last executing test programs:

22m16.61966837s ago: executing program 32 (id=88):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file3\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001700)=ANY=[@ANYBLOB="60100000000501040000000000000000010000005402010000000000ff030000030402000800090073797a300000000000000000000000000000000000000000000000000000000043e9dbdeaf840cb09dafc255403cbab54e810569fa491d76adc6f5dc53109218a7be13b5c4c2bcab56fbe37126e8ec5cd00e6c4c9b9fbcbdad0fda198f5c0996030005000100000055f2ffff0800010002000000ffff00000100000003000000968700000500030002000000090000000080060002000000040000000000fdff0300000003000000ed000c0001000000000000400200080003000000460000000800040003000000050000000900a7000200000002000000fe0f00000100000000000000ff0f03000300000009000000020005000100000005000000090003000300000004000000540e0700010000000d00000058e501000300000000000000000000080100000000020000feff010003000000008000000100370203000000000000000100ff0101000000020000000400050002000000090000000400080000000000ffffff7f0080020000000000000000000300030003000000ff030000c747020001000000020000000200d900010000000900000007000400010000000600000021e40e0001000000060000000c00070002000000975baa5c0200050001000000100000000800030002000000800000000100030001000000bfffffff0700020003000000890f0000fdff010000000000fffffeff740907000200000009000000ff0308000100000003000000faff0b00000000000b0000000900838c0100000090ffed338100030003000000ff0000000400000401fd0000090000005402010001000000060000000e0203000900040073797a300000000000000000000000000000000000000000000000000000000007d244588784b190a1f4fa3cb01525474ea64ec3f7c0096e95ab1a9bf359f82cb38947871ae3cfed7c6705390591f0703cc43988d06aa96d8119dfb63106dcf2080000000300000007000000000000010200000002000000010105000300000001000000fffe030000000000020000000700020001000000040000000600050003000000ffffffff020001000300000005000000c500030003000000040000005c0905000200000055070000d604200103000000050000000c0009000200000007000000cb0bffff000000000600000008000500030000000768ffffff00010001000000ac0a0000ffff8aab0000000006000000000009000200000081000000b0519bd300000000cc5e5d15080008000200000006000000060007060200000007000000090004000100000008000000ff070900000000000600000002002e000300000089080000a000030001000000010100000700020000000000060000000600001002000000ffffff7f0500001001000000020000000200008000000000040000006f000600020000000400000001000900010000000600000006000400030000000700000070008100000000000100008053e8400002000000090000000300040002000000ff7f0000090081000100000005000000070097000100000005000000ce030f0001000000060000000500090003000000080000000500080001000000030000000700790001000000040000000b00b44102000000ff7f000054020100030000008b000000040408000100260073797a30000000000000000000000000000000000000000000000000000000000f1ee17a69102a7183a7e76a0aebd9ee950c30d652e4a51907863a9ef2cca2f09b8c66ef641929000f840aaa2762f707c193da320bb67480d28208b473e4f5090f00000300000000080000000700e000030000000600000002000200000000008000000001000900000000000800000020fa070000000000030000008500090003000000060000002e04090002000000040000000000020002000000010100000800ff03010000000100000004004308000000000f0000000500020000000000008000000900260e030000000100008001fc0900000000000f00000000800800010000007669b7640800040000000000018000000100f8ff0300000003000000dc7d080002000000060000000900b34e030000008500000003000c000200000003000000ff7f020002000000c32c85570300010000000000050000000700080003000000080000000700000002000000020000001600ff0703000000050000000d00030002000000010000000d00040002000000090000000800ee0b020000000300000074008f4001000000050000000008020000000000080000000200040002000000d01b00000300090000000000040000000600ff01030000000800000001009c000300000000000000f9ffab0f03000000010000001000060003000000040000000300070000000000f4ffffff030009000000000002000000810007000000000000000100030058f6000000000600000001000200000000000000000054020100030000000400000003060600f8ff010073797a3000000000000000000000000000000000000000000000000000000000c8c911d8495e045fc11cc2f624ce9518beb4361e14a81b43b1a216d53075269dba6668f73b4dc2f1fd64fb59627f2e2978e2c9c8b60c280416544fc73336fcd180ff09000200000000000000faff8000010000000200000007000c000300000000000000faff000001000000180000007f00040002000000614100000000050001000000030000000700854100000000060000000700060003000000ff7fffff0800070000000000010400000500040001000000010000000200fdff01000000ffffffff2100f7ff0200000040000000070008000000000007000000ff03090000000000020000000500050002000000000000800300070000000000050000000800af1b010000000a0000000900070002000000060000000000060000000000040000000c000700020000000001000000007f0001000000030000008e0f080003000000080000004a95070002000000060000000800000403000000030000000000ad2a0100000010000000c300090000000000f9fffffffeff040002000000f8ffffff00003b0001000000010000000800c80000000000ffff00000300020003000000090000000300030003000000ffffffff7b4c01000100000008000000060009000300000084b2113a010006000000000000000100ffffe13202000000ffff000089e2090002000000040000000300030002000000050000000100060001000000080000000600390f0200000009000000040003000200000002000000540201000000000000020000400302000800280073797a3100000000000000000000000000000000000000000000000000000000c7f0d9166b996d796845fdff6a6a20a8ffa20e7df0f66cfacfbeea3de99dcae67261a8ed5b9ede0d316b43a2d2c8a19406e017bbc029bd7e57e91c53e167e8e602000400010000006add00000100090001000000010001000300ff0f0300000060476b7801001400000000000e00000005003c00000000000d0000000b00040002000000a20000008000030003000000060000000700850f0200000009000000020005000200000000020000030001000200000008000000ff0100000200000031a4e2f807000200010000000000000003000900010000000f00000046000700030000000700000008000020030000000180000095e9040400000000000800000600810000000000040000000c000900020000000082ffff07007bca03000000060000000000060002000000060000000104010003000000f9ffffff0100ff0f03000000fdffffff16b7a3f60200000000080000460000080000000005000000840102000000000008000000000882ff030000000c000000b4e90004020000000300000009000000010000001000000007008c0001000000070000000100ffff0200000009000000070002000300000001000000f1000002010000009e0e00000200040002000000060000003100ff07f559401f0100000005000800010000000004000001000200000000000600000000100200020000000300000000000800030000000700000003000800000000007f000000b70801000100000007000000540201000100000001010000092d09000700020073797a3000000000000000000000000000000000000000000000000000000000bb198d888bda2bbe9d58762a07e14c3fa7fe7b46092169ff9b88665b9acdfc00bd22f40bdabaab8355c52c284d898087366a890b104465de6220cd2dacd28ca20000010001000000080000000100ff03030000000300000070240c0000000000050000000900000072d7eccfffffff7f0600030000000000400000000104080000000000040000000400040001000000020000000400ff0300000000060000000a0009000200000008000000040008000200000007000000010004000300000008000000040001000000000006000000b08b040001000000ffffff7f01004e6701000000040000008000fbef0000000008000000f4ff01800400000002000000faff0500010000002d7200000800ff0701000000b9c7000000000600030000000800000009000400010000000900000000000f00030000000a000000a600ff7f020000008dd6ffff050040000200000004000000020018d400000000040000000c00040003000000000000000100080002000000010400000400050002000000000400001800030000000000820b00000700010001000000010000000a0010000200000005e8ff00ffff050003000000ffff000005000900000000000400000002000f0002000000000000000100ff0103000000020000003e01537e000000000300000050bc004002000000f7ffffff8194070000000000932f410c030004000300000001000000001007000300000003000000040006000100000004000000540201000100000009000000040c43000001150073797a3100000000000000000000000000000000000000000000000000000000f6582e5e593fecbc3d2b2272a4e0487f7c29e734"], 0x1060}, 0x1, 0x0, 0x0, 0x4000045}, 0x4000000)

21m25.72782293s ago: executing program 33 (id=290):
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x6, 0x4, 0x240, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0), &(0x7f0000000380), 0xfff, r1, 0x0, 0xa0028000}, 0x38)
io_uring_setup(0x2f8f, 0x0)
syz_usb_connect(0x5, 0x2d, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205647, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0)

20m24.204616032s ago: executing program 0 (id=548):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xe, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="650a00000000000061116400000000001800000000000000000000000000000095000000000000007c6fe1689aba46407fa1decfe8a922"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

20m23.063735376s ago: executing program 0 (id=551):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r3}, &(0x7f0000000080), &(0x7f00000001c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r4}, 0x10)

20m22.396054826s ago: executing program 0 (id=554):
landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x10, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket(0x2b, 0x1, 0x0)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
writev(r1, &(0x7f00000008c0)=[{&(0x7f00000000c0)="580000001400adfd8a987e40da2e6a262b", 0x11}, {&(0x7f0000000500)="57c5cb96cc75a3843fc535a4161ed3ca15bfa0576dc2a0a14fd5aaf7b08d9b8f7de349f4fbdb5db8d2521d2a96df0e3512d0fd6e72570688ae79bfce6ffd7a37ecadee65e118a5", 0x47}], 0x2)
close(r2)
r3 = socket$netlink(0x10, 0x3, 0x4)
splice(r0, 0x0, r2, 0x0, 0x80000001, 0x0)
mmap(&(0x7f0000468000/0x2000)=nil, 0x2000, 0x0, 0x4010, 0xffffffffffffffff, 0xd26a6000)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r3)

20m22.100077674s ago: executing program 0 (id=555):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='nr_inodes=M'])
chdir(&(0x7f0000000140)='./file0\x00')
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x1217880, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
read$FUSE(r1, &(0x7f0000002140)={0x2020}, 0x2100)

20m21.866490683s ago: executing program 0 (id=559):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, 0x0, 0x0)
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[@ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

20m21.47983349s ago: executing program 0 (id=563):
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x2, 0x3}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x42, 0x7, 0x3}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x1}, 0x10)
r4 = socket$tipc(0x1e, 0x5, 0x0)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x5}}, 0x10)
sendmsg$tipc(r4, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10, 0x0}, 0x0)

20m21.183113111s ago: executing program 34 (id=563):
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x2, 0x3}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000300)={0x42, 0x7, 0x3}, 0x10)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x1}, 0x10)
r4 = socket$tipc(0x1e, 0x5, 0x0)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x5}}, 0x10)
sendmsg$tipc(r4, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10, 0x0}, 0x0)

18m12.336200226s ago: executing program 6 (id=1011):
socket$nl_route(0x10, 0x3, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r2 = socket$rxrpc(0x21, 0x2, 0xa)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="2d01080000c582b61bdd04878800080103"], 0x2c}}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r5, @ANYBLOB="ff830500000700ffffff", @ANYRES32=r2], 0x4}}, 0x0)
sendfile(r4, r3, 0x0, 0x100000002)

18m12.223190362s ago: executing program 6 (id=1012):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
close(r2)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/net\x00')
r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="85000000080000004e00000000000000850000007d00000095000000000000007ab9e683b171b4b09980af6c1ebeda4ac0d3e3aa71a9ab17e14e1b0be949499ca6a5b2c467b6d3d1c0ae1e9820331afd90cc832c761aa3adf9be48c401c7f893694bf8cd19b7173cd4688904f7310af046fd490d3f2cf49b5f68aecf0bc659dc3d53c2"], &(0x7f0000000140)='GPL\x00', 0x0, 0xbd, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000440)={r3, 0x0, 0x11, 0x0, &(0x7f0000000600)="61df712bc884fef053a7a9a26e9b722780", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r4}, 0x10)
r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r5}, 0x8)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x7, 0x6a, 0xa, 0xff00}, [@call={0xc}, @exit, @map_fd, @jmp]}, &(0x7f0000000140)='GPL\x00', 0x2, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x1e, 0x10, 0x0, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2d)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)={@ifindex, r7, 0x11, 0x0, 0x0, @void, @value=r6}, 0x20)

18m11.967457848s ago: executing program 6 (id=1014):
r0 = openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000280), r0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r3, 0xae9a)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3], 0x0, 0x41901})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

18m11.633235902s ago: executing program 6 (id=1017):
mkdir(&(0x7f00000003c0)='./file1\x00', 0x16)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x1607010, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x87, <r2=>r1}, './file0\x00'})
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000100), 0x20c00, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc0189379, &(0x7f0000000140)={{0x1, 0x1, 0x18, r2}, './file1\x00'})
chdir(&(0x7f0000000040)='./file0\x00')
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)

18m11.500713671s ago: executing program 6 (id=1018):
socket$inet_smc(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, 0x0, 0x0, 0x0)

18m10.139816063s ago: executing program 6 (id=1022):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r1)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f00000005c0)={0x2c, r2, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40080}, 0x40408c0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000040)={&(0x7f0000000440)={0x18, r2, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000000}, 0x8000)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r4 = dup(r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r4, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x9, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x6b, 0x15}, [@call={0x45}]}, &(0x7f0000000140)='GPL\x00', 0x8, 0x8c, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x23)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xb, 0x6, &(0x7f0000001300)=ANY=[@ANYBLOB="620ac4ff0000000071107c000000000085000000320000001801040000000000000000000500000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$BLKROSET(r4, 0x125d, &(0x7f0000000000)=0x4)
ioctl$BLKRRPART(r4, 0x125f, 0x0)

18m9.985305071s ago: executing program 35 (id=1022):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r1)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f00000005c0)={0x2c, r2, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40080}, 0x40408c0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000040)={&(0x7f0000000440)={0x18, r2, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000000}, 0x8000)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r4 = dup(r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r4, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x9, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x6b, 0x15}, [@call={0x45}]}, &(0x7f0000000140)='GPL\x00', 0x8, 0x8c, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x23)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xb, 0x6, &(0x7f0000001300)=ANY=[@ANYBLOB="620ac4ff0000000071107c000000000085000000320000001801040000000000000000000500000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$BLKROSET(r4, 0x125d, &(0x7f0000000000)=0x4)
ioctl$BLKRRPART(r4, 0x125f, 0x0)

14m1.640877937s ago: executing program 2 (id=1717):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
r2 = dup2(r0, r1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x100000e, 0x12, r1, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
openat(r2, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x142)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_usb_connect$uac1(0x3, 0x9e, &(0x7f0000000440)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x8c, 0x3, 0x1, 0x0, 0x80, 0x8, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x7310, 0x2}, [@processing_unit={0xd, 0x24, 0x7, 0x1, 0x3, 0xb, "3900c7de4af3"}, @selector_unit={0x8, 0x24, 0x5, 0x2, 0x7f, "ae8bcc"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xa, 0x24, 0x2, 0x1, 0x10, 0x1, 0xb, 0x7, '1', "bd"}, @as_header={0x7, 0x24, 0x1, 0x4, 0xc, 0x1002}, @as_header={0x7, 0x24, 0x1, 0x9, 0x0, 0x1001}]}, {{0x9, 0x5, 0x1, 0x9, 0x20, 0x6, 0x3, 0x2, {0x7, 0x25, 0x1, 0x0, 0x2, 0x380}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0xd0, 0x0, 0xb, {0x7, 0x25, 0x1, 0x0, 0x8f, 0x4}}}}}}}]}}, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, &(0x7f0000000300)={0x70001, 0x0, [0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x29]})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x13, &(0x7f0000000300)=@bpf_lsm={0x3, 0x3, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x85}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

13m57.889907546s ago: executing program 2 (id=1725):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002800), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
r1 = eventfd2(0x0, 0x0)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000100)={0x0, r1})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001500)=ANY=[], 0x1c}}, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=""/57, 0x0, &(0x7f0000000500)=""/4096})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

13m55.104902942s ago: executing program 2 (id=1730):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x15f)
mkdirat(r0, &(0x7f0000000440)='./bus\x00', 0x41)
mount$overlay(0x0, &(0x7f00000004c0)='./bus\x00', &(0x7f0000000440), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0)
mknodat(r1, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
linkat(r1, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000240)='./file0\x00', 0x0)
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r2, &(0x7f0000002100)=""/4107, 0x100b)

13m54.555758222s ago: executing program 2 (id=1735):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
syz_open_procfs(0x0, &(0x7f0000000080)='net/tcp\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000380))
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000002140)={{0x12, 0x1, 0x0, 0x8d, 0xdf, 0xb2, 0x40, 0xb49, 0x64f, 0xd4fd, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xde, 0x0, 0x1, 0xe6, 0xf6, 0x52, 0x0, [], [{{0x9, 0x5, 0xc}}]}}]}}]}}, 0x0)
syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x40, 0x458, 0x500f, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x10, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x3d, 0x2, 0x3, 0x1, 0x3, 0x7f, {0x9, 0x21, 0x101, 0xff, 0x1, {0x22, 0xa9c}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x6, 0x5, 0x7}}, [{{0x9, 0x5, 0x2, 0x3, 0x20, 0x8, 0x6, 0x8}}]}}}]}}]}}, &(0x7f0000000200)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x300, 0x2, 0x9, 0xe, 0x8, 0x4}, 0x24, &(0x7f0000000080)={0x5, 0xf, 0x24, 0x2, [@ptm_cap={0x3}, @ssp_cap={0x1c, 0x10, 0xa, 0x4, 0x4, 0x7, 0xf000, 0xff81, [0xffff5f, 0x3f00, 0x10100ff, 0xc030]}]}, 0x2, [{0xc2, &(0x7f00000000c0)=@string={0xc2, 0x3, "273cb14ae5ea4ce9bf6f7a2e3f3523b8669f22cebbde2ae3f5fa05ff7af2cab99ce51723d76ab8b76f1c63651fd70fe0e4e586332458c3d34fa4f7278cfd830d8be1c5b2203687fd83a8bdb7de1de1f6cebcf0efe8feac454e9a8120aabb296acfdde21de0bebc7a57841c49df8d0316012e2570e05bc96b0a9e868389611d2fbd4f3c83b6e46fdabec7c3a9089265c142029e1363c1cbec97cb40c0913d65481b1055f30f30c30ff49ca35f69220d3e09fedb415bc11021da55682c4bf8e459"}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x430}}]})

13m51.091835198s ago: executing program 2 (id=1742):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x0, 0x4, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
userfaultfd(0x80001)

13m50.551921689s ago: executing program 2 (id=1744):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r5, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r5, 0x3)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r6, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
recvmmsg(r6, &(0x7f0000003240)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x32, 0x0)

