last executing test programs:

25m58.056985812s ago: executing program 32 (id=82):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000001c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r3, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, 0x24)
sendmmsg(r3, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0)
recvmmsg(r3, &(0x7f0000001880)=[{{0x0, 0x2, 0x0}}], 0xf000, 0x10002, 0x0)

25m57.339225877s ago: executing program 33 (id=86):
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r0, 0x407, 0x0)
r1 = openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
write$cgroup_pid(r1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x8, 0x20000000100008b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
write$FUSE_INIT(r0, &(0x7f0000000340)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x28, 0x2, 0x400, 0x0, 0x0, 0xa59}}, 0x50)
vmsplice(r0, &(0x7f0000000140)=[{&(0x7f0000000100)="eb", 0x20000101}], 0x1, 0x0)
fcntl$setpipe(r0, 0x407, 0x2000000)

25m24.775605332s ago: executing program 6 (id=195):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
r3 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382)
r4 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J]\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3%\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1o\xb8\x8f]\x14\x1d\x00\x00\x00\x00\x00', 0x1)
pwritev(r4, &(0x7f0000000600)=[{&(0x7f0000000380)="b9", 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r3, 0x4c00, r4)
ioctl$LOOP_SET_STATUS(r3, 0x4c02, &(0x7f0000000200)={0x0, {}, 0x0, {}, 0x0, 0x6, 0x0, 0x9, "4b8b3ea46929dfed0b2f34380d308f95a023d009852471dd5a94a9fe9549918ae7fd1f0ece5b861375b108403362cfe0f4fccffb1b6a2115354d4df15d017a3f", "2363f18d9acc6c25af21ca2af6d2e80e4caadd6d126cfb80c92dc817d44dcdec", [0x1, 0x7]})
ioctl$LOOP_CLR_FD(r3, 0x4c01)
write(r3, &(0x7f00000004c0)='I', 0x1)
write$binfmt_misc(r1, &(0x7f0000000d80), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

25m22.456043274s ago: executing program 6 (id=205):
prctl$PR_SET_SECUREBITS(0x1c, 0x4)
r0 = socket$unix(0x1, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r1, r1, r1)
r2 = syz_clone(0xb00200, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r3)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r4 = syz_open_procfs(r2, &(0x7f0000000040)='stat\x00')
r5 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
readv(r5, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0xfdef}], 0x1)
pread64(r4, &(0x7f0000000140)=""/15, 0xf, 0x4)

25m21.010158109s ago: executing program 6 (id=211):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$inet6_mptcp(0xa, 0x1, 0x106)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(&(0x7f0000000240)=@nullb, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='v7\x00', 0x0, 0x0)

25m19.635725578s ago: executing program 6 (id=214):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='nr_inodes=M'])
chdir(&(0x7f0000000140)='./file0\x00')
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x1217880, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
read$FUSE(r1, &(0x7f0000002140)={0x2020}, 0x2100)

25m19.317497835s ago: executing program 6 (id=217):
socket$inet6(0xa, 0x3, 0x8000000003c)
socket$nl_sock_diag(0x10, 0x3, 0x4)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$igmp(0x2, 0x3, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=r0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f"], 0x6c}}, 0x840)

25m18.102727171s ago: executing program 6 (id=219):
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
close(r3)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000001c0)='sock_rcvqueue_full\x00', r5}, 0x18)
r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={r7, r4, 0x0, r7}, 0x10)

25m17.075268138s ago: executing program 34 (id=219):
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
close(r3)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000001c0)='sock_rcvqueue_full\x00', r5}, 0x18)
r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r6}, 0x8)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={r7, r4, 0x0, r7}, 0x10)

22m38.959504177s ago: executing program 7 (id=704):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1000002, 0x0)
r1 = dup(r0)
r2 = fanotify_init(0x0, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(r2, 0x455, 0x8000003, r3, 0x0)
mknod(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r4 = open$dir(&(0x7f0000000100)='./file0\x00', 0x2, 0x0)
r5 = open(&(0x7f00000002c0)='./bus\x00', 0x60102, 0x0)
writev(r4, &(0x7f0000001480)=[{&(0x7f00000001c0)='}', 0x1}], 0x1)
splice(r4, 0x0, r5, 0x0, 0xffffffe1, 0x0)
r6 = open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0)
sendfile(r1, r6, 0x0, 0x8000fffffffe)

22m38.653601974s ago: executing program 7 (id=706):
syz_open_dev$mouse(0x0, 0x6, 0x8300)
socket$netlink(0x10, 0x3, 0x0)
socket$alg(0x26, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r2, 0xc0045005, &(0x7f0000000380)=0x20)
write$binfmt_elf32(r3, 0x0, 0x4cd)
socket$nl_xfrm(0x10, 0x3, 0x6)
pselect6(0x40, &(0x7f0000000600), 0x0, &(0x7f0000000680)={0x7ff}, 0x0, 0x0)

22m36.558724321s ago: executing program 7 (id=712):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r3, 0x0)
listen(r3, 0x0)

22m35.524858208s ago: executing program 7 (id=714):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x16)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x1607010, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x87, <r2=>r1}, './file0\x00'})
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000100), 0x20c00, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2}, './file1\x00'})
chdir(&(0x7f0000000040)='./file0\x00')
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)

22m35.238165669s ago: executing program 7 (id=715):
socket$packet(0x11, 0x2, 0x300)
landlock_create_ruleset(&(0x7f0000000040)={0x123}, 0x10, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
socket$rxrpc(0x21, 0x2, 0xa)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, 0x0, &(0x7f0000000200)=r2}, 0x20)
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f0000000040)})

22m34.884321687s ago: executing program 7 (id=717):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
setsockopt$ax25_int(r4, 0x101, 0x4, &(0x7f0000000000), 0x4)

22m34.659039343s ago: executing program 35 (id=717):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
setsockopt$ax25_int(r4, 0x101, 0x4, &(0x7f0000000000), 0x4)

22m14.152712183s ago: executing program 3 (id=778):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
syz_io_uring_setup(0x2a20, &(0x7f0000000080)={0x0, 0x0, 0x40, 0x0, 0x10000}, 0x0, &(0x7f00000002c0))
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000009702000020febfff7a0af0fff8ff00f869a4f0ff00000000b70600001218d1fe2d640500000000002404000000ffffffd404000020000000b704000010000020720700fe00000000850000002f000000b70000000a00000095000000000000006458c2c62fca868f0399d909a63396c113943219aab9d607000000cb3924b611f5969f62c28b22edf3cf393d14c46cc4f79fd2b316da4f0de8163f6242fa8a23f1740637c48468766af54043000000ec44631ac2622cdcae18c3d14bfbe96dd87235b44174f7c034318508f49f09781dc7a2cfbb9a0f119e31975f551557f05dc2dc2739e2e735d0ab961dac07f4f6d8aa1c3f16765d427c0e01000000fe4c16737d50d2a4bfc463450d524eacf2b734b0289c7a3a16eeca71296746681d61af491e4fa734318e0d72b8dbbc2b2b869af2f87903000000b6ecc7de09a2257e908cd92e664fa7aba7f07474863333c460e34caf0806a7e2575a56fba3eadd8efbd5dae6c024585d972b1bf8c4e872bba38160be9e92b6ddb90fc51b894917b50876b5708e64e70f7d8225da90ce9bc019084873ed07c0c59c4ba053fe77e0d37ccc3318da2e9fefaf025527e734ed1de5d12b4c56ca3b03dc121086061d1f26821a428d28eefa22ead6a3dab9388da53263b81ebe6be197a48a63440000a356240c4e2df57457000100000000000000000000008d2516510b29804b3cc034c19cef0d773f01064709edd63a185cbab8456c25283b9514b220fe401503ff536478088eb9fd932a0703a7bf9ea40429b2d49177824f210a69f8e5227fd32e7d5a2c7ecf57ac64509224090000000000000096e5a55d2c805bf725b9d14756c8cfa292aae0872866cf9fe063317741a0db9081d4393a7f9bcc0917d60a11b4a9ece831660ce625de441cef915eba31255d163f7033045ceb97f8ea006efc5b84f75ca1fb74c9faef444eb12f46b435de87feb2f7f2d7fb659395e4b38178b5c67e6ac100000000000000001b2e77bd5de136fa1bec1a26c622bb9662d9ee70147acc5605aa2318855cb8b918000000c5f265dcb5dce05f94ea051c4e8dcdf37d01ad7aff64f84ce32b841c799f47c2949725285fc50f1dd3f5e264023082eec752704c1f598151aa7d29e0d79522df196278acf327a74777d1f658f50c27020198770ff8ebef9df1b750d56d4d195ad7a267c46b3348b0e03ed33b5bca13cafc304dc6da78d20f029742d8d2f36acfdd331081ca00c1d5c8b7bed2ef603d6e7f1764246aab2d7d531559a971939a038055ac28625ec837f824ff537cd67993a3589be73a18680da50287b9e962b1a0235c290346a21ca5de55c49c78e411c791617000ef8df75411a5d300000000000000e0ffffff004deb8d49806823655735bd6deb49edb2e42f4ed9e6e9080366660b847bf03c144f6796920726dcf29e9a6c808459e82cbb0000000000000000000000000000000000006b5530865aaa7aa6171f66f2bca881a4201588427bb65ed3d5e7a74e9b5ece44067d4a9875a310bc7ec42b844b9eb3c9083560ef5c92b8a01188d615efbf70893d2eaf76517e990021fa5020a71023bca1194ad87cade480ba3dce8f57294e31ca24a8d181210bb6d18ff2c58293c2e314a7447ed3a1c870908aa8e3b33e6a94c7381bce9fa71dcbb758451f247e38d80d66e03d7564a5cddfaf06574b05cefb2670f30c2d501ee625ce3ffc08f15b53d28ce552c1807bc6866f06098a0e5517068aa48f2a82496fe83ee85218fe7f52b48742c7055f2a144c13e9c54be60b0a4f979ef7eb216897875946dc6ca1571930b1cf7c93de103f5289f782ae538e02612c717a76c787a873936eb8dcf1bfe581cc8ef965a0424bc140939e3274e251e519d188f6af680402c49458065dccfcb4f0d4f2ec9cf6fb3cf0a1807e34fb8d0108007734c1d2bc6a9d32d2560a88bad976b6000100002b712e632eeca810fb73fc8aaef94acf8bde18b9149cadc688254eabbe91f943592ccf68e717bcc6852828bd621e3a9dcb1cc6f1a6d1915200d95087838c2dc0a002c3aa554f725b965714144652cdc14761b0236f1a05b7f50f4149057e63d713103b5a6c2919161efc165a2e6981d76d29c95ad9f180135fb8962f59495fd33be3a6d35274941790bc1bd9da5e9c67c39de2c9f6fe35b8f528edbd8ea2a77dccdc3fe247feb121d9440a3ea9012a9d23a7e3110b0f25c5f8bf803d688de4d92b5dfdbd69fb8b426b55c10ba01b5f18b10cce8de3369300000000"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x29, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000240)={r2, 0xffffffffffffffff, 0x32, 0x0, @val=@netkit={@void, @value=r2}}, 0x1c)
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$VIDIOC_S_HW_FREQ_SEEK(0xffffffffffffffff, 0x40305652, 0x0)

22m13.285317415s ago: executing program 3 (id=780):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x5, 0x2, 0x2d9b, 0x7, 0x1, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(r3, 0x800442d2, &(0x7f00000000c0)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x0, @multicast}]})

22m12.156268578s ago: executing program 3 (id=784):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = shmget$private(0x0, 0x4000, 0x54001800, &(0x7f0000000000/0x4000)=nil)
shmat(r3, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)

22m11.840343478s ago: executing program 3 (id=786):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x23)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
acct(&(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00')
acct(0x0)
openat$loop_ctrl(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)

22m9.919868299s ago: executing program 3 (id=789):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x12000021)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={0x0}}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r1, 0x0, 0x0)
close(r1)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)

22m8.83235739s ago: executing program 3 (id=794):
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_DEP_LINK_UP(r1, 0x0, 0x40)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x1000, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43, 0x0, 0x3}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)

22m8.312804957s ago: executing program 36 (id=794):
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_DEP_LINK_UP(r1, 0x0, 0x40)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x1000, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43, 0x0, 0x3}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)

20m26.081757101s ago: executing program 8 (id=1061):
r0 = openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x54}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]})
sendto$x25(r0, &(0x7f0000000200)="e2321231b3ed765962f15dc7a986de31083dd18b20166fd90c9504024f883d7fb14c995f96b63077cb8d97f143124e634ba1dbfdde03cab429", 0x39, 0x4, 0x0, 0x0)
r4 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r4, 0x400448c8, &(0x7f0000000500)={r0, r0, 0x5, 0x8a, &(0x7f0000000440)="1710d11c1f0a08c0ae70fada5b647ad966db188fc7987f0d63508e38102f93d4068a81da2a52e48e65490284ab7e48c5410be63d1965a9a7189d5f3eb6990794098ddb00b8240613eaf6e437ec17d4376650266328901594186f0d6da6daf43cdf1be9d53543c2667d2dc984609f9aa6068ff998db14883facc7c86789f14f40895f30551b968a61c3ba", 0x4, 0x81, 0x0, 0x69a5, 0x8, 0x2, 0x2, 'syz1\x00'})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

20m24.87003795s ago: executing program 8 (id=1063):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet(0x2, 0x3, 0x8)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x338, 0x1c0, 0xe138, 0x198, 0x1c0, 0x198, 0x2a0, 0x358, 0x358, 0x2a0, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, '\x00', 'veth0_to_bond\x00', {}, {}, 0x21}, 0x0, 0x158, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0d0004000000000000000004fff0cf81dfd28c89544e14cd3e01dd24289831867846c88621039b284c3ff45c42995560a99952bed40cf5a8c1df6cdbdb7e2378d5afd35f4c16827f55b3af494e39e8fb330200000000000032b6a99a8d87298e88a94cb519f5c17631af916a0002000000000000000000000000000000000049", 0xc}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00', {0xfffffffffffffffc}}}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x398)

20m23.802072791s ago: executing program 8 (id=1066):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000202070250000000000209c207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=@newlink={0x38, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x8, 0x2, @loopback}]}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x25dfdbff}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtfilter={0x24, 0x2c, 0x0, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1}, {0x1}, {0xc}}}, 0x24}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

20m23.311589302s ago: executing program 8 (id=1070):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
syz_open_procfs(0x0, &(0x7f0000000080)='net/tcp\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000380))
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000002140)={{0x12, 0x1, 0x0, 0x8d, 0xdf, 0xb2, 0x40, 0xb49, 0x64f, 0xd4fd, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xde, 0x0, 0x1, 0xe6, 0xf6, 0x52, 0x0, [], [{{0x9, 0x5, 0xc}}]}}]}}]}}, 0x0)
syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x40, 0x458, 0x500f, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x10, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x3d, 0x2, 0x3, 0x1, 0x3, 0x7f, {0x9, 0x21, 0x101, 0xff, 0x1, {0x22, 0xa9c}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x6, 0x5, 0x7}}, [{{0x9, 0x5, 0x2, 0x3, 0x20, 0x8, 0x6, 0x8}}]}}}]}}]}}, &(0x7f0000000200)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x300, 0x2, 0x9, 0xe, 0x8, 0x4}, 0x24, &(0x7f0000000080)={0x5, 0xf, 0x24, 0x2, [@ptm_cap={0x3}, @ssp_cap={0x1c, 0x10, 0xa, 0x4, 0x4, 0x7, 0xf000, 0xff81, [0xffff5f, 0x3f00, 0x10100ff, 0xc030]}]}, 0x2, [{0xc2, &(0x7f00000000c0)=@string={0xc2, 0x3, "273cb14ae5ea4ce9bf6f7a2e3f3523b8669f22cebbde2ae3f5fa05ff7af2cab99ce51723d76ab8b76f1c63651fd70fe0e4e586332458c3d34fa4f7278cfd830d8be1c5b2203687fd83a8bdb7de1de1f6cebcf0efe8feac454e9a8120aabb296acfdde21de0bebc7a57841c49df8d0316012e2570e05bc96b0a9e868389611d2fbd4f3c83b6e46fdabec7c3a9089265c142029e1363c1cbec97cb40c0913d65481b1055f30f30c30ff49ca35f69220d3e09fedb415bc11021da55682c4bf8e459"}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x430}}]})

20m19.99989038s ago: executing program 8 (id=1081):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$bind(&(0x7f0000000100)='\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x40000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file1\x00', 0x1c0)
r0 = landlock_create_ruleset(&(0x7f00000002c0)={0x1}, 0x18, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
landlock_restrict_self(r0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000300)='./file0/file1\x00', &(0x7f0000000340), 0x0, 0x0)
umount2(&(0x7f0000000380)='./file0/file0\x00', 0x0)
move_mount(0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000000400)='./file0/file0\x00', 0x0)
mount$bind(&(0x7f0000000440)='\x00', &(0x7f0000000480)='./file0/file0\x00', &(0x7f00000004c0), 0x21, 0x0)
pivot_root(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)='./file0/file0\x00')

20m15.351884795s ago: executing program 8 (id=1092):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x7, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x24, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x8, 0x1b, 0x0, 0x9, [0x401]}, @timestamp_prespec={0x44, 0x4, 0x0, 0x3, 0x8}, @noop]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000003c0)=[@text64={0x40, 0x0}], 0x1, 0x51, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

20m15.088580126s ago: executing program 37 (id=1092):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x7, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x24, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x8, 0x1b, 0x0, 0x9, [0x401]}, @timestamp_prespec={0x44, 0x4, 0x0, 0x3, 0x8}, @noop]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000003c0)=[@text64={0x40, 0x0}], 0x1, 0x51, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

7m16.508382016s ago: executing program 1 (id=2594):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xb, &(0x7f0000000000)=ANY=[@ANYRES32=r0, @ANYRES8=r0, @ANYRES64=r0, @ANYRES8=r0, @ANYRESHEX=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mbind(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x6, &(0x7f00000001c0)=0xffffffffffffffff, 0x80, 0x0)
mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r4, 0x5607, 0x38)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r6, 0x5607, 0x2)
ioctl$KDSETMODE(r5, 0x4b3a, 0x1)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r7, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="1800000000030500000000000000fd000000000092000000"], 0x18}}, 0x0)

7m14.434169842s ago: executing program 1 (id=2599):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x2d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f00000000c0)={0x52, 0xa, 0x0, "d9c2955351f9acb1ee54ecc4b00f11f11867b5302c11500e8b8152682b7afe20"})
syz_open_dev$vim2m(&(0x7f0000000000), 0xb, 0x2)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_OUTPUT(r7, 0xc004562f, &(0x7f00000000c0)=0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r7, 0xc0945662, &(0x7f0000000100)={0x70, 0x0, '\x00', {0x0, @reserved}})
write$binfmt_script(r6, 0x0, 0x0)

7m8.993030987s ago: executing program 1 (id=2608):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_ADD(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000000180), 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000000)={@local, @multicast1, 0x0, "ea0f38d1a15892def51090fffff3cd08000000e4353d68bcfa00"}, 0x3c)
close_range(r2, r2, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048091}, 0x0)

7m7.20474104s ago: executing program 1 (id=2612):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfb84e000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r3, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
add_key(&(0x7f0000000040)='dns_resolver\x00', 0x0, &(0x7f0000000080)="001801020200", 0x6, 0xfffffffffffffffb)
r4 = socket$inet6(0xa, 0x3, 0x7)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
socket(0x10, 0x3, 0x0)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r5 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, 0x0, &(0x7f0000000040))
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x74, &(0x7f00000003c0)={0x0, 0xa00, 0x10}, 0x0)

