31a972a60645cc726cf7a13eee943ecefd9fff7720ef86417d27a7b50e7eac2a7ddf4d2d89d32532ea9608f0606c4b9c5764bf7286dfea4352f73c918ca17133610b380bc02bf30a913478e450d91a01b742ccf1b89"}}}}}, 0x0)
socket$kcm(0x10, 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, &(0x7f0000000180))
r0 = socket(0x8000000010, 0x2, 0x0)
write(r0, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0800000000000000ee5e151711d9f066eb23375691ad37a2adc0ef80eff4896f00"/44, @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000c00"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xb, 0x1c, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x8}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x540}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000007c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b80a000500000000", &(0x7f0000000300)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
getsockopt$IP_VS_SO_GET_INFO(r0, 0x0, 0x481, &(0x7f00000008c0), &(0x7f0000000900)=0xc)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8955, &(0x7f0000000180)={{0x2, 0x4e22, @empty}, {0x306, @random="eda69956e92c"}, 0x4, {0x2, 0x4e23, @rand_addr=0x64010101}})
r5 = socket(0x2c, 0xa, 0x1)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='sessionid\x00')
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f0000000040)={<r7=>0x0, 0xc9, "531f1cfb224dd0ae582dcca34ece39fca0707e4d0e01cd5c16858d043698dc2f24567a26f8cffa05d8869f3e2fd7407907f90fa9807f7dd2b3e73755c204911626990e55fab1d40403e55b0fc91b7b652155cdcbc21fc013637ab2b4382d75d0eaa10d501427e7edcfcb8a04556b69a397a3d86c4bde20db64ca6816a8928fdb30e779a8c989231583bbef7cc16fd8c3b2b54b5ee5fc75e0cd1c26f556595e9701940370c413e72401320e077ed904a135319fdf5135128d07dc2f6fecfbb1e1f34eb3a80e604938b6"}, &(0x7f0000000140)=0xd1)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r6, 0x84, 0xf, &(0x7f0000000200)={r7, @in={{0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x800, 0x3, 0x0, 0x2, 0x9}, &(0x7f00000003c0)=0x98)
r8 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00', <r9=>0x0})
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NBD_CMD_DISCONNECT(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="00000000e5dfc6269f64475b9073f5e359ad29d2283487e8ccfa42a4f3", @ANYRES16=r12, @ANYBLOB="01002bbd700006000000020000000800010000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
sendmsg$NBD_CMD_CONNECT(r10, &(0x7f0000000a00)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x100200}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)=ANY=[@ANYBLOB="1c00a8bc", @ANYRES16=r12, @ANYBLOB="02002cbd7000fedbdf25010000000800010000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x8008080)
setsockopt$packet_add_memb(r8, 0x107, 0x1, &(0x7f0000000400)={r9, 0x1, 0x6, @broadcast}, 0x10)
setsockopt$packet_add_memb(r8, 0x107, 0x1, &(0x7f0000000200)={r9, 0x11, 0x6}, 0x10)
setsockopt$packet_drop_memb(r8, 0x107, 0x2, &(0x7f0000000580)={r9, 0x1, 0x6, @local}, 0x10)
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0xc020f509, &(0x7f0000000680)={r5, 0x9, 0x473795fb, 0x9})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)={0x1b, 0x0, 0x0, 0xb, 0x0, r6, 0xf, '\x00', 0x0, r6, 0x2, 0x4, 0x2}, 0x50)

15m23.316095052s ago: executing program 6 (id=11778):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00000033000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="01000000000000000000000000000000000000000000000000000000000000000000000000000000000009f76caf00000000000000000000fdffffffffffffff00000000000000000000000000000000000000000000000200"/112], 0xb8}, 0x1, 0x0, 0x0, 0x40800}, 0x2c040010)
r1 = io_uring_setup(0x6001, &(0x7f0000000000)={0x0, 0xeec2, 0x800, 0x2, 0xaa})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r3, 0x4068aea3, &(0x7f0000000480)={0x79, 0x0, 0xc50})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
close_range(r1, r1, 0x0)
socket$netlink(0x10, 0x3, 0x8)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}}}, 0xb8}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001500010029bd700000000000e00000020004000000000000000000000000000000000000000000000000000000000000000000000a00100000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000100000000000000000000000000000000000000000000000000000000000000080000000000000000040000000000000000000000000000000000000000000000000000000000000101000000000000000000000000000000000000b56b6e000000010000000000"], 0xb8}}, 0x10000000)

15m22.015563604s ago: executing program 6 (id=11795):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000200)={'gre0\x00', &(0x7f00000000c0)={'tunl0\x00', 0x0, 0x1, 0x20, 0x8, 0x7, {{0x5, 0x4, 0x1, 0x6, 0x14, 0x66, 0x0, 0xe9, 0x4, 0x0, @remote, @local}}}})

15m21.897509764s ago: executing program 6 (id=11797):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000280)={0x1f, 0xfffe}, 0xe)
listen(r1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)={0x20, 0x40, 0x107, 0x70bd2b, 0x25dfdbfe, {0x1, 0x7c}, [@nested={0x4, 0x1c2}, @nested={0x4, 0x1}, @typed={0x4, 0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x4c090}, 0xc000)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_ADD_TX_TS(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8008000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x38, r3, 0x400, 0x70bd2b, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x1}, @NL80211_ATTR_USER_PRIO={0x5, 0xd3, 0x4}, @NL80211_ATTR_ADMITTED_TIME={0x6}, @NL80211_ATTR_MAC={0xa}]}, 0x38}, 0x1, 0x0, 0x0, 0x44000}, 0x4840)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r4, 0xffffffffffffffff, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000280)=0x80000001, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x8, @remote, 0x2}, @in6={0xa, 0x4e23, 0x8, @ipv4={'\x00', '\xff\xff', @remote}}], 0x38)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000000)=0x3, 0x4)

15m21.03778917s ago: executing program 6 (id=11799):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002a80)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18, 0x4000000}, 0x800)
r2 = dup3(r1, r0, 0x0)
read(r2, &(0x7f0000003ac0)=""/4096, 0x1000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r3}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000400008500000001000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
clock_gettime(0xfffffff5, 0x0)

15m5.917720687s ago: executing program 42 (id=11799):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002a80)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18, 0x4000000}, 0x800)
r2 = dup3(r1, r0, 0x0)
read(r2, &(0x7f0000003ac0)=""/4096, 0x1000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r3}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000400008500000001000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
clock_gettime(0xfffffff5, 0x0)

3m21.951371997s ago: executing program 2 (id=16076):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="050000000400"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', 0xffffffffffffffff, 0x0, 0x7fffffffffffffff}, 0x18)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0)
preadv(r1, &(0x7f00000015c0)=[{&(0x7f0000001600)=""/4094, 0xffe}], 0x1, 0xf0, 0xd215)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r2, 0x0, 0xfffffffffffffffd}, 0x18)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000002880), 0x88400, 0x0)
ioctl$TCFLSH(r3, 0x540b, 0x2)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x60, &(0x7f0000000140)={&(0x7f00000002c0)={0x1c, r4, 0x9c3fa077fa966179, 0x0, 0x700, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x2}}, 0x20)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x0, 0x10e, &(0x7f0000000300)=ANY=[@ANYBLOB="120100006a249f08ec1888323a3f010203010902fc0001870000000904e67e350e010000062404", @ANYBLOB="6da4"], 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
preadv2(r6, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x1fee00}], 0x2, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r7=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r7, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000ff2000/0x1000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89d, 0xc000, 0xa, 0x20002f7})
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(0xffffffffffffffff, &(0x7f0000000100)={0x4, 0x8, 0xfa00, {r5, 0xfde}}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_tcp(0x2, 0x1, 0x0)

3m20.234352793s ago: executing program 2 (id=16085):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x1, @empty, 0x200}, 0x1c)
listen(r0, 0x0)
r1 = accept(r0, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2400c840}, 0x0)
connect$unix(r1, &(0x7f0000000140)=@file={0x0, './file0\x00'}, 0x6e)

3m19.139198701s ago: executing program 2 (id=16093):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ioprio_get$pid(0x2, r0)
add_key(&(0x7f0000000100)='pkcs7_test\x00', 0x0, &(0x7f0000000580)="1082a9889507", 0x6, 0xffffffffffffffff)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000040)={'wlan1\x00', {0x2, 0x4e23, @broadcast}})
r3 = socket$rds(0x15, 0x5, 0x0)
socket(0x10, 0x2, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
getpeername$packet(r5, &(0x7f0000000000)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00e189c9fb0305fcffffff000000004deb1d24fc5e68c8aa78526f84a317ce7589ea08bfbb8d654d179493d65fbb7afa20cae3c1ecee070cee0e3dc8dd13ced41e110cc4286341fd5aaf1e28facfbb98274256a824bf6a23a6791d6a8143180f7cf9dbe379dfbc240dcc7c8efd474a64a270e9b6e9093236a522083b703cf8de5898010001007245cc60bb0b40259791d2b14426b85317ac815e3d82c7f67b26315c6f984b3ec4e3b644a160d56217c245acca9cd1028363e20adf5fa812436e5b80bcbede", @ANYRES32=0x0, @ANYBLOB="11110200338a0000140012800b0001006d616373656300000400028008000500", @ANYRES32=r6, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x48890}, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
bind$rds(r3, &(0x7f0000000040)={0x2, 0x4e22, @loopback}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000c"], 0x48)
openat$smackfs_cipsonum(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/fs/smackfs/doi\x00', 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000080021850000006d00000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$rds(r3, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000006c0)=[{&(0x7f0000000240)=""/44, 0x2c}], 0x1}}], 0x48}, 0x0)

3m18.166388456s ago: executing program 2 (id=16095):
r0 = openat$uinput(0xffffff9c, &(0x7f0000001040), 0x802, 0x0)
ioctl$UI_GET_SYSNAME(r0, 0x8040552c, 0x0)
r1 = socket(0xa, 0x1, 0x0)
r2 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0xe64, 0xb, @empty, 0x1}, 0x1c)

3m18.013727398s ago: executing program 2 (id=16097):
signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
r0 = syz_io_uring_setup(0x38a9, &(0x7f0000000300)={0x0, 0x1595, 0x10100, 0x0, 0x17c}, &(0x7f0000000040)=<r1=>0x0, &(0x7f00000003c0)=<r2=>0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x1, 0x40})
io_uring_enter(r0, 0x44fd, 0x3, 0x1, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000380)='sys_enter\x00', r3, 0x0, 0x3}, 0x18)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r4, &(0x7f00000000c0)=""/55, 0x37)
r5 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
unshare(0x28200)
r6 = fsmount(r5, 0x1, 0x4)
fchdir(r6)

3m17.2939724s ago: executing program 2 (id=16099):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000001, 0x31, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x9, 0x800)
ioctl$EVIOCGPHYS(r0, 0x80404507, &(0x7f0000000080)=""/74)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x1, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0101000000000000000002000000090001"], 0xa0}}, 0x8040)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001800efe000000000000000000ae0000000000000000000000c"], 0x3c}, 0x1, 0x11}, 0x0)
syz_clone(0x20000200, 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff}, 0x800)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x66083000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x27c})
r4 = epoll_create(0x80)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000000)={0x20002002})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f00000003c0)={{&(0x7f0000157000/0x2000)=nil, 0x2000}, 0x1})
openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x101040, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r5 = io_uring_setup(0xfffffffe, &(0x7f0000000040)={0x0, 0x841b, 0x20000, 0x8, 0xc1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000280)={&(0x7f00004da000/0x3000)=nil, &(0x7f0000e1d000/0x3000)=nil, &(0x7f0000d9c000/0x3000)=nil, &(0x7f00005dc000/0x1000)=nil, &(0x7f0000045000/0x4000)=nil, &(0x7f0000e65000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00001c4000/0x3000)=nil, &(0x7f00006d8000/0x4000)=nil, &(0x7f0000319000/0x1000)=nil, &(0x7f0000ff7000/0x6000)=nil, &(0x7f0000000400)="2eef4d840a63a94850da9a566385c6523d6133f81445b8ca4b9e6ec0e9ad736d110a6261b84f2d7d99fa868f704b7aee41046d658139ffb5eada09381e5af0984f68fba92086c10a83ab9b49a1bfcddddc0fcdc2ef7cb421f77fb8b9367cff6e70119d56fbaa2ce0dddd044b77cf2a0edfcefab45220d75f564ddaf6169f65f6464061b1d9ff4b6e", 0x88}, 0x68)
setsockopt$inet_sctp_SCTP_INITMSG(r2, 0x84, 0x2, &(0x7f0000000180)={0x5, 0x3, 0x9, 0x1}, 0x8)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000ffff1a40d8048200b7ce010282970902120001000000000904000000020201"], 0x0)
io_uring_setup(0x598, 0x0)
io_uring_enter(r5, 0x2219, 0x7721, 0x16, 0x0, 0x0)
close(0x3)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300), 0x4)

3m2.076165557s ago: executing program 43 (id=16099):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000001, 0x31, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x9, 0x800)
ioctl$EVIOCGPHYS(r0, 0x80404507, &(0x7f0000000080)=""/74)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x1, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0101000000000000000002000000090001"], 0xa0}}, 0x8040)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001800efe000000000000000000ae0000000000000000000000c"], 0x3c}, 0x1, 0x11}, 0x0)
syz_clone(0x20000200, 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff}, 0x800)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x66083000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x27c})
r4 = epoll_create(0x80)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000000)={0x20002002})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f00000003c0)={{&(0x7f0000157000/0x2000)=nil, 0x2000}, 0x1})
openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x101040, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r5 = io_uring_setup(0xfffffffe, &(0x7f0000000040)={0x0, 0x841b, 0x20000, 0x8, 0xc1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000280)={&(0x7f00004da000/0x3000)=nil, &(0x7f0000e1d000/0x3000)=nil, &(0x7f0000d9c000/0x3000)=nil, &(0x7f00005dc000/0x1000)=nil, &(0x7f0000045000/0x4000)=nil, &(0x7f0000e65000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00001c4000/0x3000)=nil, &(0x7f00006d8000/0x4000)=nil, &(0x7f0000319000/0x1000)=nil, &(0x7f0000ff7000/0x6000)=nil, &(0x7f0000000400)="2eef4d840a63a94850da9a566385c6523d6133f81445b8ca4b9e6ec0e9ad736d110a6261b84f2d7d99fa868f704b7aee41046d658139ffb5eada09381e5af0984f68fba92086c10a83ab9b49a1bfcddddc0fcdc2ef7cb421f77fb8b9367cff6e70119d56fbaa2ce0dddd044b77cf2a0edfcefab45220d75f564ddaf6169f65f6464061b1d9ff4b6e", 0x88}, 0x68)
setsockopt$inet_sctp_SCTP_INITMSG(r2, 0x84, 0x2, &(0x7f0000000180)={0x5, 0x3, 0x9, 0x1}, 0x8)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000ffff1a40d8048200b7ce010282970902120001000000000904000000020201"], 0x0)
io_uring_setup(0x598, 0x0)
io_uring_enter(r5, 0x2219, 0x7721, 0x16, 0x0, 0x0)
close(0x3)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300), 0x4)

10.907640509s ago: executing program 1 (id=16819):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000600)={{0xa, 0x0, 0x8, @local}, {0xa, 0x0, 0x0, @empty}, 0x1}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd3, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @empty}, 0x1, {[0x0, 0x0, 0x0, 0x0, 0x0, 0xe3]}}, 0x5c)

10.784154544s ago: executing program 1 (id=16820):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xe)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r1, 0x40047459, 0x0)

10.62904204s ago: executing program 1 (id=16821):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, 0x0, 0x0)

10.402993382s ago: executing program 1 (id=16823):
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000000000001860000000000000e9ff00000400000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001800000000000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYRES32, @ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c25"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
r2 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r1}, 0x8)
close(r2)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$LINK_DETACH(0x22, 0x0, 0x0)

10.043230503s ago: executing program 8 (id=16827):
r0 = socket(0x2, 0x80805, 0x0)
shutdown(0xffffffffffffffff, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000200)={<r1=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x7a, &(0x7f0000000340)={r1, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30, 0x180}], 0x1, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000002780)={r1}, &(0x7f0000002340)=0x8)