13m49.604489292s ago: executing program 36 (id=1744):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r5, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r5, 0x3)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r6, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
recvmmsg(r6, &(0x7f0000003240)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x32, 0x0)

8m44.459970025s ago: executing program 8 (id=2429):
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000001440)={0x0, 0x0, &(0x7f0000001400)={0x0}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
syz_genetlink_get_family_id$ipvs(0x0, r1)
sendmsg$kcm(r0, 0x0, 0x4080)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
accept$packet(r0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0)

8m41.482742575s ago: executing program 8 (id=2433):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00', <r1=>0x0})
syz_usb_connect(0x6, 0x2d, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000800)={'batadv_slave_0\x00', <r5=>0x0})
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r6, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r6, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r7 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r6, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f0000000300)=0x1000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', <r8=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r6, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r6, &(0x7f0000000100)={0x2c, 0x0, r8}, 0x10)
bind$xdp(r3, &(0x7f0000000240)={0x2c, 0x1, r5, 0x0, r6}, 0x10)
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r1}}, 0x24}}, 0x0)

8m37.087911917s ago: executing program 8 (id=2442):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = dup(r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
socket$kcm(0x2, 0xa, 0x2)
openat$proc_mixer(0xffffffffffffff9c, 0x0, 0x280, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB="2c774802000000a41849f3673f9376bdd950550a39f6421788d905a275aa4cb54161d3ac8681137d06b0ad", @ANYRESHEX=r4, @ANYBLOB=',\x00'])
r5 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f00000001c0)={0x0, 0x112, 0x7})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0xc8)

8m32.81405018s ago: executing program 8 (id=2451):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000400)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x89901)
move_mount(r3, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000440)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10a5840, 0x0)

8m29.402124255s ago: executing program 8 (id=2455):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
ioprio_get$uid(0x3, 0x0)
mount(0x0, 0x0, &(0x7f00000005c0)='vxfs\x00', 0x0, 0x0)
r3 = io_uring_setup(0x341a, &(0x7f0000000080)={0x0, 0x4, 0x2, 0x0, 0x7fffc})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

8m28.69563122s ago: executing program 8 (id=2458):
r0 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
openat$audio(0xffffffffffffff9c, 0x0, 0x9e966e64318092aa, 0x0)
ioctl$EVIOCGABS20(0xffffffffffffffff, 0x40044591, 0x0)
r5 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000))
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)

8m26.622529499s ago: executing program 37 (id=2458):
r0 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
openat$audio(0xffffffffffffff9c, 0x0, 0x9e966e64318092aa, 0x0)
ioctl$EVIOCGABS20(0xffffffffffffffff, 0x40044591, 0x0)
r5 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000000))
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)

5m7.077975477s ago: executing program 9 (id=2832):
openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x31, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
timer_create(0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x2)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SCSI_IOCTL_DOORUNLOCK(0xffffffffffffffff, 0x5381)
fchdir(0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)

5m6.2896475s ago: executing program 9 (id=2835):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r3 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r3, &(0x7f0000000180)=ANY=[], 0xb8)

4m56.223816407s ago: executing program 9 (id=2855):
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5)
r0 = syz_open_dev$MSR(&(0x7f0000000300), 0x100040000, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_procfs(0xffffffffffffffff, 0x0)
socket$netlink(0x10, 0x3, 0x4)
setitimer(0x2, &(0x7f0000000580)={{0x77359400}, {0x0, 0xea60}}, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x0, 0xffffffffffffffff}, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={&(0x7f0000000000), &(0x7f0000000040)=[0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x2, 0x2, 0x7})
r2 = request_key(&(0x7f00000004c0)='blacklist\x00', &(0x7f0000000500)={'syz', 0x1}, &(0x7f0000000540)=',', 0xfffffffffffffffc)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)=@newneigh={0x50, 0x1c, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x14}, [@NDA_DST_MAC={0xa, 0x1, @link_local}, @NDA_FDB_EXT_ATTRS={0x28, 0xe, 0x0, 0x1, [@NFEA_DONT_REFRESH={0x4}, @NFEA_ACTIVITY_NOTIFY={0x5, 0x1, 0x5}, @NFEA_ACTIVITY_NOTIFY={0x5, 0x1, 0x9}, @NFEA_ACTIVITY_NOTIFY={0x5, 0x1, 0x10}, @NFEA_DONT_REFRESH={0x4}, @NFEA_DONT_REFRESH={0x4}]}]}, 0x50}}, 0x0)
r4 = add_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x1}, 0x0, 0x0, r2)
keyctl$search(0xb, r4, &(0x7f0000000240)='big_key\x00', &(0x7f0000000180)={'syz', 0x1}, r4)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendto$inet6(r3, &(0x7f0000000500)="a4", 0xffe0, 0x4c, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

4m52.056966282s ago: executing program 9 (id=2864):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x11, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
r3 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
r5 = dup3(r3, r4, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000080), 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3, 0x12, r7, 0x0)
ioctl$MON_IOCG_STATS(r5, 0x80089203, &(0x7f00000001c0))

4m49.78139298s ago: executing program 9 (id=2865):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
open(0x0, 0x143042, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f00005c6000/0x2000)=nil, 0x2000, 0x100000b, 0x10, r0, 0x7f899000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000001400))
connect$unix(r2, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000002c0), 0xffffffffffffffff)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x8, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, {[@cipso={0x86, 0xb, 0x3, [{0x1, 0x5, "83fa62"}]}]}}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @broadcast=0xac1414bb}}}}}}, 0x0)

4m48.039277623s ago: executing program 9 (id=2871):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
modify_ldt$write(0x1, 0x0, 0x0)
fsopen(0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x2c, 0x0, 0xb, 0x5, 0x0, 0x0, {0x3, 0x0, 0x9}, [@NFTA_COMPAT_NAME={0x8, 0x1, 'u32\x00'}, @NFTA_COMPAT_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_COMPAT_TYPE={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004045}, 0x20000000)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000007b0108000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000080))
chdir(&(0x7f0000000140)='./bus\x00')
open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)

4m32.838733277s ago: executing program 38 (id=2871):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
modify_ldt$write(0x1, 0x0, 0x0)
fsopen(0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x2c, 0x0, 0xb, 0x5, 0x0, 0x0, {0x3, 0x0, 0x9}, [@NFTA_COMPAT_NAME={0x8, 0x1, 'u32\x00'}, @NFTA_COMPAT_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_COMPAT_TYPE={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004045}, 0x20000000)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000007b0108000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000080))
chdir(&(0x7f0000000140)='./bus\x00')
open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)

4m8.070495084s ago: executing program 7 (id=2933):
mount(&(0x7f0000000300), 0x0, &(0x7f00000000c0)='devtmpfs\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00'}, 0x10)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x38011, r0, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x200000, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000001900), 0x0)

4m6.662942371s ago: executing program 7 (id=2938):
syz_open_dev$sndctrl(0x0, 0xe, 0x40)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
setsockopt$netlink_NETLINK_NO_ENOBUFS(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x7, 0x10000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @value}, 0x50)
mkdir(&(0x7f0000000140)='./control\x00', 0x0)
mount$afs(0x0, &(0x7f00000011c0)='./control\x00', &(0x7f0000000100), 0x400092, &(0x7f0000000000)=ANY=[@ANYBLOB='dyn,flock=write'])
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r3, &(0x7f0000003480)={0x2020}, 0x2020)

4m4.96607173s ago: executing program 7 (id=2940):
dup(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r0, r1, 0x2, 0x2, 0x0, @void, @value}, 0x10)

3m55.29443074s ago: executing program 7 (id=2955):
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
r1 = socket(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2e, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000180), 0xfefc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000004, 0x10012, r2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCSPGRP(r3, 0x8902, &(0x7f0000001080))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='smaps\x00')
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
lseek(r4, 0x2000, 0x0)

3m54.832131986s ago: executing program 7 (id=2958):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000000c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0xb, &(0x7f0000000180)=@framed={{0x18, 0x8}, [@printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040)}, 0x38)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
close(r0)
r1 = socket$kcm(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe05000000000000000000009500"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r5, &(0x7f0000002480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="1400000000000000290000000b000000000091d3000000001400000000000000290000003e00000001000000000000001400000000000000290000"], 0x98}}], 0x1, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1400000017000b63d25a80648c2594f90fa3c92b", 0x14}], 0x1}, 0x0)

3m5.315023542s ago: executing program 7 (id=2958):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000000c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0xb, &(0x7f0000000180)=@framed={{0x18, 0x8}, [@printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040)}, 0x38)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
close(r0)
r1 = socket$kcm(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe05000000000000000000009500"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r5, &(0x7f0000002480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="1400000000000000290000000b000000000091d3000000001400000000000000290000003e00000001000000000000001400000000000000290000"], 0x98}}], 0x1, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1400000017000b63d25a80648c2594f90fa3c92b", 0x14}], 0x1}, 0x0)

17.426938832s ago: executing program 1 (id=3322):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
socket$inet6(0xa, 0x6, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4})
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r4, 0xc01c64a3, &(0x7f0000000040)={0x3, r6, 0x10000000, 0x80000001, 0xb, 0x1fd, 0x1})

16.227694558s ago: executing program 5 (id=3326):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000140)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, "dc"}], 0x18}, 0x0)
recvmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
getdents(0xffffffffffffffff, 0x0, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000700)='kfree\x00', r5}, 0x18)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r6}, 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000600)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r6}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
r8 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r8, 0x0, 0xc8, &(0x7f0000000500), 0x4)
setsockopt$MRT_ADD_MFC(r8, 0x0, 0x5, &(0x7f00000019c0)={@dev={0xac, 0x14, 0x14, 0x39}, @private=0xa010100, 0x0, "544e6b24af869c8bcb343306faffff1400165fadcc19dc1a4d5b370e4d00", 0x0, 0x0, 0xfffffffd}, 0x3c)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r9=>0xffffffffffffffff})
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newtaction={0x98, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x84, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{}, 0x2, r10}}]}, {0x4, 0xa}, {0xc}, {0xc}}}, @m_mpls={0x30, 0x2, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x98}}, 0x0)

14.730138124s ago: executing program 1 (id=3328):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000003c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r3, 0x8108551b, &(0x7f0000002600)={0x10001, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd621b63a16e2f88c3910da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, 0x0, 0x0)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(r4, 0x28, 0x6, &(0x7f0000000080)={0x0, 0xea60}, 0x10)
ioctl$USBDEVFS_SETINTERFACE(r3, 0x80045510, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, 0x0, 0x0)

12.474140322s ago: executing program 4 (id=3329):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000080000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@enum={0x2, 0x0, 0x0, 0x13}]}, {0x0, [0x0, 0x61, 0x30]}}, 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x84}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r6, 0x8916, &(0x7f0000000040)={'batadv_slave_1\x00', {0x2, 0x0, @loopback}})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

12.141041387s ago: executing program 1 (id=3331):
pipe(0x0)
close(0xffffffffffffffff)
socket$key(0xf, 0x3, 0x2)
sched_setscheduler(0xffffffffffffffff, 0x3, &(0x7f0000000180))
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x2, 0x9a2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_CALIPSO_C_REMOVE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, 0x0, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8011}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000020000000900010073797a310000000060000000160a03000000000000000000020000000900010073797a31000000000900020073797a31000000002c000380080002400000000008000140000000001800038014000100776c616e3100000000000000000000000800074000000001"], 0xa8}}, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$hiddev(&(0x7f00000001c0), 0x4, 0x2282)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xfffffecc)
getsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x66, &(0x7f0000000040), 0x0)

11.537639994s ago: executing program 5 (id=3332):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$cgroup(0xffffffffffffffff, &(0x7f0000000400)='syz1\x00', 0x200002, 0x0)
prlimit64(r0, 0x8, &(0x7f0000000180)={0x7fffffffffffffff}, &(0x7f00000001c0))
clock_adjtime(0x7, &(0x7f0000000040)={0x241, 0x7fff, 0xd108, 0x10000000006482, 0xfffffffffffffffe, 0x7ff, 0x1, 0x2, 0x1ff, 0x8001, 0xfffffffffffffff7, 0x4000000000000007, 0x3, 0x6, 0x7, 0xd04, 0xd, 0x581d, 0x3, 0x1, 0x6, 0x6, 0x3, 0x0, 0x7fffffffffffffff, 0x3e})
r3 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @mcast2, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x0, 0x0, 0x0, 0x50}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x30, 0x1411, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x13}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x1}]}, 0x30}}, 0x40)

9.763885637s ago: executing program 4 (id=3333):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000070000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
creat(&(0x7f00000000c0)='./bus\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
syz_open_procfs(0x0, &(0x7f0000000280)='attr/exec\x00')
r3 = add_key$fscrypt_v1(&(0x7f0000000440), &(0x7f0000000480)={'fscrypt:', @auto=[0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32]}, &(0x7f00000004c0)={0x0, "3e82554dc8ccfbc2e85ec82d4ee9df60f6ae16b1a5f2c848722ba3b132e4fde178c945bd950b0477e801fc8a1be9b4ebbe9c2289a6b0aa00"}, 0x48, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f0000000300)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r4, 0x5761, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000"])
keyctl$KEYCTL_WATCH_KEY(0x20, r3, r4, 0x0)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x10b4, 0x0)
openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
sendmsg$FOU_CMD_GET(0xffffffffffffffff, 0x0, 0x24008006)

8.639661107s ago: executing program 4 (id=3334):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r0 = open(0x0, 0x200100, 0x0)
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300"/3601], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r4}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000100), 0x208e24b)
preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)

7.998143732s ago: executing program 5 (id=3335):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000840)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x3, &(0x7f0000000240)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r3, 0xffffffffffffffff, 0x2c}, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
r4 = openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
sendfile(r4, 0xffffffffffffffff, 0x0, 0x23d)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$evdev(&(0x7f0000000040), 0xeeb, 0xc10800)
sendmsg$nl_generic(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x1c, 0x2a, 0x9, 0x0, 0x0, {0x4, 0x0, 0x2c00}, [@typed={0x8, 0x17, 0x0, 0x0, @uid}]}, 0x1c}, 0x1, 0x3000000}, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNISCRNMAP(r6, 0x4b6a, &(0x7f0000000040)="0f20")

6.890898492s ago: executing program 5 (id=3337):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, r0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f0000000040)={0xc, 0x1}, 0x8)
connect$bt_sco(r3, &(0x7f0000000000)={0x1f, @none}, 0x8)
shutdown(r3, 0x0)
r4 = eventfd2(0xfffffffe, 0x80801)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000000)={0x0, 0x0, 0x1, r0})
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000580)={0x0, 0x0, 0x0, r4})
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket(0x10, 0x80803, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000005e00010200"/20, @ANYRES32=0x0, @ANYBLOB="bf"], 0x1c}}, 0x4)
recvmmsg(r5, &(0x7f0000001bc0)=[{{0x0, 0x0, 0x0}}], 0x7, 0x0, 0x0)

6.843564565s ago: executing program 1 (id=3338):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet_udp(0x2, 0x2, 0x0)
r4 = openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x40101, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x8}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x9}, {}, {}, {}, {0x18, 0x8, 0x2, 0x0, r5}, {}, {0x46, 0x0, 0x2, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
write$USERIO_CMD_REGISTER(r4, &(0x7f0000000000), 0x2)
r7 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$RTC_WKALM_SET(r7, 0x4028700f, &(0x7f0000000080)={0x2, 0x0, {0x0, 0x41d, 0x0, 0x18, 0x2, 0x60}})
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[], 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
iopl(0x3)

6.01790377s ago: executing program 4 (id=3339):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
socket$inet6(0xa, 0x6, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4})
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000640)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r4, 0xc01c64a3, &(0x7f0000000040)={0x3, r6, 0x10000000, 0x80000001, 0xb, 0x1fd, 0x1})

5.295775567s ago: executing program 3 (id=3340):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0x1}, 0x18)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x80041285, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, &(0x7f00000002c0)=""/223, 0x26, 0xdf, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x0, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
r4 = dup(r3)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, 0x0, 0xc0)
pipe(0x0)
r7 = dup(r5)
sendfile(r7, r4, 0x0, 0x89ffc)

5.017185656s ago: executing program 1 (id=3341):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x200000000000011, 0x2, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
timerfd_create(0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000040)="240000001a005f0014f9f507000909000a00000000000000000000000800020000000000", 0x24)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
socket$inet(0x2, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x4, &(0x7f00000000c0)=0xfff, 0x4)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000300)=""/70, &(0x7f00000001c0)=0x46)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
add_key$fscrypt_v1(0x0, 0x0, &(0x7f0000000180)={0x0, "de8d0d27ca969fa15f8b3b7bae39c1b3327d4332f8c149d2d65a347d67f6db7eb90dfdad3cdebaaf421412f812305c9da91699b5a02c1295596f0fd9ec78f2fd"}, 0x48, 0x0)
mkdirat(r1, &(0x7f0000000040)='./file0\x00', 0x20)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r7}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0x14, 0x5, 0x0, 0x1, [@IFLA_BRPORT_GROUP_FWD_MASK={0x6, 0x1f, 0x3}, @IFLA_BRPORT_MCAST_EHT_HOSTS_LIMIT={0x8, 0x25, 0x4}]}}}]}, 0x4c}}, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000100)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r1, @ANYBLOB="05", @ANYRESOCT], 0x0)

4.672892376s ago: executing program 3 (id=3342):
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$llc(0x1a, 0x801, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='net/tcp6\x00')
socket$inet_udplite(0x2, 0x2, 0x88)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000002c0)=ANY=[@ANYRES8=r1], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)
ioctl$TIOCL_GETKMSGREDIRECT(r3, 0x541c, &(0x7f0000000000))

4.671935265s ago: executing program 4 (id=3343):
r0 = inotify_init1(0x0)
inotify_add_watch(r0, 0x0, 0x50007a2)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
write$binfmt_elf32(r1, 0x0, 0x69)
close(r1)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
recvmsg(r3, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x20)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', 0x0, 0x0, 0x101091, 0x0)
ioperm(0x4, 0x2, 0x100000000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$PTP_PIN_SETFUNC(r1, 0x40603d07, &(0x7f0000000140)={'\x00', 0x6, 0x1})
execve(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)