7m2.365670642s ago: executing program 1 (id=2618):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe0500000000000000000000950000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$igmp6(0xa, 0x3, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x40049366, &(0x7f0000000180))
syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff)

6m58.598308089s ago: executing program 1 (id=2620):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
syz_open_dev$sndpcmp(0x0, 0x1ff, 0x40000)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r4, 0x560a, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1f, 0x2, 0x1})
setsockopt$SO_J1939_FILTER(r0, 0x6b, 0x1, &(0x7f0000000580), 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
r5 = syz_open_dev$video4linux(&(0x7f0000000040), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r5, 0xc0305602, &(0x7f0000000100)={0x0, 0x1, 0x2022})

6m42.351079954s ago: executing program 38 (id=2620):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
syz_open_dev$sndpcmp(0x0, 0x1ff, 0x40000)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r4, 0x560a, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1f, 0x2, 0x1})
setsockopt$SO_J1939_FILTER(r0, 0x6b, 0x1, &(0x7f0000000580), 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
r5 = syz_open_dev$video4linux(&(0x7f0000000040), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r5, 0xc0305602, &(0x7f0000000100)={0x0, 0x1, 0x2022})

22.605505276s ago: executing program 5 (id=3342):
socket$netlink(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
r3 = timerfd_create(0x0, 0x0)
timerfd_settime(r3, 0x3, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
readv(r3, &(0x7f00000005c0)=[{&(0x7f0000000000)=""/8, 0x8}, {&(0x7f00000000c0)=""/188, 0xbc}], 0x2)
dup(0xffffffffffffffff)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r4, &(0x7f0000000940)=[{{&(0x7f00000004c0)={0xa, 0x4e1d, 0x0, @mcast2}, 0x1c, 0x0}}, {{&(0x7f00000007c0)={0xa, 0x4e28, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="200000000000000029000000370000002f00000000000000c204000000070000200000000000000034000000360000007300000000000000c2040000000900001400000000000000290000000800000000000000000000001400000000000000290000003400000080000000000000001400000000000000290000000b000000000004010000000020000000000000002900000037000000080000000000000000010004010000e3170000000000000029000000040000002b0000000000000014"], 0xd8}}], 0x2, 0x0)

19.497908114s ago: executing program 9 (id=3348):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x23}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}]}], {0x14, 0x10}}, 0xa4}}, 0x4)
ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(0xffffffffffffffff, 0xc0305616, &(0x7f0000000080)={0x0, {0x5, 0x4}})
r1 = open(&(0x7f0000000640)='./file1\x00', 0x0, 0x0)
linkat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', r1, 0x0, 0x0)
write$usbip_server(r1, &(0x7f0000000100)=@ret_unlink={{0x4, 0x0, 0x0, 0x0, 0x5}, {0x1}}, 0x30)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000740), 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, 0x0, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r4, &(0x7f0000000100)={0xc, 0x8, 0xfa00, {0xffffffffffffffff}}, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r2)
sendmsg$IEEE802154_ADD_IFACE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x28, r5, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x20000050)

18.183589531s ago: executing program 9 (id=3350):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
accept$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000240))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r3 = dup2(r2, r2)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000001c0)={'\x00', 0x40, 0xa, 0x401, 0x40000004, 0x10})
ioctl$BLKTRACESTART(r2, 0x1274, 0x0)
ioctl$BLKTRACESETUP(r3, 0x1276, 0x0)
add_key$keyring(0x0, &(0x7f0000000280)={'syz', 0x2}, 0x0, 0x0, 0x0)

17.529081398s ago: executing program 9 (id=3353):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r3 = dup2(r2, r2)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000001c0)={'\x00', 0x40, 0xa, 0x401, 0x40000004, 0x10})
ioctl$BLKTRACESTART(r2, 0x1274, 0x0)
ioctl$BLKTRACESETUP(r3, 0x1276, 0x0)
add_key$keyring(0x0, &(0x7f0000000280)={'syz', 0x2}, 0x0, 0x0, 0x0)

15.705290923s ago: executing program 5 (id=3355):
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000100)={0x8, "ff0f00000000000600a72d866b0000000000f0ffdefe00"})
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x19, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x29, 0x1, @thr={0x0, 0x0}}, &(0x7f0000000040))
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, r0})

15.679643327s ago: executing program 9 (id=3357):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
preadv(r0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000100)=<r1=>0x0)
capset(&(0x7f0000000140)={0x0, r1}, &(0x7f0000000180)={0x4, 0x80, 0x56b0, 0x800, 0xf, 0x300000})
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/snmp\x00')
read(r2, &(0x7f0000001a00)=""/177, 0xb1)
socket$kcm(0x10, 0x2, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$VIDIOC_S_CROP(r3, 0x4014563c, &(0x7f0000000340)={0xc})
r4 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r2, 0x80045017, &(0x7f0000000080))
ioctl$CEC_ADAP_S_LOG_ADDRS(r4, 0xc05c6104, &(0x7f00000001c0)={'\x00', 0x0, 0x6, 0x9, 0x6, 0x6, "471d85001ff300", '\x00', "e1aa6045", "625fe46e", ["c81de44b0091fb7ce7442d42", "6d5eb3eec70d84000c00b4bd", "3433ff7f3300", "e996c9c4d21135876ea2fff7"]})
ppoll(&(0x7f0000000000)=[{r4}], 0x1, 0x0, 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r4, 0xc05c6104, &(0x7f0000000400)={"0301bb47", 0x0, 0x0, 0x0, 0xca1c, 0x0, "b40c902e9a00", "7b7fc907", "e79112e5", "38c4da13", ["8185d3a8873d4b79a717fb97", "9b784e78fce2dbce00", "0000faffe0600000fcff3280", "547013ca3319d99bbc64fd5e"]})

15.276254021s ago: executing program 4 (id=3358):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x4058534c, &(0x7f0000000080)={0x80, 0x200, 0xc6, 0x3e, 0xa185, 0xffffffff})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00001f0000), 0x1000002, 0x0)
dup(r3)
r4 = fanotify_init(0x0, 0x0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(r4, 0x455, 0x8000003, r5, 0x0)
mknod(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
mknod(0x0, 0x8001420, 0x0)
r6 = open$dir(0x0, 0x2, 0x0)
r7 = open(&(0x7f00000002c0)='./bus\x00', 0x60102, 0x0)
writev(r6, &(0x7f0000001480)=[{0x0}], 0x1)
splice(r6, 0x0, r7, 0x0, 0xffffffe1, 0x0)

13.481882791s ago: executing program 5 (id=3362):
syz_open_dev$dri(&(0x7f0000000180), 0xd, 0x40100)
rename(0x0, &(0x7f0000001080)='./file0\x00')
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-(\xb94\xf1\x9c\x83\nbo<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<>\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xdf\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82', 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x58}}, 0x840)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r3 = gettid()
read(r1, 0x0, 0x0)
tkill(r3, 0xb)
syz_usb_connect(0x0, 0x3f, 0x0, 0x0)
r4 = io_uring_setup(0x2e34, &(0x7f0000000180)={0x0, 0x1})
r5 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r5, &(0x7f000047b000)={0xa, 0x404e20, 0x0, @empty}, 0x1c)
listen(r5, 0x400000001ffffffd)
r6 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
close_range(r4, 0xffffffffffffffff, 0x0)

10.978274258s ago: executing program 4 (id=3363):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20840, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x3)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x440, 0x320, 0xa, 0x148, 0x368, 0x60, 0x400, 0x2a8, 0x2a8, 0x400, 0x2a8, 0x3, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2a0, 0x310, 0x0, {0x200003ae, 0x7f00}, [@common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4a0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
listen(0xffffffffffffffff, 0x3)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_INTERRUPT(r6, 0x4004ae86, &(0x7f0000000000)=0x1)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = syz_usb_connect$uac1(0x0, 0xac, &(0x7f0000000240)=ANY=[], 0x0)
syz_usb_control_io(r7, &(0x7f0000000140)={0x2c, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x407}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r7, 0x0, 0x0)

10.939886142s ago: executing program 2 (id=3364):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
capset(0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newtaction={0x14, 0x1e, 0x109}, 0x14}}, 0x0)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0)
r6 = openat$cgroup_ro(r5, 0x0, 0x275a, 0x0)
write$binfmt_script(r6, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r7, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000940)={0x14, 0x7, 0x1, 0x505, 0x0, 0x0, {0x1, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x8004)
ioctl$sock_TIOCINQ(r7, 0x541b, 0x0)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/address_bits', 0x0, 0xa7)

10.031383323s ago: executing program 0 (id=3365):
socket$netlink(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
r3 = timerfd_create(0x0, 0x0)
timerfd_settime(r3, 0x3, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
readv(r3, &(0x7f00000005c0)=[{&(0x7f0000000000)=""/8, 0x8}, {&(0x7f00000000c0)=""/188, 0xbc}], 0x2)
dup(0xffffffffffffffff)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r4, &(0x7f0000000940)=[{{&(0x7f00000004c0)={0xa, 0x4e1d, 0x0, @mcast2}, 0x1c, 0x0}}, {{&(0x7f00000007c0)={0xa, 0x4e28, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="200000000000000029000000370000002f00000000000000c204000000070000200000000000000034000000360000007300000000000000c2040000000900001400000000000000290000000800000000000000000000001400000000000000290000003400000080000000000000001400000000000000290000000b000000000004010000000020000000000000002900000037000000080000000000000000010004010000e3170000000000000029000000040000002b0000000000000014"], 0xd8}}], 0x2, 0x0)

7.037464326s ago: executing program 2 (id=3366):
socket(0x15, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
syz_open_dev$loop(&(0x7f0000000240), 0x4, 0x445c01)
keyctl$chown(0x4, 0x0, 0x0, 0x0)
setgroups(0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$TIOCGPKT(0xffffffffffffffff, 0x80045438, &(0x7f0000000140))
r3 = openat$audio1(0xffffffffffffff9c, 0x0, 0xaa481, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r3, 0x800c5012, &(0x7f0000000040))
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000080)=0x10000000)
ioctl$SNDCTL_DSP_GETOSPACE(r3, 0x8010500c, 0x0)
r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = dup(r4)
ioctl$PTP_EXTTS_REQUEST2(r5, 0x40043d0d, &(0x7f0000000300))

7.017516662s ago: executing program 0 (id=3367):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
accept$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000240))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r3 = dup2(r2, r2)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000001c0)={'\x00', 0x40, 0xa, 0x401, 0x40000004, 0x10})
ioctl$BLKTRACESTART(r2, 0x1274, 0x0)
ioctl$BLKTRACESETUP(r3, 0x1276, 0x0)
add_key$keyring(0x0, &(0x7f0000000280)={'syz', 0x2}, 0x0, 0x0, 0x0)

6.261845396s ago: executing program 5 (id=3368):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000100)=<r1=>0x0)
capset(&(0x7f0000000140)={0x0, r1}, &(0x7f0000000180)={0x4, 0x80, 0x56b0, 0x800, 0xf, 0x300000})
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/snmp\x00')
read(r2, &(0x7f0000001a00)=""/177, 0xb1)
socket$kcm(0x10, 0x2, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$VIDIOC_S_CROP(r3, 0x4014563c, &(0x7f0000000340)={0xc})
r4 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r2, 0x80045017, &(0x7f0000000080))
ioctl$CEC_ADAP_S_LOG_ADDRS(r4, 0xc05c6104, &(0x7f00000001c0)={'\x00', 0x0, 0x6, 0x9, 0x6, 0x6, "471d85001ff300", '\x00', "e1aa6045", "625fe46e", ["c81de44b0091fb7ce7442d42", "6d5eb3eec70d84000c00b4bd", "3433ff7f3300", "e996c9c4d21135876ea2fff7"]})
ppoll(&(0x7f0000000000)=[{r4}], 0x1, 0x0, 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r4, 0xc05c6104, &(0x7f0000000400)={"0301bb47", 0x0, 0x0, 0x0, 0xca1c, 0x0, "b40c902e9a00", "7b7fc907", "e79112e5", "38c4da13", ["8185d3a8873d4b79a717fb97", "9b784e78fce2dbce00", "0000faffe0600000fcff3280", "547013ca3319d99bbc64fd5e"]})

6.216221431s ago: executing program 9 (id=3369):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r2, 0x7b1, &(0x7f0000000080)={{@local, 0x200000}, @host, 0xa, 0x0, 0x0, 0x0, 0x3})
recvmmsg(r1, &(0x7f0000003880)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000080), 0x228200, 0x0)
fgetxattr(r3, &(0x7f0000000240)=@random={'osx.', '[#\x00'}, &(0x7f0000000300)=""/157, 0x9d)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000120018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000140000fbb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r7, 0xaf01, 0x0)
r8 = eventfd2(0x0, 0x0)
ioctl$VHOST_SET_VRING_ERR(r7, 0x4008af21, &(0x7f00000001c0)={0x0, r8})
close_range(r6, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

5.419330702s ago: executing program 2 (id=3370):
r0 = socket(0x2, 0xa, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r3, 0x0, 0x0}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000400000002"], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r4, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r5, &(0x7f0000000300), 0x20000000}, 0x20)
read$msr(r2, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0xfffd, @local}, 0x10)
write$binfmt_elf32(r0, 0x0, 0x58)

5.409275559s ago: executing program 0 (id=3371):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x7)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040)=<r0=>0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000200)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
mremap(&(0x7f000096c000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f00003c7000/0x3000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x90e, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f00000001c0), 0x12)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000, 0x0)
r7 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
sendfile(r7, r6, 0x0, 0x80009)
ioctl$TIOCL_SETVESABLANK(r5, 0x560e, &(0x7f0000000140))
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r8, 0x541c, &(0x7f0000000000))

5.315826265s ago: executing program 4 (id=3372):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r4, @ANYBLOB="1e003300a0f0ffff070211000001080211"], 0x3c}}, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, &(0x7f0000000080), &(0x7f0000000140)=0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000d00), 0xffffffffffffffff)
r7 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r7, 0x40085112, &(0x7f00000003c0)=@v={0x93, 0x0, 0xa0})
syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x1f, 0xa}, {0x0, 0x6}}}}, 0x17)

4.205767221s ago: executing program 2 (id=3373):
syz_emit_ethernet(0x46, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @loopback, @multicast1}, "0400000000000000"}}}}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
epoll_create(0x1)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
writev(r5, &(0x7f0000000140)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1)
read(r5, 0x0, 0x0)
gettid()
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
add_key$keyring(&(0x7f0000000180), 0x0, 0x0, 0xfe00, 0xfffffffffffffffd)

2.795544875s ago: executing program 2 (id=3374):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000480)=ANY=[@ANYBLOB="14000000330001002abd7000ffdbdb2501040000b0f6"], 0x14}, 0x1, 0x0, 0x0, 0x24001}, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000002340), r3)
sendmsg$IEEE802154_ADD_IFACE(r3, &(0x7f0000002440)={0x0, 0x0, &(0x7f0000002400)={&(0x7f0000002380)={0x34, r4, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x1}, @IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x44001}, 0x4050)
sendmsg$NL80211_CMD_SET_COALESCE(r1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x10, 0x0, &(0x7f0000000600)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
r5 = socket(0x2000000000000021, 0x2, 0x2)
shutdown(r5, 0x2)
shutdown(r5, 0x2)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0xc1842, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={&(0x7f0000000580)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x8, [@typedef={0x9, 0x0, 0x0, 0x8, 0x4}, @int={0xf, 0x0, 0x0, 0x1, 0x0, 0x2a, 0x0, 0x4e, 0x2}]}, {0x0, [0x5f, 0x61, 0x5f, 0x2e, 0x2e, 0x0]}}, &(0x7f0000000640)=""/112, 0x3c, 0x70, 0x0, 0xd, 0x71310ad2291554c6, @value}, 0x28)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
bind$can_raw(0xffffffffffffffff, &(0x7f00000001c0), 0x10)

2.770086657s ago: executing program 4 (id=3375):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r3, &(0x7f0000002b80), 0x0, 0x4000000)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
semget$private(0x0, 0x3, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x8000000000000000, 0x210383)
syz_open_dev$swradio(&(0x7f0000001700), 0x1, 0x2)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r6, &(0x7f00000009c0)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x1c, 0x1, 0x8, 0x801, 0x0, 0x0, {0xa, 0x0, 0x9}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008040}, 0x24000894)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000080}, 0x0)

2.668338829s ago: executing program 0 (id=3376):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getpeername$unix(r1, &(0x7f0000000340), 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_genetlink_get_family_id$nbd(&(0x7f0000000300), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000003700010324bd70028ae79ca907"], 0x14}}, 0x0)
recvmmsg(r6, 0x0, 0x0, 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x20000023896)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff)
syz_open_dev$video(&(0x7f0000000580), 0x7, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

1.841243128s ago: executing program 9 (id=3377):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = open(&(0x7f00009e1000)='./file0\x00', 0x48141, 0x0)
fcntl$getflags(r3, 0x401)
clock_settime(0x0, &(0x7f0000003c80)={0x77359400})
ustat(0xfffffffeffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x2, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="891000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0x7c}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9feb0100180000000000000024000017f82677000000000000000900000000030000009c020000000200000000004db69d690021000000050000000000001bd869b59363b3ea69f36369100f5419eb334869845394409076035e15fa150f573f8ef2db905cfd8b3f5efa06ed3d7a965332d54c39ec3e22154c394cb881121f6374c1fb"], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r5, 0x4040534e, &(0x7f0000000140)={0x16f, @time={0xd511}})

1.703234655s ago: executing program 4 (id=3378):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[])
write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x1}}, 0x30)
read$FUSE(r0, &(0x7f0000004180)={0x2020, 0x0, <r1=>0x0}, 0x2020)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)
write$FUSE_OPEN(r0, &(0x7f00000002c0)={0x20, 0x0, r1}, 0x20)

1.356154852s ago: executing program 5 (id=3379):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x23}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}]}], {0x14, 0x10}}, 0xa4}}, 0x4)
ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(0xffffffffffffffff, 0xc0305616, &(0x7f0000000080)={0x0, {0x5, 0x4}})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
r2 = open(&(0x7f0000000640)='./file1\x00', 0x0, 0x0)
linkat(r1, &(0x7f0000000100)='./file1\x00', r2, 0x0, 0x0)
write$usbip_server(r2, &(0x7f0000000100)=@ret_unlink={{0x4, 0x0, 0x0, 0x0, 0x5}, {0x1}}, 0x30)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000740), 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, 0x0, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r5, &(0x7f0000000100)={0xc, 0x8, 0xfa00, {0xffffffffffffffff}}, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r3)
sendmsg$IEEE802154_ADD_IFACE(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, r6, 0x1, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20000050)

1.354799255s ago: executing program 2 (id=3380):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x3, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x4b}}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="02", 0x33fe0}], 0x1}, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
ioctl$SNDCTL_DSP_SETFMT(r0, 0x40045010, &(0x7f0000000300))
pipe2$watch_queue(0x0, 0x80)
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x1a, &(0x7f0000000200)={0x1, 'netdevsim0\x00'}, 0x18)
syz_emit_ethernet(0x0, 0x0, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x56)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$sequencer(0xffffff9c, &(0x7f00000000c0), 0x101003, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="180000001300290a000000000000000007"], 0x38}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='cgroup.stat\x00', 0x275a, 0x0)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000280), 0x22802, 0x0)
r4 = syz_io_uring_setup(0x19d3, &(0x7f00000003c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r4, 0xa3d, 0x0, 0x0, 0x0, 0xff39)
getsockopt$sock_buf(r3, 0x1, 0xa, &(0x7f00000002c0)=""/105, &(0x7f0000000080)=0x69)
ioctl$SNDCTL_SEQ_OUTOFBAND(r2, 0x40085112, &(0x7f0000000040)=@s={0x5, @SEQ_MIDIPUTC=0x97, 0x0, 0x7})