9.852518058s ago: executing program 8 (id=16830):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000100000000000000", @ANYRES32=0x1], 0x50)
r2 = socket$kcm(0xa, 0x5, 0x0)
r3 = socket$kcm(0x2, 0x5, 0x84)
setsockopt$sock_attach_bpf(r3, 0x84, 0x1e, &(0x7f0000000240), 0x4)
r4 = socket$kcm(0xa, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8916, &(0x7f0000000000)={r4})
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8936, &(0x7f0000000000)={r4})

9.319389679s ago: executing program 8 (id=16836):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020047b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000020000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r1}, 0x18)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)

9.164590685s ago: executing program 8 (id=16838):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00'}, 0x10)
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f0000000200)='.\x00', 0x10000a0)

8.973892931s ago: executing program 5 (id=16841):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0x72)

8.863940325s ago: executing program 8 (id=16844):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="19000000040000000800000005"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r3, r1, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0xae, &(0x7f0000000280)=ANY=[], 0x0)

8.750147905s ago: executing program 7 (id=16846):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
r2 = socket$kcm(0x29, 0x2, 0x0)
close(r2)

8.663379981s ago: executing program 7 (id=16847):
r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4}, 0x0, &(0x7f0000000580)=<r1=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(0x0, r1, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x49, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x6e2, 0x3900, 0x3, 0x0, 0x0)

8.439397922s ago: executing program 7 (id=16848):
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r0=>0x0})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x20681, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
sendmsg$IEEE802154_START_REQ(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000ac0)=ANY=[@ANYBLOB='L\x00\x00', @ANYRES16=0x0, @ANYBLOB="010000000000000000000d00000006000800000000000500070012000000050018007f000000050017000000000006000a00ffff0000050019000400000005001a0000000000847ea36c"], 0x4c}, 0x1, 0x0, 0x0, 0x18000}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000300)='kfree\x00', r5}, 0x18)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000e80)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x0, 0x18c, 0x203, 0x320, 0x19030000, 0x410, 0x2e0, 0x2e0, 0x410, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x2, 'syz0\x00', {0x8001}}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz0\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f00000009c0), 0xffffffffffffffff)
sendmsg$NFC_CMD_DEP_LINK_DOWN(0xffffffffffffffff, &(0x7f0000000a80)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80002001}, 0xc, &(0x7f0000000a40)={&(0x7f0000000200)=ANY=[@ANYBLOB='\t\x00\x00\x00', @ANYRES16=r7, @ANYRESOCT=r0], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4024001)
r8 = socket$unix(0x1, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b4050000000000006910680000000000bc001000000000009500000000000000ef4f7c81f5427c16bd2aacf32cdbb47063fd9a7bb1f3ad622c3261f324e081c0ea39bd16d9869302cc08fbd94867708cb208e22cc0ad536525e3b39869285c126353f6a49bc5abc6b9a4eab313655286ee33a56f03b665dd5f1739bda6accc3b9b0d26450d3161263aed01194269a5fba4553bb18fa1f37e2f68a8ef81f090829d0ee04b52611a41642b31a6fe2653171379cc327fc11e38418b589777f8c8ddcbf88df947a05937ea"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f00000004c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x7}, 0x10}, 0x94)
bind$unix(r8, &(0x7f0000000180)=@file={0x1}, 0x6e)
r9 = socket$unix(0x1, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff})
splice(r11, 0x0, r13, 0x0, 0x1, 0x0)
vmsplice(r12, &(0x7f00000005c0)=[{&(0x7f0000000180)="04", 0x1}], 0x1, 0x6)
write(r10, &(0x7f0000000280)="8e", 0x1)
connect$unix(r9, &(0x7f0000000000)=@file={0x1}, 0x6e)
connect$unix(r9, 0x0, 0x0)
close(r8)
readv(r4, &(0x7f0000000180)=[{&(0x7f0000000000)=""/24, 0xfd90}], 0x1)
fcntl$dupfd(r4, 0x406, r4)

8.123742161s ago: executing program 8 (id=16849):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="02000000040000000800000001", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
unshare(0x64000680)

8.074658304s ago: executing program 5 (id=16850):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')

7.975231636s ago: executing program 5 (id=16851):
r0 = socket(0x2, 0x80805, 0x0)
shutdown(0xffffffffffffffff, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000200)={<r1=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x7a, &(0x7f0000000340)={r1, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30, 0x180}], 0x1, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000002780)={r1}, &(0x7f0000002340)=0x8)

7.735154221s ago: executing program 5 (id=16852):
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000002480)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffffff, 0x0, 0x4)

6.979102931s ago: executing program 5 (id=16853):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)

6.382476255s ago: executing program 7 (id=16855):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
munlock(&(0x7f00009af000/0x1000)=nil, 0x1000)

6.139237561s ago: executing program 7 (id=16857):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
r1 = socket$kcm(0x29, 0x2, 0x0)
close(r1)

5.991430742s ago: executing program 5 (id=16858):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x14)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x1)

5.75680547s ago: executing program 7 (id=16859):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x3c, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
syz_clone(0x40042700, 0x0, 0x0, 0x0, 0x0, 0x0)

5.580581404s ago: executing program 9 (id=16861):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x36e084fcb6392193, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')

4.283807593s ago: executing program 9 (id=16862):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={<r1=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x7a, &(0x7f0000000340)={r1, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30, 0x180}], 0x1, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000002780)={r1}, &(0x7f0000002340)=0x8)

3.863168833s ago: executing program 9 (id=16863):
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0, 0x4)

3.841285908s ago: executing program 9 (id=16864):
r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000900), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000940)={0x4c, r0, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x69, 0xb, 0x8}, {0x6, 0x11, 0xa}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x10)

3.773460873s ago: executing program 9 (id=16865):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.3858139s ago: executing program 9 (id=16866):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_getscheduler(r0)
sched_setaffinity(r0, 0x8, &(0x7f0000000000)=0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_switch\x00', r4}, 0xe)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r6, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1b}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x20000054)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000007000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB="000000020000000000000000000000008ca60000", @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_clone(0x200400, 0x0, 0x0, 0x0, 0x0, 0x0)

1.326737241s ago: executing program 1 (id=16867):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00')
getdents(r0, 0x0, 0x0)

0s ago: executing program 1 (id=16868):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @dev={0xfe, 0x80, '\x00', 0x1d}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x11, 0x0, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x3, 0x28, 0x0, 0x0, 0x8, 0x6, 0x0, @remote, @local}, {{0x4e23, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x8000, 0x0, 0xfffc}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