3.814823014s ago: executing program 3 (id=3345):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$vim2m_VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0cc5640, &(0x7f0000000540)={0x1, @sliced={0x0, [0x12a9, 0x400, 0xea, 0x8, 0xffff, 0x3, 0x6, 0x8, 0x83, 0x1, 0xe3c7, 0x5, 0x6, 0x8, 0x9, 0x200, 0x7, 0x9, 0x5, 0x3, 0x1ff, 0xad3f, 0x5, 0x4, 0x0, 0x7, 0x6, 0x8, 0x101, 0x515, 0x7, 0x2, 0x5, 0x9, 0x2, 0xfc00, 0x10, 0xfff, 0x9, 0x23, 0x38, 0x4, 0xfff4, 0x675, 0xa, 0x6, 0x800, 0x8], 0x3}})
syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0xce5d, 0x80, 0x0, 0x89}, &(0x7f0000000240), &(0x7f0000000280))
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
r4 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000000))
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f0000f1d000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0xfffffffffffffffd, 0x0, 0x0, 0x96f, 0x32, 0x20, 0x1, 0x21})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000000)={0x8, 0x0, 0x3017, 0x1, 0x7, 0x2, 0xc, 0x1})
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000210400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010067726574617000000c00028008000100", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}}, 0x0)

2.156212131s ago: executing program 4 (id=3346):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket(0x2, 0xa, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r3, 0x0, 0x0}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000400000002"], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r4, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r5, &(0x7f0000000300), 0x20000000}, 0x20)
read$msr(r2, 0x0, 0x0)
write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000240)={0x29, 0x4, 0x0, {0x2, 0x0, 0x1, 0x0, [0x0]}}, 0x29)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)

2.154306223s ago: executing program 5 (id=3347):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000003c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r2, 0x8108551b, &(0x7f0000002600)={0x10001, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd621b63a16e2f88c3910da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, 0x0, 0x0)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(r3, 0x28, 0x6, &(0x7f0000000080)={0x0, 0xea60}, 0x10)
ioctl$USBDEVFS_SETINTERFACE(r2, 0x80045510, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, 0x0, 0x0)

2.152725549s ago: executing program 3 (id=3348):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000740)='cgroup2\x00', 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000640)=ANY=[@ANYRES32, @ANYRES32=r3, @ANYBLOB="02"], 0x10)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000001fc0)=""/184, 0x20002078)

1.05380744s ago: executing program 5 (id=3349):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000014c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000008340)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000004200)={0x50, 0x0, r2, {0x7, 0x21, 0x0, 0x128200}}, 0x50)
lsetxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, 0x0, 0x1)
read$FUSE(r1, &(0x7f0000002140)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r1, &(0x7f0000000080)={0x10, 0xffffffffffffffda, r3}, 0x10)
lsetxattr$trusted_overlay_redirect(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, 0x0, 0x2)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000940)={{}, 'syz0\x00'})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x12)
ioctl$UI_SET_SNDBIT(r0, 0x4004556a, 0x2)
ioctl$UI_DEV_CREATE(r0, 0x5501)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee9, 0x8031, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000280)=""/44, 0x2c)
ioctl$KDMKTONE(r4, 0x4b30, 0x8000000000000001)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000040)={'ip6gre0\x00', <r6=>0x0, 0x29, 0x87, 0x7, 0x90d7dbcc, 0xc, @private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x700, 0x0, 0x1, 0x90000}})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'wlan0\x00'})
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@ipv4_getnexthop={0x48, 0x6a, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [@NHA_GROUPS={0x4}, @NHA_FDB={0x4}, @NHA_FDB={0x4}, @NHA_OIF={0xffffffffffffff4c, 0x5, r6}, @NHA_FDB={0x4}, @NHA_OIF={0x8}, @NHA_FDB, @NHA_ID]}, 0x48}}, 0x1800)

1.025141862s ago: executing program 3 (id=3350):
r0 = socket$igmp(0x2, 0x3, 0x2)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@ipv6_getroute={0x1c, 0x1a, 0x1, 0x0, 0x0, {0xa, 0x14}}, 0x1c}}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f0000000380), &(0x7f0000000480)=0x40)
ioctl$FS_IOC_GETFSLABEL(r5, 0x400452c9, &(0x7f0000000100))
setsockopt$CAN_RAW_ERR_FILTER(0xffffffffffffffff, 0x65, 0x7, &(0x7f00000001c0), 0x4)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, &(0x7f0000000100)={0x0, 0x0, 0xc, 0xb, 0x200, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_open_dev$sg(&(0x7f0000000100), 0x0, 0x189202)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

114.118725ms ago: executing program 1 (id=3351):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x20001400)
ioctl$sock_inet_tcp_SIOCINQ(r2, 0x541b, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r3, 0x1, 0x2a, &(0x7f0000006780), 0x62)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c)
recvmmsg(r3, &(0x7f0000005dc0)=[{{0x0, 0x0, 0x0}}], 0x4000000000002b1, 0x1f, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r7, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r8, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
sendmsg$L2TP_CMD_SESSION_GET(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)={0x3c, r6, 0x1, 0x0, 0x0, {0x7}, [@L2TP_ATTR_IFNAME={0x14}, @L2TP_ATTR_RECV_TIMEOUT={0xc}, @L2TP_ATTR_LNS_MODE={0x5}]}, 0x3c}}, 0x0)

0s ago: executing program 3 (id=3352):
socket(0x1d, 0x5, 0x3)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
r1 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, 0x0)
ioctl$NBD_SET_SOCK(r1, 0xab00, r2)
r3 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
ioctl$NBD_SET_FLAGS(r3, 0xab0a, 0x1000001000104)
ioctl$NBD_SET_SOCK(r3, 0xab00, r2)
ioctl$NBD_DO_IT(r3, 0xab03)
ioctl$NBD_CLEAR_SOCK(r3, 0xab04)
close_range(r0, 0xffffffffffffffff, 0x0)
r4 = socket$kcm(0x21, 0x2, 0x2)
setsockopt$sock_attach_bpf(r4, 0x110, 0x12, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000140)={0x0, <r5=>0x0})
r6 = syz_open_procfs(r5, 0x0)
ioctl$SOUND_MIXER_READ_DEVMASK(r6, 0x80044dfe, &(0x7f0000000040))
fsync(r6)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r6, 0xc0096616, &(0x7f0000000180))
r7 = syz_open_dev$vim2m(0x0, 0x81, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r7, 0xc008561c, &(0x7f0000000000)={0xf0f041})

kernel console output (not intermixed with test programs):