1.349548086s ago: executing program 0 (id=3381):
openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x8, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000b4321f00000000000a00630018000000", @ANYRES32, @ANYBLOB="0000000000000000b706000014000000b7030000000600008500000008000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
timer_create(0x0, 0x0, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x39000, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
setsockopt$inet6_int(r2, 0x29, 0xcf, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x63, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0x200000, 0x0, 0x0, 0xffffffff, 0x8003}}}}]}, 0x4c}}, 0x4000844)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='highspeed\x00', 0xa)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r3, &(0x7f0000000140)={0x15, 0x110, 0xfa00, {r4, 0x0, 0x30, 0x30, 0x0, @in6={0x1b, 0x0, 0x0, @empty}, @ib={0x1b, 0x0, 0x0, {"0e000000000000000000000004000001"}}}}, 0x118)
write$RDMA_USER_CM_CMD_LISTEN(r3, &(0x7f0000000340)={0x7, 0x8, 0xfa00, {r4}}, 0x10)
write$RDMA_USER_CM_CMD_DESTROY_ID(r3, &(0x7f0000000280)={0x1, 0x10, 0xfa00, {&(0x7f0000000040), r4}}, 0x18)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)
recvmsg(r0, &(0x7f0000000580)={0x0, 0x7, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700)
socket$netlink(0x10, 0x3, 0x0)

1.228758704s ago: executing program 0 (id=3382):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
accept$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000240))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r3 = dup2(r2, r2)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f00000001c0)={'\x00', 0x40, 0xa, 0x401, 0x40000004, 0x10})
ioctl$BLKTRACESTART(r2, 0x1274, 0x0)
ioctl$BLKTRACESETUP(r3, 0x1276, 0x0)
add_key$keyring(0x0, &(0x7f0000000280)={'syz', 0x2}, 0x0, 0x0, 0x0)

948.357746ms ago: executing program 4 (id=3383):
r0 = socket(0x2, 0xa, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r3, 0x0, 0x0}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000400000002"], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r4, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r5, &(0x7f0000000300), 0x20000000}, 0x20)
read$msr(r2, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0xfffd, @local}, 0x10)
write$binfmt_elf32(r0, 0x0, 0x58)

0s ago: executing program 5 (id=3384):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
landlock_restrict_self(0xffffffffffffffff, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$l2tp6(0xa, 0x2, 0x73)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0x6, 0x30}, 0xc)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x50}, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, 0x0, 0x18)
syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
connect$inet6(r4, 0x0, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r6, r5, &(0x7f0000002080)=0x66, 0x23b)

kernel console output (not intermixed with test programs):