.3a
[ 2766.595487][ T1133] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2766.595511][ T1133] usb 9-1: Product: syz
[ 2766.595527][ T1133] usb 9-1: Manufacturer: syz
[ 2766.595545][ T1133] usb 9-1: SerialNumber: syz
[ 2766.733176][ T1133] uvcvideo 9-1:135.230: probe with driver uvcvideo failed with error -22
[ 2767.137061][T18143] netlink: 'syz.9.16030': attribute type 1 has an invalid length.
[ 2767.448181][T18148] tipc: Can't bind to reserved service type 0
[ 2767.567706][ T1133] usb 9-1: USB disconnect, device number 67
[ 2767.650203][T18146] virtio-fs: tag </dev/md0> not found
[ 2767.848568][T18154] vcan0: tx drop: invalid da for name 0x0000000000000003
[ 2768.112361][T18162] No control pipe specified
[ 2768.143215][T18166] loop6: detected capacity change from 0 to 7
[ 2768.227049][T18166] Dev loop6: unable to read RDB block 7
[ 2768.227102][T18166]  loop6: unable to read partition table
[ 2768.227361][T18166] loop6: partition table beyond EOD, truncated
[ 2768.227382][T18166] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 2768.790253][T18155] delete_channel: no stack
[ 2769.025009][T11424] usb 3-1: new high-speed USB device number 108 using dummy_hcd
[ 2774.622495][T11424] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 2774.622527][T11424] usb 3-1: config 0 has no interface number 0
[ 2774.622581][T11424] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2774.622608][T11424] usb 3-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2774.622657][T11424] usb 3-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00
[ 2774.622685][T11424] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2774.835700][T11424] usb 3-1: config 0 descriptor??
[ 2774.847826][T11424] usb 3-1: can't set config #0, error -71
[ 2774.864476][T11424] usb 3-1: USB disconnect, device number 108
[ 2775.364975][T11424] usb 3-1: new high-speed USB device number 109 using dummy_hcd
[ 2775.515073][T11424] usb 3-1: Using ep0 maxpacket: 8
[ 2775.517779][T11424] usb 3-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2775.517815][T11424] usb 3-1: config 0 interface 0 has no altsetting 0
[ 2775.517854][T11424] usb 3-1: New USB device found, idVendor=1b1c, idProduct=0a1f, bcdDevice= 0.00
[ 2775.517882][T11424] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2775.523642][T11424] usb 3-1: config 0 descriptor??
[ 2775.564893][ T9036] usb 9-1: new high-speed USB device number 68 using dummy_hcd
[ 2775.714699][ T9036] usb 9-1: Using ep0 maxpacket: 32
[ 2775.718992][ T9036] usb 9-1: unable to read config index 0 descriptor/start: -61
[ 2775.719033][ T9036] usb 9-1: can't read configurations, error -61
[ 2775.875036][ T9036] usb 9-1: new high-speed USB device number 69 using dummy_hcd
[ 2776.024411][ T9036] usb 9-1: Using ep0 maxpacket: 32
[ 2776.032172][ T9036] usb 9-1: unable to read config index 0 descriptor/start: -61
[ 2776.032222][ T9036] usb 9-1: can't read configurations, error -61
[ 2776.034024][ T9036] usb usb9-port1: attempt power cycle
[ 2776.201536][T11424] usbhid 3-1:0.0: can't add hid device: -71
[ 2776.201695][T11424] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 2776.221280][T11424] usb 3-1: USB disconnect, device number 109
[ 2776.264844][T18205] netlink: 'syz.1.16055': attribute type 1 has an invalid length.
[ 2776.405944][ T9036] usb 9-1: new high-speed USB device number 70 using dummy_hcd
[ 2776.426004][ T9036] usb 9-1: Using ep0 maxpacket: 32
[ 2776.429125][ T9036] usb 9-1: unable to read config index 0 descriptor/start: -61
[ 2776.429180][ T9036] usb 9-1: can't read configurations, error -61
[ 2776.584956][ T9036] usb 9-1: new high-speed USB device number 71 using dummy_hcd
[ 2776.605350][ T9036] usb 9-1: Using ep0 maxpacket: 32
[ 2776.607778][ T9036] usb 9-1: unable to read config index 0 descriptor/start: -61
[ 2776.607817][ T9036] usb 9-1: can't read configurations, error -61
[ 2776.608290][ T9036] usb usb9-port1: unable to enumerate USB device
[ 2776.814933][T11424] usb 10-1: new high-speed USB device number 82 using dummy_hcd
[ 2776.893170][T18230] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2776.964904][T11424] usb 10-1: Using ep0 maxpacket: 8
[ 2776.967392][T11424] usb 10-1: config 135 has an invalid interface number: 230 but max is 0
[ 2776.967423][T11424] usb 10-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[ 2776.967446][T11424] usb 10-1: config 135 has no interface number 0
[ 2776.967484][T11424] usb 10-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30
[ 2776.967534][T11424] usb 10-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[ 2776.967568][T11424] usb 10-1: config 135 interface 230 has no altsetting 0
[ 2776.971592][T11424] usb 10-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[ 2776.971624][T11424] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2776.971647][T11424] usb 10-1: Product: syz
[ 2776.971664][T11424] usb 10-1: Manufacturer: syz
[ 2776.971681][T11424] usb 10-1: SerialNumber: syz
[ 2776.983122][T18227] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2777.053105][T18229] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2777.110378][T11424] uvcvideo 10-1:135.230: probe with driver uvcvideo failed with error -22
[ 2777.334794][ T5871] usb 10-1: USB disconnect, device number 82
[ 2778.274094][T18236] delete_channel: no stack
[ 2778.326721][T17224] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2778.368228][T17224] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2778.370233][T17224] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2778.389342][T17224] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2778.393969][T17224] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2778.659593][T18253] random: crng reseeded on system resumption
[ 2778.777464][   T37] kauditd_printk_skb: 30 callbacks suppressed
[ 2778.777484][   T37] audit: type=1326 audit(1762608682.737:3959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18255 comm="syz.8.16070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2778.777834][   T37] audit: type=1326 audit(1762608682.737:3960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18255 comm="syz.8.16070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2778.778036][   T37] audit: type=1326 audit(1762608682.737:3961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18255 comm="syz.8.16070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2778.778349][   T37] audit: type=1326 audit(1762608682.737:3962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18255 comm="syz.8.16070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2778.778612][   T37] audit: type=1326 audit(1762608682.737:3963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18255 comm="syz.8.16070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2778.779190][   T37] audit: type=1326 audit(1762608682.737:3964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18255 comm="syz.8.16070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2778.779246][   T37] audit: type=1326 audit(1762608682.737:3965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18255 comm="syz.8.16070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2778.779575][   T37] audit: type=1326 audit(1762608682.737:3966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18255 comm="syz.8.16070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2778.779768][   T37] audit: type=1326 audit(1762608682.737:3967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18255 comm="syz.8.16070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2778.780759][   T37] audit: type=1326 audit(1762608682.737:3968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18255 comm="syz.8.16070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2779.619858][T32456] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 2779.619899][T32456] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2780.120520][T32456] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 2780.120561][T32456] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2780.243423][T18286] random: crng reseeded on system resumption
[ 2780.384395][ T5871] usb 3-1: new high-speed USB device number 110 using dummy_hcd
[ 2780.500309][ T5817] Bluetooth: hci3: command tx timeout
[ 2780.509934][T18288] netlink: 36 bytes leftover after parsing attributes in process `syz.1.16080'.
[ 2780.509970][T18288] netlink: 36 bytes leftover after parsing attributes in process `syz.1.16080'.
[ 2780.510063][T18288] netlink: 36 bytes leftover after parsing attributes in process `syz.1.16080'.
[ 2780.544368][ T5871] usb 3-1: Using ep0 maxpacket: 8
[ 2780.552799][ T5871] usb 3-1: config 135 has an invalid interface number: 230 but max is 0
[ 2780.552829][ T5871] usb 3-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[ 2780.552852][ T5871] usb 3-1: config 135 has no interface number 0
[ 2780.552892][ T5871] usb 3-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30
[ 2780.552943][ T5871] usb 3-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[ 2780.552976][ T5871] usb 3-1: config 135 interface 230 has no altsetting 0
[ 2780.564413][ T5871] usb 3-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[ 2780.564447][ T5871] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2780.564481][ T5871] usb 3-1: Product: syz
[ 2780.564498][ T5871] usb 3-1: Manufacturer: syz
[ 2780.564515][ T5871] usb 3-1: SerialNumber: syz
[ 2780.936399][ T5871] uvcvideo 3-1:135.230: probe with driver uvcvideo failed with error -22
[ 2780.962357][T18277] delete_channel: no stack
[ 2781.248426][T32456] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 2781.248463][T32456] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2781.300331][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[ 2781.354448][ T5871] usb 3-1: USB disconnect, device number 110
[ 2782.033414][T32456] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 2782.033456][T32456] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2782.309631][T18244] chnl_net:caif_netlink_parms(): no params data found
[ 2782.602513][ T5817] Bluetooth: hci3: command tx timeout
[ 2784.625936][T18244] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2784.635570][T18244] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2784.647703][T18244] bridge_slave_0: entered allmulticast mode
[ 2784.727236][ T5817] Bluetooth: hci3: command tx timeout
[ 2785.116396][T18244] bridge_slave_0: entered promiscuous mode
[ 2785.155958][ T1133] usb 9-1: new high-speed USB device number 72 using dummy_hcd
[ 2785.179515][T18244] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2785.179611][T18244] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2785.179805][T18244] bridge_slave_1: entered allmulticast mode
[ 2785.199057][T18244] bridge_slave_1: entered promiscuous mode
[ 2785.284902][ T1133] usb 9-1: device descriptor read/64, error -71
[ 2785.357283][T32456] bridge_slave_1: left allmulticast mode
[ 2785.357311][T32456] bridge_slave_1: left promiscuous mode
[ 2785.357535][T32456] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2785.420492][T18353] random: crng reseeded on system resumption
[ 2785.460585][T32456] bridge_slave_0: left allmulticast mode
[ 2785.460946][T32456] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2785.535186][ T1133] usb 9-1: new high-speed USB device number 73 using dummy_hcd
[ 2785.664988][ T1133] usb 9-1: device descriptor read/64, error -71
[ 2785.777449][ T1133] usb usb9-port1: attempt power cycle
[ 2785.881182][T11424] usb 3-1: new high-speed USB device number 111 using dummy_hcd
[ 2786.129041][ T1133] usb 9-1: new high-speed USB device number 74 using dummy_hcd
[ 2786.737689][ T1133] usb 9-1: device descriptor read/8, error -71
[ 2786.847687][ T5817] Bluetooth: hci3: command tx timeout
[ 2786.879209][T11424] usb 3-1: device descriptor read/64, error -71
[ 2786.985586][ T1133] usb 9-1: new high-speed USB device number 75 using dummy_hcd
[ 2787.007000][ T1133] usb 9-1: device descriptor read/8, error -71
[ 2787.114898][T11424] usb 3-1: new high-speed USB device number 112 using dummy_hcd
[ 2787.115544][ T1133] usb usb9-port1: unable to enumerate USB device
[ 2787.284433][T11424] usb 3-1: device descriptor read/64, error -71
[ 2787.394645][T11424] usb usb3-port1: attempt power cycle
[ 2787.752581][T11424] usb 3-1: new high-speed USB device number 113 using dummy_hcd
[ 2788.966232][T18376] delete_channel: no stack
[ 2790.745909][T32456] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2790.805217][T32456] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2790.833085][T32456] bond0 (unregistering): Released all slaves
[ 2790.853524][T32456] bond1 (unregistering): Released all slaves
[ 2790.854373][T10290] usb 9-1: new high-speed USB device number 76 using dummy_hcd
[ 2790.876577][T32456] bond2 (unregistering): Released all slaves
[ 2790.900724][T32456] bond3 (unregistering): Released all slaves
[ 2790.925151][T32456] bond4 (unregistering): Released all slaves
[ 2790.984399][T10290] usb 9-1: device descriptor read/64, error -71
[ 2791.242817][T18390] syzkaller0: tun_chr_ioctl cmd 1074025677
[ 2791.243032][T18390] syzkaller0: linktype set to 774
[ 2791.244392][T10290] usb 9-1: new high-speed USB device number 77 using dummy_hcd
[ 2791.310240][T32456] : left promiscuous mode
[ 2791.384369][T10290] usb 9-1: device descriptor read/64, error -71
[ 2791.473452][T18244] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2791.494756][T10290] usb usb9-port1: attempt power cycle
[ 2791.503186][T18244] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2791.874355][T10290] usb 9-1: new high-speed USB device number 78 using dummy_hcd
[ 2791.895240][T10290] usb 9-1: device descriptor read/8, error -71
[ 2792.142840][T10290] usb 9-1: new high-speed USB device number 79 using dummy_hcd
[ 2792.189999][T10290] usb 9-1: device descriptor read/8, error -71
[ 2792.294740][T10290] usb usb9-port1: unable to enumerate USB device
[ 2792.300869][T18244] team0: Port device team_slave_0 added
[ 2792.403534][T18244] team0: Port device team_slave_1 added
[ 2792.426023][ T5979] usb 10-1: new high-speed USB device number 83 using dummy_hcd
[ 2792.627351][ T5979] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[ 2792.627386][ T5979] usb 10-1: config 0 has no interface number 0
[ 2792.627499][ T5979] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2792.627526][ T5979] usb 10-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2792.627575][ T5979] usb 10-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00
[ 2792.627662][ T5979] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2792.643123][ T5979] usb 10-1: config 0 descriptor??
[ 2792.688132][ T5979] usbhid 10-1:0.1: couldn't find an input interrupt endpoint
[ 2792.691283][T18413] FAULT_INJECTION: forcing a failure.
[ 2792.691283][T18413] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2792.691360][T18413] CPU: 0 UID: 0 PID: 18413 Comm: syz.1.16120 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2792.691388][T18413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2792.691404][T18413] Call Trace:
[ 2792.691412][T18413]  <TASK>
[ 2792.691424][T18413]  dump_stack_lvl+0x189/0x250
[ 2792.691467][T18413]  ? __pfx____ratelimit+0x10/0x10
[ 2792.691505][T18413]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2792.691547][T18413]  ? __pfx__printk+0x10/0x10
[ 2792.691602][T18413]  should_fail_ex+0x46c/0x600
[ 2792.691646][T18413]  _copy_to_user+0x31/0xb0
[ 2792.691680][T18413]  simple_read_from_buffer+0xe1/0x170
[ 2792.691731][T18413]  proc_fail_nth_read+0x1b6/0x220
[ 2792.691765][T18413]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2792.691798][T18413]  ? rw_verify_area+0x2ac/0x4e0
[ 2792.691831][T18413]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2792.691861][T18413]  vfs_read+0x206/0xa30
[ 2792.691904][T18413]  ? __pfx_vfs_read+0x10/0x10
[ 2792.691934][T18413]  ? do_sys_openat2+0x154/0x1c0
[ 2792.691960][T18413]  ? kmem_cache_free+0x19a/0x910
[ 2792.691994][T18413]  ? do_sys_openat2+0x154/0x1c0
[ 2792.692027][T18413]  ? do_sys_openat2+0x154/0x1c0
[ 2792.692065][T18413]  ksys_read+0x14b/0x260
[ 2792.692101][T18413]  ? __pfx_ksys_read+0x10/0x10
[ 2792.692139][T18413]  ? do_syscall_64+0xbe/0xfa0
[ 2792.692182][T18413]  do_syscall_64+0xfa/0xfa0
[ 2792.692223][T18413]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2792.692260][T18413]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2792.692287][T18413]  ? clear_bhb_loop+0x60/0xb0
[ 2792.692318][T18413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2792.692345][T18413] RIP: 0033:0x7fceb9fae0dc
[ 2792.692370][T18413] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2792.692394][T18413] RSP: 002b:00007fceb820e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2792.692424][T18413] RAX: ffffffffffffffda RBX: 00007fceba205fa0 RCX: 00007fceb9fae0dc
[ 2792.692443][T18413] RDX: 000000000000000f RSI: 00007fceb820e0a0 RDI: 0000000000000003
[ 2792.692460][T18413] RBP: 00007fceb820e090 R08: 0000000000000000 R09: 0000000000000000
[ 2792.692477][T18413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2792.692494][T18413] R13: 00007fceba206038 R14: 00007fceba205fa0 R15: 00007ffe9c41e528
[ 2792.692536][T18413]  </TASK>
[ 2792.833801][T11424] usb 3-1: device descriptor read/8, error -110
[ 2793.097770][T11424] usb 3-1: new high-speed USB device number 114 using dummy_hcd
[ 2793.116092][T11424] usb 3-1: device descriptor read/8, error -32
[ 2793.226535][T11424] usb usb3-port1: unable to enumerate USB device
[ 2793.298964][T18244] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2793.298981][T18244] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2793.299005][T18244] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2793.444484][T32456] hsr_slave_0: left promiscuous mode
[ 2793.489568][T32456] hsr_slave_1: left promiscuous mode
[ 2793.490789][T32456] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2793.490818][T32456] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2793.545562][T32456] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2793.545607][T32456] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2793.635230][T32456] veth1_macvtap: left promiscuous mode
[ 2793.635314][T32456] veth0_macvtap: left promiscuous mode
[ 2793.635499][T32456] veth1_vlan: left promiscuous mode
[ 2793.635680][T32456] veth0_vlan: left promiscuous mode
[ 2794.034814][T32456] pimreg (unregistering): left allmulticast mode
[ 2795.246670][ T5979] usb 10-1: USB disconnect, device number 83
[ 2797.275153][T32456] team0 (unregistering): Port device team_slave_1 removed
[ 2797.595023][T32456] team0 (unregistering): Port device team_slave_0 removed
[ 2800.234180][T17224] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2800.253131][T17224] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2800.257693][T17224] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2800.258940][T17224] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2800.310870][T17224] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2801.476229][T18244] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2801.476244][T18244] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2801.476267][T18244] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2801.636219][T18421] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[ 2801.636268][T18421] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[ 2801.636291][T18421] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 2801.990197][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2802.355500][ T5817] Bluetooth: hci5: command tx timeout
[ 2802.617252][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2802.629836][ T5898] usb 10-1: new high-speed USB device number 84 using dummy_hcd
[ 2802.651287][T18449] FAULT_INJECTION: forcing a failure.
[ 2802.651287][T18449] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2802.652758][T18449] CPU: 1 UID: 0 PID: 18449 Comm: syz.8.16131 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2802.652795][T18449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2802.652807][T18449] Call Trace:
[ 2802.652815][T18449]  <TASK>
[ 2802.652822][T18449]  dump_stack_lvl+0x189/0x250
[ 2802.652864][T18449]  ? __pfx____ratelimit+0x10/0x10
[ 2802.652898][T18449]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2802.652935][T18449]  ? __pfx__printk+0x10/0x10
[ 2802.652979][T18449]  should_fail_ex+0x46c/0x600