589.009873][   T57] usb 3-1: New USB device found, idVendor=0b49, idProduct=064f, bcdDevice=d4.fd
[  589.032146][   T57] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  589.079469][   T57] usb 3-1: Product: syz
[  589.089604][   T57] usb 3-1: Manufacturer: syz
[  589.094265][   T57] usb 3-1: SerialNumber: syz
[  589.114813][   T57] usb 3-1: config 0 descriptor??
[  589.352790][T13193] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  589.402029][T13193] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  589.446737][   T57] usb 3-1: USB disconnect, device number 23
[  593.485285][T13274] vxcan2: entered allmulticast mode
[  593.657698][ T5817] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  593.730619][ T5817] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  593.744515][ T5817] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  593.810182][ T5817] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  593.821490][ T5817] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  593.829214][ T5817] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  596.094127][ T5817] Bluetooth: hci4: command tx timeout
[  596.257667][T13277] chnl_net:caif_netlink_parms(): no params data found
[  596.519746][T13277] bridge0: port 1(bridge_slave_0) entered blocking state
[  596.527022][T13277] bridge0: port 1(bridge_slave_0) entered disabled state
[  596.534278][T13277] bridge_slave_0: entered allmulticast mode
[  596.540830][T13277] bridge_slave_0: entered promiscuous mode
[  596.553169][T13277] bridge0: port 2(bridge_slave_1) entered blocking state
[  596.560430][T13277] bridge0: port 2(bridge_slave_1) entered disabled state
[  596.567754][T13277] bridge_slave_1: entered allmulticast mode
[  596.574831][T13277] bridge_slave_1: entered promiscuous mode
[  596.631456][T13277] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  596.648656][T13277] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  597.333700][T13277] team0: Port device team_slave_0 added
[  597.444450][T13277] team0: Port device team_slave_1 added
[  598.072355][T13277] batman_adv: batadv0: Adding interface: batadv_slave_0
[  598.084668][T13277] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  598.142781][ T5817] Bluetooth: hci4: command tx timeout
[  598.169323][T13277] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  598.179922][ T5899] usb 8-1: new full-speed USB device number 15 using dummy_hcd
[  598.189505][T13277] batman_adv: batadv0: Adding interface: batadv_slave_1
[  598.196635][T13277] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  598.222830][T13277] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  598.356102][T13277] hsr_slave_0: entered promiscuous mode
[  598.367631][T13277] hsr_slave_1: entered promiscuous mode
[  598.416136][T13277] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  598.442592][T13277] Cannot create hsr debugfs directory
[  598.735089][T13277] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  598.756418][T13277] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  598.771151][T13277] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  598.788822][T13277] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  598.818707][ T5899] usb 8-1: unable to get BOS descriptor or descriptor too short
[  598.830062][ T5899] usb 8-1: no configurations
[  598.849519][ T5899] usb 8-1: can't read configurations, error -22
[  598.937137][T13277] 8021q: adding VLAN 0 to HW filter on device bond0
[  598.955691][T13277] 8021q: adding VLAN 0 to HW filter on device team0
[  598.967524][ T2895] bridge0: port 1(bridge_slave_0) entered blocking state
[  598.974673][ T2895] bridge0: port 1(bridge_slave_0) entered forwarding state
[  599.015576][T13277] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  599.039164][T13277] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  599.070145][ T2895] bridge0: port 2(bridge_slave_1) entered blocking state
[  599.077316][ T2895] bridge0: port 2(bridge_slave_1) entered forwarding state
[  599.508670][T13333] Attempt to restore checkpoint with obsolete wellknown handles
[  599.726037][T13338] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  599.740340][T13338] Error validating options; rc = [-22]
[  600.441221][ T5817] Bluetooth: hci4: command tx timeout
[  600.523843][T13339] fuse: Bad value for 'fd'
[  600.849839][T13277] 8021q: adding VLAN 0 to HW filter on device batadv0
[  601.202848][   T29] audit: type=1326 audit(1733571246.234:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13340 comm="syz.4.1765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[  601.859032][   T29] audit: type=1326 audit(1733571246.234:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13340 comm="syz.4.1765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[  601.946653][   T29] audit: type=1326 audit(1733571246.234:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13340 comm="syz.4.1765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[  602.462582][ T5817] Bluetooth: hci4: command tx timeout
[  602.804001][   T29] audit: type=1326 audit(1733571246.234:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13340 comm="syz.4.1765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[  602.895013][   T29] audit: type=1326 audit(1733571246.244:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13340 comm="syz.4.1765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[  603.017152][T13277] veth0_vlan: entered promiscuous mode
[  603.027198][T13277] veth1_vlan: entered promiscuous mode
[  603.032920][   T29] audit: type=1326 audit(1733571246.244:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13340 comm="syz.4.1765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[  603.071321][   T29] audit: type=1326 audit(1733571246.244:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13340 comm="syz.4.1765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[  603.121289][T13277] veth0_macvtap: entered promiscuous mode
[  603.141192][   T29] audit: type=1326 audit(1733571246.244:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13340 comm="syz.4.1765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[  603.179419][T13277] veth1_macvtap: entered promiscuous mode
[  603.242753][T13277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  603.265254][T13277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  603.334002][T13277] batman_adv: batadv0: Interface activated: batadv_slave_0
[  603.385128][T13277] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  603.415868][T13277] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  603.476397][T13277] batman_adv: batadv0: Interface activated: batadv_slave_1
[  603.511241][T13277] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  603.528068][T13277] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  603.559738][T13374] netfs: Couldn't get user pages (rc=-14)
[  603.559757][   T29] audit: type=1800 audit(1733571248.654:247): pid=13374 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.1772" name="/" dev="9p" ino=2 res=0 errno=0
[  603.613855][T13277] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  603.638722][T13277] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  604.065683][ T7023] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  604.114736][ T7023] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  604.779560][ T7023] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  604.811169][ T7023] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  605.578147][   T29] audit: type=1800 audit(1733571250.684:248): pid=13411 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.1780" name="/" dev="9p" ino=2 res=0 errno=0
[  608.206531][T13436] xt_NFQUEUE: number of queues (1280) out of range (got 65792)
[  608.482290][T13437] 9pnet_fd: Insufficient options for proto=fd
[  609.560561][T13447] sg_write: data in/out 231/14 bytes for SCSI command 0x0-- guessing data in;
[  609.560561][T13447]    program syz.7.1791 not setting count and/or reply_len properly
[  609.587476][T13447] netlink: 'syz.7.1791': attribute type 10 has an invalid length.
[  609.635839][T13447] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  609.658856][T13429] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  611.865599][T13477] netlink: 36 bytes leftover after parsing attributes in process `syz.8.1799'.
[  620.709410][ T5899] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  621.323046][ T5899] usb 10-1: Using ep0 maxpacket: 8
[  621.372525][ T5899] usb 10-1: unable to get BOS descriptor or descriptor too short
[  621.388249][ T5899] usb 10-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[  621.533961][ T5899] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  621.759850][ T5899] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  621.957212][ T5899] usb 10-1: Product: syz
[  622.034208][ T5899] usb 10-1: Manufacturer: syz
[  622.039111][ T5899] usb 10-1: SerialNumber: syz
[  622.579726][ T5899] cdc_ncm 10-1:1.0: bind() failure
[  622.620348][ T5899] cdc_ncm 10-1:1.1: CDC Union missing and no IAD found
[  622.638275][ T5899] cdc_ncm 10-1:1.1: bind() failure
[  622.813365][ T5899] usb 10-1: USB disconnect, device number 2
[  624.477767][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  624.484266][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  624.504515][ T5866] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  625.526046][ T5866] hid-generic 0000:0000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  626.582602][ T5899] usb 4-1: new full-speed USB device number 20 using dummy_hcd
[  628.848730][T13630] xt_cgroup: xt_cgroup: no path or classid specified
[  630.055647][T13637] tipc: Started in network mode
[  630.614243][T13637] tipc: Node identity , cluster identity 4711
[  630.635990][T13637] tipc: Failed to set node id, please configure manually
[  630.666691][T13637] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  630.717006][T13642] input: syz1 as /devices/virtual/input/input38
[  631.233855][T13649] syz.8.1848: attempt to access beyond end of device
[  631.233855][T13649] nbd8: rw=6144, sector=128, nr_sectors = 8 limit=0
[  631.247642][T13649] gfs2: error -5 reading superblock
[  631.845885][T13646] 9pnet: p9_errstr2errno: server reported unknown error 184467440737095
[  634.942644][ T5817] Bluetooth: hci3: command 0x0c1a tx timeout
[  634.995964][ T5866] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  635.002600][ T5866] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[  641.747263][T13759] vlan2: entered promiscuous mode
[  641.753210][T13759] vlan2: entered allmulticast mode
[  641.759628][T13759] hsr_slave_1: entered allmulticast mode
[  641.832599][   T29] audit: type=1800 audit(1733571286.914:249): pid=13722 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.1865" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  642.413208][ T5866] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[  642.422328][ T5866] Bluetooth: hci2: Error when powering off device on rfkill (-110)
[  645.144568][ T5866] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  645.150708][ T5866] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[  645.182561][ T5817] Bluetooth: hci0: command 0x0c1a tx timeout
[  647.904603][T13808] syz.7.1878 (13808): drop_caches: 2
[  648.342608][ T5903] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  648.494343][ T5903] usb 10-1: config 0 has no interfaces?
[  648.506170][ T5903] usb 10-1: language id specifier not provided by device, defaulting to English
[  648.544840][ T5903] usb 10-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.40
[  648.723651][T13842] netlink: 'syz.7.1880': attribute type 1 has an invalid length.
[  648.731422][T13842] netlink: 224 bytes leftover after parsing attributes in process `syz.7.1880'.
[  648.765882][ T5903] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  649.533190][ T5903] usb 10-1: Product: syz
[  649.537554][ T5903] usb 10-1: Manufacturer: �ﻥ傖ᅅ㞴岼먊ߧᚨ筨鴴�렃舊陌�ٶ寥淴駖켧ἲ㯩譅㯂֫凑ᶜ鎣䟒ᣇ邛྽ⰨꢅŦꂙ섾倞ࡢᅗ힋䒺⿰挱
[  649.554558][ T5903] usb 10-1: SerialNumber: syz
[  649.581004][ T5903] usb 10-1: config 0 descriptor??
[  650.347469][ T5903] usb 10-1: USB disconnect, device number 3
[  650.462574][ T5817] Bluetooth: hci4: command 0x0c1a tx timeout
[  650.462574][ T5866] Bluetooth: hci4: Opcode 0x0c1a failed: -110
[  650.589603][ T5866] Bluetooth: hci4: Error when powering off device on rfkill (-110)
[  650.862785][ T5903] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  651.123536][ T5903] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  651.240219][ T5903] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  651.259783][ T5903] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  651.269435][ T5903] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  651.277928][ T5903] usb 5-1: SerialNumber: syz
[  651.509904][ T5903] usb 5-1: 0:2 : does not exist
[  653.363491][T13898] debugfs: Directory 'netdev:nicvf0' with parent 'phy7' already present!
[  653.545953][ T5903] usb 5-1: USB disconnect, device number 22
[  653.966032][ T5868] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[  655.853725][ T6872] udevd[6872]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  655.997085][T13922] ISOFS: Unable to identify CD-ROM format.
[  657.421355][ T5868] usb 8-1: unable to read config index 0 descriptor/all
[  657.428650][ T5868] usb 8-1: can't read configurations, error -71
[  658.374080][T13941] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1897'.
[  658.408525][T13941] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1897'.
[  658.441253][T13941] team0: entered promiscuous mode
[  658.496852][T13941] bond0: entered promiscuous mode
[  658.529187][T13941] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  658.572798][T13941] Cannot create hsr debugfs directory
[  658.595142][T13941] hsr0: Slave A (team0) is not up; please bring it up to get a fully working HSR network
[  658.634704][T13941] hsr0: Slave B (bond0) is not up; please bring it up to get a fully working HSR network
[  658.661339][T13941] 8021q: adding VLAN 0 to HW filter on device hsr0
[  662.767068][T14031] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1917'.
[  662.816905][T14031] bridge0: entered promiscuous mode
[  662.849826][T14031] macvtap1: entered promiscuous mode
[  662.866863][T14031] macvtap1: entered allmulticast mode
[  662.895292][T14031] bridge0: entered allmulticast mode
[  663.759212][T14032] bridge0: left allmulticast mode
[  663.809163][T14032] bridge0: left promiscuous mode
[  664.463604][T14058] veth1_to_bridge: entered promiscuous mode
[  664.471362][T14058] veth1_to_bridge: entered allmulticast mode
[  664.527625][ T7023] bridge0: port 2(bridge_slave_1) entered disabled state
[  665.088436][T14067] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  668.488073][T14090] fuse: Bad value for 'fd'
[  672.864288][T14125] bond0: entered promiscuous mode
[  672.894324][T14125] bond_slave_0: entered promiscuous mode
[  672.975521][T14125] bond_slave_1: entered promiscuous mode
[  672.981407][T14125] team0: entered promiscuous mode
[  672.986803][T14125] team_slave_0: entered promiscuous mode
[  672.992992][T14125] team_slave_1: entered promiscuous mode
[  674.700054][T14150] kvm: kvm [14149]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe702111
[  675.428976][T14161] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  675.530568][T14161] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  677.404616][T14187] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  678.656072][T14192] syz_tun (unregistering): left allmulticast mode
[  678.693094][T14192] syz_tun (unregistering): left promiscuous mode
[  678.923122][T14195] syz.3.1951: attempt to access beyond end of device
[  678.923122][T14195] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  679.667333][T14184] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[  679.841343][   T29] audit: type=1326 audit(1733571324.884:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14181 comm="syz.4.1946" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb9297fed9 code=0x0
[  685.693657][T14267] netlink: 'syz.3.1968': attribute type 32 has an invalid length.
[  686.503136][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  686.526918][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  686.602766][T14267] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1968'.
[  686.603515][T14273] fuse: Bad value for 'fd'
[  686.752737][T14267] (unnamed net_device) (uninitialized): Setting coupled_control to off (0)
[  689.187829][T14304] input: syz0 as /devices/virtual/input/input39
[  689.278690][ T5869] usb 4-1: new full-speed USB device number 21 using dummy_hcd
[  689.380726][T14304] netlink: 'syz.7.1980': attribute type 1 has an invalid length.
[  689.389248][T14304] netlink: 83992 bytes leftover after parsing attributes in process `syz.7.1980'.
[  689.913121][T14308] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1981'.
[  691.292812][ T5869] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  691.319253][ T5869] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  691.384885][ T5869] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  691.422574][ T5869] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  691.452588][ T5869] usb 4-1: Product: syz
[  691.572584][ T5869] usb 4-1: Manufacturer: syz
[  691.610723][ T5869] usb 4-1: SerialNumber: syz
[  692.652672][ T5869] usb 4-1: can't set config #1, error -71
[  692.675906][ T5869] usb 4-1: USB disconnect, device number 21
[  696.933912][T14352] fuse: Bad value for 'fd'
[  699.524720][T14370] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1997'.
[  699.894231][T14376] fuse: Unknown parameter '0x0000000000000006'
[  701.809816][T14394] x_tables: duplicate entry at hook 1
[  701.927311][   T29] audit: type=1326 audit(1733571347.034:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14391 comm="syz.3.2006" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f562a37fed9 code=0x0
[  703.125508][T14398] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2005'.
[  705.078489][T14408] kvm: kvm [14407]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe702111
[  705.134030][T14408] kvm: kvm [14407]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe702111
[  707.553666][   T29] audit: type=1326 audit(1733571352.770:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14429 comm="syz.3.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f562a37fed9 code=0x7ffc0000
[  707.647764][   T29] audit: type=1326 audit(1733571352.770:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14429 comm="syz.3.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f562a37fed9 code=0x7ffc0000
[  707.858379][   T29] audit: type=1326 audit(1733571352.770:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14429 comm="syz.3.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f562a37fed9 code=0x7ffc0000
[  707.895065][T14428] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  707.912606][   T29] audit: type=1326 audit(1733571352.770:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14429 comm="syz.3.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f562a37fed9 code=0x7ffc0000
[  708.687204][   T29] audit: type=1326 audit(1733571352.770:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14429 comm="syz.3.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f562a37fed9 code=0x7ffc0000
[  708.736229][   T29] audit: type=1326 audit(1733571352.770:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14429 comm="syz.3.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f562a37fed9 code=0x7ffc0000
[  708.802995][   T29] audit: type=1326 audit(1733571352.780:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14429 comm="syz.3.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f562a37fed9 code=0x7ffc0000
[  708.941744][   T29] audit: type=1326 audit(1733571352.780:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14429 comm="syz.3.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f562a37fed9 code=0x7ffc0000
[  709.037149][   T29] audit: type=1326 audit(1733571352.780:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14429 comm="syz.3.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f562a37fed9 code=0x7ffc0000
[  709.360332][   T29] audit: type=1326 audit(1733571352.790:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14429 comm="syz.3.2016" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f562a37fed9 code=0x7ffc0000
[  710.407344][T14468] xt_policy: neither incoming nor outgoing policy selected
[  712.136353][T14481] 9pnet: bogus RREAD count (69 > 41)
[  713.323375][ T5868] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  716.469563][T14513] syz.3.2037 (14513): drop_caches: 2
[  716.976508][T14516] mac80211_hwsim hwsim20 wlan1: entered allmulticast mode
[  720.916237][T14544] vlan2: entered promiscuous mode
[  721.067313][T14546] tipc: Started in network mode
[  721.073072][T14546] tipc: Node identity 4, cluster identity 4711
[  721.079258][T14546] tipc: Node number set to 4
[  725.382756][T14596] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2060'.
[  725.394623][T14596] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2060'.
[  728.559816][ T5820] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  729.434284][ T5820] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  729.448487][ T5820] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  729.478806][ T5820] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  729.525972][ T5820] usb 4-1: config 0 descriptor??
[  729.545563][ T5820] pwc: Askey VC010 type 2 USB webcam detected.
[  730.292394][T14636] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  731.124708][ T5820] pwc: recv_control_msg error -32 req 02 val 2b00
[  731.131991][ T5820] pwc: recv_control_msg error -32 req 02 val 2700
[  731.133595][T14645] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2072'.
[  731.148093][ T5820] pwc: recv_control_msg error -32 req 02 val 2c00
[  731.164399][T14643] netlink: 'syz.8.2070': attribute type 32 has an invalid length.
[  731.178933][ T5820] pwc: recv_control_msg error -32 req 04 val 1000
[  731.186221][ T5820] pwc: recv_control_msg error -32 req 04 val 1300
[  731.205226][T14645] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2072'.
[  731.212854][ T5820] pwc: recv_control_msg error -32 req 04 val 1400
[  731.223200][ T5820] pwc: recv_control_msg error -32 req 02 val 2000
[  731.233098][ T5820] pwc: recv_control_msg error -32 req 02 val 2100
[  731.243217][ T5820] pwc: recv_control_msg error -32 req 04 val 1500
[  731.251349][ T5820] pwc: recv_control_msg error -32 req 02 val 2500
[  731.258638][ T5820] pwc: recv_control_msg error -32 req 02 val 2400
[  731.272199][ T5820] pwc: recv_control_msg error -32 req 02 val 2600
[  731.285457][T14643] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2070'.
[  731.316637][ T5820] pwc: recv_control_msg error -32 req 02 val 2900
[  731.801888][ T5820] pwc: recv_control_msg error -71 req 04 val 1100
[  731.844822][T14643] (unnamed net_device) (uninitialized): Setting coupled_control to off (0)
[  731.954293][T14656] syz.7.2074 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  732.392693][ T5820] pwc: recv_control_msg error -71 req 04 val 1200
[  732.450332][ T5820] pwc: Registered as video103.
[  732.457783][ T5820] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input40
[  732.597509][ T5820] usb 4-1: USB disconnect, device number 22
[  733.640430][T14664] netlink: 52 bytes leftover after parsing attributes in process `syz.4.2077'.
[  739.908861][T14731] o2cb: This node has not been configured.
[  739.915084][T14731] o2cb: Cluster check failed. Fix errors before retrying.
[  739.922238][T14731] (syz.7.2094,14731,1):user_dlm_register:674 ERROR: status = -22
[  739.930064][T14731] (syz.7.2094,14731,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file1"
[  744.170603][T14764] rdma_rxe: rxe_newlink: failed to add team_slave_1
[  747.548816][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  747.555265][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  757.922557][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  757.922575][   T29] audit: type=1800 audit(1733571404.020:266): pid=14848 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.2124" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  759.844670][T14864] netlink: 596 bytes leftover after parsing attributes in process `syz.8.2128'.
[  762.823554][T14898] kvm: kvm [14886]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe702111
[  779.666297][ T5901] IPVS: starting estimator thread 0...
[  779.870433][T15054] sp0: Synchronizing with TNC
[  779.879218][T15054] sp0: Found TNC
[  780.052980][T15049] IPVS: using max 23 ests per chain, 55200 per kthread
[  780.632758][T15045] [U] è`
[  783.748208][T15078] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  786.896165][T15100] netlink: 'syz.9.2184': attribute type 1 has an invalid length.