: set [1, 0] type 2 family 0 port 6081 - 0
[  455.004456][T10407] usb 6-1: Using ep0 maxpacket: 8
[  455.020923][T10407] usb 6-1: config 0 has an invalid interface number: 143 but max is 0
[  455.036216][T10407] usb 6-1: config 0 has no interface number 0
[  455.043641][T10407] usb 6-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b
[  455.055396][T10407] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  455.071279][T10407] usb 6-1: config 0 descriptor??
[  455.212296][T10407] viperboard 6-1:0.143: version 0.00 found at bus 006 address 011
[  455.269336][T10407] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100
[  455.306961][T10407] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5
[  455.378668][T10407] usb 6-1: USB disconnect, device number 11
[  455.646239][T11254] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  455.653013][T11254] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  455.747230][T11271] rtc_cmos 00:00: Alarms can be up to one day in the future
[  458.479644][T11254] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  458.492034][T11254] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  458.665168][T11254] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  458.671872][T11254] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  458.864627][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  458.927908][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  459.018146][ T9479] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  459.246829][ T9479] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  459.684875][T11316] omfs: Invalid superblock (0)
[  464.677005][T10323] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  464.911817][T10323] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  464.998576][T10323] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  465.368306][T10323] usb 2-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  465.470658][T10323] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  465.487345][T10323] usb 2-1: Product: syz
[  465.491574][T10323] usb 2-1: Manufacturer: syz
[  465.496206][T10323] usb 2-1: SerialNumber: syz
[  465.590714][T10323] usb 2-1: config 0 descriptor??
[  465.600519][T11379] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  465.608317][T11379] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  466.577721][T11379] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  467.498853][T11379] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  470.788576][T10323] Error reading MAC address
[  470.816192][T10323] usb 2-1: USB disconnect, device number 2
[  472.097227][ T5992] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  472.243619][T11460] syzkaller0: entered promiscuous mode
[  472.333128][T11460] syzkaller0: entered allmulticast mode
[  472.429746][ T5992] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  472.465336][ T5132] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  472.484106][ T5132] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  472.494545][ T5132] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  472.502895][ T5132] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  472.512347][ T5132] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  472.521810][ T5132] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  472.803665][ T5992] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  472.941260][ T5992] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  473.561385][ T5992] bridge_slave_1: left allmulticast mode
[  473.576866][ T5992] bridge_slave_1: left promiscuous mode
[  473.587038][ T5992] bridge0: port 2(bridge_slave_1) entered disabled state
[  474.533820][ T5992] bridge_slave_0: left allmulticast mode
[  474.539657][ T5992] bridge_slave_0: left promiscuous mode
[  474.549655][ T5992] bridge0: port 1(bridge_slave_0) entered disabled state
[  474.577403][ T5132] Bluetooth: hci3: command tx timeout
[  474.697097][T10323] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  474.896962][T10323] usb 1-1: Using ep0 maxpacket: 16
[  474.928427][T10323] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  474.956866][T10323] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  474.966647][T10323] usb 1-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x5, skipping
[  475.132503][T10323] usb 1-1: New USB device found, idVendor=19d2, idProduct=ff51, bcdDevice=a9.fa
[  475.156359][T10323] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  475.793849][T10323] usb 1-1: Product: syz
[  475.798151][T10323] usb 1-1: Manufacturer: syz
[  475.802773][T10323] usb 1-1: SerialNumber: syz
[  475.809377][T10323] usb 1-1: config 0 descriptor??
[  475.840411][T10323] option 1-1:0.0: GSM modem (1-port) converter detected
[  477.072364][ T5132] Bluetooth: hci3: command tx timeout
[  477.132180][  T973] usb 1-1: USB disconnect, device number 14
[  477.139679][  T973] option 1-1:0.0: device disconnected
[  478.239151][T11550] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3832186367 (7664372734 ns) > initial count (4194322 ns). Using initial count to start timer.
[  479.169934][ T5132] Bluetooth: hci3: command tx timeout
[  480.753775][ T5992] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  480.770043][ T5992] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  480.809109][ T5992] bond0 (unregistering): Released all slaves
[  480.885149][T11590] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1209'.
[  481.066679][T11470] chnl_net:caif_netlink_parms(): no params data found
[  481.216969][ T5132] Bluetooth: hci3: command tx timeout
[  483.297083][ T5913] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  483.500086][ T5913] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  483.521778][ T5992] hsr_slave_0: left promiscuous mode
[  483.665225][ T5992] hsr_slave_1: left promiscuous mode
[  483.782282][ T5913] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  483.868681][ T5992] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  483.921433][ T5992] batman_adv: batadv0: Removing interface: batadv_slave_0
[  483.936317][ T5992] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  483.955435][ T5992] batman_adv: batadv0: Removing interface: batadv_slave_1
[  483.963362][ T5913] usb 1-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  483.972727][ T5913] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.986034][ T5913] usb 1-1: config 0 descriptor??
[  484.076379][ T5992] veth1_macvtap: left promiscuous mode
[  484.082248][ T5992] veth0_macvtap: left promiscuous mode
[  484.087955][ T5992] veth1_vlan: left promiscuous mode
[  484.093251][ T5992] veth0_vlan: left promiscuous mode
[  484.472125][ T5913] isku 0003:1E7D:319C.0008: item fetching failed at offset 3/7
[  484.480644][ T5913] isku 0003:1E7D:319C.0008: parse failed
[  484.486358][ T5913] isku 0003:1E7D:319C.0008: probe with driver isku failed with error -22
[  484.703563][ T5913] usb 1-1: USB disconnect, device number 15
[  486.411372][   T29] audit: type=1326 audit(1734560618.866:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11675 comm="syz.9.1227" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x0
[  488.874516][ T5992] team0 (unregistering): Port device team_slave_1 removed
[  489.043417][T11721] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1234'.
[  489.096045][T11721] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1234'.
[  489.222493][ T5992] team0 (unregistering): Port device team_slave_0 removed
[  491.778483][T11470] bridge0: port 1(bridge_slave_0) entered blocking state
[  491.830568][T11470] bridge0: port 1(bridge_slave_0) entered disabled state
[  491.888969][T11470] bridge_slave_0: entered allmulticast mode
[  491.939120][T11470] bridge_slave_0: entered promiscuous mode
[  491.953069][T11470] bridge0: port 2(bridge_slave_1) entered blocking state
[  491.972676][T11470] bridge0: port 2(bridge_slave_1) entered disabled state
[  492.002944][T11470] bridge_slave_1: entered allmulticast mode
[  492.050548][T11470] bridge_slave_1: entered promiscuous mode
[  493.237298][T11470] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  493.433579][T11747] 9pnet_fd: p9_fd_create_tcp (11747): problem connecting socket to 127.0.0.1
[  493.940371][T11753] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1242'.
[  494.207522][T11470] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  495.147721][T11470] team0: Port device team_slave_0 added
[  495.459829][T11470] team0: Port device team_slave_1 added
[  499.442809][T11470] batman_adv: batadv0: Adding interface: batadv_slave_0
[  499.497071][T11470] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  499.535785][T11470] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  499.549366][T11470] batman_adv: batadv0: Adding interface: batadv_slave_1
[  499.557395][T11470] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  499.584009][T11470] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  501.082444][T11470] hsr_slave_0: entered promiscuous mode
[  501.144910][T11470] hsr_slave_1: entered promiscuous mode
[  501.294855][T11470] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  501.333549][T11470] Cannot create hsr debugfs directory
[  501.862994][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  501.869448][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  502.556927][ T1203] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  503.476839][ T1203] usb 3-1: Using ep0 maxpacket: 32
[  503.626845][ T1203] usb 3-1: New USB device found, idVendor=1a0a, idProduct=0108, bcdDevice=27.51
[  503.636050][ T1203] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  503.644793][ T1203] usb 3-1: Product: syz
[  503.649381][ T1203] usb 3-1: Manufacturer: syz
[  503.654016][ T1203] usb 3-1: SerialNumber: syz
[  503.661802][ T1203] usb 3-1: config 0 descriptor??
[  503.673583][ T1203] usb_ehset_test 3-1:0.0: probe with driver usb_ehset_test failed with error -32
[  506.134178][   T29] audit: type=1326 audit(1734560638.726:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11854 comm="syz.0.1261" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6cef785d29 code=0x0
[  506.404830][T10323] usb 3-1: USB disconnect, device number 9
[  506.446472][T11470] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  506.729310][T11470] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  508.211039][  T973] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  508.627430][  T973] usb 6-1: Using ep0 maxpacket: 16
[  508.645528][  T973] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  508.654730][  T973] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  508.676893][  T973] usb 6-1: Product: syz
[  508.681090][  T973] usb 6-1: Manufacturer: syz
[  508.710165][T11470] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  508.792010][  T973] usb 6-1: SerialNumber: syz
[  508.972402][  T973] r8152-cfgselector 6-1: Unknown version 0x0000
[  509.049217][  T973] r8152-cfgselector 6-1: config 0 descriptor??
[  509.359511][  T973] r8152-cfgselector 6-1: Unknown version 0x0000
[  509.373030][  T973] r8152-cfgselector 6-1: bad CDC descriptors
[  509.405945][  T973] r8152-cfgselector 6-1: USB disconnect, device number 12
[  509.518963][T11470] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  510.202104][T11470] 8021q: adding VLAN 0 to HW filter on device bond0
[  510.218823][T11470] 8021q: adding VLAN 0 to HW filter on device team0
[  510.235952][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[  510.243108][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[  510.263612][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  510.270714][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  510.403496][T11470] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  510.414036][T11470] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  511.774182][T11923] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1272'.
[  511.995336][T11922] 9pnet: bogus RREAD count (69 > 41)
[  512.037372][   T29] audit: type=1800 audit(1734560644.626:131): pid=11922 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.1273" name="/" dev="9p" ino=2 res=0 errno=0
[  512.085076][T11470] 8021q: adding VLAN 0 to HW filter on device batadv0
[  512.149870][T11470] veth0_vlan: entered promiscuous mode
[  512.205625][T11470] veth1_vlan: entered promiscuous mode
[  512.325520][T11470] veth0_macvtap: entered promiscuous mode
[  512.353989][T11470] veth1_macvtap: entered promiscuous mode
[  512.418942][T11470] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  512.429677][T11470] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.439800][T11470] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  512.450538][T11470] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.460643][T11470] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  512.471329][T11470] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.488406][T11470] batman_adv: batadv0: Interface activated: batadv_slave_0
[  512.514026][T11470] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  512.524687][T11470] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.534818][T11470] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  512.545536][T11470] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.555576][T11470] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  512.566205][T11470] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  512.582905][T11470] batman_adv: batadv0: Interface activated: batadv_slave_1
[  512.592726][T11470] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  512.601533][T11470] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  512.610283][T11470] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  512.619049][T11470] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  514.601571][T11953] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1279'.
[  514.819776][T11955] hub 6-0:1.0: USB hub found
[  514.825599][T11955] hub 6-0:1.0: 1 port detected
[  515.107527][T11953] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1279'.
[  515.348569][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  515.397277][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  516.939280][ T6935] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  517.008797][ T6935] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  517.030045][T11961] kvm: kvm [11960]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x11a00000000
[  517.090448][T11961] kvm: kvm [11960]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x11b00000800
[  517.929189][T11986] vivid-000: disconnect
[  517.961071][T11984] vivid-000: reconnect
[  522.088612][T12023] netlink: 'syz.5.1291': attribute type 1 has an invalid length.
[  523.005562][T12027] random: crng reseeded on system resumption
[  523.793906][T12027] Restarting kernel threads ... done.
[  524.007734][T12037] 8021q: adding VLAN 0 to HW filter on device bond1
[  527.034245][T12073] debugfs: Directory 'netdev:nicvf0' with parent 'phy24' already present!
[  527.993899][T12082] o2cb: This node has not been configured.
[  528.000113][T12082] o2cb: Cluster check failed. Fix errors before retrying.
[  528.007364][T12082] (syz.5.1301,12082,0):user_dlm_register:674 ERROR: status = -22
[  528.015111][T12082] (syz.5.1301,12082,0):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file1"
[  531.772106][   T29] audit: type=1804 audit(1734560664.366:132): pid=12114 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.1.1308" name="/newroot/3/file1" dev="fuse" ino=1 res=1 errno=0
[  532.458929][   T29] audit: type=1800 audit(1734560665.056:133): pid=12114 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.1308" name="/" dev="fuse" ino=1 res=0 errno=0
[  532.834443][T12120] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  537.114663][T12186] netlink: 'syz.1.1321': attribute type 1 has an invalid length.
[  537.126986][T12186] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1321'.
[  539.460215][T12205] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  545.638480][T12267] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  553.335359][T12341] vlan2: entered promiscuous mode
[  553.406792][T12341] vlan2: entered allmulticast mode
[  553.807811][T12341] hsr_slave_1: entered allmulticast mode
[  554.001024][T12350] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1356'.
[  554.100601][T12356] syz.9.1358: attempt to access beyond end of device
[  554.100601][T12356] nbd9: rw=0, sector=0, nr_sectors = 1 limit=0
[  554.117616][T12356] hpfs: hpfs_map_sector(): read error
[  554.396140][T12360] netlink: 'syz.2.1368': attribute type 32 has an invalid length.
[  554.538566][T12360] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1368'.
[  555.354009][T12373] xt_cgroup: xt_cgroup: no path or classid specified
[  556.394923][T12350] hsr_slave_1 (unregistering): left allmulticast mode
[  557.132044][T12350] hsr_slave_1 (unregistering): left promiscuous mode
[  557.144663][T12360] (unnamed net_device) (uninitialized): Setting coupled_control to off (0)
[  557.385253][T12390] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  561.072236][T12422] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1372'.
[  561.138601][T12424] netlink: 'syz.2.1372': attribute type 10 has an invalid length.
[  562.334852][ T1203] hid (null): unknown global tag 0xd
[  562.346892][ T1203] hid (null): invalid report_count -437012996
[  562.382102][ T6935] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  562.395938][ T1203] hid (null): unknown global tag 0xd
[  562.518004][T12424] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  562.607993][ T1203] hid-generic 0081:0000:0006.0009: unexpected long global item
[  562.616158][ T1203] hid-generic 0081:0000:0006.0009: probe with driver hid-generic failed with error -22
[  562.806251][ T6935] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  563.993242][ T6935] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  564.398873][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  566.657925][ T6935] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  566.995699][T12522] Cache volume key already in use (9p,(null),)
[  567.415482][T12538] binder: 12537:12538 ioctl c0306201 20000580 returned -14
[  567.500689][ T6935] bridge_slave_1: left allmulticast mode
[  567.507645][ T6935] bridge_slave_1: left promiscuous mode
[  567.535995][ T6935] bridge0: port 2(bridge_slave_1) entered disabled state
[  568.322053][ T6935] bridge_slave_0: left allmulticast mode
[  568.334057][ T6935] bridge_slave_0: left promiscuous mode
[  568.346604][ T6935] bridge0: port 1(bridge_slave_0) entered disabled state
[  575.427919][   T29] audit: type=1804 audit(1734560706.358:134): pid=12619 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.1410" name="/newroot/308/bus/file1" dev="overlay" ino=1705 res=1 errno=0
[  577.884147][ T6935] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  578.008410][ T6935] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  578.275339][ T6935] bond0 (unregistering): Released all slaves
[  578.424174][T12599] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  579.428041][T12663] syz.0.1424 (12663): attempted to duplicate a private mapping with mremap.  This is not supported.
[  579.976375][   T46] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  580.054969][   T25] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  581.506140][ T6935] hsr_slave_0: left promiscuous mode
[  581.526370][ T6935] hsr_slave_1: left promiscuous mode
[  581.542498][ T6935] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  581.568052][ T6935] batman_adv: batadv0: Removing interface: batadv_slave_0
[  582.181194][ T6935] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  582.188915][   T46] usb 6-1: Using ep0 maxpacket: 8
[  583.313140][ T6935] batman_adv: batadv0: Removing interface: batadv_slave_1
[  584.455759][   T46] usb 6-1: unable to read config index 0 descriptor/all
[  584.597906][ T6935] veth1_macvtap: left promiscuous mode
[  585.030145][ T6935] veth0_macvtap: left promiscuous mode
[  585.484624][   T46] usb 6-1: can't read configurations, error -71
[  585.498383][   T25] usb 10-1: device descriptor read/all, error -71
[  585.951612][ T6935] veth1_vlan: left promiscuous mode
[  585.997717][ T6935] veth0_vlan: left promiscuous mode
[  588.500949][T12734] openvswitch: netlink: Missing valid actions attribute.
[  588.508246][T12734] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  592.509840][T12770] syz.9.1448: attempt to access beyond end of device
[  592.509840][T12770] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  593.758488][T12780] binder: BINDER_SET_CONTEXT_MGR already set
[  593.764731][T12780] binder: 12779:12780 ioctl 4018620d 20000040 returned -16
[  593.932682][ T6935] team0 (unregistering): Port device team_slave_1 removed
[  594.003799][ T6935] team0 (unregistering): Port device team_slave_0 removed
[  595.030067][T12794] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1456'.
[  595.126527][T12795] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1456'.
[  601.082204][T12887] team_slave_0: entered promiscuous mode
[  601.088503][T12887] team_slave_1: entered promiscuous mode
[  601.138936][T12887] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  601.147422][T12887] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  603.160374][T12911] bond0: entered promiscuous mode
[  604.143116][T12911] bond_slave_0: entered promiscuous mode
[  604.171756][T12911] bond_slave_1: entered promiscuous mode
[  604.414282][T12911] macvlan2: entered promiscuous mode
[  604.534634][T12911] team0: entered promiscuous mode
[  604.839243][T12936] overlayfs: failed to resolve './file1': -2
[  605.331318][T12946] syz.9.1478: attempt to access beyond end of device
[  605.331318][T12946] nbd9: rw=6144, sector=128, nr_sectors = 8 limit=0
[  605.344635][T12946] gfs2: error -5 reading superblock
[  608.413131][T12974] hub 6-0:1.0: USB hub found
[  608.419428][T12974] hub 6-0:1.0: 1 port detected
[  609.154196][T12976] overlayfs: conflicting options: verity=on,redirect_dir=follow
[  609.394600][T12985] fuse: Unknown parameter 'group_id?00000000000000000000'
[  611.425051][T12979] loop9: detected capacity change from 0 to 7
[  611.552448][T12979] Dev loop9: unable to read RDB block 7
[  611.579624][T12979]  loop9: unable to read partition table
[  612.219132][T12979] loop9: partition table beyond EOD, truncated
[  612.257077][T12979] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  612.257077][T12979] 
) failed (rc=-5)
[  612.618220][T13009] Bluetooth: MGMT ver 1.23
[  613.968935][T13029] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1497'.
[  614.390715][T13029] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1497'.
[  614.438211][T13029] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1497'.
[  614.452736][T13029] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1497'.
[  616.176197][T13064] openvswitch: netlink: Missing valid actions attribute.
[  616.183491][T13064] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  624.517419][ T5132] block nbd9: Receive control failed (result -32)
[  624.533784][T13152] block nbd9: shutting down sockets
[  626.775185][T13172] block nbd0: not configured, cannot reconfigure
[  626.822494][T13183] netlink: 16 bytes leftover after parsing attributes in process `syz.9.1525'.
[  629.821538][T13210] [U] ^C
[  629.984535][T13217] openvswitch: netlink: IP tunnel dst address not specified
[  630.566531][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  631.893818][T13238] TCP: out of memory -- consider tuning tcp_mem
[  633.805769][T13248] xt_CT: You must specify a L4 protocol and not use inversions on it
[  636.645992][T13267] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  643.368289][T13299] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  644.526556][ T5132] Bluetooth: Unknown BR/EDR signaling command 0x0e
[  644.533396][ T5132] Bluetooth: Wrong link type (-22)
[  644.539581][ T5132] Bluetooth: Unknown BR/EDR signaling command 0x10
[  644.546242][ T5132] Bluetooth: Wrong link type (-22)
[  644.551505][ T5132] Bluetooth: hci3: link tx timeout
[  644.557230][ T5132] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  647.124008][T13318] Bluetooth: hci3: command 0x0406 tx timeout
[  647.253064][T13318] Bluetooth: hci3: unexpected event for opcode 0x0c03
[  648.438373][T13339] syz.2.1569: attempt to access beyond end of device
[  648.438373][T13339] nbd2: rw=0, sector=2, nr_sectors = 2 limit=0
[  648.452137][T13339] syz.2.1569: attempt to access beyond end of device
[  648.452137][T13339] nbd2: rw=0, sector=16, nr_sectors = 2 limit=0
[  656.142071][T13409] xt_SECMARK: unable to map security context 'unconfined'
[  658.662054][T13434] netlink: 6233 bytes leftover after parsing attributes in process `syz.1.1587'.
[  659.303867][T13431] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  659.987933][T13451] mkiss: ax0: crc mode is auto.
[  661.101457][   T29] audit: type=1326 audit(1734560786.522:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13456 comm="syz.2.1594" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7feed3785d29 code=0x0
[  661.913116][T13475] sg_write: data in/out 219/14 bytes for SCSI command 0x0-- guessing data in;
[  661.913116][T13475]    program syz.2.1594 not setting count and/or reply_len properly
[  662.462462][T13480] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1598'.
[  662.614277][T13480] bridge3: port 1(bridge_slave_1) entered blocking state
[  662.634391][T13480] bridge3: port 1(bridge_slave_1) entered disabled state
[  662.641959][T13480] bridge_slave_1: entered allmulticast mode
[  662.649220][T13480] bridge_slave_1: entered promiscuous mode
[  662.852938][T13480] bridge3: port 2(macvlan2) entered blocking state
[  662.861039][T13480] bridge3: port 2(macvlan2) entered disabled state