[ 2802.653007][T18449]  _copy_to_user+0x31/0xb0
[ 2802.653036][T18449]  simple_read_from_buffer+0xe1/0x170
[ 2802.653076][T18449]  proc_fail_nth_read+0x1b6/0x220
[ 2802.653107][T18449]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2802.653134][T18449]  ? rw_verify_area+0x2ac/0x4e0
[ 2802.653161][T18449]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2802.653180][T18449]  vfs_read+0x206/0xa30
[ 2802.653213][T18449]  ? __pfx_vfs_read+0x10/0x10
[ 2802.653240][T18449]  ? try_to_take_rt_mutex+0x7fd/0xac0
[ 2802.653279][T18449]  ? mutex_lock_nested+0x154/0x1d0
[ 2802.653303][T18449]  ? fdget_pos+0x253/0x320
[ 2802.653343][T18449]  ksys_read+0x14b/0x260
[ 2802.653366][T18449]  ? __pfx_ksys_read+0x10/0x10
[ 2802.653409][T18449]  ? do_syscall_64+0xbe/0xfa0
[ 2802.653449][T18449]  do_syscall_64+0xfa/0xfa0
[ 2802.653480][T18449]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2802.653512][T18449]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2802.653529][T18449]  ? clear_bhb_loop+0x60/0xb0
[ 2802.653559][T18449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2802.653584][T18449] RIP: 0033:0x7f8e83dde0dc
[ 2802.653606][T18449] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2802.653626][T18449] RSP: 002b:00007f8e82025030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2802.653651][T18449] RAX: ffffffffffffffda RBX: 00007f8e84036090 RCX: 00007f8e83dde0dc
[ 2802.653668][T18449] RDX: 000000000000000f RSI: 00007f8e820250a0 RDI: 0000000000000003
[ 2802.653682][T18449] RBP: 00007f8e82025090 R08: 0000000000000000 R09: 0000000000000000
[ 2802.653696][T18449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2802.653706][T18449] R13: 00007f8e84036128 R14: 00007f8e84036090 R15: 00007ffd158b35c8
[ 2802.653738][T18449]  </TASK>
[ 2802.699357][T18244] hsr_slave_0: entered promiscuous mode
[ 2802.724543][T18244] hsr_slave_1: entered promiscuous mode
[ 2802.725837][T18244] debugfs: 'hsr0' already exists in 'hsr'
[ 2802.725872][T18244] Cannot create hsr debugfs directory
[ 2802.845542][ T5898] usb 10-1: Using ep0 maxpacket: 32
[ 2802.856244][ T5898] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2802.877272][ T5898] usb 10-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 2802.877307][ T5898] usb 10-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 2802.877330][ T5898] usb 10-1: Product: syz
[ 2802.877347][ T5898] usb 10-1: Manufacturer: syz
[ 2802.877365][ T5898] usb 10-1: SerialNumber: syz
[ 2803.035700][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2803.044713][ T5898] usb 10-1: config 0 descriptor??
[ 2803.062736][ T5898] hub 10-1:0.0: bad descriptor, ignoring hub
[ 2803.062780][ T5898] hub 10-1:0.0: probe with driver hub failed with error -5
[ 2803.150662][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2803.272570][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2803.425139][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2803.434974][ T5898] usb 10-1: USB disconnect, device number 84
[ 2803.523726][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2803.643249][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2803.922799][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2804.079998][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2804.494759][ T5817] Bluetooth: hci5: command tx timeout
[ 2804.796646][T18460] delete_channel: no stack
[ 2804.989467][T18469] syzkaller0: tun_chr_ioctl cmd 1074025677
[ 2804.989612][T18469] syzkaller0: linktype set to 774
[ 2805.146023][ T7134] usb 9-1: new high-speed USB device number 80 using dummy_hcd
[ 2805.264396][ T5871] usb 10-1: new high-speed USB device number 85 using dummy_hcd
[ 2805.314609][ T7134] usb 9-1: device descriptor read/64, error -71
[ 2805.353385][T32456] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2805.434318][ T5871] usb 10-1: Using ep0 maxpacket: 8
[ 2805.436497][ T5871] usb 10-1: config 135 has an invalid interface number: 230 but max is 0
[ 2805.436524][ T5871] usb 10-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[ 2805.436543][ T5871] usb 10-1: config 135 has no interface number 0
[ 2805.436573][ T5871] usb 10-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30
[ 2805.436623][ T5871] usb 10-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[ 2805.436649][ T5871] usb 10-1: config 135 interface 230 has no altsetting 0
[ 2805.441668][ T5871] usb 10-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[ 2805.441700][ T5871] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2805.441720][ T5871] usb 10-1: Product: syz
[ 2805.441735][ T5871] usb 10-1: Manufacturer: syz
[ 2805.441750][ T5871] usb 10-1: SerialNumber: syz
[ 2805.558594][ T5871] uvcvideo 10-1:135.230: probe with driver uvcvideo failed with error -22
[ 2805.624373][ T7134] usb 9-1: new high-speed USB device number 81 using dummy_hcd
[ 2805.754660][ T7134] usb 9-1: device descriptor read/64, error -71
[ 2805.766013][ T5898] usb 10-1: USB disconnect, device number 85
[ 2805.829005][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2805.858443][T32456] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2805.865907][ T7134] usb usb9-port1: attempt power cycle
[ 2805.982843][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2806.230393][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2806.237507][ T7134] usb 9-1: new high-speed USB device number 82 using dummy_hcd
[ 2806.253681][   T37] kauditd_printk_skb: 48 callbacks suppressed
[ 2806.253703][   T37] audit: type=1326 audit(1762608710.207:4017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18486 comm="syz.9.16142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2806.253844][   T37] audit: type=1326 audit(1762608710.207:4018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18486 comm="syz.9.16142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2806.254080][   T37] audit: type=1326 audit(1762608710.207:4019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18486 comm="syz.9.16142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2806.254568][   T37] audit: type=1326 audit(1762608710.207:4020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18486 comm="syz.9.16142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2806.254621][   T37] audit: type=1326 audit(1762608710.217:4021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18486 comm="syz.9.16142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2806.255668][   T37] audit: type=1326 audit(1762608710.217:4022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18486 comm="syz.9.16142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2806.255720][   T37] audit: type=1326 audit(1762608710.217:4023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18486 comm="syz.9.16142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2806.255771][   T37] audit: type=1326 audit(1762608710.217:4024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18486 comm="syz.9.16142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2806.256275][   T37] audit: type=1326 audit(1762608710.217:4025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18486 comm="syz.9.16142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2806.256561][   T37] audit: type=1326 audit(1762608710.217:4026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18486 comm="syz.9.16142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2806.266050][ T7134] usb 9-1: device descriptor read/8, error -71
[ 2806.505946][ T7134] usb 9-1: new high-speed USB device number 83 using dummy_hcd
[ 2806.515788][T32456] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2806.525394][ T7134] usb 9-1: device descriptor read/8, error -71
[ 2806.545282][T18437] chnl_net:caif_netlink_parms(): no params data found
[ 2806.585430][ T5817] Bluetooth: hci5: command tx timeout
[ 2806.644945][ T7134] usb usb9-port1: unable to enumerate USB device
[ 2807.457889][T32456] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2808.218355][T18498] delete_channel: no stack
[ 2808.453215][T18437] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2808.453400][T18437] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2808.453633][T18437] bridge_slave_0: entered allmulticast mode
[ 2808.465212][T18437] bridge_slave_0: entered promiscuous mode
[ 2808.484586][ T1133] usb 9-1: new high-speed USB device number 84 using dummy_hcd
[ 2808.526382][T18437] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2808.526588][T18437] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2808.526844][T18437] bridge_slave_1: entered allmulticast mode
[ 2808.529412][T18437] bridge_slave_1: entered promiscuous mode
[ 2808.649616][ T1133] usb 9-1: config 1 has an invalid descriptor of length 181, skipping remainder of the config
[ 2808.649792][ T1133] usb 9-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 2808.666271][ T1133] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[ 2808.666361][ T1133] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[ 2808.666412][ T1133] usb 9-1: Product: syz
[ 2808.666429][ T1133] usb 9-1: Manufacturer: syz
[ 2808.666446][ T1133] usb 9-1: SerialNumber: syz
[ 2809.538800][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2809.551824][T17224] Bluetooth: hci5: command tx timeout
[ 2809.551864][T17224] Bluetooth: hci2: command 0x0406 tx timeout
[ 2809.994497][T18437] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2810.107805][T18437] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2810.146405][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2810.736676][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2810.828557][T18244] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2811.067586][T18244] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2811.115808][T18437] team0: Port device team_slave_0 added
[ 2811.119981][T32456] bridge_slave_1: left allmulticast mode
[ 2811.120013][T32456] bridge_slave_1: left promiscuous mode
[ 2811.120718][T32456] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2811.149804][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2811.172689][ T1133] usb 9-1: USB disconnect, device number 84
[ 2811.245609][T32456] bridge_slave_0: left allmulticast mode
[ 2811.245830][T32456] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2811.354373][ T5979] usb 10-1: new high-speed USB device number 86 using dummy_hcd
[ 2811.504384][ T5979] usb 10-1: Using ep0 maxpacket: 8
[ 2811.506613][ T5979] usb 10-1: config 135 has an invalid interface number: 230 but max is 0
[ 2811.506634][ T5979] usb 10-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[ 2811.506650][ T5979] usb 10-1: config 135 has no interface number 0
[ 2811.506675][ T5979] usb 10-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30
[ 2811.506705][ T5979] usb 10-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[ 2811.506726][ T5979] usb 10-1: config 135 interface 230 has no altsetting 0
[ 2811.509153][ T5979] usb 10-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[ 2811.509179][ T5979] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2811.509195][ T5979] usb 10-1: Product: syz
[ 2811.509206][ T5979] usb 10-1: Manufacturer: syz
[ 2811.509218][ T5979] usb 10-1: SerialNumber: syz
[ 2811.520359][ T5979] uvcvideo 10-1:135.230: probe with driver uvcvideo failed with error -22
[ 2811.880927][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2811.980136][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2812.050905][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2812.361978][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2812.589201][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2812.755720][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2812.910215][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2812.987273][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.135088][T32456] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2814.196624][T32456] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2814.238308][T32456] bond0 (unregistering): Released all slaves
[ 2814.284896][T18244] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2814.371209][T18437] team0: Port device team_slave_1 added
[ 2814.387368][T32456] : left promiscuous mode
[ 2814.408623][T13088] usb 10-1: USB disconnect, device number 86
[ 2814.492658][T18244] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2815.004318][T13088] usb 10-1: new high-speed USB device number 87 using dummy_hcd
[ 2815.052022][T18543] delete_channel: no stack
[ 2815.194384][T13088] usb 10-1: Using ep0 maxpacket: 8
[ 2815.197104][T13088] usb 10-1: config 135 has an invalid interface number: 230 but max is 0
[ 2815.197134][T13088] usb 10-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[ 2815.197159][T13088] usb 10-1: config 135 has no interface number 0
[ 2815.197197][T13088] usb 10-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30
[ 2815.197247][T13088] usb 10-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[ 2815.197280][T13088] usb 10-1: config 135 interface 230 has no altsetting 0
[ 2815.203595][T13088] usb 10-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[ 2815.203627][T13088] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2815.203650][T13088] usb 10-1: Product: syz
[ 2815.203667][T13088] usb 10-1: Manufacturer: syz
[ 2815.203685][T13088] usb 10-1: SerialNumber: syz
[ 2815.231335][T13088] uvcvideo 10-1:135.230: probe with driver uvcvideo failed with error -22
[ 2815.447472][ T5979] usb 10-1: USB disconnect, device number 87
[ 2816.367877][T18437] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2816.367898][T18437] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2816.367928][T18437] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2816.374039][T18437] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2816.374058][T18437] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2816.374089][T18437] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2817.743729][   T37] kauditd_printk_skb: 35 callbacks suppressed
[ 2817.743751][   T37] audit: type=1326 audit(1762608721.697:4062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18584 comm="syz.1.16169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb9faf6c9 code=0x7ffc0000
[ 2817.743910][   T37] audit: type=1326 audit(1762608721.697:4063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18584 comm="syz.1.16169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb9faf6c9 code=0x7ffc0000
[ 2817.744128][   T37] audit: type=1326 audit(1762608721.697:4064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18584 comm="syz.1.16169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7fceb9faf6c9 code=0x7ffc0000
[ 2817.823134][   T37] audit: type=1326 audit(1762608721.777:4065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18584 comm="syz.1.16169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb9faf6c9 code=0x7ffc0000
[ 2817.823203][   T37] audit: type=1326 audit(1762608721.777:4066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18584 comm="syz.1.16169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb9faf6c9 code=0x7ffc0000
[ 2817.823256][   T37] audit: type=1326 audit(1762608721.777:4067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18584 comm="syz.1.16169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fceb9faf6c9 code=0x7ffc0000
[ 2817.823305][   T37] audit: type=1326 audit(1762608721.777:4068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18584 comm="syz.1.16169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb9faf6c9 code=0x7ffc0000
[ 2817.823363][   T37] audit: type=1326 audit(1762608721.777:4069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18584 comm="syz.1.16169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fceb9faf6c9 code=0x7ffc0000
[ 2817.823412][   T37] audit: type=1326 audit(1762608721.777:4070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18584 comm="syz.1.16169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb9faf6c9 code=0x7ffc0000
[ 2817.823464][   T37] audit: type=1326 audit(1762608721.777:4071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18584 comm="syz.1.16169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fceb9faf6c9 code=0x7ffc0000
[ 2818.211403][T18437] hsr_slave_0: entered promiscuous mode
[ 2818.212909][T18437] hsr_slave_1: entered promiscuous mode
[ 2818.213952][T18437] debugfs: 'hsr0' already exists in 'hsr'
[ 2818.213981][T18437] Cannot create hsr debugfs directory
[ 2818.544638][T32456] hsr_slave_0: left promiscuous mode
[ 2818.585218][T32456] hsr_slave_1: left promiscuous mode
[ 2818.586277][T32456] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2818.586306][T32456] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2818.760519][T32456] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2818.760552][T32456] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2819.112698][T32456] veth1_macvtap: left promiscuous mode
[ 2819.112820][T32456] veth0_macvtap: left promiscuous mode
[ 2819.114976][T32456] veth1_vlan: left promiscuous mode
[ 2819.115188][T32456] veth0_vlan: left promiscuous mode
[ 2823.185143][T32456] team0 (unregistering): Port device team_slave_1 removed
[ 2823.525243][T32456] team0 (unregistering): Port device team_slave_0 removed
[ 2829.208811][T18639] netlink: 'syz.9.16189': attribute type 9 has an invalid length.
[ 2830.477082][   T37] kauditd_printk_skb: 47 callbacks suppressed
[ 2830.477103][   T37] audit: type=1326 audit(1762608734.437:4119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18650 comm="syz.9.16192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2830.477442][   T37] audit: type=1326 audit(1762608734.437:4120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18650 comm="syz.9.16192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2830.477649][   T37] audit: type=1326 audit(1762608734.437:4121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18650 comm="syz.9.16192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2830.477925][   T37] audit: type=1326 audit(1762608734.437:4122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18650 comm="syz.9.16192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2830.478404][   T37] audit: type=1326 audit(1762608734.437:4123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18650 comm="syz.9.16192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2830.480995][   T37] audit: type=1326 audit(1762608734.437:4124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18650 comm="syz.9.16192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2830.481055][   T37] audit: type=1326 audit(1762608734.437:4125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18650 comm="syz.9.16192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2830.481107][   T37] audit: type=1326 audit(1762608734.437:4126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18650 comm="syz.9.16192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2830.481159][   T37] audit: type=1326 audit(1762608734.437:4127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18650 comm="syz.9.16192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2830.481210][   T37] audit: type=1326 audit(1762608734.437:4128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18650 comm="syz.9.16192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2830.482220][T18244] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2830.893190][T18244] 8021q: adding VLAN 0 to HW filter on device team0
[ 2831.042006][T13863] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2831.042239][T13863] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2831.059075][ T1028] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2831.059228][ T1028] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2833.405990][T18437] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 2833.469855][T18437] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 2833.573903][T18437] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 2833.633131][T18437] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 2833.977664][T18244] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2835.406428][T18437] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2837.263678][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2837.340063][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2837.518396][T18437] 8021q: adding VLAN 0 to HW filter on device team0