[  786.904073][T15100] netlink: 'syz.9.2184': attribute type 3 has an invalid length.
[  786.911818][T15100] netlink: 216 bytes leftover after parsing attributes in process `syz.9.2184'.
[  786.920938][T15100] NCSI netlink: No device for ifindex 813332851
[  788.166711][T15109] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  788.236159][T15109] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  788.463709][T15109] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  790.384490][T15116] kvm: kvm [15114]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x8
[  790.857809][T15136] rdma_rxe: rxe_newlink: failed to add team_slave_1
[  791.797052][T15141] netlink: 'syz.3.2197': attribute type 10 has an invalid length.
[  791.823683][T15141] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2197'.
[  793.896810][ T5820] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  793.943806][T15165] Mount JFS Failure: -22
[  793.948423][T15165] jfs_mount failed w/return code = -22
[  794.336133][ T5820] usb 9-1: New USB device found, idVendor=04bb, idProduct=0901, bcdDevice=55.ba
[  794.348915][ T5820] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  794.361654][ T5820] usb 9-1: Product: syz
[  794.366439][ T5820] usb 9-1: Manufacturer: syz
[  794.371633][ T5820] usb 9-1: SerialNumber: syz
[  794.580257][ T5820] usb 9-1: config 0 descriptor??
[  794.911041][ T5820] kaweth 9-1:0.0: Firmware present in device.
[  794.972118][ T5820] kaweth 9-1:0.0: Error reading configuration (-71), no net device created
[  794.986902][ T5820] kaweth 9-1:0.0: probe with driver kaweth failed with error -5
[  795.770881][ T5820] usb 9-1: USB disconnect, device number 5
[  799.226111][T15213] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  800.013956][T15225] kvm: kvm [15218]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x55
[  800.048014][T15225] kvm: kvm [15218]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0xa0
[  800.077821][T15225] kvm: kvm [15218]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x6
[  800.173121][T15225] kvm_intel: kvm [15218]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x1d9) = 0x851
[  800.904609][T15256] block nbd7: Device being setup by another task
[  801.142934][ T5817] block nbd7: Receive control failed (result -32)
[  801.284092][T15255] block nbd7: shutting down sockets
[  801.835077][ T5903] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  802.742517][ T5903] usb 9-1: Using ep0 maxpacket: 8
[  802.748986][ T5903] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  802.759909][ T5903] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  802.793342][ T5903] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  803.407033][ T5903] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  803.541942][ T5903] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  803.551309][ T5903] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  804.814130][ T5903] usb 9-1: usb_control_msg returned -71
[  804.829522][ T5903] usbtmc 9-1:16.0: can't read capabilities
[  805.602878][ T5903] usb 9-1: USB disconnect, device number 6
[  808.726242][T15342] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  808.786150][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  808.792598][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  809.248971][T15348] vlan2: entered promiscuous mode
[  809.254549][T15348] vlan2: entered allmulticast mode
[  809.260723][T15348] hsr_slave_1: entered allmulticast mode
[  809.322934][ T5903] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  809.522686][ T5903] usb 5-1: Using ep0 maxpacket: 32
[  810.234576][ T5903] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  811.192600][ T5903] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  811.202412][ T5903] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  811.217515][ T5903] usb 5-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  811.226721][ T5903] usb 5-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  811.709287][ T5903] usb 5-1: Product: syz
[  811.718881][ T5903] usb 5-1: Manufacturer: syz
[  811.723748][ T5903] usb 5-1: SerialNumber: syz
[  811.800036][ T5903] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input41
[  812.882154][ T5903] usb 5-1: USB disconnect, device number 23
[  815.390891][ T5903] appletouch 5-1:1.0: input: appletouch disconnected
[  822.689079][T15457] binder: BINDER_SET_CONTEXT_MGR already set
[  822.695247][T15457] binder: 15456:15457 ioctl 4018620d 20000040 returned -16
[  823.592544][T15459] binder: 15456:15459 unknown command 0
[  823.623000][T15450] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  823.625469][T15459] binder: 15456:15459 ioctl c0306201 20000a80 returned -22
[  825.856117][T15482] workqueue: Failed to create a rescuer kthread for wq "nfc3_nci_rx_wq": -EINTR
[  826.072820][ T5869] usb 8-1: new full-speed USB device number 19 using dummy_hcd
[  826.297115][ T5869] usb 8-1: config 0 has an invalid interface number: 9 but max is 0
[  826.311223][ T5869] usb 8-1: config 0 has no interface number 0
[  826.377144][ T5869] usb 8-1: New USB device found, idVendor=06a2, idProduct=0003, bcdDevice=b4.8c
[  826.386527][ T5869] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  826.394644][ T5869] usb 8-1: Product: syz
[  826.398842][ T5869] usb 8-1: Manufacturer: syz
[  826.403504][ T5869] usb 8-1: SerialNumber: syz
[  826.413965][ T5869] usb 8-1: config 0 descriptor??
[  826.426928][ T5869] gspca_main: gspca_topro-2.14.0 probing 06a2:0003
[  828.701071][ T5869] gspca_topro: reg_r err -71
[  828.797164][ T5869] gspca_topro: Sensor soi763a
[  829.523093][ T5869] usb 8-1: USB disconnect, device number 19
[  831.784394][T15540] can0: slcan on ttyS3.
[  834.793632][T15540] can0 (unregistered): slcan off ttyS3.
[  835.120136][T15552] sg_write: data in/out 246879826/56 bytes for SCSI command 0xeb-- guessing data in;
[  835.120136][T15552]    program syz.3.2291 not setting count and/or reply_len properly
[  836.136169][T15563] netlink: 'syz.9.2293': attribute type 2 has an invalid length.
[  836.172583][T15563] fþ: entered promiscuous mode
[  842.034865][T15646] xt_connbytes: Forcing CT accounting to be enabled
[  842.043007][T15646] xt_bpf: check failed: parse error
[  843.093152][ T5869] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  843.442725][ T5869] usb 9-1: device descriptor read/64, error -71
[  843.694830][T15651] batadv_slave_0: left promiscuous mode
[  844.493054][ T5869] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  844.642574][ T5869] usb 9-1: device descriptor read/64, error -71
[  844.843115][ T5869] usb usb9-port1: attempt power cycle
[  848.972805][T15682] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  848.982111][T15682] syz.4.2318: attempt to access beyond end of device
[  848.982111][T15682] loop4: rw=0, sector=0, nr_sectors = 2 limit=0
[  853.567350][T15707] kvm: kvm [15706]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe702111
[  862.478891][T15789] netlink: 165 bytes leftover after parsing attributes in process `syz.4.2345'.
[  865.957464][T15801] netlink: 'syz.9.2350': attribute type 21 has an invalid length.
[  865.968933][T15801] netlink: 'syz.9.2350': attribute type 6 has an invalid length.
[  866.072681][T15801] netlink: 132 bytes leftover after parsing attributes in process `syz.9.2350'.
[  866.102975][T15804] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  871.020230][T15840] veth0_to_team: entered promiscuous mode
[  871.052652][T15840] veth0_to_team: entered allmulticast mode
[  871.059026][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  871.068737][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  877.662848][T15907] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2376'.
[  877.752971][T15907] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2376'.
[  882.518687][T15948] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  883.966976][T15953] random: crng reseeded on system resumption
[  889.174140][T16011] netlink: 44 bytes leftover after parsing attributes in process `syz.9.2406'.
[  891.282859][ T5869] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  891.387631][T16039] binder_alloc: 16037: binder_alloc_buf, no vma
[  891.482669][ T5869] usb 9-1: Using ep0 maxpacket: 16
[  891.499564][ T5869] usb 9-1: config 0 has no interfaces?
[  891.546662][T16040] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2414'.
[  891.556066][ T5869] usb 9-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  891.582633][T16040] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2414'.
[  891.595793][ T5869] usb 9-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  891.604124][ T5869] usb 9-1: Manufacturer: syz
[  891.606200][T16040] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2414'.
[  891.611733][ T5869] usb 9-1: config 0 descriptor??
[  891.666197][T16040] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2414'.
[  892.769772][T16030] vlan0: entered promiscuous mode
[  893.255406][ T5869] usb 9-1: USB disconnect, device number 10
[  901.422963][   T29] audit: type=1800 audit(1733571547.500:267): pid=16107 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.2430" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0
[  901.474917][T16118] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2433'.
[  901.485459][T16118] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  903.008124][T16118] batman_adv: batadv0: Removing interface: batadv_slave_0
[  905.331666][T16150] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2443'.
[  907.358295][T16155] 9pnet_fd: Insufficient options for proto=fd
[  913.328562][T16218] mkiss: ax0: crc mode is auto.
[  914.782330][   T35] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  915.331594][   T35] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  915.354303][ T5830] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  915.366353][ T5830] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  916.378041][ T5830] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  916.387515][ T5830] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  917.345685][ T5830] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  917.626692][ T5830] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  917.825810][T16246] netlink: 112 bytes leftover after parsing attributes in process `syz.7.2463'.
[  917.918681][   T35] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  918.215722][ T5817] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  918.233974][ T5830] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  918.246673][ T5830] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  918.257236][ T5830] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  918.267909][ T5830] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  918.275273][ T5830] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  918.926952][   T35] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  919.882781][T16266] input: syz1 as /devices/virtual/input/input42
[  920.672754][ T5830] Bluetooth: hci0: command tx timeout
[  920.824672][T16271] xt_CT: You must specify a L4 protocol and not use inversions on it
[  922.098672][T16280] can0: slcan on ttyS3.
[  922.313753][T16279] can0 (unregistered): slcan off ttyS3.
[  922.415868][T16233] chnl_net:caif_netlink_parms(): no params data found
[  922.734539][ T5830] Bluetooth: hci0: command tx timeout
[  923.462726][   T35] bridge_slave_1: left allmulticast mode
[  923.468548][   T35] bridge_slave_1: left promiscuous mode
[  923.495429][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  923.579843][   T35] bridge_slave_0: left allmulticast mode
[  923.589334][   T35] bridge_slave_0: left promiscuous mode
[  923.599398][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  924.758813][   T29] audit: type=1326 audit(1733571570.860:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16323 comm="syz.7.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f413357fed9 code=0x7ffc0000
[  924.780383][    C0] vkms_vblank_simulate: vblank timer overrun
[  924.787243][ T5817] Bluetooth: hci0: command tx timeout
[  924.793011][   T29] audit: type=1326 audit(1733571570.910:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16323 comm="syz.7.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f413357fed9 code=0x7ffc0000
[  924.814543][    C0] vkms_vblank_simulate: vblank timer overrun
[  924.863077][   T29] audit: type=1326 audit(1733571570.970:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16323 comm="syz.7.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f413357fed9 code=0x7ffc0000
[  924.935621][   T29] audit: type=1326 audit(1733571570.970:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16323 comm="syz.7.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f413357fed9 code=0x7ffc0000
[  924.963492][   T29] audit: type=1326 audit(1733571570.970:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16323 comm="syz.7.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f413357fed9 code=0x7ffc0000
[  924.998058][   T29] audit: type=1326 audit(1733571571.000:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16323 comm="syz.7.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f413357fed9 code=0x7ffc0000
[  925.060600][   T29] audit: type=1326 audit(1733571571.000:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16323 comm="syz.7.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f413357fed9 code=0x7ffc0000
[  925.222575][   T29] audit: type=1326 audit(1733571571.000:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16323 comm="syz.7.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f413357fed9 code=0x7ffc0000
[  925.279204][   T29] audit: type=1326 audit(1733571571.000:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16323 comm="syz.7.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=438 compat=0 ip=0x7f413357fed9 code=0x7ffc0000
[  925.308071][   T29] audit: type=1326 audit(1733571571.000:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16323 comm="syz.7.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f413357fed9 code=0x7ffc0000
[  926.890651][ T5817] Bluetooth: hci0: command tx timeout
[  927.277225][T16341] hub 9-0:1.0: USB hub found
[  927.282708][T16341] hub 9-0:1.0: 1 port detected
[  927.987575][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  928.023407][   T35] bond_slave_0: left promiscuous mode
[  928.047908][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  928.082932][   T35] bond_slave_1: left promiscuous mode
[  928.099244][   T35] bond0 (unregistering): (slave team0): Releasing backup interface
[  928.113265][   T35] team0: left promiscuous mode
[  928.118068][   T35] team_slave_0: left promiscuous mode
[  928.133024][   T35] team_slave_1: left promiscuous mode
[  928.194038][   T35] infiniband syz2: set down
[  928.198773][   T35] bond0 (unregistering): Released all slaves
[  928.971232][   T35] bond1 (unregistering): Released all slaves
[  929.443160][   T35] bond2 (unregistering): Released all slaves
[  929.492515][T16233] bridge0: port 1(bridge_slave_0) entered blocking state
[  929.510179][T16233] bridge0: port 1(bridge_slave_0) entered disabled state
[  929.535984][T16233] bridge_slave_0: entered allmulticast mode
[  929.575497][T16233] bridge_slave_0: entered promiscuous mode
[  929.621468][   T35] tipc: Left network mode
[  929.708470][T16233] bridge0: port 2(bridge_slave_1) entered blocking state
[  929.742575][T16233] bridge0: port 2(bridge_slave_1) entered disabled state
[  929.749772][T16233] bridge_slave_1: entered allmulticast mode
[  929.841989][T16233] bridge_slave_1: entered promiscuous mode
[  931.062619][T16369] ufs: You didn't specify the type of your ufs filesystem
[  931.062619][T16369] 
[  931.062619][T16369] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  931.062619][T16369] 
[  931.062619][T16369] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  931.124071][T16369] ufs: ufstype=old is supported read-only
[  931.133356][T16369] ufs: ufs_fill_super(): bad magic number
[  932.163584][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  932.169992][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  932.517299][T16233] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  933.668271][T16397] slcan: can't register candev
[  933.779603][T16233] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  935.389401][T16395] : entered promiscuous mode
[  939.060092][T16233] team0: Port device team_slave_0 added
[  939.537710][   T35] hsr_slave_0: left promiscuous mode
[  939.616246][   T35] hsr_slave_1: left promiscuous mode
[  940.122614][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  940.141996][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  940.254051][   T35] veth1_macvtap: left promiscuous mode
[  940.259621][   T35] veth0_macvtap: left promiscuous mode
[  940.265846][   T35] veth1_vlan: left promiscuous mode
[  940.271119][   T35] veth0_vlan: left promiscuous mode
[  942.918805][T16491] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  945.123673][T16515] can: request_module (can-proto-3) failed.
[  945.272610][T16515] block nbd7: Device being setup by another task
[  945.302851][ T5817] block nbd7: Receive control failed (result -32)
[  945.387398][T16517] block nbd7: shutting down sockets
[  945.731222][   T35] team0 (unregistering): Port device team_slave_1 removed
[  947.130134][   T35] team0 (unregistering): Port device team_slave_0 removed
[  951.594559][T16560] fuse: Unknown parameter ''
[  952.518576][   T57] kworker/1:1 (57) used greatest stack depth: 16888 bytes left
[  954.972122][T16582] netlink: 'syz.9.2538': attribute type 4 has an invalid length.
[  956.112860][T13840] smc: removing ib device syz2
[  957.221959][T16233] team0: Port device team_slave_1 added
[  959.537720][T16233] batman_adv: batadv0: Adding interface: batadv_slave_0
[  959.582012][T16233] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  959.608833][T16233] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  959.640431][T16617] input: syz1 as /devices/virtual/input/input43
[  959.796682][T16625] netlink: 'syz.4.2549': attribute type 1 has an invalid length.
[  960.014782][T16626] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  960.024737][T16626] overlayfs: missing 'lowerdir'
[  960.044661][T16233] batman_adv: batadv0: Adding interface: batadv_slave_1
[  960.052297][T16233] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  961.070463][T16233] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  961.872862][T16625] 8021q: adding VLAN 0 to HW filter on device bond1
[  962.040277][T16633] bond1: (slave ip6gretap1): making interface the new active one
[  962.052358][T16633] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  962.317067][T16634] vlan2: entered promiscuous mode
[  962.476233][T16634] bond1: entered promiscuous mode
[  963.680139][T16654] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  963.851534][T16634] ip6gretap1: entered promiscuous mode
[  963.857402][T16634] vlan2: entered allmulticast mode
[  963.862768][T16634] bond1: entered allmulticast mode
[  963.868020][T16634] ip6gretap1: entered allmulticast mode
[  964.393540][T16662] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  965.140526][T16233] hsr_slave_0: entered promiscuous mode
[  965.275129][T16233] hsr_slave_1: entered promiscuous mode
[  965.282565][T16233] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  965.294951][T16233] Cannot create hsr debugfs directory
[  966.260633][   T35] IPVS: stop unused estimator thread 0...
[  973.524233][T16699] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  973.546069][T16699] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  974.146960][T16699] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  974.263473][T16751] usb usb1: usbfs: process 16751 (syz.9.2571) did not claim interface 0 before use
[  976.485206][ T5817] Bluetooth: hci0: command 0x0c1a tx timeout
[  977.539400][T16776] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2577'.
[  977.692208][T16776] ipvlan2: entered promiscuous mode
[  977.948107][ T5830] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  977.974675][ T5830] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  977.984779][ T5830] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  978.006817][ T5830] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  978.015573][ T5830] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  978.023373][ T5830] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  978.564025][ T5817] Bluetooth: hci0: command 0x0c1a tx timeout
[  978.619666][T16767] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[  978.891627][T16767] usb 8-1: Using ep0 maxpacket: 16
[  978.904376][T16767] usb 8-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00
[  979.624923][T16767] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  979.827305][T16767] usb 8-1: config 0 descriptor??
[  979.832666][    C0] raw-gadget.0 gadget.7: ignoring, device is not running
[  979.915479][T16767] usb 8-1: can't set config #0, error -32
[  980.037160][T16812] xt_nat: multiple ranges no longer supported
[  980.701636][ T5817] Bluetooth: hci5: command tx timeout
[  980.708034][ T5817] Bluetooth: hci0: command 0x0c1a tx timeout
[  980.714434][T16767] usb 8-1: USB disconnect, device number 20
[  982.780249][ T5830] Bluetooth: hci5: command tx timeout
[  983.128355][   T63] bridge_slave_1: left allmulticast mode
[  983.138975][   T63] bridge_slave_1: left promiscuous mode
[  983.144647][   T63] bridge0: port 2(bridge_slave_1) entered disabled state
[  984.201620][   T63] bridge_slave_0: left allmulticast mode
[  984.207277][   T63] bridge_slave_0: left promiscuous mode
[  984.558768][   T63] bridge0: port 1(bridge_slave_0) entered disabled state
[  984.588878][ T5903] usb 10-1: new full-speed USB device number 5 using dummy_hcd
[  984.908649][T16853] overlayfs: failed to decode file handle (len=5, type=0, flags=0, err=-22)
[  984.971089][ T5830] Bluetooth: hci5: command tx timeout
[  985.004032][ T5903] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  985.160193][   T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  985.360687][   T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  985.487850][ T5903] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  985.525398][   T63] bond0 (unregistering): Released all slaves
[  985.561366][ T5903] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  985.570608][ T5903] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  985.578755][ T5903] usb 10-1: Product: syz
[  985.583010][ T5903] usb 10-1: Manufacturer: syz
[  985.587697][ T5903] usb 10-1: SerialNumber: syz
[  985.644720][T16860] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  985.913895][ T5903] usb 10-1: 0:2 : does not exist
[  985.929688][ T5903] usb 10-1: 5:0: failed to get current value for ch 0 (-22)
[  985.961784][ T5903] usb 10-1: USB disconnect, device number 5
[  986.915296][   T63] hsr_slave_0: left promiscuous mode
[  986.941472][   T63] hsr_slave_1: left promiscuous mode
[  987.028693][ T5830] Bluetooth: hci5: command tx timeout
[  987.086673][ T6872] udevd[6872]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  987.184617][   T63] batman_adv: batadv0: Removing interface: batadv_slave_0
[  987.265612][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[  990.756288][   T63] team0 (unregistering): Port device team_slave_1 removed
[  990.881440][   T63] team0 (unregistering): Port device team_slave_0 removed
[  991.773307][T16784] chnl_net:caif_netlink_parms(): no params data found
[  992.669896][T16909] netlink: 120 bytes leftover after parsing attributes in process `syz.7.2603'.
[  992.975065][T16767] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  993.105459][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  993.112048][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  993.136062][T16784] bridge0: port 1(bridge_slave_0) entered blocking state
[  993.176533][T16784] bridge0: port 1(bridge_slave_0) entered disabled state
[  993.209704][T16784] bridge_slave_0: entered allmulticast mode
[  993.246788][T16784] bridge_slave_0: entered promiscuous mode
[  993.274841][T16914] batman_adv: batadv0: Adding interface: dummy0
[  993.281626][T16914] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  993.347778][T16914] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  993.368165][T16767] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x31, changing to 0x1
[  993.382208][T16767] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 13364, setting to 64
[  993.393249][T16767] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  993.402439][T16767] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  993.434877][T16767] usb 4-1: config 0 descriptor??
[  993.457814][T16784] bridge0: port 2(bridge_slave_1) entered blocking state