[  662.889986][T13480] macvlan2: entered allmulticast mode
[  663.595720][T13480] macvlan2: entered promiscuous mode
[  663.927706][T13498] fuse: Unknown parameter '0x0000000000000006'
[  664.218684][T13502] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  664.237852][T13502] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  665.115022][T13514] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1604'.
[  665.177097][T13514] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1604'.
[  669.746785][T13559] ip6t_srh: unknown srh match flags  4000
[  671.858055][T10323] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  672.060230][T10323] usb 6-1: Using ep0 maxpacket: 8
[  672.117795][T10323] usb 6-1: unable to get BOS descriptor or descriptor too short
[  672.133929][T10323] usb 6-1: unable to read config index 0 descriptor/start: -71
[  672.142198][T10323] usb 6-1: can't read configurations, error -71
[  674.634339][T13586] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  674.841578][T13608] x_tables: unsorted entry at hook 3
[  674.873421][T13586] kvm: pic: non byte read
[  674.878084][T13586] kvm: pic: level sensitive irq not supported
[  674.878129][T13586] kvm: pic: non byte read
[  674.890488][T13586] kvm: pic: level sensitive irq not supported
[  674.890536][T13586] kvm: pic: non byte read
[  674.945940][T13586] kvm: pic: level sensitive irq not supported
[  674.946011][T13586] kvm: pic: non byte read
[  677.455255][   T29] audit: type=1326 audit(1734560801.423:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13628 comm="syz.9.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  677.477087][   T29] audit: type=1326 audit(1734560801.423:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13628 comm="syz.9.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  678.380901][   T29] audit: type=1326 audit(1734560801.694:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13628 comm="syz.9.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  678.402649][   T29] audit: type=1326 audit(1734560801.694:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13628 comm="syz.9.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  678.424526][   T29] audit: type=1326 audit(1734560801.694:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13628 comm="syz.9.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  678.446159][   T29] audit: type=1326 audit(1734560802.059:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13628 comm="syz.9.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  678.467882][   T29] audit: type=1326 audit(1734560802.059:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13628 comm="syz.9.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  678.489500][   T29] audit: type=1326 audit(1734560802.059:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13628 comm="syz.9.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  678.511324][   T29] audit: type=1326 audit(1734560802.162:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13628 comm="syz.9.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  678.532999][   T29] audit: type=1326 audit(1734560802.162:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13628 comm="syz.9.1630" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  682.853177][T13690] x_tables: unsorted entry at hook 3
[  685.560536][T13725] Illegal XDP return value 2442452786 on prog  (id 366) dev N/A, expect packet loss!
[  687.689966][   T29] kauditd_printk_skb: 8 callbacks suppressed
[  687.689983][   T29] audit: type=1326 audit(1734560811.394:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13734 comm="syz.9.1650" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x0
[  689.473162][T13810] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  695.897171][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  696.087472][T13878] Process accounting resumed
[  697.133968][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  697.481961][T13900] bridge0: port 3(erspan0) entered blocking state
[  697.490717][T13900] bridge0: port 3(erspan0) entered disabled state
[  697.501595][T13900] erspan0: entered allmulticast mode
[  697.528259][T13900] erspan0: entered promiscuous mode
[  697.553277][T13900] bridge0: port 3(erspan0) entered blocking state
[  697.560144][T13900] bridge0: port 3(erspan0) entered forwarding state
[  713.486606][T14090] binder: BINDER_SET_CONTEXT_MGR already set
[  713.499956][T14090] binder: 14085:14090 ioctl 4018620d 20000040 returned -16
[  719.059880][T14128] veth0_to_team: entered promiscuous mode
[  719.085397][T14128] veth0_to_team: entered allmulticast mode
[  724.262403][ T1203] usb 6-1: new full-speed USB device number 17 using dummy_hcd
[  724.266478][T14183] syz.2.1725 (14183): drop_caches: 2
[  724.447520][ T1203] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  724.501385][ T1203] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  724.527929][ T1203] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  724.569803][ T1203] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  724.659750][ T1203] usb 6-1: Product: syz
[  724.666297][ T1203] usb 6-1: Manufacturer: syz
[  724.677792][ T1203] usb 6-1: SerialNumber: syz
[  724.915616][ T1203] usb 6-1: 0:2 : does not exist
[  725.102664][ T1203] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  726.016759][ T1203] usb 6-1: USB disconnect, device number 17
[  726.375699][T13153] udevd[13153]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  726.907371][T14233] can0: slcan on ttyS3.
[  727.278178][T14233] can0 (unregistered): slcan off ttyS3.
[  727.481304][T14224] openvswitch: netlink: Flow actions attr not present in new flow.
[  731.094248][T12050] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  731.297030][T12050] usb 3-1: Using ep0 maxpacket: 16
[  731.333351][T12050] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  731.374839][T12050] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  731.392052][   T25] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  731.499087][T12050] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  731.562016][T12050] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  731.602854][T12050] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  731.625658][   T25] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  731.651694][T12050] usb 3-1: Product: syz
[  731.670241][   T25] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  731.690359][T12050] usb 3-1: Manufacturer: syz
[  731.703010][T12050] usb 3-1: SerialNumber: syz
[  731.723393][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  731.785693][   T25] usb 2-1: config 0 descriptor??
[  732.048591][   T25] pwc: Askey VC010 type 2 USB webcam detected.
[  733.305672][T12050] usb 3-1: 0:2 : does not exist
[  733.378084][T12050] usb 3-1: 1:0: cannot get min/max values for control 4 (id 1)
[  733.398445][   T25] pwc: recv_control_msg error -32 req 02 val 2b00
[  733.407564][   T25] pwc: recv_control_msg error -32 req 02 val 2700
[  733.426051][   T25] pwc: recv_control_msg error -32 req 02 val 2c00
[  733.478167][   T25] pwc: recv_control_msg error -32 req 04 val 1000
[  733.543139][   T25] pwc: recv_control_msg error -32 req 04 val 1300
[  733.573951][   T25] pwc: recv_control_msg error -32 req 04 val 1400
[  733.782537][T12050] usb 3-1: USB disconnect, device number 10
[  733.790054][   T25] pwc: recv_control_msg error -32 req 02 val 2000
[  733.799843][   T25] pwc: recv_control_msg error -32 req 02 val 2100
[  733.810426][   T25] pwc: recv_control_msg error -32 req 04 val 1500
[  733.818709][   T25] pwc: recv_control_msg error -32 req 02 val 2500
[  733.826518][   T25] pwc: recv_control_msg error -32 req 02 val 2400
[  733.836566][   T25] pwc: recv_control_msg error -32 req 02 val 2600
[  735.134689][   T25] pwc: recv_control_msg error -32 req 02 val 2900
[  735.441019][   T25] pwc: recv_control_msg error -32 req 02 val 2800
[  735.714535][   T25] pwc: recv_control_msg error -71 req 04 val 1200
[  735.724453][   T25] pwc: Registered as video103.
[  735.764547][   T25] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input20
[  736.440313][   T25] usb 2-1: USB disconnect, device number 3
[  738.267223][T12050] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  738.944305][T12050] usb 3-1: Using ep0 maxpacket: 16
[  739.449399][T14365] netlink: 112 bytes leftover after parsing attributes in process `syz.9.1763'.
[  740.012682][T14364] overlayfs: missing 'lowerdir'
[  743.715769][T14390] hfs: unable to load iocharset "io#harset"
[  744.007187][T12050] usb 3-1: device descriptor read/all, error -71
[  755.838903][T14510] overlayfs: missing 'workdir'
[  756.067074][  T973] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  756.271107][  T973] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  756.333070][  T973] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  756.386231][  T973] usb 2-1: Product: syz
[  756.427242][  T973] usb 2-1: Manufacturer: syz
[  756.481461][  T973] usb 2-1: SerialNumber: syz
[  756.551452][  T973] usb 2-1: config 0 descriptor??
[  757.109656][  T973] usb 2-1: Firmware version (0.0) predates our first public release.
[  757.120337][  T973] usb 2-1: Please update to version 0.2 or newer
[  757.156343][  T973] usb 2-1: Firmware: build 
[  757.448344][  T973] usb 2-1: USB disconnect, device number 4
[  757.659585][T14562] syz.9.1799[14562] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  757.659836][T14562] syz.9.1799[14562] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  757.671918][T14562] syz.9.1799[14562] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  758.696651][T14563] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1799'.
[  761.134942][T14594] netlink: 'syz.1.1806': attribute type 4 has an invalid length.
[  761.261711][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  765.114399][T14640] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  768.995076][T14672] dccp_v6_rcv: dropped packet with invalid checksum
[  769.136855][T14672] bridge0: port 3(erspan0) entered disabled state
[  769.159869][T14672] bridge0: port 1(bridge_slave_0) entered disabled state
[  769.208027][T14672] bridge0: port 2(bridge_slave_1) entered disabled state
[  770.438670][T14676] bridge0: port 3(erspan0) entered blocking state
[  770.445223][T14676] bridge0: port 3(erspan0) entered forwarding state
[  770.475415][T14676] bridge0: port 1(bridge_slave_0) entered blocking state
[  770.482621][T14676] bridge0: port 1(bridge_slave_0) entered forwarding state
[  770.491957][T14676] bridge0: port 2(bridge_slave_1) entered blocking state
[  770.499104][T14676] bridge0: port 2(bridge_slave_1) entered forwarding state
[  774.058405][   T29] audit: type=1800 audit(1734560892.175:155): pid=14744 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.1834" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  774.080437][T14738] vlan2: entered promiscuous mode
[  774.087932][T14738] nlmon0: entered promiscuous mode
[  774.136650][T14738] bond0: (slave vlan2): Enslaving as an active interface with an up link
[  774.722284][T14755] netlink: 1788 bytes leftover after parsing attributes in process `syz.9.1836'.
[  776.634194][ T5881] IPVS: starting estimator thread 0...
[  777.767571][T14757] IPVS: using max 23 ests per chain, 55200 per kthread
[  777.942385][T14772] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1837'.
[  779.131568][T14788] netlink: 'syz.1.1842': attribute type 21 has an invalid length.
[  779.139917][T14788] netlink: 'syz.1.1842': attribute type 6 has an invalid length.
[  779.147878][T14788] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1842'.
[  779.166362][T14788] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  780.825388][T14797] xt_TCPMSS: Only works on TCP SYN packets
[  782.267810][T14821] binder_alloc: binder_alloc_mmap_handler: 14811 20ffd000-21000000 already mapped failed -16
[  782.721343][T14826] Bluetooth: MGMT ver 1.23
[  783.152781][T14836] netlink: 80 bytes leftover after parsing attributes in process `syz.5.1851'.
[  784.128616][T14837] serio: Serial port ptm0
[  784.415629][T14851] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1850'.
[  784.439789][ T5881] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  784.685977][ T5881] usb 6-1: Using ep0 maxpacket: 16
[  785.370151][ T5881] usb 6-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  785.381134][ T5881] usb 6-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  785.390888][ T5881] usb 6-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  785.397993][T14863] vivid-002: kernel_thread() failed
[  785.741196][ T5881] usb 6-1: config 0 interface 0 has no altsetting 0
[  785.784719][ T5881] usb 6-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00
[  785.854283][ T5881] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  786.170613][T14871] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  786.622012][ T5881] usb 6-1: config 0 descriptor??
[  787.832737][ T5881] input: HID 0458:5010 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5010.000A/input/input21
[  787.928688][ T5881] kye 0003:0458:5010.000A: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.5-1/input0
[  788.182751][ T5881] usb 6-1: USB disconnect, device number 18
[  788.320812][T14890] netlink: 'syz.1.1862': attribute type 3 has an invalid length.
[  788.328711][T14890] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1862'.
[  790.179266][T14887] xt_hashlimit: max too large, truncated to 1048576
[  790.214415][ T5836] IPVS: starting estimator thread 0...
[  790.394501][T14903] IPVS: using max 26 ests per chain, 62400 per kthread
[  790.549863][T14913] vimc link validate: Sensor B:src:16x2160 (0x33424752, 8, 0, 3, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  790.873365][T13318] Bluetooth: hci3: command 0x0406 tx timeout
[  791.986598][T14919] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1869'.
[  792.185009][ T9480] Bluetooth: hci6: Frame reassembly failed (-84)
[  792.548186][   T12] Bluetooth: Error in BCSP hdr checksum
[  792.787061][ T6935] Bluetooth: Error in BCSP hdr checksum
[  793.080533][ T6935] Bluetooth: Error in BCSP hdr checksum
[  793.459588][ T6935] Bluetooth: Error in BCSP hdr checksum
[  793.686408][   T11] Bluetooth: Error in BCSP hdr checksum
[  793.968651][   T11] Bluetooth: Error in BCSP hdr checksum
[  794.619026][ T5132] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  794.626120][ T5132] Bluetooth: hci6: command 0xfc11 tx timeout
[  794.649598][T13318] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[  794.666162][T14960] hub 9-0:1.0: USB hub found
[  794.671631][T14960] hub 9-0:1.0: 1 port detected
[  795.354909][T13318] Bluetooth: hci3: command 0x0406 tx timeout
[  796.510872][T14987] binder: 14977:14987 unknown command 0
[  796.517223][T14987] binder: 14977:14987 ioctl c0306201 20000a80 returned -22
[  798.220222][T15005] fuse: Unknown parameter 'd'
[  798.232472][   T29] audit: type=1326 audit(1734560914.774:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14999 comm="syz.9.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  798.448906][   T29] audit: type=1326 audit(1734560914.774:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14999 comm="syz.9.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  799.391231][T15005] 9pnet_virtio: no channels available for device syz
[  799.492314][   T29] audit: type=1326 audit(1734560914.999:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14999 comm="syz.9.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  799.784599][   T29] audit: type=1326 audit(1734560914.999:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14999 comm="syz.9.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  799.806655][   T29] audit: type=1326 audit(1734560914.999:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14999 comm="syz.9.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  799.830827][   T29] audit: type=1326 audit(1734560914.999:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14999 comm="syz.9.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc8e3d84690 code=0x7ffc0000
[  799.852912][   T29] audit: type=1326 audit(1734560914.999:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14999 comm="syz.9.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  799.874925][   T29] audit: type=1326 audit(1734560914.999:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14999 comm="syz.9.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  799.900661][   T29] audit: type=1326 audit(1734560914.999:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14999 comm="syz.9.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  799.928776][   T29] audit: type=1326 audit(1734560914.999:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14999 comm="syz.9.1884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[  799.960964][T15021] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  800.764314][T15027] can0: slcan on ttyS3.
[  802.699495][T15027] can0 (unregistered): slcan off ttyS3.
[  802.992069][T15031] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  805.707979][T15082] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  805.997774][T15083] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1910'.
[  808.922119][T15110] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  808.928682][T15110] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  809.026628][T15110] vhci_hcd vhci_hcd.0: Device attached
[  809.231945][   T25] vhci_hcd: vhci_device speed not set
[  809.298161][   T25] usb 37-1: new full-speed USB device number 2 using vhci_hcd
[  810.309106][T15110] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1905'.
[  810.661029][T15112] vhci_hcd: connection reset by peer
[  811.646550][T12880] vhci_hcd: stop threads
[  811.660299][T12880] vhci_hcd: release socket
[  811.679545][T12880] vhci_hcd: disconnect device
[  815.849283][   T25] vhci_hcd: vhci_device speed not set
[  815.853440][T15168] No such timeout policy "syz1"
[  820.819120][T15234] tc_dump_action: action bad kind
[  828.403114][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  831.742911][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  831.742925][   T29] audit: type=1800 audit(1734560946.148:167): pid=15296 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.9.1944" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  834.672961][ T5881] usb 3-1: new full-speed USB device number 13 using dummy_hcd
[  836.861502][ T5881] usb 3-1: device descriptor read/all, error -71
[  837.340637][ T5881] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  838.088054][ T5881] usb 3-1: Using ep0 maxpacket: 8
[  838.131703][ T5881] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  838.149347][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  838.159412][ T5881] usb 3-1: Product: syz
[  838.183959][ T5881] usb 3-1: Manufacturer: syz
[  838.188595][ T5881] usb 3-1: SerialNumber: syz
[  838.417573][ T5881] usb 3-1: config 0 descriptor??
[  839.429606][ T5881] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  839.544584][T15375] netlink: 'syz.5.1957': attribute type 10 has an invalid length.
[  839.718269][T15375] syz_tun: entered promiscuous mode
[  840.995223][ T5881] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -110
[  841.451787][   T25] usb 3-1: USB disconnect, device number 14
[  845.456890][T15437] geneve2: entered promiscuous mode
[  845.485571][T15437] geneve2: entered allmulticast mode
[  845.765446][T15445] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1973'.
[  846.539375][T15445] netlink: 108 bytes leftover after parsing attributes in process `syz.2.1973'.
[  847.067263][T15449] serio: Serial port ptm0
[  847.442165][T15445] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1973'.
[  847.991236][T15459] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  849.238907][T15466] netlink: 'syz.1.1977': attribute type 1 has an invalid length.
[  850.556520][T15485] xt_nfacct: accounting object `sy' does not exists
[  853.834976][T10407] usb 3-1: new full-speed USB device number 15 using dummy_hcd
[  854.208881][T15534] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:16x16 (0x38415262, 2, 0, 0, 0)
[  854.879879][T10407] usb 3-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=30.62
[  854.889359][T15532] batman_adv: batadv0: Adding interface: dummy0
[  854.902078][T15532] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  854.954068][T10407] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  854.962320][T10407] usb 3-1: Product: syz
[  854.966582][T10407] usb 3-1: Manufacturer: syz
[  854.971385][T10407] usb 3-1: SerialNumber: syz
[  854.997810][T15532] batman_adv: batadv0: Interface activated: dummy0
[  855.028992][T10407] usb 3-1: config 0 descriptor??
[  855.053265][T10407] usb 3-1: selecting invalid altsetting 3
[  855.059609][T10407] comedi comedi0: could not set alternate setting 3 in high speed
[  855.342019][T10407] usbdux 3-1:0.0: driver 'usbdux' failed to auto-configure device.
[  855.344695][T15532] batadv0: mtu less than device minimum
[  855.354393][T10407] usbdux 3-1:0.0: probe with driver usbdux failed with error -22
[  856.388716][T15532] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  856.401652][T15532] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  856.414269][T15532] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  856.426857][T15532] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  856.439421][T15532] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  856.452035][T15532] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  856.464608][T15532] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  856.477215][T15532] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  856.489782][T15532] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  858.798825][T15553] usb 3-1: USB disconnect, device number 15
[  858.905650][T15556] usb usb8: usbfs: process 15556 (syz.0.1996) did not claim interface 0 before use
[  859.071889][T15567] lo speed is unknown, defaulting to 1000
[  860.124249][T15567] lo speed is unknown, defaulting to 1000
[  860.136050][T15567] lo speed is unknown, defaulting to 1000
[  860.148178][T15567] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  860.375604][T15573] SET target dimension over the limit!
[  860.465590][T15567] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  860.647629][T15567] lo speed is unknown, defaulting to 1000
[  860.830532][T15567] lo speed is unknown, defaulting to 1000
[  860.893769][T15567] lo speed is unknown, defaulting to 1000
[  860.924596][T15567] lo speed is unknown, defaulting to 1000
[  860.963944][T15567] lo speed is unknown, defaulting to 1000
[  861.907104][T15596] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  861.940566][T15596] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  861.964157][T15596] vlan3: entered promiscuous mode
[  862.967031][T15607] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2006'.
[  865.210850][T15628] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2011'.
[  865.264467][T15628] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2011'.
[  865.542235][T15628] batadv0: entered promiscuous mode
[  865.571728][T15628] dummy0: entered promiscuous mode
[  865.580699][T15628] dummy0: left promiscuous mode
[  866.680565][T15628] batadv0: left promiscuous mode
[  867.230109][T15641] CIFS: VFS: Malformed UNC in devname
[  872.071030][T15688] netlink: 'syz.1.2021': attribute type 10 has an invalid length.
[  872.172697][T15688] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2021'.
[  874.041608][T15688] team0: Port device geneve0 added
[  874.479089][T15712] loop2: detected capacity change from 0 to 7
[  874.539841][T15712] Dev loop2: unable to read RDB block 7
[  874.568120][T15712]  loop2: unable to read partition table
[  874.649826][T15712] loop2: partition table beyond EOD, truncated
[  874.689952][T15712] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  876.442353][T15737] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  879.102845][T15773] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2034'.
[  880.383600][T15786] binder: BC_ACQUIRE_RESULT not supported
[  880.420146][T15786] binder: 15778:15786 ioctl c0306201 20000480 returned -22
[  880.950280][   T29] audit: type=1326 audit(1734560992.179:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15764 comm="syz.5.2036" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x0
[  881.173341][T15800] lo speed is unknown, defaulting to 1000
[  883.931296][T15820] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2042'.
[  887.011538][T15860] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  887.027034][T15860] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  889.259471][T15880] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  889.906980][T15886] pim6reg: entered allmulticast mode
[  889.935306][T15888] pim6reg: left allmulticast mode
[  892.156712][T15911] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  892.792234][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  896.857251][T15946] netlink: 'syz.2.2063': attribute type 12 has an invalid length.
[  899.172552][T15952] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2068'.
[  900.545398][T15975] syz.0.2073 (15975) used greatest stack depth: 17536 bytes left
[  904.160820][T16002] /dev/nullb0: Can't lookup blockdev