[ 2837.522293][T18707] FAULT_INJECTION: forcing a failure.
[ 2837.522293][T18707] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2837.522331][T18707] CPU: 1 UID: 0 PID: 18707 Comm: syz.8.16209 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2837.522358][T18707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2837.522374][T18707] Call Trace:
[ 2837.522384][T18707]  <TASK>
[ 2837.522395][T18707]  dump_stack_lvl+0x189/0x250
[ 2837.522445][T18707]  ? __pfx____ratelimit+0x10/0x10
[ 2837.522483][T18707]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2837.522520][T18707]  ? __pfx__printk+0x10/0x10
[ 2837.522551][T18707]  ? __might_fault+0xb0/0x130
[ 2837.522599][T18707]  should_fail_ex+0x46c/0x600
[ 2837.522637][T18707]  _copy_from_user+0x2d/0xb0
[ 2837.522665][T18707]  __sys_bpf+0x1e3/0x860
[ 2837.522702][T18707]  ? __pfx___sys_bpf+0x10/0x10
[ 2837.522733][T18707]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 2837.522781][T18707]  ? ksys_write+0x230/0x260
[ 2837.522814][T18707]  ? __pfx_ksys_write+0x10/0x10
[ 2837.522851][T18707]  __x64_sys_bpf+0x7c/0x90
[ 2837.522883][T18707]  do_syscall_64+0xfa/0xfa0
[ 2837.522915][T18707]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2837.522949][T18707]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2837.522973][T18707]  ? clear_bhb_loop+0x60/0xb0
[ 2837.523003][T18707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2837.523026][T18707] RIP: 0033:0x7f8e83ddf6c9
[ 2837.523047][T18707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2837.523068][T18707] RSP: 002b:00007f8e82046038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2837.523093][T18707] RAX: ffffffffffffffda RBX: 00007f8e84035fa0 RCX: 00007f8e83ddf6c9
[ 2837.523111][T18707] RDX: 0000000000000010 RSI: 0000200000000bc0 RDI: 0000000000000011
[ 2837.523127][T18707] RBP: 00007f8e82046090 R08: 0000000000000000 R09: 0000000000000000
[ 2837.523142][T18707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2837.523157][T18707] R13: 00007f8e84036038 R14: 00007f8e84035fa0 R15: 00007ffd158b35c8
[ 2837.523196][T18707]  </TASK>
[ 2837.591750][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2837.863829][ T1028] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2837.863996][ T1028] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2837.877575][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2837.950321][T16169] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2837.950481][T16169] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2838.101148][T18716] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 2838.277055][T18716] VFS: Can't find a romfs filesystem on dev nullb0.
[ 2838.277055][T18716] 
[ 2839.156452][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2840.073234][T18437] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2840.532588][T18516] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2840.550052][T18516] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2840.569034][T18516] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2840.580956][T18516] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2840.584845][T18516] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2840.653227][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2840.672659][T18740] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 2840.673493][T18740] VFS: Can't find a romfs filesystem on dev nullb0.
[ 2840.673493][T18740] 
[ 2840.874855][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2841.129338][ T5817] Bluetooth: hci4: unexpected Set CIG Parameters response data
[ 2841.131090][ T5817] Bluetooth: hci4: unexpected event for opcode 0x2062
[ 2841.300512][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2841.533581][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2841.781566][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2842.412943][T18753] syzkaller0: tun_chr_ioctl cmd 1074025677
[ 2842.413122][T18753] syzkaller0: linktype set to 774
[ 2842.560202][T18756] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 2842.741477][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[ 2843.309250][ T5817] Bluetooth: hci0: command tx timeout
[ 2844.609960][T18774] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 2844.610538][T18774] VFS: Can't find a romfs filesystem on dev nullb0.
[ 2844.610538][T18774] 
[ 2844.708968][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2845.319339][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2845.351144][ T5817] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[ 2845.368667][ T5817] Bluetooth: hci4: Injecting HCI hardware error event
[ 2845.375417][T18516] Bluetooth: hci0: command tx timeout
[ 2845.385683][T18516] Bluetooth: hci4: hardware error 0x00
[ 2845.479374][ T5817] Bluetooth: hci2: unexpected Set CIG Parameters response data
[ 2845.481038][ T5817] Bluetooth: hci2: unexpected event for opcode 0x2062
[ 2845.810200][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2845.875286][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2846.000115][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2846.799046][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2847.186381][T18791] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 2847.187240][T18791] netlink: 8 bytes leftover after parsing attributes in process `syz.9.16230'.
[ 2847.222776][T18791] veth0_to_bond: entered allmulticast mode
[ 2847.454358][ T5817] Bluetooth: hci0: command tx timeout
[ 2847.832976][T18437] veth0_vlan: entered promiscuous mode
[ 2848.937253][T18516] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[ 2848.997380][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2849.082290][T18737] chnl_net:caif_netlink_parms(): no params data found
[ 2849.153907][T18437] veth1_vlan: entered promiscuous mode
[ 2849.271868][T13818] bridge_slave_1: left allmulticast mode
[ 2849.271901][T13818] bridge_slave_1: left promiscuous mode
[ 2849.272168][T13818] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2849.357384][T13818] bridge_slave_0: left allmulticast mode
[ 2849.357416][T13818] bridge_slave_0: left promiscuous mode
[ 2849.357685][T13818] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2849.372816][T18810] netlink: 16 bytes leftover after parsing attributes in process `syz.1.16236'.
[ 2849.534425][T18516] Bluetooth: hci0: command tx timeout
[ 2849.534495][T18516] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 2849.534671][T18516] Bluetooth: hci2: Injecting HCI hardware error event
[ 2849.536055][T18516] Bluetooth: hci2: hardware error 0x00
[ 2849.547611][T13088] usb 10-1: new high-speed USB device number 88 using dummy_hcd
[ 2849.714347][T13088] usb 10-1: Using ep0 maxpacket: 8
[ 2849.720238][T13088] usb 10-1: config 135 has an invalid interface number: 230 but max is 0
[ 2849.720273][T13088] usb 10-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[ 2849.720297][T13088] usb 10-1: config 135 has no interface number 0
[ 2849.720343][T13088] usb 10-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30
[ 2849.720394][T13088] usb 10-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[ 2849.720421][T13088] usb 10-1: config 135 interface 230 has no altsetting 0
[ 2849.723227][T13088] usb 10-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[ 2849.723258][T13088] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2849.723280][T13088] usb 10-1: Product: syz
[ 2849.723292][T13088] usb 10-1: Manufacturer: syz
[ 2849.723303][T13088] usb 10-1: SerialNumber: syz
[ 2849.817322][T13088] uvcvideo 10-1:135.230: probe with driver uvcvideo failed with error -22
[ 2849.866440][ T5979] usb 9-1: new high-speed USB device number 85 using dummy_hcd
[ 2850.024375][ T5979] usb 9-1: Using ep0 maxpacket: 8
[ 2850.027105][ T5979] usb 9-1: config 135 has an invalid interface number: 230 but max is 0
[ 2850.027133][ T5979] usb 9-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[ 2850.027154][ T5979] usb 9-1: config 135 has no interface number 0
[ 2850.027187][ T5979] usb 9-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30
[ 2850.027244][ T5979] usb 9-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[ 2850.027274][ T5979] usb 9-1: config 135 interface 230 has no altsetting 0
[ 2850.031047][ T5979] usb 9-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[ 2850.031079][ T5979] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2850.031109][ T5979] usb 9-1: Product: syz
[ 2850.031125][ T5979] usb 9-1: Manufacturer: syz
[ 2850.031143][ T5979] usb 9-1: SerialNumber: syz
[ 2850.178284][ T5979] uvcvideo 9-1:135.230: probe with driver uvcvideo failed with error -22
[ 2851.701802][T18516] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 2852.145599][T13818] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2852.206232][T13818] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2852.231966][T13818] bond0 (unregistering): Released all slaves
[ 2852.288011][T18802] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[ 2852.288060][T18802] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[ 2852.288083][T18802] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 2852.438704][T11424] usb 10-1: USB disconnect, device number 88
[ 2852.597258][ T5979] usb 9-1: USB disconnect, device number 85
[ 2853.054679][T13088] usb 10-1: new high-speed USB device number 89 using dummy_hcd
[ 2853.114386][T13818] hsr_slave_0: left promiscuous mode
[ 2853.129911][T18828] delete_channel: no stack
[ 2853.154353][T13818] hsr_slave_1: left promiscuous mode
[ 2853.155854][T13818] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2853.195613][T13818] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2853.216705][T13088] usb 10-1: config 1 has an invalid descriptor of length 181, skipping remainder of the config
[ 2853.216767][T13088] usb 10-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 2853.226056][T13088] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[ 2853.226092][T13088] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[ 2853.226116][T13088] usb 10-1: Product: syz
[ 2853.226134][T13088] usb 10-1: Manufacturer: syz
[ 2853.226152][T13088] usb 10-1: SerialNumber: syz
[ 2853.804359][T11424] usb 9-1: new high-speed USB device number 86 using dummy_hcd
[ 2853.996606][T11424] usb 9-1: device descriptor read/64, error -71
[ 2854.254681][T11424] usb 9-1: new high-speed USB device number 87 using dummy_hcd
[ 2854.450658][T11424] usb 9-1: device descriptor read/64, error -71
[ 2854.573487][T11424] usb usb9-port1: attempt power cycle
[ 2854.972922][T11424] usb 9-1: new high-speed USB device number 88 using dummy_hcd
[ 2854.985258][T11424] usb 9-1: device descriptor read/8, error -71
[ 2855.026336][T13818] team0 (unregistering): Port device team_slave_1 removed
[ 2855.261223][T11424] usb 9-1: new high-speed USB device number 89 using dummy_hcd
[ 2855.275419][T11424] usb 9-1: device descriptor read/8, error -71
[ 2855.384721][T11424] usb usb9-port1: unable to enumerate USB device
[ 2855.401894][T13818] team0 (unregistering): Port device team_slave_0 removed
[ 2855.751830][T13088] usb 10-1: USB disconnect, device number 89
[ 2856.289796][T18838] delete_channel: no stack
[ 2859.206677][T18737] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2859.206858][T18737] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2859.207068][T18737] bridge_slave_0: entered allmulticast mode
[ 2859.209029][T18737] bridge_slave_0: entered promiscuous mode
[ 2859.252304][T18836] syzkaller0: tun_chr_ioctl cmd 1074025677
[ 2859.252437][T18836] syzkaller0: linktype set to 774
[ 2859.336264][T18737] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2859.336402][T18737] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2859.336682][T18737] bridge_slave_1: entered allmulticast mode
[ 2859.339819][T18737] bridge_slave_1: entered promiscuous mode
[ 2859.709106][T18852] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 2859.710043][T18852] VFS: Can't find a romfs filesystem on dev nullb0.
[ 2859.710043][T18852] 
[ 2860.787294][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2860.901597][T18855] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 2860.923367][T18855] VFS: Can't find a romfs filesystem on dev nullb0.
[ 2860.923367][T18855] 
[ 2861.391461][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2861.442634][T18737] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2861.489196][T18737] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2861.787388][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2862.009466][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2862.401316][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2862.661283][T18737] team0: Port device team_slave_0 added
[ 2862.665912][T18737] team0: Port device team_slave_1 added
[ 2862.880346][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2862.980816][ T5817] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2863.004429][ T5817] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2863.007497][ T5817] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2863.010424][ T5817] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2863.011703][ T5817] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2863.350701][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2863.502004][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2863.678879][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2863.910959][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2864.258308][ T5817] Bluetooth: hci1: unexpected Set CIG Parameters response data
[ 2864.272741][ T5817] Bluetooth: hci1: unexpected event for opcode 0x2062
[ 2864.927411][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2865.036785][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2865.102103][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2865.208158][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2865.304637][ T5817] Bluetooth: hci3: command tx timeout
[ 2865.327854][T18737] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2865.327868][T18737] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2865.327891][T18737] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2865.332144][T18737] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2865.332158][T18737] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2865.332180][T18737] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2865.559730][T18886] trusted_key: encrypted_key: insufficient parameters specified
[ 2865.748043][T18737] hsr_slave_0: entered promiscuous mode
[ 2865.749457][T18737] hsr_slave_1: entered promiscuous mode
[ 2865.750401][T18737] debugfs: 'hsr0' already exists in 'hsr'
[ 2865.750426][T18737] Cannot create hsr debugfs directory
[ 2865.854479][T11424] usb 10-1: new high-speed USB device number 90 using dummy_hcd
[ 2866.028852][T11424] usb 10-1: Using ep0 maxpacket: 8
[ 2866.032766][T11424] usb 10-1: config 135 has an invalid interface number: 230 but max is 0
[ 2866.032797][T11424] usb 10-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[ 2866.032819][T11424] usb 10-1: config 135 has no interface number 0
[ 2866.032862][T11424] usb 10-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30
[ 2866.032907][T11424] usb 10-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[ 2866.032940][T11424] usb 10-1: config 135 interface 230 has no altsetting 0
[ 2866.056807][ T5871] usb 9-1: new high-speed USB device number 90 using dummy_hcd
[ 2866.065575][T11424] usb 10-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[ 2866.065608][T11424] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2866.065631][T11424] usb 10-1: Product: syz
[ 2866.065649][T11424] usb 10-1: Manufacturer: syz
[ 2866.065666][T11424] usb 10-1: SerialNumber: syz
[ 2866.156946][T11424] uvcvideo 10-1:135.230: probe with driver uvcvideo failed with error -22
[ 2866.204471][ T5871] usb 9-1: Using ep0 maxpacket: 16
[ 2866.208611][ T5871] usb 9-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice= 0.02
[ 2866.208638][ T5871] usb 9-1: New USB device strings: Mfr=5, Product=0, SerialNumber=3
[ 2866.208653][ T5871] usb 9-1: Manufacturer: syz
[ 2866.208665][ T5871] usb 9-1: SerialNumber: syz
[ 2866.212566][ T5871] usb 9-1: config 0 descriptor??
[ 2866.217119][ T5871] ftdi_sio 9-1:0.0: FTDI USB Serial Device converter detected
[ 2866.219125][ T5871] usb 9-1: Detected SIO
[ 2866.235324][ T5871] usb 9-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 2866.398620][T11424] usb 10-1: USB disconnect, device number 90
[ 2867.374652][ T5817] Bluetooth: hci3: command tx timeout
[ 2867.975072][  T976] usb 10-1: new high-speed USB device number 91 using dummy_hcd
[ 2868.136528][  T976] usb 10-1: config 1 has an invalid descriptor of length 181, skipping remainder of the config
[ 2868.136591][  T976] usb 10-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 2868.139320][  T976] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[ 2868.139350][  T976] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[ 2868.139374][  T976] usb 10-1: Product: syz
[ 2868.139399][  T976] usb 10-1: Manufacturer: syz
[ 2868.139417][  T976] usb 10-1: SerialNumber: syz
[ 2868.354461][ T5817] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[ 2868.354809][ T5817] Bluetooth: hci1: Injecting HCI hardware error event
[ 2868.360676][ T5817] Bluetooth: hci1: hardware error 0x00
[ 2868.664111][T18869] chnl_net:caif_netlink_parms(): no params data found
[ 2868.879412][T11424] usb 9-1: USB disconnect, device number 90
[ 2868.967041][T11424] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 2868.968696][T11424] ftdi_sio 9-1:0.0: device disconnected
[ 2869.472343][T18516] Bluetooth: hci3: command tx timeout
[ 2870.494312][ T5817] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[ 2870.565552][T18920] netlink: 8 bytes leftover after parsing attributes in process `syz.8.16265'.
[ 2870.741348][  T976] usb 10-1: USB disconnect, device number 91
[ 2870.854021][T18869] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2870.866486][T18869] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2870.866717][T18869] bridge_slave_0: entered allmulticast mode
[ 2870.888047][T18869] bridge_slave_0: entered promiscuous mode
[ 2870.923370][T18926] netlink: 8 bytes leftover after parsing attributes in process `syz.9.16266'.
[ 2870.947459][T18869] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2870.947639][T18869] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2870.949837][T18869] bridge_slave_1: entered allmulticast mode
[ 2870.979834][T18869] bridge_slave_1: entered promiscuous mode
[ 2871.426301][T18869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2871.499936][T13818] bridge_slave_1: left allmulticast mode
[ 2871.499968][T13818] bridge_slave_1: left promiscuous mode
[ 2871.500234][T13818] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2871.544321][ T5817] Bluetooth: hci3: command tx timeout
[ 2871.545693][T13818] bridge_slave_0: left allmulticast mode
[ 2871.545714][T13818] bridge_slave_0: left promiscuous mode
[ 2871.545910][T13818] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2873.955158][T13818] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2874.017031][T13818] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2874.038520][T13818] bond0 (unregistering): Released all slaves
[ 2874.091242][T18869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2874.317995][T18942] netlink: 8 bytes leftover after parsing attributes in process `syz.9.16272'.
[ 2874.621979][T18947] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16273'.
[ 2874.687477][T18869] team0: Port device team_slave_0 added
[ 2874.814634][T13818] hsr_slave_0: left promiscuous mode
[ 2874.834484][T13818] hsr_slave_1: left promiscuous mode
[ 2874.835579][T13818] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2874.875245][T13818] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2874.957209][T13818] veth1_vlan: left promiscuous mode
[ 2874.957360][T13818] veth0_vlan: left promiscuous mode
[ 2879.560646][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2879.625232][T13818] team0 (unregistering): Port device team_slave_1 removed
[ 2879.749359][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2879.966443][T13818] team0 (unregistering): Port device team_slave_0 removed