[  993.490414][T16784] bridge0: port 2(bridge_slave_1) entered disabled state
[  993.510053][T16784] bridge_slave_1: entered allmulticast mode
[  993.546192][T16784] bridge_slave_1: entered promiscuous mode
[  993.710902][T16767] ath6kl: Failed to submit usb control message: -71
[  993.959047][T16767] ath6kl: unable to send the bmi data to the device: -71
[  994.163861][T16767] ath6kl: Unable to send get target info: -71
[  994.294412][T16767] ath6kl: Failed to init ath6kl core: -71
[  994.620342][T16927] 9pnet_fd: Insufficient options for proto=fd
[  994.941086][T16767] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71
[  995.140293][T16784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  995.160094][T16784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  995.237617][T16767] usb 4-1: USB disconnect, device number 23
[  995.463560][T16784] team0: Port device team_slave_0 added
[  995.529567][T16784] team0: Port device team_slave_1 added
[  997.489124][T16960] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  999.327816][T16784] batman_adv: batadv0: Adding interface: batadv_slave_0
[  999.334904][T16784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  999.361331][T16784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  999.392837][T16784] batman_adv: batadv0: Adding interface: batadv_slave_1
[  999.410962][T16784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  999.507264][T16784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1001.098766][T16784] hsr_slave_0: entered promiscuous mode
[ 1001.202796][T16784] hsr_slave_1: entered promiscuous mode
[ 1001.210379][T16784] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1001.224705][T16784] Cannot create hsr debugfs directory
[ 1005.869041][T16784] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1005.980875][T16784] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1006.017093][T16784] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1007.087211][T16784] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1008.314497][T16784] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1008.891217][T16784] 8021q: adding VLAN 0 to HW filter on device team0
[ 1009.027773][ T7116] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1009.034928][ T7116] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1009.264597][ T7116] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1009.271770][ T7116] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1009.860755][T17067] loop6: detected capacity change from 0 to 524287999
[ 1009.885817][    C0] blk_print_req_error: 8 callbacks suppressed
[ 1009.885834][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1009.901231][    C0] buffer_io_error: 4 callbacks suppressed
[ 1009.901246][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1009.960041][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1009.969322][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1009.998990][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1010.008228][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1010.076672][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1010.085915][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1010.170938][T17070] loop6: detected capacity change from 524287999 to 524287952
[ 1010.206445][T16784] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1010.684686][T16784] veth0_vlan: entered promiscuous mode
[ 1011.220681][T16784] veth1_vlan: entered promiscuous mode
[ 1011.249019][T16784] veth0_macvtap: entered promiscuous mode
[ 1011.257607][T16784] veth1_macvtap: entered promiscuous mode
[ 1011.274771][T16784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1011.285233][T16784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1011.296024][T16784] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1011.304555][T16784] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1011.315054][T16784] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1011.326491][T16784] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1011.342628][T16784] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1011.367187][T16784] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1011.395406][T16784] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1011.407460][T16784] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1011.453719][T17067]  loop6: unable to read partition table
[ 1011.459677][T17067] loop_reread_partitions: partition scan of loop6 (Í¢†¨ÙÇ´8ÝCP'OÈQž=}m”=@4r„(Uk+Z—Ö 4—Ö>˜ìF¼1ã“›ÍÀù‚àÔ™Û1Œ°) failed (rc=-5)
[ 1011.804798][T17090] CIFS: Unable to determine destination address
[ 1011.952900][ T6571] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1011.971211][ T6571] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1012.127465][ T7116] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1012.166548][ T7116] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1013.361412][T17113] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1013.426229][T17113] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1013.510236][T17113] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1015.521777][ T5830] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1015.702456][T17140] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2459'.
[ 1015.809714][T17140] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1015.818870][T17140] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1015.829471][T17140] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1015.838440][T17140] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1016.327234][T17148] xt_hashlimit: max too large, truncated to 1048576
[ 1017.892897][ T5830] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1019.204206][T17166] hub 9-0:1.0: USB hub found
[ 1019.214843][T17166] hub 9-0:1.0: 1 port detected
[ 1019.816808][T17169] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only
[ 1020.384533][ T5830] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1021.766441][T17190] block nbd0: not configured, cannot reconfigure
[ 1022.582873][T17194] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[ 1022.582873][T17194] The task syz.3.2654 (17194) triggered the difference, watch for misbehavior.
[ 1025.744983][T17217] can0: slcan on ptm0.
[ 1026.659208][T17215] can0 (unregistered): slcan off ptm0.
[ 1028.649443][T17252] vxfs: WRONG superblock magic 00000000 at 1
[ 1028.658286][T17252] vxfs: WRONG superblock magic 00000000 at 8
[ 1028.664422][T17252] vxfs: can't find superblock.
[ 1030.714689][T17270] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1032.865308][ T5817] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1034.223357][T17310] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT
[ 1039.237929][T17352] 9pnet_fd: Insufficient options for proto=fd
[ 1039.904474][T17371] netlink: 36 bytes leftover after parsing attributes in process `syz.9.2692'.
[ 1039.932178][T17371] netlink: 16 bytes leftover after parsing attributes in process `syz.9.2692'.
[ 1039.945980][T17371] netlink: 36 bytes leftover after parsing attributes in process `syz.9.2692'.
[ 1039.955770][T17371] netlink: 36 bytes leftover after parsing attributes in process `syz.9.2692'.
[ 1044.752874][ T5817] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1054.937874][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.944353][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1055.199242][T17514] vlan3: entered promiscuous mode
[ 1059.583325][T17568] netlink: zone id is out of range
[ 1059.588848][T17568] netlink: zone id is out of range
[ 1059.594033][T17568] netlink: zone id is out of range
[ 1059.599156][T17568] netlink: zone id is out of range
[ 1059.606051][T17568] netlink: set zone limit has 8 unknown bytes
[ 1063.349734][T17604] netlink: 'syz.9.2739': attribute type 32 has an invalid length.
[ 1063.455359][T17604] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2739'.
[ 1064.384024][T17604] (unnamed net_device) (uninitialized): Setting coupled_control to off (0)
[ 1064.409941][T17612] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[ 1065.463195][T17630] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2742'.
[ 1067.273646][T17609] delete_channel: no stack
[ 1070.368937][ T5830] Bluetooth: hci5: unexpected event for opcode 0x041c
[ 1073.707384][T17695] input: syz1 as /devices/virtual/input/input44
[ 1075.797725][T17718] input: syz1 as /devices/virtual/input/input45
[ 1083.054723][T17804] No source specified
[ 1086.964870][   T29] kauditd_printk_skb: 12 callbacks suppressed
[ 1086.964913][   T29] audit: type=1326 audit(1733574310.528:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17840 comm="syz.4.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1087.583620][   T29] audit: type=1326 audit(1733574310.528:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17840 comm="syz.4.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1087.606957][   T29] audit: type=1326 audit(1733574310.538:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17840 comm="syz.4.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1087.629033][   T29] audit: type=1326 audit(1733574310.538:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17840 comm="syz.4.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1087.651189][   T29] audit: type=1326 audit(1733574310.538:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17840 comm="syz.4.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1087.672912][   T29] audit: type=1326 audit(1733574310.538:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17840 comm="syz.4.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1087.694757][   T29] audit: type=1326 audit(1733574310.538:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17840 comm="syz.4.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1087.716491][   T29] audit: type=1326 audit(1733574310.538:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17840 comm="syz.4.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1087.738536][   T29] audit: type=1326 audit(1733574310.538:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17840 comm="syz.4.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1087.760470][   T29] audit: type=1326 audit(1733574310.538:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17840 comm="syz.4.2783" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1090.600871][T17874] vlan2: entered promiscuous mode
[ 1091.270328][T17874] bond0: (slave vlan2): Error -34 calling dev_set_mtu
[ 1101.200616][T17966] 
: renamed from bond0
[ 1105.278292][T18011] input: syz0 as /devices/virtual/input/input46
[ 1109.805353][T18043] can0: slcan on ptm0.
[ 1110.313919][ T5903] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[ 1111.011218][ T5903] usb 2-1: Using ep0 maxpacket: 16
[ 1111.039367][ T5903] usb 2-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[ 1111.064253][ T5903] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1111.072296][ T5903] usb 2-1: Product: syz
[ 1111.077049][ T5903] usb 2-1: Manufacturer: syz
[ 1111.081688][ T5903] usb 2-1: SerialNumber: syz
[ 1111.095770][ T5903] usb 2-1: config 0 descriptor??
[ 1111.108881][ T5903] ums-onetouch 2-1:0.0: USB Mass Storage device detected
[ 1112.621767][ T5903] usb 2-1: USB disconnect, device number 3
[ 1112.835265][T18043] can0 (unregistered): slcan off ptm0.
[ 1112.853512][T18072] mkiss: ax0: crc mode is auto.
[ 1114.404886][T18082] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1116.002641][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.009235][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.889471][T18121] xt_hashlimit: max too large, truncated to 1048576
[ 1117.303983][T16353] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[ 1118.693914][T18137] overlayfs: invalid redirect ((null))
[ 1118.697787][T16353] usb 8-1: New USB device found, idVendor=0dba, idProduct=3000, bcdDevice=26.ea
[ 1118.709195][T16353] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1119.211611][T16353] usb 8-1: config 0 descriptor??
[ 1119.326124][T16353] usb 8-1: Invalid firmware size=18.
[ 1119.962528][T16353] usb 8-1: USB disconnect, device number 21
[ 1120.937983][T18164] No source specified
[ 1122.744658][T18178] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1123.516890][ T5817] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1125.680206][   T29] kauditd_printk_skb: 9 callbacks suppressed
[ 1125.680219][   T29] audit: type=1326 audit(1733574349.802:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18192 comm="syz.1.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896517fed9 code=0x7ffc0000
[ 1126.176334][   T29] audit: type=1326 audit(1733574349.802:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18192 comm="syz.1.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896517fed9 code=0x7ffc0000
[ 1126.198401][   T29] audit: type=1326 audit(1733574350.112:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18192 comm="syz.1.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f896517fed9 code=0x7ffc0000
[ 1126.222487][   T29] audit: type=1326 audit(1733574350.112:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18192 comm="syz.1.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896517fed9 code=0x7ffc0000
[ 1126.223525][T18196] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1126.253872][   T29] audit: type=1326 audit(1733574350.112:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18192 comm="syz.1.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896517fed9 code=0x7ffc0000
[ 1126.275912][   T29] audit: type=1326 audit(1733574350.222:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18192 comm="syz.1.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f896517fed9 code=0x7ffc0000
[ 1126.297971][   T29] audit: type=1326 audit(1733574350.222:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18192 comm="syz.1.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896517fed9 code=0x7ffc0000
[ 1126.319958][   T29] audit: type=1326 audit(1733574350.232:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18192 comm="syz.1.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f896517fed9 code=0x7ffc0000
[ 1126.342414][   T29] audit: type=1326 audit(1733574350.232:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18192 comm="syz.1.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8965176ea7 code=0x7ffc0000
[ 1126.364338][   T29] audit: type=1326 audit(1733574350.232:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18192 comm="syz.1.2854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f896511c0e9 code=0x7ffc0000
[ 1133.214641][   T29] kauditd_printk_skb: 64 callbacks suppressed
[ 1133.214661][   T29] audit: type=1400 audit(1733574357.343:383): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=18248 comm="syz.9.2865" saddr=172.30.0.10 daddr=172.20.20.170 netif=wpan0
[ 1138.563057][T18277] netlink: 36 bytes leftover after parsing attributes in process `syz.7.2872'.
[ 1141.058552][T18351] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1143.778440][ T5817] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1149.741786][ T5830] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1149.821664][ T5830] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1149.840301][ T5830] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1149.854518][ T5830] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1149.863553][ T5830] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1149.873313][ T5830] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1150.867510][T18437] xt_cgroup: invalid path, errno=-2
[ 1150.931271][T18407] fuse: Bad value for 'fd'
[ 1151.048158][T18437] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2896'.
[ 1151.346684][T18441] dlm: plock device version mismatch: kernel (1.2.0), user (808517631.808464432.808464432)
[ 1151.375315][T18437] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1151.873924][T18421] chnl_net:caif_netlink_parms(): no params data found
[ 1151.904804][T18430] netlink: 'syz.1.2895': attribute type 21 has an invalid length.
[ 1151.912806][T18430] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2895'.
[ 1152.040396][ T5830] Bluetooth: hci0: command tx timeout
[ 1152.140367][T18421] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1152.154234][T18421] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1152.186574][T18421] bridge_slave_0: entered allmulticast mode
[ 1152.226953][T18421] bridge_slave_0: entered promiscuous mode
[ 1152.266880][T18421] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1152.717447][T18421] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1152.725921][T18421] bridge_slave_1: entered allmulticast mode
[ 1152.740162][T18421] bridge_slave_1: entered promiscuous mode
[ 1153.944267][T18421] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1154.011907][T18421] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1154.135013][ T5830] Bluetooth: hci0: command tx timeout
[ 1154.899760][T16353] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[ 1155.540615][T16353] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1155.552651][T16353] usb 2-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[ 1155.587523][T16353] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1155.643048][T16353] usb 2-1: config 0 descriptor??
[ 1155.891976][T18421] team0: Port device team_slave_0 added
[ 1155.902767][T18421] team0: Port device team_slave_1 added
[ 1155.956461][T18421] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1155.965258][T18421] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1155.999846][T18421] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1156.047280][T18421] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1156.054457][T18421] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1156.538435][T18421] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1156.743226][T18421] hsr_slave_0: entered promiscuous mode
[ 1156.764842][T18421] hsr_slave_1: entered promiscuous mode
[ 1156.782195][T18421] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1156.821687][T18421] Cannot create hsr debugfs directory
[ 1157.073586][T16353] video4linux radio48: keene_cmd_set failed (-110)
[ 1157.081063][T16353] radio-keene 2-1:0.0: V4L2 device registered as radio48
[ 1157.228849][T18514] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING
[ 1157.308688][ T5830] Bluetooth: hci0: command tx timeout
[ 1158.282589][T16353] usb 2-1: USB disconnect, device number 4
[ 1159.329014][ T5830] Bluetooth: hci0: command tx timeout
[ 1161.058650][T18522] ALSA: mixer_oss: invalid OSS volume ''
[ 1165.862166][T18421] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1165.937687][T18421] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1165.982998][T18421] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1166.042723][T18421] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1166.402190][T18421] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1166.481026][T18421] 8021q: adding VLAN 0 to HW filter on device team0
[ 1166.523274][ T4328] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1166.530473][ T4328] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1167.303787][ T4328] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1167.311112][ T4328] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1167.448101][T18421] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1167.496061][T18421] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1170.340900][T18421] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1172.441365][T18618] ALSA: mixer_oss: invalid OSS volume ''
[ 1173.555688][T18421] veth0_vlan: entered promiscuous mode
[ 1173.567431][T18421] veth1_vlan: entered promiscuous mode
[ 1174.393310][T18421] veth0_macvtap: entered promiscuous mode
[ 1174.678555][T18421] veth1_macvtap: entered promiscuous mode
[ 1174.999988][T18421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1175.073405][T18421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1175.221132][T18421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1176.142512][T18421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1176.499213][T18421] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1176.640865][T18421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1176.672942][T18421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1176.701437][T18421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1176.722986][T18421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1176.960413][T18421] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1177.290852][T18421] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1177.398788][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.405377][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.456068][T18421] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1177.464866][T18421] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1177.473736][T18421] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1178.650548][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1178.658798][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1178.688513][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1178.696561][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1180.703490][   T29] audit: type=1326 audit(1733574404.829:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18706 comm="syz.4.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1180.725736][   T29] audit: type=1326 audit(1733574404.829:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18706 comm="syz.4.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcb9297e840 code=0x7ffc0000
[ 1181.155748][   T29] audit: type=1326 audit(1733574404.829:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18706 comm="syz.4.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1181.429968][   T29] audit: type=1326 audit(1733574404.829:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18706 comm="syz.4.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcb9297e840 code=0x7ffc0000
[ 1181.545817][   T29] audit: type=1326 audit(1733574404.829:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18706 comm="syz.4.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fcb92981707 code=0x7ffc0000
[ 1181.571308][T18715] netlink: 'syz.4.2948': attribute type 10 has an invalid length.
[ 1181.603180][T18715] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2948'.
[ 1181.624808][   T29] audit: type=1326 audit(1733574404.829:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18706 comm="syz.4.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1181.900672][   T29] audit: type=1326 audit(1733574404.839:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18706 comm="syz.4.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fcb92981707 code=0x7ffc0000
[ 1182.878206][   T29] audit: type=1326 audit(1733574404.839:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18706 comm="syz.4.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fcb9297eb3a code=0x7ffc0000
[ 1182.882443][T18715] geneve0: entered promiscuous mode
[ 1182.899779][   T29] audit: type=1326 audit(1733574404.839:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18706 comm="syz.4.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1183.892714][   T29] audit: type=1326 audit(1733574404.839:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18706 comm="syz.4.2946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1183.936955][T18715] team0: Port device geneve0 added
[ 1184.900362][T18741] sch_tbf: burst 676 is lower than device lo mtu (65550) !
[ 1188.413337][ T5817] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1188.468195][ T5817] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1188.490284][ T5817] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1188.509605][ T5817] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1188.786432][ T5817] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1188.799892][ T5817] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1189.773100][T18804] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2963'.
[ 1190.955945][T18803] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2962'.
[ 1191.324390][T16237] Bluetooth: hci2: command tx timeout
[ 1192.808262][T18786] chnl_net:caif_netlink_parms(): no params data found
[ 1193.395628][T18797] Bluetooth: hci2: command tx timeout
[ 1194.578485][T18786] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1194.624096][T18786] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1194.644177][T18786] bridge_slave_0: entered allmulticast mode
[ 1194.662804][T18786] bridge_slave_0: entered promiscuous mode
[ 1194.704103][T18786] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1194.740439][T18786] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1194.754559][ T5866] usb 2-1: new low-speed USB device number 5 using dummy_hcd
[ 1194.768551][T18786] bridge_slave_1: entered allmulticast mode