[  906.625867][T16025] syz.2.2082 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  907.296343][   T29] audit: type=1326 audit(1734561016.761:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16014 comm="syz.5.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[  907.385756][   T29] audit: type=1326 audit(1734561016.761:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16014 comm="syz.5.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[  907.623923][   T29] audit: type=1326 audit(1734561016.929:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16014 comm="syz.5.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[  907.753926][   T29] audit: type=1326 audit(1734561016.929:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16014 comm="syz.5.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[  907.808102][   T29] audit: type=1326 audit(1734561016.929:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16014 comm="syz.5.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[  909.061863][   T29] audit: type=1326 audit(1734561016.929:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16014 comm="syz.5.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[  909.296707][   T29] audit: type=1326 audit(1734561016.929:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16014 comm="syz.5.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[  909.471681][   T29] audit: type=1326 audit(1734561016.929:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16014 comm="syz.5.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[  909.639490][T16057] usb usb9: usbfs: process 16057 (syz.1.2091) did not claim interface 0 before use
[  913.095048][T16090] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains
[  914.458925][T16084] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  917.343866][T16120] xt_CONNSECMARK: invalid mode: 0
[  917.442172][T14932] Bluetooth: hci3: command 0x0406 tx timeout
[  917.576429][   T29] audit: type=1326 audit(1734561026.358:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16122 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cef785d29 code=0x7ffc0000
[  917.623607][   T29] audit: type=1326 audit(1734561026.358:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16122 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cef785d29 code=0x7ffc0000
[  917.645461][   T29] audit: type=1326 audit(1734561026.368:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16122 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6cef785d29 code=0x7ffc0000
[  917.669387][   T29] audit: type=1326 audit(1734561026.368:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16122 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cef785d29 code=0x7ffc0000
[  917.698747][   T29] audit: type=1326 audit(1734561026.368:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16122 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cef785d29 code=0x7ffc0000
[  917.720683][   T29] audit: type=1326 audit(1734561026.368:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16122 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6cef785d29 code=0x7ffc0000
[  917.742516][   T29] audit: type=1326 audit(1734561026.368:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16122 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cef785d29 code=0x7ffc0000
[  917.777481][   T29] audit: type=1326 audit(1734561026.368:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16122 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cef785d29 code=0x7ffc0000
[  918.622129][   T29] audit: type=1326 audit(1734561026.368:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16122 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6cef785d29 code=0x7ffc0000
[  918.671056][   T29] audit: type=1326 audit(1734561026.368:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16122 comm="syz.0.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cef785d29 code=0x7ffc0000
[  919.189345][T16134] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  923.567169][T16166] kvm: kvm [16165]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc1) = 0x4ff00000000
[  923.674560][T16166] kvm: kvm [16165]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x50000000000
[  923.707012][T16166] kvm: kvm [16165]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x7f000000000
[  923.734988][T16166] kvm: kvm [16165]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x186) = 0xb5000000000
[  923.735102][T16166] kvm: kvm [16165]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0xb5b00000000
[  924.375261][T16184] block nbd0: not configured, cannot reconfigure
[  932.756507][T16238] net_ratelimit: 10 callbacks suppressed
[  932.756527][T16238] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  935.528393][T16258] Smack: duplicate mount options
[  947.729788][T14932] Bluetooth: hci3: command 0x0406 tx timeout
[  948.662666][T16343] xt_TCPMSS: Only works on TCP SYN packets
[  951.748290][T16364] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2152'.
[  955.208758][T16391] netlink: 'syz.5.2153': attribute type 10 has an invalid length.
[  958.334659][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  959.066130][T16422] IPVS: length: 198 != 24
[  960.917987][T16458] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2166'.
[  975.608275][T16541] netlink: zone id is out of range
[  975.613722][T16541] netlink: zone id is out of range
[  975.618847][T16541] netlink: zone id is out of range
[  975.624063][T16541] netlink: zone id is out of range
[  975.631042][T16541] netlink: set zone limit has 8 unknown bytes
[  982.572202][T16580] syz.9.2193: attempt to access beyond end of device
[  982.572202][T16580] nbd9: rw=0, sector=0, nr_sectors = 2 limit=0
[ 1001.003610][T16693] overlayfs: invalid redirect ((null))
[ 1002.274934][T16690] 
: renamed from bond0
[ 1005.504147][T16720] ebt_among: dst integrity fail: 101
[ 1005.607681][T16723] syz.1.2228: attempt to access beyond end of device
[ 1005.607681][T16723] loop1: rw=0, sector=2, nr_sectors = 1 limit=0
[ 1005.621263][T16723] hfs: can't find a HFS filesystem on dev loop1
[ 1017.496122][T16772] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1017.660419][T16772] bond0: (slave rose0): Enslaving as an active interface with an up link
[ 1024.457756][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1029.102011][T16905] netlink: 168864 bytes leftover after parsing attributes in process `syz.9.2262'.
[ 1029.132309][T16905] openvswitch: netlink: Message has 44053 unknown bytes.
[ 1031.348409][T16923] netdevsim netdevsim5: Direct firmware load for printk failed with error -2
[ 1031.357967][T16923] netdevsim netdevsim5: Falling back to sysfs fallback for: printk
[ 1032.697620][T16920] [U] v�3
[ 1035.547725][T16962] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 1, id = 0
[ 1040.255469][   T29] kauditd_printk_skb: 35 callbacks suppressed
[ 1040.255483][   T29] audit: type=1326 audit(1734561141.179:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16990 comm="syz.5.2285" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x0
[ 1040.387430][T16993] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1042.020324][T16996] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1044.696586][T13318] Bluetooth: hci3: command 0x0406 tx timeout
[ 1047.522947][T13318] Bluetooth: hci3: command 0x0406 tx timeout
[ 1049.802127][ T5881] usb 2-1: new low-speed USB device number 5 using dummy_hcd
[ 1049.966514][ T5881] usb 2-1: No LPM exit latency info found, disabling LPM.
[ 1049.991076][ T5881] usb 2-1: config 0 has no interfaces?
[ 1050.018485][ T5881] usb 2-1: string descriptor 0 read error: -22
[ 1050.061410][ T5881] usb 2-1: New USB device found, idVendor=056a, idProduct=00ba, bcdDevice= 0.40
[ 1050.072746][ T5881] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1050.224895][ T5881] usb 2-1: config 0 descriptor??
[ 1051.524414][T17085] sp0: Synchronizing with TNC
[ 1051.883734][    T9] usb 2-1: USB disconnect, device number 5
[ 1052.715404][T17079] mkiss: ax0: crc mode is auto.
[ 1058.430441][T17118] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1065.487291][T17152] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1067.215397][T17170] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2329'.
[ 1068.070308][T17175] bridge_slave_1: left allmulticast mode
[ 1068.436015][T17175] bridge_slave_1: left promiscuous mode
[ 1068.477139][T17175] bridge3: port 1(bridge_slave_1) entered disabled state
[ 1068.771686][T17175] macvlan2: left allmulticast mode
[ 1068.776859][T17175] macvlan2: left promiscuous mode
[ 1068.794499][T17175] bridge3: port 2(macvlan2) entered disabled state
[ 1070.444174][   T29] audit: type=1800 audit(1734561169.428:223): pid=17194 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.2337" name="/" dev="9p" ino=2 res=0 errno=0
[ 1074.795899][T17223] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2344'.
[ 1077.689647][T17238] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1078.349003][T17234] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[ 1080.853719][T17260] ptrace attach of "./syz-executor exec"[5833] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[ 1086.949303][T17317] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1088.293727][T17329] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2372'.
[ 1088.760302][T17329] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2372'.
[ 1089.721325][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1093.798868][T17382] No such timeout policy "syz1"
[ 1094.429013][T17390] Invalid logical block size (524288)
[ 1102.452009][ T5881] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1102.678243][ T5881] usb 3-1: Using ep0 maxpacket: 32
[ 1102.695334][ T5881] usb 3-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b
[ 1102.712468][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1102.720856][ T5881] usb 3-1: Product: syz
[ 1102.735895][ T5881] usb 3-1: Manufacturer: syz
[ 1102.750396][ T5881] usb 3-1: SerialNumber: syz
[ 1102.767817][ T5881] usb 3-1: config 0 descriptor??
[ 1103.124545][T17440] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1103.998933][   T29] audit: type=1326 audit(1734561200.081:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17437 comm="syz.5.2400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1104.217448][   T29] audit: type=1326 audit(1734561200.081:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17437 comm="syz.5.2400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1105.158176][   T29] audit: type=1326 audit(1734561200.090:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17437 comm="syz.5.2400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1105.200914][ T5881] peak_usb 3-1:0.0 can0: unable to request usb[type=0 value=0] err=-71
[ 1105.209213][ T5881] peak_usb 3-1:0.0: unable to read PCAN-USB Pro bootloader info (err -71)
[ 1105.253012][   T29] audit: type=1326 audit(1734561200.090:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17437 comm="syz.5.2400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1106.069772][   T29] audit: type=1326 audit(1734561200.090:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17437 comm="syz.5.2400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1106.295282][T17457] Invalid source name
[ 1106.299391][T17457] UBIFS error (pid: 17457): cannot open "/dev/sr0", error -22
[ 1106.461150][   T29] audit: type=1326 audit(1734561200.109:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17437 comm="syz.5.2400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6886584690 code=0x7ffc0000
[ 1106.528126][T17445] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2403'.
[ 1106.672949][   T29] audit: type=1326 audit(1734561200.109:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17437 comm="syz.5.2400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1106.818398][   T29] audit: type=1326 audit(1734561200.109:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17437 comm="syz.5.2400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1106.840262][   T29] audit: type=1326 audit(1734561200.109:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17437 comm="syz.5.2400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1106.906052][   T29] audit: type=1326 audit(1734561200.109:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17437 comm="syz.5.2400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1106.999320][ T5881] peak_usb 3-1:0.0: probe with driver peak_usb failed with error -71
[ 1107.024464][ T5881] usb 3-1: USB disconnect, device number 16
[ 1107.332366][T17470] netlink: 220 bytes leftover after parsing attributes in process `syz.2.2408'.
[ 1108.167784][T17470] netlink: 84 bytes leftover after parsing attributes in process `syz.2.2408'.
[ 1108.247161][T17472] futex_wake_op: syz.1.2409 tries to shift op by 32; fix this program
[ 1109.710855][T17485] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1113.267011][   T29] kauditd_printk_skb: 26 callbacks suppressed
[ 1113.267085][   T29] audit: type=1326 audit(1734561208.462:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17497 comm="syz.9.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[ 1113.496831][   T29] audit: type=1326 audit(1734561208.462:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17497 comm="syz.9.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[ 1113.667996][   T29] audit: type=1326 audit(1734561208.462:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17497 comm="syz.9.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[ 1113.978443][   T29] audit: type=1326 audit(1734561208.471:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17497 comm="syz.9.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[ 1114.001390][   T29] audit: type=1326 audit(1734561208.471:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17497 comm="syz.9.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[ 1114.147500][T17520] vivid-001: disconnect
[ 1114.758858][   T29] audit: type=1326 audit(1734561208.471:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17497 comm="syz.9.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[ 1115.421069][   T29] audit: type=1326 audit(1734561208.481:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17497 comm="syz.9.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[ 1115.552747][   T29] audit: type=1326 audit(1734561208.481:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17497 comm="syz.9.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[ 1115.574586][   T29] audit: type=1326 audit(1734561208.509:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17497 comm="syz.9.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[ 1115.620428][   T29] audit: type=1326 audit(1734561208.509:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17497 comm="syz.9.2416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc8e3d85d29 code=0x7ffc0000
[ 1115.784177][T17530] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1117.355800][T17546] netlink: 'syz.1.2424': attribute type 1 has an invalid length.
[ 1117.363885][T17546] netlink: 'syz.1.2424': attribute type 2 has an invalid length.
[ 1117.373853][T17546] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check.
[ 1119.428460][T17558] No such timeout policy "syz0"
[ 1139.641506][   T46] usb 10-1: new full-speed USB device number 8 using dummy_hcd
[ 1139.652257][T17704] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1140.276659][   T46] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 520, setting to 64
[ 1140.290453][   T46] usb 10-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6
[ 1140.607066][   T46] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1140.616942][   T46] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1140.632673][   T46] usb 10-1: SerialNumber: syz
[ 1140.647514][T17714] veth0_vlan: left promiscuous mode
[ 1141.670804][T17714] veth0_vlan: entered promiscuous mode
[ 1144.711559][   T46] usb 10-1: can't set config #1, error -71
[ 1144.971235][   T46] usb 10-1: USB disconnect, device number 8
[ 1149.670146][T17747] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2478'.
[ 1150.255824][T17763] netlink: 'syz.5.2480': attribute type 298 has an invalid length.
[ 1150.937291][T17762] bridge_slave_0: left allmulticast mode
[ 1150.943002][T17762] bridge_slave_0: left promiscuous mode
[ 1151.063710][T17762] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1151.141933][T17762] bridge_slave_1: left allmulticast mode
[ 1151.147724][T17762] bridge_slave_1: left promiscuous mode
[ 1151.154686][T17762] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1151.377228][T17762] bond0: (slave bond_slave_0): Releasing backup interface
[ 1151.481181][T17762] bond_slave_0: left promiscuous mode
[ 1152.531775][T17762] bond0: (slave bond_slave_1): Releasing backup interface
[ 1152.550846][T17762] bond_slave_1: left promiscuous mode
[ 1152.590938][T17762] team_slave_0: left promiscuous mode
[ 1152.765745][T17762] team0: Port device team_slave_0 removed
[ 1152.773383][T17762] team_slave_1: left promiscuous mode
[ 1152.809694][T17762] team0: Port device team_slave_1 removed
[ 1152.816963][T17762] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1152.824655][T17762] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1152.836555][T17762] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1152.845017][T17762] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1155.236355][T17797] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1156.462678][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1156.475376][T10407] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[ 1156.607798][T17802] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2492'.
[ 1156.650573][T17802] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2492'.
[ 1156.672310][T17802] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2492'.
[ 1156.685790][T17802] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2492'.
[ 1161.498364][T17824] /dev/nullb0: Can't lookup blockdev
[ 1162.623813][T17850] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[ 1164.358375][T17858] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1164.724755][ T5881] kernel write not supported for file /cpu/0/msr (pid: 5881 comm: kworker/1:6)
[ 1167.659695][T17886] batman_adv: batadv0: Adding interface: dummy0
[ 1167.672456][T17886] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1167.752855][T17886] batman_adv: batadv0: Interface activated: dummy0
[ 1167.995074][T17892] batadv0: mtu less than device minimum
[ 1168.040558][T17892] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1168.053212][T17892] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1168.065793][T17892] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1168.078371][T17892] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1168.090929][T17892] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1168.103479][T17892] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1168.116063][T17892] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1168.128612][T17892] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1168.141159][T17892] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1168.375552][    C1] vcan0: j1939_tp_rxtimer: 0xffff888033d83c00: rx timeout, send abort
[ 1168.388057][    C1] vcan0: j1939_tp_rxtimer: 0xffff888033d83800: rx timeout, send abort
[ 1168.400857][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888033d83c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1168.417623][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888033d83800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1168.777205][T17902] sd 0:0:1:0: device reset
[ 1170.463537][T17910] 9pnet: Could not find request transport: rdma����18446744073709551615
[ 1172.917253][T17928] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2521'.
[ 1175.508335][   T29] kauditd_printk_skb: 10 callbacks suppressed
[ 1175.508388][   T29] audit: type=1326 audit(1734561267.682:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17943 comm="syz.5.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1175.853352][   T29] audit: type=1326 audit(1734561267.682:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17943 comm="syz.5.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1175.875348][   T29] audit: type=1326 audit(1734561267.682:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17943 comm="syz.5.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1175.897552][   T29] audit: type=1326 audit(1734561267.682:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17943 comm="syz.5.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1175.919650][   T29] audit: type=1326 audit(1734561267.682:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17943 comm="syz.5.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1175.941549][   T29] audit: type=1326 audit(1734561267.682:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17943 comm="syz.5.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1175.963460][   T29] audit: type=1326 audit(1734561267.682:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17943 comm="syz.5.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1175.985270][   T29] audit: type=1326 audit(1734561267.682:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17943 comm="syz.5.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1176.007016][   T29] audit: type=1326 audit(1734561267.682:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17943 comm="syz.5.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1176.028797][   T29] audit: type=1326 audit(1734561267.682:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17943 comm="syz.5.2526" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1176.050343][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1178.619340][T17975] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes
[ 1180.110083][ T5881] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[ 1180.346938][ T5881] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1180.359534][ T5881] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1180.380692][ T5881] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1180.475901][ T5881] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1180.485225][ T5881] usb 2-1: SerialNumber: syz
[ 1182.001479][ T5881] usb 2-1: 0:2 : does not exist
[ 1182.265927][ T5881] usb 2-1: USB disconnect, device number 7
[ 1183.185876][T18004] ip6t_rpfilter: unknown options
[ 1183.195089][T18004] netlink: 56 bytes leftover after parsing attributes in process `syz.9.2542'.
[ 1184.579745][T16969] udevd[16969]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1187.208810][T18024] bridge0: port 1(erspan0) entered blocking state
[ 1187.215480][T18024] bridge0: port 1(erspan0) entered disabled state
[ 1187.222676][T18024] erspan0: entered allmulticast mode
[ 1187.229586][T18024] erspan0: entered promiscuous mode
[ 1187.235977][T18024] bridge0: port 1(erspan0) entered blocking state
[ 1187.242578][T18024] bridge0: port 1(erspan0) entered forwarding state
[ 1194.731211][T18061] /dev/nullb0: Can't lookup blockdev
[ 1195.734189][T18073] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2561'.
[ 1195.749141][T18070] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2560'.
[ 1195.799615][T18073] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2561'.
[ 1195.825046][T18070] batadv0: entered promiscuous mode
[ 1195.838829][T18070] macvtap1: entered promiscuous mode
[ 1195.844428][T18070] macvtap1: entered allmulticast mode
[ 1195.853771][T18070] batadv0: entered allmulticast mode
[ 1195.883668][T18070] 8021q: adding VLAN 0 to HW filter on device macvtap1
[ 1196.038974][T18076] batadv0: left allmulticast mode
[ 1196.044318][T18076] batadv0: left promiscuous mode
[ 1200.413659][T18102] overlayfs: failed to resolve './file1': -2
[ 1203.438407][T18171] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2576'.
[ 1205.155219][T18179] 9pnet_virtio: no channels available for device syz
[ 1207.193978][T18189] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2579'.
[ 1210.850371][T18223] (syz.5.2588,18223,0):dlmfs_mkdir:420 ERROR: invalid domain name for directory.
[ 1210.866341][T18223] o2cb: This node has not been configured.
[ 1210.879328][T18223] o2cb: Cluster check failed. Fix errors before retrying.
[ 1210.887569][T18223] (syz.5.2588,18223,1):user_dlm_register:674 ERROR: status = -22
[ 1210.896619][T18223] (syz.5.2588,18223,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "bus"
[ 1210.949881][T18223] o2cb: This node has not been configured.
[ 1212.043492][T18223] o2cb: Cluster check failed. Fix errors before retrying.
[ 1212.251767][T18223] (syz.5.2588,18223,1):user_dlm_register:674 ERROR: status = -22
[ 1212.263138][T18223] (syz.5.2588,18223,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file1"
[ 1212.309141][T18223] o2cb: This node has not been configured.
[ 1212.315273][T18223] o2cb: Cluster check failed. Fix errors before retrying.
[ 1212.322579][T18223] (syz.5.2588,18223,1):user_dlm_register:674 ERROR: status = -22
[ 1212.330551][T18223] (syz.5.2588,18223,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0"
[ 1212.757360][T18234] GUP no longer grows the stack in syz.2.2590 (18234): 20004000-2000a000 (20002000)
[ 1212.768282][T18234] CPU: 0 UID: 0 PID: 18234 Comm: syz.2.2590 Not tainted 6.13.0-rc3-syzkaller-00062-gc061cf420ded #0
[ 1212.779084][T18234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1212.789160][T18234] Call Trace:
[ 1212.792460][T18234]  <TASK>
[ 1212.795414][T18234]  dump_stack_lvl+0x241/0x360
[ 1212.800126][T18234]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1212.805356][T18234]  ? __pfx__printk+0x10/0x10
[ 1212.809974][T18234]  ? find_vma+0xf9/0x170
[ 1212.814256][T18234]  __get_user_pages+0x4385/0x49e0
[ 1212.819296][T18234]  ? __lock_acquire+0x1397/0x2100
[ 1212.824375][T18234]  ? __pfx___get_user_pages+0x10/0x10
[ 1212.829802][T18234]  get_user_pages_remote+0x31e/0xb60
[ 1212.835108][T18234]  ? __pfx_get_user_pages_remote+0x10/0x10
[ 1212.840913][T18234]  ? __access_remote_vm+0x320/0x800
[ 1212.846107][T18234]  __access_remote_vm+0x229/0x800
[ 1212.851146][T18234]  ? __pfx___access_remote_vm+0x10/0x10