[ 2880.018490][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2880.106389][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2880.188513][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2880.565108][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2880.648239][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2880.725388][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2880.948289][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2881.028012][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2881.182014][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2881.340915][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2881.481545][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2881.570571][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2881.649349][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2881.726510][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2881.888521][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2881.973127][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2882.064896][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2882.209259][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2882.926469][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2883.019928][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2883.150702][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2883.316537][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2883.472448][T18869] team0: Port device team_slave_1 added
[ 2883.548197][T18957] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[ 2883.548252][T18957] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[ 2883.548277][T18957] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 2883.951847][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2884.020460][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2884.021340][ T5871] usb 10-1: new high-speed USB device number 92 using dummy_hcd
[ 2884.197654][ T5871] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[ 2884.197688][ T5871] usb 10-1: config 0 has no interface number 0
[ 2884.197740][ T5871] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2884.197772][ T5871] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2884.197798][ T5871] usb 10-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2884.197845][ T5871] usb 10-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00
[ 2884.197873][ T5871] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2884.203656][ T5871] usb 10-1: config 0 descriptor??
[ 2884.329851][T18869] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2884.329872][T18869] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2884.329903][T18869] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2884.382721][T18869] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2884.382742][T18869] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2884.382774][T18869] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2884.383859][T18737] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2884.483496][T18737] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2884.522213][T18737] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2884.648728][T18737] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2884.847512][ T5871] uclogic 0003:28BD:0042.0052: failed retrieving string descriptor #100: -71
[ 2884.847580][ T5871] uclogic 0003:28BD:0042.0052: failed retrieving pen parameters: -71
[ 2884.847601][ T5871] uclogic 0003:28BD:0042.0052: pen probing failed: -71
[ 2884.847621][ T5871] uclogic 0003:28BD:0042.0052: failed probing parameters: -71
[ 2884.847742][ T5871] uclogic 0003:28BD:0042.0052: probe with driver uclogic failed with error -71
[ 2884.851716][ T5871] usb 10-1: USB disconnect, device number 92
[ 2884.961745][T18993] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 2884.962263][T18993] VFS: Can't find a romfs filesystem on dev nullb0.
[ 2884.962263][T18993] 
[ 2884.998624][T18869] hsr_slave_0: entered promiscuous mode
[ 2885.000775][T18869] hsr_slave_1: entered promiscuous mode
[ 2885.001719][T18869] debugfs: 'hsr0' already exists in 'hsr'
[ 2885.001740][T18869] Cannot create hsr debugfs directory
[ 2886.775737][T19005] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 2886.776446][T19005] VFS: Can't find a romfs filesystem on dev nullb0.
[ 2886.776446][T19005] 
[ 2887.002029][T18737] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2887.004699][T19007] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16289'.
[ 2887.237958][T18737] 8021q: adding VLAN 0 to HW filter on device team0
[ 2887.334346][T12466] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2887.334500][T12466] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2887.607924][T12466] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2887.608044][T12466] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2888.190042][T19021] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16292'.
[ 2888.448133][T18869] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 2888.480816][T18869] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 2888.561514][T18869] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 2888.583365][T19026] netlink: 12 bytes leftover after parsing attributes in process `syz.8.16294'.
[ 2888.583405][T19026] netlink: 'syz.8.16294': attribute type 8 has an invalid length.
[ 2888.673885][T18869] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 2889.006371][T19038] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 2889.007072][T19038] VFS: Can't find a romfs filesystem on dev nullb0.
[ 2889.007072][T19038] 
[ 2889.055493][T18737] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2889.139033][T18869] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2889.144458][  T976] usb 9-1: new full-speed USB device number 91 using dummy_hcd
[ 2889.181933][T18869] 8021q: adding VLAN 0 to HW filter on device team0
[ 2889.227743][T13818] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2889.262306][T13818] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2889.308191][  T976] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 2889.308704][  T976] usb 9-1: not running at top speed; connect to a high speed hub
[ 2889.309887][  T976] usb 9-1: config 249 has an invalid interface number: 222 but max is 0
[ 2889.309907][  T976] usb 9-1: config 249 has no interface number 0
[ 2889.309941][  T976] usb 9-1: config 249 interface 222 altsetting 1 endpoint 0x2 has invalid maxpacket 1024, setting to 64
[ 2889.309962][  T976] usb 9-1: config 249 interface 222 altsetting 1 endpoint 0xE has invalid wMaxPacketSize 0
[ 2889.309980][  T976] usb 9-1: config 249 interface 222 has no altsetting 0
[ 2889.311977][  T976] usb 9-1: New USB device found, idVendor=0bfd, idProduct=0106, bcdDevice=44.ce
[ 2889.311998][  T976] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2889.312018][  T976] usb 9-1: Product: syz
[ 2889.312035][  T976] usb 9-1: Manufacturer: syz
[ 2889.312052][  T976] usb 9-1: SerialNumber: syz
[ 2889.420550][T19036] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 2889.628846][ T7546] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2889.629128][ T7546] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2889.711923][T19036] netlink: 'syz.8.16295': attribute type 10 has an invalid length.
[ 2889.746500][T19036] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2889.752330][T19036] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2889.837743][T19036] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2889.842905][T19036] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2889.843461][T19036] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2889.843659][T19036] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2890.002774][T19036] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 2890.051881][T19036] netlink: 20 bytes leftover after parsing attributes in process `syz.8.16295'.
[ 2890.051949][T19036] netlink: 20 bytes leftover after parsing attributes in process `syz.8.16295'.
[ 2890.311587][T19047] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2890.312387][T19047] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2890.514456][  T976] kvaser_usb 9-1:249.222: error -ENODEV: Cannot get usb endpoint(s)
[ 2890.587192][  T976] usb 9-1: USB disconnect, device number 91
[ 2890.900872][T18737] veth0_vlan: entered promiscuous mode
[ 2890.943149][T18737] veth1_vlan: entered promiscuous mode
[ 2891.078827][T18737] veth0_macvtap: entered promiscuous mode
[ 2891.118002][T18737] veth1_macvtap: entered promiscuous mode
[ 2891.192577][T18737] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2891.239978][T18737] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2891.308952][T12466] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2891.309255][T12466] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2891.312679][T12466] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2891.315473][T12466] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2891.956419][T18869] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2892.470896][T13863] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2892.470921][T13863] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2892.681980][T10159] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2892.682006][T10159] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2893.334990][T19070] delete_channel: no stack
[ 2893.440257][T19089] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16305'.
[ 2893.697488][T18869] veth0_vlan: entered promiscuous mode
[ 2893.733559][T18869] veth1_vlan: entered promiscuous mode
[ 2894.106441][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2894.222737][T18869] veth0_macvtap: entered promiscuous mode
[ 2894.262710][T18869] veth1_macvtap: entered promiscuous mode
[ 2894.557556][T18869] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2894.601885][T18869] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2894.638863][T13846] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2894.643995][T13846] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2894.662942][T13846] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2894.680626][T13846] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2895.761808][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2896.238886][T12466] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2896.238911][T12466] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2896.384363][ T7546] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2896.384387][ T7546] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2897.013519][T19113] delete_channel: no stack
[ 2897.267121][T19134] trusted_key: encrypted_key: keyword 't' not recognized
[ 2897.271603][T19134] fixup_iopl_exception: 21 callbacks suppressed
[ 2897.271626][T19134] traps: syz.9.16320[19134] attempts to use CLI/STI, pretending it's a NOP, ip:200000000002
[ 2897.610562][T19127] delete_channel: no stack
[ 2897.698874][T19148] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 2897.704097][T19148] VFS: Can't find a romfs filesystem on dev nullb0.
[ 2897.704097][T19148] 
[ 2898.164898][T19159] netlink: 4 bytes leftover after parsing attributes in process `syz.7.16328'.
[ 2899.519264][T19165] delete_channel: no stack
[ 2899.554354][T19172] FAULT_INJECTION: forcing a failure.
[ 2899.554354][T19172] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2899.554389][T19172] CPU: 0 UID: 0 PID: 19172 Comm: syz.5.16334 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2899.554418][T19172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2899.554433][T19172] Call Trace:
[ 2899.554442][T19172]  <TASK>
[ 2899.554453][T19172]  dump_stack_lvl+0x189/0x250
[ 2899.554494][T19172]  ? __pfx____ratelimit+0x10/0x10
[ 2899.554527][T19172]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2899.554563][T19172]  ? __pfx__printk+0x10/0x10
[ 2899.554593][T19172]  ? __might_fault+0xb0/0x130
[ 2899.554640][T19172]  should_fail_ex+0x46c/0x600
[ 2899.554679][T19172]  _copy_from_user+0x2d/0xb0
[ 2899.554715][T19172]  __sys_connect+0x124/0x450
[ 2899.554745][T19172]  ? __pfx___sys_connect+0x10/0x10
[ 2899.554784][T19172]  ? __pfx_ksys_write+0x10/0x10
[ 2899.554821][T19172]  __x64_sys_connect+0x7a/0x90
[ 2899.554847][T19172]  do_syscall_64+0xfa/0xfa0
[ 2899.554881][T19172]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2899.554914][T19172]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2899.554939][T19172]  ? clear_bhb_loop+0x60/0xb0
[ 2899.554968][T19172]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2899.554992][T19172] RIP: 0033:0x7fd3d37ff6c9
[ 2899.555013][T19172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2899.555034][T19172] RSP: 002b:00007fd3d1a66038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 2899.555059][T19172] RAX: ffffffffffffffda RBX: 00007fd3d3a55fa0 RCX: 00007fd3d37ff6c9
[ 2899.555077][T19172] RDX: 0000000000000048 RSI: 00002000000001c0 RDI: 0000000000000005
[ 2899.555092][T19172] RBP: 00007fd3d1a66090 R08: 0000000000000000 R09: 0000000000000000
[ 2899.555108][T19172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2899.555122][T19172] R13: 00007fd3d3a56038 R14: 00007fd3d3a55fa0 R15: 00007ffc84daad98
[ 2899.555160][T19172]  </TASK>
[ 2900.473359][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2900.769051][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2901.291451][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2901.574305][ T5871] usb 10-1: new high-speed USB device number 93 using dummy_hcd
[ 2901.724333][ T5871] usb 10-1: Using ep0 maxpacket: 8
[ 2901.727528][ T5871] usb 10-1: config 135 has an invalid interface number: 230 but max is 0
[ 2901.727562][ T5871] usb 10-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[ 2901.727585][ T5871] usb 10-1: config 135 has no interface number 0
[ 2901.727622][ T5871] usb 10-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30
[ 2901.727707][ T5871] usb 10-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[ 2901.727739][ T5871] usb 10-1: config 135 interface 230 has no altsetting 0
[ 2901.737134][ T5871] usb 10-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[ 2901.737172][ T5871] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2901.737214][ T5871] usb 10-1: Product: syz
[ 2901.737234][ T5871] usb 10-1: Manufacturer: syz
[ 2901.737256][ T5871] usb 10-1: SerialNumber: syz
[ 2901.768563][ T5871] uvcvideo 10-1:135.230: Found UVC 0.00 device syz (18ec:3288)
[ 2901.768617][ T5871] uvcvideo 10-1:135.230: No valid video chain found.
[ 2902.055195][ T5871] usb 10-1: USB disconnect, device number 93
[ 2903.572134][T19222] delete_channel: no stack
[ 2903.704633][T19237] netlink: 36 bytes leftover after parsing attributes in process `syz.8.16355'.
[ 2904.034310][T11424] usb 9-1: new full-speed USB device number 92 using dummy_hcd
[ 2904.187559][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[ 2904.203735][T11424] usb 9-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 2904.203801][T11424] usb 9-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[ 2904.203829][T11424] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2904.255881][T11424] gspca_main: stv0680-2.14.0 probing 041e:4007
[ 2905.776016][ T9036] usb 10-1: new high-speed USB device number 94 using dummy_hcd
[ 2905.782920][T11424] stv0680 9-1:4.0: STV(e): camera ping failed!!
[ 2907.025789][T19277] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 2907.026612][T19277] VFS: Can't find a romfs filesystem on dev nullb0.
[ 2907.026612][T19277] 
[ 2907.049636][T11424] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -110
[ 2907.049664][T11424] stv0680 9-1:4.0: last error: 0,  command = 0x0
[ 2907.101745][T11424] usb 9-1: USB disconnect, device number 92
[ 2907.116998][ T9036] usb 10-1: Using ep0 maxpacket: 32
[ 2907.134595][ T9036] usb 10-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 2907.134629][ T9036] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2907.134653][ T9036] usb 10-1: Product: syz
[ 2907.134670][ T9036] usb 10-1: Manufacturer: syz
[ 2907.134688][ T9036] usb 10-1: SerialNumber: syz
[ 2907.182658][ T9036] usb 10-1: config 0 descriptor??
[ 2907.307802][ T9036] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[ 2907.680741][ T9036] gspca_ov534_9: reg_w failed -71
[ 2908.136225][ T9036] gspca_ov534_9: Unknown sensor 0000
[ 2908.136310][ T9036] ov534_9 10-1:0.0: probe with driver ov534_9 failed with error -22
[ 2908.171867][ T9036] usb 10-1: USB disconnect, device number 94
[ 2908.614591][ T9036] usb 10-1: new high-speed USB device number 95 using dummy_hcd
[ 2908.684307][ T7134] usb 6-1: new high-speed USB device number 104 using dummy_hcd
[ 2908.699239][T19288] delete_channel: no stack
[ 2908.784343][ T9036] usb 10-1: Using ep0 maxpacket: 8
[ 2908.786908][ T9036] usb 10-1: config 135 has an invalid interface number: 230 but max is 0
[ 2908.786940][ T9036] usb 10-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[ 2908.786965][ T9036] usb 10-1: config 135 has no interface number 0
[ 2908.787002][ T9036] usb 10-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30
[ 2908.787052][ T9036] usb 10-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[ 2908.787085][ T9036] usb 10-1: config 135 interface 230 has no altsetting 0
[ 2908.790388][ T9036] usb 10-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[ 2908.790421][ T9036] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2908.790446][ T9036] usb 10-1: Product: syz
[ 2908.790464][ T9036] usb 10-1: Manufacturer: syz
[ 2908.790480][ T9036] usb 10-1: SerialNumber: syz
[ 2908.844331][ T7134] usb 6-1: Using ep0 maxpacket: 32
[ 2908.852249][ T7134] usb 6-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 2908.852290][ T7134] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2908.852317][ T7134] usb 6-1: Product: syz
[ 2908.852335][ T7134] usb 6-1: Manufacturer: syz
[ 2908.852354][ T7134] usb 6-1: SerialNumber: syz
[ 2908.862583][ T7134] usb 6-1: config 0 descriptor??
[ 2908.928237][ T7134] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[ 2908.959609][ T9036] uvcvideo 10-1:135.230: Found Unit with invalid ID 0
[ 2908.959695][ T9036] uvcvideo 10-1:135.230: Found UVC 0.00 device syz (18ec:3288)
[ 2908.959729][ T9036] uvcvideo 10-1:135.230: No valid video chain found.
[ 2909.287453][ T9036] usb 10-1: USB disconnect, device number 95
[ 2910.695089][ T7134] gspca_ov534_9: reg_w failed -110
[ 2911.234296][ T7134] gspca_ov534_9: Unknown sensor 0000
[ 2911.234408][ T7134] ov534_9 6-1:0.0: probe with driver ov534_9 failed with error -22
[ 2912.314960][T11424] usb 10-1: new high-speed USB device number 96 using dummy_hcd
[ 2912.414944][ T9036] usb 6-1: USB disconnect, device number 104
[ 2912.484942][T11424] usb 10-1: Using ep0 maxpacket: 8
[ 2912.531311][T11424] usb 10-1: config 135 has an invalid interface number: 230 but max is 0
[ 2912.531408][T11424] usb 10-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[ 2912.531460][T11424] usb 10-1: config 135 has no interface number 0
[ 2912.531644][T11424] usb 10-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30
[ 2912.531878][T11424] usb 10-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[ 2912.532015][T11424] usb 10-1: config 135 interface 230 has no altsetting 0
[ 2912.722342][T11424] usb 10-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[ 2912.722598][T11424] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2912.722727][T11424] usb 10-1: Product: syz
[ 2912.722835][T11424] usb 10-1: Manufacturer: syz
[ 2912.722944][T11424] usb 10-1: SerialNumber: syz
[ 2913.049255][T11424] uvcvideo 10-1:135.230: Found Unit with invalid ID 0
[ 2913.049326][T11424] uvcvideo 10-1:135.230: Found UVC 0.00 device syz (18ec:3288)
[ 2913.049358][T11424] uvcvideo 10-1:135.230: No valid video chain found.
[ 2913.336306][T11424] usb 10-1: USB disconnect, device number 96
[ 2913.538433][T19346] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 2913.946071][T19357] netlink: 24 bytes leftover after parsing attributes in process `syz.5.16395'.
[ 2914.201450][T19367] openvswitch: netlink: Missing key (keys=40, expected=200000)
[ 2914.248516][T19352] delete_channel: no stack
[ 2915.892180][T19375] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null.
[ 2916.061679][T19387] netlink: 'syz.9.16406': attribute type 12 has an invalid length.