[ 1195.154701][T18786] bridge_slave_1: entered promiscuous mode
[ 1195.473966][ T5866] usb 2-1: Invalid ep0 maxpacket: 64
[ 1195.515476][T18797] Bluetooth: hci2: command tx timeout
[ 1195.604001][ T5866] usb 2-1: new low-speed USB device number 6 using dummy_hcd
[ 1195.620539][T18786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1195.640315][T18786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1196.602614][   T29] kauditd_printk_skb: 10 callbacks suppressed
[ 1196.602633][   T29] audit: type=1326 audit(1733574420.730:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18871 comm="syz.1.2975" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f896517fed9 code=0x0
[ 1196.710291][ T5866] usb 2-1: device not accepting address 6, error -71
[ 1196.934308][T18786] team0: Port device team_slave_0 added
[ 1197.190497][T18786] team0: Port device team_slave_1 added
[ 1197.362650][ T5866] usb usb2-port1: attempt power cycle
[ 1197.573546][T18797] Bluetooth: hci2: command tx timeout
[ 1197.775091][T18786] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1197.808030][T18786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1197.941293][T18786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1198.144440][T18786] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1198.172672][T18786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1198.198756][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1198.210347][T18786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1199.106946][T18786] hsr_slave_0: entered promiscuous mode
[ 1199.179417][T18786] hsr_slave_1: entered promiscuous mode
[ 1199.188032][T18786] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1199.195904][T18786] Cannot create hsr debugfs directory
[ 1202.838627][T18926] ubi0: attaching mtd0
[ 1202.843325][T18926] ubi0 error: ubi_attach_mtd_dev: bad VID header (8454144) or data offsets (8454208)
[ 1203.435716][T18926] x_tables: ip_tables: osf match: only valid for protocol 6
[ 1203.824381][T18921] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2983'.
[ 1206.189001][   T29] audit: type=1400 audit(1733574430.311:405): lsm=SMACK fn=smack_inode_setattr action=denied subject="y" object="_" requested=w pid=18939 comm="syz.4.2989" name="648" dev="tmpfs" ino=3566
[ 1212.764024][T18986] sctp: [Deprecated]: syz.5.2997 (pid 18986) Use of int in max_burst socket option deprecated.
[ 1212.764024][T18986] Use struct sctp_assoc_value instead
[ 1213.409086][T18786] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1214.234138][T18786] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1214.718556][T18786] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1214.950167][T18786] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1215.575205][   T29] audit: type=1326 audit(1733574439.713:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19020 comm="syz.4.3004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1215.646499][   T29] audit: type=1326 audit(1733574439.713:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19020 comm="syz.4.3004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1216.181187][   T29] audit: type=1326 audit(1733574439.713:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19020 comm="syz.4.3004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1216.388174][   T29] audit: type=1326 audit(1733574439.713:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19020 comm="syz.4.3004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1216.640823][T18786] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1216.673275][   T29] audit: type=1326 audit(1733574439.713:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19020 comm="syz.4.3004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1217.380874][T18786] 8021q: adding VLAN 0 to HW filter on device team0
[ 1217.568486][T13252] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1217.575624][T13252] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1217.601406][   T29] audit: type=1326 audit(1733574439.713:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19020 comm="syz.4.3004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1217.710889][T13252] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1217.718127][T13252] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1217.823760][   T29] audit: type=1326 audit(1733574439.713:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19020 comm="syz.4.3004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1218.405006][T18786] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1218.439027][   T29] audit: type=1326 audit(1733574439.713:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19020 comm="syz.4.3004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1218.513021][   T29] audit: type=1326 audit(1733574439.713:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19020 comm="syz.4.3004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1218.536283][   T29] audit: type=1326 audit(1733574439.713:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19020 comm="syz.4.3004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x7ffc0000
[ 1220.109505][T18786] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1221.859860][T19098] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3019'.
[ 1223.583668][T19107] batman_adv: batadv0: Adding interface: vxlan0
[ 1223.590095][T19107] batman_adv: batadv0: The MTU of interface vxlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1223.615568][T19107] batman_adv: batadv0: Not using interface vxlan0 (retrying later): interface not active
[ 1225.576215][T18786] veth0_vlan: entered promiscuous mode
[ 1225.587557][T18786] veth1_vlan: entered promiscuous mode
[ 1225.617303][T18786] veth0_macvtap: entered promiscuous mode
[ 1225.625996][T18786] veth1_macvtap: entered promiscuous mode
[ 1225.738909][T18786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1225.750246][T18786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1225.760208][T18786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1225.770830][T18786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1225.780764][T18786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1225.791272][T18786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1225.802352][T18786] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1225.811920][T18786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1225.822697][T18786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1225.832896][T18786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1225.843380][T18786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1225.853401][T18786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1225.863856][T18786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1225.874855][T18786] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1225.887537][T18786] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1225.896465][T18786] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1225.905252][T18786] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1225.914026][T18786] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1226.553025][ T6571] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1226.727230][ T6571] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1227.016767][T13252] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1227.031016][T13252] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1227.969764][T19171] syz.3.3030: attempt to access beyond end of device
[ 1227.969764][T19171] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1228.844473][T19175] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3031'.
[ 1230.120208][T16767] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[ 1230.552785][T19201] 9pnet_virtio: no channels available for device syz
[ 1231.231949][T16767] usb 5-1: Using ep0 maxpacket: 8
[ 1231.239569][T16767] usb 5-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice=d7.4d
[ 1231.249513][T16767] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1231.268954][T16767] usb 5-1: config 0 descriptor??
[ 1231.660260][T16767] gspca_main: vc032x-2.14.0 probing 0ac8:c301
[ 1231.999691][T19210] binder: 19204:19210 ioctl c0306201 0 returned -14
[ 1232.180242][T16767] gspca_vc032x: reg_w err -71
[ 1232.185109][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.190915][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.196353][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.201831][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.207258][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.212746][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.218172][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.223671][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.229105][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.234588][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.240015][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.245449][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.250930][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.256361][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.261787][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.267204][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.273254][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.278945][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.284558][T16767] gspca_vc032x: I2c Bus Busy Wait 00
[ 1232.290045][T16767] gspca_vc032x: Unknown sensor...
[ 1232.295492][T16767] vc032x 5-1:0.0: probe with driver vc032x failed with error -22
[ 1232.743304][T16767] usb 5-1: USB disconnect, device number 24
[ 1234.197173][T19230] netlink: 'syz.5.3042': attribute type 1 has an invalid length.
[ 1234.205049][T19230] netlink: 224 bytes leftover after parsing attributes in process `syz.5.3042'.
[ 1237.370306][   T12] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1237.560521][T17052] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[ 1238.323429][T19274] workqueue: Failed to create a rescuer kthread for wq "xfs-conv/nbd1": -EINTR
[ 1238.668566][T17052] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 520, setting to 64
[ 1238.695386][T17052] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6
[ 1238.841760][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1239.454586][T19285] blktrace: Concurrent blktraces are not allowed on loop2
[ 1239.832707][   T12] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1240.020948][T19289] overlayfs: failed to get index nlink (file1/bus, err=-61)
[ 1240.165735][T17052] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1240.178485][T17052] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1240.179980][   T12] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1240.186606][T17052] usb 6-1: SerialNumber: syz
[ 1240.204712][T16237] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1240.214019][T19262] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1240.224300][T16237] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1240.284719][T16237] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1240.332840][T16237] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1240.342436][T16237] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1240.357196][T16237] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1240.589255][T17052] usb 6-1: can't set config #1, error -71
[ 1240.702374][T17052] usb 6-1: USB disconnect, device number 4
[ 1241.144427][   T12] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1242.867007][T18797] Bluetooth: hci2: command tx timeout
[ 1244.960880][T18797] Bluetooth: hci2: command tx timeout
[ 1245.313563][T19291] chnl_net:caif_netlink_parms(): no params data found
[ 1245.382485][   T12] bridge_slave_1: left allmulticast mode
[ 1245.411654][   T12] bridge_slave_1: left promiscuous mode
[ 1245.417426][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1245.511848][   T12] bridge_slave_0: left allmulticast mode
[ 1245.537983][   T12] bridge_slave_0: left promiscuous mode
[ 1245.632763][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1247.060712][T18797] Bluetooth: hci2: command tx timeout
[ 1249.128094][T18797] Bluetooth: hci2: command tx timeout
[ 1252.647689][ T5903] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[ 1252.808714][T19403] input: syz1 as /devices/virtual/input/input47
[ 1253.285409][ T5903] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 0, changing to 7
[ 1253.297551][ T5903] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1253.309928][ T5903] usb 5-1: New USB device found, idVendor=05ac, idProduct=030a, bcdDevice=65.8c
[ 1253.342940][ T5903] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1253.387399][ T5903] usb 5-1: config 0 descriptor??
[ 1253.417215][ T5903] appletouch 5-1:0.0: Could not find int-in endpoint
[ 1253.436585][ T5903] appletouch 5-1:0.0: probe with driver appletouch failed with error -5
[ 1253.447204][ T5903] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1253.618346][T16767] usb 5-1: USB disconnect, device number 25
[ 1253.843784][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1253.855511][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1253.868923][   T12] bond0 (unregistering): Released all slaves
[ 1253.976602][T19402] veth0_vlan: left promiscuous mode
[ 1254.003915][T19402] veth0_vlan: entered promiscuous mode
[ 1256.677560][   T12] hsr_slave_0: left promiscuous mode
[ 1256.737088][   T12] hsr_slave_1: left promiscuous mode
[ 1256.755686][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1256.778868][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1256.813863][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1256.827626][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1256.946105][   T12] veth1_macvtap: left promiscuous mode
[ 1256.952855][   T12] veth0_macvtap: left promiscuous mode
[ 1256.958643][   T12] veth1_vlan: left promiscuous mode
[ 1256.963978][   T12] veth0_vlan: left promiscuous mode
[ 1257.305633][T19467] netlink: 'syz.3.3084': attribute type 10 has an invalid length.
[ 1257.355212][T19467] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3084'.
[ 1263.485485][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1263.812800][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1265.922724][T19291] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1265.930760][T19291] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1265.939253][T19291] bridge_slave_0: entered allmulticast mode
[ 1265.947737][T19291] bridge_slave_0: entered promiscuous mode
[ 1265.976922][T19467] team0: Port device geneve0 added
[ 1266.058680][T19291] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1266.085946][T19291] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1266.093255][T19291] bridge_slave_1: entered allmulticast mode
[ 1266.117176][T19291] bridge_slave_1: entered promiscuous mode
[ 1266.356004][T19546] binder: 19541:19546 ioctl c0306201 0 returned -14
[ 1268.339009][T19291] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1268.370917][T19291] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1270.231575][T19291] team0: Port device team_slave_0 added
[ 1270.315863][T19291] team0: Port device team_slave_1 added
[ 1270.661935][T19291] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1270.674576][T19291] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1271.525296][T19291] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1271.868463][T19291] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1271.920538][T19291] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1272.081155][T19291] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1272.201831][T19603] netlink: 'syz.5.3108': attribute type 10 has an invalid length.
[ 1272.462273][T19603] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3108'.
[ 1273.309738][T19291] hsr_slave_0: entered promiscuous mode
[ 1273.338308][T19291] hsr_slave_1: entered promiscuous mode
[ 1273.366797][T19291] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1273.374463][T19291] Cannot create hsr debugfs directory
[ 1274.464619][T19603] team0: Port device geneve0 added
[ 1276.093521][T19645] netlink: 'syz.4.3114': attribute type 27 has an invalid length.
[ 1276.931412][T16237] Bluetooth: hci0: command 0x0406 tx timeout
[ 1279.160806][T19676] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1279.162880][T19676] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[ 1279.478632][T19674] batman_adv: batadv0: Adding interface: dummy0
[ 1279.478777][T19674] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1279.507682][T19674] batman_adv: batadv0: Interface activated: dummy0
[ 1280.092699][T19676] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1280.099031][T19676] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 1280.112782][T19674] batadv0: mtu less than device minimum
[ 1280.121456][T19674] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1280.134420][T19674] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1280.146897][T19674] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1280.159365][T19674] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1280.171828][T19674] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1280.184299][T19674] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1280.196767][T19674] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1280.209283][T19674] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1280.221774][T19674] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1280.932373][T19676] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1280.938503][T19676] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1281.298721][T19693] netlink: 'syz.1.3123': attribute type 10 has an invalid length.
[ 1281.357402][T19693] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3123'.
[ 1283.159962][T19693] team0: Port device geneve0 added
[ 1285.129122][T19291] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1285.350039][T19291] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1285.661020][T19291] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1286.854573][T19744] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3132'.
[ 1287.497740][T19746] netlink: 'syz.4.3133': attribute type 10 has an invalid length.
[ 1287.990123][T19291] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1288.021590][T19746] team0: Port device geneve0 removed
[ 1288.033115][T19746] bond0: (slave geneve0): Enslaving as an active interface with an up link
[ 1288.756497][T19756] hub 9-0:1.0: USB hub found
[ 1288.770656][T19756] hub 9-0:1.0: 1 port detected
[ 1288.996287][T19291] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1290.068730][T19291] 8021q: adding VLAN 0 to HW filter on device team0
[ 1290.564242][T13836] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1290.571373][T13836] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1290.601709][T13836] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1290.608881][T13836] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1291.209447][T19291] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1291.229434][T19291] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1292.282494][T19788] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1295.031402][T19291] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1296.300196][T19824] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[ 1297.979212][T19844] tmpfs: Bad value for 'smackfshat'
[ 1299.883831][T16353] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[ 1299.996037][ T5830] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1300.042273][T16353] usb 5-1: Using ep0 maxpacket: 16
[ 1300.082192][ T5830] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1300.127258][T16353] usb 5-1: New USB device found, idVendor=0b57, idProduct=2bbd, bcdDevice=e7.cc
[ 1300.345267][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.365130][T16353] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1300.373858][T16353] usb 5-1: Product: syz
[ 1301.075682][T19874] /dev/nullb0: Can't open blockdev
[ 1301.125767][T16353] usb 5-1: Manufacturer: syz
[ 1301.130415][T16353] usb 5-1: SerialNumber: syz
[ 1301.138696][T16353] usb 5-1: config 0 descriptor??
[ 1301.849287][T16353] usb 5-1: can't set config #0, error -71
[ 1301.938921][T16353] usb 5-1: USB disconnect, device number 26
[ 1302.020671][ T5830] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1302.146892][ T5830] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1302.260571][ T5830] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1302.268488][ T5830] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1302.373602][T18797] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1302.442488][T18797] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1302.449816][T18797] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1302.458203][T18797] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1302.466035][T18797] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1302.475866][T18797] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1304.899633][T18797] Bluetooth: hci4: command tx timeout
[ 1304.995348][T19914] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3160'.
[ 1306.159933][T19862] chnl_net:caif_netlink_parms(): no params data found
[ 1306.574299][T19922] Bluetooth: MGMT ver 1.23
[ 1306.578849][T19922] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes
[ 1307.014608][T18797] Bluetooth: hci4: command tx timeout
[ 1307.139104][T19862] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1307.146944][T19862] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1307.162250][T19862] bridge_slave_0: entered allmulticast mode
[ 1307.198448][T19862] bridge_slave_0: entered promiscuous mode
[ 1307.450408][T19862] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1307.567328][T19862] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1307.871514][T19939] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1307.897189][T19939] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1307.914524][T19862] bridge_slave_1: entered allmulticast mode
[ 1307.952105][T19862] bridge_slave_1: entered promiscuous mode
[ 1307.969058][T19939] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1308.189165][   T29] kauditd_printk_skb: 56 callbacks suppressed
[ 1308.189185][   T29] audit: type=1326 audit(1733574532.303:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19953 comm="syz.1.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896517fed9 code=0x7ffc0000
[ 1308.247337][   T29] audit: type=1326 audit(1733574532.303:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19953 comm="syz.1.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896517fed9 code=0x7ffc0000
[ 1308.269004][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1308.311157][   T29] audit: type=1326 audit(1733574532.353:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19953 comm="syz.1.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f896517fed9 code=0x7ffc0000
[ 1309.290290][T18797] Bluetooth: hci4: command 0x0419 tx timeout
[ 1309.459454][T19862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1309.471158][   T29] audit: type=1326 audit(1733574532.353:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19953 comm="syz.1.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896517fed9 code=0x7ffc0000
[ 1310.160041][   T29] audit: type=1326 audit(1733574532.353:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19953 comm="syz.1.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896517fed9 code=0x7ffc0000
[ 1310.193926][T19862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1310.221927][   T29] audit: type=1326 audit(1733574532.353:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19953 comm="syz.1.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f896517e840 code=0x7ffc0000
[ 1310.257485][   T29] audit: type=1326 audit(1733574532.353:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19953 comm="syz.1.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896517fed9 code=0x7ffc0000
[ 1310.305743][   T29] audit: type=1326 audit(1733574532.353:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19953 comm="syz.1.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896517fed9 code=0x7ffc0000
[ 1310.338905][   T29] audit: type=1326 audit(1733574532.353:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19953 comm="syz.1.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f896517fed9 code=0x7ffc0000
[ 1310.361024][   T29] audit: type=1326 audit(1733574532.353:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19953 comm="syz.1.3166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f896517fed9 code=0x7ffc0000
[ 1310.830334][T19862] team0: Port device team_slave_0 added
[ 1310.885486][T19862] team0: Port device team_slave_1 added
[ 1311.381802][T18797] Bluetooth: hci4: command 0x0419 tx timeout
[ 1311.476008][T19989] No such timeout policy "syz0"