[ 1212.856686][T18234]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1212.861903][T18234]  ? alloc_pages_noprof+0xef/0x170
[ 1212.867034][T18234]  proc_pid_cmdline_read+0x5b2/0x860
[ 1212.872321][T18234]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[ 1212.878134][T18234]  ? rw_verify_area+0x568/0x6f0
[ 1212.882990][T18234]  vfs_readv+0x6bc/0xa80
[ 1212.887245][T18234]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[ 1212.893049][T18234]  ? __pfx_vfs_readv+0x10/0x10
[ 1212.897832][T18234]  ? __fget_files+0x2a/0x410
[ 1212.902439][T18234]  ? __fget_files+0x395/0x410
[ 1212.907134][T18234]  ? __fget_files+0x2a/0x410
[ 1212.911751][T18234]  __x64_sys_preadv+0x1b7/0x2d0
[ 1212.916613][T18234]  ? __pfx___x64_sys_preadv+0x10/0x10
[ 1212.921980][T18234]  ? do_syscall_64+0x100/0x230
[ 1212.926737][T18234]  ? do_syscall_64+0xb6/0x230
[ 1212.931420][T18234]  do_syscall_64+0xf3/0x230
[ 1212.935927][T18234]  ? clear_bhb_loop+0x35/0x90
[ 1212.940593][T18234]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1212.946507][T18234] RIP: 0033:0x7feed3785d29
[ 1212.950935][T18234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1212.970532][T18234] RSP: 002b:00007feed44f3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1212.978954][T18234] RAX: ffffffffffffffda RBX: 00007feed3975fa0 RCX: 00007feed3785d29
[ 1212.986914][T18234] RDX: 0000000000000001 RSI: 0000000020000040 RDI: 0000000000000006
[ 1212.994881][T18234] RBP: 00007feed3801a20 R08: 00000000fffffff9 R09: 0000000000000000
[ 1213.002850][T18234] R10: 0000000000000016 R11: 0000000000000246 R12: 0000000000000000
[ 1213.010816][T18234] R13: 0000000000000000 R14: 00007feed3975fa0 R15: 00007fffa0766ad8
[ 1213.018790][T18234]  </TASK>
[ 1213.021901][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1213.070433][T18228] overlayfs: missing 'lowerdir'
[ 1215.132435][T18262] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2594'.
[ 1216.459803][T18273] ptrace attach of "./syz-executor exec"[5833] was attempted by "./syz-executor exec"[18273]
[ 1216.518573][T18257] Cannot find add_set index 1026 as target
[ 1221.230684][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1225.909038][T18337] dns_resolver: Unsupported content type (24)
[ 1234.652818][T18382] CUSE: unknown device info ""
[ 1234.664103][T18382] CUSE: zero length info key specified
[ 1234.855547][T18386] nvme_fabrics: unknown parameter or missing value '�' in ctrl creation request
[ 1235.710010][T18394] fuse: Unknown parameter '0xffffffffffffffff'
[ 1235.715031][T18395] net_ratelimit: 10 callbacks suppressed
[ 1235.715050][T18395] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[ 1237.927504][T18419] netlink: 120 bytes leftover after parsing attributes in process `syz.2.2638'.
[ 1241.698933][T18444] No source specified
[ 1244.060389][T18459] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1246.153525][T18470] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[ 1248.565940][T18484] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1248.615075][T14932] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1248.640500][T14932] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1248.656327][T14932] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1248.669601][T14932] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1248.681781][T14932] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1249.163495][T18482] lo speed is unknown, defaulting to 1000
[ 1250.097817][T18482] chnl_net:caif_netlink_parms(): no params data found
[ 1251.256502][T14932] Bluetooth: hci3: command tx timeout
[ 1251.472217][T18482] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1251.479599][T18482] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1251.511242][T18482] bridge_slave_0: entered allmulticast mode
[ 1251.524981][T18482] bridge_slave_0: entered promiscuous mode
[ 1251.534587][T18482] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1251.541964][T18482] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1251.549639][T18482] bridge_slave_1: entered allmulticast mode
[ 1251.556885][T18482] bridge_slave_1: entered promiscuous mode
[ 1251.643188][T18482] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1251.745204][T18482] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1251.748132][T18511] IPVS: set_ctl: invalid protocol: 94 224.0.0.2:0
[ 1253.793018][T14932] Bluetooth: hci3: command tx timeout
[ 1254.031663][T18518] overlayfs: missing 'lowerdir'
[ 1256.366122][T14932] Bluetooth: hci3: command tx timeout
[ 1257.566485][T18482] team0: Port device team_slave_0 added
[ 1257.600574][T18482] team0: Port device team_slave_1 added
[ 1258.614450][T14932] Bluetooth: hci3: command tx timeout
[ 1258.645851][T18482] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1258.666504][T18482] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1258.846289][T18482] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1258.864802][T18482] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1258.877430][T18482] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1258.909534][T18562] random: crng reseeded on system resumption
[ 1258.919058][T18482] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1259.714450][T18482] hsr_slave_0: entered promiscuous mode
[ 1259.758788][T18482] hsr_slave_1: entered promiscuous mode
[ 1262.660043][T18593] block device autoloading is deprecated and will be removed.
[ 1262.751316][T18600] x_tables: unsorted underflow at hook 1
[ 1262.770920][T18600] hub 1-0:1.0: USB hub found
[ 1262.779865][T18600] hub 1-0:1.0: 1 port detected
[ 1266.022883][T18638] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[ 1266.029452][T18638] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1266.037118][T18638] vhci_hcd vhci_hcd.0: Device attached
[ 1266.450130][T10323] vhci_hcd: vhci_device speed not set
[ 1266.511632][T10407] usb 3-1: new low-speed USB device number 17 using dummy_hcd
[ 1266.556186][T10323] usb 37-1: new full-speed USB device number 3 using vhci_hcd
[ 1266.658956][T18482] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1266.722905][T10407] usb 3-1: config 0 has no interfaces?
[ 1266.731698][T10407] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1266.776969][T10407] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1266.798425][T10407] usb 3-1: config 0 descriptor??
[ 1266.820401][T18482] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1266.838046][T18482] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1266.848452][T18482] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1267.033774][T18639] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 2
[ 1267.271798][ T9489] vhci_hcd: stop threads
[ 1267.276286][ T9489] vhci_hcd: release socket
[ 1267.362905][ T9489] vhci_hcd: disconnect device
[ 1267.735879][T18482] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1267.796574][T18482] 8021q: adding VLAN 0 to HW filter on device team0
[ 1267.809395][  T172] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1267.816564][  T172] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1267.843607][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1267.850801][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1270.628655][   T46] usb 3-1: USB disconnect, device number 17
[ 1270.874785][T18482] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1272.314086][T18664] Set syz1 is full, maxelem 65536 reached
[ 1272.332842][T10323] vhci_hcd: vhci_device speed not set
[ 1274.361094][T18695] overlayfs: missing 'lowerdir'
[ 1275.326130][T18482] veth0_vlan: entered promiscuous mode
[ 1275.337707][T18482] veth1_vlan: entered promiscuous mode
[ 1275.614064][T18713] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2709'.
[ 1276.106260][T18482] veth0_macvtap: entered promiscuous mode
[ 1276.601805][T18482] veth1_macvtap: entered promiscuous mode
[ 1276.735743][T18482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1276.746306][T18482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1276.756242][T18482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1276.766889][T18482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1276.778030][T18482] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1276.788372][T18482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1276.798958][T18482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1276.808847][T18482] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1276.819353][T18482] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1276.830341][T18482] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1276.840874][T18482] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1276.849701][T18482] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1276.858447][T18482] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1276.867265][T18482] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1278.972857][T16823] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1278.981271][T16823] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1279.700144][T18735] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[ 1279.717597][T16823] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1279.756121][T16823] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1281.565450][T18748] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[ 1282.257186][T18754] overlayfs: missing 'lowerdir'
[ 1283.763078][T18784] overlayfs: missing 'lowerdir'
[ 1285.273786][T18761] netlink: ct family unspecified
[ 1285.278798][T18761] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1285.456056][T18792] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[ 1285.638522][   T46] kernel write not supported for file /cpu/0/msr (pid: 46 comm: kworker/1:1)
[ 1285.705112][T18776] overlayfs: refusing to follow metacopy origin for (/file0)
[ 1286.400556][T18804] infiniband sy{0: RDMA CMA: cma_listen_on_dev, error -98
[ 1286.861346][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1289.790086][T18816] overlayfs: missing 'lowerdir'
[ 1291.670060][T18839] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[ 1294.659908][   T46] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[ 1295.137704][   T46] usb 10-1: config index 0 descriptor too short (expected 106, got 36)
[ 1295.146646][   T46] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1295.220531][T18861] overlayfs: missing 'lowerdir'
[ 1295.230916][   T46] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1296.015246][   T46] usb 10-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00
[ 1296.024834][   T46] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1296.036562][   T46] usb 10-1: config 0 descriptor??
[ 1296.128035][   T46] usb 10-1: can't set config #0, error -71
[ 1296.140913][   T46] usb 10-1: USB disconnect, device number 9
[ 1304.608007][T18912] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1306.191437][T18952] overlayfs: missing 'lowerdir'
[ 1306.409589][T18964] input: syz1 as /devices/virtual/input/input27
[ 1309.521076][T18982] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2775'.
[ 1313.218760][   T46] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[ 1313.414751][   T46] usb 5-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[ 1313.424067][   T46] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1313.432073][   T46] usb 5-1: Product: syz
[ 1313.473814][   T46] usb 5-1: Manufacturer: syz
[ 1313.492628][   T46] usb 5-1: SerialNumber: syz
[ 1313.516413][   T46] usb 5-1: config 0 descriptor??
[ 1313.545155][   T46] gspca_main: sq905c-2.14.0 probing 2770:9052
[ 1315.592799][   T46] gspca_sq905c: sq905c_command: usb_control_msg failed (-110)
[ 1315.610456][   T46] sq905c 5-1:0.0: Get version command failed
[ 1315.712623][   T46] sq905c 5-1:0.0: probe with driver sq905c failed with error -110
[ 1316.263205][ T5881] usb 5-1: USB disconnect, device number 4
[ 1316.383413][   T46] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[ 1318.761604][   T46] usb 3-1: Using ep0 maxpacket: 16
[ 1320.809388][   T46] usb 3-1: device descriptor read/all, error -71
[ 1323.305958][T19053] overlayfs: missing 'lowerdir'
[ 1326.027001][T19081] overlayfs: missing 'lowerdir'
[ 1327.278102][T19100] lo speed is unknown, defaulting to 1000
[ 1327.313773][   T29] kauditd_printk_skb: 8 callbacks suppressed
[ 1327.313791][   T29] audit: type=1800 audit(1734561409.115:298): pid=19100 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.9.2805" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[ 1327.996044][T19104] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2807'.
[ 1328.130372][T19103] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2809'.
[ 1335.152492][T19173] netlink: 'syz.0.2821': attribute type 21 has an invalid length.
[ 1335.160518][T19173] netlink: 'syz.0.2821': attribute type 20 has an invalid length.
[ 1335.169195][T19173] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1338.107479][T19194] overlayfs: failed to resolve '/�����': -2
[ 1338.254481][   T29] audit: type=1326 audit(1734561419.918:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19197 comm="syz.2.2831" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feed3785d29 code=0x0
[ 1339.226166][T19212] 9pnet_fd: Insufficient options for proto=fd
[ 1342.614977][   T29] audit: type=1804 audit(1734561424.016:300): pid=19244 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.9.2841" name="/newroot/403/bus/bus" dev="overlay" ino=2298 res=1 errno=0
[ 1344.244348][T19251] hub 6-0:1.0: USB hub found
[ 1344.252974][T19251] hub 6-0:1.0: 1 port detected
[ 1350.240306][   T25] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[ 1351.587240][   T25] usb 5-1: Using ep0 maxpacket: 8
[ 1351.593201][   T25] usb 5-1: device descriptor read/all, error -71
[ 1352.567597][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1353.662780][ T5881] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[ 1353.925495][ T5881] usb 6-1: Using ep0 maxpacket: 32
[ 1354.549406][ T5881] usb 6-1: config 0 has an invalid interface number: 37 but max is 1
[ 1354.557524][ T5881] usb 6-1: config 0 has no interface number 1
[ 1354.582900][ T5881] usb 6-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=20.a3
[ 1354.736619][ T5881] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1354.853616][ T5881] usb 6-1: Product: syz
[ 1355.034137][ T5881] usb 6-1: Manufacturer: syz
[ 1355.039109][ T5881] usb 6-1: SerialNumber: syz
[ 1355.064019][ T5881] usb 6-1: config 0 descriptor??
[ 1355.340484][T19315] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2861'.
[ 1356.794308][ T5881] usb 6-1: can't set config #0, error -71
[ 1356.801597][ T5881] usb 6-1: USB disconnect, device number 19
[ 1359.267710][T19359] overlayfs: missing 'lowerdir'
[ 1360.282415][T19381] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2870'.
[ 1360.673445][T19398] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2870'.
[ 1360.772925][T19398] wg2: entered promiscuous mode
[ 1360.777958][T19398] wg2: entered allmulticast mode
[ 1366.945403][T19444] overlayfs: failed to set uuid (34/file1, err=-1); falling back to uuid=null.
[ 1366.954451][T19444] overlayfs: failed to verify upper root origin
[ 1367.231660][T19447] CIFS mount error: No usable UNC path provided in device string!
[ 1367.231660][T19447] 
[ 1367.241831][T19447] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1368.337756][T19450] overlayfs: missing 'lowerdir'
[ 1373.249388][   T29] audit: type=1804 audit(1734561452.639:301): pid=19483 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.9.2890" name="/newroot/412/file1" dev="fuse" ino=1 res=1 errno=0
[ 1373.610272][   T29] audit: type=1804 audit(1734561452.648:302): pid=19483 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.9.2890" name="/newroot/412/file1" dev="fuse" ino=1 res=1 errno=0
[ 1375.354968][T19504] netlink: 40 bytes leftover after parsing attributes in process `syz.9.2895'.
[ 1375.369892][T19504] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1379.817730][T19521] netlink: 'syz.2.2900': attribute type 4 has an invalid length.
[ 1383.167419][T14932] Bluetooth: hci3: command 0x0405 tx timeout
[ 1385.634675][T19580] overlayfs: missing 'lowerdir'
[ 1386.807869][T19587] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2918'.
[ 1388.257203][T19595] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1389.590097][T19594] tty tty31: ldisc open failed (-12), clearing slot 30
[ 1390.943982][T19602] block device autoloading is deprecated and will be removed.
[ 1397.561698][T19652] overlayfs: missing 'lowerdir'
[ 1398.750468][T19659] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1398.881043][T19659] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1398.970149][T19659] iommufd_mock iommufd_mock2: Adding to iommu group 2
[ 1404.292364][T10323] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[ 1404.961353][   T46] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[ 1404.992806][   T46] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1406.903491][T19703] overlayfs: missing 'lowerdir'
[ 1409.995709][T19728] xt_nat: multiple ranges no longer supported
[ 1410.024766][T19729] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2954'.
[ 1410.882172][T10323] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1411.433574][T10323] usb 5-1: no configurations
[ 1411.438477][T10323] usb 5-1: can't read configurations, error -22
[ 1412.763693][T10323] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[ 1412.946056][T10323] usb 5-1: device descriptor read/64, error -32
[ 1414.836552][T10323] usb usb5-port1: attempt power cycle
[ 1414.847361][   T29] audit: type=1326 audit(1734561490.887:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19734 comm="syz.4.2957" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fec04d85d29 code=0x0
[ 1415.159921][T19725] block nbd9: shutting down sockets
[ 1415.959130][T10323] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[ 1416.293612][T19772] netlink: 'syz.5.2964': attribute type 10 has an invalid length.
[ 1416.301938][T10323] usb 5-1: device descriptor read/8, error -32
[ 1416.786856][T10323] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[ 1417.293650][T10323] usb 5-1: device descriptor read/8, error -32
[ 1417.300603][T19772] lo: entered promiscuous mode
[ 1417.452807][T10323] usb usb5-port1: unable to enumerate USB device
[ 1417.460333][T19772] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1417.634318][T19772] bond0: (slave lo): refused to change device type
[ 1419.280468][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1420.203376][T19791] 9pnet_virtio: no channels available for device 127.0.0.1
[ 1423.664967][   T29] audit: type=1326 audit(1734561499.334:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19816 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cef785d29 code=0x7fc00000
[ 1424.839833][   T29] audit: type=1326 audit(1734561499.334:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19816 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6cef785d29 code=0x7fc00000
[ 1425.660273][   T29] audit: type=1326 audit(1734561499.343:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19816 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cef785d29 code=0x7fc00000
[ 1425.967834][   T29] audit: type=1326 audit(1734561499.343:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19816 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cef785d29 code=0x7fc00000
[ 1425.989712][   T29] audit: type=1326 audit(1734561499.343:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19816 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cef785d29 code=0x7fc00000
[ 1426.011548][   T29] audit: type=1326 audit(1734561499.343:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19816 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cef785d29 code=0x7fc00000
[ 1426.033267][   T29] audit: type=1326 audit(1734561499.343:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19816 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cef785d29 code=0x7fc00000
[ 1426.055599][   T29] audit: type=1326 audit(1734561499.343:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19816 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cef785d29 code=0x7fc00000
[ 1426.077633][   T29] audit: type=1326 audit(1734561499.343:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19816 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cef785d29 code=0x7fc00000
[ 1426.099457][   T29] audit: type=1326 audit(1734561499.343:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19816 comm="syz.0.2977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6cef785d29 code=0x7fc00000
[ 1428.608776][T19852] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2986'.
[ 1430.877386][T19875] syz.5.2990: attempt to access beyond end of device
[ 1430.877386][T19875] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1432.408094][T19883] CIFS mount error: No usable UNC path provided in device string!
[ 1432.408094][T19883] 
[ 1432.418302][T19883] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1437.810649][T19921] overlayfs: missing 'lowerdir'
[ 1438.145376][T19930] netlink: 'syz.2.3006': attribute type 11 has an invalid length.
[ 1438.604872][T19935] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[ 1438.856665][T19939] program syz.2.3006 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1446.611683][T19970] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[ 1449.667227][T19983] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3017'.
[ 1451.659704][T20008] netlink: 28 bytes leftover after parsing attributes in process `syz.9.3025'.
[ 1451.708803][T20008] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3025'.
[ 1453.356892][T20023] netlink: 312 bytes leftover after parsing attributes in process `syz.4.3029'.
[ 1453.671908][T20011] support for cryptoloop has been removed.  Use dm-crypt instead.
[ 1456.166707][T20041] overlayfs: missing 'lowerdir'
[ 1456.659997][T20059] netlink: 252 bytes leftover after parsing attributes in process `syz.2.3037'.
[ 1456.669470][T20059] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3037'.
[ 1459.989496][T20079] netlink: 'syz.4.3045': attribute type 10 has an invalid length.
[ 1459.998890][T20079] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3045'.
[ 1460.510017][T20093] ucma_write: process 276 (syz.4.3045) changed security contexts after opening file descriptor, this is not allowed.
[ 1461.498257][T20079] team0: Port device geneve0 added
[ 1462.712738][T20100] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[ 1464.513478][T20119] overlayfs: missing 'lowerdir'
[ 1465.049214][T20127] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3052'.
[ 1469.922851][T20161] input: syz0 as /devices/virtual/input/input28
[ 1475.356960][T20178] bond0: (slave sit0): Error: Device type is different from other slaves
[ 1475.822975][T20175] netlink: 134780 bytes leftover after parsing attributes in process `syz.4.3067'.
[ 1477.881171][T20194] orangefs_mount: mount request failed with -4
[ 1482.239189][T20243] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1483.599038][T20251] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 3, id = 0
[ 1483.768787][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1485.642247][T20279] xt_time: invalid argument - start or stop time greater than 23:59:59
[ 1486.492215][T10323] IPVS: starting estimator thread 0...
[ 1486.621101][T20281] IPVS: using max 27 ests per chain, 64800 per kthread
[ 1487.765095][T20291] netlink: 'syz.4.3094': attribute type 3 has an invalid length.
[ 1487.872487][ T5881] IPVS: starting estimator thread 0...
[ 1488.406715][T20290] IPVS: using max 26 ests per chain, 62400 per kthread
[ 1492.033515][T20301] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[ 1498.515088][T20344] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:16x16 (0x38415262, 2, 0, 0, 0)
[ 1510.607599][T20430] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1517.082686][T20481] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1519.685971][T20503] loop9: detected capacity change from 0 to 6
[ 1519.714909][T20493] Bluetooth: hci0: Opcode 0x0401 failed: -4
[ 1521.803239][   T29] kauditd_printk_skb: 56 callbacks suppressed
[ 1521.803258][   T29] audit: type=1326 audit(1734565685.602:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20520 comm="syz.5.3153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1521.888910][   T29] audit: type=1326 audit(1734565685.602:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20520 comm="syz.5.3153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1521.960402][T20526] block nbd9: not configured, cannot reconfigure
[ 1522.250606][T20527] netlink: 'syz.2.3154': attribute type 29 has an invalid length.
[ 1522.258605][T20527] netlink: 'syz.2.3154': attribute type 3 has an invalid length.
[ 1522.266590][T20527] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3154'.
[ 1523.128854][   T29] audit: type=1326 audit(1734565685.611:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20520 comm="syz.5.3153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1523.182214][   T29] audit: type=1326 audit(1734565685.611:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20520 comm="syz.5.3153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1523.228181][   T29] audit: type=1326 audit(1734565685.611:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20520 comm="syz.5.3153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1523.260461][   T29] audit: type=1326 audit(1734565685.611:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20520 comm="syz.5.3153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1523.282200][   T29] audit: type=1326 audit(1734565685.611:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20520 comm="syz.5.3153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1523.304088][   T29] audit: type=1326 audit(1734565685.611:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20520 comm="syz.5.3153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1523.326076][   T29] audit: type=1326 audit(1734565685.611:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20520 comm="syz.5.3153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1523.348459][   T29] audit: type=1326 audit(1734565685.611:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20520 comm="syz.5.3153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6886585d29 code=0x7ffc0000