[ 2916.635969][T19391] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[ 2917.155255][T19404] FAULT_INJECTION: forcing a failure.
[ 2917.155255][T19404] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2917.155284][T19404] CPU: 1 UID: 0 PID: 19404 Comm: syz.8.16413 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2917.155303][T19404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2917.155314][T19404] Call Trace:
[ 2917.155321][T19404]  <TASK>
[ 2917.155329][T19404]  dump_stack_lvl+0x189/0x250
[ 2917.155359][T19404]  ? __pfx____ratelimit+0x10/0x10
[ 2917.155383][T19404]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2917.155408][T19404]  ? __pfx__printk+0x10/0x10
[ 2917.155440][T19404]  should_fail_ex+0x46c/0x600
[ 2917.155467][T19404]  _copy_to_user+0x31/0xb0
[ 2917.155488][T19404]  simple_read_from_buffer+0xe1/0x170
[ 2917.155515][T19404]  proc_fail_nth_read+0x1b6/0x220
[ 2917.155538][T19404]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2917.155562][T19404]  ? rw_verify_area+0x2ac/0x4e0
[ 2917.155581][T19404]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2917.155600][T19404]  vfs_read+0x206/0xa30
[ 2917.155627][T19404]  ? __pfx_vfs_read+0x10/0x10
[ 2917.155644][T19404]  ? try_to_take_rt_mutex+0x7fd/0xac0
[ 2917.155671][T19404]  ? mutex_lock_nested+0x154/0x1d0
[ 2917.155688][T19404]  ? fdget_pos+0x253/0x320
[ 2917.155719][T19404]  ksys_read+0x14b/0x260
[ 2917.155741][T19404]  ? __pfx_ksys_read+0x10/0x10
[ 2917.155764][T19404]  ? do_syscall_64+0xbe/0xfa0
[ 2917.155791][T19404]  do_syscall_64+0xfa/0xfa0
[ 2917.155823][T19404]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2917.155846][T19404]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2917.155862][T19404]  ? clear_bhb_loop+0x60/0xb0
[ 2917.155882][T19404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2917.155898][T19404] RIP: 0033:0x7f8e83dde0dc
[ 2917.155913][T19404] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2917.155928][T19404] RSP: 002b:00007f8e82046030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2917.155945][T19404] RAX: ffffffffffffffda RBX: 00007f8e84035fa0 RCX: 00007f8e83dde0dc
[ 2917.155957][T19404] RDX: 000000000000000f RSI: 00007f8e820460a0 RDI: 0000000000000005
[ 2917.155968][T19404] RBP: 00007f8e82046090 R08: 0000000000000000 R09: 0000000000000000
[ 2917.155978][T19404] R10: 0000000000000062 R11: 0000000000000246 R12: 0000000000000001
[ 2917.155988][T19404] R13: 00007f8e84036038 R14: 00007f8e84035fa0 R15: 00007ffd158b35c8
[ 2917.156014][T19404]  </TASK>
[ 2917.672306][T19412] netlink: 16 bytes leftover after parsing attributes in process `syz.8.16415'.
[ 2917.672333][T19412] netlink: 16 bytes leftover after parsing attributes in process `syz.8.16415'.
[ 2917.714270][T13088] usb 10-1: new full-speed USB device number 97 using dummy_hcd
[ 2917.844664][T19415] FAULT_INJECTION: forcing a failure.
[ 2917.844664][T19415] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 2917.844860][T19415] CPU: 0 UID: 0 PID: 19415 Comm: syz.5.16416 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2917.844889][T19415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2917.844905][T19415] Call Trace:
[ 2917.844915][T19415]  <TASK>
[ 2917.844926][T19415]  dump_stack_lvl+0x189/0x250
[ 2917.844968][T19415]  ? __pfx____ratelimit+0x10/0x10
[ 2917.845002][T19415]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2917.845046][T19415]  ? __pfx__printk+0x10/0x10
[ 2917.845077][T19415]  ? fs_reclaim_acquire+0x7d/0x100
[ 2917.845122][T19415]  should_fail_ex+0x46c/0x600
[ 2917.845166][T19415]  prepare_alloc_pages+0x213/0x670
[ 2917.845211][T19415]  __alloc_frozen_pages_noprof+0x123/0x370
[ 2917.845254][T19415]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 2917.845303][T19415]  ? policy_nodemask+0x27c/0x720
[ 2917.845337][T19415]  ? try_to_migrate+0x319/0x3d0
[ 2917.845366][T19415]  alloc_pages_mpol+0xd1/0x380
[ 2917.845405][T19415]  alloc_migration_target_by_mpol+0x2e7/0x600
[ 2917.845442][T19415]  migrate_pages_batch+0x5a8/0x2ec0
[ 2917.845483][T19415]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[ 2917.845517][T19415]  ? __pfx_migrate_pages_batch+0x10/0x10
[ 2917.845571][T19415]  migrate_pages+0x1bc3/0x2910
[ 2917.845612][T19415]  ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[ 2917.845648][T19415]  ? __pfx_migrate_pages+0x10/0x10
[ 2917.845669][T19415]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 2917.845705][T19415]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2917.845740][T19415]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 2917.845777][T19415]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2917.845811][T19415]  ? do_raw_spin_lock+0x121/0x290
[ 2917.845868][T19415]  ? __se_sys_mbind+0xa04/0xc40
[ 2917.845907][T19415]  __se_sys_mbind+0xa47/0xc40
[ 2917.845940][T19415]  ? __pfx_vfs_write+0x10/0x10
[ 2917.845978][T19415]  ? __pfx___se_sys_mbind+0x10/0x10
[ 2917.846028][T19415]  ? fput+0xa0/0xd0
[ 2917.846051][T19415]  ? ksys_write+0x230/0x260
[ 2917.846084][T19415]  ? __pfx_ksys_write+0x10/0x10
[ 2917.846118][T19415]  ? __x64_sys_mbind+0x21/0xf0
[ 2917.846154][T19415]  do_syscall_64+0xfa/0xfa0
[ 2917.846189][T19415]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2917.846213][T19415]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2917.846238][T19415]  ? clear_bhb_loop+0x60/0xb0
[ 2917.846268][T19415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2917.846291][T19415] RIP: 0033:0x7fd3d37ff6c9
[ 2917.846314][T19415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2917.846334][T19415] RSP: 002b:00007fd3d1a66038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[ 2917.846359][T19415] RAX: ffffffffffffffda RBX: 00007fd3d3a55fa0 RCX: 00007fd3d37ff6c9
[ 2917.846377][T19415] RDX: 0000000000000000 RSI: 0000000000c00000 RDI: 0000200000400000
[ 2917.846393][T19415] RBP: 00007fd3d1a66090 R08: 0000000000000000 R09: 0000000000000002
[ 2917.846408][T19415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2917.846422][T19415] R13: 00007fd3d3a56038 R14: 00007fd3d3a55fa0 R15: 00007ffc84daad98
[ 2917.846460][T19415]  </TASK>
[ 2917.967905][T11424] usb 9-1: new high-speed USB device number 93 using dummy_hcd
[ 2918.102277][T13088] usb 10-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 2918.102313][T13088] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2918.102336][T13088] usb 10-1: Product: syz
[ 2918.102353][T13088] usb 10-1: Manufacturer: syz
[ 2918.102371][T13088] usb 10-1: SerialNumber: syz
[ 2918.115063][T11424] usb 9-1: Using ep0 maxpacket: 8
[ 2918.117981][T11424] usb 9-1: config 0 has an invalid interface number: 52 but max is 0
[ 2918.118015][T11424] usb 9-1: config 0 has an invalid descriptor of length 10, skipping remainder of the config
[ 2918.118041][T11424] usb 9-1: config 0 has no interface number 0
[ 2918.118098][T11424] usb 9-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 184, changing to 11
[ 2918.118134][T11424] usb 9-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 49487, setting to 1024
[ 2918.118167][T11424] usb 9-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2918.118201][T11424] usb 9-1: config 0 interface 52 has no altsetting 0
[ 2918.120653][T11424] usb 9-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice= 0.00
[ 2918.120688][T11424] usb 9-1: New USB device strings: Mfr=0, Product=234, SerialNumber=34
[ 2918.120724][T11424] usb 9-1: Product: syz
[ 2918.120743][T11424] usb 9-1: SerialNumber: syz
[ 2918.137097][T11424] usb 9-1: config 0 descriptor??
[ 2918.286391][T13088] usb 10-1: config 0 descriptor??
[ 2918.784799][T13088] usb 10-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 2918.867859][T11424] input: syz as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.52/input/input50
[ 2919.004924][T13088] dvb_usb_rtl28xxu 10-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 2919.076754][T13088] usb 10-1: USB disconnect, device number 97
[ 2920.494384][  T976] usb 10-1: new high-speed USB device number 98 using dummy_hcd
[ 2920.686389][  T976] usb 10-1: Using ep0 maxpacket: 32
[ 2920.701895][  T976] usb 10-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 2920.702078][  T976] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2920.702096][  T976] usb 10-1: Product: syz
[ 2920.702107][  T976] usb 10-1: Manufacturer: syz
[ 2920.702118][  T976] usb 10-1: SerialNumber: syz
[ 2920.741969][  T976] usb 10-1: config 0 descriptor??
[ 2920.794706][  T976] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[ 2922.479165][T19432] vcan0: tx drop: invalid sa for name 0x0000000000000002
[ 2922.795980][  T976] gspca_ov534_9: reg_r err -110
[ 2923.056677][  T976] gspca_ov534_9: Unknown sensor 0000
[ 2923.056918][  T976] ov534_9 10-1:0.0: probe with driver ov534_9 failed with error -22
[ 2923.478186][  T976] usb 9-1: USB disconnect, device number 93
[ 2923.478321][    C0] synaptics_usb 9-1:0.52: synusb_irq - usb_submit_urb failed with result: -19
[ 2923.562319][   T37] audit: type=1107 audit(1762608827.517:4150): pid=19442 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='Ç'
[ 2923.621777][T19445] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 2923.622615][T19445] VFS: Can't find a romfs filesystem on dev nullb0.
[ 2923.622615][T19445] 
[ 2925.448239][T11424] usb 10-1: USB disconnect, device number 98
[ 2925.514844][T19453] Bluetooth: MGMT ver 1.23
[ 2926.743634][T19475] netlink: 36 bytes leftover after parsing attributes in process `syz.7.16440'.
[ 2926.791583][T19475] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2926.843645][T19475] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2927.032850][   T37] audit: type=1326 audit(1762608830.987:4151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19478 comm="syz.5.16442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2927.033178][   T37] audit: type=1326 audit(1762608830.987:4152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19478 comm="syz.5.16442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2927.033479][   T37] audit: type=1326 audit(1762608830.987:4153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19478 comm="syz.5.16442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2927.033845][   T37] audit: type=1326 audit(1762608830.987:4154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19478 comm="syz.5.16442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2927.132730][   T37] audit: type=1326 audit(1762608830.987:4155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19478 comm="syz.5.16442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2927.356552][T19485] tipc: Started in network mode
[ 2927.356587][T19485] tipc: Node identity ac14140f, cluster identity 4711
[ 2927.356948][T19485] tipc: New replicast peer: 255.255.255.255
[ 2927.412261][T19485] tipc: Enabled bearer <udp:syz2>, priority 10
[ 2927.564650][T19492] IPv6: Can't replace route, no match found
[ 2928.693550][ T5871] tipc: Node number set to 2886997007
[ 2929.233773][T19504] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16443'.
[ 2929.289219][   T37] audit: type=1326 audit(1762608833.247:4156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19507 comm="syz.5.16454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2929.289282][   T37] audit: type=1326 audit(1762608833.247:4157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19507 comm="syz.5.16454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2929.307521][   T37] audit: type=1326 audit(1762608833.267:4158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19507 comm="syz.5.16454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2929.308253][   T37] audit: type=1326 audit(1762608833.267:4159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19507 comm="syz.5.16454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2929.309611][   T37] audit: type=1326 audit(1762608833.267:4160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19507 comm="syz.5.16454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2929.419751][   T37] audit: type=1326 audit(1762608833.377:4161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19507 comm="syz.5.16454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2929.419812][   T37] audit: type=1326 audit(1762608833.377:4162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19507 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2929.419863][   T37] audit: type=1326 audit(1762608833.377:4163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19507 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2929.419915][   T37] audit: type=1326 audit(1762608833.377:4164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19507 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2929.419966][   T37] audit: type=1326 audit(1762608833.377:4165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19507 comm="wg1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2930.409028][T19525] random: crng reseeded on system resumption
[ 2930.474748][T19527] IPv6: Can't replace route, no match found
[ 2930.727916][T19535] sg_write: data in/out 65500/14 bytes for SCSI command 0x8-- guessing data in;
[ 2930.727916][T19535]    program syz.8.16465 not setting count and/or reply_len properly
[ 2932.425736][T19557] IPv6: Can't replace route, no match found
[ 2933.412916][T19585] IPv6: Can't replace route, no match found
[ 2933.853145][T19595] netlink: 12 bytes leftover after parsing attributes in process `syz.7.16490'.
[ 2934.313244][   T37] kauditd_printk_skb: 27 callbacks suppressed
[ 2934.313266][   T37] audit: type=1326 audit(1762608838.267:4193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19597 comm="syz.8.16492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2934.313603][   T37] audit: type=1326 audit(1762608838.267:4194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19597 comm="syz.8.16492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2934.344103][   T37] audit: type=1326 audit(1762608838.297:4195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19597 comm="syz.8.16492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2934.344534][   T37] audit: type=1326 audit(1762608838.297:4196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19597 comm="syz.8.16492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2934.344596][   T37] audit: type=1326 audit(1762608838.297:4197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19597 comm="syz.8.16492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2934.351404][   T37] audit: type=1326 audit(1762608838.307:4198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19597 comm="syz.8.16492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2934.351903][   T37] audit: type=1326 audit(1762608838.307:4199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19597 comm="syz.8.16492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2934.351966][   T37] audit: type=1326 audit(1762608838.307:4200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19597 comm="syz.8.16492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2934.352443][   T37] audit: type=1326 audit(1762608838.307:4201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19597 comm="syz.8.16492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2934.389601][   T37] audit: type=1326 audit(1762608838.347:4202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19597 comm="syz.8.16492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2935.665385][T19619] syzkaller0: entered promiscuous mode
[ 2935.665414][T19619] syzkaller0: entered allmulticast mode
[ 2937.247027][T19648] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 2938.437389][T19689] IPv6: Can't replace route, no match found
[ 2939.839137][   T37] kauditd_printk_skb: 49 callbacks suppressed
[ 2939.839160][   T37] audit: type=1326 audit(1762608843.787:4252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19722 comm="syz.5.16546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2939.839548][   T37] audit: type=1326 audit(1762608843.797:4253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19722 comm="syz.5.16546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2939.852972][   T37] audit: type=1326 audit(1762608843.807:4254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19722 comm="syz.5.16546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2939.853045][   T37] audit: type=1326 audit(1762608843.807:4255): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=19722 comm="syz.5.16546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2939.853106][   T37] audit: type=1326 audit(1762608843.807:4256): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=_ pid=19722 comm="syz.5.16546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2940.005205][T19724] IPv6: Can't replace route, no match found
[ 2940.330904][   T37] audit: type=1326 audit(1762608844.267:4257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19727 comm="syz.5.16548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2940.330973][   T37] audit: type=1326 audit(1762608844.287:4258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19727 comm="syz.5.16548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2940.362896][   T37] audit: type=1326 audit(1762608844.317:4259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19727 comm="syz.5.16548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2940.362986][   T37] audit: type=1326 audit(1762608844.317:4260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19727 comm="syz.5.16548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2940.374592][   T37] audit: type=1326 audit(1762608844.317:4261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19727 comm="syz.5.16548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2942.408714][T19749] netlink: 28 bytes leftover after parsing attributes in process `syz.9.16556'.
[ 2942.408752][T19749] netlink: 28 bytes leftover after parsing attributes in process `syz.9.16556'.
[ 2943.442673][T19794] netlink: 19 bytes leftover after parsing attributes in process `syz.5.16573'.
[ 2943.941856][T19810] netlink: 16 bytes leftover after parsing attributes in process `syz.5.16579'.
[ 2945.283731][   T37] kauditd_printk_skb: 141 callbacks suppressed
[ 2945.283752][   T37] audit: type=1326 audit(1762608849.237:4403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19853 comm="syz.5.16602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2945.316825][   T37] audit: type=1326 audit(1762608849.237:4404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19853 comm="syz.5.16602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2945.348572][   T37] audit: type=1326 audit(1762608849.307:4405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19853 comm="syz.5.16602" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2945.348736][   T37] audit: type=1326 audit(1762608849.307:4406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19853 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2945.350203][   T37] audit: type=1326 audit(1762608849.307:4407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19853 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2945.350676][   T37] audit: type=1326 audit(1762608849.307:4408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19853 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2945.510021][   T37] audit: type=1326 audit(1762608849.417:4409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19853 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2945.510100][   T37] audit: type=1326 audit(1762608849.417:4410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19853 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2945.728591][   T37] audit: type=1326 audit(1762608849.687:4411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19859 comm="syz.9.16604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2945.729166][   T37] audit: type=1326 audit(1762608849.687:4412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19859 comm="syz.9.16604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2947.919625][T19908] netlink: 4 bytes leftover after parsing attributes in process `syz.8.16620'.
[ 2947.919656][T19908] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2947.919683][T19908] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2947.985637][T19908] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2947.985670][T19908] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2948.525937][T19923] netlink: 4 bytes leftover after parsing attributes in process `syz.7.16626'.