[ 1311.535450][T19862] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1311.561256][T19862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1311.791078][T19862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1312.086672][T19862] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1313.038034][T19862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1313.064028][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1313.098245][T19862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1313.696540][T18797] Bluetooth: hci4: command 0x0419 tx timeout
[ 1313.754003][ T7023] bridge_slave_1: left allmulticast mode
[ 1313.759781][ T7023] bridge_slave_1: left promiscuous mode
[ 1313.765812][ T7023] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1313.775623][ T7023] bridge_slave_0: left allmulticast mode
[ 1314.880490][ T7023] bridge_slave_0: left promiscuous mode
[ 1314.886307][ T7023] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1316.197718][T18797] Bluetooth: hci4: command 0x0419 tx timeout
[ 1316.539170][T20018] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3178'.
[ 1317.244744][T20025] (syz.1.3179,20025,0):dlmfs_mkdir:420 ERROR: invalid domain name for directory.
[ 1317.325144][T20025] o2cb: This node has not been configured.
[ 1317.337825][T20025] o2cb: Cluster check failed. Fix errors before retrying.
[ 1317.349207][T20025] (syz.1.3179,20025,1):user_dlm_register:674 ERROR: status = -22
[ 1317.641189][T20025] (syz.1.3179,20025,0):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "bus"
[ 1317.728693][T20028] o2cb: This node has not been configured.
[ 1317.742323][T20028] o2cb: Cluster check failed. Fix errors before retrying.
[ 1317.778526][T20028] (syz.1.3179,20028,1):user_dlm_register:674 ERROR: status = -22
[ 1317.786527][T20028] (syz.1.3179,20028,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file1"
[ 1317.796971][T20029] o2cb: This node has not been configured.
[ 1317.820656][T20029] o2cb: Cluster check failed. Fix errors before retrying.
[ 1317.840125][T20029] (syz.1.3179,20029,0):user_dlm_register:674 ERROR: status = -22
[ 1317.858300][T20029] (syz.1.3179,20029,0):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0"
[ 1320.412344][ T7023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1320.510159][ T7023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1320.535804][ T7023] bond0 (unregistering): Released all slaves
[ 1320.559196][T20017] netlink: 'syz.4.3177': attribute type 21 has an invalid length.
[ 1320.567307][T20017] netlink: 156 bytes leftover after parsing attributes in process `syz.4.3177'.
[ 1320.576832][T20019] netlink: 'syz.4.3177': attribute type 21 has an invalid length.
[ 1320.584810][T20019] netlink: 156 bytes leftover after parsing attributes in process `syz.4.3177'.
[ 1325.007053][T19862] hsr_slave_0: entered promiscuous mode
[ 1325.170015][T19862] hsr_slave_1: entered promiscuous mode
[ 1325.289407][T19862] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1326.464641][T19862] Cannot create hsr debugfs directory
[ 1328.948508][ T7023] hsr_slave_0: left promiscuous mode
[ 1330.437386][ T7023] hsr_slave_1: left promiscuous mode
[ 1330.449913][ T7023] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1330.564287][ T7023] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1331.141797][   T29] kauditd_printk_skb: 20 callbacks suppressed
[ 1331.453066][   T29] audit: type=1326 audit(1733574555.286:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20124 comm="syz.4.3200" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb9297fed9 code=0x0
[ 1331.474609][ T5903] kernel write not supported for file /snd/midiC2D0 (pid: 5903 comm: kworker/1:6)
[ 1333.719354][T20165] ipt_REJECT: TCP_RESET invalid for non-tcp
[ 1341.683996][ T7023] team0 (unregistering): Port device team_slave_1 removed
[ 1342.378726][T20212] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[ 1343.385686][ T7023] team0 (unregistering): Port device team_slave_0 removed
[ 1344.149492][T20235] overlayfs: missing 'lowerdir'
[ 1344.607165][T16353] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[ 1344.819342][T16353] usb 4-1: device descriptor read/64, error -71
[ 1345.129832][ T5869] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[ 1345.137478][ T5869] hid-generic 0000:0000:0000.0011: unknown main item tag 0x0
[ 1345.161320][ T5869] hid-generic 0000:0000:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[ 1345.387342][T16353] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[ 1346.417133][T16353] usb 4-1: device descriptor read/64, error -71
[ 1346.487115][T20264] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3225'.
[ 1346.527355][T16353] usb usb4-port1: attempt power cycle
[ 1346.591718][T20266] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3225'.
[ 1346.866843][T16353] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[ 1346.895488][T16353] usb 4-1: device descriptor read/8, error -71
[ 1347.235138][T20279] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1347.324323][T16353] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[ 1349.870537][T16353] usb 4-1: device descriptor read/8, error -71
[ 1349.986800][T16353] usb usb4-port1: unable to enumerate USB device
[ 1350.292353][T20297] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3229'.
[ 1350.313699][T20297] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1350.322808][T20297] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1350.331596][T20297] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1350.340480][T20297] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1350.350291][T20297] vxlan0: entered promiscuous mode
[ 1350.537330][T19862] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1350.556366][T19862] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1350.588032][T19862] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1350.618319][T19862] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1350.922215][T19862] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1352.051139][T19862] 8021q: adding VLAN 0 to HW filter on device team0
[ 1352.081369][T19862] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1352.171889][T19862] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1352.409955][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1352.417139][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1352.463006][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1352.470160][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1353.000388][T20323] @: renamed from vlan0 (while UP)
[ 1356.367584][T19862] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1356.481963][T20362] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3242'.
[ 1356.492116][T20362] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3242'.
[ 1356.557048][T20362] veth0: entered promiscuous mode
[ 1356.573369][T20362] team0: entered promiscuous mode
[ 1356.608514][T20362] team_slave_0: entered promiscuous mode
[ 1356.645310][T20362] team_slave_1: entered promiscuous mode
[ 1356.664114][T20362] geneve0: entered promiscuous mode
[ 1358.241209][T20383] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
[ 1361.714668][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1362.849227][T20439] overlayfs: refusing to follow metacopy origin for (/file0)
[ 1365.191047][T18797] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1365.220562][T18797] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1365.939571][T18797] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1366.073113][T18797] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1366.357906][T18797] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1366.384787][T18797] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1368.370146][T20471] delete_channel: no stack
[ 1368.894588][T18797] Bluetooth: hci2: command tx timeout
[ 1369.348562][T20494] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1369.470111][T20455] chnl_net:caif_netlink_parms(): no params data found
[ 1371.056209][T18797] Bluetooth: hci2: command tx timeout
[ 1373.883900][ T5830] Bluetooth: hci2: command tx timeout
[ 1374.665477][T13838] bridge_slave_1: left allmulticast mode
[ 1374.671349][T13838] bridge_slave_1: left promiscuous mode
[ 1374.718060][T13838] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1374.868051][T13838] bridge_slave_0: left allmulticast mode
[ 1374.928914][T13838] bridge_slave_0: left promiscuous mode
[ 1375.743891][T13838] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1376.204197][ T5830] Bluetooth: hci2: command tx timeout
[ 1378.376999][ T5830] Bluetooth: hci2: command 0x0405 tx timeout
[ 1378.660381][T20575] trusted_key: encrypted_key: insufficient parameters specified
[ 1382.442784][T20612] netlink: 'syz.4.3287': attribute type 10 has an invalid length.
[ 1383.690989][T13838] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1384.344023][T13838] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1384.901993][T13838] bond0 (unregistering): Released all slaves
[ 1384.973189][T20455] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1385.205982][T20455] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1385.257959][T20455] bridge_slave_0: entered allmulticast mode
[ 1385.265111][T20455] bridge_slave_0: entered promiscuous mode
[ 1385.810802][T20612] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1385.821736][T20612] batadv0: entered promiscuous mode
[ 1385.827669][T20612] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 1385.912135][T20455] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1385.919504][T20455] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1385.926837][T20455] bridge_slave_1: entered allmulticast mode
[ 1385.941776][T20455] bridge_slave_1: entered promiscuous mode
[ 1387.631223][T13838] hsr_slave_0: left promiscuous mode
[ 1387.659342][T13838] hsr_slave_1: left promiscuous mode
[ 1388.667959][T13838] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1388.676720][T13838] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1389.329913][T20680] KVM: debugfs: duplicate directory 20680-4
[ 1390.731574][T20704] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[ 1393.793172][T13838] team0 (unregistering): Port device team_slave_1 removed
[ 1395.622148][T13838] team0 (unregistering): Port device team_slave_0 removed
[ 1399.351638][T20758] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3313'.
[ 1405.323867][T20758] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[ 1405.361273][T20455] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1405.536268][T20455] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1409.213691][T20455] team0: Port device team_slave_0 added
[ 1409.410353][T20455] team0: Port device team_slave_1 added
[ 1411.781723][T20845] xfrm0: entered allmulticast mode
[ 1412.024785][T20455] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1412.065010][T20455] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1412.097451][T20455] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1412.128223][T20455] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1412.135445][T20455] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1412.161787][T20455] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1412.318326][T20455] hsr_slave_0: entered promiscuous mode
[ 1412.351749][T20455] hsr_slave_1: entered promiscuous mode
[ 1412.524196][T20455] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1412.551402][T20455] Cannot create hsr debugfs directory
[ 1415.989605][T20897] misc userio: No port type given on /dev/userio
[ 1417.311963][T20923] binder: 20911:20923 ioctl 40603d07 20000140 returned -22
[ 1418.123756][ T5866] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[ 1418.186635][T20935] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[ 1418.828347][T20455] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1418.837488][T20455] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1418.944831][ T5866] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1418.965164][ T5866] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1418.991862][ T5866] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1419.005265][ T5866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1419.039610][ T5866] usb 2-1: SerialNumber: syz
[ 1419.294740][ T5830] Bluetooth: hci2: command 0x0405 tx timeout
[ 1419.394700][ T5866] usb 2-1: 0:2 : does not exist
[ 1419.399640][ T5866] usb 2-1: unit 48 not found!
[ 1419.453975][ T5866] usb 2-1: USB disconnect, device number 8
[ 1419.788387][T18878] udevd[18878]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1419.887228][T20962] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1421.405213][T20965] input: syz0 as /devices/virtual/input/input49
[ 1421.648538][ T5830] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1421.669460][ T5830] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1421.697640][ T5830] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1421.710868][ T5830] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1421.739710][ T5830] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1421.760259][ T5830] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1421.879646][T20981] can: request_module (can-proto-3) failed.
[ 1422.114590][T20981] 
[ 1422.116975][T20981] ======================================================
[ 1422.124021][T20981] WARNING: possible circular locking dependency detected
[ 1422.131077][T20981] 6.13.0-rc1-syzkaller-00316-gb5f217084ab3 #0 Not tainted
[ 1422.138207][T20981] ------------------------------------------------------
[ 1422.145243][T20981] syz.3.3352/20981 is trying to acquire lock:
[ 1422.151329][T20981] ffff888143787170 (&q->sysfs_lock){+.+.}-{4:4}, at: blk_mq_update_nr_hw_queues+0x3fa/0x1ae0
[ 1422.161566][T20981] 
[ 1422.161566][T20981] but task is already holding lock:
[ 1422.168964][T20981] ffff888143786c40 (&q->q_usage_counter(io)#52){++++}-{0:0}, at: nbd_start_device+0x16c/0xaa0
[ 1422.179292][T20981] 
[ 1422.179292][T20981] which lock already depends on the new lock.
[ 1422.179292][T20981] 
[ 1422.189722][T20981] 
[ 1422.189722][T20981] the existing dependency chain (in reverse order) is:
[ 1422.198753][T20981] 
[ 1422.198753][T20981] -> #4 (&q->q_usage_counter(io)#52){++++}-{0:0}:
[ 1422.207404][T20981]        lock_acquire+0x1ed/0x550
[ 1422.212459][T20981]        blk_mq_submit_bio+0x1536/0x2390
[ 1422.218122][T20981]        __submit_bio+0x2c6/0x560
[ 1422.223207][T20981]        submit_bio_noacct_nocheck+0x4d3/0xe30
[ 1422.229418][T20981]        mpage_readahead+0x7da/0x930
[ 1422.234739][T20981]        read_pages+0x176/0x830
[ 1422.240064][T20981]        page_cache_ra_unbounded+0x797/0x8c0
[ 1422.246076][T20981]        page_cache_sync_ra+0x3c5/0xad0
[ 1422.251659][T20981]        filemap_get_pages+0x621/0x2540
[ 1422.257269][T20981]        filemap_read+0x45c/0xf50
[ 1422.262326][T20981]        blkdev_read_iter+0x2d8/0x430
[ 1422.267737][T20981]        vfs_read+0x991/0xb70
[ 1422.272449][T20981]        ksys_read+0x18f/0x2b0
[ 1422.277246][T20981]        do_syscall_64+0xf3/0x230
[ 1422.282308][T20981]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1422.288760][T20981] 
[ 1422.288760][T20981] -> #3 (mapping.invalidate_lock#2){++++}-{4:4}:
[ 1422.297320][T20981]        lock_acquire+0x1ed/0x550
[ 1422.302377][T20981]        down_read+0xb1/0xa40
[ 1422.307094][T20981]        filemap_fault+0x6e8/0x1950
[ 1422.312321][T20981]        __do_fault+0x135/0x460
[ 1422.317201][T20981]        handle_pte_fault+0x335a/0x68a0
[ 1422.322779][T20981]        handle_mm_fault+0x1053/0x1ad0
[ 1422.328268][T20981]        __get_user_pages+0x1c82/0x49e0
[ 1422.333842][T20981]        populate_vma_page_range+0x264/0x330
[ 1422.339846][T20981]        __mm_populate+0x27a/0x460
[ 1422.344981][T20981]        do_mlock+0x61f/0x7e0
[ 1422.349688][T20981]        __x64_sys_mlock+0x60/0x70
[ 1422.354819][T20981]        do_syscall_64+0xf3/0x230
[ 1422.359875][T20981]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1422.366321][T20981] 
[ 1422.366321][T20981] -> #2 (&mm->mmap_lock){++++}-{4:4}:
[ 1422.373919][T20981]        lock_acquire+0x1ed/0x550
[ 1422.378967][T20981]        __might_fault+0xc6/0x120
[ 1422.384014][T20981]        _copy_from_user+0x2a/0xc0
[ 1422.389153][T20981]        blk_trace_ioctl+0x1ad/0x9a0
[ 1422.394458][T20981]        blkdev_ioctl+0x40c/0x6a0
[ 1422.399504][T20981]        __se_sys_ioctl+0xf5/0x170
[ 1422.404640][T20981]        do_syscall_64+0xf3/0x230
[ 1422.409696][T20981]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1422.416134][T20981] 
[ 1422.416134][T20981] -> #1 (&q->debugfs_mutex){+.+.}-{4:4}:
[ 1422.423986][T20981]        lock_acquire+0x1ed/0x550
[ 1422.429033][T20981]        __mutex_lock+0x1ac/0xee0
[ 1422.434086][T20981]        blk_register_queue+0x15a/0x400
[ 1422.434704][T20974] chnl_net:caif_netlink_parms(): no params data found
[ 1422.439638][T20981]        add_disk_fwnode+0x648/0xf80
[ 1422.439663][T20981]        brd_alloc+0x547/0x790
[ 1422.439688][T20981]        brd_init+0x126/0x1b0
[ 1422.439703][T20981]        do_one_initcall+0x248/0x870
[ 1422.466424][T20981]        do_initcall_level+0x157/0x210
[ 1422.471911][T20981]        do_initcalls+0x3f/0x80
[ 1422.476785][T20981]        kernel_init_freeable+0x435/0x5d0
[ 1422.482523][T20981]        kernel_init+0x1d/0x2b0
[ 1422.487415][T20981]        ret_from_fork+0x4b/0x80
[ 1422.492382][T20981]        ret_from_fork_asm+0x1a/0x30
[ 1422.497717][T20981] 
[ 1422.497717][T20981] -> #0 (&q->sysfs_lock){+.+.}-{4:4}:
[ 1422.505313][T20981]        validate_chain+0x18ef/0x5920
[ 1422.510718][T20981]        __lock_acquire+0x1397/0x2100
[ 1422.516124][T20981]        lock_acquire+0x1ed/0x550
[ 1422.521180][T20981]        __mutex_lock+0x1ac/0xee0
[ 1422.526234][T20981]        blk_mq_update_nr_hw_queues+0x3fa/0x1ae0
[ 1422.526265][T20981]        nbd_start_device+0x16c/0xaa0
[ 1422.537942][T20981]        nbd_ioctl+0x5dc/0xf40
[ 1422.542699][T20981]        blkdev_ioctl+0x57d/0x6a0
[ 1422.547746][T20981]        __se_sys_ioctl+0xf5/0x170
[ 1422.552853][T20981]        do_syscall_64+0xf3/0x230
[ 1422.557883][T20981]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1422.564287][T20981] 
[ 1422.564287][T20981] other info that might help us debug this:
[ 1422.564287][T20981] 
[ 1422.574511][T20981] Chain exists of:
[ 1422.574511][T20981]   &q->sysfs_lock --> mapping.invalidate_lock#2 --> &q->q_usage_counter(io)#52
[ 1422.574511][T20981] 
[ 1422.589326][T20981]  Possible unsafe locking scenario:
[ 1422.589326][T20981] 
[ 1422.596765][T20981]        CPU0                    CPU1
[ 1422.602116][T20981]        ----                    ----
[ 1422.607468][T20981]   lock(&q->q_usage_counter(io)#52);
[ 1422.612836][T20981]                                lock(mapping.invalidate_lock#2);
[ 1422.620643][T20981]                                lock(&q->q_usage_counter(io)#52);
[ 1422.628528][T20981]   lock(&q->sysfs_lock);
[ 1422.632848][T20981] 
[ 1422.632848][T20981]  *** DEADLOCK ***
[ 1422.632848][T20981] 
[ 1422.640974][T20981] 4 locks held by syz.3.3352/20981:
[ 1422.646157][T20981]  #0: ffff888025acd998 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_ioctl+0x13c/0xf40
[ 1422.655469][T20981]  #1: ffff888025acd8d8 (&set->tag_list_lock){+.+.}-{4:4}, at: blk_mq_update_nr_hw_queues+0xc2/0x1ae0
[ 1422.666479][T20981]  #2: ffff888143786c40 (&q->q_usage_counter(io)#52){++++}-{0:0}, at: nbd_start_device+0x16c/0xaa0
[ 1422.677215][T20981]  #3: ffff888143786c78 (&q->q_usage_counter(queue)#36){+.+.}-{0:0}, at: nbd_start_device+0x16c/0xaa0
[ 1422.688203][T20981] 
[ 1422.688203][T20981] stack backtrace:
[ 1422.694105][T20981] CPU: 1 UID: 0 PID: 20981 Comm: syz.3.3352 Not tainted 6.13.0-rc1-syzkaller-00316-gb5f217084ab3 #0
[ 1422.704885][T20981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1422.714941][T20981] Call Trace:
[ 1422.718211][T20981]  <TASK>
[ 1422.721129][T20981]  dump_stack_lvl+0x241/0x360
[ 1422.725802][T20981]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1422.731029][T20981]  ? __pfx__printk+0x10/0x10
[ 1422.735626][T20981]  print_circular_bug+0x13a/0x1b0
[ 1422.740735][T20981]  check_noncircular+0x36a/0x4a0
[ 1422.745684][T20981]  ? __pfx_check_noncircular+0x10/0x10
[ 1422.751137][T20981]  validate_chain+0x18ef/0x5920
[ 1422.755982][T20981]  ? __pfx_validate_chain+0x10/0x10
[ 1422.761178][T20981]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1422.767146][T20981]  ? mark_lock+0x9a/0x360
[ 1422.771467][T20981]  __lock_acquire+0x1397/0x2100
[ 1422.776307][T20981]  lock_acquire+0x1ed/0x550
[ 1422.780798][T20981]  ? blk_mq_update_nr_hw_queues+0x3fa/0x1ae0
[ 1422.786774][T20981]  ? __pfx_lock_acquire+0x10/0x10
[ 1422.791789][T20981]  ? blk_mq_update_nr_hw_queues+0x3db/0x1ae0
[ 1422.797761][T20981]  ? nbd_start_device+0x16c/0xaa0
[ 1422.802776][T20981]  ? __pfx___might_resched+0x10/0x10
[ 1422.808060][T20981]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1422.814146][T20981]  __mutex_lock+0x1ac/0xee0
[ 1422.818659][T20981]  ? blk_mq_update_nr_hw_queues+0x3fa/0x1ae0
[ 1422.824633][T20981]  ? blk_mq_update_nr_hw_queues+0x3fa/0x1ae0
[ 1422.830615][T20981]  ? __pfx___mutex_lock+0x10/0x10
[ 1422.835639][T20981]  ? __kasan_kmalloc+0x98/0xb0
[ 1422.840401][T20981]  ? __kmalloc_cache_noprof+0x243/0x390
[ 1422.845937][T20981]  ? blk_mq_update_nr_hw_queues+0x3db/0x1ae0
[ 1422.851921][T20981]  blk_mq_update_nr_hw_queues+0x3fa/0x1ae0
[ 1422.857728][T20981]  ? __pfx___might_resched+0x10/0x10
[ 1422.863012][T20981]  ? __pfx_blk_mq_update_nr_hw_queues+0x10/0x10
[ 1422.869263][T20981]  ? rcu_is_watching+0x15/0xb0
[ 1422.874034][T20981]  ? trace_contention_end+0x3c/0x120
[ 1422.879310][T20981]  ? __mutex_lock+0x37f/0xee0
[ 1422.883982][T20981]  ? tomoyo_path_number_perm+0x679/0x860
[ 1422.889604][T20981]  ? blkdev_common_ioctl+0xfb2/0x2460
[ 1422.894971][T20981]  ? __lock_acquire+0x1397/0x2100
[ 1422.899985][T20981]  ? nbd_ioctl+0x13c/0xf40
[ 1422.904412][T20981]  ? __pfx___mutex_lock+0x10/0x10
[ 1422.909447][T20981]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1422.915428][T20981]  nbd_start_device+0x16c/0xaa0
[ 1422.920292][T20981]  nbd_ioctl+0x5dc/0xf40
[ 1422.924553][T20981]  ? __pfx_nbd_ioctl+0x10/0x10
[ 1422.929304][T20981]  ? __asan_memset+0x23/0x50
[ 1422.933892][T20981]  ? smack_file_ioctl+0x29e/0x3a0
[ 1422.938933][T20981]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 1422.944301][T20981]  ? file_to_blk_mode+0xcc/0x140
[ 1422.949227][T20981]  ? __pfx_nbd_ioctl+0x10/0x10
[ 1422.953998][T20981]  blkdev_ioctl+0x57d/0x6a0
[ 1422.958496][T20981]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1422.963517][T20981]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1422.968541][T20981]  __se_sys_ioctl+0xf5/0x170
[ 1422.973122][T20981]  do_syscall_64+0xf3/0x230
[ 1422.977643][T20981]  ? clear_bhb_loop+0x35/0x90
[ 1422.982310][T20981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1422.988199][T20981] RIP: 0033:0x7f562a37fed9
[ 1422.992616][T20981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1423.012212][T20981] RSP: 002b:00007f562b26e058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1423.020646][T20981] RAX: ffffffffffffffda RBX: 00007f562a545fa0 RCX: 00007f562a37fed9
[ 1423.028611][T20981] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000007
[ 1423.036572][T20981] RBP: 00007f562a3f3cc8 R08: 0000000000000000 R09: 0000000000000000
[ 1423.044537][T20981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1423.052508][T20981] R13: 0000000000000000 R14: 00007f562a545fa0 R15: 00007ffdd6632358
[ 1423.060485][T20981]  </TASK>
[ 1423.078738][ T5830] block nbd3: Receive control failed (result -32)
[ 1423.078972][T18797] block nbd3: Receive control failed (result -32)
[ 1423.143935][T20984] block nbd3: shutting down sockets
[ 1423.149934][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.158180][ T7116] bridge_slave_1: left allmulticast mode
[ 1423.175168][ T7116] bridge_slave_1: left promiscuous mode
[ 1423.263702][ T7116] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1423.497391][ T7116] bridge_slave_0: left allmulticast mode
[ 1423.503085][ T7116] bridge_slave_0: left promiscuous mode
[ 1423.508941][ T7116] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1423.784069][ T7116] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1423.858552][ T7116] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1423.867179][T18797] Bluetooth: hci2: command tx timeout
[ 1423.884315][ T7116] bond0 (unregistering): Released all slaves
[ 1424.009559][ T7116] hsr_slave_0: left promiscuous mode
[ 1424.018671][ T7116] hsr_slave_1: left promiscuous mode
[ 1424.024827][ T7116] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1424.032426][ T7116] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1424.209744][ T7116] team0 (unregistering): Port device team_slave_1 removed
[ 1424.221130][ T7116] team0 (unregistering): Port device team_slave_0 removed
[ 1424.637819][ T7116] bond0 (unregistering): Released all slaves