[ 1524.215781][T20543] bridge0: port 1(erspan0) entered blocking state
[ 1524.225082][T20543] bridge0: port 1(erspan0) entered disabled state
[ 1524.235407][T20543] erspan0: entered allmulticast mode
[ 1524.549185][T20543] erspan0: entered promiscuous mode
[ 1524.700461][T20543] bridge0: port 1(erspan0) entered blocking state
[ 1524.706929][T20543] bridge0: port 1(erspan0) entered forwarding state
[ 1530.093650][T20570] overlayfs: missing 'lowerdir'
[ 1531.657017][T20590] Context (ID=0x1) not attached to queue pair (handle=0x1:0x0)
[ 1535.905123][T20622] netlink: 300 bytes leftover after parsing attributes in process `syz.4.3176'.
[ 1536.107782][T20617] orangefs_mount: mount request failed with -4
[ 1539.275356][T20642] block device autoloading is deprecated and will be removed.
[ 1540.361781][T20652] overlayfs: overlapping lowerdir path
[ 1540.633987][T20652] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[ 1541.881286][T20669] lo speed is unknown, defaulting to 1000
[ 1546.554234][T20714] overlayfs: missing 'lowerdir'
[ 1547.144573][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1549.693513][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1552.926076][   T29] kauditd_printk_skb: 103 callbacks suppressed
[ 1552.926099][   T29] audit: type=1800 audit(1734565714.038:483): pid=20761 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.5.3210" name="SYSV00000000" dev="hugetlbfs" ino=7 res=0 errno=0
[ 1555.151546][T20793] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3219'.
[ 1555.160822][T20793] netlink: 'syz.9.3219': attribute type 1 has an invalid length.
[ 1555.502423][T20797] ntfs3(nbd2): try to read out of volume at offset 0x0
[ 1556.604535][T20800] devtmpfs: Unknown parameter 'nre'
[ 1557.943550][T20809] sctp: [Deprecated]: syz.0.3227 (pid 20809) Use of int in max_burst socket option.
[ 1557.943550][T20809] Use struct sctp_assoc_value instead
[ 1558.386571][T20811] fuse: Bad value for 'fd'
[ 1561.953687][T20838] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1565.347768][T20847] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3236'.
[ 1567.395273][T20869] overlayfs: missing 'lowerdir'
[ 1576.247671][T20919] netlink: 'syz.2.3252': attribute type 4 has an invalid length.
[ 1576.472011][T20915] overlayfs: missing 'lowerdir'
[ 1577.697435][T20942] overlayfs: missing 'lowerdir'
[ 1579.091268][   T29] audit: type=1800 audit(1734565739.191:484): pid=20952 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.3262" name="/" dev="fuse" ino=0 res=0 errno=0
[ 1580.349841][T20963] vivid-000: =================  START STATUS  =================
[ 1580.357698][T20963] vivid-000: Generate PTS: true
[ 1580.363191][T20963] vivid-000: Generate SCR: true
[ 1580.368346][T20963] tpg source WxH: 320x180 (R'G'B)
[ 1580.373466][T20963] tpg field: 1
[ 1580.376959][T20963] tpg crop: 320x180@0x0
[ 1580.381163][T20963] tpg compose: 320x180@0x0
[ 1580.385648][T20963] tpg colorspace: 6
[ 1580.389558][T20963] tpg transfer function: 5/0
[ 1580.394216][T20963] tpg quantization: 0/0
[ 1580.398471][T20963] tpg RGB range: 0/2
[ 1580.402464][T20963] vivid-000: ==================  END STATUS  ==================
[ 1581.707610][T20969] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1583.925506][T21000] overlayfs: missing 'lowerdir'
[ 1589.134058][   T29] audit: type=1800 audit(1734565748.601:485): pid=21029 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.9.3279" name="bus" dev="overlay" ino=2832 res=0 errno=0
[ 1592.346844][T21044] overlayfs: missing 'lowerdir'
[ 1592.939962][T21052] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1597.310755][T21072] overlayfs: missing 'lowerdir'
[ 1597.332625][T21074] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[ 1598.552033][T21082] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[ 1602.616955][T21118] input: syz1 as /devices/virtual/input/input30
[ 1603.935017][T21133] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[ 1612.550338][T21185] blktrace: Concurrent blktraces are not allowed on loop10
[ 1613.156424][T21185] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[ 1615.571429][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1615.747163][T21206] overlayfs: missing 'lowerdir'
[ 1616.769383][T21208] ptrace attach of ""[21217] was attempted by "./syz-executor exec"[21208]
[ 1617.781468][T20862] raw-gadget.0 gadget.4: failed to queue resume event
[ 1617.858356][T20862] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[ 1617.873283][    C1] raw-gadget.0 gadget.4: ignoring, device is not running
[ 1617.881554][T20862] raw-gadget.0 gadget.4: failed to queue reset event
[ 1617.955767][T20862] raw-gadget.0 gadget.4: failed to queue resume event
[ 1618.030170][T20862] usb 5-1: device descriptor read/64, error -32
[ 1618.152178][T20862] raw-gadget.0 gadget.4: failed to queue suspend event
[ 1618.295200][T20862] raw-gadget.0 gadget.4: failed to queue reset event
[ 1619.627501][T20862] raw-gadget.0 gadget.4: failed to queue resume event
[ 1619.676794][T21225] binder: 21224:21225 ioctl c0306201 20000400 returned -14
[ 1619.937508][T20862] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[ 1619.945975][    C1] raw-gadget.0 gadget.4: ignoring, device is not running
[ 1619.953271][T20862] raw-gadget.0 gadget.4: failed to queue reset event
[ 1620.028490][T20862] raw-gadget.0 gadget.4: failed to queue resume event
[ 1620.103431][T20862] usb 5-1: device descriptor read/64, error -32
[ 1620.320226][T20862] raw-gadget.0 gadget.4: failed to queue suspend event
[ 1621.172394][T20862] usb usb5-port1: attempt power cycle
[ 1621.177924][T20862] raw-gadget.0 gadget.4: failed to queue disconnect event
[ 1621.204953][T20862] raw-gadget.0 gadget.4: failed to queue reset event
[ 1621.608314][T20862] raw-gadget.0 gadget.4: failed to queue resume event
[ 1622.237798][   T29] audit: type=1804 audit(1734565778.992:486): pid=21243 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.9.3331" name="/newroot/511/file0" dev="fuse" ino=1 res=1 errno=0
[ 1623.062131][T20862] raw-gadget.0 gadget.4: failed to queue reset event
[ 1623.768324][T20862] raw-gadget.0 gadget.4: failed to queue resume event
[ 1623.834453][T20862] usb 5-1: new full-speed USB device number 13 using dummy_hcd
[ 1623.855901][    C1] raw-gadget.0 gadget.4: ignoring, device is not running
[ 1623.863196][T20862] usb 5-1: device descriptor read/8, error -32
[ 1623.909162][ T5881] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[ 1623.983997][T20862] raw-gadget.0 gadget.4: failed to queue suspend event
[ 1624.142294][T20862] raw-gadget.0 gadget.4: failed to queue reset event
[ 1624.165890][ T5881] usb 3-1: Using ep0 maxpacket: 16
[ 1624.173279][ T5881] usb 3-1: config 0 has an invalid interface number: 214 but max is 0
[ 1624.915128][ T5881] usb 3-1: config 0 has no interface number 0
[ 1624.921873][T20862] raw-gadget.0 gadget.4: failed to queue resume event
[ 1624.932088][ T5881] usb 3-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[ 1624.989342][T20862] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[ 1625.048004][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1626.057729][    C1] raw-gadget.0 gadget.4: ignoring, device is not running
[ 1626.065456][ T5881] usb 3-1: Product: syz
[ 1626.070036][ T5881] usb 3-1: Manufacturer: syz
[ 1626.074652][ T5881] usb 3-1: SerialNumber: syz
[ 1626.113233][T20862] usb 5-1: device descriptor read/8, error -32
[ 1627.123226][ T5881] usb 3-1: config 0 descriptor??
[ 1627.483540][T21277] netlink: 'syz.9.3340': attribute type 32 has an invalid length.
[ 1627.576744][T20862] raw-gadget.0 gadget.4: failed to queue suspend event
[ 1627.587651][ T5881] usb 3-1: can't set config #0, error -71
[ 1627.594722][T20862] usb usb5-port1: unable to enumerate USB device
[ 1627.601499][ T5881] usb 3-1: USB disconnect, device number 20
[ 1627.846617][T21287] bpf: Bad value for 'gid'
[ 1629.721394][T21304] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3344'.
[ 1629.731538][T21304] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3344'.
[ 1632.208685][T21324] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[ 1634.327971][T21339] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[ 1637.563397][T21366] sch_fq: defrate 2 ignored.
[ 1638.918364][T20862] libceph: connect (1)[c::]:6789 error -101
[ 1638.926879][T20862] libceph: mon0 (1)[c::]:6789 connect error
[ 1639.421280][T21377] trusted_key: syz.0.3361 sent an empty control message without MSG_MORE.
[ 1640.031120][T20862] libceph: connect (1)[c::]:6789 error -101
[ 1640.037248][T20862] libceph: mon0 (1)[c::]:6789 connect error
[ 1641.483153][ T5881] libceph: connect (1)[c::]:6789 error -101
[ 1641.489919][ T5881] libceph: mon0 (1)[c::]:6789 connect error
[ 1642.499609][T21395] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1642.516513][T21395] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1642.525308][T21395] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1642.656049][T21369] ceph: No mds server is up or the cluster is laggy
[ 1643.078293][T20862] libceph: connect (1)[c::]:6789 error -101
[ 1643.084390][T20862] libceph: mon0 (1)[c::]:6789 connect error
[ 1643.134840][T20862] libceph: connect (1)[c::]:6789 error -101
[ 1643.140930][T20862] libceph: mon0 (1)[c::]:6789 connect error
[ 1643.795209][T21403] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[ 1645.965478][T18484] Bluetooth: Wrong link type (-71)
[ 1649.165454][T21452] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[ 1761.903446][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1761.910442][    C0] rcu: 	1-...!: (1 GPs behind) idle=f3ec/1/0x4000000000000000 softirq=83886/83887 fqs=21
[ 1761.922427][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=70233, q=314 ncpus=2)
[ 1761.930172][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 1761.930205][    C1] NMI backtrace for cpu 1
[ 1761.930219][    C1] CPU: 1 UID: 0 PID: 21445 Comm: syz.9.3377 Not tainted 6.13.0-rc3-syzkaller-00062-gc061cf420ded #0
[ 1761.930239][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1761.930250][    C1] RIP: 0010:_raw_spin_lock_irq+0xd3/0x120
[ 1761.930278][    C1] Code: 43 e5 e3 f5 bf 01 00 00 00 e8 49 37 aa f5 49 8d 7c 24 18 31 f6 31 d2 31 c9 41 b8 01 00 00 00 45 31 c9 ff 75 08 e8 ad 64 b7 f5 <48> 83 c4 08 4c 89 e7 e8 21 ce b8 f5 48 c7 04 24 0e 36 e0 45 4b c7
[ 1761.930292][    C1] RSP: 0000:ffffc90000a18c98 EFLAGS: 00000046
[ 1761.930309][    C1] RAX: 84b2e910ee30ce00 RBX: 1ffff92000143198 RCX: ffff88805cf6e4d8
[ 1761.930322][    C1] RDX: dffffc0000000000 RSI: ffffffff8c0aa960 RDI: ffffffff8c5ed9e0
[ 1761.930334][    C1] RBP: ffffc90000a18d30 R08: ffffffff9427088f R09: 1ffffffff284e111
[ 1761.930347][    C1] R10: dffffc0000000000 R11: fffffbfff284e112 R12: ffff8880b872c880
[ 1761.930359][    C1] R13: 1ffff92000143194 R14: ffffc90000a18cc0 R15: dffffc0000000000
[ 1761.930372][    C1] FS:  00007fc8e4ace6c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[ 1761.930387][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1761.930399][    C1] CR2: 0000001b2c317ff8 CR3: 000000004886c000 CR4: 00000000003526f0
[ 1761.930414][    C1] DR0: 0000000000000000 DR1: 00000000872c9164 DR2: 0000000000000000
[ 1761.930424][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1761.930436][    C1] Call Trace:
[ 1761.930442][    C1]  <NMI>
[ 1761.930451][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 1761.930489][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1761.930528][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1761.930566][    C1]  ? nmi_handle+0x2a/0x5a0
[ 1761.930620][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1761.930647][    C1]  ? nmi_handle+0x14f/0x5a0
[ 1761.930664][    C1]  ? nmi_handle+0x2a/0x5a0
[ 1761.930683][    C1]  ? _raw_spin_lock_irq+0xd3/0x120
[ 1761.930701][    C1]  ? default_do_nmi+0x63/0x160
[ 1761.930719][    C1]  ? exc_nmi+0x123/0x1f0
[ 1761.930736][    C1]  ? end_repeat_nmi+0xf/0x53
[ 1761.930757][    C1]  ? _raw_spin_lock_irq+0xd3/0x120
[ 1761.930777][    C1]  ? _raw_spin_lock_irq+0xd3/0x120
[ 1761.930797][    C1]  ? _raw_spin_lock_irq+0xd3/0x120
[ 1761.930817][    C1]  </NMI>
[ 1761.930822][    C1]  <IRQ>
[ 1761.930827][    C1]  ? __hrtimer_run_queues+0x670/0xd30
[ 1761.930849][    C1]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[ 1761.930873][    C1]  __hrtimer_run_queues+0x670/0xd30
[ 1761.930909][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1761.930929][    C1]  ? sched_clock+0x4a/0x70
[ 1761.930951][    C1]  ? read_tsc+0x9/0x20
[ 1761.930971][    C1]  ? ktime_get_update_offsets_now+0x393/0x3b0
[ 1761.930992][    C1]  hrtimer_interrupt+0x403/0xa40
[ 1761.931025][    C1]  __sysvec_apic_timer_interrupt+0x110/0x420
[ 1761.931046][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[ 1761.931067][    C1]  </IRQ>
[ 1761.931073][    C1]  <TASK>
[ 1761.931079][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1761.931103][    C1] RIP: 0010:lock_acquire+0x264/0x550
[ 1761.931120][    C1] Code: 2b 00 74 08 4c 89 f7 e8 1a 98 88 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[ 1761.931135][    C1] RSP: 0000:ffffc9000ca1f2c0 EFLAGS: 00000206
[ 1761.931148][    C1] RAX: 0000000000000001 RBX: 1ffff92001943e64 RCX: ffff88805cf6e4d8
[ 1761.931160][    C1] RDX: dffffc0000000000 RSI: ffffffff8c0aa960 RDI: ffffffff8c5ed9e0
[ 1761.931173][    C1] RBP: ffffc9000ca1f410 R08: ffffffff94270897 R09: 1ffffffff284e112
[ 1761.931186][    C1] R10: dffffc0000000000 R11: fffffbfff284e113 R12: 1ffff92001943e60
[ 1761.931198][    C1] R13: dffffc0000000000 R14: ffffc9000ca1f320 R15: 0000000000000246
[ 1761.931222][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1761.931240][    C1]  ? mark_lock+0x9a/0x360
[ 1761.931261][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1761.931281][    C1]  ? schedule+0x90/0x320
[ 1761.931300][    C1]  schedule+0xb0/0x320
[ 1761.931318][    C1]  ? schedule+0x90/0x320
[ 1761.931338][    C1]  schedule_timeout+0xb0/0x290
[ 1761.931356][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[ 1761.931378][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1761.931400][    C1]  ? prepare_to_wait_exclusive+0x84/0x230
[ 1761.931421][    C1]  unix_wait_for_peer+0x250/0x340
[ 1761.931441][    C1]  ? __pfx_unix_wait_for_peer+0x10/0x10
[ 1761.931459][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1761.931475][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1761.931498][    C1]  ? hook_unix_may_send+0x11e/0x5b0
[ 1761.931524][    C1]  unix_dgram_sendmsg+0x127f/0x1f80
[ 1761.931556][    C1]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[ 1761.931576][    C1]  ? __import_iovec+0x3a8/0x870
[ 1761.931604][    C1]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[ 1761.931621][    C1]  __sock_sendmsg+0x221/0x270
[ 1761.931646][    C1]  ____sys_sendmsg+0x52a/0x7e0
[ 1761.931668][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1761.931686][    C1]  ? __fget_files+0x2a/0x410
[ 1761.931704][    C1]  ? __sys_sendmmsg+0x392/0x720
[ 1761.931723][    C1]  ? __might_fault+0xaa/0x120
[ 1761.931744][    C1]  __sys_sendmmsg+0x36a/0x720
[ 1761.931769][    C1]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1761.931803][    C1]  ? wake_up_q+0xdc/0x120
[ 1761.931828][    C1]  ? futex_wait+0x285/0x360
[ 1761.931847][    C1]  ? __pfx_futex_wait+0x10/0x10
[ 1761.931870][    C1]  ? unix_dgram_connect+0xaec/0xd80
[ 1761.931897][    C1]  ? do_futex+0x33b/0x560
[ 1761.931925][    C1]  ? __sys_connect+0x119/0x2d0
[ 1761.931947][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1761.931965][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1761.931984][    C1]  ? do_syscall_64+0x100/0x230
[ 1761.932008][    C1]  __x64_sys_sendmmsg+0xa0/0xb0
[ 1761.932028][    C1]  do_syscall_64+0xf3/0x230
[ 1761.932050][    C1]  ? clear_bhb_loop+0x35/0x90
[ 1761.932066][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1761.932088][    C1] RIP: 0033:0x7fc8e3d85d29
[ 1761.932104][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1761.932118][    C1] RSP: 002b:00007fc8e4ace038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1761.932134][    C1] RAX: ffffffffffffffda RBX: 00007fc8e3f75fa0 RCX: 00007fc8e3d85d29
[ 1761.932146][    C1] RDX: 0000000000000651 RSI: 0000000020000000 RDI: 0000000000000005
[ 1761.932157][    C1] RBP: 00007fc8e3e01a20 R08: 0000000000000000 R09: 0000000000000000
[ 1761.932167][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1761.932178][    C1] R13: 0000000000000000 R14: 00007fc8e3f75fa0 R15: 00007ffd9e47eb98
[ 1761.932197][    C1]  </TASK>
[ 1761.933199][    C0] rcu: rcu_preempt kthread starved for 10455 jiffies! g70233 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 1762.577855][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1762.587839][    C0] rcu: RCU grace-period kthread stack dump:
[ 1762.593732][    C0] task:rcu_preempt     state:R  running task     stack:26008 pid:17    tgid:17    ppid:2      flags:0x00004000
[ 1762.605501][    C0] Call Trace:
[ 1762.608788][    C0]  <TASK>
[ 1762.611736][    C0]  __schedule+0x17fb/0x4be0
[ 1762.616282][    C0]  ? __pfx___schedule+0x10/0x10
[ 1762.621146][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1762.626191][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1762.632532][    C0]  ? schedule+0x90/0x320
[ 1762.636789][    C0]  schedule+0x14b/0x320
[ 1762.640963][    C0]  schedule_timeout+0x15a/0x290
[ 1762.645830][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 1762.651214][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 1762.656519][    C0]  ? prepare_to_swait_event+0x330/0x350
[ 1762.662078][    C0]  rcu_gp_fqs_loop+0x2df/0x1330
[ 1762.666938][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[ 1762.672160][    C0]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[ 1762.678325][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1762.683626][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1762.689536][    C0]  ? finish_swait+0xd4/0x1e0
[ 1762.694136][    C0]  rcu_gp_kthread+0xa7/0x3b0
[ 1762.698738][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1762.703944][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1762.709853][    C0]  ? __kthread_parkme+0x169/0x1d0
[ 1762.714890][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1762.720096][    C0]  kthread+0x2f0/0x390
[ 1762.724175][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1762.729382][    C0]  ? __pfx_kthread+0x10/0x10
[ 1762.733986][    C0]  ret_from_fork+0x4b/0x80
[ 1762.738409][    C0]  ? __pfx_kthread+0x10/0x10
[ 1762.743008][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1762.747797][    C0]  </TASK>
[ 1762.750834][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1762.757158][    C0] CPU: 0 UID: 0 PID: 21471 Comm: syz.5.3384 Not tainted 6.13.0-rc3-syzkaller-00062-gc061cf420ded #0
[ 1762.767922][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1762.777978][    C0] RIP: 0010:smp_call_function_many_cond+0x19f3/0x2c60
[ 1762.784753][    C0] Code: 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 56 e9 0b 00 41 83 e4 01 49 bc 00 00 00 00 00 fc ff df 75 07 e8 01 e5 0b 00 eb 38 f3 90 <42> 0f b6 04 23 84 c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 e5 e4
[ 1762.804362][    C0] RSP: 0018:ffffc9000bd573e0 EFLAGS: 00000246
[ 1762.810440][    C0] RAX: ffffffff81938ebb RBX: 1ffff110170e88b9 RCX: 0000000000080000
[ 1762.818418][    C0] RDX: ffffc90010e9b000 RSI: 000000000007ffff RDI: 0000000000080000
[ 1762.826397][    C0] RBP: ffffc9000bd575e0 R08: ffffffff81938e8a R09: 1ffffffff284e110
[ 1762.834376][    C0] R10: dffffc0000000000 R11: fffffbfff284e111 R12: dffffc0000000000
[ 1762.842355][    C0] R13: ffff8880b87445c8 R14: ffff8880b863f940 R15: 0000000000000001
[ 1762.850331][    C0] FS:  00007f68873536c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[ 1762.859264][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1762.865852][    C0] CR2: 0000000020404030 CR3: 0000000062572000 CR4: 00000000003526f0
[ 1762.873832][    C0] Call Trace:
[ 1762.877120][    C0]  <IRQ>
[ 1762.879977][    C0]  ? rcu_check_gp_kthread_starvation+0x278/0x310
[ 1762.886324][    C0]  ? print_other_cpu_stall+0x1481/0x15c0
[ 1762.891984][    C0]  ? __pfx_print_other_cpu_stall+0x10/0x10
[ 1762.897806][    C0]  ? cgroup_rstat_updated+0x13b/0xc30
[ 1762.903202][    C0]  ? kvm_check_and_clear_guest_paused+0x6a/0xd0
[ 1762.909456][    C0]  ? rcu_sched_clock_irq+0xa26/0x10e0
[ 1762.914845][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[ 1762.920500][    C0]  ? update_process_times+0x242/0x2f0
[ 1762.925883][    C0]  ? tick_nohz_handler+0x37c/0x500
[ 1762.931012][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[ 1762.936487][    C0]  ? __hrtimer_run_queues+0x551/0xd30
[ 1762.941890][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1762.947620][    C0]  ? sched_clock+0x4a/0x70
[ 1762.952050][    C0]  ? read_tsc+0x9/0x20
[ 1762.956128][    C0]  ? ktime_get_update_offsets_now+0x393/0x3b0
[ 1762.962210][    C0]  ? hrtimer_interrupt+0x403/0xa40
[ 1762.967359][    C0]  ? __sysvec_apic_timer_interrupt+0x110/0x420
[ 1762.973523][    C0]  ? sysvec_apic_timer_interrupt+0xa1/0xc0
[ 1762.979340][    C0]  </IRQ>
[ 1762.982276][    C0]  <TASK>
[ 1762.985210][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1762.991385][    C0]  ? smp_call_function_many_cond+0x19da/0x2c60
[ 1762.997548][    C0]  ? smp_call_function_many_cond+0x1a0b/0x2c60
[ 1763.003714][    C0]  ? smp_call_function_many_cond+0x19f3/0x2c60
[ 1763.009893][    C0]  ? __pfx_do_sync_core+0x10/0x10
[ 1763.014938][    C0]  ? __pfx___text_poke+0x10/0x10
[ 1763.019892][    C0]  ? __get_immv32+0x19c/0x350
[ 1763.024582][    C0]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 1763.030925][    C0]  ? __pfx___might_resched+0x10/0x10
[ 1763.036228][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1763.041263][    C0]  ? __pfx_do_sync_core+0x10/0x10
[ 1763.046299][    C0]  on_each_cpu_cond_mask+0x3f/0x80
[ 1763.051428][    C0]  text_poke_bp_batch+0x352/0xb30
[ 1763.056462][    C0]  ? bpf_trace_run2+0x1fc/0x540
[ 1763.061331][    C0]  ? __mutex_trylock_common+0x183/0x2e0
[ 1763.066894][    C0]  ? __pfx_text_poke_bp_batch+0x10/0x10
[ 1763.072464][    C0]  ? rcu_is_watching+0x15/0xb0
[ 1763.077247][    C0]  ? __SCT__tp_func_sched_wakeup_new+0x8/0x8
[ 1763.083241][    C0]  text_poke_bp+0xb0/0x100
[ 1763.087670][    C0]  ? __pfx_text_poke_bp+0x10/0x10
[ 1763.092703][    C0]  ? arch_static_call_transform+0x37/0x380
[ 1763.098517][    C0]  ? __SCT__tp_func_sched_wakeup_new+0x8/0x8
[ 1763.104514][    C0]  __static_call_transform+0x51a/0x810
[ 1763.109978][    C0]  ? __SCT__tp_func_sched_wakeup_new+0x8/0x8
[ 1763.115969][    C0]  ? __pfx___traceiter_sched_switch+0x10/0x10
[ 1763.122047][    C0]  ? __pfx___static_call_transform+0x10/0x10
[ 1763.128041][    C0]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1763.133973][    C0]  ? __pfx___traceiter_sched_switch+0x10/0x10
[ 1763.140067][    C0]  ? __SCT__tp_func_sched_wakeup_new+0x8/0x8
[ 1763.146069][    C0]  arch_static_call_transform+0x141/0x380
[ 1763.152067][    C0]  ? __pfx___traceiter_sched_switch+0x10/0x10
[ 1763.158155][    C0]  ? __SCT__tp_func_sched_wakeup_new+0x8/0x8
[ 1763.164155][    C0]  __static_call_update+0xd8/0x5e0
[ 1763.169284][    C0]  ? __pfx___traceiter_sched_switch+0x10/0x10
[ 1763.175371][    C0]  ? __pfx___static_call_update+0x10/0x10
[ 1763.181104][    C0]  ? trace_kmalloc+0x1f/0xd0
[ 1763.185698][    C0]  ? __kmalloc_noprof+0x2a5/0x4c0
[ 1763.190730][    C0]  ? __pfx___traceiter_sched_switch+0x10/0x10
[ 1763.196811][    C0]  tracepoint_add_func+0x844/0xaa0
[ 1763.201944][    C0]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[ 1763.208024][    C0]  tracepoint_probe_register_prio_may_exist+0x122/0x190
[ 1763.214974][    C0]  ? __pfx_tracepoint_probe_register_prio_may_exist+0x10/0x10
[ 1763.222438][    C0]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[ 1763.228520][    C0]  ? anon_inode_getfile+0xff/0x180
[ 1763.233651][    C0]  ? bpf_probe_register+0x134/0x1f0
[ 1763.238870][    C0]  bpf_raw_tp_link_attach+0x4a3/0x700
[ 1763.244254][    C0]  ? __pfx_bpf_raw_tp_link_attach+0x10/0x10
[ 1763.250174][    C0]  ? __fget_files+0x2a/0x410
[ 1763.254776][    C0]  ? fput+0x21b/0x290
[ 1763.258769][    C0]  bpf_raw_tracepoint_open+0x177/0x1f0
[ 1763.264241][    C0]  __sys_bpf+0x3c0/0x810
[ 1763.268507][    C0]  ? __pfx___sys_bpf+0x10/0x10
[ 1763.273298][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1763.279291][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1763.285626][    C0]  ? do_syscall_64+0x100/0x230
[ 1763.290411][    C0]  __x64_sys_bpf+0x7c/0x90
[ 1763.294840][    C0]  do_syscall_64+0xf3/0x230
[ 1763.299360][    C0]  ? clear_bhb_loop+0x35/0x90
[ 1763.304051][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1763.309960][    C0] RIP: 0033:0x7f6886585d29
[ 1763.314383][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1763.334009][    C0] RSP: 002b:00007f6887353038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1763.342443][    C0] RAX: ffffffffffffffda RBX: 00007f6886776240 RCX: 00007f6886585d29
[ 1763.350424][    C0] RDX: 0000000000000010 RSI: 0000000020000080 RDI: 0000000000000011
[ 1763.358401][    C0] RBP: 00007f6886601a20 R08: 0000000000000000 R09: 0000000000000000
[ 1763.366379][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1763.374354][    C0] R13: 0000000000000000 R14: 00007f6886776240 R15: 00007fffaa4c2038
[ 1763.382355][    C0]  </TASK>