[ 2948.525969][T19923] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2948.525994][T19923] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2948.571722][T19923] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2948.571755][T19923] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2949.265332][T19935] netlink: 16 bytes leftover after parsing attributes in process `syz.9.16630'.
[ 2950.284518][   T37] kauditd_printk_skb: 11 callbacks suppressed
[ 2950.284539][   T37] audit: type=1326 audit(1762608854.237:4424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19942 comm="syz.8.16633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2950.285797][   T37] audit: type=1326 audit(1762608854.247:4425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19942 comm="syz.8.16633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2950.286098][   T37] audit: type=1326 audit(1762608854.247:4426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19942 comm="syz.8.16633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2950.286616][   T37] audit: type=1326 audit(1762608854.247:4427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19942 comm="syz.8.16633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2950.287216][   T37] audit: type=1326 audit(1762608854.247:4428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19942 comm="syz.8.16633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2950.287519][   T37] audit: type=1326 audit(1762608854.247:4429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19942 comm="syz.8.16633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e83ddf6c9 code=0x7ffc0000
[ 2950.994730][T19967] netlink: 4 bytes leftover after parsing attributes in process `syz.5.16643'.
[ 2952.025325][   T37] audit: type=1804 audit(1762608855.987:4430): pid=19985 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.7.16646" name="/newroot/77/file0" dev="tmpfs" ino=405 res=1 errno=0
[ 2952.118996][   T37] audit: type=1326 audit(1762608856.077:4431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19988 comm="syz.1.16648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb9faf6c9 code=0x7ffc0000
[ 2952.119301][   T37] audit: type=1326 audit(1762608856.077:4432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19988 comm="syz.1.16648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fceb9faf6c9 code=0x7ffc0000
[ 2952.120011][   T37] audit: type=1326 audit(1762608856.077:4433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19988 comm="syz.1.16648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fceb9faf6c9 code=0x7ffc0000
[ 2955.262597][T20051] tipc: Started in network mode
[ 2955.262874][T20051] tipc: Node identity ac14141b, cluster identity 4711
[ 2955.307483][T20051] tipc: New replicast peer: 255.255.255.255
[ 2955.389952][T20051] tipc: Enabled bearer <udp:syz2>, priority 10
[ 2956.364267][ T5871] tipc: Node number set to 2886997019
[ 2957.045060][T20092] netlink: 'syz.7.16691': attribute type 13 has an invalid length.
[ 2957.506785][   T37] kauditd_printk_skb: 114 callbacks suppressed
[ 2957.506805][   T37] audit: type=1326 audit(1762608861.467:4548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20099 comm="syz.5.16695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2957.506860][   T37] audit: type=1326 audit(1762608861.467:4549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20099 comm="syz.5.16695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2957.507960][   T37] audit: type=1326 audit(1762608861.467:4550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20099 comm="syz.5.16695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2957.508010][   T37] audit: type=1326 audit(1762608861.467:4551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20099 comm="syz.5.16695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2957.508060][   T37] audit: type=1326 audit(1762608861.467:4552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20099 comm="syz.5.16695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2957.508370][   T37] audit: type=1326 audit(1762608861.467:4553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20099 comm="syz.5.16695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2957.652795][   T37] audit: type=1326 audit(1762608861.467:4554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20099 comm="syz.5.16695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2957.652865][   T37] audit: type=1326 audit(1762608861.607:4555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20099 comm="syz.5.16695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2957.652920][   T37] audit: type=1326 audit(1762608861.607:4556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20099 comm="syz.5.16695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2957.652975][   T37] audit: type=1326 audit(1762608861.607:4557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20099 comm="syz.5.16695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2960.367866][T20132] batadv_slave_1: entered promiscuous mode
[ 2960.374034][T20132] batadv_slave_1: left promiscuous mode
[ 2960.674225][T13856] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2960.764458][T13856] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2960.764583][T13856] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2960.764627][T13856] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2962.144488][T20223] Falling back ldisc for ptm0.
[ 2962.560594][   T37] kauditd_printk_skb: 5 callbacks suppressed
[ 2962.560617][   T37] audit: type=1326 audit(1762608866.507:4563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20226 comm="syz.7.16739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b6449f6c9 code=0x7ffc0000
[ 2962.560671][   T37] audit: type=1326 audit(1762608866.507:4564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20226 comm="syz.7.16739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b6449f6c9 code=0x7ffc0000
[ 2962.560715][   T37] audit: type=1326 audit(1762608866.507:4565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20226 comm="syz.7.16739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b6449f6c9 code=0x7ffc0000
[ 2962.560758][   T37] audit: type=1326 audit(1762608866.507:4566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20226 comm="syz.7.16739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b6449f6c9 code=0x7ffc0000
[ 2962.560799][   T37] audit: type=1326 audit(1762608866.507:4567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20226 comm="syz.7.16739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1b6449f6c9 code=0x7ffc0000
[ 2962.590172][   T37] audit: type=1326 audit(1762608866.547:4568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20226 comm="syz.7.16739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b6449f6c9 code=0x7ffc0000
[ 2962.590246][   T37] audit: type=1326 audit(1762608866.547:4569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20226 comm="syz.7.16739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b6449f6c9 code=0x7ffc0000
[ 2962.596047][   T37] audit: type=1326 audit(1762608866.557:4570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20226 comm="syz.7.16739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b6449f6c9 code=0x7ffc0000
[ 2962.596114][   T37] audit: type=1326 audit(1762608866.557:4571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20226 comm="syz.7.16739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b6449f6c9 code=0x7ffc0000
[ 2962.597099][   T37] audit: type=1326 audit(1762608866.557:4572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20226 comm="syz.7.16739" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f1b6449f6c9 code=0x7ffc0000
[ 2963.327813][T20265] netlink: 4 bytes leftover after parsing attributes in process `syz.5.16754'.
[ 2963.354653][T20265] hsr_slave_0: left promiscuous mode
[ 2963.394641][T20265] hsr_slave_1: left promiscuous mode
[ 2965.632422][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[ 2965.958036][T20321] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 2966.583132][T20338] syzkaller0: entered promiscuous mode
[ 2966.583157][T20338] syzkaller0: entered allmulticast mode
[ 2968.094334][T18516] Bluetooth: hci5: command 0x1003 tx timeout
[ 2968.103511][ T5817] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 2968.529090][   T37] kauditd_printk_skb: 258 callbacks suppressed
[ 2968.529110][   T37] audit: type=1326 audit(1762608872.487:4831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20412 comm="syz.5.16795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2968.529429][   T37] audit: type=1326 audit(1762608872.487:4832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20412 comm="syz.5.16795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2968.529836][   T37] audit: type=1326 audit(1762608872.487:4833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20412 comm="syz.5.16795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2968.530355][   T37] audit: type=1326 audit(1762608872.487:4834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20412 comm="syz.5.16795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2968.530641][   T37] audit: type=1326 audit(1762608872.487:4835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20412 comm="syz.5.16795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2968.531249][   T37] audit: type=1326 audit(1762608872.487:4836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20412 comm="syz.5.16795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2968.531523][   T37] audit: type=1326 audit(1762608872.487:4837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20412 comm="syz.5.16795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2968.531882][   T37] audit: type=1326 audit(1762608872.487:4838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20412 comm="syz.5.16795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd3d37fdf10 code=0x7ffc0000
[ 2968.716303][   T37] audit: type=1326 audit(1762608872.487:4839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20412 comm="syz.5.16795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd3d37fdf10 code=0x7ffc0000
[ 2968.746462][   T37] audit: type=1326 audit(1762608872.677:4840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20412 comm="syz.5.16795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3d37ff6c9 code=0x7ffc0000
[ 2969.358543][T20432] dummy0: entered promiscuous mode
[ 2969.360753][T20432] bond_slave_0: entered promiscuous mode
[ 2969.361013][T20432] bond_slave_0: left promiscuous mode
[ 2969.394377][T20432] dummy0: left promiscuous mode
[ 2971.378987][T20467] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 2971.383537][T20478] syzkaller0: entered promiscuous mode
[ 2971.383575][T20478] syzkaller0: entered allmulticast mode
[ 2973.665215][T20572] syzkaller0: entered promiscuous mode
[ 2973.665245][T20572] syzkaller0: entered allmulticast mode
[ 2975.649197][   T37] kauditd_printk_skb: 1 callbacks suppressed
[ 2975.649217][   T37] audit: type=1326 audit(1762608879.607:4842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20650 comm="syz.9.16856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2975.651753][   T37] audit: type=1326 audit(1762608879.607:4843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20650 comm="syz.9.16856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2975.652201][   T37] audit: type=1326 audit(1762608879.607:4844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20650 comm="syz.9.16856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2975.652384][   T37] audit: type=1326 audit(1762608879.607:4845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20650 comm="syz.9.16856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2975.653099][   T37] audit: type=1326 audit(1762608879.607:4846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20650 comm="syz.9.16856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2975.653248][   T37] audit: type=1326 audit(1762608879.607:4847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20650 comm="syz.9.16856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2975.653566][   T37] audit: type=1326 audit(1762608879.607:4848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20650 comm="syz.9.16856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9cca0bdf10 code=0x7ffc0000
[ 2975.655569][   T37] audit: type=1326 audit(1762608879.617:4849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20650 comm="syz.9.16856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9cca0bdf10 code=0x7ffc0000
[ 2975.656624][   T37] audit: type=1326 audit(1762608879.617:4850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20650 comm="syz.9.16856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2975.656681][   T37] audit: type=1326 audit(1762608879.617:4851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20650 comm="syz.9.16856" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9cca0bf6c9 code=0x7ffc0000
[ 2981.821719][    C0] ------------[ cut here ]------------
[ 2981.821736][    C0] refcount_t: addition on 0; use-after-free.
[ 2981.822470][    C0] WARNING: CPU: 0 PID: 16 at lib/refcount.c:25 refcount_warn_saturate+0xfa/0x1d0
[ 2981.822521][    C0] Modules linked in:
[ 2981.822551][    C0] CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2981.822579][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2981.822599][    C0] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[ 2981.822626][    C0] Code: 00 00 e8 e9 5e 45 fd 5b 41 5e c3 cc cc cc cc cc e8 db 5e 45 fd c6 05 70 11 47 0a 01 90 48 c7 c7 80 2e 3d 8b e8 e7 a3 09 fd 90 <0f> 0b 90 90 eb d7 e8 bb 5e 45 fd c6 05 51 11 47 0a 01 90 48 c7 c7
[ 2981.822649][    C0] RSP: 0018:ffffc90000157830 EFLAGS: 00010246
[ 2981.822668][    C0] RAX: 5505fa19a6c4eb00 RBX: 0000000000000002 RCX: ffff88801b2f5a00
[ 2981.822685][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000100
[ 2981.822700][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000100
[ 2981.822715][    C0] R10: dffffc0000000000 R11: ffffed101710487b R12: 1ffff9200002af18
[ 2981.822734][    C0] R13: ffff888049344060 R14: ffff888049343c80 R15: dffffc0000000000
[ 2981.822752][    C0] FS:  0000000000000000(0000) GS:ffff888126df9000(0000) knlGS:0000000000000000
[ 2981.822785][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2981.822803][    C0] CR2: 00007f9cc8304f98 CR3: 000000003b376000 CR4: 00000000003526f0
[ 2981.822824][    C0] Call Trace:
[ 2981.822839][    C0]  <TASK>
[ 2981.822858][    C0]  mptcp_schedule_work+0x164/0x1a0
[ 2981.822892][    C0]  mptcp_tout_timer+0x21/0xa0
[ 2981.822930][    C0]  call_timer_fn+0x17e/0x5f0
[ 2981.822966][    C0]  ? __pfx_mptcp_tout_timer+0x10/0x10
[ 2981.823008][    C0]  ? call_timer_fn+0xbe/0x5f0
[ 2981.823116][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[ 2981.823166][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2981.823205][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2981.823238][    C0]  ? __pfx_mptcp_tout_timer+0x10/0x10
[ 2981.823276][    C0]  __run_timer_base+0x648/0x970
[ 2981.823328][    C0]  ? __pfx___run_timer_base+0x10/0x10
[ 2981.823380][    C0]  run_timer_softirq+0xb7/0x180
[ 2981.823414][    C0]  handle_softirqs+0x22f/0x710
[ 2981.823469][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 2981.823516][    C0]  run_ktimerd+0xcf/0x190
[ 2981.823553][    C0]  ? __pfx_run_ktimerd+0x10/0x10
[ 2981.823583][    C0]  ? schedule+0x91/0x360
[ 2981.823643][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[ 2981.823678][    C0]  smpboot_thread_fn+0x542/0xa60
[ 2981.823710][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[ 2981.823753][    C0]  kthread+0x711/0x8a0
[ 2981.823862][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 2981.823894][    C0]  ? __pfx_kthread+0x10/0x10
[ 2981.823928][    C0]  ? rt_spin_unlock+0x150/0x200
[ 2981.823963][    C0]  ? rt_spin_unlock+0x161/0x200
[ 2981.823991][    C0]  ? __pfx_kthread+0x10/0x10
[ 2981.824029][    C0]  ret_from_fork+0x4bc/0x870
[ 2981.824059][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 2981.824100][    C0]  ? __switch_to_asm+0x39/0x70
[ 2981.824175][    C0]  ? __switch_to_asm+0x33/0x70
[ 2981.824199][    C0]  ? __pfx_kthread+0x10/0x10
[ 2981.824238][    C0]  ret_from_fork_asm+0x1a/0x30
[ 2981.824285][    C0]  </TASK>
[ 2981.824309][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 2981.824328][    C0] CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2981.824356][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 2981.824371][    C0] Call Trace:
[ 2981.824382][    C0]  <TASK>
[ 2981.824392][    C0]  dump_stack_lvl+0x99/0x250
[ 2981.824431][    C0]  ? __asan_memcpy+0x40/0x70
[ 2981.824470][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2981.824509][    C0]  ? __pfx__printk+0x10/0x10
[ 2981.824556][    C0]  vpanic+0x237/0x6d0
[ 2981.824589][    C0]  ? __pfx_vpanic+0x10/0x10
[ 2981.824628][    C0]  panic+0xb9/0xc0
[ 2981.824651][    C0]  ? __pfx_panic+0x10/0x10
[ 2981.824697][    C0]  __warn+0x31b/0x4b0
[ 2981.824720][    C0]  ? refcount_warn_saturate+0xfa/0x1d0
[ 2981.824752][    C0]  ? refcount_warn_saturate+0xfa/0x1d0
[ 2981.824789][    C0]  report_bug+0x2be/0x4f0
[ 2981.824825][    C0]  ? refcount_warn_saturate+0xfa/0x1d0
[ 2981.824853][    C0]  ? refcount_warn_saturate+0xfa/0x1d0
[ 2981.824883][    C0]  ? refcount_warn_saturate+0xfc/0x1d0
[ 2981.824912][    C0]  handle_bug+0x84/0x160
[ 2981.824936][    C0]  exc_invalid_op+0x1a/0x50
[ 2981.824961][    C0]  asm_exc_invalid_op+0x1a/0x20
[ 2981.824986][    C0] RIP: 0010:refcount_warn_saturate+0xfa/0x1d0
[ 2981.825016][    C0] Code: 00 00 e8 e9 5e 45 fd 5b 41 5e c3 cc cc cc cc cc e8 db 5e 45 fd c6 05 70 11 47 0a 01 90 48 c7 c7 80 2e 3d 8b e8 e7 a3 09 fd 90 <0f> 0b 90 90 eb d7 e8 bb 5e 45 fd c6 05 51 11 47 0a 01 90 48 c7 c7
[ 2981.825038][    C0] RSP: 0018:ffffc90000157830 EFLAGS: 00010246
[ 2981.825060][    C0] RAX: 5505fa19a6c4eb00 RBX: 0000000000000002 RCX: ffff88801b2f5a00
[ 2981.825079][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000100
[ 2981.825096][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000100
[ 2981.825112][    C0] R10: dffffc0000000000 R11: ffffed101710487b R12: 1ffff9200002af18
[ 2981.825132][    C0] R13: ffff888049344060 R14: ffff888049343c80 R15: dffffc0000000000
[ 2981.825183][    C0]  mptcp_schedule_work+0x164/0x1a0
[ 2981.825217][    C0]  mptcp_tout_timer+0x21/0xa0
[ 2981.825256][    C0]  call_timer_fn+0x17e/0x5f0
[ 2981.825292][    C0]  ? __pfx_mptcp_tout_timer+0x10/0x10
[ 2981.825327][    C0]  ? call_timer_fn+0xbe/0x5f0
[ 2981.825361][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[ 2981.825409][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2981.825446][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2981.825489][    C0]  ? __pfx_mptcp_tout_timer+0x10/0x10
[ 2981.825527][    C0]  __run_timer_base+0x648/0x970
[ 2981.825580][    C0]  ? __pfx___run_timer_base+0x10/0x10
[ 2981.825634][    C0]  run_timer_softirq+0xb7/0x180
[ 2981.825669][    C0]  handle_softirqs+0x22f/0x710
[ 2981.825714][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 2981.825767][    C0]  run_ktimerd+0xcf/0x190
[ 2981.825809][    C0]  ? __pfx_run_ktimerd+0x10/0x10
[ 2981.825841][    C0]  ? schedule+0x91/0x360
[ 2981.825883][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[ 2981.825915][    C0]  smpboot_thread_fn+0x542/0xa60
[ 2981.825950][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[ 2981.825994][    C0]  kthread+0x711/0x8a0
[ 2981.826036][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 2981.826075][    C0]  ? __pfx_kthread+0x10/0x10
[ 2981.826110][    C0]  ? rt_spin_unlock+0x150/0x200
[ 2981.826145][    C0]  ? rt_spin_unlock+0x161/0x200
[ 2981.826172][    C0]  ? __pfx_kthread+0x10/0x10
[ 2981.826211][    C0]  ret_from_fork+0x4bc/0x870
[ 2981.826246][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 2981.826287][    C0]  ? __switch_to_asm+0x39/0x70
[ 2981.826311][    C0]  ? __switch_to_asm+0x33/0x70
[ 2981.826336][    C0]  ? __pfx_kthread+0x10/0x10
[ 2981.826375][    C0]  ret_from_fork_asm+0x1a/0x30
[ 2981.826426][    C0]  </TASK>
[ 2981.826794][    C0] Kernel Offset: disabled